Merge branch 'main' into atorralba/java/promote-xxe-experimental-sinks

java/ql/test/TestUtilities/InlineFlowTest.qll

@@ -73,7 +73,7 @@ class InlineFlowTest extends InlineExpectationsTest {
 
   override predicate hasActualResult(Location location, string element, string tag, string value) {
     tag = "hasValueFlow" and
-    exists(DataFlow::Node src, DataFlow::Node sink | hasValueFlow(src, sink) |
+    exists(DataFlow::Node src, DataFlow::Node sink | this.hasValueFlow(src, sink) |
       sink.getLocation() = location and
       element = sink.toString() and
       if exists(getSourceArgString(src)) then value = getSourceArgString(src) else value = ""
@@ -81,7 +81,7 @@ class InlineFlowTest extends InlineExpectationsTest {
     or
     tag = "hasTaintFlow" and
     exists(DataFlow::Node src, DataFlow::Node sink |
-      hasTaintFlow(src, sink) and not hasValueFlow(src, sink)
+      this.hasTaintFlow(src, sink) and not this.hasValueFlow(src, sink)
     |
       sink.getLocation() = location and
       element = sink.toString() and

java/ql/test/experimental/query-tests/security/CWE-020/Log4jInjectionTest.expected

@@ -1053,8 +1053,8 @@ edges
 | Log4jJndiInjectionTest.java:37:59:37:66 | source(...) : String | Log4jJndiInjectionTest.java:37:41:37:66 | (...)... |
 | Log4jJndiInjectionTest.java:39:50:39:57 | source(...) : String | Log4jJndiInjectionTest.java:39:41:39:57 | (...)... |
 | Log4jJndiInjectionTest.java:40:50:40:57 | source(...) : String | Log4jJndiInjectionTest.java:40:41:40:57 | (...)... |
-| Log4jJndiInjectionTest.java:41:56:41:78 | {...} [[]] : String | Log4jJndiInjectionTest.java:41:56:41:78 | new Object[] |
-| Log4jJndiInjectionTest.java:41:70:41:77 | source(...) : String | Log4jJndiInjectionTest.java:41:56:41:78 | {...} [[]] : String |
+| Log4jJndiInjectionTest.java:41:56:41:78 | {...} : Object[] [[]] : String | Log4jJndiInjectionTest.java:41:56:41:78 | new Object[] |
+| Log4jJndiInjectionTest.java:41:70:41:77 | source(...) : String | Log4jJndiInjectionTest.java:41:56:41:78 | {...} : Object[] [[]] : String |
 | Log4jJndiInjectionTest.java:42:65:42:72 | source(...) : String | Log4jJndiInjectionTest.java:42:56:42:72 | (...)... |
 | Log4jJndiInjectionTest.java:43:50:43:57 | source(...) : String | Log4jJndiInjectionTest.java:43:41:43:57 | (...)... |
 | Log4jJndiInjectionTest.java:44:80:44:87 | source(...) : String | Log4jJndiInjectionTest.java:44:71:44:87 | (...)... |
@@ -1120,8 +1120,8 @@ edges
 | Log4jJndiInjectionTest.java:104:36:104:43 | source(...) : String | Log4jJndiInjectionTest.java:104:26:104:43 | (...)... |
 | Log4jJndiInjectionTest.java:107:35:107:42 | source(...) : String | Log4jJndiInjectionTest.java:107:26:107:42 | (...)... |
 | Log4jJndiInjectionTest.java:108:35:108:42 | source(...) : String | Log4jJndiInjectionTest.java:108:26:108:42 | (...)... |
-| Log4jJndiInjectionTest.java:109:41:109:63 | {...} [[]] : String | Log4jJndiInjectionTest.java:109:41:109:63 | new Object[] |
-| Log4jJndiInjectionTest.java:109:55:109:62 | source(...) : String | Log4jJndiInjectionTest.java:109:41:109:63 | {...} [[]] : String |
+| Log4jJndiInjectionTest.java:109:41:109:63 | {...} : Object[] [[]] : String | Log4jJndiInjectionTest.java:109:41:109:63 | new Object[] |
+| Log4jJndiInjectionTest.java:109:55:109:62 | source(...) : String | Log4jJndiInjectionTest.java:109:41:109:63 | {...} : Object[] [[]] : String |
 | Log4jJndiInjectionTest.java:110:50:110:57 | source(...) : String | Log4jJndiInjectionTest.java:110:41:110:57 | (...)... |
 | Log4jJndiInjectionTest.java:111:35:111:42 | source(...) : String | Log4jJndiInjectionTest.java:111:26:111:42 | (...)... |
 | Log4jJndiInjectionTest.java:112:65:112:72 | source(...) : String | Log4jJndiInjectionTest.java:112:56:112:72 | (...)... |
@@ -1190,8 +1190,8 @@ edges
 | Log4jJndiInjectionTest.java:175:59:175:66 | source(...) : String | Log4jJndiInjectionTest.java:175:41:175:66 | (...)... |
 | Log4jJndiInjectionTest.java:177:50:177:57 | source(...) : String | Log4jJndiInjectionTest.java:177:41:177:57 | (...)... |
 | Log4jJndiInjectionTest.java:178:50:178:57 | source(...) : String | Log4jJndiInjectionTest.java:178:41:178:57 | (...)... |
-| Log4jJndiInjectionTest.java:179:56:179:78 | {...} [[]] : String | Log4jJndiInjectionTest.java:179:56:179:78 | new Object[] |
-| Log4jJndiInjectionTest.java:179:70:179:77 | source(...) : String | Log4jJndiInjectionTest.java:179:56:179:78 | {...} [[]] : String |
+| Log4jJndiInjectionTest.java:179:56:179:78 | {...} : Object[] [[]] : String | Log4jJndiInjectionTest.java:179:56:179:78 | new Object[] |
+| Log4jJndiInjectionTest.java:179:70:179:77 | source(...) : String | Log4jJndiInjectionTest.java:179:56:179:78 | {...} : Object[] [[]] : String |
 | Log4jJndiInjectionTest.java:180:65:180:72 | source(...) : String | Log4jJndiInjectionTest.java:180:56:180:72 | (...)... |
 | Log4jJndiInjectionTest.java:181:50:181:57 | source(...) : String | Log4jJndiInjectionTest.java:181:41:181:57 | (...)... |
 | Log4jJndiInjectionTest.java:182:80:182:87 | source(...) : String | Log4jJndiInjectionTest.java:182:71:182:87 | (...)... |
@@ -1257,8 +1257,8 @@ edges
 | Log4jJndiInjectionTest.java:242:36:242:43 | source(...) : String | Log4jJndiInjectionTest.java:242:26:242:43 | (...)... |
 | Log4jJndiInjectionTest.java:245:35:245:42 | source(...) : String | Log4jJndiInjectionTest.java:245:26:245:42 | (...)... |
 | Log4jJndiInjectionTest.java:246:35:246:42 | source(...) : String | Log4jJndiInjectionTest.java:246:26:246:42 | (...)... |
-| Log4jJndiInjectionTest.java:247:41:247:63 | {...} [[]] : String | Log4jJndiInjectionTest.java:247:41:247:63 | new Object[] |
-| Log4jJndiInjectionTest.java:247:55:247:62 | source(...) : String | Log4jJndiInjectionTest.java:247:41:247:63 | {...} [[]] : String |
+| Log4jJndiInjectionTest.java:247:41:247:63 | {...} : Object[] [[]] : String | Log4jJndiInjectionTest.java:247:41:247:63 | new Object[] |
+| Log4jJndiInjectionTest.java:247:55:247:62 | source(...) : String | Log4jJndiInjectionTest.java:247:41:247:63 | {...} : Object[] [[]] : String |
 | Log4jJndiInjectionTest.java:248:50:248:57 | source(...) : String | Log4jJndiInjectionTest.java:248:41:248:57 | (...)... |
 | Log4jJndiInjectionTest.java:249:35:249:42 | source(...) : String | Log4jJndiInjectionTest.java:249:26:249:42 | (...)... |
 | Log4jJndiInjectionTest.java:250:65:250:72 | source(...) : String | Log4jJndiInjectionTest.java:250:56:250:72 | (...)... |
@@ -1327,8 +1327,8 @@ edges
 | Log4jJndiInjectionTest.java:313:59:313:66 | source(...) : String | Log4jJndiInjectionTest.java:313:41:313:66 | (...)... |
 | Log4jJndiInjectionTest.java:315:50:315:57 | source(...) : String | Log4jJndiInjectionTest.java:315:41:315:57 | (...)... |
 | Log4jJndiInjectionTest.java:316:50:316:57 | source(...) : String | Log4jJndiInjectionTest.java:316:41:316:57 | (...)... |
-| Log4jJndiInjectionTest.java:317:56:317:78 | {...} [[]] : String | Log4jJndiInjectionTest.java:317:56:317:78 | new Object[] |
-| Log4jJndiInjectionTest.java:317:70:317:77 | source(...) : String | Log4jJndiInjectionTest.java:317:56:317:78 | {...} [[]] : String |
+| Log4jJndiInjectionTest.java:317:56:317:78 | {...} : Object[] [[]] : String | Log4jJndiInjectionTest.java:317:56:317:78 | new Object[] |
+| Log4jJndiInjectionTest.java:317:70:317:77 | source(...) : String | Log4jJndiInjectionTest.java:317:56:317:78 | {...} : Object[] [[]] : String |
 | Log4jJndiInjectionTest.java:318:65:318:72 | source(...) : String | Log4jJndiInjectionTest.java:318:56:318:72 | (...)... |
 | Log4jJndiInjectionTest.java:319:50:319:57 | source(...) : String | Log4jJndiInjectionTest.java:319:41:319:57 | (...)... |
 | Log4jJndiInjectionTest.java:320:80:320:87 | source(...) : String | Log4jJndiInjectionTest.java:320:71:320:87 | (...)... |
@@ -1394,8 +1394,8 @@ edges
 | Log4jJndiInjectionTest.java:380:36:380:43 | source(...) : String | Log4jJndiInjectionTest.java:380:26:380:43 | (...)... |
 | Log4jJndiInjectionTest.java:383:35:383:42 | source(...) : String | Log4jJndiInjectionTest.java:383:26:383:42 | (...)... |
 | Log4jJndiInjectionTest.java:384:35:384:42 | source(...) : String | Log4jJndiInjectionTest.java:384:26:384:42 | (...)... |
-| Log4jJndiInjectionTest.java:385:41:385:63 | {...} [[]] : String | Log4jJndiInjectionTest.java:385:41:385:63 | new Object[] |
-| Log4jJndiInjectionTest.java:385:55:385:62 | source(...) : String | Log4jJndiInjectionTest.java:385:41:385:63 | {...} [[]] : String |
+| Log4jJndiInjectionTest.java:385:41:385:63 | {...} : Object[] [[]] : String | Log4jJndiInjectionTest.java:385:41:385:63 | new Object[] |
+| Log4jJndiInjectionTest.java:385:55:385:62 | source(...) : String | Log4jJndiInjectionTest.java:385:41:385:63 | {...} : Object[] [[]] : String |
 | Log4jJndiInjectionTest.java:386:50:386:57 | source(...) : String | Log4jJndiInjectionTest.java:386:41:386:57 | (...)... |
 | Log4jJndiInjectionTest.java:387:35:387:42 | source(...) : String | Log4jJndiInjectionTest.java:387:26:387:42 | (...)... |
 | Log4jJndiInjectionTest.java:388:65:388:72 | source(...) : String | Log4jJndiInjectionTest.java:388:56:388:72 | (...)... |
@@ -1464,8 +1464,8 @@ edges
 | Log4jJndiInjectionTest.java:451:58:451:65 | source(...) : String | Log4jJndiInjectionTest.java:451:40:451:65 | (...)... |
 | Log4jJndiInjectionTest.java:453:49:453:56 | source(...) : String | Log4jJndiInjectionTest.java:453:40:453:56 | (...)... |
 | Log4jJndiInjectionTest.java:454:49:454:56 | source(...) : String | Log4jJndiInjectionTest.java:454:40:454:56 | (...)... |
-| Log4jJndiInjectionTest.java:455:55:455:77 | {...} [[]] : String | Log4jJndiInjectionTest.java:455:55:455:77 | new Object[] |
-| Log4jJndiInjectionTest.java:455:69:455:76 | source(...) : String | Log4jJndiInjectionTest.java:455:55:455:77 | {...} [[]] : String |
+| Log4jJndiInjectionTest.java:455:55:455:77 | {...} : Object[] [[]] : String | Log4jJndiInjectionTest.java:455:55:455:77 | new Object[] |
+| Log4jJndiInjectionTest.java:455:69:455:76 | source(...) : String | Log4jJndiInjectionTest.java:455:55:455:77 | {...} : Object[] [[]] : String |
 | Log4jJndiInjectionTest.java:456:64:456:71 | source(...) : String | Log4jJndiInjectionTest.java:456:55:456:71 | (...)... |
 | Log4jJndiInjectionTest.java:457:49:457:56 | source(...) : String | Log4jJndiInjectionTest.java:457:40:457:56 | (...)... |
 | Log4jJndiInjectionTest.java:458:79:458:86 | source(...) : String | Log4jJndiInjectionTest.java:458:70:458:86 | (...)... |
@@ -1531,8 +1531,8 @@ edges
 | Log4jJndiInjectionTest.java:518:35:518:42 | source(...) : String | Log4jJndiInjectionTest.java:518:25:518:42 | (...)... |
 | Log4jJndiInjectionTest.java:521:34:521:41 | source(...) : String | Log4jJndiInjectionTest.java:521:25:521:41 | (...)... |
 | Log4jJndiInjectionTest.java:522:34:522:41 | source(...) : String | Log4jJndiInjectionTest.java:522:25:522:41 | (...)... |
-| Log4jJndiInjectionTest.java:523:40:523:62 | {...} [[]] : String | Log4jJndiInjectionTest.java:523:40:523:62 | new Object[] |
-| Log4jJndiInjectionTest.java:523:54:523:61 | source(...) : String | Log4jJndiInjectionTest.java:523:40:523:62 | {...} [[]] : String |
+| Log4jJndiInjectionTest.java:523:40:523:62 | {...} : Object[] [[]] : String | Log4jJndiInjectionTest.java:523:40:523:62 | new Object[] |
+| Log4jJndiInjectionTest.java:523:54:523:61 | source(...) : String | Log4jJndiInjectionTest.java:523:40:523:62 | {...} : Object[] [[]] : String |
 | Log4jJndiInjectionTest.java:524:49:524:56 | source(...) : String | Log4jJndiInjectionTest.java:524:40:524:56 | (...)... |
 | Log4jJndiInjectionTest.java:525:34:525:41 | source(...) : String | Log4jJndiInjectionTest.java:525:25:525:41 | (...)... |
 | Log4jJndiInjectionTest.java:526:64:526:71 | source(...) : String | Log4jJndiInjectionTest.java:526:55:526:71 | (...)... |
@@ -1601,8 +1601,8 @@ edges
 | Log4jJndiInjectionTest.java:589:71:589:78 | source(...) : String | Log4jJndiInjectionTest.java:589:53:589:78 | (...)... |
 | Log4jJndiInjectionTest.java:591:62:591:69 | source(...) : String | Log4jJndiInjectionTest.java:591:53:591:69 | (...)... |
 | Log4jJndiInjectionTest.java:592:62:592:69 | source(...) : String | Log4jJndiInjectionTest.java:592:53:592:69 | (...)... |
-| Log4jJndiInjectionTest.java:593:68:593:90 | {...} [[]] : String | Log4jJndiInjectionTest.java:593:68:593:90 | new Object[] |
-| Log4jJndiInjectionTest.java:593:82:593:89 | source(...) : String | Log4jJndiInjectionTest.java:593:68:593:90 | {...} [[]] : String |
+| Log4jJndiInjectionTest.java:593:68:593:90 | {...} : Object[] [[]] : String | Log4jJndiInjectionTest.java:593:68:593:90 | new Object[] |
+| Log4jJndiInjectionTest.java:593:82:593:89 | source(...) : String | Log4jJndiInjectionTest.java:593:68:593:90 | {...} : Object[] [[]] : String |
 | Log4jJndiInjectionTest.java:594:77:594:84 | source(...) : String | Log4jJndiInjectionTest.java:594:68:594:84 | (...)... |
 | Log4jJndiInjectionTest.java:595:62:595:69 | source(...) : String | Log4jJndiInjectionTest.java:595:53:595:69 | (...)... |
 | Log4jJndiInjectionTest.java:596:92:596:99 | source(...) : String | Log4jJndiInjectionTest.java:596:83:596:99 | (...)... |
@@ -1668,8 +1668,8 @@ edges
 | Log4jJndiInjectionTest.java:656:48:656:55 | source(...) : String | Log4jJndiInjectionTest.java:656:38:656:55 | (...)... |
 | Log4jJndiInjectionTest.java:659:47:659:54 | source(...) : String | Log4jJndiInjectionTest.java:659:38:659:54 | (...)... |
 | Log4jJndiInjectionTest.java:660:47:660:54 | source(...) : String | Log4jJndiInjectionTest.java:660:38:660:54 | (...)... |
-| Log4jJndiInjectionTest.java:661:53:661:75 | {...} [[]] : String | Log4jJndiInjectionTest.java:661:53:661:75 | new Object[] |
-| Log4jJndiInjectionTest.java:661:67:661:74 | source(...) : String | Log4jJndiInjectionTest.java:661:53:661:75 | {...} [[]] : String |
+| Log4jJndiInjectionTest.java:661:53:661:75 | {...} : Object[] [[]] : String | Log4jJndiInjectionTest.java:661:53:661:75 | new Object[] |
+| Log4jJndiInjectionTest.java:661:67:661:74 | source(...) : String | Log4jJndiInjectionTest.java:661:53:661:75 | {...} : Object[] [[]] : String |
 | Log4jJndiInjectionTest.java:662:62:662:69 | source(...) : String | Log4jJndiInjectionTest.java:662:53:662:69 | (...)... |
 | Log4jJndiInjectionTest.java:663:47:663:54 | source(...) : String | Log4jJndiInjectionTest.java:663:38:663:54 | (...)... |
 | Log4jJndiInjectionTest.java:664:77:664:84 | source(...) : String | Log4jJndiInjectionTest.java:664:68:664:84 | (...)... |
@@ -1738,8 +1738,8 @@ edges
 | Log4jJndiInjectionTest.java:727:59:727:66 | source(...) : String | Log4jJndiInjectionTest.java:727:41:727:66 | (...)... |
 | Log4jJndiInjectionTest.java:729:50:729:57 | source(...) : String | Log4jJndiInjectionTest.java:729:41:729:57 | (...)... |
 | Log4jJndiInjectionTest.java:730:50:730:57 | source(...) : String | Log4jJndiInjectionTest.java:730:41:730:57 | (...)... |
-| Log4jJndiInjectionTest.java:731:56:731:78 | {...} [[]] : String | Log4jJndiInjectionTest.java:731:56:731:78 | new Object[] |
-| Log4jJndiInjectionTest.java:731:70:731:77 | source(...) : String | Log4jJndiInjectionTest.java:731:56:731:78 | {...} [[]] : String |
+| Log4jJndiInjectionTest.java:731:56:731:78 | {...} : Object[] [[]] : String | Log4jJndiInjectionTest.java:731:56:731:78 | new Object[] |
+| Log4jJndiInjectionTest.java:731:70:731:77 | source(...) : String | Log4jJndiInjectionTest.java:731:56:731:78 | {...} : Object[] [[]] : String |
 | Log4jJndiInjectionTest.java:732:65:732:72 | source(...) : String | Log4jJndiInjectionTest.java:732:56:732:72 | (...)... |
 | Log4jJndiInjectionTest.java:733:50:733:57 | source(...) : String | Log4jJndiInjectionTest.java:733:41:733:57 | (...)... |
 | Log4jJndiInjectionTest.java:734:80:734:87 | source(...) : String | Log4jJndiInjectionTest.java:734:71:734:87 | (...)... |
@@ -1805,8 +1805,8 @@ edges
 | Log4jJndiInjectionTest.java:794:36:794:43 | source(...) : String | Log4jJndiInjectionTest.java:794:26:794:43 | (...)... |
 | Log4jJndiInjectionTest.java:797:35:797:42 | source(...) : String | Log4jJndiInjectionTest.java:797:26:797:42 | (...)... |
 | Log4jJndiInjectionTest.java:798:35:798:42 | source(...) : String | Log4jJndiInjectionTest.java:798:26:798:42 | (...)... |
-| Log4jJndiInjectionTest.java:799:41:799:63 | {...} [[]] : String | Log4jJndiInjectionTest.java:799:41:799:63 | new Object[] |
-| Log4jJndiInjectionTest.java:799:55:799:62 | source(...) : String | Log4jJndiInjectionTest.java:799:41:799:63 | {...} [[]] : String |
+| Log4jJndiInjectionTest.java:799:41:799:63 | {...} : Object[] [[]] : String | Log4jJndiInjectionTest.java:799:41:799:63 | new Object[] |
+| Log4jJndiInjectionTest.java:799:55:799:62 | source(...) : String | Log4jJndiInjectionTest.java:799:41:799:63 | {...} : Object[] [[]] : String |
 | Log4jJndiInjectionTest.java:800:50:800:57 | source(...) : String | Log4jJndiInjectionTest.java:800:41:800:57 | (...)... |
 | Log4jJndiInjectionTest.java:801:35:801:42 | source(...) : String | Log4jJndiInjectionTest.java:801:26:801:42 | (...)... |
 | Log4jJndiInjectionTest.java:802:65:802:72 | source(...) : String | Log4jJndiInjectionTest.java:802:56:802:72 | (...)... |
@@ -1875,8 +1875,8 @@ edges
 | Log4jJndiInjectionTest.java:865:58:865:65 | source(...) : String | Log4jJndiInjectionTest.java:865:40:865:65 | (...)... |
 | Log4jJndiInjectionTest.java:867:49:867:56 | source(...) : String | Log4jJndiInjectionTest.java:867:40:867:56 | (...)... |
 | Log4jJndiInjectionTest.java:868:49:868:56 | source(...) : String | Log4jJndiInjectionTest.java:868:40:868:56 | (...)... |
-| Log4jJndiInjectionTest.java:869:55:869:77 | {...} [[]] : String | Log4jJndiInjectionTest.java:869:55:869:77 | new Object[] |
-| Log4jJndiInjectionTest.java:869:69:869:76 | source(...) : String | Log4jJndiInjectionTest.java:869:55:869:77 | {...} [[]] : String |
+| Log4jJndiInjectionTest.java:869:55:869:77 | {...} : Object[] [[]] : String | Log4jJndiInjectionTest.java:869:55:869:77 | new Object[] |
+| Log4jJndiInjectionTest.java:869:69:869:76 | source(...) : String | Log4jJndiInjectionTest.java:869:55:869:77 | {...} : Object[] [[]] : String |
 | Log4jJndiInjectionTest.java:870:64:870:71 | source(...) : String | Log4jJndiInjectionTest.java:870:55:870:71 | (...)... |
 | Log4jJndiInjectionTest.java:871:49:871:56 | source(...) : String | Log4jJndiInjectionTest.java:871:40:871:56 | (...)... |
 | Log4jJndiInjectionTest.java:872:79:872:86 | source(...) : String | Log4jJndiInjectionTest.java:872:70:872:86 | (...)... |
@@ -1942,8 +1942,8 @@ edges
 | Log4jJndiInjectionTest.java:932:35:932:42 | source(...) : String | Log4jJndiInjectionTest.java:932:25:932:42 | (...)... |
 | Log4jJndiInjectionTest.java:935:34:935:41 | source(...) : String | Log4jJndiInjectionTest.java:935:25:935:41 | (...)... |
 | Log4jJndiInjectionTest.java:936:34:936:41 | source(...) : String | Log4jJndiInjectionTest.java:936:25:936:41 | (...)... |
-| Log4jJndiInjectionTest.java:937:40:937:62 | {...} [[]] : String | Log4jJndiInjectionTest.java:937:40:937:62 | new Object[] |
-| Log4jJndiInjectionTest.java:937:54:937:61 | source(...) : String | Log4jJndiInjectionTest.java:937:40:937:62 | {...} [[]] : String |
+| Log4jJndiInjectionTest.java:937:40:937:62 | {...} : Object[] [[]] : String | Log4jJndiInjectionTest.java:937:40:937:62 | new Object[] |
+| Log4jJndiInjectionTest.java:937:54:937:61 | source(...) : String | Log4jJndiInjectionTest.java:937:40:937:62 | {...} : Object[] [[]] : String |
 | Log4jJndiInjectionTest.java:938:49:938:56 | source(...) : String | Log4jJndiInjectionTest.java:938:40:938:56 | (...)... |
 | Log4jJndiInjectionTest.java:939:34:939:41 | source(...) : String | Log4jJndiInjectionTest.java:939:25:939:41 | (...)... |
 | Log4jJndiInjectionTest.java:940:64:940:71 | source(...) : String | Log4jJndiInjectionTest.java:940:55:940:71 | (...)... |
@@ -2005,17 +2005,17 @@ edges
 | Log4jJndiInjectionTest.java:996:39:996:46 | source(...) : String | Log4jJndiInjectionTest.java:996:25:996:46 | (...)... |
 | Log4jJndiInjectionTest.java:998:65:998:72 | source(...) : String | Log4jJndiInjectionTest.java:998:55:998:72 | (...)... |
 | Log4jJndiInjectionTest.java:999:48:999:55 | source(...) : String | Log4jJndiInjectionTest.java:999:39:999:55 | (...)... |
-| Log4jJndiInjectionTest.java:1000:45:1000:67 | {...} [[]] : String | Log4jJndiInjectionTest.java:1000:45:1000:67 | new Object[] |
-| Log4jJndiInjectionTest.java:1000:59:1000:66 | source(...) : String | Log4jJndiInjectionTest.java:1000:45:1000:67 | {...} [[]] : String |
+| Log4jJndiInjectionTest.java:1000:45:1000:67 | {...} : Object[] [[]] : String | Log4jJndiInjectionTest.java:1000:45:1000:67 | new Object[] |
+| Log4jJndiInjectionTest.java:1000:59:1000:66 | source(...) : String | Log4jJndiInjectionTest.java:1000:45:1000:67 | {...} : Object[] [[]] : String |
 | Log4jJndiInjectionTest.java:1001:42:1001:49 | source(...) : String | Log4jJndiInjectionTest.java:1001:33:1001:49 | (...)... |
-| Log4jJndiInjectionTest.java:1002:39:1002:61 | {...} [[]] : String | Log4jJndiInjectionTest.java:1002:39:1002:61 | new Object[] |
-| Log4jJndiInjectionTest.java:1002:53:1002:60 | source(...) : String | Log4jJndiInjectionTest.java:1002:39:1002:61 | {...} [[]] : String |
+| Log4jJndiInjectionTest.java:1002:39:1002:61 | {...} : Object[] [[]] : String | Log4jJndiInjectionTest.java:1002:39:1002:61 | new Object[] |
+| Log4jJndiInjectionTest.java:1002:53:1002:60 | source(...) : String | Log4jJndiInjectionTest.java:1002:39:1002:61 | {...} : Object[] [[]] : String |
 | Log4jJndiInjectionTest.java:1020:40:1020:47 | source(...) : String | Log4jJndiInjectionTest.java:1020:25:1020:47 | (...)... |
 | Log4jJndiInjectionTest.java:1021:35:1021:42 | source(...) : String | Log4jJndiInjectionTest.java:1021:25:1021:42 | (...)... |
 | Log4jJndiInjectionTest.java:1023:34:1023:41 | source(...) : String | Log4jJndiInjectionTest.java:1023:25:1023:41 | (...)... |
 | Log4jJndiInjectionTest.java:1024:34:1024:41 | source(...) : String | Log4jJndiInjectionTest.java:1024:25:1024:41 | (...)... |
-| Log4jJndiInjectionTest.java:1025:40:1025:62 | {...} [[]] : String | Log4jJndiInjectionTest.java:1025:40:1025:62 | new Object[] |
-| Log4jJndiInjectionTest.java:1025:54:1025:61 | source(...) : String | Log4jJndiInjectionTest.java:1025:40:1025:62 | {...} [[]] : String |
+| Log4jJndiInjectionTest.java:1025:40:1025:62 | {...} : Object[] [[]] : String | Log4jJndiInjectionTest.java:1025:40:1025:62 | new Object[] |
+| Log4jJndiInjectionTest.java:1025:54:1025:61 | source(...) : String | Log4jJndiInjectionTest.java:1025:40:1025:62 | {...} : Object[] [[]] : String |
