Fix isNeutral predicates.

2026-04-25 08:45:14 +02:00 · 2024-02-06 16:24:33 +00:00
parent 4b9443eb15
commit 48105db5b0
3 changed files with 15 additions and 8 deletions
--- a/java/ql/automodel/src/AutomodelApplicationModeCharacteristics.qll
+++ b/java/ql/automodel/src/AutomodelApplicationModeCharacteristics.qll
@@ -274,9 +274,14 @@ module ApplicationCandidatesImpl implements SharedCharacteristics::CandidateSig
  }

  predicate isNeutral(Endpoint e) {
-    exists(string package, string type, string name, string signature |
+    exists(string package, string type, string name, string signature, string endpointType |
      sinkSpec(e, package, type, _, name, signature, _, _) and
-      ExternalFlow::neutralModel(package, type, name, [signature, ""], "sink", _)
+      endpointType = "sink"
+      or
+      sourceSpec(e, package, type, _, name, signature, _, _) and
+      endpointType = "source"
+    |
+      ExternalFlow::neutralModel(package, type, name, [signature, ""], endpointType, _)
    )
  }

--- a/java/ql/automodel/src/AutomodelFrameworkModeCharacteristics.qll
+++ b/java/ql/automodel/src/AutomodelFrameworkModeCharacteristics.qll
@@ -230,12 +230,14 @@ module FrameworkCandidatesImpl implements SharedCharacteristics::CandidateSig {
  }

  predicate isNeutral(Endpoint e) {
-    exists(string package, string type, string name, string signature |
-      sinkSpec(e, package, type, _, name, signature, _, _)
+    exists(string package, string type, string name, string signature, string endpointType |
+      sinkSpec(e, package, type, _, name, signature, _, _) and
+      endpointType = "sink"
      or
-      sourceSpec(e, package, type, _, name, signature, _, _)
+      sourceSpec(e, package, type, _, name, signature, _, _) and
+      endpointType = "source"
    |
-      ExternalFlow::neutralModel(package, type, name, [signature, ""], "sink", _)
+      ExternalFlow::neutralModel(package, type, name, [signature, ""], endpointType, _)
    )
  }

--- a/java/ql/automodel/test/AutomodelFrameworkModeExtraction/java/io/File.java
+++ b/java/ql/automodel/test/AutomodelFrameworkModeExtraction/java/io/File.java
@@ -1,8 +1,8 @@
 package java.io;

 public class File {
-    public int compareTo( // $ negativeSinkExample=compareTo(File):Argument[this] negativeSourceExample=compareTo(File):Parameter[this] // modeled as neutral
-        File pathname // $ negativeSinkExample=compareTo(File):Argument[0] negativeSourceExample=compareTo(File):Parameter[0] // modeled as neutral
+    public int compareTo( // $ negativeSinkExample=compareTo(File):Argument[this] sourceModelCandidate=compareTo(File):Parameter[this] // modeled as neutral for sinks
+        File pathname // $ negativeSinkExample=compareTo(File):Argument[0] sourceModelCandidate=compareTo(File):Parameter[0] // modeled as neutral for sinks
    ) {
        return 0;
    }