Merge pull request #15280 from owen-mc/java/add-manual-models-for-df-generation

Java: improve models for some important JDK methods

java/ql/lib/change-notes/2024-01-10-new-jdk-models.md

@@ -0,0 +1,4 @@
+---
+category: minorAnalysis
+---
+* Improved models for `java.lang.Throwable` and `java.lang.Exception`, and the `valueOf` method of `java.lang.String`.

java/ql/lib/ext/java.lang.model.yml

@@ -79,6 +79,8 @@ extensions:
       - ["java.lang", "Exception", False, "Exception", "(String)", "", "Argument[0]", "Argument[this].SyntheticField[java.lang.Throwable.message]", "value", "manual"]
       - ["java.lang", "Exception", False, "Exception", "(String,Throwable)", "", "Argument[0]", "Argument[this].SyntheticField[java.lang.Throwable.message]", "value", "manual"]
       - ["java.lang", "Exception", False, "Exception", "(String,Throwable)", "", "Argument[1]", "Argument[this].SyntheticField[java.lang.Throwable.cause]", "value", "manual"]
+      - ["java.lang", "Exception", False, "Exception", "(Throwable)", "", "Argument[0]", "Argument[this].SyntheticField[java.lang.Throwable.cause]", "value", "manual"]
+      - ["java.lang", "Exception", False, "Exception", "(Throwable)", "", "Argument[0].SyntheticField[java.lang.Throwable.message]", "Argument[this].SyntheticField[java.lang.Throwable.message]", "taint", "manual"]
       - ["java.lang", "IllegalArgumentException", False, "IllegalArgumentException", "(String)", "", "Argument[0]", "Argument[this].SyntheticField[java.lang.Throwable.message]", "value", "manual"]
       - ["java.lang", "IllegalStateException", False, "IllegalStateException", "(String)", "", "Argument[0]", "Argument[this].SyntheticField[java.lang.Throwable.message]", "value", "manual"]
       - ["java.lang", "IndexOutOfBoundsException", False, "IndexOutOfBoundsException", "(String)", "", "Argument[0]", "Argument[this].SyntheticField[java.lang.Throwable.message]", "value", "manual"]
@@ -131,6 +133,7 @@ extensions:
       - ["java.lang", "String", False, "valueOf", "(char)", "", "Argument[0]", "ReturnValue", "taint", "manual"]
       - ["java.lang", "String", False, "valueOf", "(char[])", "", "Argument[0]", "ReturnValue", "taint", "manual"]
       - ["java.lang", "String", False, "valueOf", "(char[],int,int)", "", "Argument[0]", "ReturnValue", "taint", "manual"]
+      - ["java.lang", "String", False, "valueOf", "(CharSequence)", "", "Argument[0]", "ReturnValue", "taint", "manual"]
       - ["java.lang", "StringBuffer", True, "StringBuffer", "(CharSequence)", "", "Argument[0]", "Argument[this]", "taint", "manual"]
       - ["java.lang", "StringBuffer", True, "StringBuffer", "(String)", "", "Argument[0]", "Argument[this]", "taint", "manual"]
       - ["java.lang", "StringBuilder", True, "StringBuilder", "", "", "Argument[0]", "Argument[this]", "taint", "manual"]
@@ -141,11 +144,17 @@ extensions:
       - ["java.lang", "ThreadLocal", True, "get", "()", "", "Argument[this].SyntheticField[java.lang.ThreadLocal.value]", "ReturnValue", "value", "manual"]
       - ["java.lang", "ThreadLocal", True, "set", "(Object)", "", "Argument[0]", "Argument[this].SyntheticField[java.lang.ThreadLocal.value]", "value", "manual"]
       - ["java.lang", "ThreadLocal", False, "withInitial", "(Supplier)", "", "Argument[0].ReturnValue", "ReturnValue.SyntheticField[java.lang.ThreadLocal.value]", "value", "manual"]
-      - ["java.lang", "Throwable", False, "Throwable", "(Throwable)", "", "Argument[0]", "Argument[this].SyntheticField[java.lang.Throwable.cause]", "value", "manual"]
       - ["java.lang", "Throwable", False, "Throwable", "(String)", "", "Argument[0]", "Argument[this].SyntheticField[java.lang.Throwable.message]", "value", "manual"]
+      - ["java.lang", "Throwable", False, "Throwable", "(String,Throwable)", "", "Argument[0]", "Argument[this].SyntheticField[java.lang.Throwable.message]", "value", "manual"]
+      - ["java.lang", "Throwable", False, "Throwable", "(String,Throwable)", "", "Argument[1]", "Argument[this].SyntheticField[java.lang.Throwable.cause]", "value", "manual"]
