hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-22 19:56:32 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'origin/main' into dbartol/mergeback-3.10

Browse Source
This commit is contained in:
Dave Bartolomeo
2023-07-06 10:00:46 -04:00
parent 5f6586600e b2a60bf3d1
commit 2bb9adfbf1
1654 changed files with 47750 additions and 21714 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
java/ql/consistency-queries/qlpack.yml
View File

@@ -2,3 +2,4 @@ name: codeql-java-consistency-queries
version: 0.0.0
dependencies:
codeql/java-all: '*'
warnOnImplicitThis: true

1
java/ql/examples/qlpack.yml
View File

@@ -4,3 +4,4 @@ groups:
- examples
dependencies:
codeql/java-all: ${workspace}
warnOnImplicitThis: true

3
java/ql/integration-tests/all-platforms/java/android-sample-old-style-kotlin-build-script-no-wrapper/project/build.gradle.kts
View File

@@ -54,6 +54,9 @@ android {
versionName = "1.0"
}
lintOptions {
disable("Instantiatable")
}
}
androidComponents {

1
java/ql/integration-tests/all-platforms/java/android-sample-old-style-kotlin-build-script-no-wrapper/test.expected
View File

@@ -13,6 +13,7 @@ xmlFiles
| project/build/intermediates/incremental/mergeReleaseJniLibFolders/merger.xml:0:0:0:0 | project/build/intermediates/incremental/mergeReleaseJniLibFolders/merger.xml |
| project/build/intermediates/incremental/mergeReleaseResources/merger.xml:0:0:0:0 | project/build/intermediates/incremental/mergeReleaseResources/merger.xml |
| project/build/intermediates/incremental/mergeReleaseShaders/merger.xml:0:0:0:0 | project/build/intermediates/incremental/mergeReleaseShaders/merger.xml |
| project/build/intermediates/lint_vital_partial_results/release/out/lint-issues-release.xml:0:0:0:0 | project/build/intermediates/lint_vital_partial_results/release/out/lint-issues-release.xml |
| project/build/intermediates/merged_manifest/release/AndroidManifest.xml:0:0:0:0 | project/build/intermediates/merged_manifest/release/AndroidManifest.xml |
| project/build/intermediates/merged_manifests/release/AndroidManifest.xml:0:0:0:0 | project/build/intermediates/merged_manifests/release/AndroidManifest.xml |
| project/build/intermediates/packaged_manifests/release/AndroidManifest.xml:0:0:0:0 | project/build/intermediates/packaged_manifests/release/AndroidManifest.xml |

3
java/ql/integration-tests/all-platforms/java/android-sample-old-style-kotlin-build-script/project/build.gradle.kts
View File

@@ -54,6 +54,9 @@ android {
versionName = "1.0"
}
lintOptions {
disable("Instantiatable")
}
}
androidComponents {

1
java/ql/integration-tests/all-platforms/java/android-sample-old-style-kotlin-build-script/test.expected
View File

@@ -13,6 +13,7 @@ xmlFiles
| project/build/intermediates/incremental/mergeReleaseJniLibFolders/merger.xml:0:0:0:0 | project/build/intermediates/incremental/mergeReleaseJniLibFolders/merger.xml |
| project/build/intermediates/incremental/mergeReleaseResources/merger.xml:0:0:0:0 | project/build/intermediates/incremental/mergeReleaseResources/merger.xml |
| project/build/intermediates/incremental/mergeReleaseShaders/merger.xml:0:0:0:0 | project/build/intermediates/incremental/mergeReleaseShaders/merger.xml |
| project/build/intermediates/lint_vital_partial_results/release/out/lint-issues-release.xml:0:0:0:0 | project/build/intermediates/lint_vital_partial_results/release/out/lint-issues-release.xml |
| project/build/intermediates/merged_manifest/release/AndroidManifest.xml:0:0:0:0 | project/build/intermediates/merged_manifest/release/AndroidManifest.xml |
| project/build/intermediates/merged_manifests/release/AndroidManifest.xml:0:0:0:0 | project/build/intermediates/merged_manifests/release/AndroidManifest.xml |
| project/build/intermediates/packaged_manifests/release/AndroidManifest.xml:0:0:0:0 | project/build/intermediates/packaged_manifests/release/AndroidManifest.xml |

4
java/ql/integration-tests/all-platforms/java/android-sample-old-style-no-wrapper/project/build.gradle
View File

@@ -55,4 +55,8 @@ android {
}
variantFilter { variant -> if (variant.buildType.name == "debug") { setIgnore(true) } }
lintOptions {
disable "Instantiatable"
}
}

1
java/ql/integration-tests/all-platforms/java/android-sample-old-style-no-wrapper/test.expected
View File

@@ -13,6 +13,7 @@ xmlFiles
| project/build/intermediates/incremental/mergeReleaseJniLibFolders/merger.xml:0:0:0:0 | project/build/intermediates/incremental/mergeReleaseJniLibFolders/merger.xml |
| project/build/intermediates/incremental/mergeReleaseResources/merger.xml:0:0:0:0 | project/build/intermediates/incremental/mergeReleaseResources/merger.xml |
| project/build/intermediates/incremental/mergeReleaseShaders/merger.xml:0:0:0:0 | project/build/intermediates/incremental/mergeReleaseShaders/merger.xml |
| project/build/intermediates/lint_vital_partial_results/release/out/lint-issues-release.xml:0:0:0:0 | project/build/intermediates/lint_vital_partial_results/release/out/lint-issues-release.xml |
| project/build/intermediates/merged_manifest/release/AndroidManifest.xml:0:0:0:0 | project/build/intermediates/merged_manifest/release/AndroidManifest.xml |
| project/build/intermediates/merged_manifests/release/AndroidManifest.xml:0:0:0:0 | project/build/intermediates/merged_manifests/release/AndroidManifest.xml |
| project/build/intermediates/packaged_manifests/release/AndroidManifest.xml:0:0:0:0 | project/build/intermediates/packaged_manifests/release/AndroidManifest.xml |

4
java/ql/integration-tests/all-platforms/java/android-sample-old-style/project/build.gradle
View File

@@ -55,4 +55,8 @@ android {
}
variantFilter { variant -> if (variant.buildType.name == "debug") { setIgnore(true) } }
lintOptions {
disable "Instantiatable"
}
}

1
java/ql/integration-tests/all-platforms/java/android-sample-old-style/test.expected
View File

@@ -13,6 +13,7 @@ xmlFiles
| project/build/intermediates/incremental/mergeReleaseJniLibFolders/merger.xml:0:0:0:0 | project/build/intermediates/incremental/mergeReleaseJniLibFolders/merger.xml |
| project/build/intermediates/incremental/mergeReleaseResources/merger.xml:0:0:0:0 | project/build/intermediates/incremental/mergeReleaseResources/merger.xml |
| project/build/intermediates/incremental/mergeReleaseShaders/merger.xml:0:0:0:0 | project/build/intermediates/incremental/mergeReleaseShaders/merger.xml |
| project/build/intermediates/lint_vital_partial_results/release/out/lint-issues-release.xml:0:0:0:0 | project/build/intermediates/lint_vital_partial_results/release/out/lint-issues-release.xml |
| project/build/intermediates/merged_manifest/release/AndroidManifest.xml:0:0:0:0 | project/build/intermediates/merged_manifest/release/AndroidManifest.xml |
| project/build/intermediates/merged_manifests/release/AndroidManifest.xml:0:0:0:0 | project/build/intermediates/merged_manifests/release/AndroidManifest.xml |
| project/build/intermediates/packaged_manifests/release/AndroidManifest.xml:0:0:0:0 | project/build/intermediates/packaged_manifests/release/AndroidManifest.xml |

1
java/ql/integration-tests/all-platforms/java/qlpack.yml
View File

@@ -2,3 +2,4 @@ dependencies:
codeql/java-all: '*'
codeql/java-tests: '*'
codeql/java-queries: '*'
warnOnImplicitThis: true

1
java/ql/integration-tests/all-platforms/kotlin/annotation-id-consistency/qlpack.yml
View File

@@ -5,3 +5,4 @@ dependencies:
codeql/java-queries: '*'
dataExtensions:
ext/*.model.yml
warnOnImplicitThis: true

1
java/ql/integration-tests/all-platforms/kotlin/default-parameter-mad-flow/qlpack.yml
View File

@@ -5,3 +5,4 @@ dependencies:
codeql/java-queries: '*'
dataExtensions:
ext/*.model.yml
warnOnImplicitThis: true

2
java/ql/integration-tests/all-platforms/kotlin/default-parameter-mad-flow/test.expected
View File

@@ -0,0 +1,2 @@
failures
testFailures

10
java/ql/integration-tests/all-platforms/kotlin/default-parameter-mad-flow/test.ql
View File

@@ -19,12 +19,10 @@ module Config implements DataFlow::ConfigSig {
module Flow = TaintTracking::Global<Config>;
class InlineFlowTest extends InlineExpectationsTest {
InlineFlowTest() { this = "HasFlowTest" }
module InlineFlowTest implements TestSig {
string getARelevantTag() { result = "flow" }
override string getARelevantTag() { result = "flow" }
override predicate hasActualResult(Location location, string element, string tag, string value) {
predicate hasActualResult(Location location, string element, string tag, string value) {
tag = "flow" and
exists(DataFlow::Node sink | Flow::flowTo(sink) |
sink.getLocation() = location and
@@ -33,3 +31,5 @@ class InlineFlowTest extends InlineExpectationsTest {
)
}
}
import MakeTest<InlineFlowTest>

1
java/ql/integration-tests/all-platforms/kotlin/gradle_kotlinx_serialization/qlpack.yml
View File

@@ -3,3 +3,4 @@ dependencies:
codeql/java-all: '*'
codeql/java-tests: '*'
codeql/java-queries: '*'
warnOnImplicitThis: true

1
java/ql/integration-tests/all-platforms/kotlin/kotlin-interface-inherited-default/qlpack.yml
View File

@@ -3,3 +3,4 @@ dependencies:
codeql/java-all: '*'
codeql/java-tests: '*'
codeql/java-queries: '*'
warnOnImplicitThis: true

1
java/ql/integration-tests/all-platforms/kotlin/kotlin_java_static_fields/qlpack.yml
View File

@@ -3,3 +3,4 @@ dependencies:
codeql/java-all: '*'
codeql/java-tests: '*'
codeql/java-queries: '*'
warnOnImplicitThis: true

1
java/ql/integration-tests/all-platforms/kotlin/qlpack.yml
View File

@@ -2,3 +2,4 @@ dependencies:
codeql/java-all: '*'
codeql/java-tests: '*'
codeql/java-queries: '*'
warnOnImplicitThis: true

1
java/ql/integration-tests/linux-only/kotlin/custom_plugin/qlpack.yml
View File

@@ -1,3 +1,4 @@
name: integrationtest-custom-plugin
dependencies:
codeql/java-all: '*'
warnOnImplicitThis: true

1
java/ql/integration-tests/linux-only/kotlin/qlpack.yml
View File

@@ -1,2 +1,3 @@
dependencies:
codeql/java-all: '*'
warnOnImplicitThis: true

2
java/ql/integration-tests/posix-only/kotlin/qlpack.yml
View File

@@ -2,4 +2,4 @@ dependencies:
codeql/java-all: '*'
codeql/java-tests: '*'
codeql/java-queries: '*'
warnOnImplicitThis: true

4
java/ql/lib/change-notes/2023-04-19-deprecated-execcallable.md Normal file
View File

@@ -0,0 +1,4 @@
---
category: deprecated
---
* The `ExecCallable` class in `ExternalProcess.qll` has been deprecated.

4
java/ql/lib/change-notes/2023-05-22-hudson-models.md Normal file
View File

@@ -0,0 +1,4 @@
---
category: minorAnalysis
---
* Added more models for the Hudson framework.

4
java/ql/lib/change-notes/2023-05-22-stapler-models.md Normal file
View File

@@ -0,0 +1,4 @@
---
category: minorAnalysis
---
* Added more models for the Stapler framework.

4
java/ql/lib/change-notes/2023-06-08-type-strengthening.md Normal file
View File

@@ -0,0 +1,4 @@
---
category: majorAnalysis
---
* The data flow library now performs type strengthening. This increases precision for all data flow queries by excluding paths that can be inferred to be impossible due to incompatible types.

8
java/ql/lib/change-notes/2023-06-14-jenkins-autogenerated-models.md Normal file
View File

@@ -0,0 +1,8 @@
---
category: minorAnalysis
---
* Added automatically-generated dataflow models for the following frameworks and libraries:
* `hudson`
* `jenkins`
* `net.sf.json`
* `stapler`

4
java/ql/lib/change-notes/2023-06-22-url-tostring-model.md Normal file
View File

@@ -0,0 +1,4 @@
---
category: minorAnalysis
---
* Added a missing summary model for the method `java.net.URL.toString`.

4
java/ql/lib/change-notes/2023-06-28-javax-portlet-autogenerated-models.md Normal file
View File

@@ -0,0 +1,4 @@
---
category: minorAnalysis
---
* Added automatically-generated dataflow models for `javax.portlet`.

6
java/ql/lib/ext/experimental/com.jcraft.jsch.model.yml Normal file
View File

@@ -0,0 +1,6 @@
extensions:
- addsTo:
pack: codeql/java-all
extensible: experimentalSinkModel
data:
- ["com.jcraft.jsch", "ChannelExec", True, "setCommand", "", "", "Argument[0]", "command-injection", "manual", "jsch-os-injection"]

190
java/ql/lib/ext/generated/javax.portlet.model.yml Normal file
View File

@@ -0,0 +1,190 @@
# THIS FILE IS AN AUTO-GENERATED MODELS AS DATA FILE. DO NOT EDIT.
# Definitions of models for the Java Portlet framework.
extensions:
- addsTo:
pack: codeql/java-all
extensible: summaryModel
data:
- ["javax.portlet.filter", "ActionRequestWrapper", true, "ActionRequestWrapper", "(ActionRequest)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["javax.portlet.filter", "ActionRequestWrapper", true, "setRequest", "(ActionRequest)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["javax.portlet.filter", "ActionResponseWrapper", true, "ActionResponseWrapper", "(ActionResponse)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["javax.portlet.filter", "ActionResponseWrapper", true, "setResponse", "(ActionResponse)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["javax.portlet.filter", "EventRequestWrapper", true, "EventRequestWrapper", "(EventRequest)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["javax.portlet.filter", "EventRequestWrapper", true, "setRequest", "(EventRequest)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["javax.portlet.filter", "EventResponseWrapper", true, "EventResponseWrapper", "(EventResponse)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["javax.portlet.filter", "EventResponseWrapper", true, "setResponse", "(EventResponse)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["javax.portlet.filter", "PortletRequestWrapper", true, "PortletRequestWrapper", "(PortletRequest)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["javax.portlet.filter", "PortletRequestWrapper", true, "getRequest", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["javax.portlet.filter", "PortletRequestWrapper", true, "setRequest", "(PortletRequest)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["javax.portlet.filter", "PortletResponseWrapper", true, "PortletResponseWrapper", "(PortletResponse)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["javax.portlet.filter", "PortletResponseWrapper", true, "getResponse", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["javax.portlet.filter", "PortletResponseWrapper", true, "setResponse", "(PortletResponse)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["javax.portlet.filter", "RenderRequestWrapper", true, "RenderRequestWrapper", "(RenderRequest)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["javax.portlet.filter", "RenderRequestWrapper", true, "setRequest", "(RenderRequest)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["javax.portlet.filter", "RenderResponseWrapper", true, "RenderResponseWrapper", "(RenderResponse)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["javax.portlet.filter", "RenderResponseWrapper", true, "setResponse", "(RenderResponse)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["javax.portlet.filter", "ResourceRequestWrapper", true, "ResourceRequestWrapper", "(ResourceRequest)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["javax.portlet.filter", "ResourceRequestWrapper", true, "setRequest", "(ResourceRequest)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["javax.portlet.filter", "ResourceResponseWrapper", true, "ResourceResponseWrapper", "(ResourceResponse)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["javax.portlet.filter", "ResourceResponseWrapper", true, "setResponse", "(ResourceResponse)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["javax.portlet", "GenericPortlet", true, "getPortletConfig", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["javax.portlet", "Portlet", true, "init", "(PortletConfig)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["javax.portlet", "PortletException", true, "PortletException", "(String)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["javax.portlet", "PortletException", true, "PortletException", "(String,Throwable)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["javax.portlet", "PortletException", true, "PortletException", "(String,Throwable)", "", "Argument[1]", "Argument[this]", "taint", "df-generated"]
- ["javax.portlet", "PortletMode", true, "PortletMode", "(String)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["javax.portlet", "PortletMode", true, "toString", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["javax.portlet", "PortletModeException", true, "PortletModeException", "(String,PortletMode)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["javax.portlet", "PortletModeException", true, "PortletModeException", "(String,PortletMode)", "", "Argument[1]", "Argument[this]", "taint", "df-generated"]
- ["javax.portlet", "PortletModeException", true, "PortletModeException", "(String,Throwable,PortletMode)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["javax.portlet", "PortletModeException", true, "PortletModeException", "(String,Throwable,PortletMode)", "", "Argument[1]", "Argument[this]", "taint", "df-generated"]
- ["javax.portlet", "PortletModeException", true, "PortletModeException", "(String,Throwable,PortletMode)", "", "Argument[2]", "Argument[this]", "taint", "df-generated"]
- ["javax.portlet", "PortletModeException", true, "PortletModeException", "(Throwable,PortletMode)", "", "Argument[1]", "Argument[this]", "taint", "df-generated"]
- ["javax.portlet", "PortletModeException", true, "getMode", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["javax.portlet", "PortletSecurityException", true, "PortletSecurityException", "(String)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["javax.portlet", "PortletSecurityException", true, "PortletSecurityException", "(String,Throwable)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["javax.portlet", "PortletSecurityException", true, "PortletSecurityException", "(String,Throwable)", "", "Argument[1]", "Argument[this]", "taint", "df-generated"]
- ["javax.portlet", "PortletSessionUtil", true, "decodeAttributeName", "(String)", "", "Argument[0]", "ReturnValue", "taint", "df-generated"]
- ["javax.portlet", "ReadOnlyException", true, "ReadOnlyException", "(String)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["javax.portlet", "ReadOnlyException", true, "ReadOnlyException", "(String,Throwable)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["javax.portlet", "ReadOnlyException", true, "ReadOnlyException", "(String,Throwable)", "", "Argument[1]", "Argument[this]", "taint", "df-generated"]
- ["javax.portlet", "UnavailableException", true, "UnavailableException", "(String)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["javax.portlet", "UnavailableException", true, "UnavailableException", "(String,int)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["javax.portlet", "ValidatorException", true, "ValidatorException", "(String,Collection)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["javax.portlet", "ValidatorException", true, "ValidatorException", "(String,Collection)", "", "Argument[1].Element", "Argument[this]", "taint", "df-generated"]
- ["javax.portlet", "ValidatorException", true, "ValidatorException", "(String,Throwable,Collection)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["javax.portlet", "ValidatorException", true, "ValidatorException", "(String,Throwable,Collection)", "", "Argument[1]", "Argument[this]", "taint", "df-generated"]
- ["javax.portlet", "ValidatorException", true, "ValidatorException", "(String,Throwable,Collection)", "", "Argument[2].Element", "Argument[this]", "taint", "df-generated"]
- ["javax.portlet", "ValidatorException", true, "ValidatorException", "(Throwable,Collection)", "", "Argument[1].Element", "Argument[this]", "taint", "df-generated"]
- ["javax.portlet", "ValidatorException", true, "getFailedKeys", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["javax.portlet", "WindowState", true, "WindowState", "(String)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["javax.portlet", "WindowState", true, "toString", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["javax.portlet", "WindowStateException", true, "WindowStateException", "(String,Throwable,WindowState)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["javax.portlet", "WindowStateException", true, "WindowStateException", "(String,Throwable,WindowState)", "", "Argument[1]", "Argument[this]", "taint", "df-generated"]
- ["javax.portlet", "WindowStateException", true, "WindowStateException", "(String,Throwable,WindowState)", "", "Argument[2]", "Argument[this]", "taint", "df-generated"]
- ["javax.portlet", "WindowStateException", true, "WindowStateException", "(String,WindowState)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["javax.portlet", "WindowStateException", true, "WindowStateException", "(String,WindowState)", "", "Argument[1]", "Argument[this]", "taint", "df-generated"]
- ["javax.portlet", "WindowStateException", true, "WindowStateException", "(Throwable,WindowState)", "", "Argument[1]", "Argument[this]", "taint", "df-generated"]
- ["javax.portlet", "WindowStateException", true, "getState", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- addsTo:
pack: codeql/java-all
extensible: neutralModel
data:
- ["javax.portlet", "ActionResponse", "sendRedirect", "(String)", "summary", "df-generated"]
- ["javax.portlet", "ActionResponse", "sendRedirect", "(String,String)", "summary", "df-generated"]
- ["javax.portlet", "ClientDataRequest", "getCharacterEncoding", "()", "summary", "df-generated"]
- ["javax.portlet", "ClientDataRequest", "getContentLength", "()", "summary", "df-generated"]
- ["javax.portlet", "ClientDataRequest", "getContentType", "()", "summary", "df-generated"]
- ["javax.portlet", "ClientDataRequest", "getMethod", "()", "summary", "df-generated"]
- ["javax.portlet", "ClientDataRequest", "getPortletInputStream", "()", "summary", "df-generated"]
- ["javax.portlet", "ClientDataRequest", "getReader", "()", "summary", "df-generated"]
- ["javax.portlet", "ClientDataRequest", "setCharacterEncoding", "(String)", "summary", "df-generated"]
- ["javax.portlet", "EventPortlet", "processEvent", "(EventRequest,EventResponse)", "summary", "df-generated"]
- ["javax.portlet", "EventRequest", "getEvent", "()", "summary", "df-generated"]
- ["javax.portlet", "EventRequest", "getMethod", "()", "summary", "df-generated"]
- ["javax.portlet", "EventResponse", "setRenderParameters", "(EventRequest)", "summary", "df-generated"]
- ["javax.portlet", "GenericPortlet", "init", "()", "summary", "df-generated"]
- ["javax.portlet", "MimeResponse", "createActionURL", "()", "summary", "df-generated"]
- ["javax.portlet", "MimeResponse", "createRenderURL", "()", "summary", "df-generated"]
- ["javax.portlet", "MimeResponse", "createResourceURL", "()", "summary", "df-generated"]
- ["javax.portlet", "MimeResponse", "flushBuffer", "()", "summary", "df-generated"]
- ["javax.portlet", "MimeResponse", "getBufferSize", "()", "summary", "df-generated"]
- ["javax.portlet", "MimeResponse", "getCacheControl", "()", "summary", "df-generated"]
- ["javax.portlet", "MimeResponse", "getCharacterEncoding", "()", "summary", "df-generated"]
- ["javax.portlet", "MimeResponse", "getContentType", "()", "summary", "df-generated"]
- ["javax.portlet", "MimeResponse", "getLocale", "()", "summary", "df-generated"]
- ["javax.portlet", "MimeResponse", "getPortletOutputStream", "()", "summary", "df-generated"]
- ["javax.portlet", "MimeResponse", "getWriter", "()", "summary", "df-generated"]
- ["javax.portlet", "MimeResponse", "isCommitted", "()", "summary", "df-generated"]
- ["javax.portlet", "MimeResponse", "reset", "()", "summary", "df-generated"]
- ["javax.portlet", "MimeResponse", "resetBuffer", "()", "summary", "df-generated"]
- ["javax.portlet", "MimeResponse", "setBufferSize", "(int)", "summary", "df-generated"]
- ["javax.portlet", "MimeResponse", "setContentType", "(String)", "summary", "df-generated"]
- ["javax.portlet", "Portlet", "destroy", "()", "summary", "df-generated"]
- ["javax.portlet", "Portlet", "processAction", "(ActionRequest,ActionResponse)", "summary", "df-generated"]
- ["javax.portlet", "Portlet", "render", "(RenderRequest,RenderResponse)", "summary", "df-generated"]
- ["javax.portlet", "PortletConfig", "getContainerRuntimeOptions", "()", "summary", "df-generated"]
- ["javax.portlet", "PortletConfig", "getDefaultNamespace", "()", "summary", "df-generated"]
- ["javax.portlet", "PortletConfig", "getInitParameter", "(String)", "summary", "df-generated"]
- ["javax.portlet", "PortletConfig", "getInitParameterNames", "()", "summary", "df-generated"]
- ["javax.portlet", "PortletConfig", "getPortletContext", "()", "summary", "df-generated"]
- ["javax.portlet", "PortletConfig", "getPortletName", "()", "summary", "df-generated"]
- ["javax.portlet", "PortletConfig", "getProcessingEventQNames", "()", "summary", "df-generated"]
- ["javax.portlet", "PortletConfig", "getPublicRenderParameterNames", "()", "summary", "df-generated"]
- ["javax.portlet", "PortletConfig", "getPublishingEventQNames", "()", "summary", "df-generated"]
- ["javax.portlet", "PortletConfig", "getResourceBundle", "(Locale)", "summary", "df-generated"]
- ["javax.portlet", "PortletConfig", "getSupportedLocales", "()", "summary", "df-generated"]
- ["javax.portlet", "PortletException", "PortletException", "(Throwable)", "summary", "df-generated"]
- ["javax.portlet", "PortletRequest$P3PUserInfos", "toString", "()", "summary", "df-generated"]
- ["javax.portlet", "PortletRequest", "getAttribute", "(String)", "summary", "df-generated"]
- ["javax.portlet", "PortletRequest", "getAttributeNames", "()", "summary", "df-generated"]
- ["javax.portlet", "PortletRequest", "getAuthType", "()", "summary", "df-generated"]
- ["javax.portlet", "PortletRequest", "getContextPath", "()", "summary", "df-generated"]
- ["javax.portlet", "PortletRequest", "getCookies", "()", "summary", "df-generated"]
- ["javax.portlet", "PortletRequest", "getLocale", "()", "summary", "df-generated"]
- ["javax.portlet", "PortletRequest", "getLocales", "()", "summary", "df-generated"]
- ["javax.portlet", "PortletRequest", "getParameter", "(String)", "summary", "df-generated"]
- ["javax.portlet", "PortletRequest", "getParameterMap", "()", "summary", "df-generated"]
- ["javax.portlet", "PortletRequest", "getParameterNames", "()", "summary", "df-generated"]
- ["javax.portlet", "PortletRequest", "getParameterValues", "(String)", "summary", "df-generated"]
- ["javax.portlet", "PortletRequest", "getPortalContext", "()", "summary", "df-generated"]
- ["javax.portlet", "PortletRequest", "getPortletMode", "()", "summary", "df-generated"]
- ["javax.portlet", "PortletRequest", "getPortletSession", "()", "summary", "df-generated"]
- ["javax.portlet", "PortletRequest", "getPortletSession", "(boolean)", "summary", "df-generated"]
- ["javax.portlet", "PortletRequest", "getPreferences", "()", "summary", "df-generated"]
- ["javax.portlet", "PortletRequest", "getPrivateParameterMap", "()", "summary", "df-generated"]
- ["javax.portlet", "PortletRequest", "getProperties", "(String)", "summary", "df-generated"]
- ["javax.portlet", "PortletRequest", "getProperty", "(String)", "summary", "df-generated"]
- ["javax.portlet", "PortletRequest", "getPropertyNames", "()", "summary", "df-generated"]
- ["javax.portlet", "PortletRequest", "getPublicParameterMap", "()", "summary", "df-generated"]
- ["javax.portlet", "PortletRequest", "getRemoteUser", "()", "summary", "df-generated"]
- ["javax.portlet", "PortletRequest", "getRequestedSessionId", "()", "summary", "df-generated"]
- ["javax.portlet", "PortletRequest", "getResponseContentType", "()", "summary", "df-generated"]
- ["javax.portlet", "PortletRequest", "getResponseContentTypes", "()", "summary", "df-generated"]
- ["javax.portlet", "PortletRequest", "getScheme", "()", "summary", "df-generated"]
- ["javax.portlet", "PortletRequest", "getServerName", "()", "summary", "df-generated"]
- ["javax.portlet", "PortletRequest", "getServerPort", "()", "summary", "df-generated"]
- ["javax.portlet", "PortletRequest", "getUserPrincipal", "()", "summary", "df-generated"]
- ["javax.portlet", "PortletRequest", "getWindowID", "()", "summary", "df-generated"]
- ["javax.portlet", "PortletRequest", "getWindowState", "()", "summary", "df-generated"]
- ["javax.portlet", "PortletRequest", "isPortletModeAllowed", "(PortletMode)", "summary", "df-generated"]
- ["javax.portlet", "PortletRequest", "isRequestedSessionIdValid", "()", "summary", "df-generated"]
- ["javax.portlet", "PortletRequest", "isSecure", "()", "summary", "df-generated"]
- ["javax.portlet", "PortletRequest", "isUserInRole", "(String)", "summary", "df-generated"]
- ["javax.portlet", "PortletRequest", "isWindowStateAllowed", "(WindowState)", "summary", "df-generated"]
- ["javax.portlet", "PortletRequest", "removeAttribute", "(String)", "summary", "df-generated"]
- ["javax.portlet", "PortletRequest", "setAttribute", "(String,Object)", "summary", "df-generated"]
- ["javax.portlet", "PortletResponse", "addProperty", "(Cookie)", "summary", "df-generated"]
- ["javax.portlet", "PortletResponse", "addProperty", "(String,Element)", "summary", "df-generated"]
- ["javax.portlet", "PortletResponse", "addProperty", "(String,String)", "summary", "df-generated"]
- ["javax.portlet", "PortletResponse", "createElement", "(String)", "summary", "df-generated"]
- ["javax.portlet", "PortletResponse", "encodeURL", "(String)", "summary", "df-generated"]
- ["javax.portlet", "PortletResponse", "getNamespace", "()", "summary", "df-generated"]
- ["javax.portlet", "PortletResponse", "setProperty", "(String,String)", "summary", "df-generated"]
- ["javax.portlet", "PortletSecurityException", "PortletSecurityException", "(Throwable)", "summary", "df-generated"]
- ["javax.portlet", "PortletSessionUtil", "decodeScope", "(String)", "summary", "df-generated"]
- ["javax.portlet", "ReadOnlyException", "ReadOnlyException", "(Throwable)", "summary", "df-generated"]
- ["javax.portlet", "RenderRequest", "getETag", "()", "summary", "df-generated"]
- ["javax.portlet", "RenderResponse", "setNextPossiblePortletModes", "(Collection)", "summary", "df-generated"]
- ["javax.portlet", "RenderResponse", "setTitle", "(String)", "summary", "df-generated"]
- ["javax.portlet", "ResourceRequest", "getCacheability", "()", "summary", "df-generated"]
- ["javax.portlet", "ResourceRequest", "getETag", "()", "summary", "df-generated"]
- ["javax.portlet", "ResourceRequest", "getPrivateRenderParameterMap", "()", "summary", "df-generated"]
- ["javax.portlet", "ResourceRequest", "getResourceID", "()", "summary", "df-generated"]
- ["javax.portlet", "ResourceResponse", "setCharacterEncoding", "(String)", "summary", "df-generated"]
- ["javax.portlet", "ResourceResponse", "setContentLength", "(int)", "summary", "df-generated"]
- ["javax.portlet", "ResourceResponse", "setLocale", "(Locale)", "summary", "df-generated"]
- ["javax.portlet", "ResourceServingPortlet", "serveResource", "(ResourceRequest,ResourceResponse)", "summary", "df-generated"]
- ["javax.portlet", "StateAwareResponse", "getPortletMode", "()", "summary", "df-generated"]
- ["javax.portlet", "StateAwareResponse", "getRenderParameterMap", "()", "summary", "df-generated"]
- ["javax.portlet", "StateAwareResponse", "getWindowState", "()", "summary", "df-generated"]
- ["javax.portlet", "StateAwareResponse", "removePublicRenderParameter", "(String)", "summary", "df-generated"]
- ["javax.portlet", "StateAwareResponse", "setEvent", "(QName,Serializable)", "summary", "df-generated"]
- ["javax.portlet", "StateAwareResponse", "setEvent", "(String,Serializable)", "summary", "df-generated"]
- ["javax.portlet", "StateAwareResponse", "setPortletMode", "(PortletMode)", "summary", "df-generated"]
- ["javax.portlet", "StateAwareResponse", "setRenderParameter", "(String,String)", "summary", "df-generated"]
- ["javax.portlet", "StateAwareResponse", "setRenderParameter", "(String,String[])", "summary", "df-generated"]
- ["javax.portlet", "StateAwareResponse", "setRenderParameters", "(Map)", "summary", "df-generated"]
- ["javax.portlet", "StateAwareResponse", "setWindowState", "(WindowState)", "summary", "df-generated"]
- ["javax.portlet", "UnavailableException", "getUnavailableSeconds", "()", "summary", "df-generated"]
- ["javax.portlet", "UnavailableException", "isPermanent", "()", "summary", "df-generated"]