 | Log4jJndiInjectionTest.java:1028:49:1028:56 | source(...) : String | Log4jJndiInjectionTest.java:1028:40:1028:56 | (...)... |
 | Log4jJndiInjectionTest.java:1029:34:1029:41 | source(...) : String | Log4jJndiInjectionTest.java:1029:25:1029:41 | (...)... |
 | Log4jJndiInjectionTest.java:1030:64:1030:71 | source(...) : String | Log4jJndiInjectionTest.java:1030:55:1030:71 | (...)... |
@@ -2075,8 +2075,8 @@ edges
 | Log4jJndiInjectionTest.java:1085:39:1085:46 | source(...) : String | Log4jJndiInjectionTest.java:1085:25:1085:46 | (...)... |
 | Log4jJndiInjectionTest.java:1088:47:1088:54 | source(...) : String | Log4jJndiInjectionTest.java:1088:38:1088:54 | (...)... |
 | Log4jJndiInjectionTest.java:1089:53:1089:60 | source(...) : String | Log4jJndiInjectionTest.java:1089:44:1089:60 | (...)... |
-| Log4jJndiInjectionTest.java:1091:13:1091:15 | map [post update] [<map.value>] : String | Log4jJndiInjectionTest.java:1092:34:1092:36 | map |
-| Log4jJndiInjectionTest.java:1091:28:1091:44 | (...)... : String | Log4jJndiInjectionTest.java:1091:13:1091:15 | map [post update] [<map.value>] : String |
+| Log4jJndiInjectionTest.java:1091:13:1091:15 | map [post update] : Map [<map.value>] : String | Log4jJndiInjectionTest.java:1092:34:1092:36 | map |
+| Log4jJndiInjectionTest.java:1091:28:1091:44 | (...)... : String | Log4jJndiInjectionTest.java:1091:13:1091:15 | map [post update] : Map [<map.value>] : String |
 | Log4jJndiInjectionTest.java:1091:37:1091:44 | source(...) : String | Log4jJndiInjectionTest.java:1091:28:1091:44 | (...)... : String |
 | Log4jJndiInjectionTest.java:1095:31:1095:88 | with(...) : MapMessage | Log4jJndiInjectionTest.java:1096:26:1096:29 | mmsg |
 | Log4jJndiInjectionTest.java:1095:71:1095:87 | (...)... : String | Log4jJndiInjectionTest.java:1095:31:1095:88 | with(...) : MapMessage |
@@ -2087,16 +2087,16 @@ edges
 | Log4jJndiInjectionTest.java:1105:13:1105:16 | mmsg [post update] : MapMessage | Log4jJndiInjectionTest.java:1106:26:1106:29 | mmsg |
 | Log4jJndiInjectionTest.java:1105:34:1105:50 | (...)... : String | Log4jJndiInjectionTest.java:1105:13:1105:16 | mmsg [post update] : MapMessage |
 | Log4jJndiInjectionTest.java:1105:43:1105:50 | source(...) : String | Log4jJndiInjectionTest.java:1105:34:1105:50 | (...)... : String |
-| Log4jJndiInjectionTest.java:1111:13:1111:15 | map [post update] [<map.value>] : String | Log4jJndiInjectionTest.java:1112:25:1112:27 | map [<map.value>] : String |
-| Log4jJndiInjectionTest.java:1111:33:1111:49 | (...)... : String | Log4jJndiInjectionTest.java:1111:13:1111:15 | map [post update] [<map.value>] : String |
+| Log4jJndiInjectionTest.java:1111:13:1111:15 | map [post update] : Map [<map.value>] : String | Log4jJndiInjectionTest.java:1112:25:1112:27 | map : Map [<map.value>] : String |
+| Log4jJndiInjectionTest.java:1111:33:1111:49 | (...)... : String | Log4jJndiInjectionTest.java:1111:13:1111:15 | map [post update] : Map [<map.value>] : String |
 | Log4jJndiInjectionTest.java:1111:42:1111:49 | source(...) : String | Log4jJndiInjectionTest.java:1111:33:1111:49 | (...)... : String |
 | Log4jJndiInjectionTest.java:1112:13:1112:16 | mmsg [post update] : MapMessage | Log4jJndiInjectionTest.java:1113:26:1113:29 | mmsg |
-| Log4jJndiInjectionTest.java:1112:25:1112:27 | map [<map.value>] : String | Log4jJndiInjectionTest.java:1112:13:1112:16 | mmsg [post update] : MapMessage |
+| Log4jJndiInjectionTest.java:1112:25:1112:27 | map : Map [<map.value>] : String | Log4jJndiInjectionTest.java:1112:13:1112:16 | mmsg [post update] : MapMessage |
 | Log4jJndiInjectionTest.java:1116:61:1116:68 | source(...) : String | Log4jJndiInjectionTest.java:1116:52:1116:68 | (...)... |
 | Log4jJndiInjectionTest.java:1117:81:1117:88 | source(...) : String | Log4jJndiInjectionTest.java:1117:72:1117:88 | (...)... |
-| Log4jJndiInjectionTest.java:1119:13:1119:15 | map [post update] [<map.value>] : String | Log4jJndiInjectionTest.java:1120:43:1120:45 | map |
-| Log4jJndiInjectionTest.java:1119:13:1119:15 | map [post update] [<map.value>] : String | Log4jJndiInjectionTest.java:1121:63:1121:65 | map |
-| Log4jJndiInjectionTest.java:1119:33:1119:49 | (...)... : String | Log4jJndiInjectionTest.java:1119:13:1119:15 | map [post update] [<map.value>] : String |
+| Log4jJndiInjectionTest.java:1119:13:1119:15 | map [post update] : Map [<map.value>] : String | Log4jJndiInjectionTest.java:1120:43:1120:45 | map |
+| Log4jJndiInjectionTest.java:1119:13:1119:15 | map [post update] : Map [<map.value>] : String | Log4jJndiInjectionTest.java:1121:63:1121:65 | map |
+| Log4jJndiInjectionTest.java:1119:33:1119:49 | (...)... : String | Log4jJndiInjectionTest.java:1119:13:1119:15 | map [post update] : Map [<map.value>] : String |
 | Log4jJndiInjectionTest.java:1119:42:1119:49 | source(...) : String | Log4jJndiInjectionTest.java:1119:33:1119:49 | (...)... : String |
 nodes
 | Log4jJndiInjectionTest.java:24:16:24:45 | getParameter(...) : String | semmle.label | getParameter(...) : String |
@@ -2120,7 +2120,7 @@ nodes
 | Log4jJndiInjectionTest.java:40:41:40:57 | (...)... | semmle.label | (...)... |
 | Log4jJndiInjectionTest.java:40:50:40:57 | source(...) : String | semmle.label | source(...) : String |
 | Log4jJndiInjectionTest.java:41:56:41:78 | new Object[] | semmle.label | new Object[] |
-| Log4jJndiInjectionTest.java:41:56:41:78 | {...} [[]] : String | semmle.label | {...} [[]] : String |
+| Log4jJndiInjectionTest.java:41:56:41:78 | {...} : Object[] [[]] : String | semmle.label | {...} : Object[] [[]] : String |
 | Log4jJndiInjectionTest.java:41:70:41:77 | source(...) : String | semmle.label | source(...) : String |
 | Log4jJndiInjectionTest.java:42:56:42:72 | (...)... | semmle.label | (...)... |
 | Log4jJndiInjectionTest.java:42:65:42:72 | source(...) : String | semmle.label | source(...) : String |
@@ -2255,7 +2255,7 @@ nodes
 | Log4jJndiInjectionTest.java:108:26:108:42 | (...)... | semmle.label | (...)... |
 | Log4jJndiInjectionTest.java:108:35:108:42 | source(...) : String | semmle.label | source(...) : String |
 | Log4jJndiInjectionTest.java:109:41:109:63 | new Object[] | semmle.label | new Object[] |
-| Log4jJndiInjectionTest.java:109:41:109:63 | {...} [[]] : String | semmle.label | {...} [[]] : String |
+| Log4jJndiInjectionTest.java:109:41:109:63 | {...} : Object[] [[]] : String | semmle.label | {...} : Object[] [[]] : String |
 | Log4jJndiInjectionTest.java:109:55:109:62 | source(...) : String | semmle.label | source(...) : String |
 | Log4jJndiInjectionTest.java:110:41:110:57 | (...)... | semmle.label | (...)... |
 | Log4jJndiInjectionTest.java:110:50:110:57 | source(...) : String | semmle.label | source(...) : String |
@@ -2395,7 +2395,7 @@ nodes
 | Log4jJndiInjectionTest.java:178:41:178:57 | (...)... | semmle.label | (...)... |
 | Log4jJndiInjectionTest.java:178:50:178:57 | source(...) : String | semmle.label | source(...) : String |
 | Log4jJndiInjectionTest.java:179:56:179:78 | new Object[] | semmle.label | new Object[] |
-| Log4jJndiInjectionTest.java:179:56:179:78 | {...} [[]] : String | semmle.label | {...} [[]] : String |
+| Log4jJndiInjectionTest.java:179:56:179:78 | {...} : Object[] [[]] : String | semmle.label | {...} : Object[] [[]] : String |
 | Log4jJndiInjectionTest.java:179:70:179:77 | source(...) : String | semmle.label | source(...) : String |
 | Log4jJndiInjectionTest.java:180:56:180:72 | (...)... | semmle.label | (...)... |
 | Log4jJndiInjectionTest.java:180:65:180:72 | source(...) : String | semmle.label | source(...) : String |
@@ -2530,7 +2530,7 @@ nodes
 | Log4jJndiInjectionTest.java:246:26:246:42 | (...)... | semmle.label | (...)... |
 | Log4jJndiInjectionTest.java:246:35:246:42 | source(...) : String | semmle.label | source(...) : String |
 | Log4jJndiInjectionTest.java:247:41:247:63 | new Object[] | semmle.label | new Object[] |
-| Log4jJndiInjectionTest.java:247:41:247:63 | {...} [[]] : String | semmle.label | {...} [[]] : String |
+| Log4jJndiInjectionTest.java:247:41:247:63 | {...} : Object[] [[]] : String | semmle.label | {...} : Object[] [[]] : String |
 | Log4jJndiInjectionTest.java:247:55:247:62 | source(...) : String | semmle.label | source(...) : String |
 | Log4jJndiInjectionTest.java:248:41:248:57 | (...)... | semmle.label | (...)... |
 | Log4jJndiInjectionTest.java:248:50:248:57 | source(...) : String | semmle.label | source(...) : String |
@@ -2670,7 +2670,7 @@ nodes
 | Log4jJndiInjectionTest.java:316:41:316:57 | (...)... | semmle.label | (...)... |
 | Log4jJndiInjectionTest.java:316:50:316:57 | source(...) : String | semmle.label | source(...) : String |
 | Log4jJndiInjectionTest.java:317:56:317:78 | new Object[] | semmle.label | new Object[] |
-| Log4jJndiInjectionTest.java:317:56:317:78 | {...} [[]] : String | semmle.label | {...} [[]] : String |
+| Log4jJndiInjectionTest.java:317:56:317:78 | {...} : Object[] [[]] : String | semmle.label | {...} : Object[] [[]] : String |
 | Log4jJndiInjectionTest.java:317:70:317:77 | source(...) : String | semmle.label | source(...) : String |
 | Log4jJndiInjectionTest.java:318:56:318:72 | (...)... | semmle.label | (...)... |
 | Log4jJndiInjectionTest.java:318:65:318:72 | source(...) : String | semmle.label | source(...) : String |
@@ -2805,7 +2805,7 @@ nodes
 | Log4jJndiInjectionTest.java:384:26:384:42 | (...)... | semmle.label | (...)... |
 | Log4jJndiInjectionTest.java:384:35:384:42 | source(...) : String | semmle.label | source(...) : String |
 | Log4jJndiInjectionTest.java:385:41:385:63 | new Object[] | semmle.label | new Object[] |
-| Log4jJndiInjectionTest.java:385:41:385:63 | {...} [[]] : String | semmle.label | {...} [[]] : String |
+| Log4jJndiInjectionTest.java:385:41:385:63 | {...} : Object[] [[]] : String | semmle.label | {...} : Object[] [[]] : String |
 | Log4jJndiInjectionTest.java:385:55:385:62 | source(...) : String | semmle.label | source(...) : String |
 | Log4jJndiInjectionTest.java:386:41:386:57 | (...)... | semmle.label | (...)... |
 | Log4jJndiInjectionTest.java:386:50:386:57 | source(...) : String | semmle.label | source(...) : String |
@@ -2945,7 +2945,7 @@ nodes
 | Log4jJndiInjectionTest.java:454:40:454:56 | (...)... | semmle.label | (...)... |
 | Log4jJndiInjectionTest.java:454:49:454:56 | source(...) : String | semmle.label | source(...) : String |
 | Log4jJndiInjectionTest.java:455:55:455:77 | new Object[] | semmle.label | new Object[] |
-| Log4jJndiInjectionTest.java:455:55:455:77 | {...} [[]] : String | semmle.label | {...} [[]] : String |
+| Log4jJndiInjectionTest.java:455:55:455:77 | {...} : Object[] [[]] : String | semmle.label | {...} : Object[] [[]] : String |
 | Log4jJndiInjectionTest.java:455:69:455:76 | source(...) : String | semmle.label | source(...) : String |
 | Log4jJndiInjectionTest.java:456:55:456:71 | (...)... | semmle.label | (...)... |
 | Log4jJndiInjectionTest.java:456:64:456:71 | source(...) : String | semmle.label | source(...) : String |
@@ -3080,7 +3080,7 @@ nodes
 | Log4jJndiInjectionTest.java:522:25:522:41 | (...)... | semmle.label | (...)... |
 | Log4jJndiInjectionTest.java:522:34:522:41 | source(...) : String | semmle.label | source(...) : String |
 | Log4jJndiInjectionTest.java:523:40:523:62 | new Object[] | semmle.label | new Object[] |
-| Log4jJndiInjectionTest.java:523:40:523:62 | {...} [[]] : String | semmle.label | {...} [[]] : String |
+| Log4jJndiInjectionTest.java:523:40:523:62 | {...} : Object[] [[]] : String | semmle.label | {...} : Object[] [[]] : String |
 | Log4jJndiInjectionTest.java:523:54:523:61 | source(...) : String | semmle.label | source(...) : String |
 | Log4jJndiInjectionTest.java:524:40:524:56 | (...)... | semmle.label | (...)... |
 | Log4jJndiInjectionTest.java:524:49:524:56 | source(...) : String | semmle.label | source(...) : String |
@@ -3220,7 +3220,7 @@ nodes
 | Log4jJndiInjectionTest.java:592:53:592:69 | (...)... | semmle.label | (...)... |
 | Log4jJndiInjectionTest.java:592:62:592:69 | source(...) : String | semmle.label | source(...) : String |
 | Log4jJndiInjectionTest.java:593:68:593:90 | new Object[] | semmle.label | new Object[] |
-| Log4jJndiInjectionTest.java:593:68:593:90 | {...} [[]] : String | semmle.label | {...} [[]] : String |
+| Log4jJndiInjectionTest.java:593:68:593:90 | {...} : Object[] [[]] : String | semmle.label | {...} : Object[] [[]] : String |
 | Log4jJndiInjectionTest.java:593:82:593:89 | source(...) : String | semmle.label | source(...) : String |
 | Log4jJndiInjectionTest.java:594:68:594:84 | (...)... | semmle.label | (...)... |
 | Log4jJndiInjectionTest.java:594:77:594:84 | source(...) : String | semmle.label | source(...) : String |
@@ -3355,7 +3355,7 @@ nodes
 | Log4jJndiInjectionTest.java:660:38:660:54 | (...)... | semmle.label | (...)... |
 | Log4jJndiInjectionTest.java:660:47:660:54 | source(...) : String | semmle.label | source(...) : String |
 | Log4jJndiInjectionTest.java:661:53:661:75 | new Object[] | semmle.label | new Object[] |
-| Log4jJndiInjectionTest.java:661:53:661:75 | {...} [[]] : String | semmle.label | {...} [[]] : String |
+| Log4jJndiInjectionTest.java:661:53:661:75 | {...} : Object[] [[]] : String | semmle.label | {...} : Object[] [[]] : String |
 | Log4jJndiInjectionTest.java:661:67:661:74 | source(...) : String | semmle.label | source(...) : String |
 | Log4jJndiInjectionTest.java:662:53:662:69 | (...)... | semmle.label | (...)... |
 | Log4jJndiInjectionTest.java:662:62:662:69 | source(...) : String | semmle.label | source(...) : String |
@@ -3495,7 +3495,7 @@ nodes
 | Log4jJndiInjectionTest.java:730:41:730:57 | (...)... | semmle.label | (...)... |
 | Log4jJndiInjectionTest.java:730:50:730:57 | source(...) : String | semmle.label | source(...) : String |
 | Log4jJndiInjectionTest.java:731:56:731:78 | new Object[] | semmle.label | new Object[] |
-| Log4jJndiInjectionTest.java:731:56:731:78 | {...} [[]] : String | semmle.label | {...} [[]] : String |
+| Log4jJndiInjectionTest.java:731:56:731:78 | {...} : Object[] [[]] : String | semmle.label | {...} : Object[] [[]] : String |
 | Log4jJndiInjectionTest.java:731:70:731:77 | source(...) : String | semmle.label | source(...) : String |
 | Log4jJndiInjectionTest.java:732:56:732:72 | (...)... | semmle.label | (...)... |
 | Log4jJndiInjectionTest.java:732:65:732:72 | source(...) : String | semmle.label | source(...) : String |
@@ -3630,7 +3630,7 @@ nodes
 | Log4jJndiInjectionTest.java:798:26:798:42 | (...)... | semmle.label | (...)... |
 | Log4jJndiInjectionTest.java:798:35:798:42 | source(...) : String | semmle.label | source(...) : String |
 | Log4jJndiInjectionTest.java:799:41:799:63 | new Object[] | semmle.label | new Object[] |
-| Log4jJndiInjectionTest.java:799:41:799:63 | {...} [[]] : String | semmle.label | {...} [[]] : String |
+| Log4jJndiInjectionTest.java:799:41:799:63 | {...} : Object[] [[]] : String | semmle.label | {...} : Object[] [[]] : String |
 | Log4jJndiInjectionTest.java:799:55:799:62 | source(...) : String | semmle.label | source(...) : String |
 | Log4jJndiInjectionTest.java:800:41:800:57 | (...)... | semmle.label | (...)... |
 | Log4jJndiInjectionTest.java:800:50:800:57 | source(...) : String | semmle.label | source(...) : String |
@@ -3770,7 +3770,7 @@ nodes
 | Log4jJndiInjectionTest.java:868:40:868:56 | (...)... | semmle.label | (...)... |
 | Log4jJndiInjectionTest.java:868:49:868:56 | source(...) : String | semmle.label | source(...) : String |
 | Log4jJndiInjectionTest.java:869:55:869:77 | new Object[] | semmle.label | new Object[] |
-| Log4jJndiInjectionTest.java:869:55:869:77 | {...} [[]] : String | semmle.label | {...} [[]] : String |
+| Log4jJndiInjectionTest.java:869:55:869:77 | {...} : Object[] [[]] : String | semmle.label | {...} : Object[] [[]] : String |
 | Log4jJndiInjectionTest.java:869:69:869:76 | source(...) : String | semmle.label | source(...) : String |
 | Log4jJndiInjectionTest.java:870:55:870:71 | (...)... | semmle.label | (...)... |
 | Log4jJndiInjectionTest.java:870:64:870:71 | source(...) : String | semmle.label | source(...) : String |
@@ -3905,7 +3905,7 @@ nodes
 | Log4jJndiInjectionTest.java:936:25:936:41 | (...)... | semmle.label | (...)... |
 | Log4jJndiInjectionTest.java:936:34:936:41 | source(...) : String | semmle.label | source(...) : String |
 | Log4jJndiInjectionTest.java:937:40:937:62 | new Object[] | semmle.label | new Object[] |
-| Log4jJndiInjectionTest.java:937:40:937:62 | {...} [[]] : String | semmle.label | {...} [[]] : String |
+| Log4jJndiInjectionTest.java:937:40:937:62 | {...} : Object[] [[]] : String | semmle.label | {...} : Object[] [[]] : String |
 | Log4jJndiInjectionTest.java:937:54:937:61 | source(...) : String | semmle.label | source(...) : String |
 | Log4jJndiInjectionTest.java:938:40:938:56 | (...)... | semmle.label | (...)... |
 | Log4jJndiInjectionTest.java:938:49:938:56 | source(...) : String | semmle.label | source(...) : String |
@@ -4030,12 +4030,12 @@ nodes
 | Log4jJndiInjectionTest.java:999:39:999:55 | (...)... | semmle.label | (...)... |
 | Log4jJndiInjectionTest.java:999:48:999:55 | source(...) : String | semmle.label | source(...) : String |
 | Log4jJndiInjectionTest.java:1000:45:1000:67 | new Object[] | semmle.label | new Object[] |
-| Log4jJndiInjectionTest.java:1000:45:1000:67 | {...} [[]] : String | semmle.label | {...} [[]] : String |
+| Log4jJndiInjectionTest.java:1000:45:1000:67 | {...} : Object[] [[]] : String | semmle.label | {...} : Object[] [[]] : String |
 | Log4jJndiInjectionTest.java:1000:59:1000:66 | source(...) : String | semmle.label | source(...) : String |
 | Log4jJndiInjectionTest.java:1001:33:1001:49 | (...)... | semmle.label | (...)... |
 | Log4jJndiInjectionTest.java:1001:42:1001:49 | source(...) : String | semmle.label | source(...) : String |
 | Log4jJndiInjectionTest.java:1002:39:1002:61 | new Object[] | semmle.label | new Object[] |
-| Log4jJndiInjectionTest.java:1002:39:1002:61 | {...} [[]] : String | semmle.label | {...} [[]] : String |
+| Log4jJndiInjectionTest.java:1002:39:1002:61 | {...} : Object[] [[]] : String | semmle.label | {...} : Object[] [[]] : String |
 | Log4jJndiInjectionTest.java:1002:53:1002:60 | source(...) : String | semmle.label | source(...) : String |
 | Log4jJndiInjectionTest.java:1020:25:1020:47 | (...)... | semmle.label | (...)... |
 | Log4jJndiInjectionTest.java:1020:40:1020:47 | source(...) : String | semmle.label | source(...) : String |
@@ -4047,7 +4047,7 @@ nodes
 | Log4jJndiInjectionTest.java:1024:25:1024:41 | (...)... | semmle.label | (...)... |
 | Log4jJndiInjectionTest.java:1024:34:1024:41 | source(...) : String | semmle.label | source(...) : String |
 | Log4jJndiInjectionTest.java:1025:40:1025:62 | new Object[] | semmle.label | new Object[] |
-| Log4jJndiInjectionTest.java:1025:40:1025:62 | {...} [[]] : String | semmle.label | {...} [[]] : String |
+| Log4jJndiInjectionTest.java:1025:40:1025:62 | {...} : Object[] [[]] : String | semmle.label | {...} : Object[] [[]] : String |
 | Log4jJndiInjectionTest.java:1025:54:1025:61 | source(...) : String | semmle.label | source(...) : String |
 | Log4jJndiInjectionTest.java:1026:40:1026:47 | source(...) | semmle.label | source(...) |
 | Log4jJndiInjectionTest.java:1028:40:1028:56 | (...)... | semmle.label | (...)... |
@@ -4168,7 +4168,7 @@ nodes
 | Log4jJndiInjectionTest.java:1088:47:1088:54 | source(...) : String | semmle.label | source(...) : String |
 | Log4jJndiInjectionTest.java:1089:44:1089:60 | (...)... | semmle.label | (...)... |
 | Log4jJndiInjectionTest.java:1089:53:1089:60 | source(...) : String | semmle.label | source(...) : String |
-| Log4jJndiInjectionTest.java:1091:13:1091:15 | map [post update] [<map.value>] : String | semmle.label | map [post update] [<map.value>] : String |
+| Log4jJndiInjectionTest.java:1091:13:1091:15 | map [post update] : Map [<map.value>] : String | semmle.label | map [post update] : Map [<map.value>] : String |
 | Log4jJndiInjectionTest.java:1091:28:1091:44 | (...)... : String | semmle.label | (...)... : String |
 | Log4jJndiInjectionTest.java:1091:37:1091:44 | source(...) : String | semmle.label | source(...) : String |
 | Log4jJndiInjectionTest.java:1092:34:1092:36 | map | semmle.label | map |
@@ -4184,17 +4184,17 @@ nodes
 | Log4jJndiInjectionTest.java:1105:34:1105:50 | (...)... : String | semmle.label | (...)... : String |
 | Log4jJndiInjectionTest.java:1105:43:1105:50 | source(...) : String | semmle.label | source(...) : String |
 | Log4jJndiInjectionTest.java:1106:26:1106:29 | mmsg | semmle.label | mmsg |
-| Log4jJndiInjectionTest.java:1111:13:1111:15 | map [post update] [<map.value>] : String | semmle.label | map [post update] [<map.value>] : String |
+| Log4jJndiInjectionTest.java:1111:13:1111:15 | map [post update] : Map [<map.value>] : String | semmle.label | map [post update] : Map [<map.value>] : String |
 | Log4jJndiInjectionTest.java:1111:33:1111:49 | (...)... : String | semmle.label | (...)... : String |
 | Log4jJndiInjectionTest.java:1111:42:1111:49 | source(...) : String | semmle.label | source(...) : String |
 | Log4jJndiInjectionTest.java:1112:13:1112:16 | mmsg [post update] : MapMessage | semmle.label | mmsg [post update] : MapMessage |
-| Log4jJndiInjectionTest.java:1112:25:1112:27 | map [<map.value>] : String | semmle.label | map [<map.value>] : String |
+| Log4jJndiInjectionTest.java:1112:25:1112:27 | map : Map [<map.value>] : String | semmle.label | map : Map [<map.value>] : String |
 | Log4jJndiInjectionTest.java:1113:26:1113:29 | mmsg | semmle.label | mmsg |
 | Log4jJndiInjectionTest.java:1116:52:1116:68 | (...)... | semmle.label | (...)... |
 | Log4jJndiInjectionTest.java:1116:61:1116:68 | source(...) : String | semmle.label | source(...) : String |
 | Log4jJndiInjectionTest.java:1117:72:1117:88 | (...)... | semmle.label | (...)... |
 | Log4jJndiInjectionTest.java:1117:81:1117:88 | source(...) : String | semmle.label | source(...) : String |
-| Log4jJndiInjectionTest.java:1119:13:1119:15 | map [post update] [<map.value>] : String | semmle.label | map [post update] [<map.value>] : String |
+| Log4jJndiInjectionTest.java:1119:13:1119:15 | map [post update] : Map [<map.value>] : String | semmle.label | map [post update] : Map [<map.value>] : String |
 | Log4jJndiInjectionTest.java:1119:33:1119:49 | (...)... : String | semmle.label | (...)... : String |
 | Log4jJndiInjectionTest.java:1119:42:1119:49 | source(...) : String | semmle.label | source(...) : String |
 | Log4jJndiInjectionTest.java:1120:43:1120:45 | map | semmle.label | map |

