Java: add comments for reflection-related models

2026-04-29 02:35:15 +02:00 · 2023-03-14 23:02:22 -04:00
parent e0c0c973a7
commit 62d64d5828
2 changed files with 4 additions and 3 deletions
--- a/java/ql/lib/ext/java.lang.model.yml
+++ b/java/ql/lib/ext/java.lang.model.yml
@@ -140,9 +140,9 @@ extensions:
      - ["java.lang", "Class", "forName", "(String)", "manual"]
      - ["java.lang", "Class", "getCanonicalName", "()", "manual"]
      - ["java.lang", "Class", "getClassLoader", "()", "manual"]
-      - ["java.lang", "Class", "getDeclaredConstructor", "(Class[])", "manual"]
-      - ["java.lang", "Class", "getDeclaredField", "(String)", "manual"]
-      - ["java.lang", "Class", "getMethod", "(String,Class[])", "manual"]
+      - ["java.lang", "Class", "getDeclaredConstructor", "(Class[])", "manual"]  # This model may be changed to a taint step for an unsafe reflection query in the future.
+      - ["java.lang", "Class", "getDeclaredField", "(String)", "manual"]         # This model may be changed to a taint step for an unsafe reflection query in the future.
+      - ["java.lang", "Class", "getMethod", "(String,Class[])", "manual"]        # This model may be changed to a taint step for an unsafe reflection query in the future.
      - ["java.lang", "Class", "getName", "()", "manual"]
      - ["java.lang", "Class", "getResource", "(String)", "manual"]
      - ["java.lang", "Class", "getResourceAsStream", "(String)", "manual"]
--- a/java/ql/lib/ext/java.lang.reflect.model.yml
+++ b/java/ql/lib/ext/java.lang.reflect.model.yml
@@ -3,6 +3,7 @@ extensions:
      pack: codeql/java-all
      extensible: neutralModel
    data:
+      # The below models may be changed to taint steps for an unsafe reflection query in the future.
      - ["java.lang.reflect", "Constructor", "newInstance", "(Object[])", "manual"]
      - ["java.lang.reflect", "Field", "get", "(Object)", "manual"]
      - ["java.lang.reflect", "Method", "getName", "()", "manual"]