598
java/ql/lib/ext/generated/jenkins-json-lib.model.yml Normal file
View File

@@ -0,0 +1,598 @@
# THIS FILE IS AN AUTO-GENERATED MODELS AS DATA FILE. DO NOT EDIT.
# Definitions of models for the Jenkins JSON Lib framework.
extensions:
- addsTo:
pack: codeql/java-all
extensible: sinkModel
data:
- ["net.sf.json.groovy", "JsonSlurper", true, "parse", "(String)", "", "Argument[0]", "request-forgery", "df-generated"]
- ["net.sf.json.groovy", "JsonSlurper", true, "parse", "(URL)", "", "Argument[0]", "request-forgery", "df-generated"]
- addsTo:
pack: codeql/java-all
extensible: summaryModel
data:
- ["net.sf.json.filters", "AndPropertyFilter", true, "AndPropertyFilter", "(PropertyFilter,PropertyFilter)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["net.sf.json.filters", "AndPropertyFilter", true, "AndPropertyFilter", "(PropertyFilter,PropertyFilter)", "", "Argument[1]", "Argument[this]", "taint", "df-generated"]
- ["net.sf.json.filters", "CompositePropertyFilter", true, "CompositePropertyFilter", "(List)", "", "Argument[0].Element", "Argument[this]", "taint", "df-generated"]
- ["net.sf.json.filters", "CompositePropertyFilter", true, "addPropertyFilter", "(PropertyFilter)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["net.sf.json.filters", "MappingPropertyFilter", true, "MappingPropertyFilter", "(Map)", "", "Argument[0].Element", "Argument[this]", "taint", "df-generated"]
- ["net.sf.json.filters", "MappingPropertyFilter", true, "addPropertyFilter", "(Object,PropertyFilter)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["net.sf.json.filters", "MappingPropertyFilter", true, "addPropertyFilter", "(Object,PropertyFilter)", "", "Argument[1]", "Argument[this]", "taint", "df-generated"]
- ["net.sf.json.filters", "NotPropertyFilter", true, "NotPropertyFilter", "(PropertyFilter)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["net.sf.json.filters", "OrPropertyFilter", true, "OrPropertyFilter", "(PropertyFilter,PropertyFilter)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["net.sf.json.filters", "OrPropertyFilter", true, "OrPropertyFilter", "(PropertyFilter,PropertyFilter)", "", "Argument[1]", "Argument[this]", "taint", "df-generated"]
- ["net.sf.json.groovy", "JsonGroovyBuilder", true, "getJsonConfig", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json.groovy", "JsonGroovyBuilder", true, "setJsonConfig", "(JsonConfig)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["net.sf.json.groovy", "JsonSlurper", true, "JsonSlurper", "(JsonConfig)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["net.sf.json.groovy", "JsonSlurper", true, "parse", "(InputStream)", "", "Argument[0]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json.groovy", "JsonSlurper", true, "parse", "(Reader)", "", "Argument[0]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json.groovy", "JsonSlurper", true, "parseText", "(String)", "", "Argument[0]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json.regexp", "RegexpMatcher", true, "getGroupIfMatches", "(String,int)", "", "Argument[0]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json.util", "JSONBuilder", true, "JSONBuilder", "(Writer)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["net.sf.json.util", "JSONBuilder", true, "array", "()", "", "Argument[this]", "ReturnValue", "value", "df-generated"]
- ["net.sf.json.util", "JSONBuilder", true, "endArray", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json.util", "JSONBuilder", true, "endObject", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json.util", "JSONBuilder", true, "key", "(String)", "", "Argument[this]", "ReturnValue", "value", "df-generated"]
- ["net.sf.json.util", "JSONBuilder", true, "object", "()", "", "Argument[this]", "ReturnValue", "value", "df-generated"]
- ["net.sf.json.util", "JSONBuilder", true, "value", "(Object)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json.util", "JSONBuilder", true, "value", "(Object)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["net.sf.json.util", "JSONBuilder", true, "value", "(Object)", "", "Argument[0]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json.util", "JSONBuilder", true, "value", "(boolean)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json.util", "JSONBuilder", true, "value", "(double)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json.util", "JSONBuilder", true, "value", "(long)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json.util", "JSONTokener", true, "JSONTokener", "(String)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["net.sf.json.util", "JSONTokener", true, "next", "(int)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json.util", "JSONTokener", true, "nextValue", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json.util", "JSONTokener", true, "nextValue", "(JsonConfig)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json.util", "JSONTokener", true, "nextValue", "(JsonConfig)", "", "Argument[0]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json.util", "JSONTokener", true, "toString", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json.util", "JSONUtils", false, "convertToJavaIdentifier", "(String)", "", "Argument[0]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json.util", "JSONUtils", false, "convertToJavaIdentifier", "(String,JsonConfig)", "", "Argument[0]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json.util", "JSONUtils", false, "getFunctionBody", "(String)", "", "Argument[0]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json.util", "JSONUtils", false, "getFunctionParams", "(String)", "", "Argument[0]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json.util", "JSONUtils", false, "getProperties", "(JSONObject)", "", "Argument[0].Element", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json.util", "JSONUtils", false, "stripQuotes", "(String)", "", "Argument[0]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json.util", "JSONUtils", false, "valueToCanonicalString", "(Object)", "", "Argument[0]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json.util", "JSONUtils", false, "valueToString", "(Object)", "", "Argument[0]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json.util", "JSONUtils", false, "valueToString", "(Object,int,int)", "", "Argument[0]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json.util", "JavaIdentifierTransformer", true, "transformToJavaIdentifier", "(String)", "", "Argument[0]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json.util", "PropertySetStrategy", true, "setProperty", "(Object,String,Object)", "", "Argument[1]", "Argument[0]", "taint", "df-generated"]
- ["net.sf.json.util", "PropertySetStrategy", true, "setProperty", "(Object,String,Object)", "", "Argument[2]", "Argument[0]", "taint", "df-generated"]
- ["net.sf.json.util", "PropertySetStrategy", true, "setProperty", "(Object,String,Object,JsonConfig)", "", "Argument[1]", "Argument[0]", "taint", "df-generated"]
- ["net.sf.json.util", "PropertySetStrategy", true, "setProperty", "(Object,String,Object,JsonConfig)", "", "Argument[2]", "Argument[0]", "taint", "df-generated"]
- ["net.sf.json.util", "WebHijackPreventionStrategy", true, "protect", "(String)", "", "Argument[0]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json.util", "WebUtils", true, "protect", "(JSON)", "", "Argument[0]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json.util", "WebUtils", true, "protect", "(JSON,boolean)", "", "Argument[0]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json.util", "WebUtils", true, "toString", "(JSON)", "", "Argument[0]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json.xml", "XMLSerializer", true, "addNamespace", "(String,String)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["net.sf.json.xml", "XMLSerializer", true, "addNamespace", "(String,String)", "", "Argument[1]", "Argument[this]", "taint", "df-generated"]
- ["net.sf.json.xml", "XMLSerializer", true, "addNamespace", "(String,String,String)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["net.sf.json.xml", "XMLSerializer", true, "addNamespace", "(String,String,String)", "", "Argument[1]", "Argument[this]", "taint", "df-generated"]
- ["net.sf.json.xml", "XMLSerializer", true, "addNamespace", "(String,String,String)", "", "Argument[2]", "Argument[this]", "taint", "df-generated"]
- ["net.sf.json.xml", "XMLSerializer", true, "getArrayName", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json.xml", "XMLSerializer", true, "getElementName", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json.xml", "XMLSerializer", true, "getExpandableProperties", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json.xml", "XMLSerializer", true, "getObjectName", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json.xml", "XMLSerializer", true, "getRootName", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json.xml", "XMLSerializer", true, "setArrayName", "(String)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["net.sf.json.xml", "XMLSerializer", true, "setElementName", "(String)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["net.sf.json.xml", "XMLSerializer", true, "setExpandableProperties", "(String[])", "", "Argument[0].ArrayElement", "Argument[this]", "taint", "df-generated"]
- ["net.sf.json.xml", "XMLSerializer", true, "setNamespace", "(String,String)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["net.sf.json.xml", "XMLSerializer", true, "setNamespace", "(String,String)", "", "Argument[1]", "Argument[this]", "taint", "df-generated"]
- ["net.sf.json.xml", "XMLSerializer", true, "setNamespace", "(String,String,String)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["net.sf.json.xml", "XMLSerializer", true, "setNamespace", "(String,String,String)", "", "Argument[1]", "Argument[this]", "taint", "df-generated"]
- ["net.sf.json.xml", "XMLSerializer", true, "setNamespace", "(String,String,String)", "", "Argument[2]", "Argument[this]", "taint", "df-generated"]
- ["net.sf.json.xml", "XMLSerializer", true, "setObjectName", "(String)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["net.sf.json.xml", "XMLSerializer", true, "setRootName", "(String)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["net.sf.json", "JSON", true, "toString", "(int)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSON", true, "toString", "(int,int)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSON", true, "write", "(Writer)", "", "Argument[0]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSON", true, "writeCanonical", "(Writer)", "", "Argument[0]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSONArray", false, "add", "(Object,JsonConfig)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["net.sf.json", "JSONArray", false, "add", "(int,Object,JsonConfig)", "", "Argument[1]", "Argument[this]", "taint", "df-generated"]
- ["net.sf.json", "JSONArray", false, "addAll", "(Collection,JsonConfig)", "", "Argument[0].Element", "Argument[this]", "taint", "df-generated"]
- ["net.sf.json", "JSONArray", false, "addAll", "(int,Collection,JsonConfig)", "", "Argument[1].Element", "Argument[this]", "taint", "df-generated"]
- ["net.sf.json", "JSONArray", false, "discard", "(Object)", "", "Argument[this]", "ReturnValue", "value", "df-generated"]
- ["net.sf.json", "JSONArray", false, "discard", "(int)", "", "Argument[this]", "ReturnValue", "value", "df-generated"]
- ["net.sf.json", "JSONArray", false, "element", "(Collection)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSONArray", false, "element", "(Collection)", "", "Argument[0].Element", "Argument[this]", "taint", "df-generated"]
- ["net.sf.json", "JSONArray", false, "element", "(Collection)", "", "Argument[0].Element", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSONArray", false, "element", "(Collection,JsonConfig)", "", "Argument[this]", "ReturnValue", "value", "df-generated"]
- ["net.sf.json", "JSONArray", false, "element", "(Collection,JsonConfig)", "", "Argument[0].Element", "Argument[this]", "taint", "df-generated"]
- ["net.sf.json", "JSONArray", false, "element", "(JSONNull)", "", "Argument[this]", "ReturnValue", "value", "df-generated"]
- ["net.sf.json", "JSONArray", false, "element", "(JSONNull)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["net.sf.json", "JSONArray", false, "element", "(JSONObject)", "", "Argument[this]", "ReturnValue", "value", "df-generated"]
- ["net.sf.json", "JSONArray", false, "element", "(JSONObject)", "", "Argument[0].Element", "Argument[this]", "taint", "df-generated"]
- ["net.sf.json", "JSONArray", false, "element", "(Map)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSONArray", false, "element", "(Map)", "", "Argument[0].Element", "Argument[this]", "taint", "df-generated"]
- ["net.sf.json", "JSONArray", false, "element", "(Map)", "", "Argument[0].Element", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSONArray", false, "element", "(Map,JsonConfig)", "", "Argument[this]", "ReturnValue", "value", "df-generated"]
- ["net.sf.json", "JSONArray", false, "element", "(Map,JsonConfig)", "", "Argument[0].Element", "Argument[this]", "taint", "df-generated"]
- ["net.sf.json", "JSONArray", false, "element", "(Object)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSONArray", false, "element", "(Object)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["net.sf.json", "JSONArray", false, "element", "(Object)", "", "Argument[0]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSONArray", false, "element", "(Object,JsonConfig)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSONArray", false, "element", "(Object,JsonConfig)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["net.sf.json", "JSONArray", false, "element", "(Object,JsonConfig)", "", "Argument[0]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSONArray", false, "element", "(String)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSONArray", false, "element", "(String)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["net.sf.json", "JSONArray", false, "element", "(String)", "", "Argument[0]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSONArray", false, "element", "(String,JsonConfig)", "", "Argument[this]", "ReturnValue", "value", "df-generated"]
- ["net.sf.json", "JSONArray", false, "element", "(String,JsonConfig)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["net.sf.json", "JSONArray", false, "element", "(boolean)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSONArray", false, "element", "(double)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSONArray", false, "element", "(int)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSONArray", false, "element", "(int,Collection)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSONArray", false, "element", "(int,Collection)", "", "Argument[1].Element", "Argument[this]", "taint", "df-generated"]
- ["net.sf.json", "JSONArray", false, "element", "(int,Collection)", "", "Argument[1].Element", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSONArray", false, "element", "(int,Collection,JsonConfig)", "", "Argument[this]", "ReturnValue", "value", "df-generated"]
- ["net.sf.json", "JSONArray", false, "element", "(int,Collection,JsonConfig)", "", "Argument[1].Element", "Argument[this]", "taint", "df-generated"]
- ["net.sf.json", "JSONArray", false, "element", "(int,Map)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSONArray", false, "element", "(int,Map)", "", "Argument[1].Element", "Argument[this]", "taint", "df-generated"]
- ["net.sf.json", "JSONArray", false, "element", "(int,Map)", "", "Argument[1].Element", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSONArray", false, "element", "(int,Map,JsonConfig)", "", "Argument[this]", "ReturnValue", "value", "df-generated"]
- ["net.sf.json", "JSONArray", false, "element", "(int,Map,JsonConfig)", "", "Argument[1].Element", "Argument[this]", "taint", "df-generated"]
- ["net.sf.json", "JSONArray", false, "element", "(int,Object)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSONArray", false, "element", "(int,Object)", "", "Argument[1]", "Argument[this]", "taint", "df-generated"]
- ["net.sf.json", "JSONArray", false, "element", "(int,Object)", "", "Argument[1]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSONArray", false, "element", "(int,Object,JsonConfig)", "", "Argument[this]", "ReturnValue", "value", "df-generated"]
- ["net.sf.json", "JSONArray", false, "element", "(int,Object,JsonConfig)", "", "Argument[1]", "Argument[this]", "taint", "df-generated"]
- ["net.sf.json", "JSONArray", false, "element", "(int,String)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSONArray", false, "element", "(int,String)", "", "Argument[1]", "Argument[this]", "taint", "df-generated"]
- ["net.sf.json", "JSONArray", false, "element", "(int,String)", "", "Argument[1]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSONArray", false, "element", "(int,String,JsonConfig)", "", "Argument[this]", "ReturnValue", "value", "df-generated"]
- ["net.sf.json", "JSONArray", false, "element", "(int,String,JsonConfig)", "", "Argument[1]", "Argument[this]", "taint", "df-generated"]
- ["net.sf.json", "JSONArray", false, "element", "(int,boolean)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSONArray", false, "element", "(int,double)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSONArray", false, "element", "(int,int)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSONArray", false, "element", "(int,long)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSONArray", false, "element", "(long)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSONArray", false, "fromObject", "(Object)", "", "Argument[0]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSONArray", false, "fromObject", "(Object,JsonConfig)", "", "Argument[0]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSONArray", false, "getJSONArray", "(int)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSONArray", false, "getJSONObject", "(int)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSONArray", false, "getString", "(int)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSONArray", false, "join", "(String)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSONArray", false, "join", "(String)", "", "Argument[0]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSONArray", false, "join", "(String,boolean)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSONArray", false, "join", "(String,boolean)", "", "Argument[0]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSONArray", false, "opt", "(int)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSONArray", false, "optJSONArray", "(int)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSONArray", false, "optJSONObject", "(int)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSONArray", false, "optString", "(int)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSONArray", false, "optString", "(int,String)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSONArray", false, "optString", "(int,String)", "", "Argument[1]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSONArray", false, "set", "(int,Object,JsonConfig)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSONArray", false, "set", "(int,Object,JsonConfig)", "", "Argument[1]", "Argument[this]", "taint", "df-generated"]
- ["net.sf.json", "JSONArray", false, "toCollection", "(JSONArray)", "", "Argument[0].Element", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSONArray", false, "toCollection", "(JSONArray,Class)", "", "Argument[0].Element", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSONArray", false, "toCollection", "(JSONArray,JsonConfig)", "", "Argument[0].Element", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSONArray", false, "toCollection", "(JSONArray,JsonConfig)", "", "Argument[1]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSONArray", false, "toJSONObject", "(JSONArray)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSONArray", false, "toJSONObject", "(JSONArray)", "", "Argument[0].Element", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSONArray", false, "toList", "(JSONArray)", "", "Argument[0].Element", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSONArray", false, "toList", "(JSONArray,Class)", "", "Argument[0].Element", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSONArray", false, "toList", "(JSONArray,Class,Map)", "", "Argument[0].Element", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSONArray", false, "toList", "(JSONArray,JsonConfig)", "", "Argument[0].Element", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSONArray", false, "toList", "(JSONArray,JsonConfig)", "", "Argument[1]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSONArray", false, "toList", "(JSONArray,Object,JsonConfig)", "", "Argument[0].Element", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSONArray", false, "toList", "(JSONArray,Object,JsonConfig)", "", "Argument[2]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSONArray", false, "toString", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSONFunction", true, "JSONFunction", "(String)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["net.sf.json", "JSONFunction", true, "JSONFunction", "(String[],String)", "", "Argument[0].ArrayElement", "Argument[this]", "taint", "df-generated"]
- ["net.sf.json", "JSONFunction", true, "JSONFunction", "(String[],String)", "", "Argument[1]", "Argument[this]", "taint", "df-generated"]
- ["net.sf.json", "JSONFunction", true, "getParams", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSONFunction", true, "getText", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSONFunction", true, "parse", "(String)", "", "Argument[0]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSONFunction", true, "toString", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSONObject", false, "accumulate", "(String,Object)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSONObject", false, "accumulate", "(String,Object)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["net.sf.json", "JSONObject", false, "accumulate", "(String,Object)", "", "Argument[0]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSONObject", false, "accumulate", "(String,Object)", "", "Argument[1]", "Argument[this]", "taint", "df-generated"]
- ["net.sf.json", "JSONObject", false, "accumulate", "(String,Object)", "", "Argument[1]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSONObject", false, "accumulate", "(String,Object,JsonConfig)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSONObject", false, "accumulate", "(String,Object,JsonConfig)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["net.sf.json", "JSONObject", false, "accumulate", "(String,Object,JsonConfig)", "", "Argument[0]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSONObject", false, "accumulate", "(String,Object,JsonConfig)", "", "Argument[1]", "Argument[this]", "taint", "df-generated"]
- ["net.sf.json", "JSONObject", false, "accumulate", "(String,Object,JsonConfig)", "", "Argument[1]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSONObject", false, "accumulate", "(String,boolean)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSONObject", false, "accumulate", "(String,boolean)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["net.sf.json", "JSONObject", false, "accumulate", "(String,boolean)", "", "Argument[0]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSONObject", false, "accumulate", "(String,double)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSONObject", false, "accumulate", "(String,double)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["net.sf.json", "JSONObject", false, "accumulate", "(String,double)", "", "Argument[0]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSONObject", false, "accumulate", "(String,int)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSONObject", false, "accumulate", "(String,int)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["net.sf.json", "JSONObject", false, "accumulate", "(String,int)", "", "Argument[0]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSONObject", false, "accumulate", "(String,long)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSONObject", false, "accumulate", "(String,long)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["net.sf.json", "JSONObject", false, "accumulate", "(String,long)", "", "Argument[0]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSONObject", false, "accumulateAll", "(Map)", "", "Argument[0].Element", "Argument[this]", "taint", "df-generated"]
- ["net.sf.json", "JSONObject", false, "accumulateAll", "(Map,JsonConfig)", "", "Argument[0].Element", "Argument[this]", "taint", "df-generated"]
- ["net.sf.json", "JSONObject", false, "discard", "(String)", "", "Argument[this]", "ReturnValue", "value", "df-generated"]
- ["net.sf.json", "JSONObject", false, "element", "(String,Collection)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSONObject", false, "element", "(String,Collection)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["net.sf.json", "JSONObject", false, "element", "(String,Collection)", "", "Argument[0]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSONObject", false, "element", "(String,Collection)", "", "Argument[1].Element", "Argument[this]", "taint", "df-generated"]
- ["net.sf.json", "JSONObject", false, "element", "(String,Collection)", "", "Argument[1].Element", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSONObject", false, "element", "(String,Collection,JsonConfig)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSONObject", false, "element", "(String,Collection,JsonConfig)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["net.sf.json", "JSONObject", false, "element", "(String,Collection,JsonConfig)", "", "Argument[0]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSONObject", false, "element", "(String,Collection,JsonConfig)", "", "Argument[1].Element", "Argument[this]", "taint", "df-generated"]
- ["net.sf.json", "JSONObject", false, "element", "(String,Collection,JsonConfig)", "", "Argument[1].Element", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSONObject", false, "element", "(String,Map)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSONObject", false, "element", "(String,Map)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["net.sf.json", "JSONObject", false, "element", "(String,Map)", "", "Argument[0]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSONObject", false, "element", "(String,Map)", "", "Argument[1].Element", "Argument[this]", "taint", "df-generated"]
- ["net.sf.json", "JSONObject", false, "element", "(String,Map)", "", "Argument[1].Element", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSONObject", false, "element", "(String,Map,JsonConfig)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSONObject", false, "element", "(String,Map,JsonConfig)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["net.sf.json", "JSONObject", false, "element", "(String,Map,JsonConfig)", "", "Argument[0]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSONObject", false, "element", "(String,Map,JsonConfig)", "", "Argument[1].Element", "Argument[this]", "taint", "df-generated"]
- ["net.sf.json", "JSONObject", false, "element", "(String,Map,JsonConfig)", "", "Argument[1].Element", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSONObject", false, "element", "(String,Object)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSONObject", false, "element", "(String,Object)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["net.sf.json", "JSONObject", false, "element", "(String,Object)", "", "Argument[0]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSONObject", false, "element", "(String,Object)", "", "Argument[1]", "Argument[this]", "taint", "df-generated"]
- ["net.sf.json", "JSONObject", false, "element", "(String,Object)", "", "Argument[1]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSONObject", false, "element", "(String,Object,JsonConfig)", "", "Argument[this]", "ReturnValue", "value", "df-generated"]
- ["net.sf.json", "JSONObject", false, "element", "(String,Object,JsonConfig)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["net.sf.json", "JSONObject", false, "element", "(String,Object,JsonConfig)", "", "Argument[1]", "Argument[this]", "taint", "df-generated"]
- ["net.sf.json", "JSONObject", false, "element", "(String,boolean)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSONObject", false, "element", "(String,boolean)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["net.sf.json", "JSONObject", false, "element", "(String,boolean)", "", "Argument[0]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSONObject", false, "element", "(String,double)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSONObject", false, "element", "(String,double)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["net.sf.json", "JSONObject", false, "element", "(String,double)", "", "Argument[0]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSONObject", false, "element", "(String,int)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSONObject", false, "element", "(String,int)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["net.sf.json", "JSONObject", false, "element", "(String,int)", "", "Argument[0]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSONObject", false, "element", "(String,long)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSONObject", false, "element", "(String,long)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["net.sf.json", "JSONObject", false, "element", "(String,long)", "", "Argument[0]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSONObject", false, "elementOpt", "(String,Object)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSONObject", false, "elementOpt", "(String,Object)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["net.sf.json", "JSONObject", false, "elementOpt", "(String,Object)", "", "Argument[0]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSONObject", false, "elementOpt", "(String,Object)", "", "Argument[1]", "Argument[this]", "taint", "df-generated"]
- ["net.sf.json", "JSONObject", false, "elementOpt", "(String,Object)", "", "Argument[1]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSONObject", false, "elementOpt", "(String,Object,JsonConfig)", "", "Argument[this]", "ReturnValue", "value", "df-generated"]
- ["net.sf.json", "JSONObject", false, "elementOpt", "(String,Object,JsonConfig)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["net.sf.json", "JSONObject", false, "elementOpt", "(String,Object,JsonConfig)", "", "Argument[1]", "Argument[this]", "taint", "df-generated"]
- ["net.sf.json", "JSONObject", false, "fromObject", "(Object)", "", "Argument[0]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSONObject", false, "fromObject", "(Object,JsonConfig)", "", "Argument[0]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSONObject", false, "fromObject", "(Object,JsonConfig)", "", "Argument[1]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSONObject", false, "get", "(String)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSONObject", false, "getJSONArray", "(String)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSONObject", false, "getJSONObject", "(String)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSONObject", false, "getString", "(String)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSONObject", false, "keys", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSONObject", false, "names", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSONObject", false, "names", "(JsonConfig)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSONObject", false, "opt", "(String)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSONObject", false, "optJSONArray", "(String)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSONObject", false, "optJSONObject", "(String)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSONObject", false, "optString", "(String)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSONObject", false, "optString", "(String,String)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSONObject", false, "optString", "(String,String)", "", "Argument[1]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSONObject", false, "putAll", "(Map,JsonConfig)", "", "Argument[0].Element", "Argument[this]", "taint", "df-generated"]
- ["net.sf.json", "JSONObject", false, "remove", "(String)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSONObject", false, "toBean", "(Class)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSONObject", false, "toBean", "(JSONObject,Class)", "", "Argument[0].Element", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSONObject", false, "toBean", "(JSONObject,Class,Map)", "", "Argument[0].Element", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSONObject", false, "toBean", "(JSONObject,JsonConfig)", "", "Argument[0].Element", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSONObject", false, "toBean", "(JSONObject,JsonConfig)", "", "Argument[1]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSONObject", false, "toBean", "(JSONObject,Object,JsonConfig)", "", "Argument[0].Element", "Argument[1]", "taint", "df-generated"]
- ["net.sf.json", "JSONObject", false, "toBean", "(JSONObject,Object,JsonConfig)", "", "Argument[0].Element", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSONObject", false, "toBean", "(JSONObject,Object,JsonConfig)", "", "Argument[1]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSONObject", false, "toBean", "(JSONObject,Object,JsonConfig)", "", "Argument[2]", "Argument[1]", "taint", "df-generated"]
- ["net.sf.json", "JSONObject", false, "toBean", "(JSONObject,Object,JsonConfig)", "", "Argument[2]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSONObject", false, "toJSONArray", "(JSONArray)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSONObject", false, "toString", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSONSerializer", true, "toJSON", "(Object)", "", "Argument[0]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSONSerializer", true, "toJSON", "(Object,JsonConfig)", "", "Argument[0]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSONSerializer", true, "toJSON", "(Object,JsonConfig)", "", "Argument[1]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSONSerializer", true, "toJava", "(JSON)", "", "Argument[0]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSONSerializer", true, "toJava", "(JSON,JsonConfig)", "", "Argument[0]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JSONSerializer", true, "toJava", "(JSON,JsonConfig)", "", "Argument[1]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JsonConfig", true, "addIgnoreFieldAnnotation", "(String)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["net.sf.json", "JsonConfig", true, "addJsonEventListener", "(JsonEventListener)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["net.sf.json", "JsonConfig", true, "copy", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JsonConfig", true, "findDefaultValueProcessor", "(Class)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JsonConfig", true, "findJavaPropertyNameProcessor", "(Class)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JsonConfig", true, "findJsonBeanProcessor", "(Class)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JsonConfig", true, "findJsonPropertyNameProcessor", "(Class)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JsonConfig", true, "findJsonValueProcessor", "(Class)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JsonConfig", true, "findJsonValueProcessor", "(Class,Class,String)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JsonConfig", true, "findJsonValueProcessor", "(Class,String)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JsonConfig", true, "findPropertyNameProcessor", "(Class)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JsonConfig", true, "getClassMap", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JsonConfig", true, "getCycleDetectionStrategy", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JsonConfig", true, "getDefaultValueProcessorMatcher", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JsonConfig", true, "getExcludes", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JsonConfig", true, "getIgnoreFieldAnnotations", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JsonConfig", true, "getJavaIdentifierTransformer", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JsonConfig", true, "getJavaPropertyFilter", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JsonConfig", true, "getJavaPropertyNameProcessorMatcher", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JsonConfig", true, "getJsonBeanProcessorMatcher", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JsonConfig", true, "getJsonEventListeners", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JsonConfig", true, "getJsonPropertyFilter", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JsonConfig", true, "getJsonPropertyNameProcessorMatcher", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JsonConfig", true, "getJsonValueProcessorMatcher", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JsonConfig", true, "getMergedExcludes", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JsonConfig", true, "getMergedExcludes", "(Class)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JsonConfig", true, "getNewBeanInstanceStrategy", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JsonConfig", true, "getPropertyExclusionClassMatcher", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JsonConfig", true, "getPropertyNameProcessorMatcher", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JsonConfig", true, "getPropertySetStrategy", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["net.sf.json", "JsonConfig", true, "registerDefaultValueProcessor", "(Class,DefaultValueProcessor)", "", "Argument[1]", "Argument[this]", "taint", "df-generated"]
- ["net.sf.json", "JsonConfig", true, "registerJavaPropertyNameProcessor", "(Class,PropertyNameProcessor)", "", "Argument[1]", "Argument[this]", "taint", "df-generated"]
- ["net.sf.json", "JsonConfig", true, "registerJsonBeanProcessor", "(Class,JsonBeanProcessor)", "", "Argument[1]", "Argument[this]", "taint", "df-generated"]
- ["net.sf.json", "JsonConfig", true, "registerJsonPropertyNameProcessor", "(Class,PropertyNameProcessor)", "", "Argument[1]", "Argument[this]", "taint", "df-generated"]
- ["net.sf.json", "JsonConfig", true, "registerJsonValueProcessor", "(Class,Class,JsonValueProcessor)", "", "Argument[2]", "Argument[this]", "taint", "df-generated"]
- ["net.sf.json", "JsonConfig", true, "registerJsonValueProcessor", "(Class,JsonValueProcessor)", "", "Argument[1]", "Argument[this]", "taint", "df-generated"]
- ["net.sf.json", "JsonConfig", true, "registerJsonValueProcessor", "(Class,String,JsonValueProcessor)", "", "Argument[2]", "Argument[this]", "taint", "df-generated"]
- ["net.sf.json", "JsonConfig", true, "registerJsonValueProcessor", "(String,JsonValueProcessor)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["net.sf.json", "JsonConfig", true, "registerJsonValueProcessor", "(String,JsonValueProcessor)", "", "Argument[1]", "Argument[this]", "taint", "df-generated"]
- ["net.sf.json", "JsonConfig", true, "registerPropertyNameProcessor", "(Class,PropertyNameProcessor)", "", "Argument[1]", "Argument[this]", "taint", "df-generated"]
- ["net.sf.json", "JsonConfig", true, "setClassMap", "(Map)", "", "Argument[0].Element", "Argument[this]", "taint", "df-generated"]
- ["net.sf.json", "JsonConfig", true, "setCycleDetectionStrategy", "(CycleDetectionStrategy)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["net.sf.json", "JsonConfig", true, "setDefaultValueProcessorMatcher", "(DefaultValueProcessorMatcher)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["net.sf.json", "JsonConfig", true, "setExcludes", "(String[])", "", "Argument[0].ArrayElement", "Argument[this]", "taint", "df-generated"]
- ["net.sf.json", "JsonConfig", true, "setJavaIdentifierTransformer", "(JavaIdentifierTransformer)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["net.sf.json", "JsonConfig", true, "setJavaPropertyFilter", "(PropertyFilter)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["net.sf.json", "JsonConfig", true, "setJavaPropertyNameProcessorMatcher", "(PropertyNameProcessorMatcher)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["net.sf.json", "JsonConfig", true, "setJsonBeanProcessorMatcher", "(JsonBeanProcessorMatcher)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["net.sf.json", "JsonConfig", true, "setJsonPropertyFilter", "(PropertyFilter)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["net.sf.json", "JsonConfig", true, "setJsonPropertyNameProcessorMatcher", "(PropertyNameProcessorMatcher)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["net.sf.json", "JsonConfig", true, "setJsonValueProcessorMatcher", "(JsonValueProcessorMatcher)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["net.sf.json", "JsonConfig", true, "setNewBeanInstanceStrategy", "(NewBeanInstanceStrategy)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["net.sf.json", "JsonConfig", true, "setPropertyExclusionClassMatcher", "(PropertyExclusionClassMatcher)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["net.sf.json", "JsonConfig", true, "setPropertyNameProcessorMatcher", "(PropertyNameProcessorMatcher)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["net.sf.json", "JsonConfig", true, "setPropertySetStrategy", "(PropertySetStrategy)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- addsTo:
pack: codeql/java-all
extensible: neutralModel
data:
- ["net.sf.json.filters", "CompositePropertyFilter", "removePropertyFilter", "(PropertyFilter)", "summary", "df-generated"]
- ["net.sf.json.filters", "MappingPropertyFilter", "removePropertyFilter", "(Object)", "summary", "df-generated"]
- ["net.sf.json.groovy", "JsonSlurper", "parse", "(File)", "summary", "df-generated"]
- ["net.sf.json.groovy", "JsonSlurper", "parse", "(String)", "summary", "df-generated"]
- ["net.sf.json.groovy", "JsonSlurper", "parse", "(URL)", "summary", "df-generated"]
- ["net.sf.json.processors", "DefaultValueProcessor", "getDefaultValue", "(Class)", "summary", "df-generated"]
- ["net.sf.json.processors", "DefaultValueProcessorMatcher", "getMatch", "(Class,Set)", "summary", "df-generated"]
- ["net.sf.json.processors", "JsonBeanProcessor", "processBean", "(Object,JsonConfig)", "summary", "df-generated"]
- ["net.sf.json.processors", "JsonBeanProcessorMatcher", "getMatch", "(Class,Set)", "summary", "df-generated"]
- ["net.sf.json.processors", "JsonValueProcessor", "processArrayValue", "(Object,JsonConfig)", "summary", "df-generated"]
- ["net.sf.json.processors", "JsonValueProcessor", "processObjectValue", "(String,Object,JsonConfig)", "summary", "df-generated"]
- ["net.sf.json.processors", "JsonValueProcessorMatcher", "getMatch", "(Class,Set)", "summary", "df-generated"]
- ["net.sf.json.processors", "JsonVerifier", "isValidJsonValue", "(Object)", "summary", "df-generated"]
- ["net.sf.json.processors", "PropertyNameProcessorMatcher", "getMatch", "(Class,Set)", "summary", "df-generated"]
- ["net.sf.json.regexp", "JdkRegexpMatcher", "JdkRegexpMatcher", "(String)", "summary", "df-generated"]
- ["net.sf.json.regexp", "JdkRegexpMatcher", "JdkRegexpMatcher", "(String,boolean)", "summary", "df-generated"]
- ["net.sf.json.regexp", "Perl5RegexpMatcher", "Perl5RegexpMatcher", "(String)", "summary", "df-generated"]
- ["net.sf.json.regexp", "Perl5RegexpMatcher", "Perl5RegexpMatcher", "(String,boolean)", "summary", "df-generated"]
- ["net.sf.json.regexp", "RegexpMatcher", "getGroupIfMatches", "(String,int)", "summary", "df-generated"]
- ["net.sf.json.regexp", "RegexpMatcher", "matches", "(String)", "summary", "df-generated"]
- ["net.sf.json.regexp", "RegexpUtils", "getMatcher", "(String)", "summary", "df-generated"]
- ["net.sf.json.regexp", "RegexpUtils", "getMatcher", "(String,boolean)", "summary", "df-generated"]
- ["net.sf.json.regexp", "RegexpUtils", "isJDK13", "()", "summary", "df-generated"]
- ["net.sf.json.test", "JSONAssert", "assertEquals", "(JSON,JSON)", "summary", "df-generated"]
- ["net.sf.json.test", "JSONAssert", "assertEquals", "(JSONArray,JSONArray)", "summary", "df-generated"]
- ["net.sf.json.test", "JSONAssert", "assertEquals", "(JSONArray,String)", "summary", "df-generated"]
- ["net.sf.json.test", "JSONAssert", "assertEquals", "(JSONFunction,String)", "summary", "df-generated"]
- ["net.sf.json.test", "JSONAssert", "assertEquals", "(JSONNull,String)", "summary", "df-generated"]
- ["net.sf.json.test", "JSONAssert", "assertEquals", "(JSONObject,JSONObject)", "summary", "df-generated"]
- ["net.sf.json.test", "JSONAssert", "assertEquals", "(JSONObject,String)", "summary", "df-generated"]
- ["net.sf.json.test", "JSONAssert", "assertEquals", "(String,JSON,JSON)", "summary", "df-generated"]
- ["net.sf.json.test", "JSONAssert", "assertEquals", "(String,JSONArray)", "summary", "df-generated"]
- ["net.sf.json.test", "JSONAssert", "assertEquals", "(String,JSONArray,JSONArray)", "summary", "df-generated"]
- ["net.sf.json.test", "JSONAssert", "assertEquals", "(String,JSONArray,String)", "summary", "df-generated"]
- ["net.sf.json.test", "JSONAssert", "assertEquals", "(String,JSONFunction)", "summary", "df-generated"]
- ["net.sf.json.test", "JSONAssert", "assertEquals", "(String,JSONFunction,String)", "summary", "df-generated"]
- ["net.sf.json.test", "JSONAssert", "assertEquals", "(String,JSONNull)", "summary", "df-generated"]
- ["net.sf.json.test", "JSONAssert", "assertEquals", "(String,JSONNull,String)", "summary", "df-generated"]
- ["net.sf.json.test", "JSONAssert", "assertEquals", "(String,JSONObject)", "summary", "df-generated"]
- ["net.sf.json.test", "JSONAssert", "assertEquals", "(String,JSONObject,JSONObject)", "summary", "df-generated"]
- ["net.sf.json.test", "JSONAssert", "assertEquals", "(String,JSONObject,String)", "summary", "df-generated"]
- ["net.sf.json.test", "JSONAssert", "assertEquals", "(String,String,JSONArray)", "summary", "df-generated"]
- ["net.sf.json.test", "JSONAssert", "assertEquals", "(String,String,JSONFunction)", "summary", "df-generated"]
- ["net.sf.json.test", "JSONAssert", "assertEquals", "(String,String,JSONNull)", "summary", "df-generated"]
- ["net.sf.json.test", "JSONAssert", "assertEquals", "(String,String,JSONObject)", "summary", "df-generated"]
- ["net.sf.json.test", "JSONAssert", "assertJsonEquals", "(String,String)", "summary", "df-generated"]
- ["net.sf.json.test", "JSONAssert", "assertJsonEquals", "(String,String,String)", "summary", "df-generated"]
- ["net.sf.json.test", "JSONAssert", "assertNotNull", "(JSON)", "summary", "df-generated"]
- ["net.sf.json.test", "JSONAssert", "assertNotNull", "(String,JSON)", "summary", "df-generated"]
- ["net.sf.json.test", "JSONAssert", "assertNull", "(JSON)", "summary", "df-generated"]
- ["net.sf.json.test", "JSONAssert", "assertNull", "(String,JSON)", "summary", "df-generated"]
- ["net.sf.json.util", "CycleDetectionStrategy", "handleRepeatedReferenceAsArray", "(Object)", "summary", "df-generated"]
- ["net.sf.json.util", "CycleDetectionStrategy", "handleRepeatedReferenceAsObject", "(Object)", "summary", "df-generated"]
- ["net.sf.json.util", "EnumMorpher", "EnumMorpher", "(Class)", "summary", "df-generated"]
- ["net.sf.json.util", "JSONStringer", "toString", "()", "summary", "df-generated"]
- ["net.sf.json.util", "JSONTokener", "back", "()", "summary", "df-generated"]
- ["net.sf.json.util", "JSONTokener", "dehexchar", "(char)", "summary", "df-generated"]
- ["net.sf.json.util", "JSONTokener", "length", "()", "summary", "df-generated"]
- ["net.sf.json.util", "JSONTokener", "matches", "(String)", "summary", "df-generated"]
- ["net.sf.json.util", "JSONTokener", "more", "()", "summary", "df-generated"]
- ["net.sf.json.util", "JSONTokener", "next", "()", "summary", "df-generated"]
- ["net.sf.json.util", "JSONTokener", "next", "(char)", "summary", "df-generated"]
- ["net.sf.json.util", "JSONTokener", "nextClean", "()", "summary", "df-generated"]
- ["net.sf.json.util", "JSONTokener", "nextString", "(char)", "summary", "df-generated"]
- ["net.sf.json.util", "JSONTokener", "nextTo", "(String)", "summary", "df-generated"]
- ["net.sf.json.util", "JSONTokener", "nextTo", "(char)", "summary", "df-generated"]
- ["net.sf.json.util", "JSONTokener", "peek", "()", "summary", "df-generated"]
- ["net.sf.json.util", "JSONTokener", "reset", "()", "summary", "df-generated"]
- ["net.sf.json.util", "JSONTokener", "skipPast", "(String)", "summary", "df-generated"]
- ["net.sf.json.util", "JSONTokener", "skipTo", "(char)", "summary", "df-generated"]
- ["net.sf.json.util", "JSONTokener", "syntaxError", "(String)", "summary", "df-generated"]
- ["net.sf.json.util", "JSONUtils", "doubleToString", "(double)", "summary", "df-generated"]
- ["net.sf.json.util", "JSONUtils", "getInnerComponentType", "(Class)", "summary", "df-generated"]
- ["net.sf.json.util", "JSONUtils", "getMorpherRegistry", "()", "summary", "df-generated"]
- ["net.sf.json.util", "JSONUtils", "getTypeClass", "(Object)", "summary", "df-generated"]
- ["net.sf.json.util", "JSONUtils", "hasQuotes", "(String)", "summary", "df-generated"]
- ["net.sf.json.util", "JSONUtils", "hashCode", "(Object)", "summary", "df-generated"]
- ["net.sf.json.util", "JSONUtils", "isArray", "(Class)", "summary", "df-generated"]
- ["net.sf.json.util", "JSONUtils", "isArray", "(Object)", "summary", "df-generated"]
- ["net.sf.json.util", "JSONUtils", "isBoolean", "(Class)", "summary", "df-generated"]
- ["net.sf.json.util", "JSONUtils", "isBoolean", "(Object)", "summary", "df-generated"]
- ["net.sf.json.util", "JSONUtils", "isDouble", "(Class)", "summary", "df-generated"]
- ["net.sf.json.util", "JSONUtils", "isFunction", "(Object)", "summary", "df-generated"]
- ["net.sf.json.util", "JSONUtils", "isFunctionHeader", "(Object)", "summary", "df-generated"]
- ["net.sf.json.util", "JSONUtils", "isJavaIdentifier", "(String)", "summary", "df-generated"]
- ["net.sf.json.util", "JSONUtils", "isJsonKeyword", "(String,JsonConfig)", "summary", "df-generated"]
- ["net.sf.json.util", "JSONUtils", "isNull", "(Object)", "summary", "df-generated"]
- ["net.sf.json.util", "JSONUtils", "isNumber", "(Class)", "summary", "df-generated"]
- ["net.sf.json.util", "JSONUtils", "isNumber", "(Object)", "summary", "df-generated"]
- ["net.sf.json.util", "JSONUtils", "isObject", "(Object)", "summary", "df-generated"]
- ["net.sf.json.util", "JSONUtils", "isString", "(Class)", "summary", "df-generated"]
- ["net.sf.json.util", "JSONUtils", "isString", "(Object)", "summary", "df-generated"]
- ["net.sf.json.util", "JSONUtils", "mayBeJSON", "(String)", "summary", "df-generated"]
- ["net.sf.json.util", "JSONUtils", "newDynaBean", "(JSONObject)", "summary", "df-generated"]
- ["net.sf.json.util", "JSONUtils", "newDynaBean", "(JSONObject,JsonConfig)", "summary", "df-generated"]
- ["net.sf.json.util", "JSONUtils", "numberToString", "(Number)", "summary", "df-generated"]
- ["net.sf.json.util", "JSONUtils", "quote", "(String)", "summary", "df-generated"]
- ["net.sf.json.util", "JSONUtils", "quoteCanonical", "(String)", "summary", "df-generated"]
- ["net.sf.json.util", "JSONUtils", "testValidity", "(Object)", "summary", "df-generated"]
- ["net.sf.json.util", "JSONUtils", "transformNumber", "(Number)", "summary", "df-generated"]
- ["net.sf.json.util", "JavaIdentifierTransformer", "transformToJavaIdentifier", "(String)", "summary", "df-generated"]
- ["net.sf.json.util", "NewBeanInstanceStrategy", "newInstance", "(Class,JSONObject)", "summary", "df-generated"]
- ["net.sf.json.util", "PropertyExclusionClassMatcher", "getMatch", "(Class,Set)", "summary", "df-generated"]
- ["net.sf.json.util", "PropertyFilter", "apply", "(Object,String,Object)", "summary", "df-generated"]
- ["net.sf.json.util", "PropertySetStrategy", "setProperty", "(Object,String,Object)", "summary", "df-generated"]
- ["net.sf.json.util", "WebHijackPreventionStrategy", "protect", "(String)", "summary", "df-generated"]
- ["net.sf.json.util", "WebUtils", "getWebHijackPreventionStrategy", "()", "summary", "df-generated"]
- ["net.sf.json.util", "WebUtils", "setWebHijackPreventionStrategy", "(WebHijackPreventionStrategy)", "summary", "df-generated"]
- ["net.sf.json.xml", "XMLSerializer", "clearNamespaces", "()", "summary", "df-generated"]
- ["net.sf.json.xml", "XMLSerializer", "clearNamespaces", "(String)", "summary", "df-generated"]
- ["net.sf.json.xml", "XMLSerializer", "isForceTopLevelObject", "()", "summary", "df-generated"]
- ["net.sf.json.xml", "XMLSerializer", "isNamespaceLenient", "()", "summary", "df-generated"]
- ["net.sf.json.xml", "XMLSerializer", "isRemoveNamespacePrefixFromElements", "()", "summary", "df-generated"]
- ["net.sf.json.xml", "XMLSerializer", "isSkipNamespaces", "()", "summary", "df-generated"]
- ["net.sf.json.xml", "XMLSerializer", "isSkipWhitespace", "()", "summary", "df-generated"]
- ["net.sf.json.xml", "XMLSerializer", "isTrimSpaces", "()", "summary", "df-generated"]
- ["net.sf.json.xml", "XMLSerializer", "isTypeHintsCompatibility", "()", "summary", "df-generated"]
- ["net.sf.json.xml", "XMLSerializer", "isTypeHintsEnabled", "()", "summary", "df-generated"]
- ["net.sf.json.xml", "XMLSerializer", "read", "(String)", "summary", "df-generated"]
- ["net.sf.json.xml", "XMLSerializer", "readFromFile", "(File)", "summary", "df-generated"]
- ["net.sf.json.xml", "XMLSerializer", "readFromFile", "(String)", "summary", "df-generated"]
- ["net.sf.json.xml", "XMLSerializer", "readFromStream", "(InputStream)", "summary", "df-generated"]
- ["net.sf.json.xml", "XMLSerializer", "removeNamespace", "(String)", "summary", "df-generated"]
- ["net.sf.json.xml", "XMLSerializer", "removeNamespace", "(String,String)", "summary", "df-generated"]
- ["net.sf.json.xml", "XMLSerializer", "setForceTopLevelObject", "(boolean)", "summary", "df-generated"]
- ["net.sf.json.xml", "XMLSerializer", "setNamespaceLenient", "(boolean)", "summary", "df-generated"]
- ["net.sf.json.xml", "XMLSerializer", "setRemoveNamespacePrefixFromElements", "(boolean)", "summary", "df-generated"]
- ["net.sf.json.xml", "XMLSerializer", "setSkipNamespaces", "(boolean)", "summary", "df-generated"]
- ["net.sf.json.xml", "XMLSerializer", "setSkipWhitespace", "(boolean)", "summary", "df-generated"]
- ["net.sf.json.xml", "XMLSerializer", "setTrimSpaces", "(boolean)", "summary", "df-generated"]
- ["net.sf.json.xml", "XMLSerializer", "setTypeHintsCompatibility", "(boolean)", "summary", "df-generated"]
- ["net.sf.json.xml", "XMLSerializer", "setTypeHintsEnabled", "(boolean)", "summary", "df-generated"]
- ["net.sf.json.xml", "XMLSerializer", "write", "(JSON)", "summary", "df-generated"]
- ["net.sf.json.xml", "XMLSerializer", "write", "(JSON,String)", "summary", "df-generated"]
- ["net.sf.json", "JSON", "isArray", "()", "summary", "df-generated"]
- ["net.sf.json", "JSON", "isEmpty", "()", "summary", "df-generated"]
- ["net.sf.json", "JSON", "size", "()", "summary", "df-generated"]
- ["net.sf.json", "JSON", "toString", "(int)", "summary", "df-generated"]
- ["net.sf.json", "JSON", "toString", "(int,int)", "summary", "df-generated"]
- ["net.sf.json", "JSONArray", "contains", "(Object,JsonConfig)", "summary", "df-generated"]
- ["net.sf.json", "JSONArray", "containsAll", "(Collection,JsonConfig)", "summary", "df-generated"]
- ["net.sf.json", "JSONArray", "getBoolean", "(int)", "summary", "df-generated"]
- ["net.sf.json", "JSONArray", "getCollectionType", "(PropertyDescriptor,boolean)", "summary", "df-generated"]
- ["net.sf.json", "JSONArray", "getDimensions", "(JSONArray)", "summary", "df-generated"]
- ["net.sf.json", "JSONArray", "getDouble", "(int)", "summary", "df-generated"]
- ["net.sf.json", "JSONArray", "getInt", "(int)", "summary", "df-generated"]
- ["net.sf.json", "JSONArray", "getLong", "(int)", "summary", "df-generated"]
- ["net.sf.json", "JSONArray", "isExpandElements", "()", "summary", "df-generated"]
- ["net.sf.json", "JSONArray", "optBoolean", "(int)", "summary", "df-generated"]
- ["net.sf.json", "JSONArray", "optBoolean", "(int,boolean)", "summary", "df-generated"]
- ["net.sf.json", "JSONArray", "optDouble", "(int)", "summary", "df-generated"]
- ["net.sf.json", "JSONArray", "optDouble", "(int,double)", "summary", "df-generated"]
- ["net.sf.json", "JSONArray", "optInt", "(int)", "summary", "df-generated"]
- ["net.sf.json", "JSONArray", "optInt", "(int,int)", "summary", "df-generated"]
- ["net.sf.json", "JSONArray", "optLong", "(int)", "summary", "df-generated"]
- ["net.sf.json", "JSONArray", "optLong", "(int,long)", "summary", "df-generated"]
- ["net.sf.json", "JSONArray", "removeAll", "(Collection,JsonConfig)", "summary", "df-generated"]
- ["net.sf.json", "JSONArray", "retainAll", "(Collection,JsonConfig)", "summary", "df-generated"]
- ["net.sf.json", "JSONArray", "setExpandElements", "(boolean)", "summary", "df-generated"]
- ["net.sf.json", "JSONArray", "toArray", "(JSONArray)", "summary", "df-generated"]
- ["net.sf.json", "JSONArray", "toArray", "(JSONArray,Class)", "summary", "df-generated"]
- ["net.sf.json", "JSONArray", "toArray", "(JSONArray,Class,Map)", "summary", "df-generated"]
- ["net.sf.json", "JSONArray", "toArray", "(JSONArray,JsonConfig)", "summary", "df-generated"]
- ["net.sf.json", "JSONArray", "toArray", "(JSONArray,Object,JsonConfig)", "summary", "df-generated"]
- ["net.sf.json", "JSONException", "JSONException", "(String)", "summary", "df-generated"]
- ["net.sf.json", "JSONException", "JSONException", "(String,Throwable)", "summary", "df-generated"]
- ["net.sf.json", "JSONException", "JSONException", "(Throwable)", "summary", "df-generated"]
- ["net.sf.json", "JSONNull", "getInstance", "()", "summary", "df-generated"]
- ["net.sf.json", "JSONNull", "toString", "()", "summary", "df-generated"]
- ["net.sf.json", "JSONObject", "JSONObject", "(boolean)", "summary", "df-generated"]
- ["net.sf.json", "JSONObject", "containsValue", "(Object,JsonConfig)", "summary", "df-generated"]
- ["net.sf.json", "JSONObject", "getBoolean", "(String)", "summary", "df-generated"]
- ["net.sf.json", "JSONObject", "getDouble", "(String)", "summary", "df-generated"]
- ["net.sf.json", "JSONObject", "getInt", "(String)", "summary", "df-generated"]
- ["net.sf.json", "JSONObject", "getLong", "(String)", "summary", "df-generated"]
- ["net.sf.json", "JSONObject", "has", "(String)", "summary", "df-generated"]
- ["net.sf.json", "JSONObject", "isNullObject", "()", "summary", "df-generated"]
- ["net.sf.json", "JSONObject", "optBoolean", "(String)", "summary", "df-generated"]
- ["net.sf.json", "JSONObject", "optBoolean", "(String,boolean)", "summary", "df-generated"]
- ["net.sf.json", "JSONObject", "optDouble", "(String)", "summary", "df-generated"]
- ["net.sf.json", "JSONObject", "optDouble", "(String,double)", "summary", "df-generated"]
- ["net.sf.json", "JSONObject", "optInt", "(String)", "summary", "df-generated"]
- ["net.sf.json", "JSONObject", "optInt", "(String,int)", "summary", "df-generated"]
- ["net.sf.json", "JSONObject", "optLong", "(String)", "summary", "df-generated"]
- ["net.sf.json", "JSONObject", "optLong", "(String,long)", "summary", "df-generated"]
- ["net.sf.json", "JSONObject", "toBean", "()", "summary", "df-generated"]
- ["net.sf.json", "JSONObject", "toBean", "(JSONObject)", "summary", "df-generated"]
- ["net.sf.json", "JsonConfig", "addIgnoreFieldAnnotation", "(Class)", "summary", "df-generated"]
- ["net.sf.json", "JsonConfig", "clearJavaPropertyNameProcessors", "()", "summary", "df-generated"]
- ["net.sf.json", "JsonConfig", "clearJsonBeanProcessors", "()", "summary", "df-generated"]
- ["net.sf.json", "JsonConfig", "clearJsonEventListeners", "()", "summary", "df-generated"]
- ["net.sf.json", "JsonConfig", "clearJsonPropertyNameProcessors", "()", "summary", "df-generated"]
- ["net.sf.json", "JsonConfig", "clearJsonValueProcessors", "()", "summary", "df-generated"]
- ["net.sf.json", "JsonConfig", "clearPropertyExclusions", "()", "summary", "df-generated"]
- ["net.sf.json", "JsonConfig", "clearPropertyNameProcessors", "()", "summary", "df-generated"]
- ["net.sf.json", "JsonConfig", "disableEventTriggering", "()", "summary", "df-generated"]
- ["net.sf.json", "JsonConfig", "enableEventTriggering", "()", "summary", "df-generated"]
- ["net.sf.json", "JsonConfig", "getArrayMode", "()", "summary", "df-generated"]
- ["net.sf.json", "JsonConfig", "getCollectionType", "()", "summary", "df-generated"]
- ["net.sf.json", "JsonConfig", "getEnclosedType", "()", "summary", "df-generated"]
- ["net.sf.json", "JsonConfig", "getRootClass", "()", "summary", "df-generated"]
- ["net.sf.json", "JsonConfig", "isAllowNonStringKeys", "()", "summary", "df-generated"]
- ["net.sf.json", "JsonConfig", "isEventTriggeringEnabled", "()", "summary", "df-generated"]
- ["net.sf.json", "JsonConfig", "isHandleJettisonEmptyElement", "()", "summary", "df-generated"]
- ["net.sf.json", "JsonConfig", "isHandleJettisonSingleElementArray", "()", "summary", "df-generated"]
- ["net.sf.json", "JsonConfig", "isIgnoreDefaultExcludes", "()", "summary", "df-generated"]
- ["net.sf.json", "JsonConfig", "isIgnoreJPATransient", "()", "summary", "df-generated"]
- ["net.sf.json", "JsonConfig", "isIgnorePublicFields", "()", "summary", "df-generated"]
- ["net.sf.json", "JsonConfig", "isIgnoreTransientFields", "()", "summary", "df-generated"]
- ["net.sf.json", "JsonConfig", "isIgnoreUnreadableProperty", "()", "summary", "df-generated"]
- ["net.sf.json", "JsonConfig", "isJavascriptCompliant", "()", "summary", "df-generated"]
- ["net.sf.json", "JsonConfig", "isSkipJavaIdentifierTransformationInMapKeys", "()", "summary", "df-generated"]
- ["net.sf.json", "JsonConfig", "registerPropertyExclusion", "(Class,String)", "summary", "df-generated"]
- ["net.sf.json", "JsonConfig", "registerPropertyExclusions", "(Class,String[])", "summary", "df-generated"]
- ["net.sf.json", "JsonConfig", "removeIgnoreFieldAnnotation", "(Class)", "summary", "df-generated"]
- ["net.sf.json", "JsonConfig", "removeIgnoreFieldAnnotation", "(String)", "summary", "df-generated"]
- ["net.sf.json", "JsonConfig", "removeJsonEventListener", "(JsonEventListener)", "summary", "df-generated"]
- ["net.sf.json", "JsonConfig", "reset", "()", "summary", "df-generated"]
- ["net.sf.json", "JsonConfig", "setAllowNonStringKeys", "(boolean)", "summary", "df-generated"]
- ["net.sf.json", "JsonConfig", "setArrayMode", "(int)", "summary", "df-generated"]
- ["net.sf.json", "JsonConfig", "setCollectionType", "(Class)", "summary", "df-generated"]
- ["net.sf.json", "JsonConfig", "setEnclosedType", "(Class)", "summary", "df-generated"]
- ["net.sf.json", "JsonConfig", "setHandleJettisonEmptyElement", "(boolean)", "summary", "df-generated"]
- ["net.sf.json", "JsonConfig", "setHandleJettisonSingleElementArray", "(boolean)", "summary", "df-generated"]
- ["net.sf.json", "JsonConfig", "setIgnoreDefaultExcludes", "(boolean)", "summary", "df-generated"]
- ["net.sf.json", "JsonConfig", "setIgnoreJPATransient", "(boolean)", "summary", "df-generated"]
- ["net.sf.json", "JsonConfig", "setIgnorePublicFields", "(boolean)", "summary", "df-generated"]
- ["net.sf.json", "JsonConfig", "setIgnoreTransientFields", "(boolean)", "summary", "df-generated"]
- ["net.sf.json", "JsonConfig", "setIgnoreUnreadableProperty", "(boolean)", "summary", "df-generated"]
- ["net.sf.json", "JsonConfig", "setJavascriptCompliant", "(boolean)", "summary", "df-generated"]
- ["net.sf.json", "JsonConfig", "setRootClass", "(Class)", "summary", "df-generated"]
- ["net.sf.json", "JsonConfig", "setSkipJavaIdentifierTransformationInMapKeys", "(boolean)", "summary", "df-generated"]
- ["net.sf.json", "JsonConfig", "unregisterDefaultValueProcessor", "(Class)", "summary", "df-generated"]
- ["net.sf.json", "JsonConfig", "unregisterJavaPropertyNameProcessor", "(Class)", "summary", "df-generated"]
- ["net.sf.json", "JsonConfig", "unregisterJsonBeanProcessor", "(Class)", "summary", "df-generated"]
- ["net.sf.json", "JsonConfig", "unregisterJsonPropertyNameProcessor", "(Class)", "summary", "df-generated"]
- ["net.sf.json", "JsonConfig", "unregisterJsonValueProcessor", "(Class)", "summary", "df-generated"]
- ["net.sf.json", "JsonConfig", "unregisterJsonValueProcessor", "(Class,Class)", "summary", "df-generated"]
- ["net.sf.json", "JsonConfig", "unregisterJsonValueProcessor", "(Class,String)", "summary", "df-generated"]
- ["net.sf.json", "JsonConfig", "unregisterJsonValueProcessor", "(String)", "summary", "df-generated"]
- ["net.sf.json", "JsonConfig", "unregisterPropertyExclusion", "(Class,String)", "summary", "df-generated"]
- ["net.sf.json", "JsonConfig", "unregisterPropertyExclusions", "(Class)", "summary", "df-generated"]
- ["net.sf.json", "JsonConfig", "unregisterPropertyNameProcessor", "(Class)", "summary", "df-generated"]

