hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-01 21:34:50 +01:00
Code Issues Packages Projects Releases Wiki Activity

Autoformat.

Browse Source
This commit is contained in:
Anders Schack-Mulligen
2020-11-30 14:42:38 +01:00
parent 931322e4c5
commit 8f2094f0bf
95 changed files with 189 additions and 341 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
java/ql/src/semmle/code/java/GeneratedFiles.qll
View File

@@ -49,11 +49,9 @@ library class MarkerCommentGeneratedFile extends GeneratedFile {
exists(JavadocElement t | t.getFile() = this |
exists(string msg | msg = t.getText() |
msg.regexpMatch("(?i).*\\bGenerated By\\b.*\\bDo not edit\\b.*") or
msg
.regexpMatch("(?i).*\\bThis (file|class|interface|art[ei]fact) (was|is|(has been)) (?:auto[ -]?)?gener(e?)ated.*") or
msg.regexpMatch("(?i).*\\bThis (file|class|interface|art[ei]fact) (was|is|(has been)) (?:auto[ -]?)?gener(e?)ated.*") or
msg.regexpMatch("(?i).*\\bAny modifications to this file will be lost\\b.*") or
msg
.regexpMatch("(?i).*\\bThis (file|class|interface|art[ei]fact) (was|is) (?:mechanically|automatically) generated\\b.*") or
msg.regexpMatch("(?i).*\\bThis (file|class|interface|art[ei]fact) (was|is) (?:mechanically|automatically) generated\\b.*") or
msg.regexpMatch("(?i).*\\bThe following code was (?:auto[ -]?)?generated (?:by|from)\\b.*") or
msg.regexpMatch("(?i).*\\bAutogenerated by Thrift.*") or
msg.regexpMatch("(?i).*\\bGenerated By.*JavaCC.*") or

3
java/ql/src/semmle/code/java/StringFormat.qll
View File

@@ -188,8 +188,7 @@ class FormattingCall extends Call {
exists(Expr arg | arg = this.getArgument(1 + this.getFormatStringIndex()) |
result = arg.(ArrayCreationExpr).getFirstDimensionSize() or
result =
arg
.(VarAccess)
arg.(VarAccess)
.getVariable()
.getAnAssignedValue()
.(ArrayCreationExpr)

12
java/ql/src/semmle/code/java/dataflow/FlowSources.qll
View File

@@ -112,8 +112,7 @@ private class SpringMultipartRequestSource extends RemoteFlowSource {
exists(MethodAccess ma, Method m |
ma = this.asExpr() and
m = ma.getMethod() and
m
.getDeclaringType()
m.getDeclaringType()
.getASourceSupertype*()
.hasQualifiedName("org.springframework.web.multipart", "MultipartRequest") and
m.getName().matches("get%")
@@ -128,8 +127,7 @@ private class SpringMultipartFileSource extends RemoteFlowSource {
exists(MethodAccess ma, Method m |
ma = this.asExpr() and
m = ma.getMethod() and
m
.getDeclaringType()
m.getDeclaringType()
.getASourceSupertype*()
.hasQualifiedName("org.springframework.web.multipart", "MultipartFile") and
m.getName().matches("get%")
@@ -189,8 +187,7 @@ private class BeanValidationSource extends RemoteFlowSource {
exists(Method m, Parameter v |
this.asParameter() = v and
m.getParameter(0) = v and
m
.getDeclaringType()
m.getDeclaringType()
.getASourceSupertype+()
.hasQualifiedName("javax.validation", "ConstraintValidator") and
m.hasName("isValid") and
@@ -237,8 +234,7 @@ class EnvInput extends LocalUserInput {
exists(Field f | this.asExpr() = f.getAnAccess() | f instanceof SystemIn)
or
// Access to files.
this
.asExpr()
this.asExpr()
.(ConstructorCall)
.getConstructedType()
.hasQualifiedName("java.io", "FileInputStream")

