Rename {source,sink}Model to {source,sink}ModelCandidate.

2026-04-24 08:15:14 +02:00 · 2024-01-22 13:10:51 +00:00
parent a3816d75b3
commit 99c99145a2
7 changed files with 28 additions and 28 deletions
--- a/java/ql/automodel/test/AutomodelApplicationModeExtraction/PluginImpl.java
+++ b/java/ql/automodel/test/AutomodelApplicationModeExtraction/PluginImpl.java
@@ -2,7 +2,7 @@ import hudson.Plugin;

 public class PluginImpl extends Plugin {
    @Override
-    public void configure(String name, String value) { // $ sourceModel=configure(String,String):Parameter[0] sourceModel=configure(String,String):Parameter[1]
+    public void configure(String name, String value) { // $ sourceModelCandidate=configure(String,String):Parameter[0] sourceModelCandidate=configure(String,String):Parameter[1]
        // ...
    }
 }
--- a/java/ql/automodel/test/AutomodelApplicationModeExtraction/Test.java
+++ b/java/ql/automodel/test/AutomodelApplicationModeExtraction/Test.java
@@ -16,13 +16,13 @@ import java.util.concurrent.FutureTask;
 class Test {
 	public static void main(String[] args) throws Exception {
 		AtomicReference<String> reference = new AtomicReference<>(); // uninteresting (parameterless constructor)
-		reference.set( // $ sinkModel=set(Object):Argument[this]
+		reference.set( // $ sinkModelCandidate=set(Object):Argument[this]
 			args[0] // $ negativeSinkExample=set(Object):Argument[0] // modeled as a flow step
 		);  // $ negativeSourceExample=set(Object):ReturnValue // return type is void
 	}

 	public static void callSupplier(Supplier<String> supplier) {
-		supplier.get(); // $ sourceModel=get():ReturnValue sinkModel=get():Argument[this]
+		supplier.get(); // $ sourceModelCandidate=get():ReturnValue sinkModelCandidate=get():Argument[this]
 	}

 	public static void copyFiles(Path source, Path target, CopyOption option) throws Exception {
@@ -30,20 +30,20 @@ class Test {
 			source, // $ positiveSinkExample=copy(Path,Path,CopyOption[]):Argument[0](path-injection)
 			target, // $ positiveSinkExample=copy(Path,Path,CopyOption[]):Argument[1](path-injection)
 			option // no candidate (not modeled, but source and target are modeled)
-		); // $ sourceModel=copy(Path,Path,CopyOption[]):ReturnValue
+		); // $ sourceModelCandidate=copy(Path,Path,CopyOption[]):ReturnValue
 	}

 	public static InputStream getInputStream(Path openPath) throws Exception {
 		return Files.newInputStream(
-			openPath // $ sinkModel=newInputStream(Path,OpenOption[]):Argument[0] positiveSinkExample=newInputStream(Path,OpenOption[]):Argument[0](path-injection) // sink candidate because "only" ai-modeled, and useful as a candidate in regression testing
-		); // $ sourceModel=newInputStream(Path,OpenOption[]):ReturnValue
+			openPath // $ sinkModelCandidate=newInputStream(Path,OpenOption[]):Argument[0] positiveSinkExample=newInputStream(Path,OpenOption[]):Argument[0](path-injection) // sink candidate because "only" ai-modeled, and useful as a candidate in regression testing
+		); // $ sourceModelCandidate=newInputStream(Path,OpenOption[]):ReturnValue
 	}

 	public static InputStream getInputStream(String openPath) throws Exception {
 		return Test.getInputStream( // the call is not a source candidate (argument to local call)
 			Paths.get(
 				openPath // $ negativeSinkExample=get(String,String[]):Argument[0] // modeled as a flow step
-			) // $ sourceModel=get(String,String[]):ReturnValue
+			) // $ sourceModelCandidate=get(String,String[]):ReturnValue
 		);
 	}

@@ -59,16 +59,16 @@ class Test {
 			o, // the implicit varargs array is a candidate, annotated on the last line of the call
 			o // not a candidate (only the first arg corresponding to a varargs array
 			  // is extracted)
-		); // $ sourceModel=walk(Path,FileVisitOption[]):ReturnValue sinkModel=walk(Path,FileVisitOption[]):Argument[1]
+		); // $ sourceModelCandidate=walk(Path,FileVisitOption[]):ReturnValue sinkModelCandidate=walk(Path,FileVisitOption[]):Argument[1]
 	}

 	public static void WebSocketExample(URLConnection c) throws Exception {
-		c.getInputStream(); // $ sinkModel=getInputStream():Argument[this] positiveSourceExample=getInputStream():ReturnValue(remote) // not a source candidate (manual modeling)
+		c.getInputStream(); // $ sinkModelCandidate=getInputStream():Argument[this] positiveSourceExample=getInputStream():ReturnValue(remote) // not a source candidate (manual modeling)
 	}
 }

 class OverrideTest extends Exception {
-	public void printStackTrace(PrintWriter writer) { // $ sourceModel=printStackTrace(PrintWriter):Parameter[0]
+	public void printStackTrace(PrintWriter writer) { // $ sourceModelCandidate=printStackTrace(PrintWriter):Parameter[0]
 		return;
 	}

