Java: Cleanup threat model taxanomy to align with the EDR.

2026-04-27 01:35:13 +02:00 · 2023-09-28 10:52:05 +02:00
parent 5c700afa27
commit 5b949b19f7
7 changed files with 10 additions and 13 deletions
--- a/java/ql/lib/ext/threatmodels/threat-model-grouping.model.yml
+++ b/java/ql/lib/ext/threatmodels/threat-model-grouping.model.yml
@@ -6,11 +6,6 @@ extensions:
    data:
      # Default threat model
      - ["remote", "default"]
-      - ["uri-path", "default"]
-
-      # Android threat models
-      - ["android-external-storage-dir", "android"]
-      - ["contentprovider", "android"]

      # Remote threat models
      - ["request", "remote"]
@@ -18,6 +13,10 @@ extensions:

      # Local threat models
      - ["database", "local"]
-      - ["cli", "local"]
+      - ["commandargs", "local"]
      - ["environment", "local"]
      - ["file", "local"]
+
+      # Android threat models
+      - ["android-external-storage-dir", "android"]
+      - ["contentprovider", "android"]
--- a/java/ql/lib/semmle/code/java/dataflow/FlowSources.qll
+++ b/java/ql/lib/semmle/code/java/dataflow/FlowSources.qll
@@ -259,7 +259,7 @@ private class CliInput extends LocalUserInput {
    exists(Field f | this.asExpr() = f.getAnAccess() | f instanceof SystemIn)
  }

-  override string getThreatModel() { result = "cli" }
+  override string getThreatModel() { result = "commandargs" }
 }

 /**
--- a/java/ql/test/library-tests/dataflow/threat-models/Test.java
+++ b/java/ql/test/library-tests/dataflow/threat-models/Test.java
@@ -59,7 +59,7 @@ class Test {
  }

  public void M5(Statement handle) throws Exception {
-    // Only a source if "cli" is a selected threat model.
+    // Only a source if "commandargs" is a selected threat model.
    byte[] data = new byte[1024];
    System.in.read(data);

--- a/java/ql/test/library-tests/dataflow/threat-models/threat-models-flowtest5.ext.yml
+++ b/java/ql/test/library-tests/dataflow/threat-models/threat-models-flowtest5.ext.yml
@@ -5,7 +5,7 @@ extensions:
      extensible: supportedThreatModels
    data:
      - ["environment"]
-      - ["cli"]
+      - ["commandargs"]

  - addsTo:
      pack: codeql/java-all
--- a/java/ql/test/library-tests/dataflow/threat-models/threat-models-flowtest5.ql
+++ b/java/ql/test/library-tests/dataflow/threat-models/threat-models-flowtest5.ql
@@ -1,6 +1,6 @@
 /**
 * This is a dataflow test using the "default" threat model with the
- * addition of "environment" and "cli".
+ * addition of "environment" and "commandargs".
 */

 import Test
--- a/java/ql/test/library-tests/dataflow/threat-models/threat-models1.expected
+++ b/java/ql/test/library-tests/dataflow/threat-models/threat-models1.expected
@@ -2,4 +2,3 @@
 | remote |
 | request |
 | response |
-| uri-path |
--- a/java/ql/test/library-tests/dataflow/threat-models/threat-models2.expected
+++ b/java/ql/test/library-tests/dataflow/threat-models/threat-models2.expected
@@ -1,4 +1,4 @@
-| cli |
+| commandargs |
 | database |
 | default |
 | environment |
@@ -7,4 +7,3 @@
 | remote |
 | request |
 | response |
-| uri-path |