12
java/ql/src/semmle/code/java/dataflow/FlowSteps.qll
View File

@@ -55,13 +55,11 @@ abstract class TaintPreservingCallable extends Callable {
private class StringTaintPreservingMethod extends TaintPreservingCallable {
StringTaintPreservingMethod() {
this.getDeclaringType() instanceof TypeString and
this
.hasName([
"concat", "copyValueOf", "endsWith", "format", "formatted", "getBytes", "indent",
"intern", "join", "repeat", "split", "strip", "stripIndent", "stripLeading",
"stripTrailing", "substring", "toCharArray", "toLowerCase", "toString", "toUpperCase",
"trim"
])
this.hasName([
"concat", "copyValueOf", "endsWith", "format", "formatted", "getBytes", "indent", "intern",
"join", "repeat", "split", "strip", "stripIndent", "stripLeading", "stripTrailing",
"substring", "toCharArray", "toLowerCase", "toString", "toUpperCase", "trim"
])
}
override predicate returnsTaintFrom(int arg) {

15
java/ql/src/semmle/code/java/dataflow/internal/ContainerFlow.qll
View File

@@ -110,8 +110,7 @@ private predicate taintPreservingQualifierToMethod(Method m) {
m.hasName(["asIterator", "nextElement"])
or
// java.util.Map
m
.(MapMethod)
m.(MapMethod)
.hasName([
"computeIfAbsent", "entrySet", "get", "getOrDefault", "put", "putIfAbsent", "remove",
"replace", "values"
@@ -138,8 +137,7 @@ private predicate taintPreservingQualifierToMethod(Method m) {
m.(CollectionMethod).hasName("remove") and m.getNumberOfParameters() = 0
or
// java.util.Deque
m
.(CollectionMethod)
m.(CollectionMethod)
.hasName([
"getFirst", "getLast", "peekFirst", "peekLast", "pollFirst", "pollLast", "removeFirst",
"removeLast"
@@ -159,8 +157,7 @@ private predicate taintPreservingQualifierToMethod(Method m) {
// java.util.NavigableSet
// covered by Deque: pollFirst(), pollLast()
// covered by SortedSet: headSet(E, boolean), subSet(E, boolean, E, boolean) and tailSet(E, boolean)
m
.(CollectionMethod)
m.(CollectionMethod)
.hasName(["ceiling", "descendingIterator", "descendingSet", "floor", "higher", "lower"])
or
// java.util.SortedMap
@@ -168,16 +165,14 @@ private predicate taintPreservingQualifierToMethod(Method m) {
or
// java.util.NavigableMap
// covered by SortedMap: headMap(K, boolean), subMap(K, boolean, K, boolean), tailMap(K, boolean)
m
.(MapMethod)
m.(MapMethod)
.hasName([
"ceilingEntry", "descendingMap", "firstEntry", "floorEntry", "higherEntry", "lastEntry",
"lowerEntry", "pollFirstEntry", "pollLastEntry"
])
or
// java.util.Dictionary
m
.getDeclaringType()
m.getDeclaringType()
.getSourceDeclaration()
.getASourceSupertype*()
.hasQualifiedName("java.util", "Dictionary") and

3
java/ql/src/semmle/code/java/dataflow/internal/DataFlowUtil.qll
View File

@@ -421,8 +421,7 @@ predicate simpleLocalFlowStep(Node node1, Node node2) {
exists(MethodAccess ma, Method m |
ma = node2.asExpr() and
m = ma.getMethod() and
m
.getDeclaringType()
m.getDeclaringType()
.getSourceDeclaration()
.getASourceSupertype*()
.hasQualifiedName("java.util", "Stack") and

3
java/ql/src/semmle/code/java/dataflow/internal/TaintTrackingUtil.qll
View File

@@ -684,8 +684,7 @@ private class FormatterCallable extends TaintPreservingCallable {
(
this.hasName(["format", "out", "toString"])
or
this
.(Constructor)
this.(Constructor)
.getParameterType(0)
.(RefType)
.getASourceSupertype*()

3
java/ql/src/semmle/code/java/frameworks/ApacheHttp.qll
View File

@@ -25,8 +25,7 @@ class ApacheHttpEntityGetContent extends Method {
*/
class ApacheHttpRequest extends RefType {
ApacheHttpRequest() {
this
.getASourceSupertype*()
this.getASourceSupertype*()
.hasQualifiedName("org.apache.http.client.methods", "HttpRequestBase") or
this.getASourceSupertype*().hasQualifiedName("org.apache.http.message", "BasicHttpRequest")
}

