diff --git a/java/ql/src/semmle/code/java/frameworks/JavaxJson.qll b/java/ql/src/semmle/code/java/frameworks/JavaxJson.qll index 622ac550e37..d5ddf9f6f6c 100644 --- a/java/ql/src/semmle/code/java/frameworks/JavaxJson.qll +++ b/java/ql/src/semmle/code/java/frameworks/JavaxJson.qll @@ -86,6 +86,7 @@ private class FlowSummaries extends SummaryModelCsv { "JsonObjectBuilder;false;addAll;;;Argument[-1];ReturnValue;value", "JsonObjectBuilder;false;addNull;;;Argument[-1];ReturnValue;value", "JsonObjectBuilder;false;build;;;Argument[-1];ReturnValue;taint", + "JsonObjectBuilder;false;remove;;;Argument[-1];ReturnValue;value", "JsonParserFactory;false;createParser;;;Argument[0];ReturnValue;taint", "JsonPatch;false;apply;;;Argument[-1];ReturnValue;taint", "JsonPatch;false;apply;;;Argument[0];ReturnValue;taint", diff --git a/java/ql/test/library-tests/frameworks/javax-json/Test.java b/java/ql/test/library-tests/frameworks/javax-json/Test.java index 6a9a140e37f..b686333aa5e 100644 --- a/java/ql/test/library-tests/frameworks/javax-json/Test.java +++ b/java/ql/test/library-tests/frameworks/javax-json/Test.java @@ -1030,6 +1030,13 @@ public class Test { out = in.build(); sink(out); // $hasTaintFlow } + { + // "jakarta.json;JsonObjectBuilder;false;remove;;;Argument[-1];ReturnValue;value" + jakarta.json.JsonObjectBuilder out = null; + jakarta.json.JsonObjectBuilder in = (jakarta.json.JsonObjectBuilder)source(); + out = in.remove(null); + sink(out); // $hasValueFlow + } { // "jakarta.json;JsonPatch;false;apply;;;Argument[-1];ReturnValue;taint" jakarta.json.JsonStructure out = null; @@ -2210,6 +2217,13 @@ public class Test { out = in.build(); sink(out); // $hasTaintFlow } + { + // "javax.json;JsonObjectBuilder;false;remove;;;Argument[-1];ReturnValue;value" + javax.json.JsonObjectBuilder out = null; + javax.json.JsonObjectBuilder in = (javax.json.JsonObjectBuilder)source(); + out = in.remove(null); + sink(out); // $hasValueFlow + } { // "javax.json;JsonPatch;false;apply;;;Argument[-1];ReturnValue;taint" javax.json.JsonStructure out = null;