@@ -89,15 +89,15 @@ class MoreTests {
 		Files.list(
 			Files.createDirectories(
 				p // $ positiveSinkExample=createDirectories(Path,FileAttribute[]):Argument[0](path-injection)
-			) // $ sourceModel=createDirectories(Path,FileAttribute[]):ReturnValue negativeSinkExample=list(Path):Argument[0] // modeled as a flow step
-		); // $ sourceModel=list(Path):ReturnValue
+			) // $ sourceModelCandidate=createDirectories(Path,FileAttribute[]):ReturnValue negativeSinkExample=list(Path):Argument[0] // modeled as a flow step
+		); // $ sourceModelCandidate=list(Path):ReturnValue

 		Files.delete(
-			p // $ sinkModel=delete(Path):Argument[0] positiveSinkExample=delete(Path):Argument[0](path-injection)
+			p // $ sinkModelCandidate=delete(Path):Argument[0] positiveSinkExample=delete(Path):Argument[0](path-injection)
 		); // $ negativeSourceExample=delete(Path):ReturnValue // return type is void

 		Files.deleteIfExists(
-			p // $ sinkModel=deleteIfExists(Path):Argument[0] positiveSinkExample=deleteIfExists(Path):Argument[0](path-injection)
+			p // $ sinkModelCandidate=deleteIfExists(Path):Argument[0] positiveSinkExample=deleteIfExists(Path):Argument[0](path-injection)
 		); // $ negativeSourceExample=deleteIfExists(Path):ReturnValue // return type is boolean
 	}
 }
--- a/java/ql/automodel/test/AutomodelExtractionTests.qll
+++ b/java/ql/automodel/test/AutomodelExtractionTests.qll
@@ -24,7 +24,7 @@ signature module TestHelperSig<CandidateSig Candidate> {
 module Extraction<CandidateSig Candidate, TestHelperSig<Candidate> TestHelper> implements TestSig {
  string getARelevantTag() {
    result in [
-        "sourceModel", "sinkModel", // a candidate source/sink
+        "sourceModelCandidate", "sinkModelCandidate", // a candidate source/sink
        "positiveSourceExample", "positiveSinkExample", // a known source/sink
        "negativeSourceExample", "negativeSinkExample" // a known non-source/non-sink
      ]
@@ -46,7 +46,7 @@ module Extraction<CandidateSig Candidate, TestHelperSig<Candidate> TestHelper> i
    string extensibleType, string tag, string suffix
  ) {
    TestHelper::isCandidate(endpoint, name, signature, input, output, extensibleType) and
-    tag = extensibleType and
+    tag = ifSource(extensibleType, "sourceModelCandidate", "sinkModelCandidate") and
    suffix = ""
    or
    TestHelper::isNegativeExample(endpoint, name, signature, input, output, extensibleType) and
--- a/java/ql/automodel/test/AutomodelFrameworkModeExtraction/com/github/codeql/test/PublicClass.java
+++ b/java/ql/automodel/test/AutomodelFrameworkModeExtraction/com/github/codeql/test/PublicClass.java
@@ -1,15 +1,15 @@
 package com.github.codeql.test;

 public class PublicClass {
-  public void stuff(String arg) { // $ sinkModel=stuff(String):Argument[this] sourceModel=stuff(String):Parameter[this] sinkModel=stuff(String):Argument[0] sourceModel=stuff(String):Parameter[0] // source candidates because it is an overrideable method
+  public void stuff(String arg) { // $ sinkModelCandidate=stuff(String):Argument[this] sourceModelCandidate=stuff(String):Parameter[this] sinkModelCandidate=stuff(String):Argument[0] sourceModelCandidate=stuff(String):Parameter[0] // source candidates because it is an overrideable method
    System.out.println(arg);
  }

-  public static void staticStuff(String arg) { // $ sinkModel=staticStuff(String):Argument[0] // `arg` is not a source candidate (not overrideabe); `this` is not a candidate (static method)
+  public static void staticStuff(String arg) { // $ sinkModelCandidate=staticStuff(String):Argument[0] // `arg` is not a source candidate (not overrideabe); `this` is not a candidate (static method)
    System.out.println(arg);
  }

-  protected void nonPublicStuff(String arg) { // $ sinkModel=nonPublicStuff(String):Argument[this] sourceModel=nonPublicStuff(String):Parameter[this] sinkModel=nonPublicStuff(String):Argument[0] sourceModel=nonPublicStuff(String):Parameter[0]
+  protected void nonPublicStuff(String arg) { // $ sinkModelCandidate=nonPublicStuff(String):Argument[this] sourceModelCandidate=nonPublicStuff(String):Parameter[this] sinkModelCandidate=nonPublicStuff(String):Argument[0] sourceModelCandidate=nonPublicStuff(String):Parameter[0]
    System.out.println(arg);
  }