java/ql/test/experimental/query-tests/security/CWE-089/src/main/MyBatisAnnotationSqlInjection.expected

@@ -10,8 +10,8 @@ edges
 | MybatisSqlInjection.java:109:46:109:70 | name : String | MybatisSqlInjection.java:110:40:110:43 | name : String |
 | MybatisSqlInjection.java:110:40:110:43 | name : String | MybatisSqlInjectionService.java:88:32:88:42 | name : String |
 | MybatisSqlInjectionService.java:48:19:48:29 | name : String | MybatisSqlInjectionService.java:50:23:50:26 | name : String |
-| MybatisSqlInjectionService.java:50:3:50:9 | hashMap [post update] [<map.value>] : String | MybatisSqlInjectionService.java:51:27:51:33 | hashMap |
-| MybatisSqlInjectionService.java:50:23:50:26 | name : String | MybatisSqlInjectionService.java:50:3:50:9 | hashMap [post update] [<map.value>] : String |
+| MybatisSqlInjectionService.java:50:3:50:9 | hashMap [post update] : HashMap [<map.value>] : String | MybatisSqlInjectionService.java:51:27:51:33 | hashMap |
+| MybatisSqlInjectionService.java:50:23:50:26 | name : String | MybatisSqlInjectionService.java:50:3:50:9 | hashMap [post update] : HashMap [<map.value>] : String |
 | MybatisSqlInjectionService.java:54:32:54:42 | name : String | MybatisSqlInjectionService.java:55:32:55:35 | name |
 | MybatisSqlInjectionService.java:80:20:80:30 | name : String | MybatisSqlInjectionService.java:81:28:81:31 | name |
 | MybatisSqlInjectionService.java:84:20:84:29 | age : String | MybatisSqlInjectionService.java:85:28:85:30 | age |
@@ -28,7 +28,7 @@ nodes
 | MybatisSqlInjection.java:109:46:109:70 | name : String | semmle.label | name : String |
 | MybatisSqlInjection.java:110:40:110:43 | name : String | semmle.label | name : String |
 | MybatisSqlInjectionService.java:48:19:48:29 | name : String | semmle.label | name : String |
-| MybatisSqlInjectionService.java:50:3:50:9 | hashMap [post update] [<map.value>] : String | semmle.label | hashMap [post update] [<map.value>] : String |
+| MybatisSqlInjectionService.java:50:3:50:9 | hashMap [post update] : HashMap [<map.value>] : String | semmle.label | hashMap [post update] : HashMap [<map.value>] : String |
 | MybatisSqlInjectionService.java:50:23:50:26 | name : String | semmle.label | name : String |
 | MybatisSqlInjectionService.java:51:27:51:33 | hashMap | semmle.label | hashMap |
 | MybatisSqlInjectionService.java:54:32:54:42 | name : String | semmle.label | name : String |

java/ql/test/experimental/query-tests/security/CWE-200/SensitiveAndroidFileLeak.expected

@@ -3,12 +3,12 @@ edges
 | FileService.java:21:28:21:33 | intent : Intent | FileService.java:21:28:21:64 | getStringExtra(...) : Object |
 | FileService.java:21:28:21:64 | getStringExtra(...) : Object | FileService.java:25:42:25:50 | localPath : Object |
 | FileService.java:25:13:25:51 | makeParamsToExecute(...) : Object[] | FileService.java:40:41:40:55 | params : Object[] |
-| FileService.java:25:13:25:51 | makeParamsToExecute(...) [[]] : Object | FileService.java:25:13:25:51 | makeParamsToExecute(...) : Object[] |
-| FileService.java:25:42:25:50 | localPath : Object | FileService.java:25:13:25:51 | makeParamsToExecute(...) [[]] : Object |
+| FileService.java:25:13:25:51 | makeParamsToExecute(...) : Object[] [[]] : Object | FileService.java:25:13:25:51 | makeParamsToExecute(...) : Object[] |
+| FileService.java:25:42:25:50 | localPath : Object | FileService.java:25:13:25:51 | makeParamsToExecute(...) : Object[] [[]] : Object |
 | FileService.java:25:42:25:50 | localPath : Object | FileService.java:32:13:32:28 | sourceUri : Object |
 | FileService.java:32:13:32:28 | sourceUri : Object | FileService.java:35:17:35:25 | sourceUri : Object |
-| FileService.java:34:20:36:13 | {...} [[]] : Object | FileService.java:34:20:36:13 | new Object[] [[]] : Object |
-| FileService.java:35:17:35:25 | sourceUri : Object | FileService.java:34:20:36:13 | {...} [[]] : Object |
+| FileService.java:34:20:36:13 | {...} : Object[] [[]] : Object | FileService.java:34:20:36:13 | new Object[] : Object[] [[]] : Object |
+| FileService.java:35:17:35:25 | sourceUri : Object | FileService.java:34:20:36:13 | {...} : Object[] [[]] : Object |
 | FileService.java:40:41:40:55 | params : Object[] | FileService.java:44:33:44:52 | (...)... : Object |
 | FileService.java:44:33:44:52 | (...)... : Object | FileService.java:45:53:45:59 | ...[...] |
 | LeakFileActivity2.java:15:13:15:18 | intent : Intent | LeakFileActivity2.java:16:26:16:31 | intent : Intent |
@@ -23,11 +23,11 @@ nodes
 | FileService.java:21:28:21:33 | intent : Intent | semmle.label | intent : Intent |
 | FileService.java:21:28:21:64 | getStringExtra(...) : Object | semmle.label | getStringExtra(...) : Object |
 | FileService.java:25:13:25:51 | makeParamsToExecute(...) : Object[] | semmle.label | makeParamsToExecute(...) : Object[] |
-| FileService.java:25:13:25:51 | makeParamsToExecute(...) [[]] : Object | semmle.label | makeParamsToExecute(...) [[]] : Object |
+| FileService.java:25:13:25:51 | makeParamsToExecute(...) : Object[] [[]] : Object | semmle.label | makeParamsToExecute(...) : Object[] [[]] : Object |
 | FileService.java:25:42:25:50 | localPath : Object | semmle.label | localPath : Object |
 | FileService.java:32:13:32:28 | sourceUri : Object | semmle.label | sourceUri : Object |
-| FileService.java:34:20:36:13 | new Object[] [[]] : Object | semmle.label | new Object[] [[]] : Object |
-| FileService.java:34:20:36:13 | {...} [[]] : Object | semmle.label | {...} [[]] : Object |
+| FileService.java:34:20:36:13 | new Object[] : Object[] [[]] : Object | semmle.label | new Object[] : Object[] [[]] : Object |
+| FileService.java:34:20:36:13 | {...} : Object[] [[]] : Object | semmle.label | {...} : Object[] [[]] : Object |
 | FileService.java:35:17:35:25 | sourceUri : Object | semmle.label | sourceUri : Object |
 | FileService.java:40:41:40:55 | params : Object[] | semmle.label | params : Object[] |
 | FileService.java:44:33:44:52 | (...)... : Object | semmle.label | (...)... : Object |
@@ -41,7 +41,7 @@ nodes
 | LeakFileActivity.java:21:58:21:72 | streamsToUpload : Object | semmle.label | streamsToUpload : Object |
 | LeakFileActivity.java:21:58:21:82 | getPath(...) | semmle.label | getPath(...) |
 subpaths
-| FileService.java:25:42:25:50 | localPath : Object | FileService.java:32:13:32:28 | sourceUri : Object | FileService.java:34:20:36:13 | new Object[] [[]] : Object | FileService.java:25:13:25:51 | makeParamsToExecute(...) [[]] : Object |
+| FileService.java:25:42:25:50 | localPath : Object | FileService.java:32:13:32:28 | sourceUri : Object | FileService.java:34:20:36:13 | new Object[] : Object[] [[]] : Object | FileService.java:25:13:25:51 | makeParamsToExecute(...) : Object[] [[]] : Object |
 #select
 | FileService.java:45:53:45:59 | ...[...] | LeakFileActivity2.java:15:13:15:18 | intent : Intent | FileService.java:45:53:45:59 | ...[...] | Leaking arbitrary Android file from $@. | LeakFileActivity2.java:15:13:15:18 | intent | this user input |
 | FileService.java:45:53:45:59 | ...[...] | LeakFileActivity2.java:16:26:16:31 | intent : Intent | FileService.java:45:53:45:59 | ...[...] | Leaking arbitrary Android file from $@. | LeakFileActivity2.java:16:26:16:31 | intent | this user input |

java/ql/test/experimental/query-tests/security/CWE-299/DisabledRevocationChecking.expected

