Update Java MaD sink decls after triage

Triage request: 2276
2026-04-30 11:15:13 +02:00 · 2023-02-17 10:37:15 +01:00
parent 9aea725f3d
commit 8d7031c166
6 changed files with 31 additions and 0 deletions
--- a/java/ql/lib/ext/java.lang.model.yml
+++ b/java/ql/lib/ext/java.lang.model.yml
@@ -3,6 +3,8 @@ extensions:
      pack: codeql/java-all
      extensible: sinkModel
    data:
+# suggested label is not supported:      - ["java.lang", "Module", True, "getResourceAsStream", "(String)", "", "Argument[0]", "read-file", "generated"]
+# suggested label is not supported:      - ["java.lang", "ProcessBuilder", True, "ProcessBuilder", "(String[])", "", "Argument[0]", "command-injection", "generated"]
      - ["java.lang", "String", False, "matches", "(String)", "", "Argument[0]", "regex-use[f-1]", "manual"]
      - ["java.lang", "String", False, "replaceAll", "(String,String)", "", "Argument[0]", "regex-use[-1]", "manual"]
      - ["java.lang", "String", False, "replaceFirst", "(String,String)", "", "Argument[0]", "regex-use[-1]", "manual"]
--- a/java/ql/lib/ext/javax.naming.directory.model.yml
+++ b/java/ql/lib/ext/javax.naming.directory.model.yml
@@ -3,4 +3,5 @@ extensions:
      pack: codeql/java-all
      extensible: sinkModel
    data:
+# suggested label is not supported:      - ["javax.naming.directory", "DirContext", True, "getAttributes", "(String,String[])", "", "Argument[0]", "TODO", "generated"] # @atorralba would like to take a look at some point
      - ["javax.naming.directory", "DirContext", True, "search", "", "", "Argument[0..1]", "ldap", "manual"]
--- a/java/ql/lib/ext/org.apache.commons.httpclient.model.yml
+++ b/java/ql/lib/ext/org.apache.commons.httpclient.model.yml
@@ -0,0 +1,7 @@
+extensions:
+  - addsTo:
+      pack: codeql/java-all
+      extensible: sinkModel
+    data:
+      - ["org.apache.commons.httpclient", "URI", True, "URI", "(String,boolean)", "", "Argument[0]", "open-url", "generated"]
+
--- a/java/ql/lib/ext/org.apache.hadoop.hive.metastore.api.model.yml
+++ b/java/ql/lib/ext/org.apache.hadoop.hive.metastore.api.model.yml
@@ -0,0 +1,7 @@
+extensions:
+  - addsTo:
+      pack: codeql/java-all
+      extensible: sinkModel
+    data:
+      - ["org.apache.hadoop.hive.metastore.api", "DefaultConstraintsRequest", True, "DefaultConstraintsRequest", "(String,String,String)", "", "Argument[1]", "sql", "generated"]
+
--- a/java/ql/lib/ext/org.apache.hadoop.hive.metastore.model.yml
+++ b/java/ql/lib/ext/org.apache.hadoop.hive.metastore.model.yml
@@ -0,0 +1,7 @@
+extensions:
+  - addsTo:
+      pack: codeql/java-all
+      extensible: sinkModel
+    data:
+      - ["org.apache.hadoop.hive.metastore", "ObjectStore", True, "updatePartitionColumnStatistics", "(ColumnStatistics,List,String,long)", "", "Argument[0]", "sql", "generated"]
+
--- a/java/ql/lib/ext/org.apache.hive.hcatalog.templeton.model.yml
+++ b/java/ql/lib/ext/org.apache.hive.hcatalog.templeton.model.yml
@@ -0,0 +1,7 @@
+extensions:
+  - addsTo:
+      pack: codeql/java-all
+      extensible: sinkModel
+    data:
+      - ["org.apache.hive.hcatalog.templeton", "HcatDelegator", True, "addOneColumn", "(String,String,String,ColumnDesc)", "", "Argument[3]", "sql", "generated"]
+