3
java/ql/src/semmle/code/java/frameworks/XStream.qll
View File

@@ -36,8 +36,7 @@ class XStreamEnableWhiteListing extends MethodAccess {
exists(Field f |
this.getAnArgument() = f.getAnAccess() and
f.hasName("NONE") and
f
.getDeclaringType()
f.getDeclaringType()
.hasQualifiedName("com.thoughtworks.xstream.security", "NoTypePermission")
)
)

7
java/ql/src/semmle/code/java/frameworks/android/SQLite.qll
View File

@@ -263,10 +263,9 @@ private class QueryBuilderAppendMethod extends TaintPreservingCallable {
// appendWhere(CharSequence inWhere)
// appendWhereStandalone(CharSequence inWhere)
// static appendColumns(StringBuilder s, String[] columns)
this
.hasName([
"setProjectionMap", "setTables", "appendWhere", "appendWhereStandalone", "appendColumns"
])
this.hasName([
"setProjectionMap", "setTables", "appendWhere", "appendWhereStandalone", "appendColumns"
])
}
override predicate transfersTaint(int src, int sink) {

3
java/ql/src/semmle/code/java/frameworks/j2objc/J2ObjC.qll
View File

@@ -22,8 +22,7 @@ private predicate ocniComment(OCNIComment ocni, Method m) {
m.isNative() and
// ... and the comment has to be contained in `m`.
ocni.getFile() = m.getFile() and
ocni.getLocation().getStartLine() in [m.getLocation().getStartLine() .. m
.getLocation()
ocni.getLocation().getStartLine() in [m.getLocation().getStartLine() .. m.getLocation()
.getEndLine()]
}

72
java/ql/src/semmle/code/java/frameworks/javaee/ejb/EJBRestrictions.qll
View File