8330
java/ql/lib/ext/generated/jenkins.model.yml Normal file
View File

File diff suppressed because it is too large Load Diff

1695
java/ql/lib/ext/generated/org.apache.commons.lang.model.yml Normal file
View File

File diff suppressed because it is too large Load Diff

679
java/ql/lib/ext/generated/stapler.model.yml Normal file
View File

@@ -0,0 +1,679 @@
# THIS FILE IS AN AUTO-GENERATED MODELS AS DATA FILE. DO NOT EDIT.
# Definitions of models for the Stapler framework.
extensions:
- addsTo:
pack: codeql/java-all
extensible: summaryModel
data:
- ["org.kohsuke.stapler.bind", "Bound", true, "getProxyScript", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler.bind", "Bound", true, "getTarget", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler.bind", "Bound", true, "getURL", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler.bind", "BoundObjectTable$Table", true, "getDynamic", "(String)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler.bind", "BoundObjectTable", true, "bind", "(Object)", "", "Argument[0]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler.compression", "FilterServletOutputStream", true, "FilterServletOutputStream", "(OutputStream,ServletOutputStream)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler.compression", "FilterServletOutputStream", true, "FilterServletOutputStream", "(OutputStream,ServletOutputStream)", "", "Argument[1]", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler.export", "ClassAttributeBehaviour", true, "simple", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler.export", "ClassAttributeBehaviour", true, "toString", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler.export", "DataWriter", true, "getExportConfig", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler.export", "DataWriter", true, "name", "(String)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler.export", "DataWriter", true, "value", "(String)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler.export", "ExportConfig", true, "getClassAttribute", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler.export", "ExportConfig", true, "getExportInterceptor", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler.export", "ExportConfig", true, "withClassAttribute", "(ClassAttributeBehaviour)", "", "Argument[this]", "ReturnValue", "value", "df-generated"]
- ["org.kohsuke.stapler.export", "ExportConfig", true, "withClassAttribute", "(ClassAttributeBehaviour)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler.export", "ExportConfig", true, "withExportInterceptor", "(ExportInterceptor)", "", "Argument[this]", "ReturnValue", "value", "df-generated"]
- ["org.kohsuke.stapler.export", "ExportConfig", true, "withExportInterceptor", "(ExportInterceptor)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler.export", "ExportConfig", true, "withFlavor", "(Flavor)", "", "Argument[this]", "ReturnValue", "value", "df-generated"]
- ["org.kohsuke.stapler.export", "ExportConfig", true, "withPrettyPrint", "(boolean)", "", "Argument[this]", "ReturnValue", "value", "df-generated"]
- ["org.kohsuke.stapler.export", "ExportConfig", true, "withSkipIfFail", "(boolean)", "", "Argument[this]", "ReturnValue", "value", "df-generated"]
- ["org.kohsuke.stapler.export", "Flavor", true, "createDataWriter", "(Object,StaplerResponse)", "", "Argument[1]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler.export", "Flavor", true, "createDataWriter", "(Object,Writer)", "", "Argument[1]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler.export", "Flavor", true, "createDataWriter", "(Object,Writer,ExportConfig)", "", "Argument[1]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler.export", "Flavor", true, "createDataWriter", "(Object,Writer,ExportConfig)", "", "Argument[2]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler.export", "Model", true, "getProperties", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler.export", "Model", true, "writeTo", "(Object,DataWriter)", "", "Argument[this]", "Argument[1]", "taint", "df-generated"]
- ["org.kohsuke.stapler.export", "Model", true, "writeTo", "(Object,TreePruner,DataWriter)", "", "Argument[this]", "Argument[2]", "taint", "df-generated"]
- ["org.kohsuke.stapler.export", "Model", true, "writeTo", "(Object,int,DataWriter)", "", "Argument[this]", "Argument[2]", "taint", "df-generated"]
- ["org.kohsuke.stapler.export", "ModelBuilder", true, "get", "(Class)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler.export", "ModelBuilder", true, "get", "(Class,Class,String)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler.export", "ModelBuilder", true, "getOrNull", "(Class,Class,String)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler.export", "NotExportableException", true, "NotExportableException", "(Class,Class,String)", "", "Argument[2]", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler.export", "NotExportableException", true, "NotExportableException", "(String,Class)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler.export", "Property", true, "getJavadoc", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler.export", "Property", true, "writeTo", "(Object,TreePruner,DataWriter)", "", "Argument[this]", "Argument[2]", "taint", "df-generated"]
- ["org.kohsuke.stapler.export", "Property", true, "writeTo", "(Object,int,DataWriter)", "", "Argument[this]", "Argument[2]", "taint", "df-generated"]
- ["org.kohsuke.stapler.export", "Range", true, "apply", "(Collection)", "", "Argument[0].Element", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler.export", "Range", true, "apply", "(Iterable)", "", "Argument[0].Element", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler.export", "Range", true, "apply", "(List)", "", "Argument[0].Element", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler.export", "Range", true, "apply", "(Object[])", "", "Argument[0].ArrayElement", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler.export", "SchemaGenerator", true, "SchemaGenerator", "(Model)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler.export", "TreePruner", true, "accept", "(Object,Property)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler.export", "TreePruner", true, "accept", "(Object,Property)", "", "Argument[this]", "ReturnValue", "value", "df-generated"]
- ["org.kohsuke.stapler.export", "TreePruner", true, "getRange", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler.export", "TypeUtil", true, "getBaseClass", "(Type,Class)", "", "Argument[0]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler.export", "TypeUtil", true, "getTypeArgument", "(Type,int)", "", "Argument[0]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler.framework.adjunct", "Adjunct", true, "Adjunct", "(AdjunctManager,String,ClassLoader)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler.framework.adjunct", "Adjunct", true, "Adjunct", "(AdjunctManager,String,ClassLoader)", "", "Argument[1]", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler.framework.adjunct", "Adjunct", true, "getPackageUrl", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler.framework.adjunct", "AdjunctManager", true, "AdjunctManager", "(ServletContext,ClassLoader,String)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler.framework.adjunct", "AdjunctManager", true, "AdjunctManager", "(ServletContext,ClassLoader,String)", "", "Argument[1]", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler.framework.adjunct", "AdjunctManager", true, "AdjunctManager", "(ServletContext,ClassLoader,String)", "", "Argument[2]", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler.framework.adjunct", "AdjunctManager", true, "AdjunctManager", "(ServletContext,ClassLoader,String,long)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler.framework.adjunct", "AdjunctManager", true, "AdjunctManager", "(ServletContext,ClassLoader,String,long)", "", "Argument[1]", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler.framework.adjunct", "AdjunctManager", true, "AdjunctManager", "(ServletContext,ClassLoader,String,long)", "", "Argument[2]", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler.framework.adjunct", "AdjunctManager", true, "doDynamic", "(StaplerRequest,StaplerResponse)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler.framework.adjunct", "AdjunctManager", true, "get", "(String)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler.framework.adjunct", "AdjunctManager", true, "get", "(String)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler.framework.adjunct", "AdjunctManager", true, "get", "(String)", "", "Argument[0]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler.framework.adjunct", "AdjunctsInPage", true, "assumeIncluded", "(Collection)", "", "Argument[0].Element", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler.framework.adjunct", "AdjunctsInPage", true, "assumeIncluded", "(String[])", "", "Argument[0].ArrayElement", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler.framework.adjunct", "AdjunctsInPage", true, "generate", "(XMLOutput,String[])", "", "Argument[1].ArrayElement", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler.framework.adjunct", "AdjunctsInPage", true, "get", "(StaplerRequest)", "", "Argument[0]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler.framework.adjunct", "AdjunctsInPage", true, "getIncluded", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler.framework.adjunct", "AdjunctsInPage", true, "spool", "(String[])", "", "Argument[0].ArrayElement", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler.framework.adjunct", "NoSuchAdjunctException", true, "NoSuchAdjunctException", "(String)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler.framework.adjunct", "NoSuchAdjunctException", true, "NoSuchAdjunctException", "(String,Throwable)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler.framework.errors", "ErrorObject", true, "getMessage", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler.framework.errors", "NoHomeDirError", true, "NoHomeDirError", "(File)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler.framework.io", "AtomicFileWriter", true, "AtomicFileWriter", "(File)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler.framework.io", "AtomicFileWriter", true, "getTemporaryFile", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler.framework.io", "ByteBuffer", true, "toString", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler.framework.io", "ByteBuffer", true, "writeTo", "(OutputStream)", "", "Argument[this]", "Argument[0]", "taint", "df-generated"]
- ["org.kohsuke.stapler.framework.io", "CharSpool", false, "writeTo", "(Writer)", "", "Argument[this]", "Argument[0]", "taint", "df-generated"]
- ["org.kohsuke.stapler.framework.io", "IOException2", true, "IOException2", "(String)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler.framework.io", "IOException2", true, "IOException2", "(String,Throwable)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler.framework.io", "WriterOutputStream", true, "WriterOutputStream", "(Writer)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler.framework.io", "WriterOutputStream", true, "WriterOutputStream", "(Writer,Charset)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler.framework", "AbstractWebAppMain", true, "getInitializer", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler.interceptor", "Interceptor", true, "setTarget", "(Function)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler.interceptor", "JsonOutputFilter$FilterPropertyFilter", true, "FilterPropertyFilter", "(Set,Set)", "", "Argument[0].Element", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler.interceptor", "JsonOutputFilter$FilterPropertyFilter", true, "FilterPropertyFilter", "(Set,Set)", "", "Argument[1].Element", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler.interceptor", "JsonOutputFilter$FilterPropertyFilter", true, "FilterPropertyFilter", "(String[],String[])", "", "Argument[0].ArrayElement", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler.interceptor", "JsonOutputFilter$FilterPropertyFilter", true, "FilterPropertyFilter", "(String[],String[])", "", "Argument[1].ArrayElement", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler.jelly.groovy", "GroovierJellyScript", true, "GroovierJellyScript", "(Class,URL)", "", "Argument[1]", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler.jelly.groovy", "GroovyClassLoaderTearOff", true, "GroovyClassLoaderTearOff", "(MetaClassLoader)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler.jelly.groovy", "GroovyClassLoaderTearOff", true, "parse", "(URL)", "", "Argument[0]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler.jelly.groovy", "GroovyClassLoaderTearOff", true, "parseGSP", "(URL)", "", "Argument[0]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler.jelly.groovy", "GroovyClassTearOff", false, "GroovyClassTearOff", "(MetaClass)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler.jelly.groovy", "GroovyClassTearOff", false, "createDispatcher", "(Object,String)", "", "Argument[0]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler.jelly.groovy", "GroovyClassTearOff", false, "createDispatcher", "(Object,String)", "", "Argument[1]", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler.jelly.groovy", "GroovyClosureScript", true, "getDelegate", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler.jelly.groovy", "GroovyClosureScript", true, "setDelegate", "(GroovyObject)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler.jelly.groovy", "GroovyServerPageScript", true, "getOut", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler.jelly.groovy", "GroovyServerPageTearOff", true, "GroovyServerPageTearOff", "(MetaClass)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler.jelly.groovy", "GroovyServerPageTearOff", true, "createDispatcher", "(Object,String)", "", "Argument[0]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler.jelly.groovy", "GroovyServerPageTearOff", true, "createDispatcher", "(Object,String)", "", "Argument[1]", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler.jelly.groovy", "JellyBuilder", false, "JellyBuilder", "(JellyContext,XMLOutput)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler.jelly.groovy", "JellyBuilder", false, "JellyBuilder", "(JellyContext,XMLOutput)", "", "Argument[1]", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler.jelly.groovy", "JellyBuilder", false, "getBuilder", "()", "", "Argument[this]", "ReturnValue", "value", "df-generated"]
- ["org.kohsuke.stapler.jelly.groovy", "JellyBuilder", false, "getContext", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler.jelly.groovy", "JellyBuilder", false, "getOutput", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler.jelly.groovy", "JellyBuilder", false, "getRequest", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler.jelly.groovy", "JellyBuilder", false, "getResponse", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler.jelly.groovy", "JellyBuilder", false, "getRootURL", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler.jelly.groovy", "JellyBuilder", false, "jelly", "(Class)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler.jelly.groovy", "JellyBuilder", false, "namespace", "(String)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler.jelly.groovy", "JellyBuilder", false, "namespace", "(String)", "", "Argument[0]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler.jelly.groovy", "JellyBuilder", false, "namespace", "(String,String)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler.jelly.groovy", "JellyBuilder", false, "namespace", "(String,String)", "", "Argument[0]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler.jelly.groovy", "JellyBuilder", false, "namespace", "(String,String)", "", "Argument[1]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler.jelly.groovy", "JellyBuilder", false, "res", "(Object,String)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler.jelly.groovy", "JellyBuilder", false, "res", "(Object,String)", "", "Argument[1]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler.jelly.groovy", "JellyBuilder", false, "setOutput", "(XMLOutput)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler.jelly.groovy", "JellyBuilder", false, "setOutput", "(XMLOutput)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler.jelly.groovy", "JellyBuilder", false, "with", "(XMLOutput,Closure)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler.jelly.groovy", "StaplerClosureScript", true, "gettext", "(String)", "", "Argument[0]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler.jelly.groovy", "StaplerClosureScript", true, "gettext", "(String,Object[])", "", "Argument[0]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler.jelly", "AdjunctTag", true, "setAssumes", "(String)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler.jelly", "AdjunctTag", true, "setIncludes", "(String)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler.jelly", "BindTag", true, "setValue", "(Object)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler.jelly", "BindTag", true, "setVar", "(String)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler.jelly", "ContentTypeTag", true, "setValue", "(String)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler.jelly", "CopyStreamTag", true, "setInputStream", "(InputStream)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler.jelly", "CopyStreamTag", true, "setReader", "(Reader)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler.jelly", "CustomTagLibrary", false, "CustomTagLibrary", "(JellyContext,ClassLoader,String,String)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler.jelly", "CustomTagLibrary", false, "CustomTagLibrary", "(JellyContext,ClassLoader,String,String)", "", "Argument[1]", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler.jelly", "CustomTagLibrary", false, "CustomTagLibrary", "(JellyContext,ClassLoader,String,String)", "", "Argument[2]", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler.jelly", "CustomTagLibrary", false, "CustomTagLibrary", "(JellyContext,ClassLoader,String,String)", "", "Argument[3]", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler.jelly", "DoctypeTag", true, "setPublicId", "(String)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler.jelly", "DoctypeTag", true, "setSystemId", "(String)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler.jelly", "FindAncestorTag", true, "setTag", "(String)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler.jelly", "FindAncestorTag", true, "setVar", "(String)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler.jelly", "HeaderTag", true, "setName", "(String)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler.jelly", "HeaderTag", true, "setValue", "(String)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler.jelly", "IncludeTag", true, "setFrom", "(Object)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler.jelly", "IncludeTag", true, "setIt", "(Object)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler.jelly", "IncludeTag", true, "setPage", "(String)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler.jelly", "InternationalizedStringExpression$RawHtmlArgument", false, "RawHtmlArgument", "(Object)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler.jelly", "InternationalizedStringExpression", true, "InternationalizedStringExpression", "(ResourceBundle,String)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler.jelly", "InternationalizedStringExpression", true, "InternationalizedStringExpression", "(ResourceBundle,String)", "", "Argument[1]", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler.jelly", "InternationalizedStringExpression", true, "getArguments", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler.jelly", "IsUserInRoleTag", true, "setRole", "(String)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler.jelly", "JellyClassLoaderTearOff", true, "JellyClassLoaderTearOff", "(MetaClassLoader)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler.jelly", "JellyClassTearOff", true, "JellyClassTearOff", "(MetaClass)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler.jelly", "JellyClassTearOff", true, "createDispatcher", "(Object,String)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler.jelly", "JellyClassTearOff", true, "createDispatcher", "(Object,String)", "", "Argument[0]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler.jelly", "JellyClassTearOff", true, "createDispatcher", "(Object,String)", "", "Argument[1]", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler.jelly", "JellyRequestDispatcher", false, "JellyRequestDispatcher", "(Object,Script)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler.jelly", "JellyRequestDispatcher", false, "JellyRequestDispatcher", "(Object,Script)", "", "Argument[1]", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler.jelly", "JellyViewScript", false, "JellyViewScript", "(Class,URL,Script)", "", "Argument[1]", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler.jelly", "JellyViewScript", false, "JellyViewScript", "(Class,URL,Script)", "", "Argument[2]", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler.jelly", "JellyViewScript", false, "JellyViewScript", "(Klass,URL,Script)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler.jelly", "JellyViewScript", false, "JellyViewScript", "(Klass,URL,Script)", "", "Argument[1]", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler.jelly", "JellyViewScript", false, "JellyViewScript", "(Klass,URL,Script)", "", "Argument[2]", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler.jelly", "JellyViewScript", false, "getName", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler.jelly", "OutTag", true, "setValue", "(Expression)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler.jelly", "RedirectTag", true, "setUrl", "(String)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler.jelly", "ResourceBundle", true, "ResourceBundle", "(String)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler.jelly", "ResourceBundle", true, "format", "(Locale,String,Object[])", "", "Argument[1]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler.jelly", "ResourceBundle", true, "getBaseName", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler.jelly", "ResourceBundle", true, "getFormatString", "(Locale,String)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler.jelly", "ResourceBundle", true, "getFormatStringWithoutDefaulting", "(Locale,String)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler.jelly", "ResourceBundle", true, "load", "(String)", "", "Argument[0]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler.jelly", "ResourceBundle", true, "load", "(URL)", "", "Argument[0]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler.jelly", "ResourceBundleFactory", true, "create", "(String)", "", "Argument[0]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler.jelly", "SetHeaderTag", true, "setName", "(String)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler.jelly", "SetHeaderTag", true, "setValue", "(String)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler.jelly", "StructuredMessageFormatTag", true, "addArgument", "(Object)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler.jelly", "StructuredMessageFormatTag", true, "setKey", "(String)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler.jelly", "ThisTagLibrary", true, "ThisTagLibrary", "(Expression)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler.json", "JsonHttpResponse", true, "JsonHttpResponse", "(JSONObject)", "", "Argument[0].Element", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler.json", "JsonHttpResponse", true, "JsonHttpResponse", "(JSONObject,int)", "", "Argument[0].Element", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler.lang", "Klass", false, "Klass", "(Object,KlassNavigator)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler.lang", "Klass", false, "Klass", "(Object,KlassNavigator)", "", "Argument[1]", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler.lang", "Klass", false, "getArrayElement", "(Object,int)", "", "Argument[0]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler.lang", "Klass", false, "getMapElement", "(Object,String)", "", "Argument[0]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler.lang", "KlassNavigator", true, "getArrayElement", "(Object,int)", "", "Argument[0]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler.lang", "KlassNavigator", true, "getMapElement", "(Object,String)", "", "Argument[0]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler.tags", "Include", true, "setIt", "(Object)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler.tags", "Include", true, "setPage", "(String)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler.util", "IllegalReflectiveAccessLogHandler", true, "get", "(IllegalAccessException)", "", "Argument[0]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler", "AbstractTearOff", true, "resolveScript", "(String)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler", "AcceptHeader", false, "AcceptHeader", "(String)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler", "AcceptHeader", false, "select", "(Iterable)", "", "Argument[0].Element", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler", "AcceptHeader", false, "select", "(String[])", "", "Argument[0].ArrayElement", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler", "AcceptHeader", false, "toString", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler", "Ancestor", true, "getFullUrl", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler", "Ancestor", true, "getNext", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler", "Ancestor", true, "getNextToken", "(int)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler", "Ancestor", true, "getObject", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler", "Ancestor", true, "getPrev", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler", "Ancestor", true, "getRestOfUrl", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler", "Ancestor", true, "getUrl", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler", "AttributeKey", true, "AttributeKey", "(String)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler", "CachingScriptLoader", true, "findScript", "(String)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler", "CachingScriptLoader", true, "findScript", "(String)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler", "EvaluationTrace", true, "trace", "(StaplerResponse,String)", "", "Argument[1]", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler", "Facet", true, "buildIndexDispatchers", "(MetaClass,List)", "", "Argument[this]", "Argument[1].Element", "taint", "df-generated"]
- ["org.kohsuke.stapler", "Facet", true, "buildIndexDispatchers", "(MetaClass,List)", "", "Argument[0]", "Argument[1].Element", "taint", "df-generated"]
- ["org.kohsuke.stapler", "Facet", true, "buildViewDispatchers", "(MetaClass,List)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler", "Facet", true, "createRequestDispatcher", "(RequestImpl,Class,Object,String)", "", "Argument[2]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler", "Facet", true, "createRequestDispatcher", "(RequestImpl,Klass,Object,String)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler", "Facet", true, "createRequestDispatcher", "(RequestImpl,Klass,Object,String)", "", "Argument[2]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler", "Facet", true, "createRequestDispatcher", "(RequestImpl,Klass,Object,String)", "", "Argument[3]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler", "ForwardToView", true, "optional", "()", "", "Argument[this]", "ReturnValue", "value", "df-generated"]
- ["org.kohsuke.stapler", "ForwardToView", true, "with", "(Map)", "", "Argument[this]", "ReturnValue", "value", "df-generated"]
- ["org.kohsuke.stapler", "ForwardToView", true, "with", "(Map)", "", "Argument[0].Element", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler", "ForwardToView", true, "with", "(String,Object)", "", "Argument[this]", "ReturnValue", "value", "df-generated"]
- ["org.kohsuke.stapler", "ForwardToView", true, "with", "(String,Object)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler", "ForwardToView", true, "with", "(String,Object)", "", "Argument[1]", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler", "ForwardingFunction", true, "ForwardingFunction", "(Function)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler", "Function$InstanceFunction", true, "InstanceFunction", "(Method)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler", "Function", true, "contextualize", "(Object)", "", "Argument[this]", "ReturnValue", "value", "df-generated"]
- ["org.kohsuke.stapler", "Function", true, "getParameterNames", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler", "FunctionList", false, "FunctionList", "(Collection)", "", "Argument[0].Element", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler", "FunctionList", false, "FunctionList", "(Function[])", "", "Argument[0].ArrayElement", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler", "FunctionList", false, "annotated", "(Class)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler", "FunctionList", false, "name", "(String)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler", "FunctionList", false, "prefix", "(String)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler", "FunctionList", false, "signature", "(Class[])", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler", "FunctionList", false, "signatureStartsWith", "(Class[])", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler", "FunctionList", false, "union", "(FunctionList)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler", "FunctionList", false, "union", "(FunctionList)", "", "Argument[0].Element", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler", "FunctionList", false, "webMethodsLegacy", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler", "HttpRedirect", false, "HttpRedirect", "(String)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler", "HttpRedirect", false, "HttpRedirect", "(int,String)", "", "Argument[1]", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler", "HttpResponses$HttpResponseException", true, "HttpResponseException", "(String)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler", "HttpResponses$HttpResponseException", true, "HttpResponseException", "(String,Throwable)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler", "HttpResponses$HttpResponseException", true, "HttpResponseException", "(String,Throwable)", "", "Argument[1]", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler", "HttpResponses$HttpResponseException", true, "HttpResponseException", "(Throwable)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler", "HttpResponses", true, "error", "(Throwable)", "", "Argument[0]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler", "HttpResponses", true, "error", "(int,String)", "", "Argument[1]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler", "HttpResponses", true, "error", "(int,Throwable)", "", "Argument[1]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler", "HttpResponses", true, "redirectTo", "(String)", "", "Argument[0]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler", "HttpResponses", true, "redirectTo", "(int,String)", "", "Argument[1]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler", "JavaScriptMethodContext", false, "getName", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler", "MetaClass", true, "getPostConstructMethods", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler", "MetaClass", true, "toString", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler", "MetaClassLoader", true, "MetaClassLoader", "(ClassLoader)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler", "MetaClassLoader", true, "get", "(ClassLoader)", "", "Argument[0]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler", "NoStaplerConstructorException", true, "NoStaplerConstructorException", "(String)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler", "RawHtmlArgument", true, "RawHtmlArgument", "(Object)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler", "RawHtmlArgument", true, "getValue", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler", "ReflectionUtils", true, "union", "(Annotation[],Annotation[])", "", "Argument[0].ArrayElement", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler", "ReflectionUtils", true, "union", "(Annotation[],Annotation[])", "", "Argument[1].ArrayElement", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler", "RequestImpl", true, "RequestImpl", "(Stapler,HttpServletRequest,List,TokenList)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler", "RequestImpl", true, "RequestImpl", "(Stapler,HttpServletRequest,List,TokenList)", "", "Argument[2].Element", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler", "RequestImpl", true, "RequestImpl", "(Stapler,HttpServletRequest,List,TokenList)", "", "Argument[3]", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler", "RequestImpl", true, "getView", "(Klass,Object,String)", "", "Argument[1]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler", "RequestImpl", true, "getView", "(Klass,Object,String)", "", "Argument[2]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler", "ResponseImpl", true, "ResponseImpl", "(Stapler,HttpServletResponse)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler", "ResponseImpl", true, "ResponseImpl", "(Stapler,HttpServletResponse)", "", "Argument[1]", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler", "ResponseImpl", true, "encode", "(String)", "", "Argument[0]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler", "ScriptLoadException", true, "ScriptLoadException", "(String,Throwable)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler", "ScriptLoadException", true, "ScriptLoadException", "(String,Throwable)", "", "Argument[1]", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler", "ScriptLoadException", true, "ScriptLoadException", "(Throwable)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler", "SingleLinkedList", true, "SingleLinkedList", "(Object,SingleLinkedList)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler", "SingleLinkedList", true, "SingleLinkedList", "(Object,SingleLinkedList)", "", "Argument[1].Element", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler", "SingleLinkedList", true, "grow", "(Object)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler", "SingleLinkedList", true, "grow", "(Object)", "", "Argument[0]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler", "Stapler", true, "escape", "(String)", "", "Argument[0]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler", "Stapler", true, "getClassLoader", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler", "Stapler", true, "getViewURL", "(Class,String)", "", "Argument[1]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler", "Stapler", true, "getWebApp", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler", "Stapler", true, "htmlSafeArgument", "(Object)", "", "Argument[0]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler", "Stapler", true, "htmlSafeArguments", "(Object[])", "", "Argument[0].ArrayElement", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler", "StaplerRequest", true, "bindJSON", "(Type,Class,Object)", "", "Argument[2]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler", "StaplerRequest", true, "findAncestor", "(Class)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler", "StaplerRequest", true, "findAncestor", "(Object)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler", "StaplerRequest", true, "getAncestors", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler", "StaplerRequest", true, "getBindInterceptor", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler", "StaplerRequest", true, "getFileItem", "(String)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler", "StaplerRequest", true, "getOriginalRequestURI", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler", "StaplerRequest", true, "getOriginalRestOfPath", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler", "StaplerRequest", true, "getRestOfPath", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler", "StaplerRequest", true, "getStapler", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler", "StaplerRequest", true, "getSubmittedForm", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler", "StaplerRequest", true, "getView", "(Class,String)", "", "Argument[1]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler", "StaplerRequest", true, "getView", "(Klass,String)", "", "Argument[1]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler", "StaplerRequest", true, "getView", "(Object,String)", "", "Argument[0]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler", "StaplerRequest", true, "getView", "(Object,String)", "", "Argument[1]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler", "StaplerRequest", true, "getWebApp", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler", "StaplerRequest", true, "setBindInterceptor", "(BindInterceptor)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler", "StaplerRequest", true, "setBindInterceptor", "(BindInterceptor)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler", "StaplerRequest", true, "setBindInterceptpr", "(BindInterceptor)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler", "StaplerRequest", true, "setBindInterceptpr", "(BindInterceptor)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler", "StaplerRequest", true, "setBindListener", "(BindInterceptor)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler", "StaplerRequest", true, "setBindListener", "(BindInterceptor)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler", "StaplerResponse", true, "getCompressedOutputStream", "(HttpServletRequest)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler", "StaplerResponse", true, "getCompressedWriter", "(HttpServletRequest)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler", "StaplerResponse", true, "getJsonConfig", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler", "StaplerResponse", true, "setJsonConfig", "(JsonConfig)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler", "StaplerResponseWrapper", true, "StaplerResponseWrapper", "(StaplerResponse)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler", "StaplerResponseWrapper", true, "getWrapped", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler", "StaticViewFacet", true, "StaticViewFacet", "(Collection)", "", "Argument[0].Element", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler", "StaticViewFacet", true, "StaticViewFacet", "(String[])", "", "Argument[0].ArrayElement", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler", "StaticViewFacet", true, "addExtension", "(String)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler", "TokenList", false, "assembleOriginalRestOfPath", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler", "TokenList", false, "assembleRestOfPath", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler", "TokenList", false, "decode", "(String)", "", "Argument[0]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler", "TokenList", false, "get", "(int)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler", "TokenList", false, "next", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler", "TokenList", false, "peek", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler", "TokenList", false, "prev", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler", "TokenList", false, "toString", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler", "TraversalMethodContext", false, "getName", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler", "WebApp", true, "WebApp", "(ServletContext)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler", "WebApp", true, "get", "(ServletContext)", "", "Argument[0]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler", "WebApp", true, "getClassLoader", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler", "WebApp", true, "getCrumbIssuer", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler", "WebApp", true, "getDispatchValidator", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler", "WebApp", true, "getDispatchersFilter", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler", "WebApp", true, "getFilterForDoActions", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler", "WebApp", true, "getFilterForFields", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler", "WebApp", true, "getFilterForGetMethods", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler", "WebApp", true, "getFilteredDispatchTriggerListener", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler", "WebApp", true, "getFilteredDoActionTriggerListener", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler", "WebApp", true, "getFilteredFieldTriggerListener", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler", "WebApp", true, "getFilteredGetterTriggerListener", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler", "WebApp", true, "getJsonInErrorMessageSanitizer", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler", "WebApp", true, "getMetaClass", "(Class)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler", "WebApp", true, "getMetaClass", "(Klass)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler", "WebApp", true, "getMetaClass", "(Klass)", "", "Argument[0]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler", "WebApp", true, "getMetaClass", "(Object)", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler", "WebApp", true, "getResponseRenderers", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler", "WebApp", true, "getSomeStapler", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler", "WebApp", true, "setClassLoader", "(ClassLoader)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler", "WebApp", true, "setCrumbIssuer", "(CrumbIssuer)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler", "WebApp", true, "setDispatchValidator", "(DispatchValidator)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler", "WebApp", true, "setDispatchersFilter", "(DispatchersFilter)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler", "WebApp", true, "setFilterForDoActions", "(Filter)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler", "WebApp", true, "setFilterForFields", "(Filter)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler", "WebApp", true, "setFilterForGetMethods", "(Filter)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler", "WebApp", true, "setFilteredDispatchTriggerListener", "(FilteredDispatchTriggerListener)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler", "WebApp", true, "setFilteredDoActionTriggerListener", "(FilteredDoActionTriggerListener)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler", "WebApp", true, "setFilteredFieldTriggerListener", "(FilteredFieldTriggerListener)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler", "WebApp", true, "setFilteredGetterTriggerListener", "(FilteredGetterTriggerListener)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler", "WebApp", true, "setJsonInErrorMessageSanitizer", "(JsonInErrorMessageSanitizer)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- ["org.kohsuke.stapler", "WebMethodContext", false, "getName", "()", "", "Argument[this]", "ReturnValue", "taint", "df-generated"]
