Java: fix broken MaD export format

2026-04-30 03:05:15 +02:00 · 2023-06-08 12:02:50 +02:00
parent c6f10519fa
commit 8f697ac1ee
5 changed files with 7 additions and 7 deletions
--- a/java/ql/lib/ext/java.io.model.yml
+++ b/java/ql/lib/ext/java.io.model.yml
@@ -7,7 +7,7 @@ extensions:
      - ["java.io", "File", False, "File", "(String)", "", "Argument[0]", "path-injection", "manual"] # old PathCreation
      - ["java.io", "File", False, "File", "(String,String)", "", "Argument[0..1]", "path-injection", "manual"] # old PathCreation
      - ["java.io", "File", False, "File", "(URI)", "", "Argument[0]", "path-injection", "manual"] # old PathCreation
-      - ["java.io", "File", True, "createNewFile", "()", "", "Argument[undefined]", "path-injection", "ai-manual"]
+      - ["java.io", "File", True, "createNewFile", "()", "", "Argument[this]", "path-injection", "ai-manual"]
      - ["java.io", "File", True, "createTempFile", "(String,String,File)", "", "Argument[2]", "path-injection", "ai-manual"]
      - ["java.io", "File", True, "renameTo", "(File)", "", "Argument[0]", "path-injection", "ai-manual"]
      - ["java.io", "FileInputStream", True, "FileInputStream", "(File)", "", "Argument[0]", "path-injection", "ai-manual"]
--- a/java/ql/lib/ext/java.lang.model.yml
+++ b/java/ql/lib/ext/java.lang.model.yml
@@ -47,7 +47,7 @@ extensions:
      - ["java.lang", "AbstractStringBuilder", True, "AbstractStringBuilder", "(String)", "", "Argument[0]", "Argument[this]", "taint", "manual"]
      - ["java.lang", "AbstractStringBuilder", True, "append", "", "", "Argument[this]", "ReturnValue", "value", "manual"]
      - ["java.lang", "AbstractStringBuilder", True, "append", "", "", "Argument[0]", "Argument[this]", "taint", "manual"]
-      - ["java.lang", "ProcessBuilder", False, "environment", "()", "", "Argument[undefined]", "ReturnValue", "taint", "ai-manual"]
+      - ["java.lang", "ProcessBuilder", False, "environment", "()", "", "Argument[this]", "ReturnValue", "taint", "ai-manual"]
      # When `WithoutElement` is implemented for Java, `java.lang.AbstractStringBuilder#delete` might require a `taint` step of the form `Argument[this].WithoutElement -> Argument[this]` in addition to the below `value` step.
      - ["java.lang", "AbstractStringBuilder", True, "delete", "(int,int)", "", "Argument[this]", "ReturnValue", "value", "manual"]
      - ["java.lang", "AbstractStringBuilder", True, "getChars", "", "", "Argument[this]", "Argument[2]", "taint", "manual"]
--- a/java/ql/lib/ext/java.net.model.yml
+++ b/java/ql/lib/ext/java.net.model.yml
@@ -43,8 +43,8 @@ extensions:
      - ["java.net", "URI", False, "toASCIIString", "", "", "Argument[this]", "ReturnValue", "taint", "manual"]
      - ["java.net", "URI", False, "toString", "", "", "Argument[this]", "ReturnValue", "taint", "manual"]
      - ["java.net", "URI", False, "toURL", "", "", "Argument[this]", "ReturnValue", "taint", "manual"]
-      - ["java.net", "URL", False, "getFile", "()", "", "Argument[undefined]", "ReturnValue", "taint", "ai-manual"]
-      - ["java.net", "URL", False, "getPath", "()", "", "Argument[undefined]", "ReturnValue", "taint", "ai-manual"]
+      - ["java.net", "URL", False, "getFile", "()", "", "Argument[this]", "ReturnValue", "taint", "ai-manual"]
+      - ["java.net", "URL", False, "getPath", "()", "", "Argument[this]", "ReturnValue", "taint", "ai-manual"]
      - ["java.net", "URL", False, "URL", "(String)", "", "Argument[0]", "Argument[this]", "taint", "manual"]
      - ["java.net", "URL", False, "URL", "(URL,String)", "", "Argument[0]", "Argument[this]", "taint", "ai-manual"]
      - ["java.net", "URL", False, "URL", "(URL,String)", "", "Argument[1]", "Argument[this]", "taint", "ai-manual"] # @atorralba: review for consistency
--- a/java/ql/lib/ext/okhttp3.model.yml
+++ b/java/ql/lib/ext/okhttp3.model.yml
@@ -6,7 +6,7 @@ extensions:
      - ["okhttp3", "OkHttpClient", True, "newCall", "(Request)", "", "Argument[0]", "request-forgery", "ai-manual"]
      - ["okhttp3", "OkHttpClient", True, "newWebSocket", "(Request,WebSocketListener)", "", "Argument[0]", "request-forgery", "ai-manual"]
      - ["okhttp3", "Request", True, "Request", "", "", "Argument[0]", "request-forgery", "manual"]
-      - ["okhttp3", "Request$Builder", False, "get", "()", "", "Argument[undefined]", "request-forgery", "ai-manual"] # this creates a GET request
+      - ["okhttp3", "Request$Builder", False, "get", "()", "", "Argument[this]", "request-forgery", "ai-manual"] # this creates a GET request
      - ["okhttp3", "Request$Builder", True, "url", "", "", "Argument[0]", "request-forgery", "manual"]
  - addsTo:
      pack: codeql/java-all
--- a/java/ql/lib/ext/org.gradle.api.file.model.yml
+++ b/java/ql/lib/ext/org.gradle.api.file.model.yml
@@ -3,5 +3,5 @@ extensions:
      pack: codeql/java-all
      extensible: summaryModel
    data:
-      - ["org.gradle.api.file", "Directory", True, "getAsFile", "()", "", "Argument[undefined]", "ReturnValue", "taint", "ai-manual"]
-      - ["org.gradle.api.file", "DirectoryProperty", True, "file", "(String)", "", "Argument[undefined]", "ReturnValue", "taint", "ai-manual"]
+      - ["org.gradle.api.file", "Directory", True, "getAsFile", "()", "", "Argument[this]", "ReturnValue", "taint", "ai-manual"]
+      - ["org.gradle.api.file", "DirectoryProperty", True, "file", "(String)", "", "Argument[this]", "ReturnValue", "taint", "ai-manual"]