hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-03 20:58:03 +02:00
Code Issues Packages Projects Releases Wiki Activity

Java: add comments for reflection-related models

Browse Source
This commit is contained in:
Jami Cogswell
2023-03-14 23:02:22 -04:00
parent e0c0c973a7
commit 62d64d5828
2 changed files with 4 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
java/ql/lib/ext/java.lang.model.yml
View File

@@ -140,9 +140,9 @@ extensions:
- ["java.lang", "Class", "forName", "(String)", "manual"]
- ["java.lang", "Class", "getCanonicalName", "()", "manual"]
- ["java.lang", "Class", "getClassLoader", "()", "manual"]
- ["java.lang", "Class", "getDeclaredConstructor", "(Class[])", "manual"]
- ["java.lang", "Class", "getDeclaredField", "(String)", "manual"]
- ["java.lang", "Class", "getMethod", "(String,Class[])", "manual"]
- ["java.lang", "Class", "getDeclaredConstructor", "(Class[])", "manual"] # This model may be changed to a taint step for an unsafe reflection query in the future.
- ["java.lang", "Class", "getDeclaredField", "(String)", "manual"] # This model may be changed to a taint step for an unsafe reflection query in the future.
- ["java.lang", "Class", "getMethod", "(String,Class[])", "manual"] # This model may be changed to a taint step for an unsafe reflection query in the future.
- ["java.lang", "Class", "getName", "()", "manual"]
- ["java.lang", "Class", "getResource", "(String)", "manual"]
- ["java.lang", "Class", "getResourceAsStream", "(String)", "manual"]