@@ -1,18 +1,18 @@
 edges
-| DisabledRevocationChecking.java:17:5:17:8 | this <.field> [post update] [flag] : Boolean | DisabledRevocationChecking.java:21:5:21:31 | this <.method> [post update] [flag] : Boolean |
-| DisabledRevocationChecking.java:17:12:17:16 | false : Boolean | DisabledRevocationChecking.java:17:5:17:8 | this <.field> [post update] [flag] : Boolean |
-| DisabledRevocationChecking.java:21:5:21:31 | this <.method> [post update] [flag] : Boolean | DisabledRevocationChecking.java:22:5:22:31 | this <.method> [flag] : Boolean |
-| DisabledRevocationChecking.java:22:5:22:31 | this <.method> [flag] : Boolean | DisabledRevocationChecking.java:25:15:25:22 | parameter this [flag] : Boolean |
-| DisabledRevocationChecking.java:25:15:25:22 | parameter this [flag] : Boolean | DisabledRevocationChecking.java:28:33:28:36 | this <.field> [flag] : Boolean |
-| DisabledRevocationChecking.java:28:33:28:36 | this <.field> [flag] : Boolean | DisabledRevocationChecking.java:28:33:28:36 | flag |
+| DisabledRevocationChecking.java:17:5:17:8 | this <.field> [post update] : DisabledRevocationChecking [flag] : Boolean | DisabledRevocationChecking.java:21:5:21:31 | this <.method> [post update] : DisabledRevocationChecking [flag] : Boolean |
+| DisabledRevocationChecking.java:17:12:17:16 | false : Boolean | DisabledRevocationChecking.java:17:5:17:8 | this <.field> [post update] : DisabledRevocationChecking [flag] : Boolean |
+| DisabledRevocationChecking.java:21:5:21:31 | this <.method> [post update] : DisabledRevocationChecking [flag] : Boolean | DisabledRevocationChecking.java:22:5:22:31 | this <.method> : DisabledRevocationChecking [flag] : Boolean |
+| DisabledRevocationChecking.java:22:5:22:31 | this <.method> : DisabledRevocationChecking [flag] : Boolean | DisabledRevocationChecking.java:25:15:25:22 | parameter this : DisabledRevocationChecking [flag] : Boolean |
+| DisabledRevocationChecking.java:25:15:25:22 | parameter this : DisabledRevocationChecking [flag] : Boolean | DisabledRevocationChecking.java:28:33:28:36 | this <.field> : DisabledRevocationChecking [flag] : Boolean |
+| DisabledRevocationChecking.java:28:33:28:36 | this <.field> : DisabledRevocationChecking [flag] : Boolean | DisabledRevocationChecking.java:28:33:28:36 | flag |
 nodes
-| DisabledRevocationChecking.java:17:5:17:8 | this <.field> [post update] [flag] : Boolean | semmle.label | this <.field> [post update] [flag] : Boolean |
+| DisabledRevocationChecking.java:17:5:17:8 | this <.field> [post update] : DisabledRevocationChecking [flag] : Boolean | semmle.label | this <.field> [post update] : DisabledRevocationChecking [flag] : Boolean |
 | DisabledRevocationChecking.java:17:12:17:16 | false : Boolean | semmle.label | false : Boolean |
-| DisabledRevocationChecking.java:21:5:21:31 | this <.method> [post update] [flag] : Boolean | semmle.label | this <.method> [post update] [flag] : Boolean |
-| DisabledRevocationChecking.java:22:5:22:31 | this <.method> [flag] : Boolean | semmle.label | this <.method> [flag] : Boolean |
-| DisabledRevocationChecking.java:25:15:25:22 | parameter this [flag] : Boolean | semmle.label | parameter this [flag] : Boolean |
+| DisabledRevocationChecking.java:21:5:21:31 | this <.method> [post update] : DisabledRevocationChecking [flag] : Boolean | semmle.label | this <.method> [post update] : DisabledRevocationChecking [flag] : Boolean |
+| DisabledRevocationChecking.java:22:5:22:31 | this <.method> : DisabledRevocationChecking [flag] : Boolean | semmle.label | this <.method> : DisabledRevocationChecking [flag] : Boolean |
+| DisabledRevocationChecking.java:25:15:25:22 | parameter this : DisabledRevocationChecking [flag] : Boolean | semmle.label | parameter this : DisabledRevocationChecking [flag] : Boolean |
 | DisabledRevocationChecking.java:28:33:28:36 | flag | semmle.label | flag |
-| DisabledRevocationChecking.java:28:33:28:36 | this <.field> [flag] : Boolean | semmle.label | this <.field> [flag] : Boolean |
+| DisabledRevocationChecking.java:28:33:28:36 | this <.field> : DisabledRevocationChecking [flag] : Boolean | semmle.label | this <.field> : DisabledRevocationChecking [flag] : Boolean |
 subpaths
 #select
 | DisabledRevocationChecking.java:17:12:17:16 | false | DisabledRevocationChecking.java:17:12:17:16 | false : Boolean | DisabledRevocationChecking.java:28:33:28:36 | flag | This disables revocation checking. |

java/ql/test/experimental/query-tests/security/CWE-327/UnsafeTlsVersion.expected

@@ -1,59 +1,59 @@
 edges
-| UnsafeTlsVersion.java:31:5:31:46 | new ..[] { .. } [[]] : String | UnsafeTlsVersion.java:43:74:43:92 | protocols [[]] : String |
-| UnsafeTlsVersion.java:31:39:31:45 | "SSLv3" : String | UnsafeTlsVersion.java:31:5:31:46 | new ..[] { .. } [[]] : String |
-| UnsafeTlsVersion.java:32:5:32:44 | new ..[] { .. } [[]] : String | UnsafeTlsVersion.java:43:74:43:92 | protocols [[]] : String |
-| UnsafeTlsVersion.java:32:39:32:43 | "TLS" : String | UnsafeTlsVersion.java:32:5:32:44 | new ..[] { .. } [[]] : String |
-| UnsafeTlsVersion.java:33:5:33:46 | new ..[] { .. } [[]] : String | UnsafeTlsVersion.java:43:74:43:92 | protocols [[]] : String |
-| UnsafeTlsVersion.java:33:39:33:45 | "TLSv1" : String | UnsafeTlsVersion.java:33:5:33:46 | new ..[] { .. } [[]] : String |
-| UnsafeTlsVersion.java:34:5:34:48 | new ..[] { .. } [[]] : String | UnsafeTlsVersion.java:43:74:43:92 | protocols [[]] : String |
-| UnsafeTlsVersion.java:34:39:34:47 | "TLSv1.1" : String | UnsafeTlsVersion.java:34:5:34:48 | new ..[] { .. } [[]] : String |
-| UnsafeTlsVersion.java:35:5:35:68 | new ..[] { .. } [[]] : String | UnsafeTlsVersion.java:43:74:43:92 | protocols [[]] : String |
-| UnsafeTlsVersion.java:35:39:35:45 | "TLSv1" : String | UnsafeTlsVersion.java:35:5:35:68 | new ..[] { .. } [[]] : String |
-| UnsafeTlsVersion.java:35:48:35:56 | "TLSv1.1" : String | UnsafeTlsVersion.java:35:5:35:68 | new ..[] { .. } [[]] : String |
-| UnsafeTlsVersion.java:43:74:43:92 | protocols [[]] : String | UnsafeTlsVersion.java:44:44:44:52 | protocols |
-| UnsafeTlsVersion.java:50:38:50:61 | {...} [[]] : String | UnsafeTlsVersion.java:50:38:50:61 | new String[] |
-| UnsafeTlsVersion.java:50:53:50:59 | "SSLv3" : String | UnsafeTlsVersion.java:50:38:50:61 | {...} [[]] : String |
-| UnsafeTlsVersion.java:51:38:51:59 | {...} [[]] : String | UnsafeTlsVersion.java:51:38:51:59 | new String[] |
-| UnsafeTlsVersion.java:51:53:51:57 | "TLS" : String | UnsafeTlsVersion.java:51:38:51:59 | {...} [[]] : String |
-| UnsafeTlsVersion.java:52:38:52:61 | {...} [[]] : String | UnsafeTlsVersion.java:52:38:52:61 | new String[] |
-| UnsafeTlsVersion.java:52:53:52:59 | "TLSv1" : String | UnsafeTlsVersion.java:52:38:52:61 | {...} [[]] : String |
-| UnsafeTlsVersion.java:53:38:53:63 | {...} [[]] : String | UnsafeTlsVersion.java:53:38:53:63 | new String[] |
-| UnsafeTlsVersion.java:53:53:53:61 | "TLSv1.1" : String | UnsafeTlsVersion.java:53:38:53:63 | {...} [[]] : String |
-| UnsafeTlsVersion.java:56:29:56:65 | {...} [[]] : String | UnsafeTlsVersion.java:56:29:56:65 | new String[] |
-| UnsafeTlsVersion.java:56:44:56:52 | "TLSv1.1" : String | UnsafeTlsVersion.java:56:29:56:65 | {...} [[]] : String |
-| UnsafeTlsVersion.java:68:5:68:28 | new ..[] { .. } [[]] : String | UnsafeTlsVersion.java:79:43:79:61 | protocols [[]] : String |
-| UnsafeTlsVersion.java:68:21:68:27 | "SSLv3" : String | UnsafeTlsVersion.java:68:5:68:28 | new ..[] { .. } [[]] : String |
-| UnsafeTlsVersion.java:69:5:69:26 | new ..[] { .. } [[]] : String | UnsafeTlsVersion.java:79:43:79:61 | protocols [[]] : String |
-| UnsafeTlsVersion.java:69:21:69:25 | "TLS" : String | UnsafeTlsVersion.java:69:5:69:26 | new ..[] { .. } [[]] : String |
-| UnsafeTlsVersion.java:70:5:70:28 | new ..[] { .. } [[]] : String | UnsafeTlsVersion.java:79:43:79:61 | protocols [[]] : String |
-| UnsafeTlsVersion.java:70:21:70:27 | "TLSv1" : String | UnsafeTlsVersion.java:70:5:70:28 | new ..[] { .. } [[]] : String |
-| UnsafeTlsVersion.java:71:5:71:30 | new ..[] { .. } [[]] : String | UnsafeTlsVersion.java:79:43:79:61 | protocols [[]] : String |
-| UnsafeTlsVersion.java:71:21:71:29 | "TLSv1.1" : String | UnsafeTlsVersion.java:71:5:71:30 | new ..[] { .. } [[]] : String |
-| UnsafeTlsVersion.java:72:5:72:41 | new ..[] { .. } [[]] : String | UnsafeTlsVersion.java:79:43:79:61 | protocols [[]] : String |
-| UnsafeTlsVersion.java:72:21:72:29 | "TLSv1.1" : String | UnsafeTlsVersion.java:72:5:72:41 | new ..[] { .. } [[]] : String |
-| UnsafeTlsVersion.java:79:43:79:61 | protocols [[]] : String | UnsafeTlsVersion.java:81:32:81:40 | protocols |
-| UnsafeTlsVersion.java:88:5:88:34 | new ..[] { .. } [[]] : String | UnsafeTlsVersion.java:99:55:99:73 | protocols [[]] : String |
-| UnsafeTlsVersion.java:88:27:88:33 | "SSLv3" : String | UnsafeTlsVersion.java:88:5:88:34 | new ..[] { .. } [[]] : String |
-| UnsafeTlsVersion.java:89:5:89:32 | new ..[] { .. } [[]] : String | UnsafeTlsVersion.java:99:55:99:73 | protocols [[]] : String |
-| UnsafeTlsVersion.java:89:27:89:31 | "TLS" : String | UnsafeTlsVersion.java:89:5:89:32 | new ..[] { .. } [[]] : String |
-| UnsafeTlsVersion.java:90:5:90:34 | new ..[] { .. } [[]] : String | UnsafeTlsVersion.java:99:55:99:73 | protocols [[]] : String |
-| UnsafeTlsVersion.java:90:27:90:33 | "TLSv1" : String | UnsafeTlsVersion.java:90:5:90:34 | new ..[] { .. } [[]] : String |
-| UnsafeTlsVersion.java:91:5:91:36 | new ..[] { .. } [[]] : String | UnsafeTlsVersion.java:99:55:99:73 | protocols [[]] : String |
-| UnsafeTlsVersion.java:91:27:91:35 | "TLSv1.1" : String | UnsafeTlsVersion.java:91:5:91:36 | new ..[] { .. } [[]] : String |
-| UnsafeTlsVersion.java:92:5:92:47 | new ..[] { .. } [[]] : String | UnsafeTlsVersion.java:99:55:99:73 | protocols [[]] : String |
-| UnsafeTlsVersion.java:92:27:92:35 | "TLSv1.1" : String | UnsafeTlsVersion.java:92:5:92:47 | new ..[] { .. } [[]] : String |
-| UnsafeTlsVersion.java:99:55:99:73 | protocols [[]] : String | UnsafeTlsVersion.java:101:32:101:40 | protocols |
-| UnsafeTlsVersion.java:108:5:108:28 | new ..[] { .. } [[]] : String | UnsafeTlsVersion.java:119:43:119:61 | protocols [[]] : String |
-| UnsafeTlsVersion.java:108:21:108:27 | "SSLv3" : String | UnsafeTlsVersion.java:108:5:108:28 | new ..[] { .. } [[]] : String |
-| UnsafeTlsVersion.java:109:5:109:26 | new ..[] { .. } [[]] : String | UnsafeTlsVersion.java:119:43:119:61 | protocols [[]] : String |
-| UnsafeTlsVersion.java:109:21:109:25 | "TLS" : String | UnsafeTlsVersion.java:109:5:109:26 | new ..[] { .. } [[]] : String |
-| UnsafeTlsVersion.java:110:5:110:28 | new ..[] { .. } [[]] : String | UnsafeTlsVersion.java:119:43:119:61 | protocols [[]] : String |
-| UnsafeTlsVersion.java:110:21:110:27 | "TLSv1" : String | UnsafeTlsVersion.java:110:5:110:28 | new ..[] { .. } [[]] : String |
-| UnsafeTlsVersion.java:111:5:111:30 | new ..[] { .. } [[]] : String | UnsafeTlsVersion.java:119:43:119:61 | protocols [[]] : String |
-| UnsafeTlsVersion.java:111:21:111:29 | "TLSv1.1" : String | UnsafeTlsVersion.java:111:5:111:30 | new ..[] { .. } [[]] : String |
-| UnsafeTlsVersion.java:112:5:112:41 | new ..[] { .. } [[]] : String | UnsafeTlsVersion.java:119:43:119:61 | protocols [[]] : String |
-| UnsafeTlsVersion.java:112:21:112:29 | "TLSv1.1" : String | UnsafeTlsVersion.java:112:5:112:41 | new ..[] { .. } [[]] : String |
-| UnsafeTlsVersion.java:119:43:119:61 | protocols [[]] : String | UnsafeTlsVersion.java:121:32:121:40 | protocols |
+| UnsafeTlsVersion.java:31:5:31:46 | new ..[] { .. } : String[] [[]] : String | UnsafeTlsVersion.java:43:74:43:92 | protocols : String[] [[]] : String |
+| UnsafeTlsVersion.java:31:39:31:45 | "SSLv3" : String | UnsafeTlsVersion.java:31:5:31:46 | new ..[] { .. } : String[] [[]] : String |
+| UnsafeTlsVersion.java:32:5:32:44 | new ..[] { .. } : String[] [[]] : String | UnsafeTlsVersion.java:43:74:43:92 | protocols : String[] [[]] : String |
+| UnsafeTlsVersion.java:32:39:32:43 | "TLS" : String | UnsafeTlsVersion.java:32:5:32:44 | new ..[] { .. } : String[] [[]] : String |
+| UnsafeTlsVersion.java:33:5:33:46 | new ..[] { .. } : String[] [[]] : String | UnsafeTlsVersion.java:43:74:43:92 | protocols : String[] [[]] : String |
+| UnsafeTlsVersion.java:33:39:33:45 | "TLSv1" : String | UnsafeTlsVersion.java:33:5:33:46 | new ..[] { .. } : String[] [[]] : String |
+| UnsafeTlsVersion.java:34:5:34:48 | new ..[] { .. } : String[] [[]] : String | UnsafeTlsVersion.java:43:74:43:92 | protocols : String[] [[]] : String |
+| UnsafeTlsVersion.java:34:39:34:47 | "TLSv1.1" : String | UnsafeTlsVersion.java:34:5:34:48 | new ..[] { .. } : String[] [[]] : String |
+| UnsafeTlsVersion.java:35:5:35:68 | new ..[] { .. } : String[] [[]] : String | UnsafeTlsVersion.java:43:74:43:92 | protocols : String[] [[]] : String |
+| UnsafeTlsVersion.java:35:39:35:45 | "TLSv1" : String | UnsafeTlsVersion.java:35:5:35:68 | new ..[] { .. } : String[] [[]] : String |
+| UnsafeTlsVersion.java:35:48:35:56 | "TLSv1.1" : String | UnsafeTlsVersion.java:35:5:35:68 | new ..[] { .. } : String[] [[]] : String |
+| UnsafeTlsVersion.java:43:74:43:92 | protocols : String[] [[]] : String | UnsafeTlsVersion.java:44:44:44:52 | protocols |
+| UnsafeTlsVersion.java:50:38:50:61 | {...} : String[] [[]] : String | UnsafeTlsVersion.java:50:38:50:61 | new String[] |
+| UnsafeTlsVersion.java:50:53:50:59 | "SSLv3" : String | UnsafeTlsVersion.java:50:38:50:61 | {...} : String[] [[]] : String |
+| UnsafeTlsVersion.java:51:38:51:59 | {...} : String[] [[]] : String | UnsafeTlsVersion.java:51:38:51:59 | new String[] |
+| UnsafeTlsVersion.java:51:53:51:57 | "TLS" : String | UnsafeTlsVersion.java:51:38:51:59 | {...} : String[] [[]] : String |
+| UnsafeTlsVersion.java:52:38:52:61 | {...} : String[] [[]] : String | UnsafeTlsVersion.java:52:38:52:61 | new String[] |
+| UnsafeTlsVersion.java:52:53:52:59 | "TLSv1" : String | UnsafeTlsVersion.java:52:38:52:61 | {...} : String[] [[]] : String |
+| UnsafeTlsVersion.java:53:38:53:63 | {...} : String[] [[]] : String | UnsafeTlsVersion.java:53:38:53:63 | new String[] |
+| UnsafeTlsVersion.java:53:53:53:61 | "TLSv1.1" : String | UnsafeTlsVersion.java:53:38:53:63 | {...} : String[] [[]] : String |
+| UnsafeTlsVersion.java:56:29:56:65 | {...} : String[] [[]] : String | UnsafeTlsVersion.java:56:29:56:65 | new String[] |
+| UnsafeTlsVersion.java:56:44:56:52 | "TLSv1.1" : String | UnsafeTlsVersion.java:56:29:56:65 | {...} : String[] [[]] : String |
+| UnsafeTlsVersion.java:68:5:68:28 | new ..[] { .. } : String[] [[]] : String | UnsafeTlsVersion.java:79:43:79:61 | protocols : String[] [[]] : String |
+| UnsafeTlsVersion.java:68:21:68:27 | "SSLv3" : String | UnsafeTlsVersion.java:68:5:68:28 | new ..[] { .. } : String[] [[]] : String |
+| UnsafeTlsVersion.java:69:5:69:26 | new ..[] { .. } : String[] [[]] : String | UnsafeTlsVersion.java:79:43:79:61 | protocols : String[] [[]] : String |
+| UnsafeTlsVersion.java:69:21:69:25 | "TLS" : String | UnsafeTlsVersion.java:69:5:69:26 | new ..[] { .. } : String[] [[]] : String |
+| UnsafeTlsVersion.java:70:5:70:28 | new ..[] { .. } : String[] [[]] : String | UnsafeTlsVersion.java:79:43:79:61 | protocols : String[] [[]] : String |
+| UnsafeTlsVersion.java:70:21:70:27 | "TLSv1" : String | UnsafeTlsVersion.java:70:5:70:28 | new ..[] { .. } : String[] [[]] : String |
+| UnsafeTlsVersion.java:71:5:71:30 | new ..[] { .. } : String[] [[]] : String | UnsafeTlsVersion.java:79:43:79:61 | protocols : String[] [[]] : String |
+| UnsafeTlsVersion.java:71:21:71:29 | "TLSv1.1" : String | UnsafeTlsVersion.java:71:5:71:30 | new ..[] { .. } : String[] [[]] : String |
+| UnsafeTlsVersion.java:72:5:72:41 | new ..[] { .. } : String[] [[]] : String | UnsafeTlsVersion.java:79:43:79:61 | protocols : String[] [[]] : String |
+| UnsafeTlsVersion.java:72:21:72:29 | "TLSv1.1" : String | UnsafeTlsVersion.java:72:5:72:41 | new ..[] { .. } : String[] [[]] : String |
+| UnsafeTlsVersion.java:79:43:79:61 | protocols : String[] [[]] : String | UnsafeTlsVersion.java:81:32:81:40 | protocols |
+| UnsafeTlsVersion.java:88:5:88:34 | new ..[] { .. } : String[] [[]] : String | UnsafeTlsVersion.java:99:55:99:73 | protocols : String[] [[]] : String |
+| UnsafeTlsVersion.java:88:27:88:33 | "SSLv3" : String | UnsafeTlsVersion.java:88:5:88:34 | new ..[] { .. } : String[] [[]] : String |
+| UnsafeTlsVersion.java:89:5:89:32 | new ..[] { .. } : String[] [[]] : String | UnsafeTlsVersion.java:99:55:99:73 | protocols : String[] [[]] : String |
+| UnsafeTlsVersion.java:89:27:89:31 | "TLS" : String | UnsafeTlsVersion.java:89:5:89:32 | new ..[] { .. } : String[] [[]] : String |
+| UnsafeTlsVersion.java:90:5:90:34 | new ..[] { .. } : String[] [[]] : String | UnsafeTlsVersion.java:99:55:99:73 | protocols : String[] [[]] : String |
+| UnsafeTlsVersion.java:90:27:90:33 | "TLSv1" : String | UnsafeTlsVersion.java:90:5:90:34 | new ..[] { .. } : String[] [[]] : String |
+| UnsafeTlsVersion.java:91:5:91:36 | new ..[] { .. } : String[] [[]] : String | UnsafeTlsVersion.java:99:55:99:73 | protocols : String[] [[]] : String |
+| UnsafeTlsVersion.java:91:27:91:35 | "TLSv1.1" : String | UnsafeTlsVersion.java:91:5:91:36 | new ..[] { .. } : String[] [[]] : String |
+| UnsafeTlsVersion.java:92:5:92:47 | new ..[] { .. } : String[] [[]] : String | UnsafeTlsVersion.java:99:55:99:73 | protocols : String[] [[]] : String |
+| UnsafeTlsVersion.java:92:27:92:35 | "TLSv1.1" : String | UnsafeTlsVersion.java:92:5:92:47 | new ..[] { .. } : String[] [[]] : String |
+| UnsafeTlsVersion.java:99:55:99:73 | protocols : String[] [[]] : String | UnsafeTlsVersion.java:101:32:101:40 | protocols |
+| UnsafeTlsVersion.java:108:5:108:28 | new ..[] { .. } : String[] [[]] : String | UnsafeTlsVersion.java:119:43:119:61 | protocols : String[] [[]] : String |
+| UnsafeTlsVersion.java:108:21:108:27 | "SSLv3" : String | UnsafeTlsVersion.java:108:5:108:28 | new ..[] { .. } : String[] [[]] : String |
+| UnsafeTlsVersion.java:109:5:109:26 | new ..[] { .. } : String[] [[]] : String | UnsafeTlsVersion.java:119:43:119:61 | protocols : String[] [[]] : String |
+| UnsafeTlsVersion.java:109:21:109:25 | "TLS" : String | UnsafeTlsVersion.java:109:5:109:26 | new ..[] { .. } : String[] [[]] : String |
+| UnsafeTlsVersion.java:110:5:110:28 | new ..[] { .. } : String[] [[]] : String | UnsafeTlsVersion.java:119:43:119:61 | protocols : String[] [[]] : String |
+| UnsafeTlsVersion.java:110:21:110:27 | "TLSv1" : String | UnsafeTlsVersion.java:110:5:110:28 | new ..[] { .. } : String[] [[]] : String |
+| UnsafeTlsVersion.java:111:5:111:30 | new ..[] { .. } : String[] [[]] : String | UnsafeTlsVersion.java:119:43:119:61 | protocols : String[] [[]] : String |
+| UnsafeTlsVersion.java:111:21:111:29 | "TLSv1.1" : String | UnsafeTlsVersion.java:111:5:111:30 | new ..[] { .. } : String[] [[]] : String |
+| UnsafeTlsVersion.java:112:5:112:41 | new ..[] { .. } : String[] [[]] : String | UnsafeTlsVersion.java:119:43:119:61 | protocols : String[] [[]] : String |
+| UnsafeTlsVersion.java:112:21:112:29 | "TLSv1.1" : String | UnsafeTlsVersion.java:112:5:112:41 | new ..[] { .. } : String[] [[]] : String |
+| UnsafeTlsVersion.java:119:43:119:61 | protocols : String[] [[]] : String | UnsafeTlsVersion.java:121:32:121:40 | protocols |
 nodes
 | UnsafeTlsVersion.java:16:28:16:32 | "SSL" | semmle.label | "SSL" |
 | UnsafeTlsVersion.java:17:28:17:34 | "SSLv2" | semmle.label | "SSLv2" |
@@ -61,69 +61,69 @@ nodes
 | UnsafeTlsVersion.java:19:28:19:32 | "TLS" | semmle.label | "TLS" |
 | UnsafeTlsVersion.java:20:28:20:34 | "TLSv1" | semmle.label | "TLSv1" |
 | UnsafeTlsVersion.java:21:28:21:36 | "TLSv1.1" | semmle.label | "TLSv1.1" |
-| UnsafeTlsVersion.java:31:5:31:46 | new ..[] { .. } [[]] : String | semmle.label | new ..[] { .. } [[]] : String |
+| UnsafeTlsVersion.java:31:5:31:46 | new ..[] { .. } : String[] [[]] : String | semmle.label | new ..[] { .. } : String[] [[]] : String |
 | UnsafeTlsVersion.java:31:39:31:45 | "SSLv3" : String | semmle.label | "SSLv3" : String |
-| UnsafeTlsVersion.java:32:5:32:44 | new ..[] { .. } [[]] : String | semmle.label | new ..[] { .. } [[]] : String |
+| UnsafeTlsVersion.java:32:5:32:44 | new ..[] { .. } : String[] [[]] : String | semmle.label | new ..[] { .. } : String[] [[]] : String |
 | UnsafeTlsVersion.java:32:39:32:43 | "TLS" : String | semmle.label | "TLS" : String |
-| UnsafeTlsVersion.java:33:5:33:46 | new ..[] { .. } [[]] : String | semmle.label | new ..[] { .. } [[]] : String |
+| UnsafeTlsVersion.java:33:5:33:46 | new ..[] { .. } : String[] [[]] : String | semmle.label | new ..[] { .. } : String[] [[]] : String |
 | UnsafeTlsVersion.java:33:39:33:45 | "TLSv1" : String | semmle.label | "TLSv1" : String |
-| UnsafeTlsVersion.java:34:5:34:48 | new ..[] { .. } [[]] : String | semmle.label | new ..[] { .. } [[]] : String |
+| UnsafeTlsVersion.java:34:5:34:48 | new ..[] { .. } : String[] [[]] : String | semmle.label | new ..[] { .. } : String[] [[]] : String |
 | UnsafeTlsVersion.java:34:39:34:47 | "TLSv1.1" : String | semmle.label | "TLSv1.1" : String |
-| UnsafeTlsVersion.java:35:5:35:68 | new ..[] { .. } [[]] : String | semmle.label | new ..[] { .. } [[]] : String |
+| UnsafeTlsVersion.java:35:5:35:68 | new ..[] { .. } : String[] [[]] : String | semmle.label | new ..[] { .. } : String[] [[]] : String |
 | UnsafeTlsVersion.java:35:39:35:45 | "TLSv1" : String | semmle.label | "TLSv1" : String |
 | UnsafeTlsVersion.java:35:48:35:56 | "TLSv1.1" : String | semmle.label | "TLSv1.1" : String |
-| UnsafeTlsVersion.java:43:74:43:92 | protocols [[]] : String | semmle.label | protocols [[]] : String |
+| UnsafeTlsVersion.java:43:74:43:92 | protocols : String[] [[]] : String | semmle.label | protocols : String[] [[]] : String |
 | UnsafeTlsVersion.java:44:44:44:52 | protocols | semmle.label | protocols |
 | UnsafeTlsVersion.java:50:38:50:61 | new String[] | semmle.label | new String[] |
-| UnsafeTlsVersion.java:50:38:50:61 | {...} [[]] : String | semmle.label | {...} [[]] : String |
+| UnsafeTlsVersion.java:50:38:50:61 | {...} : String[] [[]] : String | semmle.label | {...} : String[] [[]] : String |
 | UnsafeTlsVersion.java:50:53:50:59 | "SSLv3" : String | semmle.label | "SSLv3" : String |
 | UnsafeTlsVersion.java:51:38:51:59 | new String[] | semmle.label | new String[] |
-| UnsafeTlsVersion.java:51:38:51:59 | {...} [[]] : String | semmle.label | {...} [[]] : String |
+| UnsafeTlsVersion.java:51:38:51:59 | {...} : String[] [[]] : String | semmle.label | {...} : String[] [[]] : String |
 | UnsafeTlsVersion.java:51:53:51:57 | "TLS" : String | semmle.label | "TLS" : String |
 | UnsafeTlsVersion.java:52:38:52:61 | new String[] | semmle.label | new String[] |
-| UnsafeTlsVersion.java:52:38:52:61 | {...} [[]] : String | semmle.label | {...} [[]] : String |
+| UnsafeTlsVersion.java:52:38:52:61 | {...} : String[] [[]] : String | semmle.label | {...} : String[] [[]] : String |
 | UnsafeTlsVersion.java:52:53:52:59 | "TLSv1" : String | semmle.label | "TLSv1" : String |
 | UnsafeTlsVersion.java:53:38:53:63 | new String[] | semmle.label | new String[] |
-| UnsafeTlsVersion.java:53:38:53:63 | {...} [[]] : String | semmle.label | {...} [[]] : String |
+| UnsafeTlsVersion.java:53:38:53:63 | {...} : String[] [[]] : String | semmle.label | {...} : String[] [[]] : String |
 | UnsafeTlsVersion.java:53:53:53:61 | "TLSv1.1" : String | semmle.label | "TLSv1.1" : String |
 | UnsafeTlsVersion.java:56:29:56:65 | new String[] | semmle.label | new String[] |
-| UnsafeTlsVersion.java:56:29:56:65 | {...} [[]] : String | semmle.label | {...} [[]] : String |
+| UnsafeTlsVersion.java:56:29:56:65 | {...} : String[] [[]] : String | semmle.label | {...} : String[] [[]] : String |
 | UnsafeTlsVersion.java:56:44:56:52 | "TLSv1.1" : String | semmle.label | "TLSv1.1" : String |
-| UnsafeTlsVersion.java:68:5:68:28 | new ..[] { .. } [[]] : String | semmle.label | new ..[] { .. } [[]] : String |
+| UnsafeTlsVersion.java:68:5:68:28 | new ..[] { .. } : String[] [[]] : String | semmle.label | new ..[] { .. } : String[] [[]] : String |
 | UnsafeTlsVersion.java:68:21:68:27 | "SSLv3" : String | semmle.label | "SSLv3" : String |
-| UnsafeTlsVersion.java:69:5:69:26 | new ..[] { .. } [[]] : String | semmle.label | new ..[] { .. } [[]] : String |
+| UnsafeTlsVersion.java:69:5:69:26 | new ..[] { .. } : String[] [[]] : String | semmle.label | new ..[] { .. } : String[] [[]] : String |
 | UnsafeTlsVersion.java:69:21:69:25 | "TLS" : String | semmle.label | "TLS" : String |
-| UnsafeTlsVersion.java:70:5:70:28 | new ..[] { .. } [[]] : String | semmle.label | new ..[] { .. } [[]] : String |
+| UnsafeTlsVersion.java:70:5:70:28 | new ..[] { .. } : String[] [[]] : String | semmle.label | new ..[] { .. } : String[] [[]] : String |
 | UnsafeTlsVersion.java:70:21:70:27 | "TLSv1" : String | semmle.label | "TLSv1" : String |
-| UnsafeTlsVersion.java:71:5:71:30 | new ..[] { .. } [[]] : String | semmle.label | new ..[] { .. } [[]] : String |
+| UnsafeTlsVersion.java:71:5:71:30 | new ..[] { .. } : String[] [[]] : String | semmle.label | new ..[] { .. } : String[] [[]] : String |
 | UnsafeTlsVersion.java:71:21:71:29 | "TLSv1.1" : String | semmle.label | "TLSv1.1" : String |
-| UnsafeTlsVersion.java:72:5:72:41 | new ..[] { .. } [[]] : String | semmle.label | new ..[] { .. } [[]] : String |
+| UnsafeTlsVersion.java:72:5:72:41 | new ..[] { .. } : String[] [[]] : String | semmle.label | new ..[] { .. } : String[] [[]] : String |
 | UnsafeTlsVersion.java:72:21:72:29 | "TLSv1.1" : String | semmle.label | "TLSv1.1" : String |
-| UnsafeTlsVersion.java:79:43:79:61 | protocols [[]] : String | semmle.label | protocols [[]] : String |
+| UnsafeTlsVersion.java:79:43:79:61 | protocols : String[] [[]] : String | semmle.label | protocols : String[] [[]] : String |
 | UnsafeTlsVersion.java:81:32:81:40 | protocols | semmle.label | protocols |
-| UnsafeTlsVersion.java:88:5:88:34 | new ..[] { .. } [[]] : String | semmle.label | new ..[] { .. } [[]] : String |
+| UnsafeTlsVersion.java:88:5:88:34 | new ..[] { .. } : String[] [[]] : String | semmle.label | new ..[] { .. } : String[] [[]] : String |
 | UnsafeTlsVersion.java:88:27:88:33 | "SSLv3" : String | semmle.label | "SSLv3" : String |
-| UnsafeTlsVersion.java:89:5:89:32 | new ..[] { .. } [[]] : String | semmle.label | new ..[] { .. } [[]] : String |
+| UnsafeTlsVersion.java:89:5:89:32 | new ..[] { .. } : String[] [[]] : String | semmle.label | new ..[] { .. } : String[] [[]] : String |
 | UnsafeTlsVersion.java:89:27:89:31 | "TLS" : String | semmle.label | "TLS" : String |
-| UnsafeTlsVersion.java:90:5:90:34 | new ..[] { .. } [[]] : String | semmle.label | new ..[] { .. } [[]] : String |
+| UnsafeTlsVersion.java:90:5:90:34 | new ..[] { .. } : String[] [[]] : String | semmle.label | new ..[] { .. } : String[] [[]] : String |
 | UnsafeTlsVersion.java:90:27:90:33 | "TLSv1" : String | semmle.label | "TLSv1" : String |
-| UnsafeTlsVersion.java:91:5:91:36 | new ..[] { .. } [[]] : String | semmle.label | new ..[] { .. } [[]] : String |
+| UnsafeTlsVersion.java:91:5:91:36 | new ..[] { .. } : String[] [[]] : String | semmle.label | new ..[] { .. } : String[] [[]] : String |
 | UnsafeTlsVersion.java:91:27:91:35 | "TLSv1.1" : String | semmle.label | "TLSv1.1" : String |
-| UnsafeTlsVersion.java:92:5:92:47 | new ..[] { .. } [[]] : String | semmle.label | new ..[] { .. } [[]] : String |
+| UnsafeTlsVersion.java:92:5:92:47 | new ..[] { .. } : String[] [[]] : String | semmle.label | new ..[] { .. } : String[] [[]] : String |
 | UnsafeTlsVersion.java:92:27:92:35 | "TLSv1.1" : String | semmle.label | "TLSv1.1" : String |
-| UnsafeTlsVersion.java:99:55:99:73 | protocols [[]] : String | semmle.label | protocols [[]] : String |
+| UnsafeTlsVersion.java:99:55:99:73 | protocols : String[] [[]] : String | semmle.label | protocols : String[] [[]] : String |
 | UnsafeTlsVersion.java:101:32:101:40 | protocols | semmle.label | protocols |
-| UnsafeTlsVersion.java:108:5:108:28 | new ..[] { .. } [[]] : String | semmle.label | new ..[] { .. } [[]] : String |
+| UnsafeTlsVersion.java:108:5:108:28 | new ..[] { .. } : String[] [[]] : String | semmle.label | new ..[] { .. } : String[] [[]] : String |
 | UnsafeTlsVersion.java:108:21:108:27 | "SSLv3" : String | semmle.label | "SSLv3" : String |
-| UnsafeTlsVersion.java:109:5:109:26 | new ..[] { .. } [[]] : String | semmle.label | new ..[] { .. } [[]] : String |
+| UnsafeTlsVersion.java:109:5:109:26 | new ..[] { .. } : String[] [[]] : String | semmle.label | new ..[] { .. } : String[] [[]] : String |
 | UnsafeTlsVersion.java:109:21:109:25 | "TLS" : String | semmle.label | "TLS" : String |
-| UnsafeTlsVersion.java:110:5:110:28 | new ..[] { .. } [[]] : String | semmle.label | new ..[] { .. } [[]] : String |
+| UnsafeTlsVersion.java:110:5:110:28 | new ..[] { .. } : String[] [[]] : String | semmle.label | new ..[] { .. } : String[] [[]] : String |
 | UnsafeTlsVersion.java:110:21:110:27 | "TLSv1" : String | semmle.label | "TLSv1" : String |
-| UnsafeTlsVersion.java:111:5:111:30 | new ..[] { .. } [[]] : String | semmle.label | new ..[] { .. } [[]] : String |
+| UnsafeTlsVersion.java:111:5:111:30 | new ..[] { .. } : String[] [[]] : String | semmle.label | new ..[] { .. } : String[] [[]] : String |
 | UnsafeTlsVersion.java:111:21:111:29 | "TLSv1.1" : String | semmle.label | "TLSv1.1" : String |
-| UnsafeTlsVersion.java:112:5:112:41 | new ..[] { .. } [[]] : String | semmle.label | new ..[] { .. } [[]] : String |
+| UnsafeTlsVersion.java:112:5:112:41 | new ..[] { .. } : String[] [[]] : String | semmle.label | new ..[] { .. } : String[] [[]] : String |
 | UnsafeTlsVersion.java:112:21:112:29 | "TLSv1.1" : String | semmle.label | "TLSv1.1" : String |
-| UnsafeTlsVersion.java:119:43:119:61 | protocols [[]] : String | semmle.label | protocols [[]] : String |
+| UnsafeTlsVersion.java:119:43:119:61 | protocols : String[] [[]] : String | semmle.label | protocols : String[] [[]] : String |
 | UnsafeTlsVersion.java:121:32:121:40 | protocols | semmle.label | protocols |
 subpaths
 #select