@@ -283,8 +283,7 @@ class SystemExitMethod extends Method {
this.hasName("exit") and
this.getNumberOfParameters() = 1 and
this.getParameter(0).getType().(PrimitiveType).hasName("int") and
this
.getDeclaringType()
this.getDeclaringType()
.getASupertype*()
.getSourceDeclaration()
.hasQualifiedName("java.lang", "System")
@@ -300,8 +299,7 @@ class RuntimeExitOrHaltMethod extends Method {
(this.hasName("exit") or this.hasName("halt")) and
this.getNumberOfParameters() = 1 and
this.getParameter(0).getType().(PrimitiveType).hasName("int") and
this
.getDeclaringType()
this.getDeclaringType()
.getASupertype*()
.getSourceDeclaration()
.hasQualifiedName("java.lang", "Runtime")
@@ -317,8 +315,7 @@ class RuntimeAddOrRemoveShutdownHookMethod extends Method {
(this.hasName("addShutdownHook") or this.hasName("removeShutdownHook")) and
this.getNumberOfParameters() = 1 and
this.getParameter(0).getType().(RefType).hasQualifiedName("java.lang", "Thread") and
this
.getDeclaringType()
this.getDeclaringType()
.getASupertype*()
.getSourceDeclaration()
.hasQualifiedName("java.lang", "Runtime")
@@ -334,8 +331,7 @@ class SystemSetPrintStreamMethod extends Method {
(this.hasName("setErr") or this.hasName("setOut")) and
this.getNumberOfParameters() = 1 and
this.getParameter(0).getType().(RefType).hasQualifiedName("java.io", "PrintStream") and
this
.getDeclaringType()
this.getDeclaringType()
.getASupertype*()
.getSourceDeclaration()
.hasQualifiedName("java.lang", "System")
@@ -351,8 +347,7 @@ class SystemSetInputStreamMethod extends Method {
this.hasName("setIn") and
this.getNumberOfParameters() = 1 and
this.getParameter(0).getType().(RefType).hasQualifiedName("java.io", "InputStream") and
this
.getDeclaringType()
this.getDeclaringType()
.getASupertype*()
.getSourceDeclaration()
.hasQualifiedName("java.lang", "System")
@@ -367,8 +362,7 @@ class SystemGetSecurityManagerMethod extends Method {
SystemGetSecurityManagerMethod() {
this.hasName("getSecurityManager") and
this.hasNoParameters() and
this
.getDeclaringType()
this.getDeclaringType()
.getASupertype*()
.getSourceDeclaration()
.hasQualifiedName("java.lang", "System")
@@ -384,8 +378,7 @@ class SystemSetSecurityManagerMethod extends Method {
this.hasName("setSecurityManager") and
this.getNumberOfParameters() = 1 and
this.getParameter(0).getType().(RefType).hasQualifiedName("java.lang", "SecurityManager") and
this
.getDeclaringType()
this.getDeclaringType()
.getASupertype*()
.getSourceDeclaration()
.hasQualifiedName("java.lang", "System")
@@ -400,8 +393,7 @@ class SystemInheritedChannelMethod extends Method {
SystemInheritedChannelMethod() {
this.hasName("inheritedChannel") and
this.hasNoParameters() and
this
.getDeclaringType()
this.getDeclaringType()
.getASupertype*()
.getSourceDeclaration()
.hasQualifiedName("java.lang", "System")
@@ -429,8 +421,7 @@ class EnableReplaceObjectMethod extends Method {
this.hasName("enableReplaceObject") and
this.getNumberOfParameters() = 1 and
this.getParameter(0).getType().(PrimitiveType).hasName("boolean") and
this
.getDeclaringType()
this.getDeclaringType()
.getASupertype*()
.getSourceDeclaration()
.hasQualifiedName("java.io", "ObjectOutputStream")
@@ -446,8 +437,7 @@ class ReplaceObjectMethod extends Method {
this.hasName("replaceObject") and
this.getNumberOfParameters() = 1 and
this.getParameter(0).getType() instanceof TypeObject and
this
.getDeclaringType()
this.getDeclaringType()
.getASupertype*()
.getSourceDeclaration()
.hasQualifiedName("java.io", "ObjectOutputStream")
@@ -463,8 +453,7 @@ class EnableResolveObjectMethod extends Method {
this.hasName("enableResolveObject") and
this.getNumberOfParameters() = 1 and
this.getParameter(0).getType().(PrimitiveType).hasName("boolean") and
this
.getDeclaringType()
this.getDeclaringType()
.getASupertype*()
.getSourceDeclaration()
.hasQualifiedName("java.io", "ObjectInputStream")
@@ -480,8 +469,7 @@ class ResolveObjectMethod extends Method {
this.hasName("resolveObject") and
this.getNumberOfParameters() = 1 and
this.getParameter(0).getType() instanceof TypeObject and
this
.getDeclaringType()
this.getDeclaringType()
.getASupertype*()
.getSourceDeclaration()
.hasQualifiedName("java.io", "ObjectInputStream")
@@ -497,8 +485,7 @@ class ResolveClassMethod extends Method {
this.hasName("resolveClass") and
this.getNumberOfParameters() = 1 and
this.getParameter(0).getType().(RefType).hasQualifiedName("java.io", "ObjectStreamClass") and
this
.getDeclaringType()
this.getDeclaringType()
.getASupertype*()
.getSourceDeclaration()
.hasQualifiedName("java.io", "ObjectInputStream")
@@ -513,15 +500,13 @@ class ResolveProxyClassMethod extends Method {
ResolveProxyClassMethod() {
this.hasName("resolveProxyClass") and
this.getNumberOfParameters() = 1 and
this
.getParameter(0)
this.getParameter(0)
.getType()
.(Array)
.getComponentType()
.(RefType)
.hasQualifiedName("java.lang", "String") and
this
.getDeclaringType()
this.getDeclaringType()
.getASupertype*()
.getSourceDeclaration()
.hasQualifiedName("java.io", "ObjectInputStream")
@@ -545,14 +530,12 @@ class SetSocketFactoryMethod extends Method {
SetSocketFactoryMethod() {
this.hasName("setSocketFactory") and
this.getNumberOfParameters() = 1 and
this
.getParameter(0)
this.getParameter(0)
.getType()
.(RefType)
.getSourceDeclaration()
.hasQualifiedName("java.net", "SocketImplFactory") and
this
.getDeclaringType()
this.getDeclaringType()
.getASupertype*()
.getSourceDeclaration()
.hasQualifiedName("java.net", "ServerSocket")
@@ -567,14 +550,12 @@ class SetSocketImplFactoryMethod extends Method {
SetSocketImplFactoryMethod() {
this.hasName("setSocketImplFactory") and
this.getNumberOfParameters() = 1 and
this
.getParameter(0)
this.getParameter(0)
.getType()
.(RefType)
.getSourceDeclaration()
.hasQualifiedName("java.net", "SocketImplFactory") and
this
.getDeclaringType()
this.getDeclaringType()
.getASupertype*()
.getSourceDeclaration()
.hasQualifiedName("java.net", "Socket")
@@ -589,14 +570,12 @@ class SetUrlStreamHandlerFactoryMethod extends Method {
SetUrlStreamHandlerFactoryMethod() {
this.hasName("setURLStreamHandlerFactory") and
this.getNumberOfParameters() = 1 and
this
.getParameter(0)
this.getParameter(0)
.getType()
.(RefType)
.getSourceDeclaration()
.hasQualifiedName("java.net", "URLStreamHandlerFactory") and
this
.getDeclaringType()
this.getDeclaringType()
.getASupertype*()
.getSourceDeclaration()
.hasQualifiedName("java.net", "URL")
@@ -621,13 +600,11 @@ class SystemOrRuntimeLoadLibraryMethod extends Method {
this.getNumberOfParameters() = 1 and
this.getParameter(0).getType().(RefType).hasQualifiedName("java.lang", "String") and
(
this
.getDeclaringType()
this.getDeclaringType()
.getASupertype*()
.getSourceDeclaration()
.hasQualifiedName("java.lang", "System") or
this
.getDeclaringType()
this.getDeclaringType()
.getASupertype*()
.getSourceDeclaration()
.hasQualifiedName("java.lang", "Runtime")
@@ -642,8 +619,7 @@ class SystemOrRuntimeLoadLibraryMethod extends Method {
class RuntimeExecMethod extends Method {
RuntimeExecMethod() {
this.hasName("exec") and
this
.getDeclaringType()
this.getDeclaringType()
.getASupertype*()
.getSourceDeclaration()
.hasQualifiedName("java.lang", "Runtime")

