Include constructors in abstract class

2026-05-02 12:15:17 +02:00 · 2021-04-21 15:39:23 +01:00
parent 9c72e73a82
commit 9f1704560b
3 changed files with 28 additions and 14 deletions
--- a/java/ql/src/semmle/code/java/JDK.qll
+++ b/java/ql/src/semmle/code/java/JDK.qll
@@ -180,21 +180,34 @@ class TypeFile extends Class {
 /**
 * Any of the methods named `command` on class `java.lang.ProcessBuilder`.
 */
-class MethodProcessBuilderCommand extends ExecMethod {
+class ProcessBuilderConstructor extends Constructor, ExecCallable {
+  ProcessBuilderConstructor() { this.getDeclaringType() instanceof TypeProcessBuilder }
+
+  override int getAnExecutedArgument() { result = 0 }
+}
+
+/**
+ * Any of the methods named `command` on class `java.lang.ProcessBuilder`.
+ */
+class MethodProcessBuilderCommand extends Method, ExecCallable {
  MethodProcessBuilderCommand() {
    hasName("command") and
    getDeclaringType() instanceof TypeProcessBuilder
  }
+
+  override int getAnExecutedArgument() { result = 0 }
 }

 /**
 * Any method named `exec` on class `java.lang.Runtime`.
 */
-class MethodRuntimeExec extends ExecMethod {
+class MethodRuntimeExec extends Method, ExecCallable {
  MethodRuntimeExec() {
    hasName("exec") and
    getDeclaringType() instanceof TypeRuntime
  }
+
+  override int getAnExecutedArgument() { result = 0 }
 }

 /**
--- a/java/ql/src/semmle/code/java/frameworks/apache/Exec.qll
+++ b/java/ql/src/semmle/code/java/frameworks/apache/Exec.qll
@@ -6,16 +6,20 @@ library class TypeCommandLine extends Class {
  TypeCommandLine() { hasQualifiedName("org.apache.commons.exec", "CommandLine") }
 }

-library class MethodCommandLineParse extends ExecMethod {
+library class MethodCommandLineParse extends Method, ExecCallable {
  MethodCommandLineParse() {
    getDeclaringType() instanceof TypeCommandLine and
    hasName("parse")
  }
+
+  override int getAnExecutedArgument() { result = 0 }
 }

-library class MethodCommandLineAddArguments extends ExecMethod {
+library class MethodCommandLineAddArguments extends Method, ExecCallable {
  MethodCommandLineAddArguments() {
    getDeclaringType() instanceof TypeCommandLine and
    hasName("addArguments")
  }
+
+  override int getAnExecutedArgument() { result = 0 }
 }
--- a/java/ql/src/semmle/code/java/security/ExternalProcess.qll
+++ b/java/ql/src/semmle/code/java/security/ExternalProcess.qll
@@ -6,7 +6,9 @@ import semmle.code.java.frameworks.apache.Exec
 /**
 * A method that executes a command.
 */
-abstract class ExecMethod extends Method { }
+abstract class ExecCallable extends Callable {
+  abstract int getAnExecutedArgument();
+}

 /**
 * An expression used as an argument to a call that executes an external command. For calls to
@@ -15,15 +17,10 @@ abstract class ExecMethod extends Method { }
 */
 class ArgumentToExec extends Expr {
  ArgumentToExec() {
-    exists(MethodAccess execCall, ExecMethod method |
-      execCall.getArgument(0) = this and
-      method = execCall.getMethod()
-    )
-    or
-    exists(ConstructorCall expr, Constructor cons |
-      expr.getConstructor() = cons and
-      cons.getDeclaringType().hasQualifiedName("java.lang", "ProcessBuilder") and
-      expr.getArgument(0) = this
+    exists(Call execCall, ExecCallable execCallable, int i |
+      execCall.getArgument(i) = this and
+      execCallable = execCall.getCallee() and
+      i = execCallable.getAnExecutedArgument()
    )
  }
 }