java/ql/test/experimental/query-tests/security/CWE-400/LocalThreadResourceAbuse.expected

@@ -1,23 +1,23 @@
 edges
 | ThreadResourceAbuse.java:37:25:37:73 | getInitParameter(...) : String | ThreadResourceAbuse.java:40:28:40:36 | delayTime : Number |
-| ThreadResourceAbuse.java:40:4:40:37 | new UncheckedSyncAction(...) [waitTime] : Number | ThreadResourceAbuse.java:71:15:71:17 | parameter this [waitTime] : Number |
-| ThreadResourceAbuse.java:40:28:40:36 | delayTime : Number | ThreadResourceAbuse.java:40:4:40:37 | new UncheckedSyncAction(...) [waitTime] : Number |
+| ThreadResourceAbuse.java:40:4:40:37 | new UncheckedSyncAction(...) : UncheckedSyncAction [waitTime] : Number | ThreadResourceAbuse.java:71:15:71:17 | parameter this : UncheckedSyncAction [waitTime] : Number |
+| ThreadResourceAbuse.java:40:28:40:36 | delayTime : Number | ThreadResourceAbuse.java:40:4:40:37 | new UncheckedSyncAction(...) : UncheckedSyncAction [waitTime] : Number |
 | ThreadResourceAbuse.java:40:28:40:36 | delayTime : Number | ThreadResourceAbuse.java:66:30:66:41 | waitTime : Number |
 | ThreadResourceAbuse.java:66:30:66:41 | waitTime : Number | ThreadResourceAbuse.java:67:20:67:27 | waitTime : Number |
-| ThreadResourceAbuse.java:67:20:67:27 | waitTime : Number | ThreadResourceAbuse.java:67:4:67:7 | this [post update] [waitTime] : Number |
-| ThreadResourceAbuse.java:71:15:71:17 | parameter this [waitTime] : Number | ThreadResourceAbuse.java:74:18:74:25 | this <.field> [waitTime] : Number |
-| ThreadResourceAbuse.java:74:18:74:25 | this <.field> [waitTime] : Number | ThreadResourceAbuse.java:74:18:74:25 | waitTime |
+| ThreadResourceAbuse.java:67:20:67:27 | waitTime : Number | ThreadResourceAbuse.java:67:4:67:7 | this [post update] : UncheckedSyncAction [waitTime] : Number |
+| ThreadResourceAbuse.java:71:15:71:17 | parameter this : UncheckedSyncAction [waitTime] : Number | ThreadResourceAbuse.java:74:18:74:25 | this <.field> : UncheckedSyncAction [waitTime] : Number |
+| ThreadResourceAbuse.java:74:18:74:25 | this <.field> : UncheckedSyncAction [waitTime] : Number | ThreadResourceAbuse.java:74:18:74:25 | waitTime |
 nodes
 | ThreadResourceAbuse.java:37:25:37:73 | getInitParameter(...) : String | semmle.label | getInitParameter(...) : String |
-| ThreadResourceAbuse.java:40:4:40:37 | new UncheckedSyncAction(...) [waitTime] : Number | semmle.label | new UncheckedSyncAction(...) [waitTime] : Number |
+| ThreadResourceAbuse.java:40:4:40:37 | new UncheckedSyncAction(...) : UncheckedSyncAction [waitTime] : Number | semmle.label | new UncheckedSyncAction(...) : UncheckedSyncAction [waitTime] : Number |
 | ThreadResourceAbuse.java:40:28:40:36 | delayTime : Number | semmle.label | delayTime : Number |
 | ThreadResourceAbuse.java:66:30:66:41 | waitTime : Number | semmle.label | waitTime : Number |
-| ThreadResourceAbuse.java:67:4:67:7 | this [post update] [waitTime] : Number | semmle.label | this [post update] [waitTime] : Number |
+| ThreadResourceAbuse.java:67:4:67:7 | this [post update] : UncheckedSyncAction [waitTime] : Number | semmle.label | this [post update] : UncheckedSyncAction [waitTime] : Number |
 | ThreadResourceAbuse.java:67:20:67:27 | waitTime : Number | semmle.label | waitTime : Number |
-| ThreadResourceAbuse.java:71:15:71:17 | parameter this [waitTime] : Number | semmle.label | parameter this [waitTime] : Number |
-| ThreadResourceAbuse.java:74:18:74:25 | this <.field> [waitTime] : Number | semmle.label | this <.field> [waitTime] : Number |
+| ThreadResourceAbuse.java:71:15:71:17 | parameter this : UncheckedSyncAction [waitTime] : Number | semmle.label | parameter this : UncheckedSyncAction [waitTime] : Number |
+| ThreadResourceAbuse.java:74:18:74:25 | this <.field> : UncheckedSyncAction [waitTime] : Number | semmle.label | this <.field> : UncheckedSyncAction [waitTime] : Number |
 | ThreadResourceAbuse.java:74:18:74:25 | waitTime | semmle.label | waitTime |
 subpaths
-| ThreadResourceAbuse.java:40:28:40:36 | delayTime : Number | ThreadResourceAbuse.java:66:30:66:41 | waitTime : Number | ThreadResourceAbuse.java:67:4:67:7 | this [post update] [waitTime] : Number | ThreadResourceAbuse.java:40:4:40:37 | new UncheckedSyncAction(...) [waitTime] : Number |
+| ThreadResourceAbuse.java:40:28:40:36 | delayTime : Number | ThreadResourceAbuse.java:66:30:66:41 | waitTime : Number | ThreadResourceAbuse.java:67:4:67:7 | this [post update] : UncheckedSyncAction [waitTime] : Number | ThreadResourceAbuse.java:40:4:40:37 | new UncheckedSyncAction(...) : UncheckedSyncAction [waitTime] : Number |
 #select
 | ThreadResourceAbuse.java:74:18:74:25 | waitTime | ThreadResourceAbuse.java:37:25:37:73 | getInitParameter(...) : String | ThreadResourceAbuse.java:74:18:74:25 | waitTime | Possible uncontrolled resource consumption due to $@. | ThreadResourceAbuse.java:37:25:37:73 | getInitParameter(...) | local user-provided value |

java/ql/test/experimental/query-tests/security/CWE-400/ThreadResourceAbuse.expected

