diff --git a/java/ql/src/Advisory/Documentation/SpuriousJavadocParam.ql b/java/ql/src/Advisory/Documentation/SpuriousJavadocParam.ql index b2ebcefe445..88c100b8693 100644 --- a/java/ql/src/Advisory/Documentation/SpuriousJavadocParam.ql +++ b/java/ql/src/Advisory/Documentation/SpuriousJavadocParam.ql @@ -22,7 +22,8 @@ where not exists(TypeVariable tv | tv.getGenericCallable() = callable | "<" + tv.getName() + ">" = paramTag.getParamName() ) and - msg = "@param tag \"" + paramTag.getParamName() + "\" does not match any actual parameter of " + + msg = + "@param tag \"" + paramTag.getParamName() + "\" does not match any actual parameter of " + what + " \"" + callable.getName() + "()\"." else // The tag has no value at all. diff --git a/java/ql/src/AlertSuppressionAnnotations.ql b/java/ql/src/AlertSuppressionAnnotations.ql index 446055d5116..5d477a59675 100644 --- a/java/ql/src/AlertSuppressionAnnotations.ql +++ b/java/ql/src/AlertSuppressionAnnotations.ql @@ -38,7 +38,8 @@ class SuppressionAnnotation extends SuppressWarningsAnnotation { } private Annotation firstAnnotation() { - result = min(this.getASiblingAnnotation() as m + result = + min(this.getASiblingAnnotation() as m order by m.getLocation().getStartLine(), m.getLocation().getStartColumn() ) diff --git a/java/ql/src/Compatibility/JDK9/JdkInternalsReplacement.qll b/java/ql/src/Compatibility/JDK9/JdkInternalsReplacement.qll index f5546b0bd0a..907765c454f 100644 --- a/java/ql/src/Compatibility/JDK9/JdkInternalsReplacement.qll +++ b/java/ql/src/Compatibility/JDK9/JdkInternalsReplacement.qll @@ -11,18 +11,21 @@ predicate jdkInternalReplacement(string old, string new) { } private predicate jdkInternalReplacement(string r) { - r = "com.sun.crypto.provider.SunJCE=Use java.security.Security.getProvider(provider-name) @since 1.3" or + r = + "com.sun.crypto.provider.SunJCE=Use java.security.Security.getProvider(provider-name) @since 1.3" or r = "com.sun.org.apache.xml.internal.security=Use java.xml.crypto @since 1.6" or r = "com.sun.org.apache.xml.internal.security.utils.Base64=Use java.util.Base64 @since 1.8" or r = "com.sun.org.apache.xml.internal.resolver=Use javax.xml.catalog @since 9" or r = "com.sun.net.ssl=Use javax.net.ssl @since 1.4" or - r = "com.sun.net.ssl.internal.ssl.Provider=Use java.security.Security.getProvider(provider-name) @since 1.3" or + r = + "com.sun.net.ssl.internal.ssl.Provider=Use java.security.Security.getProvider(provider-name) @since 1.3" or r = "com.sun.rowset=Use javax.sql.rowset.RowSetProvider @since 1.7" or r = "com.sun.tools.javac.tree=Use com.sun.source @since 1.6" or r = "com.sun.tools.javac=Use javax.tools and javax.lang.model @since 1.6" or r = "java.awt.peer=Should not use. See https://bugs.openjdk.java.net/browse/JDK-8037739" or r = "java.awt.dnd.peer=Should not use. See https://bugs.openjdk.java.net/browse/JDK-8037739" or - r = "jdk.internal.ref.Cleaner=Use java.lang.ref.PhantomReference @since 1.2 or java.lang.ref.Cleaner @since 9" or + r = + "jdk.internal.ref.Cleaner=Use java.lang.ref.PhantomReference @since 1.2 or java.lang.ref.Cleaner @since 9" or r = "sun.awt.CausedFocusEvent=Use java.awt.event.FocusEvent::getCause @since 9" or r = "sun.font.FontUtilities=See java.awt.Font.textRequiresLayout @since 9" or r = "sun.reflect.Reflection=Use java.lang.StackWalker @since 9" or @@ -32,10 +35,13 @@ private predicate jdkInternalReplacement(string r) { r = "sun.misc.SignalHandler=See http://openjdk.java.net/jeps/260" or r = "sun.security.action=Use java.security.PrivilegedAction @since 1.1" or r = "sun.security.krb5=Use com.sun.security.jgss" or - r = "sun.security.provider.PolicyFile=Use java.security.Policy.getInstance(\"JavaPolicy\", new URIParameter(uri)) @since 1.6" or + r = + "sun.security.provider.PolicyFile=Use java.security.Policy.getInstance(\"JavaPolicy\", new URIParameter(uri)) @since 1.6" or r = "sun.security.provider.Sun=Use java.security.Security.getProvider(provider-name) @since 1.3" or - r = "sun.security.util.HostnameChecker=Use javax.net.ssl.SSLParameters.setEndpointIdentificationAlgorithm(\"HTTPS\") @since 1.7 or javax.net.ssl.HttpsURLConnection.setHostnameVerifier() @since 1.4" or - r = "sun.security.util.SecurityConstants=Use appropriate java.security.Permission subclass @since 1.1" or + r = + "sun.security.util.HostnameChecker=Use javax.net.ssl.SSLParameters.setEndpointIdentificationAlgorithm(\"HTTPS\") @since 1.7 or javax.net.ssl.HttpsURLConnection.setHostnameVerifier() @since 1.4" or + r = + "sun.security.util.SecurityConstants=Use appropriate java.security.Permission subclass @since 1.1" or r = "sun.security.x509.X500Name=Use javax.security.auth.x500.X500Principal @since 1.4" or r = "sun.tools.jar=Use java.util.jar or jar tool @since 1.2" or // Internal APIs removed in JDK 9 @@ -45,7 +51,8 @@ private predicate jdkInternalReplacement(string r) { r = "sun.awt.image.codec=Use javax.imageio @since 1.4" or r = "sun.misc.BASE64Encoder=Use java.util.Base64 @since 1.8" or r = "sun.misc.BASE64Decoder=Use java.util.Base64 @since 1.8" or - r = "sun.misc.Cleaner=Use java.lang.ref.PhantomReference @since 1.2 or java.lang.ref.Cleaner @since 9" or + r = + "sun.misc.Cleaner=Use java.lang.ref.PhantomReference @since 1.2 or java.lang.ref.Cleaner @since 9" or r = "sun.misc.Service=Use java.util.ServiceLoader @since 1.6" or r = "sun.misc=Removed. See http://openjdk.java.net/jeps/260" or r = "sun.reflect=Removed. See http://openjdk.java.net/jeps/260" diff --git a/java/ql/src/Likely Bugs/Concurrency/DoubleCheckedLocking.ql b/java/ql/src/Likely Bugs/Concurrency/DoubleCheckedLocking.ql index afe6cfd0c49..21b8c805cbb 100644 --- a/java/ql/src/Likely Bugs/Concurrency/DoubleCheckedLocking.ql +++ b/java/ql/src/Likely Bugs/Concurrency/DoubleCheckedLocking.ql @@ -30,7 +30,8 @@ where // Non-volatile double-checked locking is ok when the object is immutable and // there is only a single non-synchronized field read. immutableFieldType(f.getType()) and - 1 = strictcount(FieldAccess fa | + 1 = + strictcount(FieldAccess fa | fa.getField() = f and fa.getEnclosingCallable() = sync.getEnclosingCallable() and not fa.getEnclosingStmt().getEnclosingStmt*() = sync.getBlock() diff --git a/java/ql/src/Likely Bugs/Concurrency/InconsistentAccess.ql b/java/ql/src/Likely Bugs/Concurrency/InconsistentAccess.ql index 865ca90005d..9d44e5d4415 100644 --- a/java/ql/src/Likely Bugs/Concurrency/InconsistentAccess.ql +++ b/java/ql/src/Likely Bugs/Concurrency/InconsistentAccess.ql @@ -53,9 +53,8 @@ class MyField extends Field { } int getNumSynchedAccesses() { - result = count(Expr synched | - synched = this.getAnAccess() and withinLocalSynchronization(synched) - ) + result = + count(Expr synched | synched = this.getAnAccess() and withinLocalSynchronization(synched)) } int getNumAccesses() { result = count(this.getAnAccess()) } diff --git a/java/ql/src/Likely Bugs/Concurrency/LazyInitStaticField.ql b/java/ql/src/Likely Bugs/Concurrency/LazyInitStaticField.ql index c8639300fb7..e6d755eb48c 100644 --- a/java/ql/src/Likely Bugs/Concurrency/LazyInitStaticField.ql +++ b/java/ql/src/Likely Bugs/Concurrency/LazyInitStaticField.ql @@ -51,9 +51,8 @@ class LockObjectField extends Field { class ValidSynchStmt extends Stmt { ValidSynchStmt() { // It's OK to lock the enclosing class. - this.(SynchronizedStmt).getExpr().(TypeLiteral).getTypeName().getType() = this - .getEnclosingCallable() - .getDeclaringType() + this.(SynchronizedStmt).getExpr().(TypeLiteral).getTypeName().getType() = + this.getEnclosingCallable().getDeclaringType() or // It's OK to lock on a "lock object field". this.(SynchronizedStmt).getExpr().(FieldRead).getField() instanceof LockObjectField diff --git a/java/ql/src/Likely Bugs/Likely Typos/UnusedFormatArg.ql b/java/ql/src/Likely Bugs/Likely Typos/UnusedFormatArg.ql index 67fb610a25c..286c731b5b8 100644 --- a/java/ql/src/Likely Bugs/Likely Typos/UnusedFormatArg.ql +++ b/java/ql/src/Likely Bugs/Likely Typos/UnusedFormatArg.ql @@ -18,7 +18,8 @@ import semmle.code.java.StringFormat int getNumberOfReferencedIndices(FormattingCall fmtcall) { exists(int maxref, int skippedrefs | maxref = max(FormatString fmt | fmtcall.getAFormatString() = fmt | fmt.getMaxFmtSpecIndex()) and - skippedrefs = count(int i | + skippedrefs = + count(int i | forex(FormatString fmt | fmtcall.getAFormatString() = fmt | i = fmt.getASkippedFmtSpecIndex() ) diff --git a/java/ql/src/Likely Bugs/Statements/ImpossibleCast.ql b/java/ql/src/Likely Bugs/Statements/ImpossibleCast.ql index cce2872eb47..7fb1248ae81 100644 --- a/java/ql/src/Likely Bugs/Statements/ImpossibleCast.ql +++ b/java/ql/src/Likely Bugs/Statements/ImpossibleCast.ql @@ -67,8 +67,9 @@ where ( // No unchecked operations, so the cast would crash straight away. not uncheckedCastType(target) and - message = "Impossible downcast: the cast from " + source.getName() + "[] to " + target.getName() - + "[] will always fail with a ClassCastException." + message = + "Impossible downcast: the cast from " + source.getName() + "[] to " + target.getName() + + "[] will always fail with a ClassCastException." or // For unchecked operations, the crash would not occur at the cast site, // but only if/when the value is assigned to a variable of different array type. @@ -80,7 +81,8 @@ where returnedFrom(ce, ce.getEnclosingCallable()) and ce.getEnclosingCallable().getReturnType().(Array).getElementType() = target and not ce.getEnclosingCallable().isPrivate() and - message = "Impossible downcast: this is returned by " + ce.getEnclosingCallable().getName() + + message = + "Impossible downcast: this is returned by " + ce.getEnclosingCallable().getName() + " as a value of type " + target.getName() + "[], but the array has type " + source.getName() + "[]. Callers of " + ce.getEnclosingCallable().getName() + " may fail with a ClassCastException." @@ -91,8 +93,9 @@ where returnedVariableFrom(v, m) and m.getReturnType().(Array).getElementType() = target and not m.isPrivate() and - message = "Impossible downcast: this is assigned to " + v.getName() + " which is returned by " - + m + " as a value of type " + target.getName() + "[], but the array has type " + + message = + "Impossible downcast: this is assigned to " + v.getName() + " which is returned by " + m + + " as a value of type " + target.getName() + "[], but the array has type " + source.getName() + "[]. Callers of " + m.getName() + " may fail with a ClassCastException." ) diff --git a/java/ql/src/Likely Bugs/Statements/ReturnValueIgnored.ql b/java/ql/src/Likely Bugs/Statements/ReturnValueIgnored.ql index 473bdc0b173..88d786a7159 100644 --- a/java/ql/src/Likely Bugs/Statements/ReturnValueIgnored.ql +++ b/java/ql/src/Likely Bugs/Statements/ReturnValueIgnored.ql @@ -88,7 +88,8 @@ predicate methodStats(Method m, int used, int total, int percentage) { } int chainedUses(Method m) { - result = count(MethodAccess ma, MethodAccess qual | + result = + count(MethodAccess ma, MethodAccess qual | ma.getMethod() = m and ma.getQualifier() = qual and qual.getMethod() = m diff --git a/java/ql/src/Metrics/Authors/AuthorsPerFile.ql b/java/ql/src/Metrics/Authors/AuthorsPerFile.ql index b4378f017b2..b438cf6becd 100644 --- a/java/ql/src/Metrics/Authors/AuthorsPerFile.ql +++ b/java/ql/src/Metrics/Authors/AuthorsPerFile.ql @@ -13,7 +13,6 @@ import java from CompilationUnit u, int num where - num = strictcount(string s | - exists(Documentable d | d.getAuthor() = s and d.getCompilationUnit() = u) - ) + num = + strictcount(string s | exists(Documentable d | d.getAuthor() = s and d.getCompilationUnit() = u)) select u, num diff --git a/java/ql/src/Metrics/Callables/StatementNestingDepth.ql b/java/ql/src/Metrics/Callables/StatementNestingDepth.ql index 264b4d97624..441395cb678 100644 --- a/java/ql/src/Metrics/Callables/StatementNestingDepth.ql +++ b/java/ql/src/Metrics/Callables/StatementNestingDepth.ql @@ -36,5 +36,6 @@ predicate nestingDepth(Stmt s, int depth) { from Method m, int depth where - depth = max(Stmt s, int aDepth | s.getEnclosingCallable() = m and nestingDepth(s, aDepth) | aDepth) + depth = + max(Stmt s, int aDepth | s.getEnclosingCallable() = m and nestingDepth(s, aDepth) | aDepth) select m, depth order by depth diff --git a/java/ql/src/Metrics/Files/FAfferentCoupling.ql b/java/ql/src/Metrics/Files/FAfferentCoupling.ql index f1fe4b8eda4..e4403ce572f 100644 --- a/java/ql/src/Metrics/Files/FAfferentCoupling.ql +++ b/java/ql/src/Metrics/Files/FAfferentCoupling.ql @@ -14,7 +14,8 @@ import java from CompilationUnit f, int n where - n = count(File g | + n = + count(File g | exists(Class c | c.fromSource() and c.getCompilationUnit() = f | exists(Class d | d.fromSource() and d.getCompilationUnit() = g | depends(d, c)) ) diff --git a/java/ql/src/Metrics/Files/FCyclomaticComplexity.ql b/java/ql/src/Metrics/Files/FCyclomaticComplexity.ql index 70017d51d2a..a558084691a 100644 --- a/java/ql/src/Metrics/Files/FCyclomaticComplexity.ql +++ b/java/ql/src/Metrics/Files/FCyclomaticComplexity.ql @@ -14,7 +14,8 @@ import java from CompilationUnit f, float n where - n = avg(Callable c, int toAvg | + n = + avg(Callable c, int toAvg | c.getCompilationUnit() = f and toAvg = c.getMetrics().getCyclomaticComplexity() | toAvg diff --git a/java/ql/src/Metrics/Files/FEfferentCoupling.ql b/java/ql/src/Metrics/Files/FEfferentCoupling.ql index 8fce744a577..5f171a63303 100644 --- a/java/ql/src/Metrics/Files/FEfferentCoupling.ql +++ b/java/ql/src/Metrics/Files/FEfferentCoupling.ql @@ -15,7 +15,8 @@ import java from CompilationUnit f, int n where - n = count(File g | + n = + count(File g | exists(Class c | c.fromSource() and c.getCompilationUnit() = g | exists(Class d | d.fromSource() and d.getCompilationUnit() = f | depends(d, c)) ) diff --git a/java/ql/src/Metrics/Files/FLinesOfDuplicatedCode.ql b/java/ql/src/Metrics/Files/FLinesOfDuplicatedCode.ql index d443e3a6741..30a14df6c60 100644 --- a/java/ql/src/Metrics/Files/FLinesOfDuplicatedCode.ql +++ b/java/ql/src/Metrics/Files/FLinesOfDuplicatedCode.ql @@ -16,7 +16,8 @@ import external.CodeDuplication from File f, int n where - n = count(int line | + n = + count(int line | exists(DuplicateBlock d | d.sourceFile() = f | line in [d.sourceStartLine() .. d.sourceEndLine()] and not whitelistedLineForDuplication(f, line) diff --git a/java/ql/src/Metrics/Files/FLinesOfSimilarCode.ql b/java/ql/src/Metrics/Files/FLinesOfSimilarCode.ql index 3ef0b03cd59..b8d503bb01a 100644 --- a/java/ql/src/Metrics/Files/FLinesOfSimilarCode.ql +++ b/java/ql/src/Metrics/Files/FLinesOfSimilarCode.ql @@ -14,7 +14,8 @@ import external.CodeDuplication from File f, int n where - n = count(int line | + n = + count(int line | exists(SimilarBlock d | d.sourceFile() = f | line in [d.sourceStartLine() .. d.sourceEndLine()] and not whitelistedLineForDuplication(f, line) diff --git a/java/ql/src/Metrics/Files/FSelfContainedness.ql b/java/ql/src/Metrics/Files/FSelfContainedness.ql index 49b04589d4d..6831e2c3f73 100644 --- a/java/ql/src/Metrics/Files/FSelfContainedness.ql +++ b/java/ql/src/Metrics/Files/FSelfContainedness.ql @@ -14,12 +14,14 @@ import java from CompilationUnit f, float selfContaindness, int efferentSourceCoupling, int efferentCoupling where - efferentSourceCoupling = count(CompilationUnit g | + efferentSourceCoupling = + count(CompilationUnit g | exists(RefType c | c.fromSource() and c.getCompilationUnit() = g | exists(RefType d | d.fromSource() and d.getCompilationUnit() = f | depends(d, c)) ) ) and - efferentCoupling = count(CompilationUnit g | + efferentCoupling = + count(CompilationUnit g | exists(RefType c | c.getCompilationUnit() = g | exists(RefType d | d.fromSource() and d.getCompilationUnit() = f | depends(d, c)) ) diff --git a/java/ql/src/Metrics/Internal/Extents.qll b/java/ql/src/Metrics/Internal/Extents.qll index 47ee9a850a6..a434a55e6ec 100644 --- a/java/ql/src/Metrics/Internal/Extents.qll +++ b/java/ql/src/Metrics/Internal/Extents.qll @@ -52,7 +52,8 @@ class RangeRefType extends RefType { } private Member lastMember() { - result = max(this.getAMember() as m + result = + max(this.getAMember() as m order by m.getLocation().getStartLine(), m.getLocation().getStartColumn() ) diff --git a/java/ql/src/Metrics/RefTypes/TPercentageOfComments.ql b/java/ql/src/Metrics/RefTypes/TPercentageOfComments.ql index f2258282c99..8efd95b243c 100644 --- a/java/ql/src/Metrics/RefTypes/TPercentageOfComments.ql +++ b/java/ql/src/Metrics/RefTypes/TPercentageOfComments.ql @@ -15,6 +15,7 @@ import java from RefType t, int n where t.fromSource() and - n = (100 * t.getMetrics().getNumberOfCommentLines()) / + n = + (100 * t.getMetrics().getNumberOfCommentLines()) / (t.getMetrics().getNumberOfCommentLines() + t.getMetrics().getNumberOfLinesOfCode()) select t, n order by n desc diff --git a/java/ql/src/Performance/InefficientKeySetIterator.ql b/java/ql/src/Performance/InefficientKeySetIterator.ql index 73e1dd3aa72..c8469d7aa53 100644 --- a/java/ql/src/Performance/InefficientKeySetIterator.ql +++ b/java/ql/src/Performance/InefficientKeySetIterator.ql @@ -60,8 +60,6 @@ from MethodAccess ma, Method get where ma.getMethod() = get and get.hasName("get") and - ma.getAnArgument().(VarAccess).getVariable().(Key).getBase().getBase() = ma - .getQualifier() - .(VarAccess) - .getVariable() + ma.getAnArgument().(VarAccess).getVariable().(Key).getBase().getBase() = + ma.getQualifier().(VarAccess).getVariable() select ma, "Inefficient use of key set iterator instead of entry set iterator." diff --git a/java/ql/src/Security/CWE/CWE-798/SensitiveApi.qll b/java/ql/src/Security/CWE/CWE-798/SensitiveApi.qll index 90f781bd16f..d4611b53575 100644 --- a/java/ql/src/Security/CWE/CWE-798/SensitiveApi.qll +++ b/java/ql/src/Security/CWE/CWE-798/SensitiveApi.qll @@ -24,8 +24,10 @@ private predicate javaApiCallablePasswordParam(string s) { s = "com.sun.net.ssl.KeyManagerFactory;init(KeyStore, char[]);1" or s = "com.sun.net.ssl.KeyManagerFactorySpi;engineInit(KeyStore, char[]);1" or s = "com.sun.net.ssl.KeyManagerFactorySpiWrapper;engineInit(KeyStore, char[]);1" or - s = "com.sun.org.apache.xml.internal.security.keys.keyresolver.implementations.PrivateKeyResolver;PrivateKeyResolver(KeyStore, char[]);1" or - s = "com.sun.org.apache.xml.internal.security.keys.keyresolver.implementations.SecretKeyResolver;SecretKeyResolver(KeyStore, char[]);1" or + s = + "com.sun.org.apache.xml.internal.security.keys.keyresolver.implementations.PrivateKeyResolver;PrivateKeyResolver(KeyStore, char[]);1" or + s = + "com.sun.org.apache.xml.internal.security.keys.keyresolver.implementations.SecretKeyResolver;SecretKeyResolver(KeyStore, char[]);1" or s = "com.sun.rowset.JdbcRowSetImpl;JdbcRowSetImpl(String, String, String);2" or s = "com.sun.rowset.JdbcRowSetImpl;setPassword(String);0" or s = "com.sun.security.auth.module.JndiLoginModule;verifyPassword(String, String);1" or @@ -33,15 +35,18 @@ private predicate javaApiCallablePasswordParam(string s) { s = "com.sun.security.ntlm.Client;Client(String, String, String, String, char[]);4" or s = "com.sun.security.ntlm.NTLM;getP2(char[]);0" or s = "com.sun.security.ntlm.NTLM;getP1(char[]);0" or - s = "com.sun.security.sasl.digest.DigestMD5Base;generateResponseValue(String, String, String, String, String, char[], byte[], byte[], int, byte[]);5" or - s = "com.sun.security.sasl.digest.DigestMD5Server;generateResponseAuth(String, char[], byte[], int, byte[]);1" or + s = + "com.sun.security.sasl.digest.DigestMD5Base;generateResponseValue(String, String, String, String, String, char[], byte[], byte[], int, byte[]);5" or + s = + "com.sun.security.sasl.digest.DigestMD5Server;generateResponseAuth(String, char[], byte[], int, byte[]);1" or s = "com.sun.tools.internal.ws.wscompile.AuthInfo;AuthInfo(URL, String, String);2" or s = "java.net.PasswordAuthentication;PasswordAuthentication(String, char[]);1" or s = "java.security.KeyStore;setKeyEntry(String, Key, char[], Certificate[]);2" or s = "java.security.KeyStore;store(OutputStream, char[]);1" or s = "java.security.KeyStore;getKey(String, char[]);1" or s = "java.security.KeyStore;load(InputStream, char[]);1" or - s = "java.security.KeyStore$PasswordProtection;PasswordProtection(char[], String, AlgorithmParameterSpec);0" or + s = + "java.security.KeyStore$PasswordProtection;PasswordProtection(char[], String, AlgorithmParameterSpec);0" or s = "java.security.KeyStore$PasswordProtection;PasswordProtection(char[]);0" or s = "java.security.KeyStoreSpi;engineStore(OutputStream, char[]);1" or s = "java.security.KeyStoreSpi;engineLoad(InputStream, char[]);1" or @@ -66,12 +71,14 @@ private predicate javaApiCallablePasswordParam(string s) { s = "sun.net.ftp.impl.FtpClient;login(String, char[]);1" or s = "sun.net.ftp.impl.FtpClient;tryLogin(String, char[]);1" or s = "sun.net.www.protocol.http.DigestAuthentication;encode(String, char[], MessageDigest);1" or - s = "sun.net.www.protocol.http.DigestAuthentication;computeDigest(boolean, String, char[], String, String, String, String, String, String);2" or + s = + "sun.net.www.protocol.http.DigestAuthentication;computeDigest(boolean, String, char[], String, String, String, String, String, String);2" or s = "sun.security.krb5.EncryptionKey;acquireSecretKey(char[], String, int, byte[]);0" or s = "sun.security.krb5.EncryptionKey;stringToKey(char[], String, byte[], int);0" or s = "sun.security.krb5.EncryptionKey;EncryptionKey(char[], String, String);0" or s = "sun.security.krb5.EncryptionKey;acquireSecretKeys(char[], String);0" or - s = "sun.security.krb5.EncryptionKey;acquireSecretKey(PrincipalName, char[], int, SaltAndParams);1" or + s = + "sun.security.krb5.EncryptionKey;acquireSecretKey(PrincipalName, char[], int, SaltAndParams);1" or s = "sun.security.krb5.KrbAsRep;decryptUsingPassword(char[], KrbAsReq, PrincipalName);0" or s = "sun.security.krb5.internal.crypto.Aes128;stringToKey(char[], String, byte[]);0" or s = "sun.security.krb5.internal.crypto.Aes256;stringToKey(char[], String, byte[]);0" or @@ -109,7 +116,8 @@ private predicate javaApiCallablePasswordParam(string s) { s = "sun.security.ssl.KeyManagerFactoryImpl$X509;engineInit(KeyStore, char[]);1" or s = "sun.security.ssl.SunX509KeyManagerImpl;SunX509KeyManagerImpl(KeyStore, char[]);1" or s = "sun.security.tools.keytool.Main;getNewPasswd(String, char[]);1" or - s = "sun.tools.jconsole.ConnectDialog;setConnectionParameters(String, String, int, String, String, String);4" or + s = + "sun.tools.jconsole.ConnectDialog;setConnectionParameters(String, String, int, String, String, String);4" or s = "sun.tools.jconsole.JConsole;addHost(String, int, String, String);3" or s = "sun.tools.jconsole.JConsole;addUrl(String, String, String, boolean);2" or s = "sun.tools.jconsole.JConsole;addHost(String, int, String, String, boolean);3" or @@ -136,20 +144,26 @@ predicate javaApiCallableUsernameParam(Callable c, int i) { private predicate javaApiCallableUsernameParam(string s) { // Auto-generated using an auxiliary query run on the JDK source code. s = "com.sun.istack.internal.tools.DefaultAuthenticator$AuthInfo;AuthInfo(URL, String, String);1" or - s = "com.sun.jndi.ldap.DigestClientId;DigestClientId(int, String, int, String, Control[], OutputStream, String, String, Object, Hashtable);7" or - s = "com.sun.jndi.ldap.LdapClient;getInstance(boolean, String, int, String, int, int, OutputStream, int, String, Control[], String, String, Object, Hashtable);11" or - s = "com.sun.jndi.ldap.LdapPoolManager;getLdapClient(String, int, String, int, int, OutputStream, int, String, Control[], String, String, Object, Hashtable);10" or - s = "com.sun.jndi.ldap.SimpleClientId;SimpleClientId(int, String, int, String, Control[], OutputStream, String, String, Object);7" or + s = + "com.sun.jndi.ldap.DigestClientId;DigestClientId(int, String, int, String, Control[], OutputStream, String, String, Object, Hashtable);7" or + s = + "com.sun.jndi.ldap.LdapClient;getInstance(boolean, String, int, String, int, int, OutputStream, int, String, Control[], String, String, Object, Hashtable);11" or + s = + "com.sun.jndi.ldap.LdapPoolManager;getLdapClient(String, int, String, int, int, OutputStream, int, String, Control[], String, String, Object, Hashtable);10" or + s = + "com.sun.jndi.ldap.SimpleClientId;SimpleClientId(int, String, int, String, Control[], OutputStream, String, String, Object);7" or s = "com.sun.net.httpserver.BasicAuthenticator;checkCredentials(String, String);0" or s = "com.sun.net.httpserver.HttpPrincipal;HttpPrincipal(String, String);0" or s = "com.sun.rowset.JdbcRowSetImpl;JdbcRowSetImpl(String, String, String);1" or s = "com.sun.security.ntlm.Client;Client(String, String, String, String, char[]);2" or s = "com.sun.security.ntlm.Server;getPassword(String, String);1" or - s = "com.sun.security.sasl.digest.DigestMD5Server;generateResponseAuth(String, char[], byte[], int, byte[]);0" or + s = + "com.sun.security.sasl.digest.DigestMD5Server;generateResponseAuth(String, char[], byte[], int, byte[]);0" or s = "com.sun.tools.internal.ws.wscompile.AuthInfo;AuthInfo(URL, String, String);1" or s = "java.net.PasswordAuthentication;PasswordAuthentication(String, char[]);0" or s = "java.sql.DriverManager;getConnection(String, String, String);1" or - s = "javax.print.attribute.standard.JobOriginatingUserName;JobOriginatingUserName(String, Locale);0" or + s = + "javax.print.attribute.standard.JobOriginatingUserName;JobOriginatingUserName(String, Locale);0" or s = "javax.print.attribute.standard.RequestingUserName;RequestingUserName(String, Locale);0" or s = "javax.sql.ConnectionPoolDataSource;getPooledConnection(String, String);0" or s = "javax.sql.DataSource;getConnection(String, String);0" or @@ -157,7 +171,8 @@ private predicate javaApiCallableUsernameParam(string s) { s = "sun.jvmstat.perfdata.monitor.protocol.local.LocalVmManager;LocalVmManager(String);0" or s = "sun.jvmstat.perfdata.monitor.protocol.local.PerfDataFile;getFile(String, int);0" or s = "sun.jvmstat.perfdata.monitor.protocol.local.PerfDataFile;getTempDirectory(String);0" or - s = "sun.jvmstat.perfdata.monitor.protocol.rmi.RemoteVmManager;RemoteVmManager(RemoteHost, String);1" or + s = + "sun.jvmstat.perfdata.monitor.protocol.rmi.RemoteVmManager;RemoteVmManager(RemoteHost, String);1" or s = "sun.misc.Perf;attach(String, int, int);0" or s = "sun.misc.Perf;attach(String, int, String);0" or s = "sun.misc.Perf;attachImpl(String, int, int);0" or @@ -167,9 +182,11 @@ private predicate javaApiCallableUsernameParam(string s) { s = "sun.net.ftp.impl.FtpClient;login(String, char[], String);0" or s = "sun.net.ftp.impl.FtpClient;tryLogin(String, char[]);0" or s = "sun.net.ftp.impl.FtpClient;login(String, char[]);0" or - s = "sun.net.www.protocol.http.DigestAuthentication;computeDigest(boolean, String, char[], String, String, String, String, String, String);1" or + s = + "sun.net.www.protocol.http.DigestAuthentication;computeDigest(boolean, String, char[], String, String, String, String, String, String);1" or s = "sun.security.acl.PrincipalImpl;PrincipalImpl(String);0" or - s = "sun.tools.jconsole.ConnectDialog;setConnectionParameters(String, String, int, String, String, String);3" or + s = + "sun.tools.jconsole.ConnectDialog;setConnectionParameters(String, String, int, String, String, String);3" or s = "sun.tools.jconsole.JConsole;failed(Exception, String, String, String);2" or s = "sun.tools.jconsole.JConsole;addHost(String, int, String, String, boolean);2" or s = "sun.tools.jconsole.JConsole;addUrl(String, String, String, boolean);1" or @@ -241,16 +258,22 @@ private predicate javaApiCallableCryptoKeyParam(string s) { s = "com.sun.crypto.provider.PBEWithMD5AndTripleDESCipher;engineUnwrap(byte[], String, int);0" or s = "com.sun.crypto.provider.PCBC;init(boolean, String, byte[], byte[]);2" or s = "com.sun.crypto.provider.PKCS12PBECipherCore;implUnwrap(byte[], String, int);0" or - s = "com.sun.crypto.provider.PKCS12PBECipherCore$PBEWithSHA1AndDESede;engineUnwrap(byte[], String, int);0" or - s = "com.sun.crypto.provider.PKCS12PBECipherCore$PBEWithSHA1AndRC2_128;engineUnwrap(byte[], String, int);0" or - s = "com.sun.crypto.provider.PKCS12PBECipherCore$PBEWithSHA1AndRC2_40;engineUnwrap(byte[], String, int);0" or - s = "com.sun.crypto.provider.PKCS12PBECipherCore$PBEWithSHA1AndRC4_128;engineUnwrap(byte[], String, int);0" or - s = "com.sun.crypto.provider.PKCS12PBECipherCore$PBEWithSHA1AndRC4_40;engineUnwrap(byte[], String, int);0" or + s = + "com.sun.crypto.provider.PKCS12PBECipherCore$PBEWithSHA1AndDESede;engineUnwrap(byte[], String, int);0" or + s = + "com.sun.crypto.provider.PKCS12PBECipherCore$PBEWithSHA1AndRC2_128;engineUnwrap(byte[], String, int);0" or + s = + "com.sun.crypto.provider.PKCS12PBECipherCore$PBEWithSHA1AndRC2_40;engineUnwrap(byte[], String, int);0" or + s = + "com.sun.crypto.provider.PKCS12PBECipherCore$PBEWithSHA1AndRC4_128;engineUnwrap(byte[], String, int);0" or + s = + "com.sun.crypto.provider.PKCS12PBECipherCore$PBEWithSHA1AndRC4_40;engineUnwrap(byte[], String, int);0" or s = "com.sun.crypto.provider.RC2Cipher;engineUnwrap(byte[], String, int);0" or s = "com.sun.crypto.provider.RC2Crypt;init(boolean, String, byte[]);2" or s = "com.sun.crypto.provider.RSACipher;engineUnwrap(byte[], String, int);0" or s = "com.sun.crypto.provider.SymmetricCipher;init(boolean, String, byte[]);2" or - s = "com.sun.crypto.provider.TlsMasterSecretGenerator$TlsMasterSecretKey;TlsMasterSecretKey(byte[], int, int);0" or + s = + "com.sun.crypto.provider.TlsMasterSecretGenerator$TlsMasterSecretKey;TlsMasterSecretKey(byte[], int, int);0" or s = "java.security.KeyStore;setKeyEntry(String, byte[], Certificate[]);1" or s = "java.security.KeyStoreSpi;engineSetKeyEntry(String, byte[], Certificate[]);1" or s = "java.security.cert.X509CertSelector;setSubjectPublicKey(byte[]);0" or @@ -270,17 +293,24 @@ private predicate javaApiCallableCryptoKeyParam(string s) { s = "javax.crypto.spec.SecretKeySpec;SecretKeySpec(byte[], String);0" or s = "javax.crypto.spec.SecretKeySpec;SecretKeySpec(byte[], int, int, String);0" or s = "javax.security.auth.kerberos.KerberosKey;KerberosKey(KerberosPrincipal, byte[], int, int);1" or - s = "javax.security.auth.kerberos.KerberosTicket;KerberosTicket(byte[], KerberosPrincipal, KerberosPrincipal, byte[], int, boolean[], Date, Date, Date, Date, InetAddress[]);3" or - s = "javax.security.auth.kerberos.KerberosTicket;init(byte[], KerberosPrincipal, KerberosPrincipal, byte[], int, boolean[], Date, Date, Date, Date, InetAddress[]);3" or + s = + "javax.security.auth.kerberos.KerberosTicket;KerberosTicket(byte[], KerberosPrincipal, KerberosPrincipal, byte[], int, boolean[], Date, Date, Date, Date, InetAddress[]);3" or + s = + "javax.security.auth.kerberos.KerberosTicket;init(byte[], KerberosPrincipal, KerberosPrincipal, byte[], int, boolean[], Date, Date, Date, Date, InetAddress[]);3" or s = "javax.security.auth.kerberos.KeyImpl;KeyImpl(byte[], int);0" or s = "sun.security.jgss.krb5.CipherHelper;getInitializedDes(boolean, byte[], byte[]);1" or s = "sun.security.jgss.krb5.CipherHelper;getDesCbcChecksum(byte[], byte[], byte[], int, int);0" or s = "sun.security.jgss.krb5.CipherHelper;getDesEncryptionKey(byte[]);0" or - s = "sun.security.jgss.krb5.CipherHelper;desCbcDecrypt(WrapToken, byte[], byte[], int, int, byte[], int);1" or - s = "sun.security.jgss.krb5.CipherHelper;desCbcDecrypt(WrapToken, byte[], InputStream, int, byte[], int);1" or - s = "sun.security.jgss.krb5.Krb5InitCredential;Krb5InitCredential(Krb5NameElement, byte[], KerberosPrincipal, KerberosPrincipal, byte[], int, boolean[], Date, Date, Date, Date, InetAddress[]);4" or - s = "sun.security.jgss.krb5.Krb5InitCredential;Krb5InitCredential(Krb5NameElement, Credentials, byte[], KerberosPrincipal, KerberosPrincipal, byte[], int, boolean[], Date, Date, Date, Date, InetAddress[]);5" or - s = "sun.security.krb5.Credentials;Credentials(byte[], String, String, byte[], int, boolean[], Date, Date, Date, Date, InetAddress[]);3" or + s = + "sun.security.jgss.krb5.CipherHelper;desCbcDecrypt(WrapToken, byte[], byte[], int, int, byte[], int);1" or + s = + "sun.security.jgss.krb5.CipherHelper;desCbcDecrypt(WrapToken, byte[], InputStream, int, byte[], int);1" or + s = + "sun.security.jgss.krb5.Krb5InitCredential;Krb5InitCredential(Krb5NameElement, byte[], KerberosPrincipal, KerberosPrincipal, byte[], int, boolean[], Date, Date, Date, Date, InetAddress[]);4" or + s = + "sun.security.jgss.krb5.Krb5InitCredential;Krb5InitCredential(Krb5NameElement, Credentials, byte[], KerberosPrincipal, KerberosPrincipal, byte[], int, boolean[], Date, Date, Date, Date, InetAddress[]);5" or + s = + "sun.security.krb5.Credentials;Credentials(byte[], String, String, byte[], int, boolean[], Date, Date, Date, Date, InetAddress[]);3" or s = "sun.security.krb5.EncryptionKey;EncryptionKey(int, byte[]);1" or s = "sun.security.krb5.EncryptionKey;EncryptionKey(byte[], int, Integer);0" or s = "sun.security.krb5.internal.crypto.Aes128;decryptRaw(byte[], int, byte[], byte[], int, int);0" or @@ -288,34 +318,49 @@ private predicate javaApiCallableCryptoKeyParam(string s) { s = "sun.security.krb5.internal.crypto.Aes128;decrypt(byte[], int, byte[], byte[], int, int);0" or s = "sun.security.krb5.internal.crypto.Aes128;encryptRaw(byte[], int, byte[], byte[], int, int);0" or s = "sun.security.krb5.internal.crypto.Aes128;encrypt(byte[], int, byte[], byte[], int, int);0" or - s = "sun.security.krb5.internal.crypto.Aes128CtsHmacSha1EType;encrypt(byte[], byte[], byte[], int);1" or + s = + "sun.security.krb5.internal.crypto.Aes128CtsHmacSha1EType;encrypt(byte[], byte[], byte[], int);1" or s = "sun.security.krb5.internal.crypto.Aes128CtsHmacSha1EType;decrypt(byte[], byte[], int);1" or s = "sun.security.krb5.internal.crypto.Aes128CtsHmacSha1EType;encrypt(byte[], byte[], int);1" or - s = "sun.security.krb5.internal.crypto.Aes128CtsHmacSha1EType;decrypt(byte[], byte[], byte[], int);1" or + s = + "sun.security.krb5.internal.crypto.Aes128CtsHmacSha1EType;decrypt(byte[], byte[], byte[], int);1" or s = "sun.security.krb5.internal.crypto.Aes256;encrypt(byte[], int, byte[], byte[], int, int);0" or s = "sun.security.krb5.internal.crypto.Aes256;decryptRaw(byte[], int, byte[], byte[], int, int);0" or s = "sun.security.krb5.internal.crypto.Aes256;calculateChecksum(byte[], int, byte[], int, int);0" or s = "sun.security.krb5.internal.crypto.Aes256;encryptRaw(byte[], int, byte[], byte[], int, int);0" or s = "sun.security.krb5.internal.crypto.Aes256;decrypt(byte[], int, byte[], byte[], int, int);0" or - s = "sun.security.krb5.internal.crypto.Aes256CtsHmacSha1EType;encrypt(byte[], byte[], byte[], int);1" or - s = "sun.security.krb5.internal.crypto.Aes256CtsHmacSha1EType;decrypt(byte[], byte[], byte[], int);1" or + s = + "sun.security.krb5.internal.crypto.Aes256CtsHmacSha1EType;encrypt(byte[], byte[], byte[], int);1" or + s = + "sun.security.krb5.internal.crypto.Aes256CtsHmacSha1EType;decrypt(byte[], byte[], byte[], int);1" or s = "sun.security.krb5.internal.crypto.Aes256CtsHmacSha1EType;decrypt(byte[], byte[], int);1" or s = "sun.security.krb5.internal.crypto.Aes256CtsHmacSha1EType;encrypt(byte[], byte[], int);1" or - s = "sun.security.krb5.internal.crypto.ArcFourHmac;encryptRaw(byte[], int, byte[], byte[], int, int);0" or - s = "sun.security.krb5.internal.crypto.ArcFourHmac;decryptRaw(byte[], int, byte[], byte[], int, int, byte[]);0" or - s = "sun.security.krb5.internal.crypto.ArcFourHmac;decrypt(byte[], int, byte[], byte[], int, int);0" or - s = "sun.security.krb5.internal.crypto.ArcFourHmac;decryptSeq(byte[], int, byte[], byte[], int, int);0" or - s = "sun.security.krb5.internal.crypto.ArcFourHmac;encrypt(byte[], int, byte[], byte[], int, int);0" or - s = "sun.security.krb5.internal.crypto.ArcFourHmac;calculateChecksum(byte[], int, byte[], int, int);0" or - s = "sun.security.krb5.internal.crypto.ArcFourHmac;encryptSeq(byte[], int, byte[], byte[], int, int);0" or + s = + "sun.security.krb5.internal.crypto.ArcFourHmac;encryptRaw(byte[], int, byte[], byte[], int, int);0" or + s = + "sun.security.krb5.internal.crypto.ArcFourHmac;decryptRaw(byte[], int, byte[], byte[], int, int, byte[]);0" or + s = + "sun.security.krb5.internal.crypto.ArcFourHmac;decrypt(byte[], int, byte[], byte[], int, int);0" or + s = + "sun.security.krb5.internal.crypto.ArcFourHmac;decryptSeq(byte[], int, byte[], byte[], int, int);0" or + s = + "sun.security.krb5.internal.crypto.ArcFourHmac;encrypt(byte[], int, byte[], byte[], int, int);0" or + s = + "sun.security.krb5.internal.crypto.ArcFourHmac;calculateChecksum(byte[], int, byte[], int, int);0" or + s = + "sun.security.krb5.internal.crypto.ArcFourHmac;encryptSeq(byte[], int, byte[], byte[], int, int);0" or s = "sun.security.krb5.internal.crypto.ArcFourHmacEType;decrypt(byte[], byte[], int);1" or s = "sun.security.krb5.internal.crypto.ArcFourHmacEType;encrypt(byte[], byte[], int);1" or s = "sun.security.krb5.internal.crypto.ArcFourHmacEType;decrypt(byte[], byte[], byte[], int);1" or s = "sun.security.krb5.internal.crypto.ArcFourHmacEType;encrypt(byte[], byte[], byte[], int);1" or - s = "sun.security.krb5.internal.crypto.CksumType;calculateKeyedChecksum(byte[], int, byte[], int);2" or - s = "sun.security.krb5.internal.crypto.CksumType;verifyKeyedChecksum(byte[], int, byte[], byte[], int);2" or - s = "sun.security.krb5.internal.crypto.Crc32CksumType;verifyKeyedChecksum(byte[], int, byte[], byte[], int);2" or - s = "sun.security.krb5.internal.crypto.Crc32CksumType;calculateKeyedChecksum(byte[], int, byte[], int);2" or + s = + "sun.security.krb5.internal.crypto.CksumType;calculateKeyedChecksum(byte[], int, byte[], int);2" or + s = + "sun.security.krb5.internal.crypto.CksumType;verifyKeyedChecksum(byte[], int, byte[], byte[], int);2" or + s = + "sun.security.krb5.internal.crypto.Crc32CksumType;verifyKeyedChecksum(byte[], int, byte[], byte[], int);2" or + s = + "sun.security.krb5.internal.crypto.Crc32CksumType;calculateKeyedChecksum(byte[], int, byte[], int);2" or s = "sun.security.krb5.internal.crypto.Des;cbc_encrypt(byte[], byte[], byte[], byte[], boolean);2" or s = "sun.security.krb5.internal.crypto.Des;set_parity(byte[]);0" or s = "sun.security.krb5.internal.crypto.Des;bad_key(byte[]);0" or @@ -326,8 +371,10 @@ private predicate javaApiCallableCryptoKeyParam(string s) { s = "sun.security.krb5.internal.crypto.Des3;decrypt(byte[], int, byte[], byte[], int, int);0" or s = "sun.security.krb5.internal.crypto.Des3;calculateChecksum(byte[], int, byte[], int, int);0" or s = "sun.security.krb5.internal.crypto.Des3CbcHmacSha1KdEType;encrypt(byte[], byte[], int);1" or - s = "sun.security.krb5.internal.crypto.Des3CbcHmacSha1KdEType;encrypt(byte[], byte[], byte[], int);1" or - s = "sun.security.krb5.internal.crypto.Des3CbcHmacSha1KdEType;decrypt(byte[], byte[], byte[], int);1" or + s = + "sun.security.krb5.internal.crypto.Des3CbcHmacSha1KdEType;encrypt(byte[], byte[], byte[], int);1" or + s = + "sun.security.krb5.internal.crypto.Des3CbcHmacSha1KdEType;decrypt(byte[], byte[], byte[], int);1" or s = "sun.security.krb5.internal.crypto.Des3CbcHmacSha1KdEType;decrypt(byte[], byte[], int);1" or s = "sun.security.krb5.internal.crypto.DesCbcCrcEType;decrypt(byte[], byte[], int);1" or s = "sun.security.krb5.internal.crypto.DesCbcCrcEType;encrypt(byte[], byte[], int);1" or @@ -335,59 +382,94 @@ private predicate javaApiCallableCryptoKeyParam(string s) { s = "sun.security.krb5.internal.crypto.DesCbcEType;decrypt(byte[], byte[], byte[], int);1" or s = "sun.security.krb5.internal.crypto.DesCbcEType;encrypt(byte[], byte[], byte[], int);1" or s = "sun.security.krb5.internal.crypto.DesCbcEType;decrypt(byte[], byte[], int);1" or - s = "sun.security.krb5.internal.crypto.DesMacCksumType;calculateKeyedChecksum(byte[], int, byte[], int);2" or + s = + "sun.security.krb5.internal.crypto.DesMacCksumType;calculateKeyedChecksum(byte[], int, byte[], int);2" or s = "sun.security.krb5.internal.crypto.DesMacCksumType;decryptKeyedChecksum(byte[], byte[]);1" or - s = "sun.security.krb5.internal.crypto.DesMacCksumType;verifyKeyedChecksum(byte[], int, byte[], byte[], int);2" or - s = "sun.security.krb5.internal.crypto.DesMacKCksumType;calculateKeyedChecksum(byte[], int, byte[], int);2" or - s = "sun.security.krb5.internal.crypto.DesMacKCksumType;verifyKeyedChecksum(byte[], int, byte[], byte[], int);2" or + s = + "sun.security.krb5.internal.crypto.DesMacCksumType;verifyKeyedChecksum(byte[], int, byte[], byte[], int);2" or + s = + "sun.security.krb5.internal.crypto.DesMacKCksumType;calculateKeyedChecksum(byte[], int, byte[], int);2" or + s = + "sun.security.krb5.internal.crypto.DesMacKCksumType;verifyKeyedChecksum(byte[], int, byte[], byte[], int);2" or s = "sun.security.krb5.internal.crypto.EType;encrypt(byte[], byte[], byte[], int);1" or s = "sun.security.krb5.internal.crypto.EType;decrypt(byte[], byte[], byte[], int);1" or s = "sun.security.krb5.internal.crypto.EType;decrypt(byte[], byte[], int);1" or s = "sun.security.krb5.internal.crypto.EType;encrypt(byte[], byte[], int);1" or - s = "sun.security.krb5.internal.crypto.HmacMd5ArcFourCksumType;verifyKeyedChecksum(byte[], int, byte[], byte[], int);2" or - s = "sun.security.krb5.internal.crypto.HmacMd5ArcFourCksumType;calculateKeyedChecksum(byte[], int, byte[], int);2" or - s = "sun.security.krb5.internal.crypto.HmacSha1Aes128CksumType;verifyKeyedChecksum(byte[], int, byte[], byte[], int);2" or - s = "sun.security.krb5.internal.crypto.HmacSha1Aes128CksumType;calculateKeyedChecksum(byte[], int, byte[], int);2" or - s = "sun.security.krb5.internal.crypto.HmacSha1Aes256CksumType;verifyKeyedChecksum(byte[], int, byte[], byte[], int);2" or - s = "sun.security.krb5.internal.crypto.HmacSha1Aes256CksumType;calculateKeyedChecksum(byte[], int, byte[], int);2" or - s = "sun.security.krb5.internal.crypto.HmacSha1Des3KdCksumType;calculateKeyedChecksum(byte[], int, byte[], int);2" or - s = "sun.security.krb5.internal.crypto.HmacSha1Des3KdCksumType;verifyKeyedChecksum(byte[], int, byte[], byte[], int);2" or + s = + "sun.security.krb5.internal.crypto.HmacMd5ArcFourCksumType;verifyKeyedChecksum(byte[], int, byte[], byte[], int);2" or + s = + "sun.security.krb5.internal.crypto.HmacMd5ArcFourCksumType;calculateKeyedChecksum(byte[], int, byte[], int);2" or + s = + "sun.security.krb5.internal.crypto.HmacSha1Aes128CksumType;verifyKeyedChecksum(byte[], int, byte[], byte[], int);2" or + s = + "sun.security.krb5.internal.crypto.HmacSha1Aes128CksumType;calculateKeyedChecksum(byte[], int, byte[], int);2" or + s = + "sun.security.krb5.internal.crypto.HmacSha1Aes256CksumType;verifyKeyedChecksum(byte[], int, byte[], byte[], int);2" or + s = + "sun.security.krb5.internal.crypto.HmacSha1Aes256CksumType;calculateKeyedChecksum(byte[], int, byte[], int);2" or + s = + "sun.security.krb5.internal.crypto.HmacSha1Des3KdCksumType;calculateKeyedChecksum(byte[], int, byte[], int);2" or + s = + "sun.security.krb5.internal.crypto.HmacSha1Des3KdCksumType;verifyKeyedChecksum(byte[], int, byte[], byte[], int);2" or s = "sun.security.krb5.internal.crypto.NullEType;decrypt(byte[], byte[], byte[], int);1" or s = "sun.security.krb5.internal.crypto.NullEType;decrypt(byte[], byte[], int);1" or s = "sun.security.krb5.internal.crypto.NullEType;encrypt(byte[], byte[], byte[], int);1" or s = "sun.security.krb5.internal.crypto.NullEType;encrypt(byte[], byte[], int);1" or - s = "sun.security.krb5.internal.crypto.RsaMd5CksumType;verifyKeyedChecksum(byte[], int, byte[], byte[], int);2" or - s = "sun.security.krb5.internal.crypto.RsaMd5CksumType;calculateKeyedChecksum(byte[], int, byte[], int);2" or + s = + "sun.security.krb5.internal.crypto.RsaMd5CksumType;verifyKeyedChecksum(byte[], int, byte[], byte[], int);2" or + s = + "sun.security.krb5.internal.crypto.RsaMd5CksumType;calculateKeyedChecksum(byte[], int, byte[], int);2" or s = "sun.security.krb5.internal.crypto.RsaMd5DesCksumType;decryptKeyedChecksum(byte[], byte[]);1" or - s = "sun.security.krb5.internal.crypto.RsaMd5DesCksumType;verifyKeyedChecksum(byte[], int, byte[], byte[], int);2" or - s = "sun.security.krb5.internal.crypto.RsaMd5DesCksumType;calculateKeyedChecksum(byte[], int, byte[], int);2" or - s = "sun.security.krb5.internal.crypto.dk.AesDkCrypto;encryptCTS(byte[], int, byte[], byte[], byte[], int, int, boolean);0" or - s = "sun.security.krb5.internal.crypto.dk.AesDkCrypto;decrypt(byte[], int, byte[], byte[], int, int);0" or - s = "sun.security.krb5.internal.crypto.dk.AesDkCrypto;encryptRaw(byte[], int, byte[], byte[], int, int);0" or - s = "sun.security.krb5.internal.crypto.dk.AesDkCrypto;calculateChecksum(byte[], int, byte[], int, int);0" or - s = "sun.security.krb5.internal.crypto.dk.AesDkCrypto;encrypt(byte[], int, byte[], byte[], byte[], int, int);0" or + s = + "sun.security.krb5.internal.crypto.RsaMd5DesCksumType;verifyKeyedChecksum(byte[], int, byte[], byte[], int);2" or + s = + "sun.security.krb5.internal.crypto.RsaMd5DesCksumType;calculateKeyedChecksum(byte[], int, byte[], int);2" or + s = + "sun.security.krb5.internal.crypto.dk.AesDkCrypto;encryptCTS(byte[], int, byte[], byte[], byte[], int, int, boolean);0" or + s = + "sun.security.krb5.internal.crypto.dk.AesDkCrypto;decrypt(byte[], int, byte[], byte[], int, int);0" or + s = + "sun.security.krb5.internal.crypto.dk.AesDkCrypto;encryptRaw(byte[], int, byte[], byte[], int, int);0" or + s = + "sun.security.krb5.internal.crypto.dk.AesDkCrypto;calculateChecksum(byte[], int, byte[], int, int);0" or + s = + "sun.security.krb5.internal.crypto.dk.AesDkCrypto;encrypt(byte[], int, byte[], byte[], byte[], int, int);0" or s = "sun.security.krb5.internal.crypto.dk.AesDkCrypto;getHmac(byte[], byte[]);0" or s = "sun.security.krb5.internal.crypto.dk.AesDkCrypto;getCipher(byte[], byte[], int);0" or - s = "sun.security.krb5.internal.crypto.dk.AesDkCrypto;decryptRaw(byte[], int, byte[], byte[], int, int);0" or - s = "sun.security.krb5.internal.crypto.dk.AesDkCrypto;decryptCTS(byte[], int, byte[], byte[], int, int, boolean);0" or - s = "sun.security.krb5.internal.crypto.dk.ArcFourCrypto;decryptSeq(byte[], int, byte[], byte[], int, int);0" or - s = "sun.security.krb5.internal.crypto.dk.ArcFourCrypto;decryptRaw(byte[], int, byte[], byte[], int, int, byte[]);0" or - s = "sun.security.krb5.internal.crypto.dk.ArcFourCrypto;decrypt(byte[], int, byte[], byte[], int, int);0" or - s = "sun.security.krb5.internal.crypto.dk.ArcFourCrypto;encryptRaw(byte[], int, byte[], byte[], int, int);0" or + s = + "sun.security.krb5.internal.crypto.dk.AesDkCrypto;decryptRaw(byte[], int, byte[], byte[], int, int);0" or + s = + "sun.security.krb5.internal.crypto.dk.AesDkCrypto;decryptCTS(byte[], int, byte[], byte[], int, int, boolean);0" or + s = + "sun.security.krb5.internal.crypto.dk.ArcFourCrypto;decryptSeq(byte[], int, byte[], byte[], int, int);0" or + s = + "sun.security.krb5.internal.crypto.dk.ArcFourCrypto;decryptRaw(byte[], int, byte[], byte[], int, int, byte[]);0" or + s = + "sun.security.krb5.internal.crypto.dk.ArcFourCrypto;decrypt(byte[], int, byte[], byte[], int, int);0" or + s = + "sun.security.krb5.internal.crypto.dk.ArcFourCrypto;encryptRaw(byte[], int, byte[], byte[], int, int);0" or s = "sun.security.krb5.internal.crypto.dk.ArcFourCrypto;getCipher(byte[], byte[], int);0" or - s = "sun.security.krb5.internal.crypto.dk.ArcFourCrypto;encryptSeq(byte[], int, byte[], byte[], int, int);0" or - s = "sun.security.krb5.internal.crypto.dk.ArcFourCrypto;calculateChecksum(byte[], int, byte[], int, int);0" or - s = "sun.security.krb5.internal.crypto.dk.ArcFourCrypto;encrypt(byte[], int, byte[], byte[], byte[], int, int);0" or + s = + "sun.security.krb5.internal.crypto.dk.ArcFourCrypto;encryptSeq(byte[], int, byte[], byte[], int, int);0" or + s = + "sun.security.krb5.internal.crypto.dk.ArcFourCrypto;calculateChecksum(byte[], int, byte[], int, int);0" or + s = + "sun.security.krb5.internal.crypto.dk.ArcFourCrypto;encrypt(byte[], int, byte[], byte[], byte[], int, int);0" or s = "sun.security.krb5.internal.crypto.dk.ArcFourCrypto;getHmac(byte[], byte[]);0" or s = "sun.security.krb5.internal.crypto.dk.Des3DkCrypto;keyCorrection(byte[]);0" or s = "sun.security.krb5.internal.crypto.dk.Des3DkCrypto;getCipher(byte[], byte[], int);0" or s = "sun.security.krb5.internal.crypto.dk.Des3DkCrypto;getHmac(byte[], byte[]);0" or s = "sun.security.krb5.internal.crypto.dk.Des3DkCrypto;setParityBit(byte[]);0" or - s = "sun.security.krb5.internal.crypto.dk.DkCrypto;encrypt(byte[], int, byte[], byte[], byte[], int, int);0" or - s = "sun.security.krb5.internal.crypto.dk.DkCrypto;decrypt(byte[], int, byte[], byte[], int, int);0" or - s = "sun.security.krb5.internal.crypto.dk.DkCrypto;encryptRaw(byte[], int, byte[], byte[], int, int);0" or - s = "sun.security.krb5.internal.crypto.dk.DkCrypto;calculateChecksum(byte[], int, byte[], int, int);0" or - s = "sun.security.krb5.internal.crypto.dk.DkCrypto;decryptRaw(byte[], int, byte[], byte[], int, int);0" or + s = + "sun.security.krb5.internal.crypto.dk.DkCrypto;encrypt(byte[], int, byte[], byte[], byte[], int, int);0" or + s = + "sun.security.krb5.internal.crypto.dk.DkCrypto;decrypt(byte[], int, byte[], byte[], int, int);0" or + s = + "sun.security.krb5.internal.crypto.dk.DkCrypto;encryptRaw(byte[], int, byte[], byte[], int, int);0" or + s = + "sun.security.krb5.internal.crypto.dk.DkCrypto;calculateChecksum(byte[], int, byte[], int, int);0" or + s = + "sun.security.krb5.internal.crypto.dk.DkCrypto;decryptRaw(byte[], int, byte[], byte[], int, int);0" or s = "sun.security.krb5.internal.crypto.dk.DkCrypto;getHmac(byte[], byte[]);0" or s = "sun.security.krb5.internal.crypto.dk.DkCrypto;getCipher(byte[], byte[], int);0" or s = "sun.security.krb5.internal.crypto.dk.DkCrypto;dk(byte[], byte[]);0" or @@ -423,6 +505,8 @@ predicate otherApiCallableCredentialParam(Callable c, int i) { private predicate otherApiCallableCredentialParam(string s) { s = "javax.crypto.spec.IvParameterSpec;IvParameterSpec(byte[]);0" or s = "javax.crypto.spec.IvParameterSpec;IvParameterSpec(byte[], int, int);0" or - s = "org.springframework.security.core.userdetails.User;User(String, String, boolean, boolean, boolean, boolean, Collection);0" or - s = "org.springframework.security.core.userdetails.User;User(String, String, boolean, boolean, boolean, boolean, Collection);1" + s = + "org.springframework.security.core.userdetails.User;User(String, String, boolean, boolean, boolean, boolean, Collection);0" or + s = + "org.springframework.security.core.userdetails.User;User(String, String, boolean, boolean, boolean, boolean, Collection);1" } diff --git a/java/ql/src/Violations of Best Practice/Boxed Types/BoxedVariable.ql b/java/ql/src/Violations of Best Practice/Boxed Types/BoxedVariable.ql index a5523845c24..6ef404d0af4 100644 --- a/java/ql/src/Violations of Best Practice/Boxed Types/BoxedVariable.ql +++ b/java/ql/src/Violations of Best Practice/Boxed Types/BoxedVariable.ql @@ -64,8 +64,8 @@ where forall(Expr e | e = v.getAnAssignedValue() | e.getType() = v.getPrimitiveType()) and ( not v.getDeclExpr().getParent() instanceof EnhancedForStmt or - v.getDeclExpr().getParent().