Java: Fix qltests.

2026-04-22 15:25:18 +02:00 · 2023-06-19 09:36:45 +02:00
parent d1a616a70a
commit 9a4de208ef
4 changed files with 10 additions and 8 deletions
--- a/java/ql/src/Metrics/Summaries/TopJdkApis.qll
+++ b/java/ql/src/Metrics/Summaries/TopJdkApis.qll
@@ -307,6 +307,7 @@ class TopJdkApi extends SummarizedCallableBase {
  predicate hasManualMadModel() { this.hasManualSummary() or this.hasManualNeutral() }
  /*
   * Note: the following top JDK APIs are not modeled with MaD:
+   * `java.lang.Runnable#run()`: specialised lambda flow
   * `java.lang.String#valueOf(Object)`: a complex case; an alias for `Object.toString`, except the dispatch is hidden
   * `java.lang.System#getProperty(String)`: needs to be modeled by regular CodeQL matching the get and set keys to reduce FPs
   * `java.lang.System#setProperty(String,String)`: needs to be modeled by regular CodeQL matching the get and set keys to reduce FPs
--- a/java/ql/test/ext/TopJdkApis/TopJdkApisTest.expected
+++ b/java/ql/test/ext/TopJdkApis/TopJdkApisTest.expected
@@ -1,3 +1,4 @@
+| java.lang.Runnable#run() | no manual model |
 | java.lang.String#valueOf(Object) | no manual model |
 | java.lang.System#getProperty(String) | no manual model |
 | java.lang.System#setProperty(String,String) | no manual model |
--- a/java/ql/test/library-tests/frameworks/ratpack/resources/IntegrationTest.java
+++ b/java/ql/test/library-tests/frameworks/ratpack/resources/IntegrationTest.java
@@ -107,13 +107,13 @@ class IntegrationTest {
                filterAndMerge_2(pojoForm, mergedParams, name -> false);
                return mergedParams;
            }).then(pojoMap -> {
-                sink(pojoMap.keySet().iterator().next()); //TODO:$hasTaintFlow
-                sink(pojoMap.get("value")); //TODO:$hasTaintFlow
+                sink(pojoMap.keySet().iterator().next()); //$hasTaintFlow
+                sink(pojoMap.get("value")); //$hasTaintFlow
                pojoMap.forEach((key, value) -> {
-                    sink(key); //TODO:$hasTaintFlow
-                    sink(value); //TODO:$hasTaintFlow
+                    sink(key); //$hasTaintFlow
+                    sink(value); //$hasTaintFlow
                    List<Object> values = (List<Object>) value;
-                    sink(values.get(0)); //TODO:$hasTaintFlow
+                    sink(values.get(0)); //$hasTaintFlow
                });
            });
    }
--- a/java/ql/test/library-tests/frameworks/ratpack/resources/Resource.java
+++ b/java/ql/test/library-tests/frameworks/ratpack/resources/Resource.java
@@ -361,13 +361,13 @@ class Resource {
        Promise
            .value(tainted)
            .nextOp(value -> Operation.of(() -> {
-                sink(value); //$hasTaintFlow
+                sink(value); // MISSING: $hasTaintFlow
            }))
            .nextOpIf(value -> {
                sink(value); //$hasTaintFlow
                return true;
            }, value -> Operation.of(() -> {
-                sink(value); //$hasTaintFlow
+                sink(value); // MISSING: $hasTaintFlow
            }))
            .then(value -> {
                sink(value); //$hasTaintFlow
@@ -379,7 +379,7 @@ class Resource {
        Promise
            .value(tainted)
            .flatOp(value ->  Operation.of(() -> {
-                sink(value); //$hasTaintFlow
+                sink(value); // MISSING: $hasTaintFlow
            }));
    }