- ["org.kohsuke.stapler", "WrongTypeException", true, "WrongTypeException", "(String)", "", "Argument[0]", "Argument[this]", "taint", "df-generated"]
- addsTo:
pack: codeql/java-all
extensible: neutralModel
data:
- ["org.kohsuke.stapler.bind", "Bound", "getTarget", "()", "summary", "df-generated"]
- ["org.kohsuke.stapler.bind", "Bound", "getURL", "()", "summary", "df-generated"]
- ["org.kohsuke.stapler.bind", "Bound", "release", "()", "summary", "df-generated"]
- ["org.kohsuke.stapler.bind", "BoundObjectTable$Table", "doEnableLogging", "()", "summary", "df-generated"]
- ["org.kohsuke.stapler.bind", "BoundObjectTable", "bindWeak", "(Object)", "summary", "df-generated"]
- ["org.kohsuke.stapler.bind", "BoundObjectTable", "getTable", "()", "summary", "df-generated"]
- ["org.kohsuke.stapler.bind", "BoundObjectTable", "releaseMe", "()", "summary", "df-generated"]
- ["org.kohsuke.stapler.compression", "CompressionFilter", "activate", "(ServletRequest)", "summary", "df-generated"]
- ["org.kohsuke.stapler.compression", "CompressionFilter", "getUncaughtExceptionHandler", "(ServletContext)", "summary", "df-generated"]
- ["org.kohsuke.stapler.compression", "CompressionFilter", "has", "(ServletRequest)", "summary", "df-generated"]
- ["org.kohsuke.stapler.compression", "CompressionFilter", "setUncaughtExceptionHandler", "(ServletContext,UncaughtExceptionHandler)", "summary", "df-generated"]
- ["org.kohsuke.stapler.compression", "CompressionServletResponse", "CompressionServletResponse", "(HttpServletResponse)", "summary", "df-generated"]
- ["org.kohsuke.stapler.compression", "CompressionServletResponse", "activate", "()", "summary", "df-generated"]
- ["org.kohsuke.stapler.compression", "CompressionServletResponse", "close", "()", "summary", "df-generated"]
- ["org.kohsuke.stapler.compression", "UncaughtExceptionHandler", "reportException", "(Throwable,ServletContext,HttpServletRequest,HttpServletResponse)", "summary", "df-generated"]
- ["org.kohsuke.stapler.config", "ConfigurationLoader", "as", "(Class)", "summary", "df-generated"]
- ["org.kohsuke.stapler.config", "ConfigurationLoader", "from", "(File)", "summary", "df-generated"]
- ["org.kohsuke.stapler.config", "ConfigurationLoader", "from", "(Map)", "summary", "df-generated"]
- ["org.kohsuke.stapler.config", "ConfigurationLoader", "from", "(Properties)", "summary", "df-generated"]
- ["org.kohsuke.stapler.config", "ConfigurationLoader", "fromEnvironmentVariables", "()", "summary", "df-generated"]
- ["org.kohsuke.stapler.config", "ConfigurationLoader", "fromSystemProperties", "()", "summary", "df-generated"]
- ["org.kohsuke.stapler.event", "FilteredDispatchTriggerListener", "onDispatchTrigger", "(StaplerRequest,StaplerResponse,Object,String)", "summary", "df-generated"]
- ["org.kohsuke.stapler.event", "FilteredDoActionTriggerListener", "onDoActionTrigger", "(Function,StaplerRequest,StaplerResponse,Object)", "summary", "df-generated"]
- ["org.kohsuke.stapler.event", "FilteredFieldTriggerListener", "onFieldTrigger", "(FieldRef,StaplerRequest,StaplerResponse,Object,String)", "summary", "df-generated"]
- ["org.kohsuke.stapler.event", "FilteredGetterTriggerListener", "onGetterTrigger", "(Function,StaplerRequest,StaplerResponse,Object,String)", "summary", "df-generated"]
- ["org.kohsuke.stapler.export", "DataWriter", "endArray", "()", "summary", "df-generated"]
- ["org.kohsuke.stapler.export", "DataWriter", "endObject", "()", "summary", "df-generated"]
- ["org.kohsuke.stapler.export", "DataWriter", "getExportConfig", "()", "summary", "df-generated"]
- ["org.kohsuke.stapler.export", "DataWriter", "name", "(String)", "summary", "df-generated"]
- ["org.kohsuke.stapler.export", "DataWriter", "startArray", "()", "summary", "df-generated"]
- ["org.kohsuke.stapler.export", "DataWriter", "startObject", "()", "summary", "df-generated"]
- ["org.kohsuke.stapler.export", "DataWriter", "type", "(Type,Class)", "summary", "df-generated"]
- ["org.kohsuke.stapler.export", "DataWriter", "value", "(String)", "summary", "df-generated"]
- ["org.kohsuke.stapler.export", "DataWriter", "valueNull", "()", "summary", "df-generated"]
- ["org.kohsuke.stapler.export", "DataWriter", "valuePrimitive", "(Object)", "summary", "df-generated"]
- ["org.kohsuke.stapler.export", "ExportConfig", "getFlavor", "()", "summary", "df-generated"]
- ["org.kohsuke.stapler.export", "ExportConfig", "isPrettyPrint", "()", "summary", "df-generated"]
- ["org.kohsuke.stapler.export", "ExportConfig", "isSkipIfFail", "()", "summary", "df-generated"]
- ["org.kohsuke.stapler.export", "ExportInterceptor", "getValue", "(Property,Object,ExportConfig)", "summary", "df-generated"]
- ["org.kohsuke.stapler.export", "Flavor", "createDataWriter", "(Object,Writer,ExportConfig)", "summary", "df-generated"]
- ["org.kohsuke.stapler.export", "NamedPathPruner", "NamedPathPruner", "(String)", "summary", "df-generated"]
- ["org.kohsuke.stapler.export", "NotExportableException", "NotExportableException", "(Class)", "summary", "df-generated"]
- ["org.kohsuke.stapler.export", "NotExportableException", "NotExportableException", "(String,Throwable,Class)", "summary", "df-generated"]
- ["org.kohsuke.stapler.export", "NotExportableException", "NotExportableException", "(Throwable,Class)", "summary", "df-generated"]
- ["org.kohsuke.stapler.export", "NotExportableException", "getType", "()", "summary", "df-generated"]
- ["org.kohsuke.stapler.export", "Property", "getGenericType", "()", "summary", "df-generated"]
- ["org.kohsuke.stapler.export", "Property", "getJavadoc", "()", "summary", "df-generated"]
- ["org.kohsuke.stapler.export", "Property", "getType", "()", "summary", "df-generated"]
- ["org.kohsuke.stapler.export", "Property", "getValue", "(Object)", "summary", "df-generated"]
- ["org.kohsuke.stapler.export", "Range", "Range", "(int,int)", "summary", "df-generated"]
- ["org.kohsuke.stapler.export", "SchemaGenerator", "add", "(Class)", "summary", "df-generated"]
- ["org.kohsuke.stapler.export", "SchemaGenerator", "generateSchema", "(Result)", "summary", "df-generated"]
- ["org.kohsuke.stapler.export", "SchemaGenerator", "getXmlTypeName", "(Class)", "summary", "df-generated"]
- ["org.kohsuke.stapler.export", "TreePruner$ByDepth", "ByDepth", "(int)", "summary", "df-generated"]
- ["org.kohsuke.stapler.export", "TreePruner", "accept", "(Object,Property)", "summary", "df-generated"]
- ["org.kohsuke.stapler.export", "TreePruner", "getRange", "()", "summary", "df-generated"]
- ["org.kohsuke.stapler.export", "TypeUtil", "erasure", "(Type)", "summary", "df-generated"]
- ["org.kohsuke.stapler.framework.adjunct", "Adjunct", "has", "(Kind)", "summary", "df-generated"]
- ["org.kohsuke.stapler.framework.adjunct", "Adjunct", "write", "(StaplerRequest,XMLOutput)", "summary", "df-generated"]
- ["org.kohsuke.stapler.framework.adjunct", "AdjunctManager", "get", "(ServletContext)", "summary", "df-generated"]
- ["org.kohsuke.stapler.framework.adjunct", "AdjunctsInPage", "get", "()", "summary", "df-generated"]
- ["org.kohsuke.stapler.framework.adjunct", "AdjunctsInPage", "isIncluded", "(String)", "summary", "df-generated"]
- ["org.kohsuke.stapler.framework.adjunct", "AdjunctsInPage", "writeSpooled", "(XMLOutput)", "summary", "df-generated"]
- ["org.kohsuke.stapler.framework.adjunct", "NoSuchAdjunctException", "NoSuchAdjunctException", "(Throwable)", "summary", "df-generated"]
- ["org.kohsuke.stapler.framework.errors", "ErrorObject", "getMessage", "()", "summary", "df-generated"]
- ["org.kohsuke.stapler.framework.io", "AtomicFileWriter", "commit", "()", "summary", "df-generated"]
- ["org.kohsuke.stapler.framework.io", "ByteBuffer", "length", "()", "summary", "df-generated"]
- ["org.kohsuke.stapler.framework.io", "ByteBuffer", "newInputStream", "()", "summary", "df-generated"]
- ["org.kohsuke.stapler.framework.io", "IOException2", "IOException2", "(Throwable)", "summary", "df-generated"]
- ["org.kohsuke.stapler.framework.io", "LargeText", "LargeText", "(ByteBuffer,Charset,boolean)", "summary", "df-generated"]
- ["org.kohsuke.stapler.framework.io", "LargeText", "LargeText", "(ByteBuffer,boolean)", "summary", "df-generated"]
- ["org.kohsuke.stapler.framework.io", "LargeText", "LargeText", "(File,Charset,boolean)", "summary", "df-generated"]
- ["org.kohsuke.stapler.framework.io", "LargeText", "LargeText", "(File,Charset,boolean,boolean)", "summary", "df-generated"]
- ["org.kohsuke.stapler.framework.io", "LargeText", "LargeText", "(File,boolean)", "summary", "df-generated"]
- ["org.kohsuke.stapler.framework.io", "LargeText", "LargeText", "(File,boolean,boolean)", "summary", "df-generated"]
- ["org.kohsuke.stapler.framework.io", "LargeText", "doProgressText", "(StaplerRequest,StaplerResponse)", "summary", "df-generated"]
- ["org.kohsuke.stapler.framework.io", "LargeText", "isComplete", "()", "summary", "df-generated"]
- ["org.kohsuke.stapler.framework.io", "LargeText", "length", "()", "summary", "df-generated"]
- ["org.kohsuke.stapler.framework.io", "LargeText", "markAsComplete", "()", "summary", "df-generated"]
- ["org.kohsuke.stapler.framework.io", "LargeText", "readAll", "()", "summary", "df-generated"]
- ["org.kohsuke.stapler.framework.io", "LargeText", "writeLogTo", "(long,OutputStream)", "summary", "df-generated"]
- ["org.kohsuke.stapler.framework.io", "LargeText", "writeLogTo", "(long,Writer)", "summary", "df-generated"]
- ["org.kohsuke.stapler.framework.io", "LineEndNormalizingWriter", "LineEndNormalizingWriter", "(Writer)", "summary", "df-generated"]
- ["org.kohsuke.stapler.framework", "AbstractWebAppMain", "getApplication", "()", "summary", "df-generated"]
- ["org.kohsuke.stapler.interceptor", "Interceptor", "invoke", "(StaplerRequest,StaplerResponse,Object,Object[])", "summary", "df-generated"]
- ["org.kohsuke.stapler.jelly.groovy", "GroovierJellyScript", "run", "(JellyBuilder)", "summary", "df-generated"]
- ["org.kohsuke.stapler.jelly.groovy", "JellyBuilder", "adjunct", "(String)", "summary", "df-generated"]
- ["org.kohsuke.stapler.jelly.groovy", "JellyBuilder", "getMy", "()", "summary", "df-generated"]
- ["org.kohsuke.stapler.jelly.groovy", "JellyBuilder", "getServletContext", "()", "summary", "df-generated"]
- ["org.kohsuke.stapler.jelly.groovy", "JellyBuilder", "img", "(Object,String)", "summary", "df-generated"]
- ["org.kohsuke.stapler.jelly.groovy", "JellyBuilder", "include", "(Class,String)", "summary", "df-generated"]
- ["org.kohsuke.stapler.jelly.groovy", "JellyBuilder", "include", "(Object,String)", "summary", "df-generated"]
- ["org.kohsuke.stapler.jelly.groovy", "JellyBuilder", "methodMissing", "(String,Object)", "summary", "df-generated"]
- ["org.kohsuke.stapler.jelly.groovy", "JellyBuilder", "namespace", "(Class)", "summary", "df-generated"]
- ["org.kohsuke.stapler.jelly.groovy", "JellyBuilder", "raw", "(Object)", "summary", "df-generated"]
- ["org.kohsuke.stapler.jelly.groovy", "JellyBuilder", "redirectToDom", "(Closure)", "summary", "df-generated"]
- ["org.kohsuke.stapler.jelly.groovy", "JellyBuilder", "set", "(String,Object)", "summary", "df-generated"]
- ["org.kohsuke.stapler.jelly.groovy", "JellyBuilder", "taglib", "(Class)", "summary", "df-generated"]
- ["org.kohsuke.stapler.jelly.groovy", "JellyBuilder", "text", "(Object)", "summary", "df-generated"]
- ["org.kohsuke.stapler.jelly.groovy", "Namespace", "createInvoker", "(Class)", "summary", "df-generated"]
- ["org.kohsuke.stapler.jelly.groovy", "Namespace", "endPrefixMapping", "(XMLOutput)", "summary", "df-generated"]
- ["org.kohsuke.stapler.jelly.groovy", "Namespace", "startPrefixMapping", "(XMLOutput)", "summary", "df-generated"]
- ["org.kohsuke.stapler.jelly", "AttributeConstraintsTag", "setExpr", "(String)", "summary", "df-generated"]
- ["org.kohsuke.stapler.jelly", "AttributeTag", "setDeprecated", "(boolean)", "summary", "df-generated"]
- ["org.kohsuke.stapler.jelly", "AttributeTag", "setName", "(String)", "summary", "df-generated"]
- ["org.kohsuke.stapler.jelly", "AttributeTag", "setSince", "(String)", "summary", "df-generated"]
- ["org.kohsuke.stapler.jelly", "AttributeTag", "setType", "(String)", "summary", "df-generated"]
- ["org.kohsuke.stapler.jelly", "AttributeTag", "setUse", "(String)", "summary", "df-generated"]
- ["org.kohsuke.stapler.jelly", "CopyStreamTag", "setFile", "(File)", "summary", "df-generated"]
- ["org.kohsuke.stapler.jelly", "CopyStreamTag", "setUrl", "(URL)", "summary", "df-generated"]
- ["org.kohsuke.stapler.jelly", "HTMLWriterOutput", "create", "(OutputStream)", "summary", "df-generated"]
- ["org.kohsuke.stapler.jelly", "HTMLWriterOutput", "create", "(Writer,boolean)", "summary", "df-generated"]
- ["org.kohsuke.stapler.jelly", "HTMLWriterOutput", "useHTML", "(boolean)", "summary", "df-generated"]
- ["org.kohsuke.stapler.jelly", "IncludeTag", "setClass", "(Class)", "summary", "df-generated"]
- ["org.kohsuke.stapler.jelly", "IncludeTag", "setClazz", "(Class)", "summary", "df-generated"]
- ["org.kohsuke.stapler.jelly", "IncludeTag", "setOptional", "(boolean)", "summary", "df-generated"]
- ["org.kohsuke.stapler.jelly", "InternationalizedStringExpression", "makeEscapingExpression", "()", "summary", "df-generated"]
- ["org.kohsuke.stapler.jelly", "JellyClassLoaderTearOff", "createContext", "()", "summary", "df-generated"]
- ["org.kohsuke.stapler.jelly", "JellyClassLoaderTearOff", "getTagLibrary", "(String)", "summary", "df-generated"]
- ["org.kohsuke.stapler.jelly", "JellyClassTearOff", "serveIndexJelly", "(StaplerRequest,StaplerResponse,Object)", "summary", "df-generated"]
- ["org.kohsuke.stapler.jelly", "JellyCompatibleFacet", "getClassTearOffTypes", "()", "summary", "df-generated"]
- ["org.kohsuke.stapler.jelly", "JellyCompatibleFacet", "getScriptExtensions", "()", "summary", "df-generated"]
- ["org.kohsuke.stapler.jelly", "JellyFacet", "setExpressionFactory", "(ServletContextEvent,ExpressionFactory)", "summary", "df-generated"]
- ["org.kohsuke.stapler.jelly", "JellyTagFileLoader", "discover", "(ClassLoader)", "summary", "df-generated"]
- ["org.kohsuke.stapler.jelly", "JellyTagFileLoader", "load", "(CustomTagLibrary,String,ClassLoader)", "summary", "df-generated"]
- ["org.kohsuke.stapler.jelly", "ReallyStaticTagLibrary", "createTagScript", "()", "summary", "df-generated"]
- ["org.kohsuke.stapler.jelly", "ScriptInvoker", "invokeScript", "(StaplerRequest,StaplerResponse,Script,Object)", "summary", "df-generated"]
- ["org.kohsuke.stapler.jelly", "ScriptInvoker", "invokeScript", "(StaplerRequest,StaplerResponse,Script,Object,XMLOutput)", "summary", "df-generated"]
- ["org.kohsuke.stapler.jelly", "StatusCodeTag", "setValue", "(int)", "summary", "df-generated"]
- ["org.kohsuke.stapler.json", "JsonHttpResponse", "JsonHttpResponse", "(Throwable,int)", "summary", "df-generated"]
- ["org.kohsuke.stapler.lang.util", "FieldRefFilter", "wrap", "(Field)", "summary", "df-generated"]
- ["org.kohsuke.stapler.lang.util", "MethodRefFilter", "wrap", "(Method)", "summary", "df-generated"]
- ["org.kohsuke.stapler.lang", "AnnotatedRef", "getAnnotation", "(Class)", "summary", "df-generated"]
- ["org.kohsuke.stapler.lang", "AnnotatedRef", "hasAnnotation", "(Class)", "summary", "df-generated"]
- ["org.kohsuke.stapler.lang", "FieldRef$Filter", "keep", "(FieldRef)", "summary", "df-generated"]
- ["org.kohsuke.stapler.lang", "FieldRef", "get", "(Object)", "summary", "df-generated"]
- ["org.kohsuke.stapler.lang", "FieldRef", "getName", "()", "summary", "df-generated"]
- ["org.kohsuke.stapler.lang", "FieldRef", "getQualifiedName", "()", "summary", "df-generated"]
- ["org.kohsuke.stapler.lang", "FieldRef", "getReturnType", "()", "summary", "df-generated"]
- ["org.kohsuke.stapler.lang", "FieldRef", "getSignature", "()", "summary", "df-generated"]
- ["org.kohsuke.stapler.lang", "FieldRef", "isRoutable", "()", "summary", "df-generated"]
- ["org.kohsuke.stapler.lang", "FieldRef", "isStatic", "()", "summary", "df-generated"]
- ["org.kohsuke.stapler.lang", "FieldRef", "wrap", "(Field)", "summary", "df-generated"]
- ["org.kohsuke.stapler.lang", "Klass", "getAncestors", "()", "summary", "df-generated"]
- ["org.kohsuke.stapler.lang", "Klass", "getDeclaredFields", "()", "summary", "df-generated"]
- ["org.kohsuke.stapler.lang", "Klass", "getDeclaredMethods", "()", "summary", "df-generated"]
- ["org.kohsuke.stapler.lang", "Klass", "getFields", "()", "summary", "df-generated"]
- ["org.kohsuke.stapler.lang", "Klass", "getFunctions", "()", "summary", "df-generated"]
- ["org.kohsuke.stapler.lang", "Klass", "getResource", "(String)", "summary", "df-generated"]
- ["org.kohsuke.stapler.lang", "Klass", "getSuperClass", "()", "summary", "df-generated"]
- ["org.kohsuke.stapler.lang", "Klass", "isArray", "()", "summary", "df-generated"]
- ["org.kohsuke.stapler.lang", "Klass", "isMap", "()", "summary", "df-generated"]
- ["org.kohsuke.stapler.lang", "Klass", "java", "(Class)", "summary", "df-generated"]
- ["org.kohsuke.stapler.lang", "Klass", "toJavaClass", "()", "summary", "df-generated"]
- ["org.kohsuke.stapler.lang", "Klass", "toString", "()", "summary", "df-generated"]
- ["org.kohsuke.stapler.lang", "KlassNavigator", "getAncestors", "(Object)", "summary", "df-generated"]
- ["org.kohsuke.stapler.lang", "KlassNavigator", "getDeclaredFields", "(Object)", "summary", "df-generated"]
- ["org.kohsuke.stapler.lang", "KlassNavigator", "getDeclaredMethods", "(Object)", "summary", "df-generated"]
- ["org.kohsuke.stapler.lang", "KlassNavigator", "getFunctions", "(Object)", "summary", "df-generated"]
- ["org.kohsuke.stapler.lang", "KlassNavigator", "getResource", "(Object,String)", "summary", "df-generated"]
- ["org.kohsuke.stapler.lang", "KlassNavigator", "getSuperClass", "(Object)", "summary", "df-generated"]
- ["org.kohsuke.stapler.lang", "KlassNavigator", "isArray", "(Object)", "summary", "df-generated"]
- ["org.kohsuke.stapler.lang", "KlassNavigator", "isMap", "(Object)", "summary", "df-generated"]
- ["org.kohsuke.stapler.lang", "KlassNavigator", "toJavaClass", "(Object)", "summary", "df-generated"]
- ["org.kohsuke.stapler.lang", "MethodRef", "getName", "()", "summary", "df-generated"]
- ["org.kohsuke.stapler.lang", "MethodRef", "invoke", "(Object,Object[])", "summary", "df-generated"]
- ["org.kohsuke.stapler.lang", "MethodRef", "isRoutable", "()", "summary", "df-generated"]
- ["org.kohsuke.stapler.lang", "MethodRef", "wrap", "(Method)", "summary", "df-generated"]
- ["org.kohsuke.stapler", "Ancestor", "getRelativePath", "()", "summary", "df-generated"]
- ["org.kohsuke.stapler", "AnnotationHandler", "parse", "(StaplerRequest,Annotation,Class,String)", "summary", "df-generated"]
- ["org.kohsuke.stapler", "AttributeKey", "appScoped", "()", "summary", "df-generated"]
- ["org.kohsuke.stapler", "AttributeKey", "get", "()", "summary", "df-generated"]
- ["org.kohsuke.stapler", "AttributeKey", "get", "(HttpServletRequest)", "summary", "df-generated"]
- ["org.kohsuke.stapler", "AttributeKey", "remove", "()", "summary", "df-generated"]
- ["org.kohsuke.stapler", "AttributeKey", "remove", "(HttpServletRequest)", "summary", "df-generated"]
- ["org.kohsuke.stapler", "AttributeKey", "requestScoped", "()", "summary", "df-generated"]
- ["org.kohsuke.stapler", "AttributeKey", "sessionScoped", "()", "summary", "df-generated"]
- ["org.kohsuke.stapler", "AttributeKey", "set", "(HttpServletRequest,Object)", "summary", "df-generated"]
- ["org.kohsuke.stapler", "AttributeKey", "set", "(Object)", "summary", "df-generated"]
- ["org.kohsuke.stapler", "BindInterceptor", "instantiate", "(Class,JSONObject)", "summary", "df-generated"]
- ["org.kohsuke.stapler", "BindInterceptor", "onConvert", "(Type,Class,Object)", "summary", "df-generated"]
- ["org.kohsuke.stapler", "CachingScriptLoader", "clearScripts", "()", "summary", "df-generated"]
- ["org.kohsuke.stapler", "ClassDescriptor", "ClassDescriptor", "(Class,Class[])", "summary", "df-generated"]
- ["org.kohsuke.stapler", "ClassDescriptor", "loadConstructorParamNames", "()", "summary", "df-generated"]
- ["org.kohsuke.stapler", "ClassDescriptor", "loadParameterNames", "(Constructor)", "summary", "df-generated"]
- ["org.kohsuke.stapler", "ClassDescriptor", "loadParameterNames", "(Method)", "summary", "df-generated"]
- ["org.kohsuke.stapler", "CrumbIssuer", "doCrumb", "()", "summary", "df-generated"]
- ["org.kohsuke.stapler", "CrumbIssuer", "issueCrumb", "()", "summary", "df-generated"]
- ["org.kohsuke.stapler", "CrumbIssuer", "issueCrumb", "(StaplerRequest)", "summary", "df-generated"]
- ["org.kohsuke.stapler", "CrumbIssuer", "validateCrumb", "(StaplerRequest,String)", "summary", "df-generated"]
- ["org.kohsuke.stapler", "DispatchValidator", "allowDispatch", "(StaplerRequest,StaplerResponse)", "summary", "df-generated"]
- ["org.kohsuke.stapler", "DispatchValidator", "isDispatchAllowed", "(StaplerRequest,StaplerResponse)", "summary", "df-generated"]
- ["org.kohsuke.stapler", "DispatchValidator", "isDispatchAllowed", "(StaplerRequest,StaplerResponse,String,Object)", "summary", "df-generated"]
- ["org.kohsuke.stapler", "DispatchValidator", "requireDispatchAllowed", "(StaplerRequest,StaplerResponse)", "summary", "df-generated"]
- ["org.kohsuke.stapler", "Dispatcher", "anonymizedTraceEval", "(StaplerRequest,StaplerResponse,Object,String,String[])", "summary", "df-generated"]
- ["org.kohsuke.stapler", "Dispatcher", "dispatch", "(RequestImpl,ResponseImpl,Object)", "summary", "df-generated"]
- ["org.kohsuke.stapler", "Dispatcher", "isTraceEnabled", "(StaplerRequest)", "summary", "df-generated"]
- ["org.kohsuke.stapler", "Dispatcher", "toString", "()", "summary", "df-generated"]
- ["org.kohsuke.stapler", "Dispatcher", "trace", "(StaplerRequest,StaplerResponse,String)", "summary", "df-generated"]
- ["org.kohsuke.stapler", "Dispatcher", "trace", "(StaplerRequest,StaplerResponse,String,Object[])", "summary", "df-generated"]
- ["org.kohsuke.stapler", "Dispatcher", "traceEval", "(StaplerRequest,StaplerResponse,Object)", "summary", "df-generated"]
- ["org.kohsuke.stapler", "Dispatcher", "traceEval", "(StaplerRequest,StaplerResponse,Object,String)", "summary", "df-generated"]
- ["org.kohsuke.stapler", "Dispatcher", "traceEval", "(StaplerRequest,StaplerResponse,Object,String,String)", "summary", "df-generated"]
- ["org.kohsuke.stapler", "Dispatcher", "traceable", "()", "summary", "df-generated"]
- ["org.kohsuke.stapler", "EvaluationTrace$ApplicationTracer", "trace", "(StaplerRequest,String)", "summary", "df-generated"]
- ["org.kohsuke.stapler", "EvaluationTrace", "get", "(StaplerRequest)", "summary", "df-generated"]
- ["org.kohsuke.stapler", "EvaluationTrace", "printHtml", "(PrintWriter)", "summary", "df-generated"]
- ["org.kohsuke.stapler", "Facet", "buildFallbackDispatchers", "(MetaClass,List)", "summary", "df-generated"]
- ["org.kohsuke.stapler", "Facet", "buildIndexDispatchers", "(MetaClass,List)", "summary", "df-generated"]
- ["org.kohsuke.stapler", "Facet", "buildViewDispatchers", "(MetaClass,List)", "summary", "df-generated"]
- ["org.kohsuke.stapler", "Facet", "createRequestDispatcher", "(RequestImpl,Klass,Object,String)", "summary", "df-generated"]
- ["org.kohsuke.stapler", "Facet", "discover", "(ClassLoader)", "summary", "df-generated"]
- ["org.kohsuke.stapler", "Facet", "discoverExtensions", "(Class,ClassLoader[])", "summary", "df-generated"]
- ["org.kohsuke.stapler", "Facet", "getKlass", "(Object)", "summary", "df-generated"]
- ["org.kohsuke.stapler", "Facet", "handleIndexRequest", "(RequestImpl,ResponseImpl,Object,MetaClass)", "summary", "df-generated"]
- ["org.kohsuke.stapler", "ForwardToView", "ForwardToView", "(Class,String)", "summary", "df-generated"]
- ["org.kohsuke.stapler", "ForwardToView", "ForwardToView", "(Object,String)", "summary", "df-generated"]
- ["org.kohsuke.stapler", "ForwardToView", "ForwardToView", "(RequestDispatcher)", "summary", "df-generated"]
- ["org.kohsuke.stapler", "Function", "getAnnotation", "(Class)", "summary", "df-generated"]
- ["org.kohsuke.stapler", "Function", "getAnnotations", "()", "summary", "df-generated"]
- ["org.kohsuke.stapler", "Function", "getCheckedExceptionTypes", "()", "summary", "df-generated"]
- ["org.kohsuke.stapler", "Function", "getDeclaringClass", "()", "summary", "df-generated"]
- ["org.kohsuke.stapler", "Function", "getDisplayName", "()", "summary", "df-generated"]
- ["org.kohsuke.stapler", "Function", "getGenericParameterTypes", "()", "summary", "df-generated"]
- ["org.kohsuke.stapler", "Function", "getName", "()", "summary", "df-generated"]
- ["org.kohsuke.stapler", "Function", "getParameterAnnotations", "()", "summary", "df-generated"]
- ["org.kohsuke.stapler", "Function", "getParameterNames", "()", "summary", "df-generated"]
- ["org.kohsuke.stapler", "Function", "getParameterTypes", "()", "summary", "df-generated"]
- ["org.kohsuke.stapler", "Function", "getQualifiedName", "()", "summary", "df-generated"]
- ["org.kohsuke.stapler", "Function", "getReturnType", "()", "summary", "df-generated"]
- ["org.kohsuke.stapler", "Function", "getSignature", "()", "summary", "df-generated"]
- ["org.kohsuke.stapler", "Function", "invoke", "(StaplerRequest,StaplerResponse,Object,Object[])", "summary", "df-generated"]
- ["org.kohsuke.stapler", "Function", "isStatic", "()", "summary", "df-generated"]
- ["org.kohsuke.stapler", "Function", "returnNull", "()", "summary", "df-generated"]
- ["org.kohsuke.stapler", "FunctionList$Filter", "keep", "(Function)", "summary", "df-generated"]
- ["org.kohsuke.stapler", "HttpRedirect", "fromContextPath", "(String)", "summary", "df-generated"]
- ["org.kohsuke.stapler", "HttpResponse", "generateResponse", "(StaplerRequest,StaplerResponse,Object)", "summary", "df-generated"]
- ["org.kohsuke.stapler", "HttpResponseRenderer", "generateResponse", "(StaplerRequest,StaplerResponse,Object,Object)", "summary", "df-generated"]
- ["org.kohsuke.stapler", "HttpResponses", "errorWithoutStack", "(int,String)", "summary", "df-generated"]
- ["org.kohsuke.stapler", "HttpResponses", "forbidden", "()", "summary", "df-generated"]
- ["org.kohsuke.stapler", "HttpResponses", "forwardToPreviousPage", "()", "summary", "df-generated"]
- ["org.kohsuke.stapler", "HttpResponses", "forwardToView", "(Class,String)", "summary", "df-generated"]
- ["org.kohsuke.stapler", "HttpResponses", "forwardToView", "(Object,String)", "summary", "df-generated"]
- ["org.kohsuke.stapler", "HttpResponses", "html", "(String)", "summary", "df-generated"]
- ["org.kohsuke.stapler", "HttpResponses", "literalHtml", "(String)", "summary", "df-generated"]
- ["org.kohsuke.stapler", "HttpResponses", "notFound", "()", "summary", "df-generated"]
- ["org.kohsuke.stapler", "HttpResponses", "ok", "()", "summary", "df-generated"]
- ["org.kohsuke.stapler", "HttpResponses", "plainText", "(String)", "summary", "df-generated"]
- ["org.kohsuke.stapler", "HttpResponses", "redirectToContextRoot", "()", "summary", "df-generated"]
- ["org.kohsuke.stapler", "HttpResponses", "redirectToDot", "()", "summary", "df-generated"]
- ["org.kohsuke.stapler", "HttpResponses", "redirectViaContextPath", "(String)", "summary", "df-generated"]
- ["org.kohsuke.stapler", "HttpResponses", "redirectViaContextPath", "(int,String)", "summary", "df-generated"]
- ["org.kohsuke.stapler", "HttpResponses", "staticResource", "(URL)", "summary", "df-generated"]
- ["org.kohsuke.stapler", "HttpResponses", "staticResource", "(URL,long)", "summary", "df-generated"]
- ["org.kohsuke.stapler", "HttpResponses", "status", "(int)", "summary", "df-generated"]
- ["org.kohsuke.stapler", "HttpResponses", "text", "(String)", "summary", "df-generated"]
- ["org.kohsuke.stapler", "LocaleDrivenResourceProvider", "lookup", "(String)", "summary", "df-generated"]
- ["org.kohsuke.stapler", "MethodHandleFactory", "get", "(Method)", "summary", "df-generated"]
- ["org.kohsuke.stapler", "NoStaplerConstructorException", "NoStaplerConstructorException", "(String,Throwable)", "summary", "df-generated"]
- ["org.kohsuke.stapler", "NoStaplerConstructorException", "NoStaplerConstructorException", "(Throwable)", "summary", "df-generated"]
- ["org.kohsuke.stapler", "RawHtmlArgument", "toString", "()", "summary", "df-generated"]
- ["org.kohsuke.stapler", "ReflectionUtils", "getVmDefaultValueFor", "(Class)", "summary", "df-generated"]
- ["org.kohsuke.stapler", "SingleLinkedList", "empty", "()", "summary", "df-generated"]
- ["org.kohsuke.stapler", "Stapler", "buildResourcePaths", "()", "summary", "df-generated"]
- ["org.kohsuke.stapler", "Stapler", "forward", "(RequestDispatcher,StaplerRequest,HttpServletResponse)", "summary", "df-generated"]
- ["org.kohsuke.stapler", "Stapler", "getClassLoader", "(ServletContext)", "summary", "df-generated"]
- ["org.kohsuke.stapler", "Stapler", "getCurrent", "()", "summary", "df-generated"]
- ["org.kohsuke.stapler", "Stapler", "getCurrentRequest", "()", "summary", "df-generated"]
- ["org.kohsuke.stapler", "Stapler", "getCurrentResponse", "()", "summary", "df-generated"]
- ["org.kohsuke.stapler", "Stapler", "invoke", "(HttpServletRequest,HttpServletResponse,Object,String)", "summary", "df-generated"]
- ["org.kohsuke.stapler", "Stapler", "isSocketException", "(Throwable)", "summary", "df-generated"]
- ["org.kohsuke.stapler", "Stapler", "lookupConverter", "(Class)", "summary", "df-generated"]
- ["org.kohsuke.stapler", "Stapler", "setClassLoader", "(ServletContext,ClassLoader)", "summary", "df-generated"]
- ["org.kohsuke.stapler", "Stapler", "setRoot", "(ServletContextEvent,Object)", "summary", "df-generated"]
- ["org.kohsuke.stapler", "StaplerFallback", "getStaplerFallback", "()", "summary", "df-generated"]
- ["org.kohsuke.stapler", "StaplerRequest", "bindJSON", "(Class,JSONObject)", "summary", "df-generated"]
- ["org.kohsuke.stapler", "StaplerRequest", "bindJSON", "(Object,JSONObject)", "summary", "df-generated"]
- ["org.kohsuke.stapler", "StaplerRequest", "bindJSONToList", "(Class,Object)", "summary", "df-generated"]
- ["org.kohsuke.stapler", "StaplerRequest", "bindParameters", "(Class,String)", "summary", "df-generated"]
- ["org.kohsuke.stapler", "StaplerRequest", "bindParameters", "(Class,String,int)", "summary", "df-generated"]
- ["org.kohsuke.stapler", "StaplerRequest", "bindParameters", "(Object)", "summary", "df-generated"]
- ["org.kohsuke.stapler", "StaplerRequest", "bindParameters", "(Object,String)", "summary", "df-generated"]
- ["org.kohsuke.stapler", "StaplerRequest", "bindParametersToList", "(Class,String)", "summary", "df-generated"]
- ["org.kohsuke.stapler", "StaplerRequest", "checkIfModified", "(Calendar,StaplerResponse)", "summary", "df-generated"]
- ["org.kohsuke.stapler", "StaplerRequest", "checkIfModified", "(Date,StaplerResponse)", "summary", "df-generated"]
- ["org.kohsuke.stapler", "StaplerRequest", "checkIfModified", "(long,StaplerResponse)", "summary", "df-generated"]
- ["org.kohsuke.stapler", "StaplerRequest", "checkIfModified", "(long,StaplerResponse,long)", "summary", "df-generated"]
- ["org.kohsuke.stapler", "StaplerRequest", "createJavaScriptProxy", "(Object)", "summary", "df-generated"]
- ["org.kohsuke.stapler", "StaplerRequest", "findAncestorObject", "(Class)", "summary", "df-generated"]
- ["org.kohsuke.stapler", "StaplerRequest", "getBoundObjectTable", "()", "summary", "df-generated"]
- ["org.kohsuke.stapler", "StaplerRequest", "getReferer", "()", "summary", "df-generated"]
- ["org.kohsuke.stapler", "StaplerRequest", "getRequestURIWithQueryString", "()", "summary", "df-generated"]
- ["org.kohsuke.stapler", "StaplerRequest", "getRequestURLWithQueryString", "()", "summary", "df-generated"]
- ["org.kohsuke.stapler", "StaplerRequest", "getRootPath", "()", "summary", "df-generated"]
- ["org.kohsuke.stapler", "StaplerRequest", "hasParameter", "(String)", "summary", "df-generated"]
- ["org.kohsuke.stapler", "StaplerRequest", "isJavaScriptProxyCall", "()", "summary", "df-generated"]
- ["org.kohsuke.stapler", "StaplerResponse", "forward", "(Object,String,StaplerRequest)", "summary", "df-generated"]
- ["org.kohsuke.stapler", "StaplerResponse", "forwardToPreviousPage", "(StaplerRequest)", "summary", "df-generated"]
- ["org.kohsuke.stapler", "StaplerResponse", "reverseProxyTo", "(URL,StaplerRequest)", "summary", "df-generated"]
- ["org.kohsuke.stapler", "StaplerResponse", "sendRedirect2", "(String)", "summary", "df-generated"]
- ["org.kohsuke.stapler", "StaplerResponse", "sendRedirect", "(int,String)", "summary", "df-generated"]
- ["org.kohsuke.stapler", "StaplerResponse", "serveExposedBean", "(StaplerRequest,Object,ExportConfig)", "summary", "df-generated"]
- ["org.kohsuke.stapler", "StaplerResponse", "serveExposedBean", "(StaplerRequest,Object,Flavor)", "summary", "df-generated"]
- ["org.kohsuke.stapler", "StaplerResponse", "serveFile", "(StaplerRequest,InputStream,long,int,String)", "summary", "df-generated"]
- ["org.kohsuke.stapler", "StaplerResponse", "serveFile", "(StaplerRequest,InputStream,long,long,String)", "summary", "df-generated"]
- ["org.kohsuke.stapler", "StaplerResponse", "serveFile", "(StaplerRequest,InputStream,long,long,int,String)", "summary", "df-generated"]
- ["org.kohsuke.stapler", "StaplerResponse", "serveFile", "(StaplerRequest,InputStream,long,long,long,String)", "summary", "df-generated"]
- ["org.kohsuke.stapler", "StaplerResponse", "serveFile", "(StaplerRequest,URL)", "summary", "df-generated"]
- ["org.kohsuke.stapler", "StaplerResponse", "serveFile", "(StaplerRequest,URL,long)", "summary", "df-generated"]
- ["org.kohsuke.stapler", "StaplerResponse", "serveLocalizedFile", "(StaplerRequest,URL)", "summary", "df-generated"]
- ["org.kohsuke.stapler", "StaplerResponse", "serveLocalizedFile", "(StaplerRequest,URL,long)", "summary", "df-generated"]
- ["org.kohsuke.stapler", "TearOffSupport", "getTearOff", "(Class)", "summary", "df-generated"]
- ["org.kohsuke.stapler", "TearOffSupport", "loadTearOff", "(Class)", "summary", "df-generated"]
- ["org.kohsuke.stapler", "TearOffSupport", "setTearOff", "(Class,Object)", "summary", "df-generated"]
- ["org.kohsuke.stapler", "TokenList", "countRemainingTokens", "()", "summary", "df-generated"]
- ["org.kohsuke.stapler", "TokenList", "hasMore", "()", "summary", "df-generated"]
- ["org.kohsuke.stapler", "TokenList", "length", "()", "summary", "df-generated"]
- ["org.kohsuke.stapler", "TokenList", "nextAsInt", "()", "summary", "df-generated"]
- ["org.kohsuke.stapler", "TokenList", "nextAsLong", "()", "summary", "df-generated"]
- ["org.kohsuke.stapler", "WebApp", "clearMetaClassCache", "()", "summary", "df-generated"]
- ["org.kohsuke.stapler", "WebApp", "clearScripts", "(Class)", "summary", "df-generated"]
- ["org.kohsuke.stapler", "WebApp", "getApp", "()", "summary", "df-generated"]
- ["org.kohsuke.stapler", "WebApp", "getCurrent", "()", "summary", "df-generated"]
- ["org.kohsuke.stapler", "WebApp", "getFacet", "(Class)", "summary", "df-generated"]
- ["org.kohsuke.stapler", "WebApp", "getKlass", "(Object)", "summary", "df-generated"]
- ["org.kohsuke.stapler", "WebApp", "setApp", "(Object)", "summary", "df-generated"]

6
java/ql/lib/ext/hudson.model.model.yml
View File

@@ -16,3 +16,9 @@ extensions:
data:
- ["hudson.model", "Node", True, "createPath", "(String)", "", "Argument[0]", "ReturnValue", "taint", "ai-manual"]
- ["hudson.model", "DirectoryBrowserSupport$Path", False, "Path", "(String,String,boolean,long,boolean,long)", "", "Argument[0]", "Argument[this].SyntheticField[hudson.model.DirectoryBrowserSupport$Path.href]", "taint", "ai-manual"]
- addsTo:
pack: codeql/java-all
extensible: sourceModel
data:
- ["hudson.model", "Descriptor", True, "configure", "", "", "Parameter", "remote", "manual"]
- ["hudson.model", "Descriptor", True, "newInstance", "", "", "Parameter", "remote", "manual"]

