Add tests for and slightly expand models of Commons Lang's ArrayUtils class

2026-03-01 05:13:41 +01:00 · 2021-03-10 11:51:59 +00:00
parent bc9682c22d
commit 7fb5bd0cab
3 changed files with 1470 additions and 4 deletions
--- a/java/ql/src/semmle/code/java/frameworks/apache/Lang.qll
+++ b/java/ql/src/semmle/code/java/frameworks/apache/Lang.qll
@@ -49,19 +49,27 @@ private class ApacheLangArrayUtilsTaintPreservingMethod extends TaintPreservingC
    src = [0 .. getNumberOfParameters() - 1]
    or
    this.hasName([
-        "clone", "nullToEmpty", "remove", "removeAll", "removeElement", "removeElements", "reverse",
-        "shift", "shuffle", "subarray", "swap", "toArray", "toMap", "toObject", "toPrimitive",
-        "toString", "toStringArray"
+        "clone", "nullToEmpty", "remove", "removeAll", "removeElement", "removeElements",
+        "subarray", "toArray", "toMap", "toObject", "removeAllOccurences", "removeAllOccurrences"
      ]) and
    src = 0
    or
+    this.hasName("toPrimitive") and
+    src = [0, 1]
+    or
    this.hasName("add") and
    this.getNumberOfParameters() = 2 and
    src = [0, 1]
    or
-    this.hasName("add") and
+    this.hasName(["add"]) and
    this.getNumberOfParameters() = 3 and
    src = [0, 2]
+    or
+    this.hasName("insert") and
+    src = [1, 2]
+    or
+    this.hasName("get") and
+    src = [0, 2]
  }
 }