(EnhancedForStmt).getExpr().getType().(Array).getComponentType() = v - .getPrimitiveType() + v.getDeclExpr().getParent().(EnhancedForStmt).getExpr().getType().(Array).getComponentType() = + v.getPrimitiveType() ) and notDeliberatelyBoxed(v) and not affectsOverload(v) diff --git a/java/ql/src/Violations of Best Practice/Comments/CommentedCode.qll b/java/ql/src/Violations of Best Practice/Comments/CommentedCode.qll index cdc8840c692..55e576635d1 100644 --- a/java/ql/src/Violations of Best Practice/Comments/CommentedCode.qll +++ b/java/ql/src/Violations of Best Practice/Comments/CommentedCode.qll @@ -35,7 +35,8 @@ private predicate looksLikeCode(JavadocText line) { * - HTML entities in hexadecimal notation (e.g. `灟`) */ private string trimmedCommentText(JavadocText line) { - result = line + result = + line .getText() .trim() .regexpReplaceAll("\\s*//.*$", "") @@ -74,7 +75,8 @@ private class JavadocFirst extends Javadoc { * The number of lines that look like code in the comment `first`, or ones that follow it. */ private int codeCount(JavadocFirst first) { - result = sum(Javadoc following | + result = + sum(Javadoc following | following = getNextComment*(first) and not hasCodeTags(following) | count(JavadocText line | line = following.getAChild() and looksLikeCode(line)) @@ -85,7 +87,8 @@ private int codeCount(JavadocFirst first) { * The number of lines in the comment `first`, or ones that follow it. */ private int anyCount(JavadocFirst first) { - result = sum(Javadoc following | + result = + sum(Javadoc following | following = getNextComment*(first) and not hasCodeTags(following) | count(JavadocText line | diff --git a/java/ql/src/Violations of Best Practice/Magic Constants/MagicConstants.qll b/java/ql/src/Violations of Best Practice/Magic Constants/MagicConstants.qll index b8db8cce18a..4b5f265754f 100644 --- a/java/ql/src/Violations of Best Practice/Magic Constants/MagicConstants.qll +++ b/java/ql/src/Violations of Best Practice/Magic Constants/MagicConstants.qll @@ -308,7 +308,8 @@ predicate isNumber(Literal lit) { predicate magicConstant(Literal e, string msg) { exists(string value, int n, string context | firstOccurrence(e, value, context, n) and - msg = "Magic constant: literal '" + value + "' is used " + n.toString() + " times in calls to " + + msg = + "Magic constant: literal '" + value + "' is used " + n.toString() + " times in calls to " + context ) } @@ -399,8 +400,9 @@ predicate literalInsteadOfConstant( ) { exists(string context | canUseFieldInsteadOfLiteral(constField, magicLiteral, context) and - message = "Literal value '" + magicLiteral.getLiteral() + "' used " + " in a call to " + context - + "; consider using the defined constant $@." and + message = + "Literal value '" + magicLiteral.getLiteral() + "' used " + " in a call to " + context + + "; consider using the defined constant $@." and linkText = constField.getName() and ( constField.getCompilationUnit() = magicLiteral.getCompilationUnit() or diff --git a/java/ql/src/Violations of Best Practice/Naming Conventions/LocalShadowsFieldConfusing.ql b/java/ql/src/Violations of Best Practice/Naming Conventions/LocalShadowsFieldConfusing.ql index 3f4867c8224..f686e18f2ee 100644 --- a/java/ql/src/Violations of Best Practice/Naming Conventions/LocalShadowsFieldConfusing.ql +++ b/java/ql/src/Violations of Best Practice/Naming Conventions/LocalShadowsFieldConfusing.ql @@ -21,12 +21,14 @@ where (if callable instanceof Constructor then callableType = "" else callableType = "method ") and ( confusingAccess(d, f) and - message = "Confusing name: " + callableType + + message = + "Confusing name: " + callableType + "$@ also refers to field $@ (without qualifying it with 'this')." or thisAccess(d, f) and not confusingAccess(d, f) and - message = "Potentially confusing name: " + callableType + "$@ also refers to field $@ (as this." - + f.getName() + ")." + message = + "Potentially confusing name: " + callableType + "$@ also refers to field $@ (as this." + + f.getName() + ")." ) select d, message, callable, callable.getName(), f, f.getName() diff --git a/java/ql/src/Violations of Best Practice/legacy/AutoBoxing.ql b/java/ql/src/Violations of Best Practice/legacy/AutoBoxing.ql index c2f59abb5a4..1f6d251b49e 100644 --- a/java/ql/src/Violations of Best Practice/legacy/AutoBoxing.ql +++ b/java/ql/src/Violations of Best Practice/legacy/AutoBoxing.ql @@ -79,7 +79,7 @@ where unboxed(e) and conv = "This expression is implicitly unboxed." or exists(Variable v | rebox(e, v) | - conv = "This expression implicitly unboxes, updates, and reboxes the value of '" + v.getName() + - "'." + conv = + "This expression implicitly unboxes, updates, and reboxes the value of '" + v.getName() + "'." ) select e, conv diff --git a/java/ql/src/external/CodeDuplication.qll b/java/ql/src/external/CodeDuplication.qll index ce01160695a..fb96e996046 100644 --- a/java/ql/src/external/CodeDuplication.qll +++ b/java/ql/src/external/CodeDuplication.qll @@ -108,7 +108,8 @@ predicate similarLines(File f, int line) { } private predicate similarLinesPerEquivalenceClass(int equivClass, int lines, File f) { - lines = strictsum(SimilarBlock b, int toSum | + lines = + strictsum(SimilarBlock b, int toSum | (b.sourceFile() = f and b.getEquivalenceClass() = equivClass) and toSum = b.sourceLines() | @@ -120,7 +121,8 @@ pragma[noopt] private predicate similarLinesCovered(File f, int coveredLines, File otherFile) { exists(int numLines | numLines = f.getTotalNumberOfLines() | exists(int coveredApprox | - coveredApprox = strictsum(int num | + coveredApprox = + strictsum(int num | exists(int equivClass | similarLinesPerEquivalenceClass(equivClass, num, f) and similarLinesPerEquivalenceClass(equivClass, num, otherFile) and @@ -143,7 +145,8 @@ predicate duplicateLines(File f, int line) { } private predicate duplicateLinesPerEquivalenceClass(int equivClass, int lines, File f) { - lines = strictsum(DuplicateBlock b, int toSum | + lines = + strictsum(DuplicateBlock b, int toSum | (b.sourceFile() = f and b.getEquivalenceClass() = equivClass) and toSum = b.sourceLines() | @@ -155,7 +158,8 @@ pragma[noopt] private predicate duplicateLinesCovered(File f, int coveredLines, File otherFile) { exists(int numLines | numLines = f.getTotalNumberOfLines() | exists(int coveredApprox | - coveredApprox = strictsum(int num | + coveredApprox = + strictsum(int num | exists(int equivClass | duplicateLinesPerEquivalenceClass(equivClass, num, f) and duplicateLinesPerEquivalenceClass(equivClass, num, otherFile) and @@ -192,7 +196,8 @@ predicate duplicateFiles(File f, File other, int percent) { predicate duplicateAnonymousClass(AnonymousClass c, AnonymousClass other) { exists(int numDup | - numDup = strictcount(Method m1 | + numDup = + strictcount(Method m1 | exists(Method m2 | duplicateMethod(m1, m2) and m1 = sourceMethod() and @@ -209,7 +214,8 @@ predicate duplicateAnonymousClass(AnonymousClass c, AnonymousClass other) { pragma[noopt] predicate mostlyDuplicateClassBase(Class c, Class other, int numDup, int total) { - numDup = strictcount(Method m1 | + numDup = + strictcount(Method m1 | exists(Method m2 | duplicateMethod(m1, m2) and m1 = sourceMethod() and diff --git a/java/ql/src/external/DefectFilter.qll b/java/ql/src/external/DefectFilter.qll index 52e7ae3e0f0..d3296315f65 100644 --- a/java/ql/src/external/DefectFilter.qll +++ b/java/ql/src/external/DefectFilter.qll @@ -48,7 +48,8 @@ class DefectResult extends int { /** Gets the URL corresponding to the location of this query result. */ string getURL() { - result = "file://" + getFile().getAbsolutePath() + ":" + getStartLine() + ":" + getStartColumn() - + ":" + getEndLine() + ":" + getEndColumn() + result = + "file://" + getFile().getAbsolutePath() + ":" + getStartLine() + ":" + getStartColumn() + ":" + + getEndLine() + ":" + getEndColumn() } } diff --git a/java/ql/src/external/MetricFilter.qll b/java/ql/src/external/MetricFilter.qll index 7f3a3eb368e..cffcae2e425 100644 --- a/java/ql/src/external/MetricFilter.qll +++ b/java/ql/src/external/MetricFilter.qll @@ -37,7 +37,8 @@ class MetricResult extends int { float getValue() { metricResults(this, _, _, _, _, _, _, result) } string getURL() { - result = "file://" + getFile().getAbsolutePath() + ":" + getStartLine() + ":" + getStartColumn() - + ":" + getEndLine() + ":" + getEndColumn() + result = + "file://" + getFile().getAbsolutePath() + ":" + getStartLine() + ":" + getStartColumn() + ":" + + getEndLine() + ":" + getEndColumn() } } diff --git a/java/ql/src/semmle/code/java/Concurrency.qll b/java/ql/src/semmle/code/java/Concurrency.qll index 0796b3dfaed..29202c8cc40 100644 --- a/java/ql/src/semmle/code/java/Concurrency.qll +++ b/java/ql/src/semmle/code/java/Concurrency.qll @@ -14,7 +14,8 @@ predicate locallySynchronizedOn(Expr e, SynchronizedStmt sync, Variable v) { */ predicate locallySynchronizedOnThis(Expr e, RefType thisType) { exists(SynchronizedStmt sync | e.getEnclosingStmt().getEnclosingStmt+() = sync | - sync.getExpr().getProperExpr().(ThisAccess).getType().(RefType).getSourceDeclaration() = thisType + sync.getExpr().getProperExpr().(ThisAccess).getType().(RefType).getSourceDeclaration() = + thisType ) or exists(SynchronizedCallable c | c = e.getEnclosingCallable() | diff --git a/java/ql/src/semmle/code/java/DependencyCounts.qll b/java/ql/src/semmle/code/java/DependencyCounts.qll index 8dd5c71f0fa..0794ceeabfc 100644 --- a/java/ql/src/semmle/code/java/DependencyCounts.qll +++ b/java/ql/src/semmle/code/java/DependencyCounts.qll @@ -27,7 +27,8 @@ predicate numDepends(RefType t, RefType dep, int value) { not isRaw(t) and not t = dep and // Type `t` depends on: - value = strictcount(Element elem | + value = + strictcount(Element elem | // its supertypes, exists(RefType s | elem = s and t.hasSupertype(s) | usesType(s, dep)) or @@ -106,7 +107,8 @@ predicate numDepends(RefType t, RefType dep, int value) { predicate filePackageDependencyCount(File sourceFile, int total, string entity) { exists(Package targetPackage | - total = strictsum(RefType sourceType, RefType targetType, int num | + total = + strictsum(RefType sourceType, RefType targetType, int num | sourceType.getFile() = sourceFile and sourceType.fromSource() and sourceType.getPackage() != targetPackage and @@ -141,7 +143,8 @@ predicate fileJarDependencyCount(File sourceFile, int total, string entity) { targetJar.(File).getExtension() = "jar" and jarStem != "rt" | - total = strictsum(RefType r, RefType dep, int num | + total = + strictsum(RefType r, RefType dep, int num | r.getFile() = sourceFile and r.fromSource() and dep.getFile().getParentContainer*() = targetJar and diff --git a/java/ql/src/semmle/code/java/Expr.qll b/java/ql/src/semmle/code/java/Expr.qll index 3b95094e46e..51312dd1dc5 100755 --- a/java/ql/src/semmle/code/java/Expr.qll +++ b/java/ql/src/semmle/code/java/Expr.qll @@ -171,7 +171,8 @@ class CompileTimeConstantExpr extends Expr { or result = this.