78
java/ql/lib/ext/hudson.model.yml
View File

@@ -3,24 +3,68 @@ extensions:
pack: codeql/java-all
extensible: sinkModel
data:
- ["hudson", "FilePath", False, "copyFrom", "(FilePath)", "", "Argument[0]", "path-injection", "manual"]
- ["hudson", "FilePath", False, "copyFrom", "(URL)", "", "Argument[0]", "path-injection", "manual"]
- ["hudson", "FilePath", False, "copyFrom", "(FileItem)", "", "Argument[0]", "path-injection", "ai-manual"]
- ["hudson", "FilePath", False, "copyRecursiveTo", "(DirScanner,FilePath,String,TarCompression)", "", "Argument[1]", "path-injection", "ai-manual"]
- ["hudson", "FilePath", False, "copyRecursiveTo", "(DirScanner,FilePath,String)", "", "Argument[1]", "file-content-store", "ai-manual"]
- ["hudson", "FilePath", False, "copyRecursiveTo", "(String,FilePath)", "", "Argument[1]", "path-injection", "ai-manual"]
- ["hudson", "FilePath", False, "copyRecursiveTo", "(String,String,FilePath)", "", "Argument[0]", "path-injection", "ai-manual"]
- ["hudson", "FilePath", False, "copyRecursiveTo", "(String,String,FilePath)", "", "Argument[2]", "path-injection", "ai-manual"]
- ["hudson", "FilePath", False, "copyTo", "(FilePath)", "", "Argument[0]", "path-injection", "ai-manual"]
- ["hudson", "FilePath", False, "installIfNecessaryFrom", "(URL,TaskListener,String)", "", "Argument[0]", "request-forgery", "ai-manual"]
- ["hudson", "FilePath", False, "newInputStreamDenyingSymlinkAsNeeded", "(File,String,boolean)", "", "Argument[0]", "path-injection", "ai-manual"]
- ["hudson", "FilePath", True, "copyFrom", "", "", "Argument[this]", "path-injection", "manual"]
- ["hudson", "FilePath", True, "copyFrom", "(FilePath)", "", "Argument[0]", "path-injection", "manual"]
- ["hudson", "FilePath", True, "copyFrom", "(URL)", "", "Argument[0]", "path-injection", "manual"]
- ["hudson", "FilePath", True, "copyFrom", "(FileItem)", "", "Argument[0]", "path-injection", "ai-manual"]
- ["hudson", "FilePath", True, "copyRecursiveTo", "", "", "Argument[this]", "path-injection", "ai-manual"]
- ["hudson", "FilePath", True, "copyRecursiveTo", "(DirScanner,FilePath,String,TarCompression)", "", "Argument[1]", "path-injection", "ai-manual"]
- ["hudson", "FilePath", True, "copyRecursiveTo", "(DirScanner,FilePath,String)", "", "Argument[1]", "file-content-store", "ai-manual"]
- ["hudson", "FilePath", True, "copyRecursiveTo", "(String,FilePath)", "", "Argument[1]", "path-injection", "ai-manual"]
- ["hudson", "FilePath", True, "copyRecursiveTo", "(String,String,FilePath)", "", "Argument[0]", "path-injection", "ai-manual"]
- ["hudson", "FilePath", True, "copyRecursiveTo", "(String,String,FilePath)", "", "Argument[2]", "path-injection", "ai-manual"]
- ["hudson", "FilePath", True, "copyTo", "", "", "Argument[this]", "path-injection", "manual"]
- ["hudson", "FilePath", True, "copyTo", "(FilePath)", "", "Argument[0]", "path-injection", "ai-manual"]
- ["hudson", "FilePath", True, "copyToWithPermission", "", "", "Argument[this]", "path-injection", "manual"]
- ["hudson", "FilePath", True, "copyToWithPermission", "(FilePath)", "", "Argument[0]", "path-injection", "manual"]
- ["hudson", "FilePath", True, "installIfNecessaryFrom", "(URL,TaskListener,String)", "", "Argument[0]", "request-forgery", "ai-manual"]
- ["hudson", "FilePath", True, "newInputStreamDenyingSymlinkAsNeeded", "(File,String,boolean)", "", "Argument[0]", "path-injection", "ai-manual"]
- ["hudson", "FilePath", True, "openInputStream", "(File,OpenOption[])", "", "Argument[0]", "path-injection", "manual"]
- ["hudson", "FilePath", True, "read", "", "", "Argument[this]", "path-injection", "manual"]
- ["hudson", "FilePath", True, "read", "(FilePath,OpenOption[])", "", "Argument[0]", "path-injection", "manual"]
- ["hudson", "FilePath", True, "readFromOffset", "", "", "Argument[this]", "path-injection", "manual"]
- ["hudson", "FilePath", True, "readToString", "", "", "Argument[this]", "path-injection", "manual"]
- ["hudson", "FilePath", True, "renameTo", "", "", "Argument[this]", "path-injection", "manual"]
- ["hudson", "FilePath", True, "renameTo", "", "", "Argument[0]", "path-injection", "manual"]
- ["hudson", "FilePath", True, "write", "", "", "Argument[this]", "path-injection", "manual"]
- ["hudson", "FilePath", True, "write", "(String,String)", "", "Argument[0]", "file-content-store", "manual"]
- ["hudson", "Launcher$ProcStarter", False, "cmds", "", "", "Argument[0]", "command-injection", "manual"]
- ["hudson", "Launcher$ProcStarter", False, "cmdAsSingleString", "", "", "Argument[0]", "command-injection", "manual"]
- ["hudson", "Launcher", True, "launch", "", "", "Argument[0]", "command-injection", "manual"]
- ["hudson", "Launcher", True, "launchChannel", "", "", "Argument[0]", "command-injection", "manual"]
- addsTo:
pack: codeql/java-all
extensible: sourceModel
data:
- ["hudson", "Plugin", True, "configure", "", "", "Parameter", "remote", "manual"]
- ["hudson", "Plugin", True, "newInstance", "", "", "Parameter", "remote", "manual"]
- addsTo:
pack: codeql/java-all
extensible: summaryModel
data:
- ["hudson", "FilePath", False, "child", "(String)", "", "Argument[0]", "ReturnValue", "taint", "ai-manual"]
- ["hudson", "FilePath", False, "list", "(String,String,boolean)", "", "Argument[this]", "ReturnValue", "taint", "ai-manual"]
- ["hudson", "FilePath", False, "list", "(String,String)", "", "Argument[this]", "ReturnValue", "taint", "ai-manual"]
- ["hudson", "FilePath", False, "list", "(String)", "", "Argument[this]", "ReturnValue", "taint", "ai-manual"]
- ["hudson", "FilePath", False, "normalize", "(String)", "", "Argument[0]", "ReturnValue", "taint", "ai-manual"]
- ["hudson", "FilePath", False, "sibling", "(String)", "", "Argument[0]", "ReturnValue", "taint", "ai-manual"]
- ["hudson", "FilePath", True, "FilePath", "(String)", "", "Argument[0]", "Argument[this]", "taint", "manual"]
- ["hudson", "FilePath", True, "FilePath", "(FilePath,String)", "", "Argument[0..1]", "Argument[this]", "taint", "manual"]
- ["hudson", "FilePath", True, "FilePath", "(VirtualChannel,String)", "", "Argument[1]", "Argument[this]", "taint", "manual"]
- ["hudson", "FilePath", True, "child", "(String)", "", "Argument[0]", "ReturnValue", "taint", "ai-manual"]
- ["hudson", "FilePath", True, "list", "(String,String,boolean)", "", "Argument[this]", "ReturnValue", "taint", "ai-manual"]
- ["hudson", "FilePath", True, "list", "(String,String)", "", "Argument[this]", "ReturnValue", "taint", "ai-manual"]
- ["hudson", "FilePath", True, "list", "(String)", "", "Argument[this]", "ReturnValue", "taint", "ai-manual"]
- ["hudson", "FilePath", True, "normalize", "(String)", "", "Argument[0]", "ReturnValue", "taint", "ai-manual"]
- ["hudson", "FilePath", True, "sibling", "(String)", "", "Argument[0]", "ReturnValue", "taint", "ai-manual"]
- ["hudson", "Util", True, "nullify", "", "", "Argument[0]", "ReturnValue", "taint", "manual"]
- ["hudson", "Util", True, "fixNull", "", "", "Argument[0]", "ReturnValue", "taint", "manual"]
- ["hudson", "Util", True, "fixEmpty", "", "", "Argument[0]", "ReturnValue", "taint", "manual"]
- ["hudson", "Util", True, "fixEmptyAndTrim", "", "", "Argument[0]", "ReturnValue", "taint", "manual"]
- ["hudson", "Util", True, "getFileName", "", "", "Argument[0]", "ReturnValue", "taint", "manual"]
- ["hudson", "Util", True, "join", "", "", "Argument[0]", "ReturnValue", "taint", "manual"]
- ["hudson", "Util", True, "encodeRFC2396", "", "", "Argument[0]", "ReturnValue", "taint", "manual"]
- ["hudson", "Util", True, "wrapToErrorSpan", "", "", "Argument[0]", "ReturnValue", "taint", "manual"]
- ["hudson", "Util", True, "fileToPath", "", "", "Argument[0]", "ReturnValue", "taint", "manual"]
- ["hudson", "Util", True, "xmlEscape", "", "", "Argument[0]", "ReturnValue", "taint", "manual"]
- ["hudson", "Util", True, "escape", "", "", "Argument[0]", "ReturnValue", "taint", "manual"]
- ["hudson", "Util", True, "singleQuote", "", "", "Argument[0]", "ReturnValue", "taint", "manual"]
- ["hudson", "Util", True, "rawEncode", "", "", "Argument[0]", "ReturnValue", "taint", "manual"]
- ["hudson", "Util", True, "encode", "", "", "Argument[0]", "ReturnValue", "taint", "manual"]
- ["hudson", "Util", True, "fromHexString", "", "", "Argument[0]", "ReturnValue", "taint", "manual"]
- ["hudson", "Util", True, "toHexString", "", "", "Argument[0]", "ReturnValue", "taint", "manual"]
- ["hudson", "Util", True, "tokenize", "", "", "Argument[0]", "ReturnValue", "taint", "manual"]

22
java/ql/lib/ext/hudson.util.model.yml
View File

@@ -7,6 +7,10 @@ extensions:
- ["hudson.util", "AtomicFileWriter", True, "AtomicFileWriter", "(Path,Charset,boolean,boolean)", "", "Argument[0]", "path-injection", "ai-manual"]
- ["hudson.util", "AtomicFileWriter", True, "AtomicFileWriter", "(Path,Charset)", "", "Argument[0]", "path-injection", "ai-manual"]
- ["hudson.util", "ClasspathBuilder", True, "add", "(FilePath)", "", "Argument[0]", "path-injection", "ai-manual"]
- ["hudson.util", "FormValidation", True, "errorWithMarkup", "", "", "Argument[0]", "html-injection", "manual"]
- ["hudson.util", "FormValidation", True, "okWithMarkup", "", "", "Argument[0]", "html-injection", "manual"]
- ["hudson.util", "FormValidation", True, "respond", "", "", "Argument[1]", "html-injection", "manual"]
- ["hudson.util", "FormValidation", True, "warningWithMarkup", "", "", "Argument[0]", "html-injection", "manual"]
- ["hudson.util", "IOUtils", True, "mkdirs", "(File)", "", "Argument[0]", "path-injection", "ai-manual"]
- ["hudson.util", "StreamTaskListener", True, "StreamTaskListener", "(File,boolean,Charset)", "", "Argument[0]", "path-injection", "ai-manual"]
- ["hudson.util", "TextFile", True, "delete", "()", "", "Argument[this]", "path-injection", "manual"]
@@ -15,10 +19,28 @@ extensions:
- ["hudson.util", "TextFile", True, "lines", "()", "", "Argument[this]", "path-injection", "manual"]
- ["hudson.util", "TextFile", True, "read", "()", "", "Argument[this]", "path-injection", "manual"]
- ["hudson.util", "TextFile", True, "readTrim", "()", "", "Argument[this]", "path-injection", "manual"]
- ["hudson.util", "TextFile", True, "write", "(String)", "", "Argument[this]", "path-injection", "manual"]
- ["hudson.util", "TextFile", True, "write", "(String)", "", "Argument[0]", "file-content-store", "manual"]
- ["hudson.util", "HttpResponses", True, "staticResource", "(File)", "", "Argument[0]", "path-injection", "manual"]
- addsTo:
pack: codeql/java-all
extensible: summaryModel
data:
- ["hudson.util", "ArgumentListBuilder", True, "ArgumentListBuilder", "", "", "Argument[0]", "Argument[this]", "taint", "manual"]
- ["hudson.util", "ArgumentListBuilder", True, "add", "", "", "Argument[0]", "Argument[this]", "taint", "manual"]
- ["hudson.util", "ArgumentListBuilder", True, "clone", "", "", "Argument[this]", "ReturnValue", "taint", "manual"]
- ["hudson.util", "ArgumentListBuilder", True, "prepend", "", "", "Argument[0]", "Argument[this]", "taint", "manual"]
- ["hudson.util", "ArgumentListBuilder", True, "toCommandArray", "", "", "Argument[this]", "ReturnValue", "taint", "manual"]
- ["hudson.util", "ArgumentListBuilder", True, "toList", "", "", "Argument[this]", "ReturnValue", "taint", "manual"]
- ["hudson.util", "ArgumentListBuilder", True, "toWindowsCommand", "", "", "Argument[this]", "ReturnValue", "taint", "manual"]
# ArgumentListBuilder fluent methods
- ["hudson.util", "ArgumentListBuilder", True, "add", "", "", "Argument[this]", "ReturnValue", "value", "manual"]
- ["hudson.util", "ArgumentListBuilder", True, "addKeyValuePair", "", "", "Argument[this]", "ReturnValue", "value", "manual"]
- ["hudson.util", "ArgumentListBuilder", True, "addKeyValuePairs", "", "", "Argument[this]", "ReturnValue", "value", "manual"]
- ["hudson.util", "ArgumentListBuilder", True, "addKeyValuePairsFromPropertyString", "", "", "Argument[this]", "ReturnValue", "value", "manual"]
- ["hudson.util", "ArgumentListBuilder", True, "addMasked", "", "", "Argument[this]", "ReturnValue", "value", "manual"]
- ["hudson.util", "ArgumentListBuilder", True, "addQuoted", "", "", "Argument[this]", "ReturnValue", "value", "manual"]
- ["hudson.util", "ArgumentListBuilder", True, "addTokenized", "", "", "Argument[this]", "ReturnValue", "value", "manual"]
- ["hudson.util", "ArgumentListBuilder", True, "prepend", "", "", "Argument[this]", "ReturnValue", "value", "manual"]
- ["hudson.util", "QuotedStringTokenizer", True, "tokenize", "(String)", "", "Argument[0]", "ReturnValue", "taint", "ai-manual"]
- ["hudson.util", "TextFile", True, "TextFile", "(File)", "", "Argument[0]", "Argument[this]", "taint", "ai-manual"]

32
java/ql/lib/ext/java.lang.model.yml
View File

@@ -8,30 +8,30 @@ extensions:
- ["java.lang", "ClassLoader", True, "getSystemResource", "(String)", "", "Argument[0]", "path-injection", "ai-manual"]
- ["java.lang", "ClassLoader", True, "getSystemResourceAsStream", "(String)", "", "Argument[0]", "path-injection", "ai-manual"]
- ["java.lang", "Module", True, "getResourceAsStream", "(String)", "", "Argument[0]", "path-injection", "ai-manual"]
- ["java.lang", "ProcessBuilder", False, "command", "(List)", "", "Argument[0]", "command-injection", "manual"]
- ["java.lang", "ProcessBuilder", False, "command", "(String[])", "", "Argument[0]", "command-injection", "ai-manual"]
- ["java.lang", "ProcessBuilder", False, "directory", "(File)", "", "Argument[0]", "command-injection", "ai-manual"]
- ["java.lang", "ProcessBuilder", False, "ProcessBuilder", "(List)", "", "Argument[0]", "command-injection", "ai-manual"]
- ["java.lang", "ProcessBuilder", False, "ProcessBuilder", "(String[])", "", "Argument[0]", "command-injection", "ai-manual"]
- ["java.lang", "Runtime", True, "exec", "(String)", "", "Argument[0]", "command-injection", "ai-manual"]
- ["java.lang", "Runtime", True, "exec", "(String[])", "", "Argument[0]", "command-injection", "ai-manual"]
- ["java.lang", "Runtime", True, "exec", "(String[],String[])", "", "Argument[0]", "command-injection", "ai-manual"]
- ["java.lang", "Runtime", True, "exec", "(String[],String[],File)", "", "Argument[0]", "command-injection", "ai-manual"]
- ["java.lang", "Runtime", True, "exec", "(String[],String[],File)", "", "Argument[2]", "command-injection", "ai-manual"]
- ["java.lang", "Runtime", True, "exec", "(String,String[])", "", "Argument[0]", "command-injection", "ai-manual"]
- ["java.lang", "Runtime", True, "exec", "(String,String[],File)", "", "Argument[0]", "command-injection", "ai-manual"]
- ["java.lang", "Runtime", True, "exec", "(String,String[],File)", "", "Argument[2]", "command-injection", "ai-manual"]
# These are potential vulnerabilities, but not for command-injection. No query for this kind of vulnerability currently exists.
# - ["java.lang", "Runtime", False, "load", "(String)", "", "Argument[0]", "command-injection", "ai-manual"]
# - ["java.lang", "Runtime", False, "loadLibrary", "(String)", "", "Argument[0]", "command-injection", "ai-manual"]
# These are modeled in plain CodeQL. TODO: migrate them.
# - ["java.lang", "ProcessBuilder", False, "command", "(String[])", "", "Argument[0]", "command-injection", "ai-manual"]
# - ["java.lang", "ProcessBuilder", False, "directory", "(File)", "", "Argument[0]", "command-injection", "ai-manual"]
# - ["java.lang", "ProcessBuilder", False, "ProcessBuilder", "(List)", "", "Argument[0]", "command-injection", "ai-manual"]
# - ["java.lang", "ProcessBuilder", False, "ProcessBuilder", "(String[])", "", "Argument[0]", "command-injection", "ai-manual"]
# - ["java.lang", "Runtime", True, "exec", "(String,String[])", "", "Argument[0]", "command-injection", "ai-manual"]
# - ["java.lang", "Runtime", True, "exec", "(String[],String[])", "", "Argument[0]", "command-injection", "ai-manual"]
# - ["java.lang", "Runtime", True, "exec", "(String,String[],File)", "", "Argument[0]", "command-injection", "ai-manual"]
# - ["java.lang", "Runtime", True, "exec", "(String,String[],File)", "", "Argument[2]", "command-injection", "ai-manual"]
# - ["java.lang", "Runtime", True, "exec", "(String)", "", "Argument[0]", "command-injection", "ai-manual"]
# - ["java.lang", "Runtime", True, "exec", "(String[],String[],File)", "", "Argument[0]", "command-injection", "ai-manual"]
# - ["java.lang", "Runtime", True, "exec", "(String[],String[],File)", "", "Argument[2]", "command-injection", "ai-manual"]
# - ["java.lang", "Runtime", True, "exec", "(String[])", "", "Argument[0]", "command-injection", "ai-manual"]
- ["java.lang", "String", False, "matches", "(String)", "", "Argument[0]", "regex-use[f-1]", "manual"]
- ["java.lang", "String", False, "replaceAll", "(String,String)", "", "Argument[0]", "regex-use[-1]", "manual"]
- ["java.lang", "String", False, "replaceFirst", "(String,String)", "", "Argument[0]", "regex-use[-1]", "manual"]
- ["java.lang", "String", False, "split", "(String)", "", "Argument[0]", "regex-use[-1]", "manual"]
- ["java.lang", "String", False, "split", "(String,int)", "", "Argument[0]", "regex-use[-1]", "manual"]
# These are modeled in plain CodeQL. TODO: migrate them.
# - ["java.lang", "System", False, "load", "(String)", "", "Argument[0]", "command-injection", "ai-manual"] # This is actually injecting a library.
# - ["java.lang", "System", False, "loadLibrary", "(String)", "", "Argument[0]", "command-injection", "ai-manual"] # This is actually injecting a library.
# These are potential vulnerabilities, but not for command-injection. No query for this kind of vulnerability currently exists.
# - ["java.lang", "System", False, "load", "(String)", "", "Argument[0]", "command-injection", "ai-manual"]
# - ["java.lang", "System", False, "loadLibrary", "(String)", "", "Argument[0]", "command-injection", "ai-manual"]
- ["java.lang", "System$Logger", True, "log", "(Level,Object)", "", "Argument[1]", "log-injection", "manual"]
- ["java.lang", "System$Logger", True, "log", "(Level,ResourceBundle,String,Object[])", "", "Argument[2..3]", "log-injection", "manual"]
- ["java.lang", "System$Logger", True, "log", "(Level,ResourceBundle,String,Throwable)", "", "Argument[2]", "log-injection", "manual"]

3
java/ql/lib/ext/java.net.model.yml
View File

@@ -45,7 +45,8 @@ extensions:
- ["java.net", "URI", False, "toURL", "", "", "Argument[this]", "ReturnValue", "taint", "manual"]
- ["java.net", "URL", False, "URL", "(String)", "", "Argument[0]", "Argument[this]", "taint", "manual"]
- ["java.net", "URL", False, "URL", "(URL,String)", "", "Argument[0]", "Argument[this]", "taint", "ai-manual"]
- ["java.net", "URL", False, "URL", "(URL,String)", "", "Argument[1]", "Argument[this]", "taint", "ai-manual"] # @atorralba: review for consistency
- ["java.net", "URL", False, "URL", "(URL,String)", "", "Argument[1]", "Argument[this]", "taint", "ai-manual"]
- ["java.net", "URL", False, "toExternalForm", "", "", "Argument[this]", "ReturnValue", "taint", "manual"]
- ["java.net", "URL", False, "toURI", "", "", "Argument[this]", "ReturnValue", "taint", "manual"]
- ["java.net", "URL", False, "toString", "", "", "Argument[this]", "ReturnValue", "taint", "manual"]
- ["java.net", "URLDecoder", False, "decode", "", "", "Argument[0]", "ReturnValue", "taint", "manual"]

6
java/ql/lib/ext/java.sql.model.yml
View File

@@ -21,7 +21,6 @@ extensions:
extensible: summaryModel
data:
- ["java.sql", "Connection", True, "nativeSQL", "(String)", "", "Argument[0]", "ReturnValue", "taint", "hq-manual"]
- ["java.sql", "PreparedStatement", True, "setString", "(int,String)", "", "Argument[1]", "Argument[this]", "value", "manual"]
- ["java.sql", "ResultSet", True, "getString", "(String)", "", "Argument[this]", "ReturnValue", "taint", "manual"]
- addsTo:
@@ -31,13 +30,14 @@ extensions:
- ["java.sql", "Connection", "createStatement", "()", "summary", "manual"]
- ["java.sql", "PreparedStatement", "executeUpdate", "()", "summary", "manual"]
- ["java.sql", "PreparedStatement", "executeQuery", "()", "summary", "manual"]
- ["java.sql", "PreparedStatement", "setInt", "(int,int)", "summary", "manual"]
- ["java.sql", "PreparedStatement", "setLong", "(int,long)", "summary", "manual"]
- ["java.sql", "PreparedStatement", "setString", "(int,String)", "summary", "manual"]
- ["java.sql", "ResultSet", "next", "()", "summary", "manual"]
- ["java.sql", "Statement", "close", "()", "summary", "manual"]
# The below APIs have numeric flow and are currently being stored as neutral models.
# These may be changed to summary models with kinds "value-numeric" and "taint-numeric" (or similar) in the future.
- ["java.sql", "PreparedStatement", "setInt", "(int,int)", "summary", "manual"] # value-numeric
- ["java.sql", "PreparedStatement", "setLong", "(int,long)", "summary", "manual"] # value-numeric
- ["java.sql", "ResultSet", "getInt", "(int)", "summary", "manual"] # taint-numeric
- ["java.sql", "ResultSet", "getInt", "(String)", "summary", "manual"] # taint-numeric
- ["java.sql", "ResultSet", "getLong", "(String)", "summary", "manual"] # taint-numeric

11
java/ql/lib/ext/org.apache.commons.exec.model.yml Normal file
View File

@@ -0,0 +1,11 @@
extensions:
- addsTo:
pack: codeql/java-all
extensible: sinkModel
data:
- ["org.apache.commons.exec", "CommandLine", True, "parse", "(String)", "", "Argument[0]", "command-injection", "manual"]
- ["org.apache.commons.exec", "CommandLine", True, "parse", "(String,Map)", "", "Argument[0]", "command-injection", "manual"]
- ["org.apache.commons.exec", "CommandLine", True, "addArguments", "(String)", "", "Argument[0]", "command-injection", "manual"]
- ["org.apache.commons.exec", "CommandLine", True, "addArguments", "(String,boolean)", "", "Argument[0]", "command-injection", "manual"]
- ["org.apache.commons.exec", "CommandLine", True, "addArguments", "(String[])", "", "Argument[0]", "command-injection", "manual"]
- ["org.apache.commons.exec", "CommandLine", True, "addArguments", "(String[],boolean)", "", "Argument[0]", "command-injection", "manual"]

6
java/ql/lib/ext/org.kohsuke.stapler.bind.model.yml Normal file
View File

@@ -0,0 +1,6 @@
extensions:
- addsTo:
pack: codeql/java-all
extensible: sourceModel
data:
- ["org.kohsuke.stapler.bind", "JavaScriptMethod", True, "", "", "Annotated", "Parameter", "remote", "manual"]

7
java/ql/lib/ext/org.kohsuke.stapler.json.model.yml Normal file
View File

@@ -0,0 +1,7 @@
extensions:
- addsTo:
pack: codeql/java-all
extensible: sourceModel
data:
- ["org.kohsuke.stapler.json", "SubmittedForm", True, "", "", "Annotated", "Parameter", "remote", "manual"]
- ["org.kohsuke.stapler.json", "JsonBody", True, "", "", "Annotated", "Parameter", "remote", "manual"]

42
java/ql/lib/ext/org.kohsuke.stapler.model.yml
View File

@@ -4,4 +4,46 @@ extensions:
extensible: sinkModel
data:
- ["org.kohsuke.stapler", "HttpResponses", True, "redirectTo", "(String)", "", "Argument[0]", "url-redirection", "ai-manual"]
- ["org.kohsuke.stapler", "HttpResponses", True, "redirectTo", "(int,String)", "", "Argument[1]", "url-redirection", "manual"]
- ["org.kohsuke.stapler", "HttpResponses", True, "staticResource", "(URL)", "", "Argument[0]", "request-forgery", "ai-manual"]
- ["org.kohsuke.stapler", "HttpResponses", True, "staticResource", "(URL,long)", "", "Argument[0]", "request-forgery", "manual"]
- ["org.kohsuke.stapler", "HttpResponses", True, "html", "(String)", "", "Argument[0]", "html-injection", "manual"]
- ["org.kohsuke.stapler", "HttpResponses", True, "literalHtml", "(String)", "", "Argument[0]", "html-injection", "manual"]
- ["org.kohsuke.stapler", "StaplerResponse", True, "forward", "(Object,String,StaplerRequest)", "", "Argument[1]", "request-forgery", "manual"]
- ["org.kohsuke.stapler", "StaplerResponse", True, "sendRedirect2", "(String)", "", "Argument[0]", "url-redirection", "manual"]
- ["org.kohsuke.stapler", "StaplerResponse", True, "sendRedirect", "(int,String)", "", "Argument[1]", "url-redirection", "manual"]
- ["org.kohsuke.stapler", "StaplerResponse", True, "sendRedirect", "(String)", "", "Argument[0]", "url-redirection", "manual"]
- ["org.kohsuke.stapler", "StaplerResponse", True, "serveFile", "(StaplerRequest,URL)", "", "Argument[1]", "path-injection", "manual"]
- ["org.kohsuke.stapler", "StaplerResponse", True, "serveFile", "(StaplerRequest,URL,long)", "", "Argument[1]", "path-injection", "manual"]
- ["org.kohsuke.stapler", "StaplerResponse", True, "serveLocalizedFile", "(StaplerRequest,URL)", "", "Argument[1]", "path-injection", "manual"]
- ["org.kohsuke.stapler", "StaplerResponse", True, "serveLocalizedFile", "(StaplerRequest,URL,long)", "", "Argument[1]", "path-injection", "manual"]
- ["org.kohsuke.stapler", "StaplerResponse", True, "serveFile", "(StaplerRequest,InputStream,long,long,long,String)", "", "Argument[1]", "path-injection", "manual"]
- ["org.kohsuke.stapler", "StaplerResponse", True, "serveFile", "(StaplerRequest,InputStream,long,long,int,String)", "", "Argument[1]", "path-injection", "manual"]
- ["org.kohsuke.stapler", "StaplerResponse", True, "serveFile", "(StaplerRequest,InputStream,long,long,String)", "", "Argument[1]", "path-injection", "manual"]
- ["org.kohsuke.stapler", "StaplerResponse", True, "serveFile", "(StaplerRequest,InputStream,long,int,String)", "", "Argument[1]", "path-injection", "manual"]
- ["org.kohsuke.stapler", "StaplerResponse", True, "reverseProxyTo", "(URL,StaplerRequest)", "", "Argument[0]", "request-forgery", "manual"]
- addsTo:
pack: codeql/java-all
extensible: sourceModel
data:
- ["org.kohsuke.stapler", "StaplerRequest", True, "getRequestURIWithQueryString", "", "", "ReturnValue", "remote", "manual"]
- ["org.kohsuke.stapler", "StaplerRequest", True, "getRequestURLWithQueryString", "", "", "ReturnValue", "remote", "manual"]
- ["org.kohsuke.stapler", "StaplerRequest", True, "getReferer", "", "", "ReturnValue", "remote", "manual"]
- ["org.kohsuke.stapler", "StaplerRequest", True, "getOriginalRequestURI", "", "", "ReturnValue", "remote", "manual"]
- ["org.kohsuke.stapler", "StaplerRequest", True, "getSubmittedForm", "", "", "ReturnValue", "remote", "manual"]
- ["org.kohsuke.stapler", "StaplerRequest", True, "getFileItem", "", "", "ReturnValue", "remote", "manual"]
- ["org.kohsuke.stapler", "StaplerRequest", True, "bindParametersToList", "", "", "ReturnValue", "remote", "manual"]
- ["org.kohsuke.stapler", "StaplerRequest", True, "bindParameters", "", "", "Argument[0]", "remote", "manual"]
- ["org.kohsuke.stapler", "StaplerRequest", True, "bindParameters", "", "", "ReturnValue", "remote", "manual"]
- ["org.kohsuke.stapler", "StaplerRequest", True, "bindJSON", "", "", "Argument[0]", "remote", "manual"]
- ["org.kohsuke.stapler", "StaplerRequest", True, "bindJSON", "", "", "ReturnValue", "remote", "manual"]
- ["org.kohsuke.stapler", "StaplerRequest", True, "bindJSONToList", "", "", "ReturnValue", "remote", "manual"]
- ["org.kohsuke.stapler", "StaplerRequest", True, "getParameter", "", "", "ReturnValue", "remote", "manual"]
- ["org.kohsuke.stapler", "StaplerRequest", True, "getParameterMap", "", "", "ReturnValue", "remote", "manual"]
- ["org.kohsuke.stapler", "StaplerRequest", True, "getParameterNames", "", "", "ReturnValue", "remote", "manual"]
- ["org.kohsuke.stapler", "StaplerRequest", True, "getParameterValues", "", "", "ReturnValue", "remote", "manual"]
- ["org.kohsuke.stapler", "StaplerRequest", True, "getRestOfPath", "", "", "ReturnValue", "remote", "manual"]
- ["org.kohsuke.stapler", "QueryParameter", True, "", "", "Annotated", "Parameter", "remote", "manual"]
- ["org.kohsuke.stapler", "Header", True, "", "", "Annotated", "Parameter", "remote", "manual"]
- ["org.kohsuke.stapler", "DataBoundConstructor", True, "", "", "Annotated", "Parameter", "remote", "manual"]
- ["org.kohsuke.stapler", "DataBoundSetter", True, "", "", "Annotated", "Parameter", "remote", "manual"]

1
java/ql/lib/qlpack.yml
View File

@@ -6,6 +6,7 @@ extractor: java
library: true
upgrades: upgrades
dependencies:
codeql/mad: ${workspace}
codeql/regex: ${workspace}
codeql/tutorial: ${workspace}
codeql/typetracking: ${workspace}

2
java/ql/lib/semmle/code/java/Constants.qll
View File

@@ -17,7 +17,6 @@ signature int getIntValSig(Expr e);
*/
module CalculateConstants<getBoolValSig/1 getBoolVal, getIntValSig/1 getIntVal> {
/** Gets the value of a constant boolean expression. */
pragma[assume_small_delta]
boolean calculateBooleanValue(Expr e) {
// No casts relevant to booleans.
// `!` is the only unary operator that evaluates to a boolean.
@@ -99,7 +98,6 @@ module CalculateConstants<getBoolValSig/1 getBoolVal, getIntValSig/1 getIntVal>
}
/** Gets the value of a constant integer expression. */
pragma[assume_small_delta]
int calculateIntValue(Expr e) {
exists(IntegralType t | e.getType() = t | t.getName().toLowerCase() != "long") and
(

4
java/ql/lib/semmle/code/java/ControlFlowGraph.qll
View File

@@ -365,7 +365,6 @@ private module ControlFlowGraphImpl {
/**
* Gets a non-overridable method that always throws an exception or calls `exit`.
*/
pragma[assume_small_delta]
private Method nonReturningMethod() {
result instanceof MethodExit
or
@@ -382,7 +381,6 @@ private module ControlFlowGraphImpl {
/**
* Gets a virtual method that always throws an exception or calls `exit`.
*/
pragma[assume_small_delta]
private EffectivelyNonVirtualMethod likelyNonReturningMethod() {
result.getReturnType() instanceof VoidType and
not exists(ReturnStmt ret | ret.getEnclosingCallable() = result) and
@@ -402,7 +400,6 @@ private module ControlFlowGraphImpl {
/**
* Gets a statement that always throws an exception or calls `exit`.
*/
pragma[assume_small_delta]
private Stmt nonReturningStmt() {
result instanceof ThrowStmt
or
@@ -424,7 +421,6 @@ private module ControlFlowGraphImpl {
/**
* Gets an expression that always throws an exception or calls `exit`.
*/
pragma[assume_small_delta]
private Expr nonReturningExpr() {
result = nonReturningMethodAccess()
or

4
java/ql/lib/semmle/code/java/Expr.qll
View File

@@ -131,7 +131,6 @@ private predicate primitiveOrString(Type t) {
* See JLS v8, section 15.28 (Constant Expressions).
*/
class CompileTimeConstantExpr extends Expr {
pragma[assume_small_delta]
CompileTimeConstantExpr() {
primitiveOrString(this.getType()) and
(
@@ -181,7 +180,6 @@ class CompileTimeConstantExpr extends Expr {
/**
* Gets the string value of this expression, where possible.
*/
pragma[assume_small_delta]
pragma[nomagic]
string getStringValue() {
result = this.(StringLiteral).getValue()
@@ -207,7 +205,6 @@ class CompileTimeConstantExpr extends Expr {
/**
* Gets the boolean value of this expression, where possible.
*/
pragma[assume_small_delta]
pragma[nomagic]
boolean getBooleanValue() {
// Literal value.
@@ -1910,7 +1907,6 @@ class TypeAccess extends Expr, Annotatable, @typeaccess {
override CompilationUnit getCompilationUnit() { result = Expr.super.getCompilationUnit() }
/** Gets a printable representation of this expression. */
pragma[assume_small_delta]
override string toString() {
result = this.getQualifier().toString() + "." + this.getType().toString()
or

12
java/ql/lib/semmle/code/java/JDK.qll
View File

@@ -199,18 +199,18 @@ class TypeFile extends Class {
// --- Standard methods ---
/**
* Any constructor of class `java.lang.ProcessBuilder`.
* DEPRECATED: Any constructor of class `java.lang.ProcessBuilder`.
*/
class ProcessBuilderConstructor extends Constructor, ExecCallable {
deprecated class ProcessBuilderConstructor extends Constructor, ExecCallable {
ProcessBuilderConstructor() { this.getDeclaringType() instanceof TypeProcessBuilder }
override int getAnExecutedArgument() { result = 0 }
}
/**
* Any of the methods named `command` on class `java.lang.ProcessBuilder`.
* DEPRECATED: Any of the methods named `command` on class `java.lang.ProcessBuilder`.
*/
class MethodProcessBuilderCommand extends Method, ExecCallable {
deprecated class MethodProcessBuilderCommand extends Method, ExecCallable {
MethodProcessBuilderCommand() {
this.hasName("command") and
this.getDeclaringType() instanceof TypeProcessBuilder
@@ -220,9 +220,9 @@ class MethodProcessBuilderCommand extends Method, ExecCallable {
}
/**
* Any method named `exec` on class `java.lang.Runtime`.
* DEPRECATED: Any method named `exec` on class `java.lang.Runtime`.
*/
class MethodRuntimeExec extends Method, ExecCallable {
deprecated class MethodRuntimeExec extends Method, ExecCallable {
MethodRuntimeExec() {
this.hasName("exec") and
this.getDeclaringType() instanceof TypeRuntime

1
java/ql/lib/semmle/code/java/Member.qll
View File

@@ -736,7 +736,6 @@ class FieldDeclaration extends ExprParent, @fielddecl, Annotatable {
/** Gets the number of fields declared in this declaration. */
int getNumField() { result = max(int idx | fieldDeclaredIn(_, this, idx) | idx) + 1 }
pragma[assume_small_delta]
override string toString() {
if this.getNumField() = 1
then result = this.getTypeAccess() + " " + this.getField(0) + ";"

1
java/ql/lib/semmle/code/java/Type.qll
View File

@@ -309,7 +309,6 @@ private predicate hasSubtypeStar1(RefType t, RefType sub) {
/**
* Holds if `hasSubtype*(t, sub)`, but manual-magic'ed with `getAWildcardLowerBound(sub)`.
*/
pragma[assume_small_delta]
pragma[nomagic]
private predicate hasSubtypeStar2(RefType t, RefType sub) {
sub = t and getAWildcardLowerBound(sub)

86
java/ql/lib/semmle/code/java/dataflow/ExternalFlow.qll
View File

@@ -87,6 +87,7 @@ private import internal.FlowSummaryImplSpecific as FlowSummaryImplSpecific
private import internal.AccessPathSyntax
private import ExternalFlowExtensions as Extensions
private import FlowSummary
private import codeql.mad.ModelValidation as SharedModelVal
/**
* A class for activating additional model rows.
@@ -265,86 +266,17 @@ module ModelValidation {
)
}
private class OutdatedSinkKind extends string {
OutdatedSinkKind() {
this =
[
"sql", "url-redirect", "xpath", "ssti", "logging", "groovy", "jexl", "mvel", "xslt",
"ldap", "pending-intent-sent", "intent-start", "set-hostname-verifier",
"header-splitting", "xss", "write-file", "create-file", "read-file", "open-url",
"jdbc-url"
]
}
private module KindValConfig implements SharedModelVal::KindValidationConfigSig {
predicate summaryKind(string kind) { summaryModel(_, _, _, _, _, _, _, _, kind, _) }
private string replacementKind() {
this = ["sql", "xpath", "groovy", "jexl", "mvel", "xslt", "ldap"] and
result = this + "-injection"
or
this = "url-redirect" and result = "url-redirection"
or
this = "ssti" and result = "template-injection"
or
this = "logging" and result = "log-injection"
or
this = "pending-intent-sent" and result = "pending-intents"
or
this = "intent-start" and result = "intent-redirection"
or
this = "set-hostname-verifier" and result = "hostname-verification"
or
this = "header-splitting" and result = "response-splitting"
or
this = "xss" and result = "html-injection\" or \"js-injection"
or
this = "write-file" and result = "file-content-store"
or
this = ["create-file", "read-file"] and result = "path-injection"
or
this = ["open-url", "jdbc-url"] and result = "request-forgery"
}
predicate sinkKind(string kind) { sinkModel(_, _, _, _, _, _, _, kind, _) }
string outdatedMessage() {
result =
"The kind \"" + this + "\" is outdated. Use \"" + this.replacementKind() + "\" instead."
}
predicate sourceKind(string kind) { sourceModel(_, _, _, _, _, _, _, kind, _) }
predicate neutralKind(string kind) { neutralModel(_, _, _, _, kind, _) }
}
private string getInvalidModelKind() {
exists(string kind | summaryModel(_, _, _, _, _, _, _, _, kind, _) |
not kind = ["taint", "value"] and
result = "Invalid kind \"" + kind + "\" in summary model."
)
or
exists(string kind, string msg | sinkModel(_, _, _, _, _, _, _, kind, _) |
not kind =
[
"request-forgery", "jndi-injection", "ldap-injection", "sql-injection", "log-injection",
"mvel-injection", "xpath-injection", "groovy-injection", "html-injection", "js-injection",
"ognl-injection", "intent-redirection", "pending-intents", "url-redirection",
"path-injection", "file-content-store", "hostname-verification", "response-splitting",
"information-leak", "xslt-injection", "jexl-injection", "bean-validation",
"template-injection", "fragment-injection", "command-injection"
] and
not kind.matches("regex-use%") and
not kind.matches("qltest%") and
msg = "Invalid kind \"" + kind + "\" in sink model." and
// The part of this message that refers to outdated sink kinds can be deleted after June 1st, 2024.
if kind instanceof OutdatedSinkKind
then result = msg + " " + kind.(OutdatedSinkKind).outdatedMessage()
else result = msg
)
or
exists(string kind | sourceModel(_, _, _, _, _, _, _, kind, _) |
not kind = ["remote", "contentprovider", "android-external-storage-dir"] and
not kind.matches("qltest%") and
result = "Invalid kind \"" + kind + "\" in source model."
)
or
exists(string kind | neutralModel(_, _, _, _, kind, _) |
not kind = ["summary", "source", "sink"] and
result = "Invalid kind \"" + kind + "\" in neutral model."
)
}
private module KindVal = SharedModelVal::KindValidation<KindValConfig>;
private string getInvalidModelSignature() {
exists(
@@ -387,7 +319,7 @@ module ModelValidation {
msg =
[
getInvalidModelSignature(), getInvalidModelInput(), getInvalidModelOutput(),
getInvalidModelKind()
KindVal::getInvalidModelKind()
]
}
}

8
java/ql/lib/semmle/code/java/dataflow/FlowSources.qll
View File

@@ -36,6 +36,14 @@ abstract class RemoteFlowSource extends DataFlow::Node {
abstract string getSourceType();
}
/**
* A module for importing frameworks that define flow sources.
*/
private module FlowSources {
private import semmle.code.java.frameworks.hudson.Hudson
private import semmle.code.java.frameworks.stapler.Stapler
}
private class ExternalRemoteFlowSource extends RemoteFlowSource {
ExternalRemoteFlowSource() { sourceNode(this, "remote") }

1
java/ql/lib/semmle/code/java/dataflow/FlowSteps.qll
View File

@@ -23,6 +23,7 @@ private module Frameworks {
private import semmle.code.java.frameworks.Properties
private import semmle.code.java.frameworks.Protobuf
private import semmle.code.java.frameworks.ratpack.RatpackExec
private import semmle.code.java.frameworks.stapler.Stapler
private import semmle.code.java.JDK
}

5
java/ql/lib/semmle/code/java/dataflow/FlowSummary.qll
View File

@@ -149,8 +149,9 @@ class SummarizedCallableBase extends TSummarizedCallableBase {
or
result = this.asSyntheticCallable().getParameterType(pos)
or
exists(SyntheticCallable sc | sc = this.asSyntheticCallable() |
Impl::Private::summaryParameterNodeRange(this, pos) and
exists(SyntheticCallable sc, Impl::Private::SummaryNode p | sc = this.asSyntheticCallable() |
Impl::Private::summaryParameterNode(p, pos) and
this = p.getSummarizedCallable() and
not exists(sc.getParameterType(pos)) and
result instanceof TypeObject
)

2
java/ql/lib/semmle/code/java/dataflow/NullGuards.qll
View File

@@ -42,7 +42,6 @@ EqualityTest varEqualityTestExpr(SsaVariable v1, SsaVariable v2, boolean isEqual
}
/** Gets an expression that is provably not `null`. */
pragma[assume_small_delta]
Expr clearlyNotNullExpr(Expr reason) {
result instanceof ClassInstanceExpr and reason = result
or
@@ -237,7 +236,6 @@ Expr directNullGuard(SsaVariable v, boolean branch, boolean isnull) {
* If `result` evaluates to `branch`, then `v` is guaranteed to be null if `isnull`
* is true, and non-null if `isnull` is false.
*/
pragma[assume_small_delta]
Guard nullGuard(SsaVariable v, boolean branch, boolean isnull) {
result = directNullGuard(v, branch, isnull) or
exists(boolean branch0 | implies_v3(result, branch, nullGuard(v, branch0, isnull), branch0))

