diff --git a/java/ql/lib/ext/threatmodels/threat-model-grouping.model.yml b/java/ql/lib/ext/threatmodels/threat-model-grouping.model.yml index 2b85b258b57..1eb334b67e7 100644 --- a/java/ql/lib/ext/threatmodels/threat-model-grouping.model.yml +++ b/java/ql/lib/ext/threatmodels/threat-model-grouping.model.yml @@ -6,11 +6,6 @@ extensions: data: # Default threat model - ["remote", "default"] - - ["uri-path", "default"] - - # Android threat models - - ["android-external-storage-dir", "android"] - - ["contentprovider", "android"] # Remote threat models - ["request", "remote"] @@ -18,6 +13,10 @@ extensions: # Local threat models - ["database", "local"] - - ["cli", "local"] + - ["commandargs", "local"] - ["environment", "local"] - ["file", "local"] + + # Android threat models + - ["android-external-storage-dir", "android"] + - ["contentprovider", "android"] diff --git a/java/ql/lib/semmle/code/java/dataflow/FlowSources.qll b/java/ql/lib/semmle/code/java/dataflow/FlowSources.qll index 44bd52947da..95534eab8f1 100644 --- a/java/ql/lib/semmle/code/java/dataflow/FlowSources.qll +++ b/java/ql/lib/semmle/code/java/dataflow/FlowSources.qll @@ -259,7 +259,7 @@ private class CliInput extends LocalUserInput { exists(Field f | this.asExpr() = f.getAnAccess() | f instanceof SystemIn) } - override string getThreatModel() { result = "cli" } + override string getThreatModel() { result = "commandargs" } } /** diff --git a/java/ql/test/library-tests/dataflow/threat-models/Test.java b/java/ql/test/library-tests/dataflow/threat-models/Test.java index 6faffc18f03..37b67d8ce86 100644 --- a/java/ql/test/library-tests/dataflow/threat-models/Test.java +++ b/java/ql/test/library-tests/dataflow/threat-models/Test.java @@ -59,7 +59,7 @@ class Test { } public void M5(Statement handle) throws Exception { - // Only a source if "cli" is a selected threat model. + // Only a source if "commandargs" is a selected threat model. byte[] data = new byte[1024]; System.in.read(data); diff --git a/java/ql/test/library-tests/dataflow/threat-models/threat-models-flowtest5.ext.yml b/java/ql/test/library-tests/dataflow/threat-models/threat-models-flowtest5.ext.yml index 7acb0707eec..9b6a3831713 100644 --- a/java/ql/test/library-tests/dataflow/threat-models/threat-models-flowtest5.ext.yml +++ b/java/ql/test/library-tests/dataflow/threat-models/threat-models-flowtest5.ext.yml @@ -5,7 +5,7 @@ extensions: extensible: supportedThreatModels data: - ["environment"] - - ["cli"] + - ["commandargs"] - addsTo: pack: codeql/java-all diff --git a/java/ql/test/library-tests/dataflow/threat-models/threat-models-flowtest5.ql b/java/ql/test/library-tests/dataflow/threat-models/threat-models-flowtest5.ql index 670939cbaf8..4ffe24cc9b7 100644 --- a/java/ql/test/library-tests/dataflow/threat-models/threat-models-flowtest5.ql +++ b/java/ql/test/library-tests/dataflow/threat-models/threat-models-flowtest5.ql @@ -1,6 +1,6 @@ /** * This is a dataflow test using the "default" threat model with the - * addition of "environment" and "cli". + * addition of "environment" and "commandargs". */ import Test diff --git a/java/ql/test/library-tests/dataflow/threat-models/threat-models1.expected b/java/ql/test/library-tests/dataflow/threat-models/threat-models1.expected index d538019ccb7..c471a7cc912 100644 --- a/java/ql/test/library-tests/dataflow/threat-models/threat-models1.expected +++ b/java/ql/test/library-tests/dataflow/threat-models/threat-models1.expected @@ -2,4 +2,3 @@ | remote | | request | | response | -| uri-path | diff --git a/java/ql/test/library-tests/dataflow/threat-models/threat-models2.expected b/java/ql/test/library-tests/dataflow/threat-models/threat-models2.expected index 809a018e98e..395951c3b47 100644 --- a/java/ql/test/library-tests/dataflow/threat-models/threat-models2.expected +++ b/java/ql/test/library-tests/dataflow/threat-models/threat-models2.expected @@ -1,4 +1,4 @@ -| cli | +| commandargs | | database | | default | | environment | @@ -7,4 +7,3 @@ | remote | | request | | response | -| uri-path |