(ParExpr).getExpr().(CompileTimeConstantExpr).getStringValue() or - result = this.(AddExpr).getLeftOperand().(CompileTimeConstantExpr).getStringValue() + + result = + this.(AddExpr).getLeftOperand().(CompileTimeConstantExpr).getStringValue() + this.(AddExpr).getRightOperand().(CompileTimeConstantExpr).getStringValue() or // Ternary conditional, with compile-time constant condition. diff --git a/java/ql/src/semmle/code/java/Generics.qll b/java/ql/src/semmle/code/java/Generics.qll index dd0737101e6..ab76b651dc0 100755 --- a/java/ql/src/semmle/code/java/Generics.qll +++ b/java/ql/src/semmle/code/java/Generics.qll @@ -332,7 +332,8 @@ class ParameterizedType extends RefType { /** Gets the number of type arguments of this parameterized type. */ int getNumberOfTypeArguments() { - result = count(int pos | + result = + count(int pos | typeArgs(_, pos, this) or typeVars(_, _, pos, _, this) ) diff --git a/java/ql/src/semmle/code/java/Modules.qll b/java/ql/src/semmle/code/java/Modules.qll index 6c7a1a5f5f1..4ee9037d40c 100755 --- a/java/ql/src/semmle/code/java/Modules.qll +++ b/java/ql/src/semmle/code/java/Modules.qll @@ -190,7 +190,8 @@ class ProvidesDirective extends Directive, @provides { string getServiceImplementationName() { providesWith(this, result) } override string toString() { - result = "provides " + getServiceInterfaceName() + " with " + + result = + "provides " + getServiceInterfaceName() + " with " + concat(getServiceImplementationName(), ", ") + ";" } } diff --git a/java/ql/src/semmle/code/java/StringFormat.qll b/java/ql/src/semmle/code/java/StringFormat.qll index 09fa7a9ee17..075471d73ca 100644 --- a/java/ql/src/semmle/code/java/StringFormat.qll +++ b/java/ql/src/semmle/code/java/StringFormat.qll @@ -175,7 +175,8 @@ class FormattingCall extends Call { then exists(Expr arg | arg = this.getArgument(1 + this.getFormatStringIndex()) | result = arg.(ArrayCreationExpr).getFirstDimensionSize() or - result = arg + result = + arg .(VarAccess) .getVariable() .getAnAssignedValue() @@ -410,7 +411,8 @@ private class PrintfFormatString extends FormatString { } override int getMaxFmtSpecIndex() { - result = max(int ix | + result = + max(int ix | ix = fmtSpecRefersToSpecificIndex(_) or ix = count(int i | fmtSpecRefersToSequentialIndex(i)) ) diff --git a/java/ql/src/semmle/code/java/Type.qll b/java/ql/src/semmle/code/java/Type.qll index 6ca46f9bca9..f08c5a5eea4 100755 --- a/java/ql/src/semmle/code/java/Type.qll +++ b/java/ql/src/semmle/code/java/Type.qll @@ -524,7 +524,8 @@ class RefType extends Type, Annotatable, Modifiable, @reftype { * Gets the JVM descriptor for this type, as used in bytecode. */ override string getTypeDescriptor() { - result = "L" + this.getPackage().getName().replaceAll(".", "/") + "/" + + result = + "L" + this.getPackage().getName().replaceAll(".", "/") + "/" + this.getSourceDeclaration().nestedName() + ";" } diff --git a/java/ql/src/semmle/code/java/UnitTests.qll b/java/ql/src/semmle/code/java/UnitTests.qll index 59e28ad524f..1f31564977f 100644 --- a/java/ql/src/semmle/code/java/UnitTests.qll +++ b/java/ql/src/semmle/code/java/UnitTests.qll @@ -160,20 +160,15 @@ class TestNGTestMethod extends Method { exists(TestNGTestAnnotation testAnnotation | testAnnotation = getAnAnnotation() and // The data provider must have the same name as the referenced data provider - result.getDataProviderName() = testAnnotation - .getValue("dataProvider") - .(StringLiteral) - .getRepresentedString() + result.getDataProviderName() = + testAnnotation.getValue("dataProvider").(StringLiteral).getRepresentedString() | // Either the data provider should be on the current class, or a supertype getDeclaringType().getAnAncestor() = result.getDeclaringType() or // Or the data provider class should be declared - result.getDeclaringType() = testAnnotation - .getValue("dataProviderClass") - .(TypeLiteral) - .getTypeName() - .getType() + result.getDeclaringType() = + testAnnotation.getValue("dataProviderClass").(TypeLiteral).getTypeName().getType() ) } } @@ -257,7 +252,8 @@ class TestNGDataProviderMethod extends Method { * Gets the name associated with this data provider. */ string getDataProviderName() { - result = getAnAnnotation() + result = + getAnAnnotation() .(TestNGDataProviderAnnotation) .getValue("name") .(StringLiteral) diff --git a/java/ql/src/semmle/code/java/dataflow/ModulusAnalysis.qll b/java/ql/src/semmle/code/java/dataflow/ModulusAnalysis.qll index 8403b1df6ab..876c746d7c0 100644 --- a/java/ql/src/semmle/code/java/dataflow/ModulusAnalysis.qll +++ b/java/ql/src/semmle/code/java/dataflow/ModulusAnalysis.qll @@ -149,11 +149,8 @@ private predicate rankedPhiInput( SsaPhiNode phi, SsaVariable inp, SsaReadPositionPhiInputEdge edge, int r ) { edge.phiInput(phi, inp) and - edge = rank[r](SsaReadPositionPhiInputEdge e | - e.phiInput(phi, _) - | - e order by getId(e.getOrigBlock()) - ) + edge = + rank[r](SsaReadPositionPhiInputEdge e | e.phiInput(phi, _) | e order by getId(e.getOrigBlock())) } /** diff --git a/java/ql/src/semmle/code/java/dataflow/SSA.qll b/java/ql/src/semmle/code/java/dataflow/SSA.qll index 02bea220281..ee397dd478f 100644 --- a/java/ql/src/semmle/code/java/dataflow/SSA.qll +++ b/java/ql/src/semmle/code/java/dataflow/SSA.qll @@ -105,7 +105,8 @@ class SsaSourceVariable extends TSsaSourceVariable { * not have a specific source code location. */ private VarAccess getFirstAccess() { - result = min(this.getAnAccess() as a + result = + min(this.getAnAccess() as a order by a.getLocation().getStartLine(), a.getLocation().getStartColumn() ) @@ -450,7 +451,8 @@ private module SsaImpl { */ private predicate callDefUseRank(TrackedField f, BasicBlock b, int rankix, int i) { updateCandidate(f, _, b, _) and - i = rank[rankix](int j | + i = + rank[rankix](int j | certainVariableUpdate(f, _, b, j) or variableUseOrCapture(f, b, j) or updateCandidate(f, _, b, j) @@ -612,7 +614,8 @@ private module SsaImpl { * basic blocks. */ private predicate defUseRank(TrackedVar v, BasicBlock b, int rankix, int i) { - i = rank[rankix](int j | + i = + rank[rankix](int j | any(TrackedSsaDef def).definesAt(v, b, j) or variableUseOrCapture(v, b, j) ) } diff --git a/java/ql/src/semmle/code/java/dataflow/TypeFlow.qll b/java/ql/src/semmle/code/java/dataflow/TypeFlow.qll index b74545ff5a4..ec3d14b8159 100644 --- a/java/ql/src/semmle/code/java/dataflow/TypeFlow.qll +++ b/java/ql/src/semmle/code/java/dataflow/TypeFlow.qll @@ -151,7 +151,8 @@ private predicate joinStep(TypeFlowNode n1, TypeFlowNode n2) { } private predicate joinStepRank1(int r, TypeFlowNode n1, TypeFlowNode n2) { - n1 = rank[r](TypeFlowNode n | + n1 = + rank[r](TypeFlowNode n | joinStep(n, n2) | n order by n.getLocation().getStartLine(), n.getLocation().getStartColumn() diff --git a/java/ql/src/semmle/code/java/dataflow/internal/BaseSSA.qll b/java/ql/src/semmle/code/java/dataflow/internal/BaseSSA.qll index a4a97d31879..3d7c23c4200 100644 --- a/java/ql/src/semmle/code/java/dataflow/internal/BaseSSA.qll +++ b/java/ql/src/semmle/code/java/dataflow/internal/BaseSSA.qll @@ -188,7 +188,8 @@ private module SsaImpl { * basic blocks. */ private predicate defUseRank(BaseSsaSourceVariable v, BasicBlock b, int rankix, int i) { - i = rank[rankix](int j | + i = + rank[rankix](int j | any(TrackedSsaDef def).definesAt(v, b, j) or variableUseOrCapture(v, b, j) ) } diff --git a/java/ql/src/semmle/code/java/dataflow/internal/DataFlowPrivate.qll b/java/ql/src/semmle/code/java/dataflow/internal/DataFlowPrivate.qll index f913252c5b3..bab214b44a9 100644 --- a/java/ql/src/semmle/code/java/dataflow/internal/DataFlowPrivate.qll +++ b/java/ql/src/semmle/code/java/dataflow/internal/DataFlowPrivate.qll @@ -100,8 +100,8 @@ private predicate variableCaptureStep(Node node1, ExprNode node2) { not exists(captured.getAUse()) and exists(SsaVariable capturedDef | capturedDef = captured.getAnUltimateDefinition() | capturedDef.(SsaImplicitInit).isParameterDefinition(node1.asParameter()) or - capturedDef.(SsaExplicitUpdate).getDefiningExpr().(VariableAssign).getSource() = node1 - .asExpr() or + capturedDef.(SsaExplicitUpdate).getDefiningExpr().(VariableAssign).getSource() = + node1.asExpr() or capturedDef.(SsaExplicitUpdate).getDefiningExpr().(AssignOp) = node1.asExpr() ) ) diff --git a/java/ql/src/semmle/code/java/dispatch/WrappedInvocation.qll b/java/ql/src/semmle/code/java/dispatch/WrappedInvocation.qll index c80efdcc65c..6c57fced300 100644 --- a/java/ql/src/semmle/code/java/dispatch/WrappedInvocation.qll +++ b/java/ql/src/semmle/code/java/dispatch/WrappedInvocation.qll @@ -37,7 +37,8 @@ class FunctionalInterface extends Interface { * `n`th parameter. */ private predicate runner(Method m, int n, Method runmethod) { - m.getParameterType(n).(RefType).getSourceDeclaration().(FunctionalInterface).getRunMethod() = runmethod and + m.getParameterType(n).(RefType).getSourceDeclaration().(FunctionalInterface).getRunMethod() = + runmethod and ( m.isNative() or diff --git a/java/ql/src/semmle/code/java/frameworks/Mockito.qll b/java/ql/src/semmle/code/java/frameworks/Mockito.qll index 63cd3782291..1745d3a9f5b 100644 --- a/java/ql/src/semmle/code/java/frameworks/Mockito.qll +++ b/java/ql/src/semmle/code/java/frameworks/Mockito.qll @@ -288,7 +288,8 @@ class MockitoSpiedField extends MockitoAnnotatedField { } private int mockableParameterCount(Constructor constructor) { - result = count(Parameter p | + result = + count(Parameter p | p = constructor.getAParameter() and p.getType() instanceof MockitoMockableType ) } diff --git a/java/ql/src/semmle/code/java/frameworks/gwt/GwtUiBinder.qll b/java/ql/src/semmle/code/java/frameworks/gwt/GwtUiBinder.qll index a1e9220898c..c74bc83915f 100644 --- a/java/ql/src/semmle/code/java/frameworks/gwt/GwtUiBinder.qll +++ b/java/ql/src/semmle/code/java/frameworks/gwt/GwtUiBinder.qll @@ -58,7 +58,8 @@ class GwtUiHandler extends Method { * Gets the name of the field for which this handler is registered. */ string getFieldName() { - result = getAnAnnotation() + result = + getAnAnnotation() .(GwtUiHandlerAnnotation) .getValue("value") .(CompileTimeConstantExpr) diff --git a/java/ql/src/semmle/code/java/frameworks/jackson/JacksonSerializability.qll b/java/ql/src/semmle/code/java/frameworks/jackson/JacksonSerializability.qll index 1fb0b37b3c6..406cf35dcf7 100644 --- a/java/ql/src/semmle/code/java/frameworks/jackson/JacksonSerializability.qll +++ b/java/ql/src/semmle/code/java/frameworks/jackson/JacksonSerializability.qll @@ -207,8 +207,8 @@ class JacksonMixedInCallable extends Callable { then // The mixed in type will have a different name to the target type, so just compare the // parameters. - result.getSignature().suffix(targetType.getName().length()) = getSignature() - .suffix(getDeclaringType().getName().length()) + result.getSignature().suffix(targetType.getName().length()) = + getSignature().suffix(getDeclaringType().getName().length()) else // Signatures should match result.getSignature() = getSignature() diff --git a/java/ql/src/semmle/code/java/frameworks/javaee/Persistence.qll b/java/ql/src/semmle/code/java/frameworks/javaee/Persistence.qll index 9347be7f345..7236f939e88 100644 --- a/java/ql/src/semmle/code/java/frameworks/javaee/Persistence.qll +++ b/java/ql/src/semmle/code/java/frameworks/javaee/Persistence.qll @@ -33,13 +33,8 @@ class PersistentEntity extends RefType { */ string getAccessTypeFromAnnotation() { exists(AccessAnnotation accessType | accessType = getAnAnnotation() | - result = accessType - .getValue("value") - .(FieldRead) - .getField() - .(EnumConstant) - .getName() - .toLowerCase() + result = + accessType.getValue("value").(FieldRead).getField().