3
java/ql/lib/semmle/code/java/dataflow/SSA.qll
View File

@@ -61,7 +61,6 @@ class SsaSourceVariable extends TSsaSourceVariable {
* accessed from nested callables are therefore associated with several
* `SsaSourceVariable`s.
*/
pragma[assume_small_delta]
cached
VarAccess getAnAccess() {
exists(LocalScopeVariable v, Callable c |
@@ -451,7 +450,6 @@ private module SsaImpl {
* Holds if `f` is live in `b` at index `i`. The rank of `i` is `rankix` as
* defined by `callDefUseRank`.
*/
pragma[assume_small_delta]
private predicate liveAtRank(TrackedField f, BasicBlock b, int rankix, int i) {
callDefUseRank(f, b, rankix, i) and
(
@@ -565,7 +563,6 @@ private module SsaImpl {
}
/** Holds if a phi node for `v` is needed at the beginning of basic block `b`. */
pragma[assume_small_delta]
cached
predicate phiNode(TrackedVar v, BasicBlock b) {
liveAtEntry(v, b) and

1
java/ql/lib/semmle/code/java/dataflow/TypeFlow.qll
View File

@@ -241,7 +241,6 @@ private module ForAll<NodeSig Node, RankedEdge<Node> E, TypePropagation T> {
* Holds if `t` is a candidate bound for `n` that is also valid for data coming
* through the edges into `n` ranked from `1` to `r`.
*/
pragma[assume_small_delta]
private predicate flowJoin(int r, Node n, T::Typ t) {
(
r = 1 and candJoinType(n, t)

1
java/ql/lib/semmle/code/java/dataflow/internal/BaseSSA.qll
View File

@@ -151,7 +151,6 @@ private module SsaImpl {
}
/** Holds if a phi node for `v` is needed at the beginning of basic block `b`. */
pragma[assume_small_delta]
cached
predicate phiNode(BaseSsaSourceVariable v, BasicBlock b) {
liveAtEntry(v, b) and

165
java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImpl.qll
View File

@@ -460,7 +460,6 @@ module Impl<FullStateConfigSig Config> {
* The Boolean `cc` records whether the node is reached through an
* argument in a call.
*/
pragma[assume_small_delta]
private predicate fwdFlow(NodeEx node, Cc cc) {
sourceNode(node, _) and
if hasSourceCallCtx() then cc = true else cc = false
@@ -570,7 +569,6 @@ module Impl<FullStateConfigSig Config> {
/**
* Holds if `c` is the target of a store in the flow covered by `fwdFlow`.
*/
pragma[assume_small_delta]
pragma[nomagic]
private predicate fwdFlowConsCand(Content c) {
exists(NodeEx mid, NodeEx node |
@@ -1135,8 +1133,8 @@ module Impl<FullStateConfigSig Config> {
DataFlowCall call, ArgNodeEx arg, ParamNodeEx p, boolean allowsFieldFlow
);
bindingset[node, state, t, ap]
predicate filter(NodeEx node, FlowState state, Typ t, Ap ap);
bindingset[node, state, t0, ap]
predicate filter(NodeEx node, FlowState state, Typ t0, Ap ap, Typ t);
bindingset[typ, contentType]
predicate typecheckStore(Typ typ, DataFlowType contentType);
@@ -1199,20 +1197,23 @@ module Impl<FullStateConfigSig Config> {
NodeEx node, FlowState state, Cc cc, ParamNodeOption summaryCtx, TypOption argT,
ApOption argAp, Typ t, Ap ap, ApApprox apa
) {
fwdFlow0(node, state, cc, summaryCtx, argT, argAp, t, ap, apa) and
PrevStage::revFlow(node, state, apa) and
filter(node, state, t, ap)
fwdFlow1(node, state, cc, summaryCtx, argT, argAp, _, t, ap, apa)
}
pragma[inline]
additional predicate fwdFlow(
private predicate fwdFlow1(
NodeEx node, FlowState state, Cc cc, ParamNodeOption summaryCtx, TypOption argT,
ApOption argAp, Typ t, Ap ap
ApOption argAp, Typ t0, Typ t, Ap ap, ApApprox apa
) {
fwdFlow(node, state, cc, summaryCtx, argT, argAp, t, ap, _)
fwdFlow0(node, state, cc, summaryCtx, argT, argAp, t0, ap, apa) and
PrevStage::revFlow(node, state, apa) and
filter(node, state, t0, ap, t)
}
pragma[nomagic]
private predicate typeStrengthen(Typ t0, Ap ap, Typ t) {
fwdFlow1(_, _, _, _, _, _, t0, t, ap, _) and t0 != t
}
pragma[assume_small_delta]
pragma[nomagic]
private predicate fwdFlow0(
NodeEx node, FlowState state, Cc cc, ParamNodeOption summaryCtx, TypOption argT,
@@ -1339,6 +1340,11 @@ module Impl<FullStateConfigSig Config> {
private predicate fwdFlowConsCand(Typ t2, Ap cons, Content c, Typ t1, Ap tail) {
fwdFlowStore(_, t1, tail, c, t2, _, _, _, _, _, _) and
cons = apCons(c, t1, tail)
or
exists(Typ t0 |
typeStrengthen(t0, cons, t2) and
fwdFlowConsCand(t0, cons, c, t1, tail)
)
}
pragma[nomagic]
@@ -1359,7 +1365,7 @@ module Impl<FullStateConfigSig Config> {
ParamNodeOption summaryCtx, TypOption argT, ApOption argAp
) {
exists(ApHeadContent apc |
fwdFlow(node1, state, cc, summaryCtx, argT, argAp, t, ap) and
fwdFlow(node1, state, cc, summaryCtx, argT, argAp, t, ap, _) and
apc = getHeadContent(ap) and
readStepCand0(node1, apc, c, node2)
)
@@ -1520,14 +1526,14 @@ module Impl<FullStateConfigSig Config> {
NodeEx node, FlowState state, ReturnCtx returnCtx, ApOption returnAp, Ap ap
) {
revFlow0(node, state, returnCtx, returnAp, ap) and
fwdFlow(node, state, _, _, _, _, _, ap)
fwdFlow(node, state, _, _, _, _, _, ap, _)
}
pragma[nomagic]
private predicate revFlow0(
NodeEx node, FlowState state, ReturnCtx returnCtx, ApOption returnAp, Ap ap
) {
fwdFlow(node, state, _, _, _, _, _, ap) and
fwdFlow(node, state, _, _, _, _, _, ap, _) and
sinkNode(node, state) and
(
if hasSinkCallCtx()
@@ -1780,13 +1786,13 @@ module Impl<FullStateConfigSig Config> {
boolean fwd, int nodes, int fields, int conscand, int states, int tuples
) {
fwd = true and
nodes = count(NodeEx node | fwdFlow(node, _, _, _, _, _, _, _)) and
nodes = count(NodeEx node | fwdFlow(node, _, _, _, _, _, _, _, _)) and
fields = count(Content f0 | fwdConsCand(f0, _, _)) and
conscand = count(Content f0, Typ t, Ap ap | fwdConsCand(f0, t, ap)) and
states = count(FlowState state | fwdFlow(_, state, _, _, _, _, _, _)) and
states = count(FlowState state | fwdFlow(_, state, _, _, _, _, _, _, _)) and
tuples =
count(NodeEx n, FlowState state, Cc cc, ParamNodeOption summaryCtx, TypOption argT,
ApOption argAp, Typ t, Ap ap | fwdFlow(n, state, cc, summaryCtx, argT, argAp, t, ap))
ApOption argAp, Typ t, Ap ap | fwdFlow(n, state, cc, summaryCtx, argT, argAp, t, ap, _))
or
fwd = false and
nodes = count(NodeEx node | revFlow(node, _, _, _, _)) and
@@ -1963,10 +1969,10 @@ module Impl<FullStateConfigSig Config> {
)
}
bindingset[node, state, t, ap]
predicate filter(NodeEx node, FlowState state, Typ t, Ap ap) {
bindingset[node, state, t0, ap]
predicate filter(NodeEx node, FlowState state, Typ t0, Ap ap, Typ t) {
PrevStage::revFlowState(state) and
exists(t) and
t0 = t and
exists(ap) and
not stateBarrier(node, state) and
(
@@ -2012,7 +2018,8 @@ module Impl<FullStateConfigSig Config> {
FlowCheckNode() {
castNode(this.asNode()) or
clearsContentCached(this.asNode(), _) or
expectsContentCached(this.asNode(), _)
expectsContentCached(this.asNode(), _) or
neverSkipInPathGraph(this.asNode())
}
}
@@ -2197,8 +2204,8 @@ module Impl<FullStateConfigSig Config> {
import BooleanCallContext
predicate localStep(
NodeEx node1, FlowState state1, NodeEx node2, FlowState state2, boolean preservesValue,
DataFlowType t, LocalCc lcc
NodeEx node1, FlowState state1, NodeEx node2, FlowState state2, boolean preservesValue, Typ t,
LocalCc lcc
) {
localFlowBigStep(node1, state1, node2, state2, preservesValue, t, _) and
exists(lcc)
@@ -2218,10 +2225,16 @@ module Impl<FullStateConfigSig Config> {
)
}
bindingset[node, state, t, ap]
predicate filter(NodeEx node, FlowState state, Typ t, Ap ap) {
bindingset[node, state, t0, ap]
predicate filter(NodeEx node, FlowState state, Typ t0, Ap ap, Typ t) {
exists(state) and
(if castingNodeEx(node) then compatibleTypes(node.getDataFlowType(), t) else any()) and
// We can get away with not using type strengthening here, since we aren't
// going to use the tracked types in the construction of Stage 4 access
// paths. For Stage 4 and onwards, the tracked types must be consistent as
// the cons candidates including types are used to construct subsequent
// access path approximations.
t0 = t and
(if castingNodeEx(node) then compatibleTypes(node.getDataFlowType(), t0) else any()) and
(
notExpectsContent(node)
or
@@ -2241,6 +2254,16 @@ module Impl<FullStateConfigSig Config> {
import MkStage<Stage2>::Stage<Stage3Param>
}
bindingset[node, t0]
private predicate strengthenType(NodeEx node, DataFlowType t0, DataFlowType t) {
if castingNodeEx(node)
then
exists(DataFlowType nt | nt = node.getDataFlowType() |
if typeStrongerThan(nt, t0) then t = nt else (compatibleTypes(nt, t0) and t = t0)
)
else t = t0
}
private module Stage4Param implements MkStage<Stage3>::StageParam {
private module PrevStage = Stage3;
@@ -2274,8 +2297,8 @@ module Impl<FullStateConfigSig Config> {
pragma[nomagic]
predicate localStep(
NodeEx node1, FlowState state1, NodeEx node2, FlowState state2, boolean preservesValue,
DataFlowType t, LocalCc lcc
NodeEx node1, FlowState state1, NodeEx node2, FlowState state2, boolean preservesValue, Typ t,
LocalCc lcc
) {
localFlowBigStep(node1, state1, node2, state2, preservesValue, t, _) and
PrevStage::revFlow(node1, pragma[only_bind_into](state1), _) and
@@ -2333,11 +2356,11 @@ module Impl<FullStateConfigSig Config> {
)
}
bindingset[node, state, t, ap]
predicate filter(NodeEx node, FlowState state, Typ t, Ap ap) {
bindingset[node, state, t0, ap]
predicate filter(NodeEx node, FlowState state, Typ t0, Ap ap, Typ t) {
exists(state) and
not clear(node, ap) and
(if castingNodeEx(node) then compatibleTypes(node.getDataFlowType(), t) else any()) and
strengthenType(node, t0, t) and
(
notExpectsContent(node)
or
@@ -2365,7 +2388,7 @@ module Impl<FullStateConfigSig Config> {
exists(AccessPathFront apf |
Stage4::revFlow(node, state, TReturnCtxMaybeFlowThrough(_), _, apf) and
Stage4::fwdFlow(node, state, any(Stage4::CcCall ccc), _, _, TAccessPathFrontSome(argApf), _,
apf)
apf, _)
)
}
@@ -2579,8 +2602,8 @@ module Impl<FullStateConfigSig Config> {
import LocalCallContext
predicate localStep(
NodeEx node1, FlowState state1, NodeEx node2, FlowState state2, boolean preservesValue,
DataFlowType t, LocalCc lcc
NodeEx node1, FlowState state1, NodeEx node2, FlowState state2, boolean preservesValue, Typ t,
LocalCc lcc
) {
localFlowBigStep(node1, state1, node2, state2, preservesValue, t, lcc) and
PrevStage::revFlow(node1, pragma[only_bind_into](state1), _) and
@@ -2609,9 +2632,9 @@ module Impl<FullStateConfigSig Config> {
)
}
bindingset[node, state, t, ap]
predicate filter(NodeEx node, FlowState state, Typ t, Ap ap) {
(if castingNodeEx(node) then compatibleTypes(node.getDataFlowType(), t) else any()) and
bindingset[node, state, t0, ap]
predicate filter(NodeEx node, FlowState state, Typ t0, Ap ap, Typ t) {
strengthenType(node, t0, t) and
exists(state) and
exists(ap)
}
@@ -2632,7 +2655,7 @@ module Impl<FullStateConfigSig Config> {
Stage5::parameterMayFlowThrough(p, _) and
Stage5::revFlow(n, state, TReturnCtxMaybeFlowThrough(_), _, apa0) and
Stage5::fwdFlow(n, state, any(CallContextCall ccc), TParamNodeSome(p.asNode()), _,
TAccessPathApproxSome(apa), _, apa0)
TAccessPathApproxSome(apa), _, apa0, _)
)
}
@@ -2649,7 +2672,7 @@ module Impl<FullStateConfigSig Config> {
TSummaryCtxSome(ParamNodeEx p, FlowState state, DataFlowType t, AccessPath ap) {
exists(AccessPathApprox apa | ap.getApprox() = apa |
Stage5::parameterMayFlowThrough(p, apa) and
Stage5::fwdFlow(p, state, _, _, _, _, t, apa) and
Stage5::fwdFlow(p, state, _, _, Option<DataFlowType>::some(t), _, _, apa, _) and
Stage5::revFlow(p, state, _)
)
}
@@ -2751,7 +2774,6 @@ module Impl<FullStateConfigSig Config> {
/**
* Gets the number of `AccessPath`s that correspond to `apa`.
*/
pragma[assume_small_delta]
private int countAps(AccessPathApprox apa) {
evalUnfold(apa, false) and
result = 1 and
@@ -2770,7 +2792,6 @@ module Impl<FullStateConfigSig Config> {
* that it is expanded to a precise head-tail representation.
*/
language[monotonicAggregates]
pragma[assume_small_delta]
private int countPotentialAps(AccessPathApprox apa) {
apa instanceof AccessPathApproxNil and result = 1
or
@@ -2807,7 +2828,6 @@ module Impl<FullStateConfigSig Config> {
}
private newtype TPathNode =
pragma[assume_small_delta]
TPathNodeMid(
NodeEx node, FlowState state, CallContext cc, SummaryCtx sc, DataFlowType t, AccessPath ap
) {
@@ -2820,9 +2840,7 @@ module Impl<FullStateConfigSig Config> {
ap = TAccessPathNil()
or
// ... or a step from an existing PathNode to another node.
pathStep(_, node, state, cc, sc, t, ap) and
Stage5::revFlow(node, state, ap.getApprox()) and
(if castingNodeEx(node) then compatibleTypes(node.getDataFlowType(), t) else any())
pathStep(_, node, state, cc, sc, t, ap)
} or
TPathNodeSink(NodeEx node, FlowState state) {
exists(PathNodeMid sink |
@@ -2894,7 +2912,6 @@ module Impl<FullStateConfigSig Config> {
override AccessPathFrontHead getFront() { result = TFrontHead(head_) }
pragma[assume_small_delta]
override AccessPathApproxCons getApprox() {
result = TConsNil(head_, t) and tail_ = TAccessPathNil()
or
@@ -2903,7 +2920,6 @@ module Impl<FullStateConfigSig Config> {
result = TCons1(head_, this.length())
}
pragma[assume_small_delta]
override int length() { result = 1 + tail_.length() }
private string toStringImpl(boolean needsSuffix) {
@@ -3340,13 +3356,23 @@ module Impl<FullStateConfigSig Config> {
ap = mid.getAp()
}
private predicate pathStep(
PathNodeMid mid, NodeEx node, FlowState state, CallContext cc, SummaryCtx sc, DataFlowType t,
AccessPath ap
) {
exists(DataFlowType t0 |
pathStep0(mid, node, state, cc, sc, t0, ap) and
Stage5::revFlow(node, state, ap.getApprox()) and
strengthenType(node, t0, t)
)
}
/**
* Holds if data may flow from `mid` to `node`. The last step in or out of
* a callable is recorded by `cc`.
*/
pragma[assume_small_delta]
pragma[nomagic]
private predicate pathStep(
private predicate pathStep0(
PathNodeMid mid, NodeEx node, FlowState state, CallContext cc, SummaryCtx sc, DataFlowType t,
AccessPath ap
) {
@@ -3557,7 +3583,6 @@ module Impl<FullStateConfigSig Config> {
)
}
pragma[assume_small_delta]
pragma[nomagic]
private predicate pathThroughCallable0(
DataFlowCall call, PathNodeMid mid, ReturnKindExt kind, FlowState state, CallContext cc,
@@ -3964,7 +3989,7 @@ module Impl<FullStateConfigSig Config> {
ap = TPartialNil() and
exists(explorationLimit())
or
partialPathNodeMk0(node, state, cc, sc1, sc2, sc3, sc4, t, ap) and
partialPathStep(_, node, state, cc, sc1, sc2, sc3, sc4, t, ap) and
distSrc(node.getEnclosingCallable()) <= explorationLimit()
} or
TPartialPathNodeRev(
@@ -3990,11 +4015,20 @@ module Impl<FullStateConfigSig Config> {
}
pragma[nomagic]
private predicate partialPathNodeMk0(
NodeEx node, FlowState state, CallContext cc, TSummaryCtx1 sc1, TSummaryCtx2 sc2,
TSummaryCtx3 sc3, TSummaryCtx4 sc4, DataFlowType t, PartialAccessPath ap
private predicate partialPathStep(
PartialPathNodeFwd mid, NodeEx node, FlowState state, CallContext cc, TSummaryCtx1 sc1,
TSummaryCtx2 sc2, TSummaryCtx3 sc3, TSummaryCtx4 sc4, DataFlowType t, PartialAccessPath ap
) {
partialPathStep(_, node, state, cc, sc1, sc2, sc3, sc4, t, ap) and
partialPathStep1(mid, node, state, cc, sc1, sc2, sc3, sc4, _, t, ap)
}
pragma[nomagic]
private predicate partialPathStep1(
PartialPathNodeFwd mid, NodeEx node, FlowState state, CallContext cc, TSummaryCtx1 sc1,
TSummaryCtx2 sc2, TSummaryCtx3 sc3, TSummaryCtx4 sc4, DataFlowType t0, DataFlowType t,
PartialAccessPath ap
) {
partialPathStep0(mid, node, state, cc, sc1, sc2, sc3, sc4, t0, ap) and
not fullBarrier(node) and
not stateBarrier(node, state) and
not clearsContentEx(node, ap.getHead()) and
@@ -4002,9 +4036,14 @@ module Impl<FullStateConfigSig Config> {
notExpectsContent(node) or
expectsContentEx(node, ap.getHead())
) and
if node.asNode() instanceof CastingNode
then compatibleTypes(node.getDataFlowType(), t)
else any()
strengthenType(node, t0, t)
}
pragma[nomagic]
private predicate partialPathTypeStrengthen(
DataFlowType t0, PartialAccessPath ap, DataFlowType t
) {
partialPathStep1(_, _, _, _, _, _, _, _, t0, t, ap) and t0 != t
}
/**
@@ -4183,7 +4222,8 @@ module Impl<FullStateConfigSig Config> {
}
}
private predicate partialPathStep(
pragma[nomagic]
private predicate partialPathStep0(
PartialPathNodeFwd mid, NodeEx node, FlowState state, CallContext cc, TSummaryCtx1 sc1,
TSummaryCtx2 sc2, TSummaryCtx3 sc3, TSummaryCtx4 sc4, DataFlowType t, PartialAccessPath ap
) {
@@ -4309,6 +4349,11 @@ module Impl<FullStateConfigSig Config> {
DataFlowType t1, PartialAccessPath ap1, Content c, DataFlowType t2, PartialAccessPath ap2
) {
partialPathStoreStep(_, t1, ap1, c, _, t2, ap2)
or
exists(DataFlowType t0 |
partialPathTypeStrengthen(t0, ap2, t2) and
apConsFwd(t1, ap1, c, t0, ap2)
)
}
pragma[nomagic]

2
java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImplCommon.qll
View File

@@ -187,7 +187,6 @@ private module LambdaFlow {
else any()
}
pragma[assume_small_delta]
pragma[nomagic]
predicate revLambdaFlow0(
DataFlowCall lambdaCall, LambdaCallKind kind, Node node, DataFlowType t, boolean toReturn,
@@ -274,7 +273,6 @@ private module LambdaFlow {
)
}
pragma[assume_small_delta]
pragma[nomagic]
predicate revLambdaFlowOut(
DataFlowCall lambdaCall, LambdaCallKind kind, TReturnPositionSimple pos, DataFlowType t,

78
java/ql/lib/semmle/code/java/dataflow/internal/DataFlowNodes.qll
View File

@@ -54,12 +54,7 @@ private module Cached {
fa.getField() instanceof InstanceField and ia.isImplicitFieldQualifier(fa)
)
} or
TSummaryInternalNode(SummarizedCallable c, FlowSummaryImpl::Private::SummaryNodeState state) {
FlowSummaryImpl::Private::summaryNodeRange(c, state)
} or
TSummaryParameterNode(SummarizedCallable c, int pos) {
FlowSummaryImpl::Private::summaryParameterNodeRange(c, pos)
} or
TFlowSummaryNode(FlowSummaryImpl::Private::SummaryNode sn) or
TFieldValueNode(Field f)
cached
@@ -132,8 +127,6 @@ module Public {
or
result = this.(ImplicitPostUpdateNode).getPreUpdateNode().getType()
or
result = this.(SummaryParameterNode).getTypeImpl()
or
result = this.(FieldValueNode).getField().getType()
}
@@ -378,8 +371,7 @@ module Private {
result.asCallable() = n.(ImplicitInstanceAccess).getInstanceAccess().getEnclosingCallable() or
result.asCallable() = n.(MallocNode).getClassInstanceExpr().getEnclosingCallable() or
result = nodeGetEnclosingCallable(n.(ImplicitPostUpdateNode).getPreUpdateNode()) or
n = TSummaryInternalNode(result.asSummarizedCallable(), _) or
n = TSummaryParameterNode(result.asSummarizedCallable(), _) or
result.asSummarizedCallable() = n.(FlowSummaryNode).getSummarizedCallable() or
result.asFieldScope() = n.(FieldValueNode).getField()
}
@@ -407,7 +399,7 @@ module Private {
or
this = getInstanceArgument(_)
or
this.(SummaryNode).isArgumentOf(_, _)
this.(FlowSummaryNode).isArgumentOf(_, _)
}
/**
@@ -424,7 +416,7 @@ module Private {
or
pos = -1 and this = getInstanceArgument(call.asCall())
or
this.(SummaryNode).isArgumentOf(call, pos)
this.(FlowSummaryNode).isArgumentOf(call, pos)
}
/** Gets the call in which this node is an argument. */
@@ -435,7 +427,7 @@ module Private {
class ReturnNode extends Node {
ReturnNode() {
exists(ReturnStmt ret | this.asExpr() = ret.getResult()) or
this.(SummaryNode).isReturn()
this.(FlowSummaryNode).isReturn()
}
/** Gets the kind of this returned value. */
@@ -447,61 +439,57 @@ module Private {
OutNode() {
this.asExpr() instanceof MethodAccess
or
this.(SummaryNode).isOut(_)
this.(FlowSummaryNode).isOut(_)
}
/** Gets the underlying call. */
DataFlowCall getCall() {
result.asCall() = this.asExpr()
or
this.(SummaryNode).isOut(result)
this.(FlowSummaryNode).isOut(result)
}
}
/**
* A data-flow node used to model flow summaries.
*/
class SummaryNode extends Node, TSummaryInternalNode {
private SummarizedCallable c;
private FlowSummaryImpl::Private::SummaryNodeState state;
class FlowSummaryNode extends Node, TFlowSummaryNode {
FlowSummaryImpl::Private::SummaryNode getSummaryNode() { this = TFlowSummaryNode(result) }
SummaryNode() { this = TSummaryInternalNode(c, state) }
SummarizedCallable getSummarizedCallable() {
result = this.getSummaryNode().getSummarizedCallable()
}
override Location getLocation() { result = c.getLocation() }
override Location getLocation() { result = this.getSummarizedCallable().getLocation() }
override string toString() { result = "[summary] " + state + " in " + c }
override string toString() { result = this.getSummaryNode().toString() }
/** Holds if this summary node is the `i`th argument of `call`. */
predicate isArgumentOf(DataFlowCall call, int i) {
FlowSummaryImpl::Private::summaryArgumentNode(call, this, i)
FlowSummaryImpl::Private::summaryArgumentNode(call, this.getSummaryNode(), i)
}
/** Holds if this summary node is a return node. */
predicate isReturn() { FlowSummaryImpl::Private::summaryReturnNode(this, _) }
predicate isReturn() { FlowSummaryImpl::Private::summaryReturnNode(this.getSummaryNode(), _) }
/** Holds if this summary node is an out node for `call`. */
predicate isOut(DataFlowCall call) { FlowSummaryImpl::Private::summaryOutNode(call, this, _) }
predicate isOut(DataFlowCall call) {
FlowSummaryImpl::Private::summaryOutNode(call, this.getSummaryNode(), _)
}
}
SummaryNode getSummaryNode(SummarizedCallable c, FlowSummaryImpl::Private::SummaryNodeState state) {
result = TSummaryInternalNode(c, state)
}
class SummaryParameterNode extends ParameterNode, TSummaryParameterNode {
private SummarizedCallable sc;
private int pos_;
SummaryParameterNode() { this = TSummaryParameterNode(sc, pos_) }
override Location getLocation() { result = sc.getLocation() }
override string toString() { result = "[summary param] " + pos_ + " in " + sc }
override predicate isParameterOf(DataFlowCallable c, int pos) {
c.asSummarizedCallable() = sc and pos = pos_
class SummaryParameterNode extends ParameterNode, FlowSummaryNode {
SummaryParameterNode() {
FlowSummaryImpl::Private::summaryParameterNode(this.getSummaryNode(), _)
}
Type getTypeImpl() { result = sc.getParameterType(pos_) }
private int getPosition() {
FlowSummaryImpl::Private::summaryParameterNode(this.getSummaryNode(), result)
}
override predicate isParameterOf(DataFlowCallable c, int pos) {
c.asSummarizedCallable() = this.getSummarizedCallable() and pos = this.getPosition()
}
}
}
@@ -523,10 +511,12 @@ private class MallocNode extends Node, TMallocNode {
ClassInstanceExpr getClassInstanceExpr() { result = cie }
}
private class SummaryPostUpdateNode extends SummaryNode, PostUpdateNode {
private Node pre;
private class SummaryPostUpdateNode extends FlowSummaryNode, PostUpdateNode {
private FlowSummaryNode pre;
SummaryPostUpdateNode() { FlowSummaryImpl::Private::summaryPostUpdateNode(this, pre) }
SummaryPostUpdateNode() {
FlowSummaryImpl::Private::summaryPostUpdateNode(this.getSummaryNode(), pre.getSummaryNode())
}
override Node getPreUpdateNode() { result = pre }
}

45
java/ql/lib/semmle/code/java/dataflow/internal/DataFlowPrivate.qll
View File

@@ -85,7 +85,8 @@ predicate jumpStep(Node node1, Node node2) {
any(AdditionalValueStep a).step(node1, node2) and
node1.getEnclosingCallable() != node2.getEnclosingCallable()
or
FlowSummaryImpl::Private::Steps::summaryJumpStep(node1, node2)
FlowSummaryImpl::Private::Steps::summaryJumpStep(node1.(FlowSummaryNode).getSummaryNode(),
node2.(FlowSummaryNode).getSummaryNode())
}
/**
@@ -114,7 +115,8 @@ predicate storeStep(Node node1, Content f, Node node2) {
or
f instanceof ArrayContent and arrayStoreStep(node1, node2)
or
FlowSummaryImpl::Private::Steps::summaryStoreStep(node1, f, node2)
FlowSummaryImpl::Private::Steps::summaryStoreStep(node1.(FlowSummaryNode).getSummaryNode(), f,
node2.(FlowSummaryNode).getSummaryNode())
}
/**
@@ -145,7 +147,8 @@ predicate readStep(Node node1, Content f, Node node2) {
or
f instanceof CollectionContent and collectionReadStep(node1, node2)
or
FlowSummaryImpl::Private::Steps::summaryReadStep(node1, f, node2)
FlowSummaryImpl::Private::Steps::summaryReadStep(node1.(FlowSummaryNode).getSummaryNode(), f,
node2.(FlowSummaryNode).getSummaryNode())
}
/**
@@ -160,7 +163,7 @@ predicate clearsContent(Node n, Content c) {
c.(FieldContent).getField() = fa.getField()
)
or
FlowSummaryImpl::Private::Steps::summaryClearsContent(n, c)
FlowSummaryImpl::Private::Steps::summaryClearsContent(n.(FlowSummaryNode).getSummaryNode(), c)
}
/**
@@ -168,7 +171,7 @@ predicate clearsContent(Node n, Content c) {
* at node `n`.
*/
predicate expectsContent(Node n, ContentSet c) {
FlowSummaryImpl::Private::Steps::summaryExpectsContent(n, c)
FlowSummaryImpl::Private::Steps::summaryExpectsContent(n.(FlowSummaryNode).getSummaryNode(), c)
}
/**
@@ -176,7 +179,7 @@ predicate expectsContent(Node n, ContentSet c) {
* possible flow. A single type is used for all numeric types to account for
* numeric conversions, and otherwise the erasure is used.
*/
DataFlowType getErasedRepr(Type t) {
RefType getErasedRepr(Type t) {
exists(Type e | e = t.getErasure() |
if e instanceof NumericOrCharType
then result.(BoxedType).getPrimitiveType().getName() = "double"
@@ -189,11 +192,18 @@ DataFlowType getErasedRepr(Type t) {
t instanceof NullType and result instanceof TypeObject
}
class DataFlowType extends SrcRefType {
DataFlowType() { this = getErasedRepr(_) }
}
pragma[nomagic]
predicate typeStrongerThan(DataFlowType t1, DataFlowType t2) { t1.getASourceSupertype+() = t2 }
pragma[noinline]
DataFlowType getNodeType(Node n) {
result = getErasedRepr(n.getTypeBound())
or
result = FlowSummaryImpl::Private::summaryNodeType(n)
result = FlowSummaryImpl::Private::summaryNodeType(n.(FlowSummaryNode).getSummaryNode())
}
/** Gets a string representation of a type returned by `getErasedRepr`. */
@@ -232,6 +242,12 @@ class CastNode extends ExprNode {
CastNode() { this.getExpr() instanceof CastingExpr }
}
/**
* Holds if `n` should never be skipped over in the `PathGraph` and in path
* explanations.
*/
predicate neverSkipInPathGraph(Node n) { none() }
private newtype TDataFlowCallable =
TSrcCallable(Callable c) or
TSummarizedCallable(SummarizedCallable c) or
@@ -259,11 +275,9 @@ class DataFlowCallable extends TDataFlowCallable {
class DataFlowExpr = Expr;
class DataFlowType = RefType;
private newtype TDataFlowCall =
TCall(Call c) or
TSummaryCall(SummarizedCallable c, Node receiver) {
TSummaryCall(SummarizedCallable c, FlowSummaryImpl::Private::SummaryNode receiver) {
FlowSummaryImpl::Private::summaryCallbackRange(c, receiver)
}
@@ -313,12 +327,12 @@ class SrcCall extends DataFlowCall, TCall {
/** A synthesized call inside a `SummarizedCallable`. */
class SummaryCall extends DataFlowCall, TSummaryCall {
private SummarizedCallable c;
private Node receiver;
private FlowSummaryImpl::Private::SummaryNode receiver;
SummaryCall() { this = TSummaryCall(c, receiver) }
/** Gets the data flow node that this call targets. */
Node getReceiver() { result = receiver }
FlowSummaryImpl::Private::SummaryNode getReceiver() { result = receiver }
override DataFlowCallable getEnclosingCallable() { result.asSummarizedCallable() = c }
@@ -378,10 +392,7 @@ predicate forceHighPrecision(Content c) {
}
/** Holds if `n` should be hidden from path explanations. */
predicate nodeIsHidden(Node n) {
n instanceof SummaryNode or
n instanceof SummaryParameterNode
}
predicate nodeIsHidden(Node n) { n instanceof FlowSummaryNode }
class LambdaCallKind = Method; // the "apply" method in the functional interface
@@ -399,7 +410,7 @@ predicate lambdaCreation(Node creation, LambdaCallKind kind, DataFlowCallable c)
/** Holds if `call` is a lambda call of kind `kind` where `receiver` is the lambda expression. */
predicate lambdaCall(DataFlowCall call, LambdaCallKind kind, Node receiver) {
receiver = call.(SummaryCall).getReceiver() and
receiver.(FlowSummaryNode).getSummaryNode() = call.(SummaryCall).getReceiver() and
getNodeDataFlowType(receiver)
.getSourceDeclaration()
.(FunctionalInterface)

3
java/ql/lib/semmle/code/java/dataflow/internal/DataFlowUtil.qll
View File

@@ -183,7 +183,8 @@ private predicate simpleLocalFlowStep0(Node node1, Node node2) {
node1.(ArgumentNode).argumentOf(any(DataFlowCall c | c.asCall() = ma), argNo)
)
or
FlowSummaryImpl::Private::Steps::summaryLocalStep(node1, node2, true)
FlowSummaryImpl::Private::Steps::summaryLocalStep(node1.(FlowSummaryNode).getSummaryNode(),
node2.(FlowSummaryNode).getSummaryNode(), true)
}
/**