@@ -17,11 +17,11 @@ public class PublicClass {
    System.out.println(arg);
  }

-  public PublicClass(Object input) { // $ sourceModel=PublicClass(Object):ReturnValue sinkModel=PublicClass(Object):Argument[0] // `this` is not a candidate because it is a constructor
+  public PublicClass(Object input) { // $ sourceModelCandidate=PublicClass(Object):ReturnValue sinkModelCandidate=PublicClass(Object):Argument[0] // `this` is not a candidate because it is a constructor
  }

   // `input` and `input` are source candidates, but not sink candidates (is-style method)
-  public Boolean isIgnored(Object input) { // $ negativeSinkExample=isIgnored(Object):Argument[this] sourceModel=isIgnored(Object):Parameter[this] negativeSinkExample=isIgnored(Object):Argument[0] sourceModel=isIgnored(Object):Parameter[0]
+  public Boolean isIgnored(Object input) { // $ negativeSinkExample=isIgnored(Object):Argument[this] sourceModelCandidate=isIgnored(Object):Parameter[this] negativeSinkExample=isIgnored(Object):Argument[0] sourceModelCandidate=isIgnored(Object):Parameter[0]
    return false;
  }
 }
--- a/java/ql/automodel/test/AutomodelFrameworkModeExtraction/com/github/codeql/test/PublicInterface.java
+++ b/java/ql/automodel/test/AutomodelFrameworkModeExtraction/com/github/codeql/test/PublicInterface.java
@@ -1,9 +1,9 @@
 package com.github.codeql.test;

 public interface PublicInterface {
-    public int stuff(String arg); // $ sinkModel=stuff(String):Argument[this] sourceModel=stuff(String):Parameter[this] sinkModel=stuff(String):Argument[0] sourceModel=stuff(String):Parameter[0]  // result is _not_ a source candidate source (primitive return type)
+    public int stuff(String arg); // $ sinkModelCandidate=stuff(String):Argument[this] sourceModelCandidate=stuff(String):Parameter[this] sinkModelCandidate=stuff(String):Argument[0] sourceModelCandidate=stuff(String):Parameter[0]  // result is _not_ a source candidate source (primitive return type)

-    public static void staticStuff(String arg) { // $ sinkModel=staticStuff(String):Argument[0] // not a source candidate (static method)
+    public static void staticStuff(String arg) { // $ sinkModelCandidate=staticStuff(String):Argument[0] // not a source candidate (static method)
      System.out.println(arg);
    }
 }
--- a/java/ql/automodel/test/AutomodelFrameworkModeExtraction/java/io/File.java
+++ b/java/ql/automodel/test/AutomodelFrameworkModeExtraction/java/io/File.java
@@ -7,7 +7,7 @@ public class File {
        return 0;
    }

-    public boolean setLastModified(long time) { // $ sinkModel=setLastModified(long):Argument[this] sourceModel=setLastModified(long):Parameter[this] // time is not a candidate (primitive type)
+    public boolean setLastModified(long time) { // $ sinkModelCandidate=setLastModified(long):Argument[this] sourceModelCandidate=setLastModified(long):Parameter[this] // time is not a candidate (primitive type)
        return false;
    } // return value is not a source candidate because it's a primitive
 }
--- a/java/ql/automodel/test/AutomodelFrameworkModeExtraction/java/nio/file/Files.java
+++ b/java/ql/automodel/test/AutomodelFrameworkModeExtraction/java/nio/file/Files.java
@@ -11,7 +11,7 @@ import java.nio.file.OpenOption;
 public class Files {
    public static void copy( // method result is not a candidate source (void)
        Path source, // $ positiveSinkExample=copy(Path,OutputStream):Argument[0](path-injection) // manual model exists
-        OutputStream out // $ sinkModel=copy(Path,OutputStream):Argument[1] 
+        OutputStream out // $ sinkModelCandidate=copy(Path,OutputStream):Argument[1]
        /* NB: may be worthwhile to implement the
           same behavior as in application mode where out would not be a
           candidate because there already is a model for another parameter of
@@ -22,9 +22,9 @@ public class Files {
        // ...
    }

-    public static InputStream newInputStream( // $ sourceModel=newInputStream(Path,OpenOption[]):ReturnValue
-        Path openPath, // $ positiveSinkExample=newInputStream(Path,OpenOption[]):Argument[0](path-injection) sinkModel=newInputStream(Path,OpenOption[]):Argument[0] // known sink, but still a candidate (ai-modeled, and useful as a candidate in regression testing)
-        OpenOption... options // $ sinkModel=newInputStream(Path,OpenOption[]):Argument[1]
+    public static InputStream newInputStream( // $ sourceModelCandidate=newInputStream(Path,OpenOption[]):ReturnValue
+        Path openPath, // $ positiveSinkExample=newInputStream(Path,OpenOption[]):Argument[0](path-injection) sinkModelCandidate=newInputStream(Path,OpenOption[]):Argument[0] // known sink, but still a candidate (ai-modeled, and useful as a candidate in regression testing)
+        OpenOption... options // $ sinkModelCandidate=newInputStream(Path,OpenOption[]):Argument[1]
    ) throws IOException {
        return  new FileInputStream(openPath.toFile());
    }