(EnumConstant).getName().toLowerCase() ) } } diff --git a/java/ql/src/semmle/code/java/frameworks/javaee/PersistenceXML.qll b/java/ql/src/semmle/code/java/frameworks/javaee/PersistenceXML.qll index d26a22a8c70..fdb0ce30431 100644 --- a/java/ql/src/semmle/code/java/frameworks/javaee/PersistenceXML.qll +++ b/java/ql/src/semmle/code/java/frameworks/javaee/PersistenceXML.qll @@ -14,11 +14,8 @@ class PersistenceXMLFile extends XMLFile { } PersistencePropertyElement getAPropertyElement() { - result = this - .getRoot() - .getAPersistenceUnitElement() - .getAPropertiesElement() - .getAPropertyElement() + result = + this.getRoot().getAPersistenceUnitElement().getAPropertiesElement().getAPropertyElement() } } diff --git a/java/ql/src/semmle/code/java/frameworks/javaee/ejb/EJB.qll b/java/ql/src/semmle/code/java/frameworks/javaee/ejb/EJB.qll index 1300ab693b2..2a9cf547739 100644 --- a/java/ql/src/semmle/code/java/frameworks/javaee/ejb/EJB.qll +++ b/java/ql/src/semmle/code/java/frameworks/javaee/ejb/EJB.qll @@ -21,11 +21,8 @@ class SessionEJB extends EJB { this.getAnAnnotation().getType().hasName("Stateful") or // XML deployment descriptor. exists(EjbJarXMLFile f | - this.getQualifiedName() = f - .getASessionElement() - .getAnEjbClassElement() - .getACharactersSet() - .getCharacters() + this.getQualifiedName() = + f.getASessionElement().getAnEjbClassElement().getACharactersSet().getCharacters() ) } @@ -160,11 +157,8 @@ class MessageDrivenBean extends EJB { or // XML deployment descriptor. exists(EjbJarXMLFile f | - this.getQualifiedName() = f - .getAMessageDrivenElement() - .getAnEjbClassElement() - .getACharactersSet() - .getCharacters() + this.getQualifiedName() = + f.getAMessageDrivenElement().getAnEjbClassElement().getACharactersSet().getCharacters() ) } } @@ -179,11 +173,8 @@ class EntityEJB extends EJB { or // XML deployment descriptor. exists(EjbJarXMLFile f | - this.getQualifiedName() = f - .getAnEntityElement() - .getAnEjbClassElement() - .getACharactersSet() - .getCharacters() + this.getQualifiedName() = + f.getAnEntityElement().getAnEjbClassElement().getACharactersSet().getCharacters() ) } } @@ -253,11 +244,8 @@ abstract class BusinessInterface extends Interface { class XmlSpecifiedBusinessInterface extends BusinessInterface { XmlSpecifiedBusinessInterface() { exists(EjbJarXMLFile f | - this.getQualifiedName() = f - .getASessionElement() - .getABusinessElement() - .getACharactersSet() - .getCharacters() + this.getQualifiedName() = + f.getASessionElement().getABusinessElement().getACharactersSet().getCharacters() ) } @@ -271,21 +259,15 @@ class XmlSpecifiedBusinessInterface extends BusinessInterface { override predicate isLocal() { exists(EjbJarXMLFile f | - this.getQualifiedName() = f - .getASessionElement() - .getABusinessLocalElement() - .getACharactersSet() - .getCharacters() + this.getQualifiedName() = + f.getASessionElement().getABusinessLocalElement().getACharactersSet().getCharacters() ) } override predicate isRemote() { exists(EjbJarXMLFile f | - this.getQualifiedName() = f - .getASessionElement() - .getABusinessRemoteElement() - .getACharactersSet() - .getCharacters() + this.getQualifiedName() = + f.getASessionElement().getABusinessRemoteElement().getACharactersSet().getCharacters() ) } } @@ -411,11 +393,8 @@ class ExtendedRemoteInterface extends LegacyEjbRemoteInterface, RemoteEJBInterfa class XmlSpecifiedRemoteInterface extends LegacyEjbRemoteInterface { XmlSpecifiedRemoteInterface() { exists(EjbJarXMLFile f | - this.getQualifiedName() = f - .getASessionElement() - .getARemoteElement() - .getACharactersSet() - .getCharacters() + this.getQualifiedName() = + f.getASessionElement().getARemoteElement().getACharactersSet().getCharacters() ) } @@ -451,11 +430,8 @@ class AnnotatedRemoteHomeInterface extends LegacyEjbRemoteHomeInterface { class XmlSpecifiedRemoteHomeInterface extends LegacyEjbRemoteHomeInterface { XmlSpecifiedRemoteHomeInterface() { exists(EjbJarXMLFile f | - this.getQualifiedName() = f - .getASessionElement() - .getARemoteHomeElement() - .getACharactersSet() - .getCharacters() + this.getQualifiedName() = + f.getASessionElement().getARemoteHomeElement().getACharactersSet().getCharacters() ) } @@ -479,11 +455,8 @@ class ExtendedLocalInterface extends LegacyEjbLocalInterface, LocalEJBInterface class XmlSpecifiedLocalInterface extends LegacyEjbLocalInterface { XmlSpecifiedLocalInterface() { exists(EjbJarXMLFile f | - this.getQualifiedName() = f - .getASessionElement() - .getALocalElement() - .getACharactersSet() - .getCharacters() + this.getQualifiedName() = + f.getASessionElement().getALocalElement().getACharactersSet().getCharacters() ) } @@ -520,11 +493,8 @@ class AnnotatedLocalHomeInterface extends LegacyEjbLocalHomeInterface { class XmlSpecifiedLocalHomeInterface extends LegacyEjbLocalHomeInterface { XmlSpecifiedLocalHomeInterface() { exists(EjbJarXMLFile f | - this.getQualifiedName() = f - .getASessionElement() - .getALocalHomeElement() - .getACharactersSet() - .getCharacters() + this.getQualifiedName() = + f.getASessionElement().getALocalHomeElement().getACharactersSet().getCharacters() ) } diff --git a/java/ql/src/semmle/code/java/frameworks/spring/SpringBeanFile.qll b/java/ql/src/semmle/code/java/frameworks/spring/SpringBeanFile.qll index 8d4bb1bf5ea..e9549676e1f 100644 --- a/java/ql/src/semmle/code/java/frameworks/spring/SpringBeanFile.qll +++ b/java/ql/src/semmle/code/java/frameworks/spring/SpringBeanFile.qll @@ -34,12 +34,8 @@ class SpringBeanFile extends XMLFile { * applicable to any profile. */ string getAProfileExpr() { - result = getBeansElement() - .getAttribute("profile") - .getValue() - .splitAt(",") - .splitAt(" ") - .splitAt(";") and + result = + getBeansElement().getAttribute("profile").getValue().splitAt(",").splitAt(" ").splitAt(";") and result.length() != 0 } diff --git a/java/ql/src/semmle/code/java/frameworks/spring/SpringComponentScan.qll b/java/ql/src/semmle/code/java/frameworks/spring/SpringComponentScan.qll index 5f9e557b407..7f1253f1f62 100644 --- a/java/ql/src/semmle/code/java/frameworks/spring/SpringComponentScan.qll +++ b/java/ql/src/semmle/code/java/frameworks/spring/SpringComponentScan.qll @@ -60,7 +60,8 @@ class SpringBasePackage extends string { // Interpret the contexts of the `web.xml` "contextConfigLocation" parameter as a base package, // but only if the appropriate context class is chosen. exists(WebXMLFile webXML | - webXML.getContextParamValue("contextClass") = "org.springframework.web.context.support.AnnotationConfigWebApplicationContext" + webXML.getContextParamValue("contextClass") = + "org.springframework.web.context.support.AnnotationConfigWebApplicationContext" | basePackages = webXML.getContextParamValue("contextConfigLocation") ) diff --git a/java/ql/src/semmle/code/java/frameworks/spring/metrics/MetricSpringBean.qll b/java/ql/src/semmle/code/java/frameworks/spring/metrics/MetricSpringBean.qll index 966c8b2473c..9cac47fa281 100644 --- a/java/ql/src/semmle/code/java/frameworks/spring/metrics/MetricSpringBean.qll +++ b/java/ql/src/semmle/code/java/frameworks/spring/metrics/MetricSpringBean.qll @@ -41,14 +41,16 @@ class MetricSpringBean extends SpringBean { int getEfferentCoupling() { result = count(SpringBean other | springDepends(this, other, _)) } int getLocalAfferentCoupling() { - result = count(SpringBean other | + result = + count(SpringBean other | springDepends(other, this, _) and this.getSpringBeanFile() = other.getSpringBeanFile() ) } int getLocalEfferentCoupling() { - result = count(SpringBean other | + result = + count(SpringBean other | springDepends(this, other, _) and this.getSpringBeanFile() = other.getSpringBeanFile() ) diff --git a/java/ql/src/semmle/code/java/metrics/MetricCallable.qll b/java/ql/src/semmle/code/java/metrics/MetricCallable.qll index b59330b879f..b6df9769ab3 100755 --- a/java/ql/src/semmle/code/java/metrics/MetricCallable.qll +++ b/java/ql/src/semmle/code/java/metrics/MetricCallable.qll @@ -40,7 +40,8 @@ class MetricCallable extends Callable { * plus one. */ int getCyclomaticComplexity() { - result = count(Stmt stmt | branchingStmt(stmt) and stmt.getEnclosingCallable() = this) + + result = + count(Stmt stmt | branchingStmt(stmt) and stmt.getEnclosingCallable() = this) + count(Expr expr | branchingExpr(expr) and expr.getEnclosingCallable() = this) + 1 } @@ -49,7 +50,8 @@ class MetricCallable extends Callable { * and expressions within the callable, plus one for the callable itself. */ int getHalsteadLength() { - result = count(Stmt s | s.getEnclosingCallable() = this) + + result = + count(Stmt s | s.getEnclosingCallable() = this) + count(Expr e | e.getEnclosingCallable() = this) + 1 } @@ -58,7 +60,8 @@ class MetricCallable extends Callable { * of all statements and expressions within the callable. */ int getHalsteadVocabulary() { - result = count(string id | + result = + count(string id | exists(Stmt s | s.getEnclosingCallable() = this and id = s.getHalsteadID()) or exists(Expr e | e.getEnclosingCallable() = this and id = e.getHalsteadID()) diff --git a/java/ql/src/semmle/code/java/metrics/MetricElement.qll b/java/ql/src/semmle/code/java/metrics/MetricElement.qll index 19ca8bf2d83..3a04fc7f205 100755 --- a/java/ql/src/semmle/code/java/metrics/MetricElement.qll +++ b/java/ql/src/semmle/code/java/metrics/MetricElement.qll @@ -79,7 +79,8 @@ class MetricElement extends Element { /** Gets the maintainability index without comment weight. */ float getMaintainabilityIndexWithoutComments() { - result = 171 - 5.2 * this.getHalsteadVolume().log() - 0.23 * this.getCyclomaticComplexity() - + result = + 171 - 5.2 * this.getHalsteadVolume().log() - 0.23 * this.getCyclomaticComplexity() - 16.2 * this.getNumberOfLinesOfCode().log() } @@ -101,8 +102,8 @@ class MetricElement extends Element { * `MetricRefType` and `MetricCallable` provide concrete implementations. */ float getMaintainabilityIndex() { - result = this.getMaintainabilityIndexWithoutComments() + - this.getMaintainabilityIndexCommentWeight() + result = + this.getMaintainabilityIndexWithoutComments() + this.getMaintainabilityIndexCommentWeight() } } /* ========================================================================= */ diff --git a/java/ql/src/semmle/code/java/metrics/MetricPackage.qll b/java/ql/src/semmle/code/java/metrics/MetricPackage.qll index 7cc706a6a62..eafdd57dd8a 100755 --- a/java/ql/src/semmle/code/java/metrics/MetricPackage.qll +++ b/java/ql/src/semmle/code/java/metrics/MetricPackage.qll @@ -22,7 +22,8 @@ class MetricPackage extends Package, MetricElement { /** Gets the number of lines of code in this package. */ override int getNumberOfLinesOfCode() { // Refer to `numlines(...)` directly to avoid invalid recursive aggregate. - result = sum(CompilationUnit cu, int lines | + result = + sum(CompilationUnit cu, int lines | cu.getPackage() = this and numlines(cu, _, lines, _) | lines @@ -31,7 +32,8 @@ class MetricPackage extends Package, MetricElement { /** Gets the number of lines of comments in this package. */ override int getNumberOfCommentLines() { - result = sum(CompilationUnit cu, int lines | + result = + sum(CompilationUnit cu, int lines | cu.getPackage() = this and numlines(cu, _, _, lines) | lines @@ -40,7 +42,8 @@ class MetricPackage extends Package, MetricElement { /** Gets the total number of lines in this package, including code, comments and whitespace-only lines. */ override int getTotalNumberOfLines() { - result = sum(CompilationUnit cu, int lines | + result = + sum(CompilationUnit cu, int lines | cu.getPackage() = this and numlines(cu, lines, _, _) | lines @@ -60,7 +63,8 @@ class MetricPackage extends Package, MetricElement { * This is an indication of the size of the API provided by this package. */ int getNumberOfPublicCallables() { - result = sum(MetricRefType t, int toSum | + result = + sum(MetricRefType t, int toSum | t.getPackage() = this and toSum = t.getNumberOfPublicCallables() | @@ -86,7 +90,8 @@ class MetricPackage extends Package, MetricElement { * package metrics, such as the instability metric. */ int getAfferentCoupling() { - result = count(RefType t | + result = + count(RefType t | t.getPackage() != this and exists(RefType s | s.getPackage() = this and depends(t, s)) ) @@ -105,7 +110,8 @@ class MetricPackage extends Package, MetricElement { * package metrics, such as the instability metric. */ int getEfferentCoupling() { - result = count(RefType t | + result = + count(RefType t | t.getPackage() = this and exists(RefType s | s.getPackage() != this and depends(t, s)) ) @@ -114,7 +120,8 @@ class MetricPackage extends Package, MetricElement { /** Efferent Coupling (outgoing dependencies) to the specified package. */ int getEfferentCoupling(Package p) { p != this and - result = count(RefType t | + result = + count(RefType t | t.getPackage() = this and exists(RefType s | s.getPackage() = p and depends(t, s)) ) @@ -219,7 +226,8 @@ class MetricPackage extends Package, MetricElement { * for metrics that are directly computed from code. */ float