+      - ["java.lang", "Throwable", False, "Throwable", "(Throwable)", "", "Argument[0]", "Argument[this].SyntheticField[java.lang.Throwable.cause]", "value", "manual"]
+      - ["java.lang", "Throwable", False, "Throwable", "(Throwable)", "", "Argument[0].SyntheticField[java.lang.Throwable.message]", "Argument[this].SyntheticField[java.lang.Throwable.message]", "taint", "manual"]
       - ["java.lang", "Throwable", True, "getCause", "()", "", "Argument[this].SyntheticField[java.lang.Throwable.cause]", "ReturnValue", "value", "manual"]
       - ["java.lang", "Throwable", True, "getMessage", "()", "", "Argument[this].SyntheticField[java.lang.Throwable.message]", "ReturnValue", "value", "manual"]
       - ["java.lang", "Throwable", True, "getLocalizedMessage", "()", "", "Argument[this].SyntheticField[java.lang.Throwable.message]", "ReturnValue", "value", "manual"]
+      - ["java.lang", "Throwable", True, "initCause", "(Throwable)", "", "Argument[0]", "Argument[this].SyntheticField[java.lang.Throwable.cause]", "value", "manual"]
+      - ["java.lang", "Throwable", True, "initCause", "(Throwable)", "", "Argument[0]", "ReturnValue.SyntheticField[java.lang.Throwable.cause]", "value", "manual"]
+      - ["java.lang", "Throwable", True, "initCause", "(Throwable)", "", "Argument[this]", "ReturnValue", "value", "manual"]
       - ["java.lang", "Throwable", True, "toString", "()", "", "Argument[this].SyntheticField[java.lang.Throwable.message]", "ReturnValue", "taint", "manual"]
       - ["java.lang", "UnsupportedOperationException", False, "UnsupportedOperationException", "(String)", "", "Argument[0]", "Argument[this].SyntheticField[java.lang.Throwable.message]", "value", "manual"]
   - addsTo:
@@ -202,6 +211,7 @@ extensions:
       - ["java.lang", "String", "length", "()", "summary", "manual"]
       - ["java.lang", "String", "startsWith", "(String)", "summary", "manual"]
       - ["java.lang", "String", "valueOf", "(boolean)", "summary", "manual"]
+      - ["java.lang", "String", "valueOf", "(Object)", "summary", "manual"]
       - ["java.lang", "System", "currentTimeMillis", "()", "summary", "manual"]
       - ["java.lang", "System", "exit", "(int)", "summary", "manual"]
       - ["java.lang", "System", "getenv", "(String)", "summary", "manual"]
@@ -213,6 +223,14 @@ extensions:
       - ["java.lang", "Thread", "interrupt", "()", "summary", "manual"]
       - ["java.lang", "Thread", "sleep", "(long)", "summary", "manual"]
       - ["java.lang", "Thread", "start", "()", "summary", "manual"]
+      - ["java.lang", "Throwable", "addSuppressed", "(Throwable)", "summary", "manual"]
+      - ["java.lang", "Throwable", "fillInStackTrace", "()", "summary", "manual"]
+      - ["java.lang", "Throwable", "getStackTrace", "()", "summary", "manual"]
+      - ["java.lang", "Throwable", "getSuppressed", "()", "summary", "manual"]
+      - ["java.lang", "Throwable", "printStackTrace", "()", "summary", "manual"]
+      - ["java.lang", "Throwable", "printStackTrace", "(PrintStream)", "summary", "manual"]
+      - ["java.lang", "Throwable", "printStackTrace", "(PrintWriter)", "summary", "manual"]
+      - ["java.lang", "Throwable", "setStackTrace", "(StackTraceElement[])", "summary", "manual"]
       # The below APIs have numeric flow and are currently being stored as neutral models.
       # These may be changed to summary models with kinds "value-numeric" and "taint-numeric" (or similar) in the future.
       - ["java.lang", "Double", "doubleToLongBits", "(double)", "summary", "manual"] # taint-numeric

java/ql/test/ext/TopJdkApis/TopJdkApisTest.expected

@@ -1,8 +1,6 @@
 | java.lang.Runnable#run() | no manual model |
-| java.lang.String#valueOf(Object) | no manual model |
 | java.lang.System#getProperty(String) | no manual model |
 | java.lang.System#setProperty(String,String) | no manual model |
-| java.lang.Throwable#printStackTrace() | no manual model |
 | java.text.Format#format(Object) | no manual model |
 | java.text.MessageFormat#format(String,Object[]) | no manual model |
 | java.util.Comparator#comparing(Function) | no manual model |