6
java/ql/src/semmle/code/java/frameworks/spring/SpringController.qll
View File

@@ -208,12 +208,10 @@ class SpringRequestMappingParameter extends Parameter {
// HttpEntity is like @RequestBody, but with a wrapper including the headers
// TODO model unwrapping aspects
getType().(RefType).getASourceSupertype*() instanceof SpringHttpEntity or
this
.getAnAnnotation()
this.getAnAnnotation()
.getType()
.hasQualifiedName("org.springframework.web.bind.annotation", "RequestAttribute") or
this
.getAnAnnotation()
this.getAnAnnotation()
.getType()
.hasQualifiedName("org.springframework.web.bind.annotation", "SessionAttribute")
}

3
java/ql/src/semmle/code/java/security/FileReadWrite.qll
View File

@@ -9,8 +9,7 @@ private predicate fileRead(VarAccess fileAccess, Expr fileReadingExpr) {
cie = fileReadingExpr and
cie.getArgument(0) = fileAccess
|
cie
.getConstructedType()
cie.getConstructedType()
.hasQualifiedName("java.io", ["RandomAccessFile", "FileReader", "FileInputStream"])
)
or

3
java/ql/src/semmle/code/java/security/UnsafeDeserialization.qll
View File

@@ -56,8 +56,7 @@ predicate unsafeDeserialization(MethodAccess ma, Expr sink) {
sink = ma.getQualifier() and
not exists(DataFlow::ExprNode node |
node.getExpr() = sink and
node
.getTypeBound()
node.getTypeBound()
.(RefType)
.hasQualifiedName("org.apache.commons.io.serialization", "ValidatingObjectInputStream")
)

3
java/ql/src/semmle/code/xml/Ant.qll
View File

@@ -20,8 +20,7 @@ class AntTarget extends XMLElement {
string getDependsString() {
result =
"," +
this
.getAttributeValue("depends")
this.getAttributeValue("depends")
.replaceAll(" ", "")
.replaceAll("\r", "")
.replaceAll("\n", "")