@@ -1,65 +1,65 @@
 edges
 | ThreadResourceAbuse.java:18:25:18:57 | getParameter(...) : String | ThreadResourceAbuse.java:21:28:21:36 | delayTime : Number |
-| ThreadResourceAbuse.java:21:4:21:37 | new UncheckedSyncAction(...) [waitTime] : Number | ThreadResourceAbuse.java:71:15:71:17 | parameter this [waitTime] : Number |
-| ThreadResourceAbuse.java:21:28:21:36 | delayTime : Number | ThreadResourceAbuse.java:21:4:21:37 | new UncheckedSyncAction(...) [waitTime] : Number |
+| ThreadResourceAbuse.java:21:4:21:37 | new UncheckedSyncAction(...) : UncheckedSyncAction [waitTime] : Number | ThreadResourceAbuse.java:71:15:71:17 | parameter this : UncheckedSyncAction [waitTime] : Number |
+| ThreadResourceAbuse.java:21:28:21:36 | delayTime : Number | ThreadResourceAbuse.java:21:4:21:37 | new UncheckedSyncAction(...) : UncheckedSyncAction [waitTime] : Number |
 | ThreadResourceAbuse.java:21:28:21:36 | delayTime : Number | ThreadResourceAbuse.java:66:30:66:41 | waitTime : Number |
 | ThreadResourceAbuse.java:29:82:29:114 | getParameter(...) : String | ThreadResourceAbuse.java:30:28:30:36 | delayTime : Number |
-| ThreadResourceAbuse.java:30:4:30:37 | new UncheckedSyncAction(...) [waitTime] : Number | ThreadResourceAbuse.java:71:15:71:17 | parameter this [waitTime] : Number |
-| ThreadResourceAbuse.java:30:28:30:36 | delayTime : Number | ThreadResourceAbuse.java:30:4:30:37 | new UncheckedSyncAction(...) [waitTime] : Number |
+| ThreadResourceAbuse.java:30:4:30:37 | new UncheckedSyncAction(...) : UncheckedSyncAction [waitTime] : Number | ThreadResourceAbuse.java:71:15:71:17 | parameter this : UncheckedSyncAction [waitTime] : Number |
+| ThreadResourceAbuse.java:30:28:30:36 | delayTime : Number | ThreadResourceAbuse.java:30:4:30:37 | new UncheckedSyncAction(...) : UncheckedSyncAction [waitTime] : Number |
 | ThreadResourceAbuse.java:30:28:30:36 | delayTime : Number | ThreadResourceAbuse.java:66:30:66:41 | waitTime : Number |
 | ThreadResourceAbuse.java:66:30:66:41 | waitTime : Number | ThreadResourceAbuse.java:67:20:67:27 | waitTime : Number |
-| ThreadResourceAbuse.java:67:20:67:27 | waitTime : Number | ThreadResourceAbuse.java:67:4:67:7 | this [post update] [waitTime] : Number |
-| ThreadResourceAbuse.java:71:15:71:17 | parameter this [waitTime] : Number | ThreadResourceAbuse.java:74:18:74:25 | this <.field> [waitTime] : Number |
-| ThreadResourceAbuse.java:74:18:74:25 | this <.field> [waitTime] : Number | ThreadResourceAbuse.java:74:18:74:25 | waitTime |
+| ThreadResourceAbuse.java:67:20:67:27 | waitTime : Number | ThreadResourceAbuse.java:67:4:67:7 | this [post update] : UncheckedSyncAction [waitTime] : Number |
+| ThreadResourceAbuse.java:71:15:71:17 | parameter this : UncheckedSyncAction [waitTime] : Number | ThreadResourceAbuse.java:74:18:74:25 | this <.field> : UncheckedSyncAction [waitTime] : Number |
+| ThreadResourceAbuse.java:74:18:74:25 | this <.field> : UncheckedSyncAction [waitTime] : Number | ThreadResourceAbuse.java:74:18:74:25 | waitTime |
 | ThreadResourceAbuse.java:141:27:141:43 | getValue(...) : String | ThreadResourceAbuse.java:144:34:144:42 | delayTime |
 | ThreadResourceAbuse.java:172:19:172:50 | getHeader(...) : String | ThreadResourceAbuse.java:176:17:176:26 | retryAfter |
 | ThreadResourceAbuse.java:206:28:206:56 | getParameter(...) : String | ThreadResourceAbuse.java:209:49:209:59 | uploadDelay : Number |
-| ThreadResourceAbuse.java:209:30:209:87 | new UploadListener(...) [slowUploads] : Number | UploadListener.java:28:14:28:19 | parameter this [slowUploads] : Number |
-| ThreadResourceAbuse.java:209:49:209:59 | uploadDelay : Number | ThreadResourceAbuse.java:209:30:209:87 | new UploadListener(...) [slowUploads] : Number |
+| ThreadResourceAbuse.java:209:30:209:87 | new UploadListener(...) : UploadListener [slowUploads] : Number | UploadListener.java:28:14:28:19 | parameter this : UploadListener [slowUploads] : Number |
+| ThreadResourceAbuse.java:209:49:209:59 | uploadDelay : Number | ThreadResourceAbuse.java:209:30:209:87 | new UploadListener(...) : UploadListener [slowUploads] : Number |
 | ThreadResourceAbuse.java:209:49:209:59 | uploadDelay : Number | UploadListener.java:15:24:15:44 | sleepMilliseconds : Number |
 | UploadListener.java:15:24:15:44 | sleepMilliseconds : Number | UploadListener.java:16:17:16:33 | sleepMilliseconds : Number |
-| UploadListener.java:16:17:16:33 | sleepMilliseconds : Number | UploadListener.java:16:3:16:13 | this <.field> [post update] [slowUploads] : Number |
-| UploadListener.java:28:14:28:19 | parameter this [slowUploads] : Number | UploadListener.java:29:3:29:11 | this <.field> [slowUploads] : Number |
-| UploadListener.java:29:3:29:11 | this <.field> [slowUploads] : Number | UploadListener.java:30:3:30:15 | this <.field> [slowUploads] : Number |
-| UploadListener.java:30:3:30:15 | this <.field> [slowUploads] : Number | UploadListener.java:33:7:33:17 | this <.field> [slowUploads] : Number |
-| UploadListener.java:30:3:30:15 | this <.field> [slowUploads] : Number | UploadListener.java:35:18:35:28 | this <.field> [slowUploads] : Number |
+| UploadListener.java:16:17:16:33 | sleepMilliseconds : Number | UploadListener.java:16:3:16:13 | this <.field> [post update] : UploadListener [slowUploads] : Number |
+| UploadListener.java:28:14:28:19 | parameter this : UploadListener [slowUploads] : Number | UploadListener.java:29:3:29:11 | this <.field> : UploadListener [slowUploads] : Number |
+| UploadListener.java:29:3:29:11 | this <.field> : UploadListener [slowUploads] : Number | UploadListener.java:30:3:30:15 | this <.field> : UploadListener [slowUploads] : Number |
+| UploadListener.java:30:3:30:15 | this <.field> : UploadListener [slowUploads] : Number | UploadListener.java:33:7:33:17 | this <.field> : UploadListener [slowUploads] : Number |
+| UploadListener.java:30:3:30:15 | this <.field> : UploadListener [slowUploads] : Number | UploadListener.java:35:18:35:28 | this <.field> : UploadListener [slowUploads] : Number |
 | UploadListener.java:33:7:33:17 | slowUploads : Number | UploadListener.java:35:18:35:28 | slowUploads |
-| UploadListener.java:33:7:33:17 | this <.field> [slowUploads] : Number | UploadListener.java:33:7:33:17 | slowUploads : Number |
-| UploadListener.java:35:18:35:28 | this <.field> [slowUploads] : Number | UploadListener.java:35:18:35:28 | slowUploads |
+| UploadListener.java:33:7:33:17 | this <.field> : UploadListener [slowUploads] : Number | UploadListener.java:33:7:33:17 | slowUploads : Number |
+| UploadListener.java:35:18:35:28 | this <.field> : UploadListener [slowUploads] : Number | UploadListener.java:35:18:35:28 | slowUploads |
 nodes
 | ThreadResourceAbuse.java:18:25:18:57 | getParameter(...) : String | semmle.label | getParameter(...) : String |
-| ThreadResourceAbuse.java:21:4:21:37 | new UncheckedSyncAction(...) [waitTime] : Number | semmle.label | new UncheckedSyncAction(...) [waitTime] : Number |
+| ThreadResourceAbuse.java:21:4:21:37 | new UncheckedSyncAction(...) : UncheckedSyncAction [waitTime] : Number | semmle.label | new UncheckedSyncAction(...) : UncheckedSyncAction [waitTime] : Number |
 | ThreadResourceAbuse.java:21:28:21:36 | delayTime : Number | semmle.label | delayTime : Number |
 | ThreadResourceAbuse.java:29:82:29:114 | getParameter(...) : String | semmle.label | getParameter(...) : String |
-| ThreadResourceAbuse.java:30:4:30:37 | new UncheckedSyncAction(...) [waitTime] : Number | semmle.label | new UncheckedSyncAction(...) [waitTime] : Number |
+| ThreadResourceAbuse.java:30:4:30:37 | new UncheckedSyncAction(...) : UncheckedSyncAction [waitTime] : Number | semmle.label | new UncheckedSyncAction(...) : UncheckedSyncAction [waitTime] : Number |
 | ThreadResourceAbuse.java:30:28:30:36 | delayTime : Number | semmle.label | delayTime : Number |
 | ThreadResourceAbuse.java:66:30:66:41 | waitTime : Number | semmle.label | waitTime : Number |
-| ThreadResourceAbuse.java:67:4:67:7 | this [post update] [waitTime] : Number | semmle.label | this [post update] [waitTime] : Number |
+| ThreadResourceAbuse.java:67:4:67:7 | this [post update] : UncheckedSyncAction [waitTime] : Number | semmle.label | this [post update] : UncheckedSyncAction [waitTime] : Number |
 | ThreadResourceAbuse.java:67:20:67:27 | waitTime : Number | semmle.label | waitTime : Number |
-| ThreadResourceAbuse.java:71:15:71:17 | parameter this [waitTime] : Number | semmle.label | parameter this [waitTime] : Number |
-| ThreadResourceAbuse.java:74:18:74:25 | this <.field> [waitTime] : Number | semmle.label | this <.field> [waitTime] : Number |
+| ThreadResourceAbuse.java:71:15:71:17 | parameter this : UncheckedSyncAction [waitTime] : Number | semmle.label | parameter this : UncheckedSyncAction [waitTime] : Number |
+| ThreadResourceAbuse.java:74:18:74:25 | this <.field> : UncheckedSyncAction [waitTime] : Number | semmle.label | this <.field> : UncheckedSyncAction [waitTime] : Number |
 | ThreadResourceAbuse.java:74:18:74:25 | waitTime | semmle.label | waitTime |
 | ThreadResourceAbuse.java:141:27:141:43 | getValue(...) : String | semmle.label | getValue(...) : String |
 | ThreadResourceAbuse.java:144:34:144:42 | delayTime | semmle.label | delayTime |
 | ThreadResourceAbuse.java:172:19:172:50 | getHeader(...) : String | semmle.label | getHeader(...) : String |
 | ThreadResourceAbuse.java:176:17:176:26 | retryAfter | semmle.label | retryAfter |
 | ThreadResourceAbuse.java:206:28:206:56 | getParameter(...) : String | semmle.label | getParameter(...) : String |
-| ThreadResourceAbuse.java:209:30:209:87 | new UploadListener(...) [slowUploads] : Number | semmle.label | new UploadListener(...) [slowUploads] : Number |
+| ThreadResourceAbuse.java:209:30:209:87 | new UploadListener(...) : UploadListener [slowUploads] : Number | semmle.label | new UploadListener(...) : UploadListener [slowUploads] : Number |
 | ThreadResourceAbuse.java:209:49:209:59 | uploadDelay : Number | semmle.label | uploadDelay : Number |
 | UploadListener.java:15:24:15:44 | sleepMilliseconds : Number | semmle.label | sleepMilliseconds : Number |
-| UploadListener.java:16:3:16:13 | this <.field> [post update] [slowUploads] : Number | semmle.label | this <.field> [post update] [slowUploads] : Number |
+| UploadListener.java:16:3:16:13 | this <.field> [post update] : UploadListener [slowUploads] : Number | semmle.label | this <.field> [post update] : UploadListener [slowUploads] : Number |
 | UploadListener.java:16:17:16:33 | sleepMilliseconds : Number | semmle.label | sleepMilliseconds : Number |
-| UploadListener.java:28:14:28:19 | parameter this [slowUploads] : Number | semmle.label | parameter this [slowUploads] : Number |
-| UploadListener.java:29:3:29:11 | this <.field> [slowUploads] : Number | semmle.label | this <.field> [slowUploads] : Number |
-| UploadListener.java:30:3:30:15 | this <.field> [slowUploads] : Number | semmle.label | this <.field> [slowUploads] : Number |
+| UploadListener.java:28:14:28:19 | parameter this : UploadListener [slowUploads] : Number | semmle.label | parameter this : UploadListener [slowUploads] : Number |
+| UploadListener.java:29:3:29:11 | this <.field> : UploadListener [slowUploads] : Number | semmle.label | this <.field> : UploadListener [slowUploads] : Number |
+| UploadListener.java:30:3:30:15 | this <.field> : UploadListener [slowUploads] : Number | semmle.label | this <.field> : UploadListener [slowUploads] : Number |
 | UploadListener.java:33:7:33:17 | slowUploads : Number | semmle.label | slowUploads : Number |
-| UploadListener.java:33:7:33:17 | this <.field> [slowUploads] : Number | semmle.label | this <.field> [slowUploads] : Number |
+| UploadListener.java:33:7:33:17 | this <.field> : UploadListener [slowUploads] : Number | semmle.label | this <.field> : UploadListener [slowUploads] : Number |
 | UploadListener.java:35:18:35:28 | slowUploads | semmle.label | slowUploads |
-| UploadListener.java:35:18:35:28 | this <.field> [slowUploads] : Number | semmle.label | this <.field> [slowUploads] : Number |
+| UploadListener.java:35:18:35:28 | this <.field> : UploadListener [slowUploads] : Number | semmle.label | this <.field> : UploadListener [slowUploads] : Number |
 subpaths
-| ThreadResourceAbuse.java:21:28:21:36 | delayTime : Number | ThreadResourceAbuse.java:66:30:66:41 | waitTime : Number | ThreadResourceAbuse.java:67:4:67:7 | this [post update] [waitTime] : Number | ThreadResourceAbuse.java:21:4:21:37 | new UncheckedSyncAction(...) [waitTime] : Number |
-| ThreadResourceAbuse.java:30:28:30:36 | delayTime : Number | ThreadResourceAbuse.java:66:30:66:41 | waitTime : Number | ThreadResourceAbuse.java:67:4:67:7 | this [post update] [waitTime] : Number | ThreadResourceAbuse.java:30:4:30:37 | new UncheckedSyncAction(...) [waitTime] : Number |
-| ThreadResourceAbuse.java:209:49:209:59 | uploadDelay : Number | UploadListener.java:15:24:15:44 | sleepMilliseconds : Number | UploadListener.java:16:3:16:13 | this <.field> [post update] [slowUploads] : Number | ThreadResourceAbuse.java:209:30:209:87 | new UploadListener(...) [slowUploads] : Number |
+| ThreadResourceAbuse.java:21:28:21:36 | delayTime : Number | ThreadResourceAbuse.java:66:30:66:41 | waitTime : Number | ThreadResourceAbuse.java:67:4:67:7 | this [post update] : UncheckedSyncAction [waitTime] : Number | ThreadResourceAbuse.java:21:4:21:37 | new UncheckedSyncAction(...) : UncheckedSyncAction [waitTime] : Number |
+| ThreadResourceAbuse.java:30:28:30:36 | delayTime : Number | ThreadResourceAbuse.java:66:30:66:41 | waitTime : Number | ThreadResourceAbuse.java:67:4:67:7 | this [post update] : UncheckedSyncAction [waitTime] : Number | ThreadResourceAbuse.java:30:4:30:37 | new UncheckedSyncAction(...) : UncheckedSyncAction [waitTime] : Number |
+| ThreadResourceAbuse.java:209:49:209:59 | uploadDelay : Number | UploadListener.java:15:24:15:44 | sleepMilliseconds : Number | UploadListener.java:16:3:16:13 | this <.field> [post update] : UploadListener [slowUploads] : Number | ThreadResourceAbuse.java:209:30:209:87 | new UploadListener(...) : UploadListener [slowUploads] : Number |
 #select
 | ThreadResourceAbuse.java:74:18:74:25 | waitTime | ThreadResourceAbuse.java:18:25:18:57 | getParameter(...) : String | ThreadResourceAbuse.java:74:18:74:25 | waitTime | Vulnerability of uncontrolled resource consumption due to $@. | ThreadResourceAbuse.java:18:25:18:57 | getParameter(...) | user-provided value |
 | ThreadResourceAbuse.java:74:18:74:25 | waitTime | ThreadResourceAbuse.java:29:82:29:114 | getParameter(...) : String | ThreadResourceAbuse.java:74:18:74:25 | waitTime | Vulnerability of uncontrolled resource consumption due to $@. | ThreadResourceAbuse.java:29:82:29:114 | getParameter(...) | user-provided value |

java/ql/test/experimental/query-tests/security/CWE-601/SpringUrlRedirect.expected