267
java/ql/lib/semmle/code/java/dataflow/internal/FlowSummaryImpl.qll
View File

@@ -23,29 +23,30 @@ module Public {
* content type, or a return kind.
*/
class SummaryComponent extends TSummaryComponent {
/** Gets a textual representation of this summary component. */
string toString() {
exists(ContentSet c | this = TContentSummaryComponent(c) and result = c.toString())
or
exists(ContentSet c | this = TWithoutContentSummaryComponent(c) and result = "without " + c)
or
exists(ContentSet c | this = TWithContentSummaryComponent(c) and result = "with " + c)
/** Gets a textual representation of this component used for MaD models. */
string getMadRepresentation() {
result = getMadRepresentationSpecific(this)
or
exists(ArgumentPosition pos |
this = TParameterSummaryComponent(pos) and result = "parameter " + pos
this = TParameterSummaryComponent(pos) and
result = "Parameter[" + getArgumentPosition(pos) + "]"
)
or
exists(ParameterPosition pos |
this = TArgumentSummaryComponent(pos) and result = "argument " + pos
this = TArgumentSummaryComponent(pos) and
result = "Argument[" + getParameterPosition(pos) + "]"
)
or
exists(ReturnKind rk | this = TReturnSummaryComponent(rk) and result = "return (" + rk + ")")
or
exists(SummaryComponent::SyntheticGlobal sg |
this = TSyntheticGlobalSummaryComponent(sg) and
result = "synthetic global (" + sg + ")"
exists(string synthetic |
this = TSyntheticGlobalSummaryComponent(synthetic) and
result = "SyntheticGlobal[" + synthetic + "]"
)
or
this = TReturnSummaryComponent(getReturnValueKind()) and result = "ReturnValue"
}
/** Gets a textual representation of this summary component. */
string toString() { result = this.getMadRepresentation() }
}
/** Provides predicates for constructing summary components. */
@@ -110,7 +111,6 @@ module Public {
}
/** Gets the stack obtained by dropping the first `i` elements, if any. */
pragma[assume_small_delta]
SummaryComponentStack drop(int i) {
i = 0 and result = this
or
@@ -125,19 +125,22 @@ module Public {
this = TSingletonSummaryComponentStack(result) or result = this.tail().bottom()
}
/** Gets a textual representation of this stack. */
string toString() {
/** Gets a textual representation of this stack used for MaD models. */
string getMadRepresentation() {
exists(SummaryComponent head, SummaryComponentStack tail |
head = this.head() and
tail = this.tail() and
result = tail + "." + head
result = tail.getMadRepresentation() + "." + head.getMadRepresentation()
)
or
exists(SummaryComponent c |
this = TSingletonSummaryComponentStack(c) and
result = c.toString()
result = c.getMadRepresentation()
)
}
/** Gets a textual representation of this stack. */
string toString() { result = this.getMadRepresentation() }
}
/** Provides predicates for constructing stacks of summary components. */
@@ -166,37 +169,6 @@ module Public {
SummaryComponentStack return(ReturnKind rk) { result = singleton(SummaryComponent::return(rk)) }
}
/** Gets a textual representation of this component used for flow summaries. */
private string getComponent(SummaryComponent sc) {
result = getComponentSpecific(sc)
or
exists(ArgumentPosition pos |
sc = TParameterSummaryComponent(pos) and
result = "Parameter[" + getArgumentPosition(pos) + "]"
)
or
exists(ParameterPosition pos |
sc = TArgumentSummaryComponent(pos) and
result = "Argument[" + getParameterPosition(pos) + "]"
)
or
sc = TReturnSummaryComponent(getReturnValueKind()) and result = "ReturnValue"
}
/** Gets a textual representation of this stack used for flow summaries. */
string getComponentStack(SummaryComponentStack stack) {
exists(SummaryComponent head, SummaryComponentStack tail |
head = stack.head() and
tail = stack.tail() and
result = getComponentStack(tail) + "." + getComponent(head)
)
or
exists(SummaryComponent c |
stack = TSingletonSummaryComponentStack(c) and
result = getComponent(c)
)
}
/**
* A class that exists for QL technical reasons only (the IPA type used
* to represent component stacks needs to be bounded).
@@ -505,6 +477,9 @@ module Private {
or
// Add the post-update node corresponding to the requested argument node
outputState(c, s) and isCallbackParameter(s)
or
// Add the parameter node for parameter side-effects
outputState(c, s) and s = SummaryComponentStack::argument(_)
}
private newtype TSummaryNodeState =
@@ -530,7 +505,7 @@ module Private {
* this state represents that the components in `s` _remain to be written_ to
* the output.
*/
class SummaryNodeState extends TSummaryNodeState {
private class SummaryNodeState extends TSummaryNodeState {
/** Holds if this state is a valid input state for `c`. */
pragma[nomagic]
predicate isInputState(SummarizedCallable c, SummaryComponentStack s) {
@@ -559,6 +534,42 @@ module Private {
}
}
private newtype TSummaryNode =
TSummaryInternalNode(SummarizedCallable c, SummaryNodeState state) {
summaryNodeRange(c, state)
} or
TSummaryParameterNode(SummarizedCallable c, ParameterPosition pos) {
summaryParameterNodeRange(c, pos)
}
abstract class SummaryNode extends TSummaryNode {
abstract string toString();
abstract SummarizedCallable getSummarizedCallable();
}
private class SummaryInternalNode extends SummaryNode, TSummaryInternalNode {
private SummarizedCallable c;
private SummaryNodeState state;
SummaryInternalNode() { this = TSummaryInternalNode(c, state) }
override string toString() { result = "[summary] " + state + " in " + c }
override SummarizedCallable getSummarizedCallable() { result = c }
}
private class SummaryParamNode extends SummaryNode, TSummaryParameterNode {
private SummarizedCallable c;
private ParameterPosition pos;
SummaryParamNode() { this = TSummaryParameterNode(c, pos) }
override string toString() { result = "[summary param] " + pos + " in " + c }
override SummarizedCallable getSummarizedCallable() { result = c }
}
/**
* Holds if `state` represents having read from a parameter at position
* `pos` in `c`. In this case we are not synthesizing a data-flow node,
@@ -574,7 +585,7 @@ module Private {
* Holds if a synthesized summary node is needed for the state `state` in summarized
* callable `c`.
*/
predicate summaryNodeRange(SummarizedCallable c, SummaryNodeState state) {
private predicate summaryNodeRange(SummarizedCallable c, SummaryNodeState state) {
state.isInputState(c, _) and
not parameterReadState(c, state, _)
or
@@ -582,22 +593,22 @@ module Private {
}
pragma[noinline]
private Node summaryNodeInputState(SummarizedCallable c, SummaryComponentStack s) {
private SummaryNode summaryNodeInputState(SummarizedCallable c, SummaryComponentStack s) {
exists(SummaryNodeState state | state.isInputState(c, s) |
result = summaryNode(c, state)
result = TSummaryInternalNode(c, state)
or
exists(ParameterPosition pos |
parameterReadState(c, state, pos) and
result.(ParamNode).isParameterOf(inject(c), pos)
result = TSummaryParameterNode(c, pos)
)
)
}
pragma[noinline]
private Node summaryNodeOutputState(SummarizedCallable c, SummaryComponentStack s) {
private SummaryNode summaryNodeOutputState(SummarizedCallable c, SummaryComponentStack s) {
exists(SummaryNodeState state |
state.isOutputState(c, s) and
result = summaryNode(c, state)
result = TSummaryInternalNode(c, state)
)
}
@@ -605,12 +616,14 @@ module Private {
* Holds if a write targets `post`, which is a post-update node for a
* parameter at position `pos` in `c`.
*/
private predicate isParameterPostUpdate(Node post, SummarizedCallable c, ParameterPosition pos) {
private predicate isParameterPostUpdate(
SummaryNode post, SummarizedCallable c, ParameterPosition pos
) {
post = summaryNodeOutputState(c, SummaryComponentStack::argument(pos))
}
/** Holds if a parameter node at position `pos` is required for `c`. */
predicate summaryParameterNodeRange(SummarizedCallable c, ParameterPosition pos) {
private predicate summaryParameterNodeRange(SummarizedCallable c, ParameterPosition pos) {
parameterReadState(c, _, pos)
or
// Same as `isParameterPostUpdate(_, c, pos)`, but can be used in a negative context
@@ -618,7 +631,7 @@ module Private {
}
private predicate callbackOutput(
SummarizedCallable c, SummaryComponentStack s, Node receiver, ReturnKind rk
SummarizedCallable c, SummaryComponentStack s, SummaryNode receiver, ReturnKind rk
) {
any(SummaryNodeState state).isInputState(c, s) and
s.head() = TReturnSummaryComponent(rk) and
@@ -626,7 +639,7 @@ module Private {
}
private predicate callbackInput(
SummarizedCallable c, SummaryComponentStack s, Node receiver, ArgumentPosition pos
SummarizedCallable c, SummaryComponentStack s, SummaryNode receiver, ArgumentPosition pos
) {
any(SummaryNodeState state).isOutputState(c, s) and
s.head() = TParameterSummaryComponent(pos) and
@@ -634,7 +647,7 @@ module Private {
}
/** Holds if a call targeting `receiver` should be synthesized inside `c`. */
predicate summaryCallbackRange(SummarizedCallable c, Node receiver) {
predicate summaryCallbackRange(SummarizedCallable c, SummaryNode receiver) {
callbackOutput(c, _, receiver, _)
or
callbackInput(c, _, receiver, _)
@@ -647,10 +660,10 @@ module Private {
* `getContentType()`, `getReturnType()`, `getCallbackParameterType()`, and
* `getCallbackReturnType()`.
*/
DataFlowType summaryNodeType(Node n) {
exists(Node pre |
DataFlowType summaryNodeType(SummaryNode n) {
exists(SummaryNode pre |
summaryPostUpdateNode(n, pre) and
result = getNodeType(pre)
result = summaryNodeType(pre)
)
or
exists(SummarizedCallable c, SummaryComponentStack s, SummaryComponent head | head = s.head() |
@@ -662,12 +675,12 @@ module Private {
)
or
head = TWithoutContentSummaryComponent(_) and
result = getNodeType(summaryNodeInputState(c, s.tail()))
result = summaryNodeType(summaryNodeInputState(c, s.tail()))
or
exists(ReturnKind rk |
head = TReturnSummaryComponent(rk) and
result =
getCallbackReturnType(getNodeType(summaryNodeInputState(pragma[only_bind_out](c),
getCallbackReturnType(summaryNodeType(summaryNodeInputState(pragma[only_bind_out](c),
s.tail())), rk)
)
or
@@ -675,6 +688,11 @@ module Private {
head = TSyntheticGlobalSummaryComponent(sg) and
result = getSyntheticGlobalType(sg)
)
or
exists(ParameterPosition pos |
head = TArgumentSummaryComponent(pos) and
result = getParameterType(c, pos)
)
)
or
n = summaryNodeOutputState(c, s) and
@@ -691,7 +709,7 @@ module Private {
or
exists(ArgumentPosition pos | head = TParameterSummaryComponent(pos) |
result =
getCallbackParameterType(getNodeType(summaryNodeInputState(pragma[only_bind_out](c),
getCallbackParameterType(summaryNodeType(summaryNodeInputState(pragma[only_bind_out](c),
s.tail())), pos)
)
or
@@ -703,9 +721,14 @@ module Private {
)
}
/** Holds if summary node `p` is a parameter with position `pos`. */
predicate summaryParameterNode(SummaryNode p, ParameterPosition pos) {
p = TSummaryParameterNode(_, pos)
}
/** Holds if summary node `out` contains output of kind `rk` from call `c`. */
predicate summaryOutNode(DataFlowCall c, Node out, ReturnKind rk) {
exists(SummarizedCallable callable, SummaryComponentStack s, Node receiver |
predicate summaryOutNode(DataFlowCall c, SummaryNode out, ReturnKind rk) {
exists(SummarizedCallable callable, SummaryComponentStack s, SummaryNode receiver |
callbackOutput(callable, s, receiver, rk) and
out = summaryNodeInputState(callable, s) and
c = summaryDataFlowCall(receiver)
@@ -713,8 +736,8 @@ module Private {
}
/** Holds if summary node `arg` is at position `pos` in the call `c`. */
predicate summaryArgumentNode(DataFlowCall c, Node arg, ArgumentPosition pos) {
exists(SummarizedCallable callable, SummaryComponentStack s, Node receiver |
predicate summaryArgumentNode(DataFlowCall c, SummaryNode arg, ArgumentPosition pos) {
exists(SummarizedCallable callable, SummaryComponentStack s, SummaryNode receiver |
callbackInput(callable, s, receiver, pos) and
arg = summaryNodeOutputState(callable, s) and
c = summaryDataFlowCall(receiver)
@@ -722,10 +745,10 @@ module Private {
}
/** Holds if summary node `post` is a post-update node with pre-update node `pre`. */
predicate summaryPostUpdateNode(Node post, Node pre) {
predicate summaryPostUpdateNode(SummaryNode post, SummaryNode pre) {
exists(SummarizedCallable c, ParameterPosition pos |
isParameterPostUpdate(post, c, pos) and
pre.(ParamNode).isParameterOf(inject(c), pos)
pre = TSummaryParameterNode(c, pos)
)
or
exists(SummarizedCallable callable, SummaryComponentStack s |
@@ -736,7 +759,7 @@ module Private {
}
/** Holds if summary node `ret` is a return node of kind `rk`. */
predicate summaryReturnNode(Node ret, ReturnKind rk) {
predicate summaryReturnNode(SummaryNode ret, ReturnKind rk) {
exists(SummaryComponentStack s |
ret = summaryNodeOutputState(_, s) and
s = TSingletonSummaryComponentStack(TReturnSummaryComponent(rk))
@@ -748,7 +771,9 @@ module Private {
* node, and back out to `p`.
*/
predicate summaryAllowParameterReturnInSelf(ParamNode p) {
exists(SummarizedCallable c, ParameterPosition ppos | p.isParameterOf(inject(c), ppos) |
exists(SummarizedCallable c, ParameterPosition ppos |
p.isParameterOf(inject(c), pragma[only_bind_into](ppos))
|
exists(SummaryComponentStack inputContents, SummaryComponentStack outputContents |
summary(c, inputContents, outputContents, _) and
inputContents.bottom() = pragma[only_bind_into](TArgumentSummaryComponent(ppos)) and
@@ -763,7 +788,7 @@ module Private {
* Holds if there is a local step from `pred` to `succ`, which is synthesized
* from a flow summary.
*/
predicate summaryLocalStep(Node pred, Node succ, boolean preservesValue) {
predicate summaryLocalStep(SummaryNode pred, SummaryNode succ, boolean preservesValue) {
exists(
SummarizedCallable c, SummaryComponentStack inputContents,
SummaryComponentStack outputContents
@@ -789,7 +814,7 @@ module Private {
* Holds if there is a read step of content `c` from `pred` to `succ`, which
* is synthesized from a flow summary.
*/
predicate summaryReadStep(Node pred, ContentSet c, Node succ) {
predicate summaryReadStep(SummaryNode pred, ContentSet c, SummaryNode succ) {
exists(SummarizedCallable sc, SummaryComponentStack s |
pred = summaryNodeInputState(sc, s.tail()) and
succ = summaryNodeInputState(sc, s) and
@@ -801,7 +826,7 @@ module Private {
* Holds if there is a store step of content `c` from `pred` to `succ`, which
* is synthesized from a flow summary.
*/
predicate summaryStoreStep(Node pred, ContentSet c, Node succ) {
predicate summaryStoreStep(SummaryNode pred, ContentSet c, SummaryNode succ) {
exists(SummarizedCallable sc, SummaryComponentStack s |
pred = summaryNodeOutputState(sc, s) and
succ = summaryNodeOutputState(sc, s.tail()) and
@@ -813,7 +838,7 @@ module Private {
* Holds if there is a jump step from `pred` to `succ`, which is synthesized
* from a flow summary.
*/
predicate summaryJumpStep(Node pred, Node succ) {
predicate summaryJumpStep(SummaryNode pred, SummaryNode succ) {
exists(SummaryComponentStack s |
s = SummaryComponentStack::singleton(SummaryComponent::syntheticGlobal(_)) and
pred = summaryNodeOutputState(_, s) and
@@ -840,9 +865,9 @@ module Private {
* `a` on line 2 to the post-update node for `a` on that line (via an intermediate
* node where field `b` is cleared).
*/
predicate summaryClearsContent(Node n, ContentSet c) {
predicate summaryClearsContent(SummaryNode n, ContentSet c) {
exists(SummarizedCallable sc, SummaryNodeState state, SummaryComponentStack stack |
n = summaryNode(sc, state) and
n = TSummaryInternalNode(sc, state) and
state.isInputState(sc, stack) and
stack.head() = SummaryComponent::withoutContent(c)
)
@@ -852,9 +877,9 @@ module Private {
* Holds if the value that is being tracked is expected to be stored inside
* content `c` at `n`.
*/
predicate summaryExpectsContent(Node n, ContentSet c) {
predicate summaryExpectsContent(SummaryNode n, ContentSet c) {
exists(SummarizedCallable sc, SummaryNodeState state, SummaryComponentStack stack |
n = summaryNode(sc, state) and
n = TSummaryInternalNode(sc, state) and
state.isInputState(sc, stack) and
stack.head() = SummaryComponent::withContent(c)
)
@@ -862,17 +887,17 @@ module Private {
pragma[noinline]
private predicate viableParam(
DataFlowCall call, SummarizedCallable sc, ParameterPosition ppos, ParamNode p
DataFlowCall call, SummarizedCallable sc, ParameterPosition ppos, SummaryParamNode p
) {
exists(DataFlowCallable c |
c = inject(sc) and
p.isParameterOf(c, ppos) and
p = TSummaryParameterNode(sc, ppos) and
c = viableCallable(call)
)
}
pragma[nomagic]
private ParamNode summaryArgParam0(DataFlowCall call, ArgNode arg, SummarizedCallable sc) {
private SummaryParamNode summaryArgParam(DataFlowCall call, ArgNode arg, SummarizedCallable sc) {
exists(ParameterPosition ppos |
argumentPositionMatch(call, arg, ppos) and
viableParam(call, sc, ppos, result)
@@ -884,12 +909,12 @@ module Private {
* local steps. `clearsOrExpects` records whether any node on the path from `p` to
* `n` either clears or expects contents.
*/
private predicate paramReachesLocal(ParamNode p, Node n, boolean clearsOrExpects) {
private predicate paramReachesLocal(SummaryParamNode p, SummaryNode n, boolean clearsOrExpects) {
viableParam(_, _, _, p) and
n = p and
clearsOrExpects = false
or
exists(Node mid, boolean clearsOrExpectsMid |
exists(SummaryNode mid, boolean clearsOrExpectsMid |
paramReachesLocal(p, mid, clearsOrExpectsMid) and
summaryLocalStep(mid, n, true) and
if
@@ -909,21 +934,33 @@ module Private {
*/
pragma[nomagic]
predicate prohibitsUseUseFlow(ArgNode arg, SummarizedCallable sc) {
exists(ParamNode p, ParameterPosition ppos, Node ret |
exists(SummaryParamNode p, ParameterPosition ppos, SummaryNode ret |
paramReachesLocal(p, ret, true) and
p = summaryArgParam0(_, arg, sc) and
p.isParameterOf(_, pragma[only_bind_into](ppos)) and
p = summaryArgParam(_, arg, sc) and
p = TSummaryParameterNode(_, pragma[only_bind_into](ppos)) and
isParameterPostUpdate(ret, _, pragma[only_bind_into](ppos))
)
}
pragma[nomagic]
private predicate summaryReturnNodeExt(SummaryNode ret, ReturnKindExt rk) {
summaryReturnNode(ret, rk.(ValueReturnKind).getKind())
or
exists(SummaryParamNode p, SummaryNode pre, ParameterPosition pos |
paramReachesLocal(p, pre, _) and
summaryPostUpdateNode(ret, pre) and
p = TSummaryParameterNode(_, pos) and
rk.(ParamUpdateReturnKind).getPosition() = pos
)
}
bindingset[ret]
private ParamNode summaryArgParam(
ArgNode arg, ReturnNodeExt ret, OutNodeExt out, SummarizedCallable sc
private SummaryParamNode summaryArgParamRetOut(
ArgNode arg, SummaryNode ret, OutNodeExt out, SummarizedCallable sc
) {
exists(DataFlowCall call, ReturnKindExt rk |
result = summaryArgParam0(call, arg, sc) and
ret.getKind() = pragma[only_bind_into](rk) and
result = summaryArgParam(call, arg, sc) and
summaryReturnNodeExt(ret, pragma[only_bind_into](rk)) and
out = pragma[only_bind_into](rk).getAnOutNode(call)
)
}
@@ -936,9 +973,9 @@ module Private {
* be useful to include in the exposed local data-flow/taint-tracking relations.
*/
predicate summaryThroughStepValue(ArgNode arg, Node out, SummarizedCallable sc) {
exists(ReturnKind rk, ReturnNode ret, DataFlowCall call |
summaryLocalStep(summaryArgParam0(call, arg, sc), ret, true) and
ret.getKind() = pragma[only_bind_into](rk) and
exists(ReturnKind rk, SummaryNode ret, DataFlowCall call |
summaryLocalStep(summaryArgParam(call, arg, sc), ret, true) and
summaryReturnNode(ret, pragma[only_bind_into](rk)) and
out = getAnOutNode(call, pragma[only_bind_into](rk))
)
}
@@ -951,7 +988,9 @@ module Private {
* be useful to include in the exposed local data-flow/taint-tracking relations.
*/
predicate summaryThroughStepTaint(ArgNode arg, Node out, SummarizedCallable sc) {
exists(ReturnNodeExt ret | summaryLocalStep(summaryArgParam(arg, ret, out, sc), ret, false))
exists(SummaryNode ret |
summaryLocalStep(summaryArgParamRetOut(arg, ret, out, sc), ret, false)
)
}
/**
@@ -962,8 +1001,8 @@ module Private {
* be useful to include in the exposed local data-flow/taint-tracking relations.
*/
predicate summaryGetterStep(ArgNode arg, ContentSet c, Node out, SummarizedCallable sc) {
exists(Node mid, ReturnNodeExt ret |
summaryReadStep(summaryArgParam(arg, ret, out, sc), c, mid) and
exists(SummaryNode mid, SummaryNode ret |
summaryReadStep(summaryArgParamRetOut(arg, ret, out, sc), c, mid) and
summaryLocalStep(mid, ret, _)
)
}
@@ -976,8 +1015,8 @@ module Private {
* be useful to include in the exposed local data-flow/taint-tracking relations.
*/
predicate summarySetterStep(ArgNode arg, ContentSet c, Node out, SummarizedCallable sc) {
exists(Node mid, ReturnNodeExt ret |
summaryLocalStep(summaryArgParam(arg, ret, out, sc), mid, _) and
exists(SummaryNode mid, SummaryNode ret |
summaryLocalStep(summaryArgParamRetOut(arg, ret, out, sc), mid, _) and
summaryStoreStep(mid, c, ret)
)
}
@@ -1310,8 +1349,8 @@ module Private {
c.relevantSummary(input, output, preservesValue) and
csv =
c.getCallableCsv() // Callable information
+ getComponentStack(input) + ";" // input
+ getComponentStack(output) + ";" // output
+ input.getMadRepresentation() + ";" // input
+ output.getMadRepresentation() + ";" // output
+ renderKind(preservesValue) + ";" // kind
+ renderProvenance(c) // provenance
)
@@ -1344,11 +1383,11 @@ module Private {
}
private newtype TNodeOrCall =
MkNode(Node n) {
MkNode(SummaryNode n) {
exists(RelevantSummarizedCallable c |
n = summaryNode(c, _)
n = TSummaryInternalNode(c, _)
or
n.(ParamNode).isParameterOf(inject(c), _)
n = TSummaryParameterNode(c, _)
)
} or
MkCall(DataFlowCall call) {
@@ -1357,7 +1396,7 @@ module Private {
}
private class NodeOrCall extends TNodeOrCall {
Node asNode() { this = MkNode(result) }
SummaryNode asNode() { this = MkNode(result) }
DataFlowCall asCall() { this = MkCall(result) }
@@ -1377,9 +1416,11 @@ module Private {
predicate hasLocationInfo(
string filepath, int startline, int startcolumn, int endline, int endcolumn
) {
this.asNode().hasLocationInfo(filepath, startline, startcolumn, endline, endcolumn)
or
this.asCall().hasLocationInfo(filepath, startline, startcolumn, endline, endcolumn)
filepath = "" and
startline = 0 and
startcolumn = 0 and
endline = 0 and
endcolumn = 0
}
}

14
java/ql/lib/semmle/code/java/dataflow/internal/FlowSummaryImplSpecific.qll
View File

@@ -26,15 +26,17 @@ DataFlowCallable inject(SummarizedCallable c) { result.asSummarizedCallable() =
/** Gets the parameter position of the instance parameter. */
ArgumentPosition callbackSelfParameterPosition() { result = -1 }
/** Gets the synthesized summary data-flow node for the given values. */
Node summaryNode(SummarizedCallable c, SummaryNodeState state) { result = getSummaryNode(c, state) }
/** Gets the synthesized data-flow call for `receiver`. */
SummaryCall summaryDataFlowCall(Node receiver) { result.getReceiver() = receiver }
SummaryCall summaryDataFlowCall(SummaryNode receiver) { result.getReceiver() = receiver }
/** Gets the type of content `c`. */
DataFlowType getContentType(Content c) { result = c.getType() }
/** Gets the type of the parameter at the given position. */
DataFlowType getParameterType(SummarizedCallable c, ParameterPosition pos) {
result = getErasedRepr(c.getParameterType(pos))
}
/** Gets the return type of kind `rk` for callable `c`. */
DataFlowType getReturnType(SummarizedCallable c, ReturnKind rk) {
result = getErasedRepr(c.getReturnType()) and
@@ -191,8 +193,8 @@ private string getContentSpecific(Content c) {
c instanceof MapValueContent and result = "MapValue"
}
/** Gets the textual representation of the content in the format used for flow summaries. */
string getComponentSpecific(SummaryComponent sc) {
/** Gets the textual representation of the content in the format used for MaD models. */
string getMadRepresentationSpecific(SummaryComponent sc) {
exists(Content c | sc = TContentSummaryComponent(c) and result = getContentSpecific(c))
}

5
java/ql/lib/semmle/code/java/dataflow/internal/TaintTrackingUtil.qll
View File

@@ -86,6 +86,7 @@ module LocalTaintFlow<nodeSig/1 source, nodeSig/1 sink> {
cached
private module Cached {
private import DataFlowImplCommon as DataFlowImplCommon
private import DataFlowPrivate as DataFlowPrivate
cached
predicate forceCachingInSameStage() { DataFlowImplCommon::forceCachingInSameStage() }
@@ -136,7 +137,8 @@ private module Cached {
)
)
or
FlowSummaryImpl::Private::Steps::summaryLocalStep(src, sink, false)
FlowSummaryImpl::Private::Steps::summaryLocalStep(src.(DataFlowPrivate::FlowSummaryNode)
.getSummaryNode(), sink.(DataFlowPrivate::FlowSummaryNode).getSummaryNode(), false)
}
/**
@@ -615,7 +617,6 @@ private MethodAccess callReturningSameType(Expr ref) {
result.getMethod().getReturnType() = ref.getType()
}
pragma[assume_small_delta]
private SrcRefType entrypointType() {
exists(RemoteFlowSource s, RefType t |
s instanceof DataFlow::ExplicitParameterNode and

1
java/ql/lib/semmle/code/java/dispatch/DispatchFlow.qll
View File

@@ -31,7 +31,6 @@ private Callable dispatchCand(Call c) {
/**
* Holds if `t` and all its enclosing types are public.
*/
pragma[assume_small_delta]
private predicate veryPublic(RefType t) {
t.isPublic() and
(

1
java/ql/lib/semmle/code/java/dispatch/ObjFlow.qll
View File

@@ -206,7 +206,6 @@ private predicate relevantNodeBack(ObjNode n) {
exists(ObjNode mid | objStep(n, mid) and relevantNodeBack(mid))
}
pragma[assume_small_delta]
private predicate relevantNode(ObjNode n) {
source(_, n) and relevantNodeBack(n)
or

2
java/ql/lib/semmle/code/java/frameworks/JaxWS.qll
View File

@@ -53,7 +53,6 @@ private predicate hasPathAnnotation(Annotatable annotatable) {
* A method which is annotated with one or more JaxRS resource type annotations e.g. `@GET`, `@POST` etc.
*/
class JaxRsResourceMethod extends Method {
pragma[assume_small_delta]
JaxRsResourceMethod() {
exists(AnnotationType a |
a = this.getAnAnnotation().getType() and
@@ -92,7 +91,6 @@ class JaxRsResourceMethod extends Method {
* This class contains resource methods, which are executed in response to requests.
*/
class JaxRsResourceClass extends Class {
pragma[assume_small_delta]
JaxRsResourceClass() {
// A root resource class has a @Path annotation on the class.
hasPathAnnotation(this)

1
java/ql/lib/semmle/code/java/frameworks/Rmi.qll
View File

@@ -12,7 +12,6 @@ class RemoteCallableMethod extends Method {
RemoteCallableMethod() { remoteCallableMethod(this) }
}
pragma[assume_small_delta]
private predicate remoteCallableMethod(Method method) {
method.getDeclaringType().getASupertype() instanceof TypeRemote
or

29
java/ql/lib/semmle/code/java/frameworks/apache/Exec.qll
View File

@@ -1,29 +0,0 @@
/** Definitions related to the Apache Commons Exec library. */
import semmle.code.java.Type
import semmle.code.java.security.ExternalProcess
/** The class `org.apache.commons.exec.CommandLine`. */
private class TypeCommandLine extends Class {
TypeCommandLine() { this.hasQualifiedName("org.apache.commons.exec", "CommandLine") }
}
/** The `parse()` method of the class `org.apache.commons.exec.CommandLine`. */
private class MethodCommandLineParse extends Method, ExecCallable {
MethodCommandLineParse() {
this.getDeclaringType() instanceof TypeCommandLine and
this.hasName("parse")
}
override int getAnExecutedArgument() { result = 0 }
}
/** The `addArguments()` method of the class `org.apache.commons.exec.CommandLine`. */
private class MethodCommandLineAddArguments extends Method, ExecCallable {
MethodCommandLineAddArguments() {
this.getDeclaringType() instanceof TypeCommandLine and
this.hasName("addArguments")
}
override int getAnExecutedArgument() { result = 0 }
}

1
java/ql/lib/semmle/code/java/frameworks/google/GsonSerializability.qll
View File

@@ -45,7 +45,6 @@ private class FieldReferencedGsonDeserializableType extends GsonDeserializableTy
/** A field that may be deserialized using the Gson JSON framework. */
private class GsonDeserializableField extends DeserializableField {
pragma[assume_small_delta]
GsonDeserializableField() {
exists(GsonDeserializableType superType |
superType = this.getDeclaringType().getAnAncestor() and

38
java/ql/lib/semmle/code/java/frameworks/hudson/Hudson.qll Normal file
View File

@@ -0,0 +1,38 @@
/** Provides classes and predicates related to the Hudson framework. */
import java
private import semmle.code.java.dataflow.FlowSources
private import semmle.code.java.frameworks.stapler.Stapler
private import semmle.code.java.security.XSS
/** A method declared in a subtype of `hudson.model.Descriptor` that returns an `HttpResponse`. */
class HudsonWebMethod extends Method {
HudsonWebMethod() {
this.getReturnType().(RefType).getASourceSupertype*() instanceof HttpResponse and
this.getDeclaringType().getASourceSupertype*().hasQualifiedName("hudson.model", "Descriptor")
}
}
private class FilePathRead extends LocalUserInput {
FilePathRead() {
this.asExpr()
.(MethodAccess)
.getMethod()
.hasQualifiedName("hudson", "FilePath",
[
"newInputStreamDenyingSymlinkAsNeeded", "openInputStream", "read", "readFromOffset",
"readToString"
])
}
}
private class HudsonUtilXssSanitizer extends XssSanitizer {
HudsonUtilXssSanitizer() {
this.asExpr()
.(MethodAccess)
.getMethod()
// Not including xmlEscape because it only accounts for >, <, and &.
// It does not account for ", or ', which makes it an incomplete XSS sanitizer.
.hasQualifiedName("hudson", "Util", "escape")
}
}

1
java/ql/lib/semmle/code/java/frameworks/jackson/JacksonSerializability.qll
View File

@@ -146,7 +146,6 @@ class JacksonSerializableField extends SerializableField {
/** A field that may be deserialized using the Jackson JSON framework. */
class JacksonDeserializableField extends DeserializableField {
pragma[assume_small_delta]
JacksonDeserializableField() {
exists(JacksonDeserializableType superType |
superType = this.getDeclaringType().getAnAncestor() and

124
java/ql/lib/semmle/code/java/frameworks/stapler/Stapler.qll Normal file
View File

@@ -0,0 +1,124 @@
/** Provides classes and predicates related to the Stapler framework. */
import java
private import semmle.code.java.dataflow.DataFlow
private import semmle.code.java.dataflow.FlowSources
private import semmle.code.java.dataflow.FlowSteps
private import semmle.code.java.dataflow.TypeFlow
private import semmle.code.java.frameworks.hudson.Hudson
private import semmle.code.java.frameworks.JavaxAnnotations
/**
* A callable annotated with a Stapler `DataBound` annotation,
* or that has the `@stapler-constructor` Javadoc annotation.
*/
class DataBoundAnnotated extends Callable {
DataBoundAnnotated() {
exists(Annotation an |
an.getType()
.hasQualifiedName("org.kohsuke.stapler", ["DataBoundConstructor", "DataBoundSetter"])
|
this = an.getAnnotatedElement()
)
or
exists(Javadoc doc | doc.getAChild().getText().matches("%@stapler-constructor%") |
doc.getCommentedElement() = this
)
}
}
/** The interface `org.kohsuke.stapler.HttpResponse`. */
class HttpResponse extends Interface {
HttpResponse() { this.hasQualifiedName("org.kohsuke.stapler", "HttpResponse") }
}
/**
* A remote flow source for parameters annotated with an annotation
* that is itself annotated with `InjectedParameter`.
*
* Such parameters are populated with user-provided data by Stapler.
*/
private class InjectedParameterSource extends RemoteFlowSource {
InjectedParameterSource() {
this.asParameter().getAnAnnotation().getType() instanceof InjectedParameterAnnotatedType
}
override string getSourceType() { result = "Stapler injected parameter" }
}
/**
* A dataflow step from the `HttpResponse` return value of a `HudsonWebMethod`
* to the instance parameter of the `generateResponse` method of the appropriate subtype of `HttpResponse`.
*
* This models the rendering process of an `HttpResponse` by Stapler.
*/
private class HttpResponseGetDescriptionStep extends AdditionalValueStep {
override predicate step(DataFlow::Node n1, DataFlow::Node n2) {
exists(ReturnStmt s, GenerateResponseMethod m |
s.getEnclosingCallable() instanceof HudsonWebMethod and
boundOrStaticType(s.getResult(), m.getDeclaringType().getADescendant())
|
n1.asExpr() = s.getResult() and
n2.(DataFlow::InstanceParameterNode).getCallable() = m
)
}
}
/**
* A dataflow step from the post-update node of an instance access in a `DataBoundAnnotated` method
* to the instance parameter of a `PostConstruct` method of the same type.
*
* This models the construction process of a `DataBound` object in Stapler.
*/
private class PostConstructDataBoundAdditionalStep extends AdditionalValueStep {
override predicate step(DataFlow::Node n1, DataFlow::Node n2) {
exists(PostConstructDataBoundMethod postConstruct, DataBoundAnnotated input |
postConstruct.getDeclaringType() = input.getDeclaringType()
|
n1.(DataFlow::PostUpdateNode)
.getPreUpdateNode()
.(DataFlow::InstanceAccessNode)
.getEnclosingCallable() = input and
n2.(DataFlow::InstanceParameterNode).getCallable() = postConstruct
)
}
}
/** An annotation type annotated with the `InjectedParameter` annotation. */
private class InjectedParameterAnnotatedType extends AnnotationType {
InjectedParameterAnnotatedType() {
this.getAnAnnotation().getType().hasQualifiedName("org.kohsuke.stapler", "InjectedParameter")
}
}
/** The `generateResponse` method of `org.kohsuke.stapler.HttpResponse` or its subtypes. */
private class GenerateResponseMethod extends Method {
GenerateResponseMethod() {
this.getDeclaringType().getASourceSupertype*() instanceof HttpResponse and
this.hasName("generateResponse")
}
}
/** Holds if `t` is the static type of `e`, or an upper bound of the runtime type of `e`. */
private predicate boundOrStaticType(Expr e, RefType t) {
exprTypeFlow(e, t, false)
or
t = e.getType()
}
/**
* A method called after the construction of a `DataBound` object.
*
* That is, either the `bindResolve` method of a subtype of `org.kohsuke.stapler.DataBoundResolvable`,
* or a method annotated with `javax.annotation.PostConstruct`.
*/
private class PostConstructDataBoundMethod extends Method {
PostConstructDataBoundMethod() {
this.getDeclaringType()
.getASourceSupertype*()
.hasQualifiedName("org.kohsuke.stapler", "DataBoundResolvable") and
this.hasName("bindResolve")
or
this.getAnAnnotation() instanceof PostConstructAnnotation
}
}

10
java/ql/lib/semmle/code/java/security/CommandLineQuery.qll
View File

@@ -10,8 +10,8 @@
import java
private import semmle.code.java.dataflow.FlowSources
private import semmle.code.java.dataflow.ExternalFlow
private import semmle.code.java.security.ExternalProcess
private import semmle.code.java.security.CommandArguments
private import semmle.code.java.security.ExternalProcess
/** A sink for command injection vulnerabilities. */
abstract class CommandInjectionSink extends DataFlow::Node { }
@@ -33,9 +33,7 @@ class CommandInjectionAdditionalTaintStep extends Unit {
}
private class DefaultCommandInjectionSink extends CommandInjectionSink {
DefaultCommandInjectionSink() {
this.asExpr() instanceof ArgumentToExec or sinkNode(this, "command-injection")
}
DefaultCommandInjectionSink() { sinkNode(this, "command-injection") }
}
private class DefaultCommandInjectionSanitizer extends CommandInjectionSanitizer {
@@ -100,7 +98,7 @@ predicate execIsTainted(
RemoteUserInputToArgumentToExecFlow::PathNode sink, Expr execArg
) {
RemoteUserInputToArgumentToExecFlow::flowPath(source, sink) and
sink.getNode().asExpr() = execArg
argumentToExec(execArg, sink.getNode())
}
/**
@@ -112,7 +110,7 @@ predicate execIsTainted(
*/
deprecated predicate execTainted(DataFlow::PathNode source, DataFlow::PathNode sink, Expr execArg) {
exists(RemoteUserInputToArgumentToExecFlowConfig conf |
conf.hasFlowPath(source, sink) and sink.getNode().asExpr() = execArg
conf.hasFlowPath(source, sink) and argumentToExec(execArg, sink.getNode())
)
}

31
java/ql/lib/semmle/code/java/security/ExternalProcess.qll
View File

@@ -1,16 +1,13 @@
/** Definitions related to external processes. */
import semmle.code.java.Member
private module Instances {
private import semmle.code.java.JDK
private import semmle.code.java.frameworks.apache.Exec
}
private import semmle.code.java.dataflow.DataFlow
private import semmle.code.java.security.CommandLineQuery
/**
* A callable that executes a command.
* DEPRECATED: A callable that executes a command.
*/
abstract class ExecCallable extends Callable {
abstract deprecated class ExecCallable extends Callable {
/**
* Gets the index of an argument that will be part of the command that is executed.
*/
@@ -23,13 +20,19 @@ abstract class ExecCallable extends Callable {
* to be executed.
*/
class ArgumentToExec extends Expr {
ArgumentToExec() {
exists(Call execCall, ExecCallable execCallable, int i |
execCall.getArgument(pragma[only_bind_into](i)) = this and
execCallable = execCall.getCallee() and
i = execCallable.getAnExecutedArgument()
)
}
ArgumentToExec() { argumentToExec(this, _) }
}
/**
* Holds if `e` is an expression used as an argument to a call that executes an external command.
* For calls to varargs method calls, this only includes the first argument, which will be the command
* to be executed.
*/
predicate argumentToExec(Expr e, CommandInjectionSink s) {
s.asExpr() = e
or
e.(Argument).isNthVararg(0) and
s.(DataFlow::ImplicitVarargsArray).getCall() = e.(Argument).getCall()
}
/**

27
java/ql/lib/semmle/code/java/security/LogInjection.qll
View File

@@ -46,16 +46,33 @@ private class LineBreaksLogInjectionSanitizer extends LogInjectionSanitizer {
}
}
private predicate stringMethodAccess(
MethodAccess ma, CompileTimeConstantExpr arg0, CompileTimeConstantExpr arg1
) {
ma.getMethod().getDeclaringType() instanceof TypeString and
arg0 = ma.getArgument(0) and
arg1 = ma.getArgument(1)
}
private predicate stringMethodArgument(CompileTimeConstantExpr arg) {
stringMethodAccess(_, arg, _) or stringMethodAccess(_, _, arg)
}
bindingset[match]
pragma[inline_late]
private predicate stringMethodArgumentValueMatches(CompileTimeConstantExpr const, string match) {
stringMethodArgument(const) and
const.getStringValue().matches(match)
}
/**
* Holds if the return value of `ma` is sanitized against log injection attacks
* by removing line breaks from it.
*/
private predicate logInjectionSanitizer(MethodAccess ma) {
exists(CompileTimeConstantExpr target, CompileTimeConstantExpr replacement |
ma.getMethod().getDeclaringType() instanceof TypeString and
target = ma.getArgument(0) and
replacement = ma.getArgument(1) and
not replacement.getStringValue().matches(["%\n%", "%\r%"])
stringMethodAccess(ma, target, replacement) and
not stringMethodArgumentValueMatches(replacement, ["%\n%", "%\r%"])
|
ma.getMethod().hasName("replace") and
not replacement.getIntValue() = [10, 13] and
@@ -68,7 +85,7 @@ private predicate logInjectionSanitizer(MethodAccess ma) {
(
// Replace anything not in an allow list
target.getStringValue().matches("[^%]") and
not target.getStringValue().matches("%" + ["\n", "\r", "\\n", "\\r", "\\R"] + "%")
not stringMethodArgumentValueMatches(target, "%" + ["\n", "\r", "\\n", "\\r", "\\R"] + "%")
or
// Replace line breaks
target.getStringValue() = ["\n", "\r", "\\n", "\\r", "\\R"]

5
java/ql/lib/semmle/code/java/security/SensitiveLoggingQuery.qll
View File

@@ -5,7 +5,6 @@ private import semmle.code.java.dataflow.ExternalFlow
import semmle.code.java.dataflow.TaintTracking
import semmle.code.java.security.SensitiveActions
import semmle.code.java.frameworks.android.Compose
import DataFlow
/** A variable that may hold sensitive information, judging by its name. */
class CredentialExpr extends Expr {
@@ -45,7 +44,7 @@ deprecated class SensitiveLoggerConfiguration extends TaintTracking::Configurati
sanitizer.getType() instanceof TypeType
}
override predicate isSanitizerIn(Node node) { this.isSource(node) }
override predicate isSanitizerIn(DataFlow::Node node) { this.isSource(node) }
}
/** A data-flow configuration for identifying potentially-sensitive data flowing to a log output. */
@@ -62,7 +61,7 @@ module SensitiveLoggerConfig implements DataFlow::ConfigSig {
sanitizer.getType() instanceof TypeType
}
predicate isBarrierIn(Node node) { isSource(node) }
predicate isBarrierIn(DataFlow::Node node) { isSource(node) }
}
module SensitiveLoggerFlow = TaintTracking::Global<SensitiveLoggerConfig>;

18
java/ql/lib/semmle/code/java/security/UnsafeDeserializationQuery.qll
View File

@@ -28,6 +28,20 @@ private class ObjectInputStreamReadObjectMethod extends Method {
}
}
/**
* A type extending `ObjectInputStream` that makes it safe to deserialize untrusted data.
*
* * See https://commons.apache.org/proper/commons-io/javadocs/api-2.5/org/apache/commons/io/serialization/ValidatingObjectInputStream.html
* * See https://github.com/ikkisoft/SerialKiller
*/
private class SafeObjectInputStreamType extends RefType {
SafeObjectInputStreamType() {
this.getASourceSupertype*()
.hasQualifiedName("org.apache.commons.io.serialization", "ValidatingObjectInputStream") or
this.getASourceSupertype*().hasQualifiedName("org.nibblesec.tools", "SerialKiller")
}
}
private class XmlDecoderReadObjectMethod extends Method {
XmlDecoderReadObjectMethod() {
this.getDeclaringType().hasQualifiedName("java.beans", "XMLDecoder") and
@@ -135,9 +149,7 @@ predicate unsafeDeserialization(MethodAccess ma, Expr sink) {
sink = ma.getQualifier() and
not exists(DataFlow::ExprNode node |
node.getExpr() = sink and
node.getTypeBound()
.(RefType)
.hasQualifiedName("org.apache.commons.io.serialization", "ValidatingObjectInputStream")
node.getTypeBound() instanceof SafeObjectInputStreamType
)
or
m instanceof XmlDecoderReadObjectMethod and

1
java/ql/lib/semmle/code/java/security/XSS.qll
View File

@@ -6,6 +6,7 @@ import semmle.code.java.frameworks.android.WebView
import semmle.code.java.frameworks.spring.SpringController
import semmle.code.java.frameworks.spring.SpringHttp
import semmle.code.java.frameworks.javaee.jsf.JSFRenderer
private import semmle.code.java.frameworks.hudson.Hudson
import semmle.code.java.dataflow.DataFlow
import semmle.code.java.dataflow.TaintTracking
private import semmle.code.java.dataflow.ExternalFlow

12
java/ql/src/Security/CWE/CWE-022/ZipSlip.qhelp
View File

@@ -3,17 +3,15 @@
"qhelp.dtd">
<qhelp>
<overview>
<p>Extracting files from a malicious zip archive (or another archive format)
without validating that the destination file path
is within the destination directory can cause files outside the destination directory to be
overwritten, due to the possible presence of directory traversal elements (<code>..</code>) in
archive paths.</p>
<p>Extracting files from a malicious zip file, or similar type of archive,
is at risk of directory traversal attacks if filenames from the archive are
not properly validated.</p>
<p>Zip archives contain archive entries representing each file in the archive. These entries
include a file path for the entry, but these file paths are not restricted and may contain
unexpected special elements such as the directory traversal element (<code>..</code>). If these
file paths are used to determine an output file to write the contents of the archive item to, then
the file may be written to an unexpected location. This can result in sensitive information being
file paths are used to create a filesystem path, then a file operation may happen in an
unexpected location. This can result in sensitive information being
revealed or deleted, or an attacker being able to influence behavior by modifying unexpected
files.</p>

8
java/ql/src/Security/CWE/CWE-022/ZipSlip.ql
View File

@@ -1,8 +1,8 @@
/**
* @name Arbitrary file write during archive extraction ("Zip Slip")
* @description Extracting files from a malicious archive without validating that the
* destination file path is within the destination directory can cause files outside
* the destination directory to be overwritten.
* @name Arbitrary file access during archive extraction ("Zip Slip")
* @description Extracting files from a malicious ZIP file, or similar type of archive, without
* validating that the destination file path is within the destination directory
* can allow an attacker to unexpectedly gain access to resources.
* @kind path-problem
* @id java/zipslip
* @problem.severity error

11
java/ql/src/Security/CWE/CWE-078/ExecTaintedLocal.ql
View File

@@ -14,11 +14,14 @@
import java
import semmle.code.java.security.CommandLineQuery
import semmle.code.java.security.ExternalProcess
import LocalUserInputToArgumentToExecFlow::PathGraph
from
LocalUserInputToArgumentToExecFlow::PathNode source,
LocalUserInputToArgumentToExecFlow::PathNode sink
where LocalUserInputToArgumentToExecFlow::flowPath(source, sink)
select sink.getNode().asExpr(), source, sink, "This command line depends on a $@.",
source.getNode(), "user-provided value"
LocalUserInputToArgumentToExecFlow::PathNode sink, Expr e
where
LocalUserInputToArgumentToExecFlow::flowPath(source, sink) and
argumentToExec(e, sink.getNode())
select e, source, sink, "This command line depends on a $@.", source.getNode(),
"user-provided value"

1
java/ql/src/Security/CWE/CWE-078/ExecUnescaped.ql
View File

@@ -14,6 +14,7 @@
import java
import semmle.code.java.security.CommandLineQuery
import semmle.code.java.security.ExternalProcess
/**
* Strings that are known to be sane by some simple local analysis. Such strings

444
java/ql/src/Telemetry/AutomodelApplicationModeCharacteristics.qll Normal file
View File