relationalCohesion() { - result = 1 + + result = + 1 + avg(RefType t, float toAvg | t.getPackage() = this and toAvg = this.countDependencies(t) @@ -264,7 +272,8 @@ class MetricPackage extends Package, MetricElement { * representative member of the cycle to which it belongs. */ predicate isRepresentative() { - this.getName() = min(MetricPackage p, string toMin | + this.getName() = + min(MetricPackage p, string toMin | p = this.getACycleMember() and toMin = p.getName() | @@ -278,7 +287,8 @@ class MetricPackage extends Package, MetricElement { * The fan-in of a package is the average efferent coupling over all callables in that package. */ float getAverageFanIn() { - result = avg(RefType t, MetricCallable c, int toAvg | + result = + avg(RefType t, MetricCallable c, int toAvg | (c = t.getACallable() and t.getPackage() = this) and toAvg = c.getAfferentCoupling() | diff --git a/java/ql/src/semmle/code/java/metrics/MetricRefType.qll b/java/ql/src/semmle/code/java/metrics/MetricRefType.qll index 7e10329f960..79c65dd1bef 100755 --- a/java/ql/src/semmle/code/java/metrics/MetricRefType.qll +++ b/java/ql/src/semmle/code/java/metrics/MetricRefType.qll @@ -125,11 +125,8 @@ class MetricRefType extends RefType, MetricElement { // m = number of methods that access some field m = count(this.getAccessingMethod()) and // r = average (over f) of number of methods that access field f - r = avg(Field f | - f = this.getAccessedField() - | - count(Method x | this.accessesLocalField(x, f)) - ) and + r = + avg(Field f | f = this.getAccessedField() | count(Method x | this.accessesLocalField(x, f))) and // avoid division by zero m != 1 and // compute LCOM @@ -184,7 +181,8 @@ class MetricRefType extends RefType, MetricElement { float getLackOfCohesionCK() { exists(int callables, int linked, float n | callables = count(Callable m | includeInLackOfCohesionCK(m)) and - linked = count(Callable m1, Callable m2 | + linked = + count(Callable m1, Callable m2 | exists(Field f | relevantCallableAndFieldCK(m1, f) and relevantCallableAndFieldCK(m2, f) and @@ -296,13 +294,15 @@ class MetricRefType extends RefType, MetricElement { */ float getSpecialisationIndex() { this.getNumberOfCallables() != 0 and - result = (this.getNumberOverridden() * this.getInheritanceDepth()) / + result = + (this.getNumberOverridden() * this.getInheritanceDepth()) / this.getNumberOfCallables().(float) } /** Gets the Halstead length of a type, estimated as the sum of the Halstead lengths of its callables. */ override int getHalsteadLength() { - result = sum(Callable c, int toSum | + result = + sum(Callable c, int toSum | c = this.getACallable() and toSum = c.getMetrics().getHalsteadLength() | @@ -312,7 +312,8 @@ class MetricRefType extends RefType, MetricElement { /** Gets the Halstead vocabulary of a type, estimated as the sum of the Halstead vocabularies of its callables. */ override int getHalsteadVocabulary() { - result = sum(Callable c, int toSum | + result = + sum(Callable c, int toSum | c = this.getACallable() and toSum = c.getMetrics().getHalsteadVocabulary() | @@ -322,7 +323,8 @@ class MetricRefType extends RefType, MetricElement { /** Gets the cyclomatic complexity of a type, estimated as the sum of the cyclomatic complexities of its callables. */ override int getCyclomaticComplexity() { - result = sum(Callable c, int toSum | + result = + sum(Callable c, int toSum | c = this.getACallable() and toSum = c.getMetrics().getCyclomaticComplexity() | diff --git a/java/ql/src/semmle/code/java/security/Encryption.qll b/java/ql/src/semmle/code/java/security/Encryption.qll index 059fcf41df3..c8464e79cf9 100644 --- a/java/ql/src/semmle/code/java/security/Encryption.qll +++ b/java/ql/src/semmle/code/java/security/Encryption.qll @@ -75,7 +75,8 @@ private string algorithmRegex(string algorithmString) { // Algorithms usually appear in names surrounded by characters that are not // alphabetical characters in the same case. This handles the upper and lower // case cases. - result = "((^|.*[^A-Z])(" + algorithmString + ")([^A-Z].*|$))" + + result = + "((^|.*[^A-Z])(" + algorithmString + ")([^A-Z].*|$))" + // or... "|" + // For lowercase, we want to be careful to avoid being confused by camelCase @@ -113,7 +114,8 @@ private string algorithmBlacklistString(int i) { /** Gets a regex for matching strings that look like they contain a blacklisted algorithm. */ string algorithmBlacklistRegex() { - result = algorithmRegex(algorithmBlacklistString(max(int i | exists(rankedAlgorithmBlacklist(i))))) + result = + algorithmRegex(algorithmBlacklistString(max(int i | exists(rankedAlgorithmBlacklist(i))))) } /** Gets a whitelist of algorithms that are known to be secure. */ @@ -138,7 +140,8 @@ private string algorithmWhitelistString(int i) { /** Gets a regex for matching strings that look like they contain a whitelisted algorithm. */ string algorithmWhitelistRegex() { - result = algorithmRegex(algorithmWhitelistString(max(int i | exists(rankedAlgorithmWhitelist(i))))) + result = + algorithmRegex(algorithmWhitelistString(max(int i | exists(rankedAlgorithmWhitelist(i))))) } /** diff --git a/java/ql/src/semmle/code/java/security/UnsafeDeserialization.qll b/java/ql/src/semmle/code/java/security/UnsafeDeserialization.qll index 67f77fa501c..042d9b436fa 100644 --- a/java/ql/src/semmle/code/java/security/UnsafeDeserialization.qll +++ b/java/ql/src/semmle/code/java/security/UnsafeDeserialization.qll @@ -20,8 +20,8 @@ class SafeXStream extends DataFlow2::Configuration { SafeXStream() { this = "UnsafeDeserialization::SafeXStream" } override predicate isSource(DataFlow::Node src) { - any(XStreamEnableWhiteListing ma).getQualifier().(VarAccess).getVariable().getAnAccess() = src - .asExpr() + any(XStreamEnableWhiteListing ma).getQualifier().(VarAccess).getVariable().getAnAccess() = + src.asExpr() } override predicate isSink(DataFlow::Node sink) { @@ -36,8 +36,8 @@ class SafeKryo extends DataFlow2::Configuration { SafeKryo() { this = "UnsafeDeserialization::SafeKryo" } override predicate isSource(DataFlow::Node src) { - any(KryoEnableWhiteListing ma).getQualifier().(VarAccess).getVariable().getAnAccess() = src - .asExpr() + any(KryoEnableWhiteListing ma).getQualifier().(VarAccess).getVariable().getAnAccess() = + src.asExpr() } override predicate isSink(DataFlow::Node sink) { diff --git a/java/ql/src/semmle/code/java/security/XmlParsers.qll b/java/ql/src/semmle/code/java/security/XmlParsers.qll index 1f582489497..d04e228d2eb 100644 --- a/java/ql/src/semmle/code/java/security/XmlParsers.qll +++ b/java/ql/src/semmle/code/java/security/XmlParsers.qll @@ -151,9 +151,11 @@ private class ConstantStringExpr extends Expr { * A general configuration that is safe when enabled. */ Expr singleSafeConfig() { - result.(ConstantStringExpr).getStringValue() = "http://apache.org/xml/features/disallow-doctype-decl" + result.(ConstantStringExpr).getStringValue() = + "http://apache.org/xml/features/disallow-doctype-decl" or - result.(ConstantStringExpr).getStringValue() = "http://javax.xml.XMLConstants/feature/secure-processing" + result.(ConstantStringExpr).getStringValue() = + "http://javax.xml.XMLConstants/feature/secure-processing" or exists(Field f | result = f.getAnAccess() and @@ -494,7 +496,8 @@ class SafeSAXParserFactory extends VarAccess { exists(SAXParserFactoryConfig config | config.getQualifier() = v.getAnAccess() | config .disables(any(ConstantStringExpr s | - s.getStringValue() = "http://apache.org/xml/features/nonvalidating/load-external-dtd" + s.getStringValue() = + "http://apache.org/xml/features/nonvalidating/load-external-dtd" )) ) ) @@ -695,7 +698,8 @@ class ExplicitlySafeXMLReader extends VarAccess { exists(XMLReaderConfig config | config.getQualifier() = v.getAnAccess() | config .disables(any(ConstantStringExpr s | - s.getStringValue() = "http://apache.org/xml/features/nonvalidating/load-external-dtd" + s.getStringValue() = + "http://apache.org/xml/features/nonvalidating/load-external-dtd" )) ) or @@ -828,7 +832,8 @@ class XmlConstants extends RefType { /** A configuration specific for transformers and schema. */ Expr configAccessExternalDTD() { - result.(ConstantStringExpr).getStringValue() = "http://javax.xml.XMLConstants/property/accessExternalDTD" + result.(ConstantStringExpr).getStringValue() = + "http://javax.xml.XMLConstants/property/accessExternalDTD" or exists(Field f | result = f.getAnAccess() and @@ -839,7 +844,8 @@ Expr configAccessExternalDTD() { /** A configuration specific for transformers. */ Expr configAccessExternalStyleSheet() { - result.(ConstantStringExpr).getStringValue() = "http://javax.xml.XMLConstants/property/accessExternalStylesheet" + result.(ConstantStringExpr).getStringValue() = + "http://javax.xml.XMLConstants/property/accessExternalStylesheet" or exists(Field f | result = f.getAnAccess() and @@ -850,7 +856,8 @@ Expr configAccessExternalStyleSheet() { /** A configuration specific for schema. */ Expr configAccessExternalSchema() { - result.(ConstantStringExpr).getStringValue() = "http://javax.xml.XMLConstants/property/accessExternalSchema" + result.(ConstantStringExpr).getStringValue() = + "http://javax.xml.XMLConstants/property/accessExternalSchema" or exists(Field f | result = f.getAnAccess() and diff --git a/java/ql/src/semmle/code/xml/AndroidManifest.qll b/java/ql/src/semmle/code/xml/AndroidManifest.qll index 366b2306a46..70afabc8d3d 100644 --- a/java/ql/src/semmle/code/xml/AndroidManifest.qll +++ b/java/ql/src/semmle/code/xml/AndroidManifest.qll @@ -114,11 +114,9 @@ class AndroidComponentXmlElement extends XMLElement { string getResolvedComponentName() { if getComponentName().matches(".%") then - result = getParent() - .(XMLElement) - .getParent() - .(AndroidManifestXmlElement) - .getPackageAttributeValue() + getComponentName() + result = + getParent().(XMLElement).getParent().(AndroidManifestXmlElement).getPackageAttributeValue() + + getComponentName() else result = getComponentName() } diff --git a/java/ql/src/semmle/code/xml/Ant.qll b/java/ql/src/semmle/code/xml/Ant.qll index e49b219a6df..91efca7022f 100644 --- a/java/ql/src/semmle/code/xml/Ant.qll +++ b/java/ql/src/semmle/code/xml/Ant.qll @@ -18,7 +18,8 @@ class AntTarget extends XMLElement { * This is a utility method used for extracting individual dependencies. */ string getDependsString() { - result = "," + + result = + "," + this .getAttributeValue("depends") .replaceAll(" ", "") diff --git a/java/ql/src/semmle/code/xml/MavenPom.qll b/java/ql/src/semmle/code/xml/MavenPom.qll index fd6bda7d227..0a545c0bc99 100644 --- a/java/ql/src/semmle/code/xml/MavenPom.qll +++ b/java/ql/src/semmle/code/xml/MavenPom.qll @@ -66,7 +66,8 @@ class Pom extends ProtoPom { /** Gets a Maven coordinate of the form `groupId:artifactId:version`. */ string getCoordinate() { - result = this.getGroup().getValue() + ":" + this.getArtifact().getValue() + ":" + + result = + this.getGroup().getValue() + ":" + this.getArtifact().getValue() + ":" + this.getVersion().getValue() } @@ -195,8 +196,8 @@ class Pom extends ProtoPom { relativePath = "src" | // Resolve the relative path against the base directory for this POM - result.getAbsolutePath() = normalize(getFile().getParentContainer().getAbsolutePath() + "/" + - relativePath) + result.getAbsolutePath() = + normalize(getFile().getParentContainer().getAbsolutePath() + "/" + relativePath) ) } @@ -411,7 +412,8 @@ class MavenRepoJar extends File { exists(MavenRepo mr | mr.getAJarFile() = this | // Assuming the standard layout, the first part of the directory structure from the maven // repository will be the groupId converted to a path by replacing "." with "/". - result = getParentContainer() + result = + getParentContainer() .getParentContainer() .getParentContainer() .getAbsolutePath() diff --git a/java/ql/src/semmle/code/xml/XML.qll b/java/ql/src/semmle/code/xml/XML.qll index 5e916e6292e..dc7836aaabe 100755 --- a/java/ql/src/semmle/code/xml/XML.qll +++ b/java/ql/src/semmle/code/xml/XML.qll @@ -100,11 +100,8 @@ class XMLParent extends @xmlparent { * left to right, separated by a space. */ string allCharactersString() { - result = concat(string chars, int pos | - xmlChars(_, chars, this, pos, _, _) - | - chars, " " order by pos - ) + result = + concat(string chars, int pos | xmlChars(_, chars, this, pos, _, _) | chars, " " order by pos) } /** Gets the text value contained in this XML parent. */