@@ -6,8 +6,8 @@ edges
 | SpringUrlRedirect.java:41:24:41:41 | redirectUrl : String | SpringUrlRedirect.java:44:29:44:39 | redirectUrl |
 | SpringUrlRedirect.java:49:24:49:41 | redirectUrl : String | SpringUrlRedirect.java:52:30:52:40 | redirectUrl |
 | SpringUrlRedirect.java:57:24:57:41 | redirectUrl : String | SpringUrlRedirect.java:58:55:58:65 | redirectUrl : String |
-| SpringUrlRedirect.java:58:30:58:66 | new ..[] { .. } [[]] : String | SpringUrlRedirect.java:58:30:58:66 | format(...) |
-| SpringUrlRedirect.java:58:55:58:65 | redirectUrl : String | SpringUrlRedirect.java:58:30:58:66 | new ..[] { .. } [[]] : String |
+| SpringUrlRedirect.java:58:30:58:66 | new ..[] { .. } : Object[] [[]] : String | SpringUrlRedirect.java:58:30:58:66 | format(...) |
+| SpringUrlRedirect.java:58:55:58:65 | redirectUrl : String | SpringUrlRedirect.java:58:30:58:66 | new ..[] { .. } : Object[] [[]] : String |
 | SpringUrlRedirect.java:62:24:62:41 | redirectUrl : String | SpringUrlRedirect.java:63:44:63:68 | ... + ... : String |
 | SpringUrlRedirect.java:63:44:63:68 | ... + ... : String | SpringUrlRedirect.java:63:30:63:76 | format(...) |
 | SpringUrlRedirect.java:89:38:89:55 | redirectUrl : String | SpringUrlRedirect.java:91:38:91:48 | redirectUrl : String |
@@ -17,19 +17,19 @@ edges
 | SpringUrlRedirect.java:98:44:98:54 | redirectUrl : String | SpringUrlRedirect.java:98:33:98:55 | create(...) : URI |
 | SpringUrlRedirect.java:104:39:104:56 | redirectUrl : String | SpringUrlRedirect.java:106:37:106:47 | redirectUrl : String |
 | SpringUrlRedirect.java:106:9:106:19 | httpHeaders [post update] : HttpHeaders | SpringUrlRedirect.java:108:68:108:78 | httpHeaders |
-| SpringUrlRedirect.java:106:9:106:19 | httpHeaders [post update] [<map.value>, <element>] : String | SpringUrlRedirect.java:108:68:108:78 | httpHeaders |
+| SpringUrlRedirect.java:106:9:106:19 | httpHeaders [post update] : HttpHeaders [<map.value>, <element>] : String | SpringUrlRedirect.java:108:68:108:78 | httpHeaders |
 | SpringUrlRedirect.java:106:37:106:47 | redirectUrl : String | SpringUrlRedirect.java:106:9:106:19 | httpHeaders [post update] : HttpHeaders |
-| SpringUrlRedirect.java:106:37:106:47 | redirectUrl : String | SpringUrlRedirect.java:106:9:106:19 | httpHeaders [post update] [<map.value>, <element>] : String |
+| SpringUrlRedirect.java:106:37:106:47 | redirectUrl : String | SpringUrlRedirect.java:106:9:106:19 | httpHeaders [post update] : HttpHeaders [<map.value>, <element>] : String |
 | SpringUrlRedirect.java:112:39:112:56 | redirectUrl : String | SpringUrlRedirect.java:114:37:114:47 | redirectUrl : String |
 | SpringUrlRedirect.java:114:9:114:19 | httpHeaders [post update] : HttpHeaders | SpringUrlRedirect.java:116:37:116:47 | httpHeaders |
-| SpringUrlRedirect.java:114:9:114:19 | httpHeaders [post update] [<map.value>, <element>] : String | SpringUrlRedirect.java:116:37:116:47 | httpHeaders |
+| SpringUrlRedirect.java:114:9:114:19 | httpHeaders [post update] : HttpHeaders [<map.value>, <element>] : String | SpringUrlRedirect.java:116:37:116:47 | httpHeaders |
 | SpringUrlRedirect.java:114:37:114:47 | redirectUrl : String | SpringUrlRedirect.java:114:9:114:19 | httpHeaders [post update] : HttpHeaders |
-| SpringUrlRedirect.java:114:37:114:47 | redirectUrl : String | SpringUrlRedirect.java:114:9:114:19 | httpHeaders [post update] [<map.value>, <element>] : String |
+| SpringUrlRedirect.java:114:37:114:47 | redirectUrl : String | SpringUrlRedirect.java:114:9:114:19 | httpHeaders [post update] : HttpHeaders [<map.value>, <element>] : String |
 | SpringUrlRedirect.java:120:33:120:50 | redirectUrl : String | SpringUrlRedirect.java:122:37:122:47 | redirectUrl : String |
 | SpringUrlRedirect.java:122:9:122:19 | httpHeaders [post update] : HttpHeaders | SpringUrlRedirect.java:124:49:124:59 | httpHeaders |
-| SpringUrlRedirect.java:122:9:122:19 | httpHeaders [post update] [<map.value>, <element>] : String | SpringUrlRedirect.java:124:49:124:59 | httpHeaders |
+| SpringUrlRedirect.java:122:9:122:19 | httpHeaders [post update] : HttpHeaders [<map.value>, <element>] : String | SpringUrlRedirect.java:124:49:124:59 | httpHeaders |
 | SpringUrlRedirect.java:122:37:122:47 | redirectUrl : String | SpringUrlRedirect.java:122:9:122:19 | httpHeaders [post update] : HttpHeaders |
-| SpringUrlRedirect.java:122:37:122:47 | redirectUrl : String | SpringUrlRedirect.java:122:9:122:19 | httpHeaders [post update] [<map.value>, <element>] : String |
+| SpringUrlRedirect.java:122:37:122:47 | redirectUrl : String | SpringUrlRedirect.java:122:9:122:19 | httpHeaders [post update] : HttpHeaders [<map.value>, <element>] : String |
 | SpringUrlRedirect.java:128:33:128:50 | redirectUrl : String | SpringUrlRedirect.java:130:44:130:54 | redirectUrl : String |
 | SpringUrlRedirect.java:130:33:130:55 | create(...) : URI | SpringUrlRedirect.java:132:49:132:59 | httpHeaders |
 | SpringUrlRedirect.java:130:44:130:54 | redirectUrl : String | SpringUrlRedirect.java:130:33:130:55 | create(...) : URI |
@@ -48,7 +48,7 @@ nodes
 | SpringUrlRedirect.java:52:30:52:40 | redirectUrl | semmle.label | redirectUrl |
 | SpringUrlRedirect.java:57:24:57:41 | redirectUrl : String | semmle.label | redirectUrl : String |
 | SpringUrlRedirect.java:58:30:58:66 | format(...) | semmle.label | format(...) |
-| SpringUrlRedirect.java:58:30:58:66 | new ..[] { .. } [[]] : String | semmle.label | new ..[] { .. } [[]] : String |
+| SpringUrlRedirect.java:58:30:58:66 | new ..[] { .. } : Object[] [[]] : String | semmle.label | new ..[] { .. } : Object[] [[]] : String |
 | SpringUrlRedirect.java:58:55:58:65 | redirectUrl : String | semmle.label | redirectUrl : String |
 | SpringUrlRedirect.java:62:24:62:41 | redirectUrl : String | semmle.label | redirectUrl : String |
 | SpringUrlRedirect.java:63:30:63:76 | format(...) | semmle.label | format(...) |
@@ -62,17 +62,17 @@ nodes
 | SpringUrlRedirect.java:100:37:100:47 | httpHeaders | semmle.label | httpHeaders |
 | SpringUrlRedirect.java:104:39:104:56 | redirectUrl : String | semmle.label | redirectUrl : String |
 | SpringUrlRedirect.java:106:9:106:19 | httpHeaders [post update] : HttpHeaders | semmle.label | httpHeaders [post update] : HttpHeaders |
-| SpringUrlRedirect.java:106:9:106:19 | httpHeaders [post update] [<map.value>, <element>] : String | semmle.label | httpHeaders [post update] [<map.value>, <element>] : String |
+| SpringUrlRedirect.java:106:9:106:19 | httpHeaders [post update] : HttpHeaders [<map.value>, <element>] : String | semmle.label | httpHeaders [post update] : HttpHeaders [<map.value>, <element>] : String |
 | SpringUrlRedirect.java:106:37:106:47 | redirectUrl : String | semmle.label | redirectUrl : String |
 | SpringUrlRedirect.java:108:68:108:78 | httpHeaders | semmle.label | httpHeaders |
 | SpringUrlRedirect.java:112:39:112:56 | redirectUrl : String | semmle.label | redirectUrl : String |
 | SpringUrlRedirect.java:114:9:114:19 | httpHeaders [post update] : HttpHeaders | semmle.label | httpHeaders [post update] : HttpHeaders |
-| SpringUrlRedirect.java:114:9:114:19 | httpHeaders [post update] [<map.value>, <element>] : String | semmle.label | httpHeaders [post update] [<map.value>, <element>] : String |
+| SpringUrlRedirect.java:114:9:114:19 | httpHeaders [post update] : HttpHeaders [<map.value>, <element>] : String | semmle.label | httpHeaders [post update] : HttpHeaders [<map.value>, <element>] : String |
 | SpringUrlRedirect.java:114:37:114:47 | redirectUrl : String | semmle.label | redirectUrl : String |
 | SpringUrlRedirect.java:116:37:116:47 | httpHeaders | semmle.label | httpHeaders |
 | SpringUrlRedirect.java:120:33:120:50 | redirectUrl : String | semmle.label | redirectUrl : String |
 | SpringUrlRedirect.java:122:9:122:19 | httpHeaders [post update] : HttpHeaders | semmle.label | httpHeaders [post update] : HttpHeaders |
-| SpringUrlRedirect.java:122:9:122:19 | httpHeaders [post update] [<map.value>, <element>] : String | semmle.label | httpHeaders [post update] [<map.value>, <element>] : String |
+| SpringUrlRedirect.java:122:9:122:19 | httpHeaders [post update] : HttpHeaders [<map.value>, <element>] : String | semmle.label | httpHeaders [post update] : HttpHeaders [<map.value>, <element>] : String |
 | SpringUrlRedirect.java:122:37:122:47 | redirectUrl : String | semmle.label | redirectUrl : String |
 | SpringUrlRedirect.java:124:49:124:59 | httpHeaders | semmle.label | httpHeaders |
 | SpringUrlRedirect.java:128:33:128:50 | redirectUrl : String | semmle.label | redirectUrl : String |

java/ql/test/ext/TestModels/Test.java

@@ -93,7 +93,7 @@ public class Test {
             sink(sj1.add((CharSequence)source())); // $hasTaintFlow
 
             StringJoiner sj2 = (StringJoiner)source();
-            sink(sj2.add("test")); // $hasTaintFlow
+            sink(sj2.add("test")); // $hasValueFlow
         }
 
         // top 300-500 JDK APIs tests

java/ql/test/library-tests/annotations/Annotatable.ql

@@ -2,7 +2,7 @@ import java
 
 class RelevantAnnotatable extends Annotatable {
   RelevantAnnotatable() {
-    getCompilationUnit().hasName("Annotatable") and getCompilationUnit().fromSource()
+    this.getCompilationUnit().hasName("Annotatable") and this.getCompilationUnit().fromSource()
   }
 }
 

java/ql/test/library-tests/annotations/Annotation-values.ql

@@ -2,7 +2,7 @@ import java
 
 class RelevantAnnotation extends Annotation {
   RelevantAnnotation() {
-    getCompilationUnit().hasName("AnnotationValues") and getCompilationUnit().fromSource()
+    this.getCompilationUnit().hasName("AnnotationValues") and this.getCompilationUnit().fromSource()
   }
 }
 

java/ql/test/library-tests/annotations/AnnotationType.ql

@@ -1,7 +1,7 @@
 import java
 
 class RelevantAnnotationType extends AnnotationType {
-  RelevantAnnotationType() { getCompilationUnit().hasName("AnnotationType") }
+  RelevantAnnotationType() { this.getCompilationUnit().hasName("AnnotationType") }
 }
 
 query predicate annotationType(

java/ql/test/library-tests/dataflow/partial/test.expected

@@ -1,11 +1,11 @@
 edges
 | A.java:4:16:4:18 | this <constr(this)> [post update] [elem] | A.java:22:17:22:25 | new Box(...) [elem] |
-| A.java:12:5:12:5 | b [post update] [elem] | A.java:13:12:13:12 | b [elem] |
-| A.java:12:14:12:18 | src(...) : Object | A.java:12:5:12:5 | b [post update] [elem] |
+| A.java:12:5:12:5 | b [post update] : Box [elem] | A.java:13:12:13:12 | b : Box [elem] |
+| A.java:12:14:12:18 | src(...) : Object | A.java:12:5:12:5 | b [post update] : Box [elem] |
 | A.java:12:14:12:18 | src(...) : Object | A.java:12:5:12:18 | ...=... : Object |
-| A.java:13:12:13:12 | b [elem] | A.java:17:13:17:16 | f1(...) [elem] |
-| A.java:17:13:17:16 | f1(...) [elem] | A.java:18:8:18:8 | b [elem] |
-| A.java:18:8:18:8 | b [elem] | A.java:21:11:21:15 | b [elem] |
+| A.java:13:12:13:12 | b : Box [elem] | A.java:17:13:17:16 | f1(...) : Box [elem] |
+| A.java:17:13:17:16 | f1(...) : Box [elem] | A.java:18:8:18:8 | b : Box [elem] |
+| A.java:18:8:18:8 | b : Box [elem] | A.java:21:11:21:15 | b : Box [elem] |
 | A.java:22:17:22:25 | new Box(...) [elem] | A.java:23:13:23:17 | other [elem] |
 | A.java:23:13:23:17 | other [elem] | A.java:24:10:24:14 | other [elem] |
 | A.java:23:13:23:17 | other [post update] [elem] | A.java:24:10:24:14 | other [elem] |
@@ -13,9 +13,9 @@ edges
 | A.java:28:5:28:5 | b [post update] [elem] | A.java:23:13:23:17 | other [post update] [elem] |
 | A.java:28:14:28:25 | new Object(...) | A.java:28:5:28:5 | b [post update] [elem] |
 #select
-| 0 | A.java:12:5:12:5 | b [post update] [elem] |
+| 0 | A.java:12:5:12:5 | b [post update] : Box [elem] |
 | 0 | A.java:12:5:12:18 | ...=... : Object |
-| 0 | A.java:13:12:13:12 | b [elem] |
-| 1 | A.java:17:13:17:16 | f1(...) [elem] |
-| 1 | A.java:18:8:18:8 | b [elem] |
-| 2 | A.java:21:11:21:15 | b [elem] |
+| 0 | A.java:13:12:13:12 | b : Box [elem] |
+| 1 | A.java:17:13:17:16 | f1(...) : Box [elem] |
+| 1 | A.java:18:8:18:8 | b : Box [elem] |
+| 2 | A.java:21:11:21:15 | b : Box [elem] |

java/ql/test/library-tests/dataflow/partial/testRev.expected

@@ -1,11 +1,11 @@
 edges
 | A.java:4:16:4:18 | this <constr(this)> [post update] [elem] | A.java:22:17:22:25 | new Box(...) [elem] |
-| A.java:12:5:12:5 | b [post update] [elem] | A.java:13:12:13:12 | b [elem] |
-| A.java:12:14:12:18 | src(...) : Object | A.java:12:5:12:5 | b [post update] [elem] |
+| A.java:12:5:12:5 | b [post update] : Box [elem] | A.java:13:12:13:12 | b : Box [elem] |
+| A.java:12:14:12:18 | src(...) : Object | A.java:12:5:12:5 | b [post update] : Box [elem] |
 | A.java:12:14:12:18 | src(...) : Object | A.java:12:5:12:18 | ...=... : Object |
-| A.java:13:12:13:12 | b [elem] | A.java:17:13:17:16 | f1(...) [elem] |
-| A.java:17:13:17:16 | f1(...) [elem] | A.java:18:8:18:8 | b [elem] |
-| A.java:18:8:18:8 | b [elem] | A.java:21:11:21:15 | b [elem] |
+| A.java:13:12:13:12 | b : Box [elem] | A.java:17:13:17:16 | f1(...) : Box [elem] |
+| A.java:17:13:17:16 | f1(...) : Box [elem] | A.java:18:8:18:8 | b : Box [elem] |
+| A.java:18:8:18:8 | b : Box [elem] | A.java:21:11:21:15 | b : Box [elem] |
 | A.java:22:17:22:25 | new Box(...) [elem] | A.java:23:13:23:17 | other [elem] |
 | A.java:23:13:23:17 | other [elem] | A.java:24:10:24:14 | other [elem] |
 | A.java:23:13:23:17 | other [post update] [elem] | A.java:24:10:24:14 | other [elem] |

java/ql/test/library-tests/dataflow/taint/StringJoinerTests.java

@@ -0,0 +1,92 @@
+import java.util.StringJoiner;
+
+public class StringJoinerTests {
+
+	Object taint() {
+		return null;
+	}
+
+	void sink(Object o) {}
+
+	public void test() throws Exception {
+		{
+			// "java.util;StringJoiner;false;StringJoiner;(CharSequence);;Argument[0];Argument[-1];taint;manual"
+			StringJoiner out = null;
+			CharSequence in = (CharSequence) taint();
+			out = new StringJoiner(in);
+			sink(out);
+		}
+		{
+			// "java.util;StringJoiner;false;StringJoiner;(CharSequence,CharSequence,CharSequence);;Argument[0];Argument[-1];taint;manual"
+			StringJoiner out = null;
+			CharSequence in = (CharSequence) taint();
+			out = new StringJoiner(in, null, null);
+			sink(out);
+		}
+		{
+			// "java.util;StringJoiner;false;StringJoiner;(CharSequence,CharSequence,CharSequence);;Argument[1];Argument[-1];taint;manual"
+			StringJoiner out = null;
+			CharSequence in = (CharSequence) taint();
+			out = new StringJoiner(null, in, null);
+			sink(out);
+		}
+		{
+			// "java.util;StringJoiner;false;StringJoiner;(CharSequence,CharSequence,CharSequence);;Argument[2];Argument[-1];taint;manual"
+			StringJoiner out = null;
+			CharSequence in = (CharSequence) taint();
+			out = new StringJoiner(null, null, in);
+			sink(out);
+		}
+		{
+			// "java.util;StringJoiner;false;add;;;Argument[-1];ReturnValue;value;manual"
+			StringJoiner out = null;
+			StringJoiner in = (StringJoiner) taint();
+			out = in.add(null);
+			sink(out);
+		}
+		{
+			// "java.util;StringJoiner;false;add;;;Argument[0];Argument[-1];taint;manual"
+			StringJoiner out = null;
+			CharSequence in = (CharSequence) taint();
+			out.add(in);
+			sink(out);
+		}
+		{
+			// "java.util;StringJoiner;false;merge;;;Argument[-1];ReturnValue;value;manual"
+			StringJoiner out = null;
+			StringJoiner in = (StringJoiner) taint();
+			out = in.merge(null);
+			sink(out);
+		}
+		{
+			// "java.util;StringJoiner;false;merge;;;Argument[0];Argument[-1];taint;manual"
+			StringJoiner out = null;
+			StringJoiner in = (StringJoiner) taint();
+			out.merge(in);
+			sink(out);
+		}
+		{
+			// "java.util;StringJoiner;false;setEmptyValue;;;Argument[-1];ReturnValue;taint;manual"
+			StringJoiner out = null;
+			StringJoiner in = (StringJoiner) taint();
+			out = in.setEmptyValue(null);
+			sink(out);
+		}
+		{
+			// "java.util;StringJoiner;false;setEmptyValue;;;Argument[0];Argument[-1];taint;manual"
+			StringJoiner out = null;
+			CharSequence in = (CharSequence) taint();
+			out.setEmptyValue(in);
+			sink(out);
+		}
+		{
+			// "java.util;StringJoiner;false;toString;;;Argument[-1];ReturnValue;taint;manual"
+			String out = null;
+			StringJoiner in = (StringJoiner) taint();
+			out = in.toString();
+			sink(out);
+		}
+
+	}
+
+}

java/ql/test/library-tests/dataflow/taint/test.expected

@@ -71,6 +71,17 @@
 | StringBuilderTests.java:70:15:70:21 | taint(...) | StringBuilderTests.java:73:10:73:26 | new String(...) |
 | StringBuilderTests.java:79:15:79:21 | taint(...) | StringBuilderTests.java:80:10:80:40 | toString(...) |
 | StringBuilderTests.java:86:15:86:21 | taint(...) | StringBuilderTests.java:87:10:87:27 | substring(...) |
+| StringJoinerTests.java:15:37:15:43 | taint(...) | StringJoinerTests.java:17:9:17:11 | out |
+| StringJoinerTests.java:22:37:22:43 | taint(...) | StringJoinerTests.java:24:9:24:11 | out |
+| StringJoinerTests.java:29:37:29:43 | taint(...) | StringJoinerTests.java:31:9:31:11 | out |
+| StringJoinerTests.java:36:37:36:43 | taint(...) | StringJoinerTests.java:38:9:38:11 | out |
+| StringJoinerTests.java:43:37:43:43 | taint(...) | StringJoinerTests.java:45:9:45:11 | out |
+| StringJoinerTests.java:50:37:50:43 | taint(...) | StringJoinerTests.java:52:9:52:11 | out |
+| StringJoinerTests.java:57:37:57:43 | taint(...) | StringJoinerTests.java:59:9:59:11 | out |
+| StringJoinerTests.java:64:37:64:43 | taint(...) | StringJoinerTests.java:66:9:66:11 | out |
+| StringJoinerTests.java:71:37:71:43 | taint(...) | StringJoinerTests.java:73:9:73:11 | out |
+| StringJoinerTests.java:78:37:78:43 | taint(...) | StringJoinerTests.java:80:9:80:11 | out |
+| StringJoinerTests.java:85:37:85:43 | taint(...) | StringJoinerTests.java:87:9:87:11 | out |
 | Varargs.java:7:8:7:14 | taint(...) | Varargs.java:14:10:14:10 | s |
 | Varargs.java:8:8:8:14 | taint(...) | Varargs.java:19:10:19:10 | s |
 | Varargs.java:8:17:8:23 | taint(...) | Varargs.java:19:10:19:10 | s |

java/ql/test/library-tests/dataflow/taintsources/JwsSigningKeyResolverAdapter.java

@@ -0,0 +1,34 @@
+import java.security.Key;
+
+import io.jsonwebtoken.Claims;
+import io.jsonwebtoken.JwsHeader;
+import io.jsonwebtoken.SigningKeyResolverAdapter;
+
+public class JwsSigningKeyResolverAdapter extends SigningKeyResolverAdapter {
+    private void sink(Object o) {
+    }
+
+    @Override
+    public Key resolveSigningKey(JwsHeader header, Claims claims) {
+        final String keyId = header.getKeyId();
+        String example = "example:" + keyId;
+        sink(example); // $ hasRemoteTaintFlow
+        return null;
+    }
+
+    @Override
+    public byte[] resolveSigningKeyBytes(JwsHeader header, Claims claims) {
+        final String keyId = header.getKeyId();
+        String example = "example:" + keyId;
+
+        sink(example); // $ hasRemoteTaintFlow
+
+        final String algorithm = header.getAlgorithm();
+        sink("algo:" + algorithm); // $ hasRemoteTaintFlow
+
+        final String random = (String)header.get("random");
+        sink("random:" + random) ; // $ hasRemoteTaintFlow
+
+        return new byte[0];
+    }
+}

java/ql/test/library-tests/dataflow/taintsources/options

@@ -1 +1 @@
-//semmle-extractor-options: --javac-args -cp ${testdir}/../../../stubs/servlet-api-2.4:${testdir}/../../../stubs/springframework-5.3.8:${testdir}/../../../stubs/google-android-9.0.0:${testdir}/../../../stubs/playframework-2.6.x:${testdir}/../../../stubs/jackson-databind-2.12:${testdir}/../../../stubs/jackson-core-2.12:${testdir}/../../../stubs/akka-2.6.x
+//semmle-extractor-options: --javac-args -cp ${testdir}/../../../stubs/servlet-api-2.4:${testdir}/../../../stubs/springframework-5.3.8:${testdir}/../../../stubs/google-android-9.0.0:${testdir}/../../../stubs/playframework-2.6.x:${testdir}/../../../stubs/jackson-databind-2.12:${testdir}/../../../stubs/jackson-core-2.12:${testdir}/../../../stubs/akka-2.6.x:${testdir}/../../../stubs/jwtk-jjwt-0.11.2

java/ql/test/qlpack.yml

@@ -5,3 +5,4 @@ dependencies:
     codeql/java-queries: ${workspace}
 extractor: java
 tests: .
+warnOnImplicitThis: true

java/ql/test/query-tests/security/CWE-078/ExecTaintedLocal.expected

@@ -3,12 +3,12 @@ edges
 | Test.java:6:35:6:44 | arg : String | Test.java:10:61:10:73 | ... + ... : String |
 | Test.java:6:35:6:44 | arg : String | Test.java:16:13:16:25 | ... + ... : String |
 | Test.java:6:35:6:44 | arg : String | Test.java:22:15:22:27 | ... + ... : String |
-| Test.java:10:29:10:74 | {...} [[]] : String | Test.java:10:29:10:74 | new String[] |
-| Test.java:10:61:10:73 | ... + ... : String | Test.java:10:29:10:74 | {...} [[]] : String |
-| Test.java:16:5:16:7 | cmd [post update] [<element>] : String | Test.java:18:29:18:31 | cmd |
-| Test.java:16:13:16:25 | ... + ... : String | Test.java:16:5:16:7 | cmd [post update] [<element>] : String |
-| Test.java:22:5:22:8 | cmd1 [post update] [[]] : String | Test.java:24:29:24:32 | cmd1 |
-| Test.java:22:15:22:27 | ... + ... : String | Test.java:22:5:22:8 | cmd1 [post update] [[]] : String |
+| Test.java:10:29:10:74 | {...} : String[] [[]] : String | Test.java:10:29:10:74 | new String[] |
+| Test.java:10:61:10:73 | ... + ... : String | Test.java:10:29:10:74 | {...} : String[] [[]] : String |
+| Test.java:16:5:16:7 | cmd [post update] : List [<element>] : String | Test.java:18:29:18:31 | cmd |
+| Test.java:16:13:16:25 | ... + ... : String | Test.java:16:5:16:7 | cmd [post update] : List [<element>] : String |
+| Test.java:22:5:22:8 | cmd1 [post update] : String[] [[]] : String | Test.java:24:29:24:32 | cmd1 |
+| Test.java:22:15:22:27 | ... + ... : String | Test.java:22:5:22:8 | cmd1 [post update] : String[] [[]] : String |
 | Test.java:28:38:28:47 | arg : String | Test.java:29:44:29:64 | ... + ... |
 | Test.java:57:27:57:39 | args : String[] | Test.java:60:20:60:22 | arg : String |
 | Test.java:57:27:57:39 | args : String[] | Test.java:61:23:61:25 | arg : String |
@@ -18,12 +18,12 @@ nodes
 | Test.java:6:35:6:44 | arg : String | semmle.label | arg : String |
 | Test.java:7:44:7:69 | ... + ... | semmle.label | ... + ... |
 | Test.java:10:29:10:74 | new String[] | semmle.label | new String[] |
-| Test.java:10:29:10:74 | {...} [[]] : String | semmle.label | {...} [[]] : String |
+| Test.java:10:29:10:74 | {...} : String[] [[]] : String | semmle.label | {...} : String[] [[]] : String |
 | Test.java:10:61:10:73 | ... + ... : String | semmle.label | ... + ... : String |
-| Test.java:16:5:16:7 | cmd [post update] [<element>] : String | semmle.label | cmd [post update] [<element>] : String |
+| Test.java:16:5:16:7 | cmd [post update] : List [<element>] : String | semmle.label | cmd [post update] : List [<element>] : String |
 | Test.java:16:13:16:25 | ... + ... : String | semmle.label | ... + ... : String |
 | Test.java:18:29:18:31 | cmd | semmle.label | cmd |
-| Test.java:22:5:22:8 | cmd1 [post update] [[]] : String | semmle.label | cmd1 [post update] [[]] : String |
+| Test.java:22:5:22:8 | cmd1 [post update] : String[] [[]] : String | semmle.label | cmd1 [post update] : String[] [[]] : String |
 | Test.java:22:15:22:27 | ... + ... : String | semmle.label | ... + ... : String |
 | Test.java:24:29:24:32 | cmd1 | semmle.label | cmd1 |
 | Test.java:28:38:28:47 | arg : String | semmle.label | arg : String |

java/ql/test/query-tests/security/CWE-190/semmle/tests/ArithmeticTaintedLocal.expected