@@ -0,0 +1,444 @@
/**
* For internal use only.
*/
private import java
private import semmle.code.Location as Location
private import semmle.code.java.dataflow.DataFlow
private import semmle.code.java.dataflow.TaintTracking
private import semmle.code.java.security.PathCreation
private import semmle.code.java.dataflow.ExternalFlow as ExternalFlow
private import semmle.code.java.dataflow.internal.FlowSummaryImpl as FlowSummaryImpl
private import semmle.code.java.security.ExternalAPIs as ExternalAPIs
private import semmle.code.java.Expr as Expr
private import semmle.code.java.security.QueryInjection
private import semmle.code.java.security.RequestForgery
private import semmle.code.java.dataflow.internal.ModelExclusions as ModelExclusions
private import AutomodelJavaUtil as AutomodelJavaUtil
private import semmle.code.java.security.PathSanitizer as PathSanitizer
private import AutomodelSharedGetCallable as AutomodelSharedGetCallable
import AutomodelSharedCharacteristics as SharedCharacteristics
import AutomodelEndpointTypes as AutomodelEndpointTypes
newtype JavaRelatedLocationType = CallContext()
/**
* A class representing nodes that are arguments to calls.
*/
private class ArgumentNode extends DataFlow::Node {
ArgumentNode() { this.asExpr() = [any(Call c).getAnArgument(), any(Call c).getQualifier()] }
}
/**
* A candidates implementation.
*
* Some important notes:
* - This mode is using arguments as endpoints.
* - We use the `CallContext` (the surrounding call expression) as related location.
*/
module ApplicationCandidatesImpl implements SharedCharacteristics::CandidateSig {
// for documentation of the implementations here, see the QLDoc in the CandidateSig signature module.
class Endpoint = ArgumentNode;
class EndpointType = AutomodelEndpointTypes::EndpointType;
class NegativeEndpointType = AutomodelEndpointTypes::NegativeSinkType;
class RelatedLocation = Location::Top;
class RelatedLocationType = JavaRelatedLocationType;
// Sanitizers are currently not modeled in MaD. TODO: check if this has large negative impact.
predicate isSanitizer(Endpoint e, EndpointType t) {
exists(t) and
(
e.getType() instanceof BoxedType
or
e.getType() instanceof PrimitiveType
or
e.getType() instanceof NumberType
)
or
t instanceof AutomodelEndpointTypes::PathInjectionSinkType and
e instanceof PathSanitizer::PathInjectionSanitizer
}
RelatedLocation asLocation(Endpoint e) { result = e.asExpr() }
predicate isKnownKind = AutomodelJavaUtil::isKnownKind/2;
predicate isSink(Endpoint e, string kind) {
exists(string package, string type, string name, string signature, string ext, string input |
sinkSpec(e, package, type, name, signature, ext, input) and
ExternalFlow::sinkModel(package, type, _, name, [signature, ""], ext, input, kind, _)
)
or
isCustomSink(e, kind)
}
predicate isNeutral(Endpoint e) {
exists(string package, string type, string name, string signature |
sinkSpec(e, package, type, name, signature, _, _) and
ExternalFlow::neutralModel(package, type, name, [signature, ""], "sink", _)
)
}
additional predicate sinkSpec(
Endpoint e, string package, string type, string name, string signature, string ext, string input
) {
ApplicationModeGetCallable::getCallable(e).hasQualifiedName(package, type, name) and
signature = ExternalFlow::paramsString(ApplicationModeGetCallable::getCallable(e)) and
ext = "" and
(
exists(Call c, int argIdx |
e.asExpr() = c.getArgument(argIdx) and
input = AutomodelJavaUtil::getArgumentForIndex(argIdx)
)
or
exists(Call c |
e.asExpr() = c.getQualifier() and input = AutomodelJavaUtil::getArgumentForIndex(-1)
)
)
}
/**
* Gets the related location for the given endpoint.
*
* The only related location we model is the the call expression surrounding to
* which the endpoint is either argument or qualifier (known as the call context).
*/
RelatedLocation getRelatedLocation(Endpoint e, RelatedLocationType type) {
type = CallContext() and
result = any(Call c | e.asExpr() = [c.getAnArgument(), c.getQualifier()])
}
}
private class JavaCallable = Callable;
private module ApplicationModeGetCallable implements AutomodelSharedGetCallable::GetCallableSig {
class Callable = JavaCallable;
class Endpoint = ApplicationCandidatesImpl::Endpoint;
/**
* Returns the API callable being modeled.
*/
Callable getCallable(Endpoint e) {
exists(Call c |
e.asExpr() = [c.getAnArgument(), c.getQualifier()] and
result = c.getCallee()
)
}
}
/**
* Contains endpoints that are defined in QL code rather than as a MaD model. Ideally this predicate
* should be empty.
*/
private predicate isCustomSink(Endpoint e, string kind) {
e.asExpr() instanceof ArgumentToExec and kind = "command injection"
or
e instanceof RequestForgerySink and kind = "request forgery"
or
e instanceof QueryInjectionSink and kind = "sql"
}
module CharacteristicsImpl =
SharedCharacteristics::SharedCharacteristics<ApplicationCandidatesImpl>;
class EndpointCharacteristic = CharacteristicsImpl::EndpointCharacteristic;
class Endpoint = ApplicationCandidatesImpl::Endpoint;
/*
* Predicates that are used to surface prompt examples and candidates for classification with an ML model.
*/
/**
* A MetadataExtractor that extracts metadata for application mode.
*/
class ApplicationModeMetadataExtractor extends string {
ApplicationModeMetadataExtractor() { this = "ApplicationModeMetadataExtractor" }
predicate hasMetadata(
Endpoint e, string package, string type, string subtypes, string name, string signature,
string input
) {
exists(Call call, Callable callable, int argIdx |
call.getCallee() = callable and
(
e.asExpr() = call.getArgument(argIdx)
or
e.asExpr() = call.getQualifier() and argIdx = -1
) and
input = AutomodelJavaUtil::getArgumentForIndex(argIdx) and
package = callable.getDeclaringType().getPackage().getName() and
// we're using the erased types because the MaD convention is to not specify type parameters.
// Whether something is or isn't a sink doesn't usually depend on the type parameters.
type = callable.getDeclaringType().getErasure().(RefType).nestedName() and
subtypes = AutomodelJavaUtil::considerSubtypes(callable).toString() and
name = callable.getName() and
signature = ExternalFlow::paramsString(callable)
)
}
}
/*
* EndpointCharacteristic classes that are specific to Automodel for Java.
*/
/**
* A negative characteristic that indicates that an is-style boolean method is unexploitable even if it is a sink.
*
* A sink is highly unlikely to be exploitable if its callable's name starts with `is` and the callable has a boolean return
* type (e.g. `isDirectory`). These kinds of calls normally do only checks, and appear before the proper call that does
* the dangerous/interesting thing, so we want the latter to be modeled as the sink.
*
* TODO: this might filter too much, it's possible that methods with more than one parameter contain interesting sinks
*/
private class UnexploitableIsCharacteristic extends CharacteristicsImpl::NotASinkCharacteristic {
UnexploitableIsCharacteristic() { this = "unexploitable (is-style boolean method)" }
override predicate appliesToEndpoint(Endpoint e) {
not ApplicationCandidatesImpl::isSink(e, _) and
ApplicationModeGetCallable::getCallable(e).getName().matches("is%") and
ApplicationModeGetCallable::getCallable(e).getReturnType() instanceof BooleanType
}
}
/**
* A negative characteristic that indicates that an existence-checking boolean method is unexploitable even if it is a
* sink.
*
* A sink is highly unlikely to be exploitable if its callable's name is `exists` or `notExists` and the callable has a
* boolean return type. These kinds of calls normally do only checks, and appear before the proper call that does the
* dangerous/interesting thing, so we want the latter to be modeled as the sink.
*/
private class UnexploitableExistsCharacteristic extends CharacteristicsImpl::NotASinkCharacteristic {
UnexploitableExistsCharacteristic() { this = "unexploitable (existence-checking boolean method)" }
override predicate appliesToEndpoint(Endpoint e) {
not ApplicationCandidatesImpl::isSink(e, _) and
exists(Callable callable |
callable = ApplicationModeGetCallable::getCallable(e) and
callable.getName().toLowerCase() = ["exists", "notexists"] and
callable.getReturnType() instanceof BooleanType
)
}
}
/**
* A negative characteristic that indicates that an endpoint is an argument to an exception, which is not a sink.
*/
private class ExceptionCharacteristic extends CharacteristicsImpl::NotASinkCharacteristic {
ExceptionCharacteristic() { this = "exception" }
override predicate appliesToEndpoint(Endpoint e) {
ApplicationModeGetCallable::getCallable(e).getDeclaringType().getASupertype*() instanceof
TypeThrowable
}
}
/**
* A negative characteristic that indicates that an endpoint is a MaD taint step. MaD modeled taint steps are global,
* so they are not sinks for any query. Non-MaD taint steps might be specific to a particular query, so we don't
* filter those out.
*/
private class IsMaDTaintStepCharacteristic extends CharacteristicsImpl::NotASinkCharacteristic {
IsMaDTaintStepCharacteristic() { this = "taint step" }
override predicate appliesToEndpoint(Endpoint e) {
FlowSummaryImpl::Private::Steps::summaryThroughStepValue(e, _, _) or
FlowSummaryImpl::Private::Steps::summaryThroughStepTaint(e, _, _) or
FlowSummaryImpl::Private::Steps::summaryGetterStep(e, _, _, _) or
FlowSummaryImpl::Private::Steps::summarySetterStep(e, _, _, _)
}
}
/**
* A negative characteristic that filters out qualifiers that are classes (i.e. static calls). These
* are unlikely to have any non-trivial flow going into them.
*
* Technically, an accessed type _could_ come from outside of the source code, but there's not
* much likelihood of that being user-controlled.
*/
private class ClassQualifierCharacteristic extends CharacteristicsImpl::NotASinkCharacteristic {
ClassQualifierCharacteristic() { this = "class qualifier" }
override predicate appliesToEndpoint(Endpoint e) {
exists(Call c |
e.asExpr() = c.getQualifier() and
c.getQualifier() instanceof TypeAccess
)
}
}
/**
* A call to a method that's known locally will not be considered as a candidate to model.
*
* The reason is that we would expect data/taint flow into the method implementation to uncover
* any sinks that are present there.
*/
private class ArgumentToLocalCall extends CharacteristicsImpl::UninterestingToModelCharacteristic {
ArgumentToLocalCall() { this = "argument to local call" }
override predicate appliesToEndpoint(Endpoint e) {
ApplicationModeGetCallable::getCallable(e).fromSource()
}
}
/**
* A Characteristic that marks endpoints as uninteresting to model, according to the Java ModelExclusions module.
*/
private class ExcludedFromModeling extends CharacteristicsImpl::UninterestingToModelCharacteristic {
ExcludedFromModeling() { this = "excluded from modeling" }
override predicate appliesToEndpoint(Endpoint e) {
ModelExclusions::isUninterestingForModels(ApplicationModeGetCallable::getCallable(e))
}
}
/**
* A negative characteristic that filters out non-public methods. Non-public methods are not interesting to include in
* the standard Java modeling, because they cannot be called from outside the package.
*/
private class NonPublicMethodCharacteristic extends CharacteristicsImpl::UninterestingToModelCharacteristic
{
NonPublicMethodCharacteristic() { this = "non-public method" }
override predicate appliesToEndpoint(Endpoint e) {
not ApplicationModeGetCallable::getCallable(e).isPublic()
}
}
/**
* A negative characteristic that indicates that an endpoint is a non-sink argument to a method whose sinks have already
* been modeled.
*
* WARNING: These endpoints should not be used as negative samples for training, because some sinks may have been missed
* when the method was modeled. Specifically, as we start using ATM to merge in new declarations, we can be less sure
* that a method with one argument modeled as a MaD sink has also had its remaining arguments manually reviewed. The
* ML model might have predicted argument 0 of some method to be a sink but not argument 1, when in fact argument 1 is
* also a sink.
*/
private class OtherArgumentToModeledMethodCharacteristic extends CharacteristicsImpl::LikelyNotASinkCharacteristic
{
OtherArgumentToModeledMethodCharacteristic() {
this = "other argument to a method that has already been modeled"
}
override predicate appliesToEndpoint(Endpoint e) {
not ApplicationCandidatesImpl::isSink(e, _) and
exists(DataFlow::Node otherSink |
ApplicationCandidatesImpl::isSink(otherSink, _) and
e.asExpr() = otherSink.asExpr().(Argument).getCall().getAnArgument() and
e != otherSink
)
}
}
/**
* A characteristic that marks functional expression as likely not sinks.
*
* These expressions may well _contain_ sinks, but rarely are sinks themselves.
*/
private class FunctionValueCharacteristic extends CharacteristicsImpl::LikelyNotASinkCharacteristic {
FunctionValueCharacteristic() { this = "function value" }
override predicate appliesToEndpoint(Endpoint e) { e.asExpr() instanceof FunctionalExpr }
}
/**
* A negative characteristic that indicates that an endpoint is not a `to` node for any known taint step. Such a node
* cannot be tainted, because taint can't flow into it.
*
* WARNING: These endpoints should not be used as negative samples for training, because they may include sinks for
* which our taint tracking modeling is incomplete.
*/
private class CannotBeTaintedCharacteristic extends CharacteristicsImpl::LikelyNotASinkCharacteristic
{
CannotBeTaintedCharacteristic() { this = "cannot be tainted" }
override predicate appliesToEndpoint(Endpoint e) { not this.isKnownOutNodeForStep(e) }
/**
* Holds if the node `n` is known as the predecessor in a modeled flow step.
*/
private predicate isKnownOutNodeForStep(Endpoint e) {
e.asExpr() instanceof Call or // we just assume flow in that case
TaintTracking::localTaintStep(_, e) or
FlowSummaryImpl::Private::Steps::summaryThroughStepValue(_, e, _) or
FlowSummaryImpl::Private::Steps::summaryThroughStepTaint(_, e, _) or
FlowSummaryImpl::Private::Steps::summaryGetterStep(_, _, e, _) or
FlowSummaryImpl::Private::Steps::summarySetterStep(_, _, e, _)
}
}
/**
* Holds if the given endpoint has a self-contradictory combination of characteristics. Detects errors in our endpoint
* characteristics. Lists the problematic characteristics and their implications for all such endpoints, together with
* an error message indicating why this combination is problematic.
*
* Copied from
* javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_large_scale/ContradictoryEndpointCharacteristics.ql
*/
predicate erroneousEndpoints(
Endpoint endpoint, EndpointCharacteristic characteristic,
AutomodelEndpointTypes::EndpointType endpointType, float confidence, string errorMessage,
boolean ignoreKnownModelingErrors
) {
// An endpoint's characteristics should not include positive indicators with medium/high confidence for more than one
// sink/source type (including the negative type).
exists(
EndpointCharacteristic characteristic2, AutomodelEndpointTypes::EndpointType endpointClass2,
float confidence2
|
endpointType != endpointClass2 and
(
endpointType instanceof AutomodelEndpointTypes::SinkType and
endpointClass2 instanceof AutomodelEndpointTypes::SinkType
or
endpointType instanceof AutomodelEndpointTypes::SourceType and
endpointClass2 instanceof AutomodelEndpointTypes::SourceType
) and
characteristic.appliesToEndpoint(endpoint) and
characteristic2.appliesToEndpoint(endpoint) and
characteristic.hasImplications(endpointType, true, confidence) and
characteristic2.hasImplications(endpointClass2, true, confidence2) and
confidence > SharedCharacteristics::mediumConfidence() and
confidence2 > SharedCharacteristics::mediumConfidence() and
(
ignoreKnownModelingErrors = true and
not knownOverlappingCharacteristics(characteristic, characteristic2)
or
ignoreKnownModelingErrors = false
)
) and
errorMessage = "Endpoint has high-confidence positive indicators for multiple classes"
or
// An endpoint's characteristics should not include positive indicators with medium/high confidence for some class and
// also include negative indicators with medium/high confidence for this same class.
exists(EndpointCharacteristic characteristic2, float confidence2 |
characteristic.appliesToEndpoint(endpoint) and
characteristic2.appliesToEndpoint(endpoint) and
characteristic.hasImplications(endpointType, true, confidence) and
characteristic2.hasImplications(endpointType, false, confidence2) and
confidence > SharedCharacteristics::mediumConfidence() and
confidence2 > SharedCharacteristics::mediumConfidence()
) and
ignoreKnownModelingErrors = false and
errorMessage = "Endpoint has high-confidence positive and negative indicators for the same class"
}
/**
* Holds if `characteristic1` and `characteristic2` are among the pairs of currently known positive characteristics that
* have some overlap in their results. This indicates a problem with the underlying Java modeling. Specifically,
* `PathCreation` is prone to FPs.
*/
private predicate knownOverlappingCharacteristics(
EndpointCharacteristic characteristic1, EndpointCharacteristic characteristic2
) {
characteristic1 != characteristic2 and
characteristic1 = ["mad taint step", "create path", "read file", "known non-sink"] and
characteristic2 = ["mad taint step", "create path", "read file", "known non-sink"]
}

49
java/ql/src/Telemetry/AutomodelApplicationModeExtractCandidates.ql Normal file
View File

@@ -0,0 +1,49 @@
/**
* Surfaces the endpoints that are not already known to be sinks, and are therefore used as candidates for
* classification with an ML model.
*
* Note: This query does not actually classify the endpoints using the model.
*
* @name Automodel candidates (application mode)
* @description A query to extract automodel candidates in application mode.
* @kind problem
* @problem.severity recommendation
* @id java/ml/extract-automodel-application-candidates
* @tags internal extract automodel application-mode candidates
*/
private import AutomodelApplicationModeCharacteristics
private import AutomodelJavaUtil
from
Endpoint endpoint, string message, ApplicationModeMetadataExtractor meta, DollarAtString package,
DollarAtString type, DollarAtString subtypes, DollarAtString name, DollarAtString signature,
DollarAtString input
where
not exists(CharacteristicsImpl::UninterestingToModelCharacteristic u |
u.appliesToEndpoint(endpoint)
) and
// If a node is already a known sink for any of our existing ATM queries and is already modeled as a MaD sink, we
// don't include it as a candidate. Otherwise, we might include it as a candidate for query A, but the model will
// label it as a sink for one of the sink types of query B, for which it's already a known sink. This would result in
// overlap between our detected sinks and the pre-existing modeling. We assume that, if a sink has already been
// modeled in a MaD model, then it doesn't belong to any additional sink types, and we don't need to reexamine it.
not CharacteristicsImpl::isSink(endpoint, _) and
meta.hasMetadata(endpoint, package, type, subtypes, name, signature, input) and
// The message is the concatenation of all sink types for which this endpoint is known neither to be a sink nor to be
// a non-sink, and we surface only endpoints that have at least one such sink type.
message =
strictconcat(AutomodelEndpointTypes::SinkType sinkType |
not CharacteristicsImpl::isKnownSink(endpoint, sinkType) and
CharacteristicsImpl::isSinkCandidate(endpoint, sinkType)
|
sinkType, ", "
)
select endpoint, message + "\nrelated locations: $@." + "\nmetadata: $@, $@, $@, $@, $@, $@.", //
CharacteristicsImpl::getRelatedLocationOrCandidate(endpoint, CallContext()), "CallContext", //
package, "package", //
type, "type", //
subtypes, "subtypes", //
name, "name", // method name
signature, "signature", //
input, "input" //

73
java/ql/src/Telemetry/AutomodelApplicationModeExtractNegativeExamples.ql Normal file
View File

@@ -0,0 +1,73 @@
/**
* Surfaces endpoints that are non-sinks with high confidence, for use as negative examples in the prompt.
*
* @name Negative examples (application mode)
* @kind problem
* @problem.severity recommendation
* @id java/ml/extract-automodel-application-negative-examples
* @tags internal extract automodel application-mode negative examples
*/
private import java
private import AutomodelApplicationModeCharacteristics
private import AutomodelEndpointTypes
private import AutomodelJavaUtil
/**
* Gets a sample of endpoints (of at most `limit` samples) for which the given characteristic applies.
*
* The main purpose of this helper predicate is to avoid selecting too many samples, as this may
* cause the SARIF file to exceed the maximum size limit.
*/
bindingset[limit]
Endpoint getSampleForCharacteristic(EndpointCharacteristic c, int limit) {
exists(int n, int num_endpoints | num_endpoints = count(Endpoint e | c.appliesToEndpoint(e)) |
result =
rank[n](Endpoint e, Location loc |
loc = e.getLocation() and c.appliesToEndpoint(e)
|
e
order by
loc.getFile().getAbsolutePath(), loc.getStartLine(), loc.getStartColumn(),
loc.getEndLine(), loc.getEndColumn()
) and
// To avoid selecting samples that are too close together (as the ranking above goes by file
// path first), we select `limit` evenly spaced samples from the ranked list of endpoints. By
// default this would always include the first sample, so we add a random-chosen prime offset
// to the first sample index, and reduce modulo the number of endpoints.
// Finally, we add 1 to the result, as ranking results in a 1-indexed relation.
n = 1 + (([0 .. limit - 1] * (num_endpoints / limit).floor() + 46337) % num_endpoints)
)
}
from
Endpoint endpoint, EndpointCharacteristic characteristic, float confidence, string message,
ApplicationModeMetadataExtractor meta, DollarAtString package, DollarAtString type,
DollarAtString subtypes, DollarAtString name, DollarAtString signature, DollarAtString input
where
endpoint = getSampleForCharacteristic(characteristic, 100) and
confidence >= SharedCharacteristics::highConfidence() and
characteristic.hasImplications(any(NegativeSinkType negative), true, confidence) and
// Exclude endpoints that have contradictory endpoint characteristics, because we only want examples we're highly
// certain about in the prompt.
not erroneousEndpoints(endpoint, _, _, _, _, false) and
meta.hasMetadata(endpoint, package, type, subtypes, name, signature, input) and
// It's valid for a node to satisfy the logic for both `isSink` and `isSanitizer`, but in that case it will be
// treated by the actual query as a sanitizer, since the final logic is something like
// `isSink(n) and not isSanitizer(n)`. We don't want to include such nodes as negative examples in the prompt, because
// they're ambiguous and might confuse the model, so we explicitly exclude all known sinks from the negative examples.
not exists(EndpointCharacteristic characteristic2, float confidence2, SinkType positiveType |
not positiveType instanceof NegativeSinkType and
characteristic2.appliesToEndpoint(endpoint) and
confidence2 >= SharedCharacteristics::maximalConfidence() and
characteristic2.hasImplications(positiveType, true, confidence2)
) and
message = characteristic
select endpoint, message + "\nrelated locations: $@." + "\nmetadata: $@, $@, $@, $@, $@, $@.", //
CharacteristicsImpl::getRelatedLocationOrCandidate(endpoint, CallContext()), "CallContext", //
package, "package", //
type, "type", //
subtypes, "subtypes", //
name, "name", //
signature, "signature", //
input, "input" //

33
java/ql/src/Telemetry/AutomodelApplicationModeExtractPositiveExamples.ql Normal file
View File

@@ -0,0 +1,33 @@
/**
* Surfaces endpoints that are sinks with high confidence, for use as positive examples in the prompt.
*
* @name Positive examples (application mode)
* @kind problem
* @problem.severity recommendation
* @id java/ml/extract-automodel-application-positive-examples
* @tags internal extract automodel application-mode positive examples
*/
private import AutomodelApplicationModeCharacteristics
private import AutomodelEndpointTypes
private import AutomodelJavaUtil
from
Endpoint endpoint, SinkType sinkType, ApplicationModeMetadataExtractor meta,
DollarAtString package, DollarAtString type, DollarAtString subtypes, DollarAtString name,
DollarAtString signature, DollarAtString input
where
// Exclude endpoints that have contradictory endpoint characteristics, because we only want examples we're highly
// certain about in the prompt.
not erroneousEndpoints(endpoint, _, _, _, _, false) and
meta.hasMetadata(endpoint, package, type, subtypes, name, signature, input) and
// Extract positive examples of sinks belonging to the existing ATM query configurations.
CharacteristicsImpl::isKnownSink(endpoint, sinkType)
select endpoint, sinkType + "\nrelated locations: $@." + "\nmetadata: $@, $@, $@, $@, $@, $@.", //
CharacteristicsImpl::getRelatedLocationOrCandidate(endpoint, CallContext()), "CallContext", //
package, "package", //
type, "type", //
subtypes, "subtypes", //
name, "name", //
signature, "signature", //
input, "input" //

10
java/ql/src/Telemetry/AutomodelEndpointTypes.qll
View File

@@ -40,18 +40,18 @@ class NegativeSinkType extends SinkType {
}
/** A sink relevant to the SQL injection query */
class SqlSinkType extends SinkType {
SqlSinkType() { this = "sql" }
class SqlInjectionSinkType extends SinkType {
SqlInjectionSinkType() { this = "sql-injection" }
}
/** A sink relevant to the tainted path injection query. */
class TaintedPathSinkType extends SinkType {
TaintedPathSinkType() { this = "tainted-path" }
class PathInjectionSinkType extends SinkType {
PathInjectionSinkType() { this = "path-injection" }
}
/** A sink relevant to the SSRF query. */
class RequestForgerySinkType extends SinkType {
RequestForgerySinkType() { this = "ssrf" }
RequestForgerySinkType() { this = "request-forgery" }
}
/** A sink relevant to the command injection query. */

108
java/ql/src/Telemetry/AutomodelFrameworkModeCharacteristics.qll
View File

@@ -14,23 +14,11 @@ private import semmle.code.java.Expr as Expr
private import semmle.code.java.security.QueryInjection
private import semmle.code.java.security.RequestForgery
private import semmle.code.java.dataflow.internal.ModelExclusions as ModelExclusions
private import AutomodelJavaUtil as AutomodelJavaUtil
private import AutomodelSharedGetCallable as AutomodelSharedGetCallable
import AutomodelSharedCharacteristics as SharedCharacteristics
import AutomodelEndpointTypes as AutomodelEndpointTypes
/**
* A meta data extractor. Any Java extraction mode needs to implement exactly
* one instance of this class.
*/
abstract class MetadataExtractor extends string {
bindingset[this]
MetadataExtractor() { any() }
abstract predicate hasMetadata(
DataFlow::ParameterNode e, string package, string type, boolean subtypes, string name,
string signature, int input, string parameterName
);
}
newtype JavaRelatedLocationType =
MethodDoc() or
ClassDoc()
@@ -60,31 +48,7 @@ module FrameworkCandidatesImpl implements SharedCharacteristics::CandidateSig {
RelatedLocation asLocation(Endpoint e) { result = e.asParameter() }
predicate isKnownKind(string kind, string humanReadableKind, EndpointType type) {
kind = "read-file" and
humanReadableKind = "read file" and
type instanceof AutomodelEndpointTypes::TaintedPathSinkType
or
kind = "create-file" and
humanReadableKind = "create file" and
type instanceof AutomodelEndpointTypes::TaintedPathSinkType
or
kind = "sql" and
humanReadableKind = "mad modeled sql" and
type instanceof AutomodelEndpointTypes::SqlSinkType
or
kind = "open-url" and
humanReadableKind = "open url" and
type instanceof AutomodelEndpointTypes::RequestForgerySinkType
or
kind = "jdbc-url" and
humanReadableKind = "jdbc url" and
type instanceof AutomodelEndpointTypes::RequestForgerySinkType
or
kind = "command-injection" and
humanReadableKind = "command injection" and
type instanceof AutomodelEndpointTypes::CommandInjectionSinkType
}
predicate isKnownKind = AutomodelJavaUtil::isKnownKind/2;
predicate isSink(Endpoint e, string kind) {
exists(string package, string type, string name, string signature, string ext, string input |
@@ -96,40 +60,48 @@ module FrameworkCandidatesImpl implements SharedCharacteristics::CandidateSig {
predicate isNeutral(Endpoint e) {
exists(string package, string type, string name, string signature |
sinkSpec(e, package, type, name, signature, _, _) and
ExternalFlow::neutralModel(package, type, name, [signature, ""], _, _)
ExternalFlow::neutralModel(package, type, name, [signature, ""], "sink", _)
)
}
additional predicate sinkSpec(
Endpoint e, string package, string type, string name, string signature, string ext, string input
) {
FrameworkCandidatesImpl::getCallable(e).hasQualifiedName(package, type, name) and
signature = ExternalFlow::paramsString(getCallable(e)) and
FrameworkModeGetCallable::getCallable(e).hasQualifiedName(package, type, name) and
signature = ExternalFlow::paramsString(FrameworkModeGetCallable::getCallable(e)) and
ext = "" and
exists(int paramIdx | e.isParameterOf(_, paramIdx) |
if paramIdx = -1 then input = "Argument[this]" else input = "Argument[" + paramIdx + "]"
input = AutomodelJavaUtil::getArgumentForIndex(paramIdx)
)
}
/**
* Returns the related location for the given endpoint.
* Gets the related location for the given endpoint.
*
* Related locations can be JavaDoc comments of the class or the method.
*/
RelatedLocation getRelatedLocation(Endpoint e, RelatedLocationType type) {
type = MethodDoc() and
result = FrameworkCandidatesImpl::getCallable(e).(Documentable).getJavadoc()
result = FrameworkModeGetCallable::getCallable(e).(Documentable).getJavadoc()
or
type = ClassDoc() and
result = FrameworkCandidatesImpl::getCallable(e).getDeclaringType().(Documentable).getJavadoc()
result = FrameworkModeGetCallable::getCallable(e).getDeclaringType().(Documentable).getJavadoc()
}
}
private class JavaCallable = Callable;
private module FrameworkModeGetCallable implements AutomodelSharedGetCallable::GetCallableSig {
class Callable = JavaCallable;
class Endpoint = FrameworkCandidatesImpl::Endpoint;
/**
* Returns the callable that contains the given endpoint.
*
* Each Java mode should implement this predicate.
*/
additional Callable getCallable(Endpoint e) { result = e.getEnclosingCallable() }
Callable getCallable(Endpoint e) { result = e.getEnclosingCallable() }
}
module CharacteristicsImpl = SharedCharacteristics::SharedCharacteristics<FrameworkCandidatesImpl>;
@@ -145,35 +117,19 @@ class Endpoint = FrameworkCandidatesImpl::Endpoint;
/**
* A MetadataExtractor that extracts metadata for framework mode.
*/
class FrameworkModeMetadataExtractor extends MetadataExtractor {
class FrameworkModeMetadataExtractor extends string {
FrameworkModeMetadataExtractor() { this = "FrameworkModeMetadataExtractor" }
/**
* By convention, the subtypes property of the MaD declaration should only be
* true when there _can_ exist any subtypes with a different implementation.
*
* It would technically be ok to always use the value 'true', but this would
* break convention.
*/
boolean considerSubtypes(Callable callable) {
if
callable.isStatic() or
callable.getDeclaringType().isStatic() or
callable.isFinal() or
callable.getDeclaringType().isFinal()
then result = false
else result = true
}
override predicate hasMetadata(
Endpoint e, string package, string type, boolean subtypes, string name, string signature,
int input, string parameterName
predicate hasMetadata(
Endpoint e, string package, string type, string subtypes, string name, string signature,
string input, string parameterName
) {
exists(Callable callable |
e.asParameter() = callable.getParameter(input) and
exists(Callable callable, int paramIdx |
e.asParameter() = callable.getParameter(paramIdx) and
input = AutomodelJavaUtil::getArgumentForIndex(paramIdx) and
package = callable.getDeclaringType().getPackage().getName() and
type = callable.getDeclaringType().getErasure().(RefType).nestedName() and
subtypes = this.considerSubtypes(callable) and
subtypes = AutomodelJavaUtil::considerSubtypes(callable).toString() and
name = callable.getName() and
parameterName = e.asParameter().getName() and
signature = ExternalFlow::paramsString(callable)
@@ -199,8 +155,8 @@ private class UnexploitableIsCharacteristic extends CharacteristicsImpl::NotASin
override predicate appliesToEndpoint(Endpoint e) {
not FrameworkCandidatesImpl::isSink(e, _) and
FrameworkCandidatesImpl::getCallable(e).getName().matches("is%") and
FrameworkCandidatesImpl::getCallable(e).getReturnType() instanceof BooleanType
FrameworkModeGetCallable::getCallable(e).getName().matches("is%") and
FrameworkModeGetCallable::getCallable(e).getReturnType() instanceof BooleanType
}
}
@@ -218,7 +174,7 @@ private class UnexploitableExistsCharacteristic extends CharacteristicsImpl::Not
override predicate appliesToEndpoint(Endpoint e) {
not FrameworkCandidatesImpl::isSink(e, _) and
exists(Callable callable |
callable = FrameworkCandidatesImpl::getCallable(e) and
callable = FrameworkModeGetCallable::getCallable(e) and
callable.getName().toLowerCase() = ["exists", "notexists"] and
callable.getReturnType() instanceof BooleanType
)
@@ -232,7 +188,7 @@ private class ExceptionCharacteristic extends CharacteristicsImpl::NotASinkChara
ExceptionCharacteristic() { this = "exception" }
override predicate appliesToEndpoint(Endpoint e) {
FrameworkCandidatesImpl::getCallable(e).getDeclaringType().getASupertype*() instanceof
FrameworkModeGetCallable::getCallable(e).getDeclaringType().getASupertype*() instanceof
TypeThrowable
}
}
@@ -258,7 +214,7 @@ private class NonPublicMethodCharacteristic extends CharacteristicsImpl::Uninter
NonPublicMethodCharacteristic() { this = "non-public method" }
override predicate appliesToEndpoint(Endpoint e) {
not FrameworkCandidatesImpl::getCallable(e).isPublic()
not FrameworkModeGetCallable::getCallable(e).isPublic()
}
}

31
java/ql/src/Telemetry/AutomodelFrameworkModeExtractCandidates.ql
View File

@@ -4,20 +4,21 @@
*
* Note: This query does not actually classify the endpoints using the model.
*
* @name Automodel candidates
* @description A query to extract automodel candidates.
* @name Automodel candidates (framework mode)
* @description A query to extract automodel candidates in framework mode.
* @kind problem
* @severity info
* @id java/ml/extract-automodel-candidates
* @tags internal automodel extract candidates
* @problem.severity recommendation
* @id java/ml/extract-automodel-framework-candidates
* @tags internal extract automodel framework-mode candidates
*/
private import AutomodelFrameworkModeCharacteristics
private import AutomodelSharedUtil
private import AutomodelJavaUtil
from
Endpoint endpoint, string message, MetadataExtractor meta, string package, string type,
boolean subtypes, string name, string signature, int input, string parameterName
Endpoint endpoint, string message, FrameworkModeMetadataExtractor meta, DollarAtString package,
DollarAtString type, DollarAtString subtypes, DollarAtString name, DollarAtString signature,
DollarAtString input, DollarAtString parameterName
where
not exists(CharacteristicsImpl::UninterestingToModelCharacteristic u |
u.appliesToEndpoint(endpoint)
@@ -42,10 +43,10 @@ select endpoint,
message + "\nrelated locations: $@, $@." + "\nmetadata: $@, $@, $@, $@, $@, $@, $@.", //
CharacteristicsImpl::getRelatedLocationOrCandidate(endpoint, MethodDoc()), "MethodDoc", //
CharacteristicsImpl::getRelatedLocationOrCandidate(endpoint, ClassDoc()), "ClassDoc", //
package.(DollarAtString), "package", //
type.(DollarAtString), "type", //
subtypes.toString().(DollarAtString), "subtypes", //
name.(DollarAtString), "name", //
signature.(DollarAtString), "signature", //
input.toString().(DollarAtString), "input", //
parameterName.(DollarAtString), "parameterName" //
package, "package", //
type, "type", //
subtypes, "subtypes", //
name, "name", //
signature, "signature", //
input, "input", //
parameterName, "parameterName" //

31
java/ql/src/Telemetry/AutomodelFrameworkModeExtractNegativeExamples.ql
View File

@@ -1,21 +1,22 @@
/**
* Surfaces endpoints that are non-sinks with high confidence, for use as negative examples in the prompt.
*
* @name Negative examples (experimental)
* @name Negative examples (framework mode)
* @kind problem
* @severity info
* @id java/ml/non-sink
* @tags internal automodel extract examples negative
* @problem.severity recommendation
* @id java/ml/extract-automodel-framework-negative-examples
* @tags internal extract automodel framework-mode negative examples
*/
private import AutomodelFrameworkModeCharacteristics
private import AutomodelEndpointTypes
private import AutomodelSharedUtil
private import AutomodelJavaUtil
from
Endpoint endpoint, EndpointCharacteristic characteristic, float confidence, string message,
MetadataExtractor meta, string package, string type, boolean subtypes, string name,
string signature, int input, string parameterName
Endpoint endpoint, EndpointCharacteristic characteristic, float confidence,
DollarAtString message, FrameworkModeMetadataExtractor meta, DollarAtString package,
DollarAtString type, DollarAtString subtypes, DollarAtString name, DollarAtString signature,
DollarAtString input, DollarAtString parameterName
where
characteristic.appliesToEndpoint(endpoint) and
confidence >= SharedCharacteristics::highConfidence() and
@@ -39,10 +40,10 @@ select endpoint,
message + "\nrelated locations: $@, $@." + "\nmetadata: $@, $@, $@, $@, $@, $@, $@.", //
CharacteristicsImpl::getRelatedLocationOrCandidate(endpoint, MethodDoc()), "MethodDoc", //
CharacteristicsImpl::getRelatedLocationOrCandidate(endpoint, ClassDoc()), "ClassDoc", //
package.(DollarAtString), "package", //
type.(DollarAtString), "type", //
subtypes.toString().(DollarAtString), "subtypes", //
name.(DollarAtString), "name", //
signature.(DollarAtString), "signature", //
input.toString().(DollarAtString), "input", //
parameterName.(DollarAtString), "parameterName" //
package, "package", //
type, "type", //
subtypes, "subtypes", //
name, "name", //
signature, "signature", //
input, "input", //
parameterName, "parameterName" //

29
java/ql/src/Telemetry/AutomodelFrameworkModeExtractPositiveExamples.ql
View File

@@ -1,20 +1,21 @@
/**
* Surfaces endpoints that are sinks with high confidence, for use as positive examples in the prompt.
*
* @name Positive examples (experimental)
* @name Positive examples (framework mode)
* @kind problem
* @severity info
* @id java/ml/known-sink
* @tags internal automodel extract examples positive
* @problem.severity recommendation
* @id java/ml/extract-automodel-framework-positive-examples
* @tags internal extract automodel framework-mode positive examples
*/
private import AutomodelFrameworkModeCharacteristics
private import AutomodelEndpointTypes
private import AutomodelSharedUtil
private import AutomodelJavaUtil
from
Endpoint endpoint, SinkType sinkType, MetadataExtractor meta, string package, string type,
boolean subtypes, string name, string signature, int input, string parameterName
Endpoint endpoint, SinkType sinkType, FrameworkModeMetadataExtractor meta, DollarAtString package,
DollarAtString type, DollarAtString subtypes, DollarAtString name, DollarAtString signature,
DollarAtString input, DollarAtString parameterName
where
// Exclude endpoints that have contradictory endpoint characteristics, because we only want examples we're highly
// certain about in the prompt.
@@ -26,10 +27,10 @@ select endpoint,
sinkType + "\nrelated locations: $@, $@." + "\nmetadata: $@, $@, $@, $@, $@, $@, $@.", //
CharacteristicsImpl::getRelatedLocationOrCandidate(endpoint, MethodDoc()), "MethodDoc", //
CharacteristicsImpl::getRelatedLocationOrCandidate(endpoint, ClassDoc()), "ClassDoc", //
package.(DollarAtString), "package", //
type.(DollarAtString), "type", //
subtypes.toString().(DollarAtString), "subtypes", //
name.(DollarAtString), "name", //
signature.(DollarAtString), "signature", //
input.toString().(DollarAtString), "input", //
parameterName.(DollarAtString), "parameterName" //
package, "package", //
type, "type", //
subtypes, "subtypes", //
name, "name", //
signature, "signature", //
input, "input", //
parameterName, "parameterName" //

67
java/ql/src/Telemetry/AutomodelJavaUtil.qll Normal file
View File

@@ -0,0 +1,67 @@
private import java
private import AutomodelEndpointTypes as AutomodelEndpointTypes
/**
* A helper class to represent a string value that can be returned by a query using $@ notation.
*
* It extends `string`, but adds a mock `hasLocationInfo` method that returns the string itself as the file name.
*
* Use this, when you want to return a string value from a query using $@ notation - the string value
* will be included in the sarif file.
*
*
* Background information on `hasLocationInfo`:
* https://codeql.github.com/docs/writing-codeql-queries/providing-locations-in-codeql-queries/#providing-location-information
*/
class DollarAtString extends string {
bindingset[this]
DollarAtString() { any() }
bindingset[this]
predicate hasLocationInfo(string path, int sl, int sc, int el, int ec) {
path = this and sl = 1 and sc = 1 and el = 1 and ec = 1
}
}
/**
* Holds for all combinations of MaD kinds (`kind`) and their human readable
* descriptions.
*/
predicate isKnownKind(string kind, AutomodelEndpointTypes::EndpointType type) {
kind = "path-injection" and
type instanceof AutomodelEndpointTypes::PathInjectionSinkType
or
kind = "sql-injection" and
type instanceof AutomodelEndpointTypes::SqlInjectionSinkType
or
kind = "request-forgery" and
type instanceof AutomodelEndpointTypes::RequestForgerySinkType
or
kind = "command-injection" and
type instanceof AutomodelEndpointTypes::CommandInjectionSinkType
}
/** Gets the models-as-data description for the method argument with the index `index`. */
bindingset[index]
string getArgumentForIndex(int index) {
index = -1 and result = "Argument[this]"
or
index >= 0 and result = "Argument[" + index + "]"
}
/**
* By convention, the subtypes property of the MaD declaration should only be
* true when there _can_ exist any subtypes with a different implementation.
*
* It would technically be ok to always use the value 'true', but this would
* break convention.
*/
boolean considerSubtypes(Callable callable) {
if
callable.isStatic() or
callable.getDeclaringType().isStatic() or
callable.isFinal() or
callable.getDeclaringType().isFinal()
then result = false
else result = true
}

8
java/ql/src/Telemetry/AutomodelSharedCharacteristics.qll
View File

@@ -50,7 +50,7 @@ signature module CandidateSig {
/**
* Defines what MaD kinds are known, and what endpoint type they correspond to.
*/
predicate isKnownKind(string kind, string humanReadableLabel, EndpointType type);
predicate isKnownKind(string kind, EndpointType type);
/**
* Holds if `e` is a flow sanitizer, and has type `t`.
@@ -276,7 +276,11 @@ module SharedCharacteristics<CandidateSig Candidate> {
string madKind;
Candidate::EndpointType endpointType;
KnownSinkCharacteristic() { Candidate::isKnownKind(madKind, this, endpointType) }
KnownSinkCharacteristic() {
Candidate::isKnownKind(madKind, endpointType) and
// bind "this" to a unique string differing from that of the SinkType classes
this = madKind + "-characteristic"
}
override predicate appliesToEndpoint(Candidate::Endpoint e) { Candidate::isSink(e, madKind) }

21
java/ql/src/Telemetry/AutomodelSharedGetCallable.qll Normal file
View File

@@ -0,0 +1,21 @@
/**
* An automodel extraction mode instantiates this interface to define how to access
* the callable that's associated with an endpoint.
*/
signature module GetCallableSig {
/**
* A callable is the definition of a method, function, etc. - something that can be called.
*/
class Callable;
/**
* An endpoint is a potential candidate for modeling. This will typically be bound to the language's
* DataFlow node class, or a subtype thereof.
*/
class Endpoint;
/**
* Gets the callable that's associated with the given endpoint.
*/
Callable getCallable(Endpoint endpoint);
}

21
java/ql/src/Telemetry/AutomodelSharedUtil.qll
View File

@@ -1,21 +0,0 @@
/**
* A helper class to represent a string value that can be returned by a query using $@ notation.
*
* It extends `string`, but adds a mock `hasLocationInfo` method that returns the string itself as the file name.
*
* Use this, when you want to return a string value from a query using $@ notation - the string value
* will be included in the sarif file.
*
*
* Background information on `hasLocationInfo`:
* https://codeql.github.com/docs/writing-codeql-queries/providing-locations-in-codeql-queries/#providing-location-information
*/
class DollarAtString extends string {
bindingset[this]
DollarAtString() { any() }
bindingset[this]
predicate hasLocationInfo(string path, int sl, int sc, int el, int ec) {
path = this and sl = 1 and sc = 1 and el = 1 and ec = 1
}
}

Some files were not shown because too many files have changed in this diff Show More