hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-05 05:35:13 +02:00
Code Issues Packages Projects Releases Wiki Activity

Add backward dataflow edges through modelled function invocations.

Browse Source 
Also add convenience abstract classes for easily modelling new functions as fluent or value-preserving.
This commit is contained in:
Chris Smowton
2021-03-04 11:45:19 +00:00
parent fe07630e40
commit 40b0f68d2a
3 changed files with 74 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
java/ql/test/library-tests/dataflow/fluent-methods/Test.java
View File

@@ -6,6 +6,16 @@ public class Test {
return this;
}
public Test modelledFluentMethod() {
// A model in the accompanying .ql file will indicate that the qualifier flows to the return value.
return null;
}
public static Test modelledIdentity(Test t) {
// A model in the accompanying .ql file will indicate that the argument flows to the return value.
return null;
}
public Test indirectlyFluentNoop() {
return this.fluentNoop();
}
@@ -47,4 +57,16 @@ public class Test {
sink(t.get()); // $hasTaintFlow=y
}
public static void testModel1() {
Test t = new Test();
t.indirectlyFluentNoop().modelledFluentMethod().fluentSet(source()).fluentNoop();
sink(t.get()); // $hasTaintFlow=y
}
public static void testModel2() {
Test t = new Test();
Test.modelledIdentity(t).indirectlyFluentNoop().modelledFluentMethod().fluentSet(source()).fluentNoop();
sink(t.get()); // $hasTaintFlow=y
}
}