@@ -22,11 +22,11 @@ edges
 | ArithmeticTainted.java:21:29:21:47 | trim(...) : String | ArithmeticTainted.java:119:10:119:13 | data : Number |
 | ArithmeticTainted.java:21:29:21:47 | trim(...) : String | ArithmeticTainted.java:120:10:120:13 | data : Number |
 | ArithmeticTainted.java:21:29:21:47 | trim(...) : String | ArithmeticTainted.java:121:10:121:13 | data : Number |
-| ArithmeticTainted.java:64:4:64:10 | tainted [post update] [dat] : Number | ArithmeticTainted.java:66:18:66:24 | tainted [dat] : Number |
-| ArithmeticTainted.java:64:20:64:23 | data : Number | ArithmeticTainted.java:64:4:64:10 | tainted [post update] [dat] : Number |
+| ArithmeticTainted.java:64:4:64:10 | tainted [post update] : Holder [dat] : Number | ArithmeticTainted.java:66:18:66:24 | tainted : Holder [dat] : Number |
+| ArithmeticTainted.java:64:20:64:23 | data : Number | ArithmeticTainted.java:64:4:64:10 | tainted [post update] : Holder [dat] : Number |
 | ArithmeticTainted.java:64:20:64:23 | data : Number | Holder.java:12:22:12:26 | d : Number |
-| ArithmeticTainted.java:66:18:66:24 | tainted [dat] : Number | ArithmeticTainted.java:66:18:66:34 | getData(...) : Number |
-| ArithmeticTainted.java:66:18:66:24 | tainted [dat] : Number | Holder.java:16:13:16:19 | parameter this [dat] : Number |
+| ArithmeticTainted.java:66:18:66:24 | tainted : Holder [dat] : Number | ArithmeticTainted.java:66:18:66:34 | getData(...) : Number |
+| ArithmeticTainted.java:66:18:66:24 | tainted : Holder [dat] : Number | Holder.java:16:13:16:19 | parameter this : Holder [dat] : Number |
 | ArithmeticTainted.java:66:18:66:34 | getData(...) : Number | ArithmeticTainted.java:71:17:71:23 | herring |
 | ArithmeticTainted.java:118:9:118:12 | data : Number | ArithmeticTainted.java:125:26:125:33 | data : Number |
 | ArithmeticTainted.java:119:10:119:13 | data : Number | ArithmeticTainted.java:129:27:129:34 | data : Number |
@@ -37,9 +37,9 @@ edges
 | ArithmeticTainted.java:133:27:133:34 | data : Number | ArithmeticTainted.java:135:3:135:6 | data |
 | ArithmeticTainted.java:137:27:137:34 | data : Number | ArithmeticTainted.java:139:5:139:8 | data |
 | Holder.java:12:22:12:26 | d : Number | Holder.java:13:9:13:9 | d : Number |
-| Holder.java:13:9:13:9 | d : Number | Holder.java:13:3:13:5 | this <.field> [post update] [dat] : Number |
-| Holder.java:16:13:16:19 | parameter this [dat] : Number | Holder.java:17:10:17:12 | this <.field> [dat] : Number |
-| Holder.java:17:10:17:12 | this <.field> [dat] : Number | Holder.java:17:10:17:12 | dat : Number |
+| Holder.java:13:9:13:9 | d : Number | Holder.java:13:3:13:5 | this <.field> [post update] : Holder [dat] : Number |
+| Holder.java:16:13:16:19 | parameter this : Holder [dat] : Number | Holder.java:17:10:17:12 | this <.field> : Holder [dat] : Number |
+| Holder.java:17:10:17:12 | this <.field> : Holder [dat] : Number | Holder.java:17:10:17:12 | dat : Number |
 nodes
 | ArithmeticTainted.java:17:24:17:64 | new InputStreamReader(...) : InputStreamReader | semmle.label | new InputStreamReader(...) : InputStreamReader |
 | ArithmeticTainted.java:17:24:17:64 | new InputStreamReader(...) : InputStreamReader | semmle.label | new InputStreamReader(...) : InputStreamReader |
@@ -60,9 +60,9 @@ nodes
 | ArithmeticTainted.java:32:17:32:20 | data | semmle.label | data |
 | ArithmeticTainted.java:40:17:40:20 | data | semmle.label | data |
 | ArithmeticTainted.java:50:17:50:20 | data | semmle.label | data |
-| ArithmeticTainted.java:64:4:64:10 | tainted [post update] [dat] : Number | semmle.label | tainted [post update] [dat] : Number |
+| ArithmeticTainted.java:64:4:64:10 | tainted [post update] : Holder [dat] : Number | semmle.label | tainted [post update] : Holder [dat] : Number |
 | ArithmeticTainted.java:64:20:64:23 | data : Number | semmle.label | data : Number |
-| ArithmeticTainted.java:66:18:66:24 | tainted [dat] : Number | semmle.label | tainted [dat] : Number |
+| ArithmeticTainted.java:66:18:66:24 | tainted : Holder [dat] : Number | semmle.label | tainted : Holder [dat] : Number |
 | ArithmeticTainted.java:66:18:66:34 | getData(...) : Number | semmle.label | getData(...) : Number |
 | ArithmeticTainted.java:71:17:71:23 | herring | semmle.label | herring |
 | ArithmeticTainted.java:95:37:95:40 | data | semmle.label | data |
@@ -79,14 +79,14 @@ nodes
 | ArithmeticTainted.java:137:27:137:34 | data : Number | semmle.label | data : Number |
 | ArithmeticTainted.java:139:5:139:8 | data | semmle.label | data |
 | Holder.java:12:22:12:26 | d : Number | semmle.label | d : Number |
-| Holder.java:13:3:13:5 | this <.field> [post update] [dat] : Number | semmle.label | this <.field> [post update] [dat] : Number |
+| Holder.java:13:3:13:5 | this <.field> [post update] : Holder [dat] : Number | semmle.label | this <.field> [post update] : Holder [dat] : Number |
 | Holder.java:13:9:13:9 | d : Number | semmle.label | d : Number |
-| Holder.java:16:13:16:19 | parameter this [dat] : Number | semmle.label | parameter this [dat] : Number |
+| Holder.java:16:13:16:19 | parameter this : Holder [dat] : Number | semmle.label | parameter this : Holder [dat] : Number |
 | Holder.java:17:10:17:12 | dat : Number | semmle.label | dat : Number |
-| Holder.java:17:10:17:12 | this <.field> [dat] : Number | semmle.label | this <.field> [dat] : Number |
+| Holder.java:17:10:17:12 | this <.field> : Holder [dat] : Number | semmle.label | this <.field> : Holder [dat] : Number |
 subpaths
-| ArithmeticTainted.java:64:20:64:23 | data : Number | Holder.java:12:22:12:26 | d : Number | Holder.java:13:3:13:5 | this <.field> [post update] [dat] : Number | ArithmeticTainted.java:64:4:64:10 | tainted [post update] [dat] : Number |
-| ArithmeticTainted.java:66:18:66:24 | tainted [dat] : Number | Holder.java:16:13:16:19 | parameter this [dat] : Number | Holder.java:17:10:17:12 | dat : Number | ArithmeticTainted.java:66:18:66:34 | getData(...) : Number |
+| ArithmeticTainted.java:64:20:64:23 | data : Number | Holder.java:12:22:12:26 | d : Number | Holder.java:13:3:13:5 | this <.field> [post update] : Holder [dat] : Number | ArithmeticTainted.java:64:4:64:10 | tainted [post update] : Holder [dat] : Number |
+| ArithmeticTainted.java:66:18:66:24 | tainted : Holder [dat] : Number | Holder.java:16:13:16:19 | parameter this : Holder [dat] : Number | Holder.java:17:10:17:12 | dat : Number | ArithmeticTainted.java:66:18:66:34 | getData(...) : Number |
 #select
 | ArithmeticTainted.java:32:17:32:25 | ... + ... | ArithmeticTainted.java:17:46:17:54 | System.in : InputStream | ArithmeticTainted.java:32:17:32:20 | data | This arithmetic expression depends on a $@, potentially causing an overflow. | ArithmeticTainted.java:17:46:17:54 | System.in | user-provided value |
 | ArithmeticTainted.java:40:17:40:25 | ... - ... | ArithmeticTainted.java:17:46:17:54 | System.in : InputStream | ArithmeticTainted.java:40:17:40:20 | data | This arithmetic expression depends on a $@, potentially causing an underflow. | ArithmeticTainted.java:17:46:17:54 | System.in | user-provided value |

java/ql/test/query-tests/security/CWE-611/XPathExpressionTests.java

@@ -26,4 +26,19 @@ public class XPathExpressionTests {
     XPathExpression expr = path.compile("");
     expr.evaluate(new InputSource(sock.getInputStream())); // $ hasTaintFlow
   }
+
+  public void safeXPathEvaluateTest(Socket sock) throws Exception {
+    DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance();
+    factory.setFeature("http://apache.org/xml/features/disallow-doctype-decl", true);
+    DocumentBuilder builder = factory.newDocumentBuilder();
+    XPathFactory xFactory = XPathFactory.newInstance();
+    XPath path = xFactory.newXPath();
+    path.evaluate("", builder.parse(sock.getInputStream())); // safe
+  }
+
+  public void unsafeXPathEvaluateTest(Socket sock) throws Exception {
+    XPathFactory xFactory = XPathFactory.newInstance();
+    XPath path = xFactory.newXPath();
+    path.evaluate("", new InputSource(sock.getInputStream())); // $ hasTaintFlow
+  }
 }

java/ql/test/query-tests/security/CWE-643/XPathInjectionTest.ql

@@ -1,17 +1,8 @@
 import java
-import semmle.code.java.dataflow.TaintTracking
-import semmle.code.java.dataflow.FlowSources
-import semmle.code.java.security.XPath
+import semmle.code.java.dataflow.DataFlow
+import semmle.code.java.security.XPathInjectionQuery
 import TestUtilities.InlineExpectationsTest
 
-module Config implements DataFlow::ConfigSig {
-  predicate isSource(DataFlow::Node source) { source instanceof RemoteFlowSource }
-
-  predicate isSink(DataFlow::Node sink) { sink instanceof XPathInjectionSink }
-}
-
-module Flow = TaintTracking::Global<Config>;
-
 class HasXPathInjectionTest extends InlineExpectationsTest {
   HasXPathInjectionTest() { this = "HasXPathInjectionTest" }
 
@@ -19,7 +10,7 @@ class HasXPathInjectionTest extends InlineExpectationsTest {
 
   override predicate hasActualResult(Location location, string element, string tag, string value) {
     tag = "hasXPathInjection" and
-    exists(DataFlow::Node sink | Flow::flowTo(sink) |
+    exists(DataFlow::Node sink | XPathInjectionFlow::flowTo(sink) |
       sink.getLocation() = location and
       element = sink.toString() and
       value = ""

java/ql/test/stubs/jwtk-jjwt-0.11.2/io/jsonwebtoken/JwsHeader.java

@@ -22,5 +22,11 @@ package io.jsonwebtoken;
  * @since 0.1
  */
 public interface JwsHeader<T extends JwsHeader<T>> extends Header<T> {
+    String getAlgorithm();
 
+    void setAlgorithm(String algorithm);
+
+    String getKeyId();
+
+    void setKeyId(String keyId);
 }

java/ql/test/stubs/jwtk-jjwt-0.11.2/io/jsonwebtoken/SigningKeyResolver.java

@@ -48,5 +48,7 @@ import java.security.Key;
  * @since 0.4
  */
 public interface SigningKeyResolver {
+    public Key resolveSigningKey(JwsHeader header, Claims claims);
 
+    public Key resolveSigningKey(JwsHeader header, String plaintext);
 }

java/ql/test/stubs/jwtk-jjwt-0.11.2/io/jsonwebtoken/SigningKeyResolverAdapter.java

@@ -0,0 +1,81 @@
+/*
+ * Copyright (C) 2014 jsonwebtoken.io
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package io.jsonwebtoken;
+
+import java.security.Key;
+
+import io.jsonwebtoken.SigningKeyResolver;
+import io.jsonwebtoken.JwsHeader;
+
+/**
+ * An <a href="http://en.wikipedia.org/wiki/Adapter_pattern">Adapter</a> implementation of the
+ * {@link SigningKeyResolver} interface that allows subclasses to process only the type of JWS body that
+ * is known/expected for a particular case.
+ *
+ * <p>The {@link #resolveSigningKey(JwsHeader, Claims)} and {@link #resolveSigningKey(JwsHeader, String)} method
+ * implementations delegate to the
+ * {@link #resolveSigningKeyBytes(JwsHeader, Claims)} and {@link #resolveSigningKeyBytes(JwsHeader, String)} methods
+ * respectively.  The latter two methods simply throw exceptions:  they represent scenarios expected by
+ * calling code in known situations, and it is expected that you override the implementation in those known situations;
+ * non-overridden *KeyBytes methods indicates that the JWS input was unexpected.</p>
+ *
+ * <p>If either {@link #resolveSigningKey(JwsHeader, String)} or {@link #resolveSigningKey(JwsHeader, Claims)}
+ * are not overridden, one (or both) of the *KeyBytes variants must be overridden depending on your expected
+ * use case.  You do not have to override any method that does not represent an expected condition.</p>
+ *
+ * @since 0.4
+ */
+public class SigningKeyResolverAdapter implements SigningKeyResolver {
+
+    @Override
+    public Key resolveSigningKey(JwsHeader header, Claims claims) {
+        return null;
+    }
+
+    @Override
+    public Key resolveSigningKey(JwsHeader header, String plaintext) {
+        return null;
+    }
+
+    /**
+     * Convenience method invoked by {@link #resolveSigningKey(JwsHeader, Claims)} that obtains the necessary signing
+     * key bytes.  This implementation simply throws an exception: if the JWS parsed is a Claims JWS, you must
+     * override this method or the {@link #resolveSigningKey(JwsHeader, Claims)} method instead.
+     *
+     * <p><b>NOTE:</b> You cannot override this method when validating RSA signatures.  If you expect RSA signatures,
+     * you must override the {@link #resolveSigningKey(JwsHeader, Claims)} method instead.</p>
+     *
+     * @param header the parsed {@link JwsHeader}
+     * @param claims the parsed {@link Claims}
+     * @return the signing key bytes to use to verify the JWS signature.
+     */
+    public byte[] resolveSigningKeyBytes(JwsHeader header, Claims claims) {
+        return new byte[0];
+    }
+
+    /**
+     * Convenience method invoked by {@link #resolveSigningKey(JwsHeader, String)} that obtains the necessary signing
+     * key bytes.  This implementation simply throws an exception: if the JWS parsed is a plaintext JWS, you must
+     * override this method or the {@link #resolveSigningKey(JwsHeader, String)} method instead.
+     *
+     * @param header the parsed {@link JwsHeader}
+     * @param payload the parsed String plaintext payload
+     * @return the signing key bytes to use to verify the JWS signature.
+     */
+    public byte[] resolveSigningKeyBytes(JwsHeader header, String payload) {
+        return new byte[0];
+    }
+}

java/ql/test/utils/modelgenerator/dataflow/CaptureNeutralModels.expected

@@ -1,26 +1,26 @@
-| p;Factory;getIntValue;();df-generated |
-| p;FinalClass;returnsConstant;();df-generated |
-| p;FluentAPI$Inner;notThis;(String);df-generated |
-| p;ImmutablePojo;getX;();df-generated |
-| p;Joiner;length;();df-generated |
-| p;ParamFlow;ignorePrimitiveReturnValue;(String);df-generated |
-| p;ParamFlow;mapType;(Class);df-generated |
-| p;Pojo;doNotSetValue;(String);df-generated |
-| p;Pojo;getBigDecimal;();df-generated |
-| p;Pojo;getBigInt;();df-generated |
-| p;Pojo;getBoxedArray;();df-generated |
-| p;Pojo;getBoxedCollection;();df-generated |
-| p;Pojo;getBoxedValue;();df-generated |
-| p;Pojo;getFloatArray;();df-generated |
-| p;Pojo;getIntValue;();df-generated |
-| p;Pojo;getPrimitiveArray;();df-generated |
-| p;PrivateFlowViaPublicInterface$SPI;openStream;();df-generated |
-| p;PrivateFlowViaPublicInterface$SPI;openStreamNone;();df-generated |
-| p;PrivateFlowViaPublicInterface;createAnSPIWithoutTrackingFile;(File);df-generated |
-| p;Sinks;copyFileToDirectory;(Path,Path,CopyOption[]);df-generated |
-| p;Sinks;propagate;(String);df-generated |
-| p;Sinks;readUrl;(URL,Charset);df-generated |
-| p;Sources;readUrl;(URL);df-generated |
-| p;Sources;socketStream;();df-generated |
-| p;Sources;sourceToParameter;(InputStream[],List);df-generated |
-| p;Sources;wrappedSocketStream;();df-generated |
+| p;Factory;getIntValue;();summary;df-generated |
+| p;FinalClass;returnsConstant;();summary;df-generated |
+| p;FluentAPI$Inner;notThis;(String);summary;df-generated |
+| p;ImmutablePojo;getX;();summary;df-generated |
+| p;Joiner;length;();summary;df-generated |
+| p;ParamFlow;ignorePrimitiveReturnValue;(String);summary;df-generated |
+| p;ParamFlow;mapType;(Class);summary;df-generated |
+| p;Pojo;doNotSetValue;(String);summary;df-generated |
+| p;Pojo;getBigDecimal;();summary;df-generated |
+| p;Pojo;getBigInt;();summary;df-generated |
+| p;Pojo;getBoxedArray;();summary;df-generated |
+| p;Pojo;getBoxedCollection;();summary;df-generated |
+| p;Pojo;getBoxedValue;();summary;df-generated |
+| p;Pojo;getFloatArray;();summary;df-generated |
+| p;Pojo;getIntValue;();summary;df-generated |
+| p;Pojo;getPrimitiveArray;();summary;df-generated |
+| p;PrivateFlowViaPublicInterface$SPI;openStream;();summary;df-generated |
+| p;PrivateFlowViaPublicInterface$SPI;openStreamNone;();summary;df-generated |
+| p;PrivateFlowViaPublicInterface;createAnSPIWithoutTrackingFile;(File);summary;df-generated |
+| p;Sinks;copyFileToDirectory;(Path,Path,CopyOption[]);summary;df-generated |
+| p;Sinks;propagate;(String);summary;df-generated |
+| p;Sinks;readUrl;(URL,Charset);summary;df-generated |
+| p;Sources;readUrl;(URL);summary;df-generated |
+| p;Sources;socketStream;();summary;df-generated |
+| p;Sources;sourceToParameter;(InputStream[],List);summary;df-generated |
+| p;Sources;wrappedSocketStream;();summary;df-generated |