hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-22 15:25:18 +02:00
Code Issues Packages Projects Releases Wiki Activity

Java: Add some spurious source and sink examples.

Browse Source
This commit is contained in:
Michael Nebel
2024-06-18 14:58:57 +02:00
parent 854674a71c
commit 30249e4f2b
4 changed files with 30 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
java/ql/test/utils/modelgenerator/dataflow/CaptureSinkModels.ext.yml
View File

@@ -5,6 +5,7 @@ extensions:
extensible: sinkModel
data:
- [ "p", "Sinks", False, "sink", "(Object)", "", "Argument[0]", "test-sink", "manual" ]
- [ "p", "Sinks", False, "manualSinkAlreadyDefined", "(Object)", "", "Argument[0]", "test-sink", "manual" ]
- addsTo:
pack: codeql/java-all

7
java/ql/test/utils/modelgenerator/dataflow/CaptureSourceModels.ext.yml
View File

@@ -5,3 +5,10 @@ extensions:
extensible: sourceModel
data:
- [ "p", "Sources", False, "source", "()", "", "ReturnValue", "test-source", "manual" ]
- [ "p", "Sources", False, "manualSourceAlreadyDefined", "()", "", "ReturnValue", "test-source", "manual" ]
- addsTo:
pack: codeql/java-all
extensible: neutralModel
data:
- ["p", "Sources", "manualNeutralSource", "()", "source", "manual"]

7
java/ql/test/utils/modelgenerator/dataflow/p/Sinks.java
View File

@@ -71,4 +71,11 @@ public class Sinks {
Boolean b = s == "hello";
sink(b);
}
// Not a new sink as this callable already has a manual sink.
// SPURIOUS-sink=p;Sinks;true;manualSinkAlreadyDefined;(Object);;Argument[0];test-sink;df-generated
// neutral=p;Sinks;manualSinkAlreadyDefined;(Object);summary;df-generated
public void manualSinkAlreadyDefined(Object o) {
sink(o);
}
}

15
java/ql/test/utils/modelgenerator/dataflow/p/Sources.java
View File

@@ -66,4 +66,19 @@ public class Sources {
return value.toString();
}
}
// Not a new source as this callable has been manually modelled
// as source neutral.
// SPURIOUS-source=p;Sources;true;manualNeutralSource;();;ReturnValue;test-source;df-generated
// neutral=p;Sources;manualNeutralSource;();summary;df-generated
public String manualNeutralSource() {
return source();
}
// Not a new source as this callable already has a manual source.
// SPURIOUS-source=p;Sources;true;manualSourceAlreadyDefined;();;ReturnValue;test-source;df-generated
// neutral=p;Sources;manualSourceAlreadyDefined;();summary;df-generated
public String manualSourceAlreadyDefined() {
return source();
}
}