hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-28 10:15:14 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #10131 from atorralba/atorralba/path-steps

Browse Source 
Java: Add new java.nio.Path{,s} summary models
This commit is contained in:
Tony Torralba
2022-08-23 09:47:34 +02:00
committed by GitHub
parent 5fb3119fea ee6ac744c5
commit a3f27d4abe
5 changed files with 109 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
java/ql/lib/change-notes/2022-08-22-path-summaries.md Normal file
View File

@@ -0,0 +1,4 @@
---
category: minorAnalysis
---
* Added new flow steps for the classes `java.io.Path` and `java.nio.Paths`.

5
java/ql/lib/semmle/code/java/dataflow/ExternalFlow.qll
View File

@@ -317,7 +317,12 @@ private predicate summaryModelCsv(string row) {
"java.io;File;true;getAbsolutePath;;;Argument[-1];ReturnValue;taint;manual",
"java.io;File;true;getCanonicalPath;;;Argument[-1];ReturnValue;taint;manual",
"java.nio;ByteBuffer;false;array;();;Argument[-1];ReturnValue;taint;manual",
"java.nio.file;Path;true;normalize;;;Argument[-1];ReturnValue;taint;manual",
"java.nio.file;Path;true;resolve;;;Argument[-1..0];ReturnValue;taint;manual",
"java.nio.file;Path;false;toFile;;;Argument[-1];ReturnValue;taint;manual",
"java.nio.file;Path;true;toString;;;Argument[-1];ReturnValue;taint;manual",
"java.nio.file;Path;true;toUri;;;Argument[-1];ReturnValue;taint;manual",
"java.nio.file;Paths;true;get;;;Argument[0..1];ReturnValue;taint;manual",
"java.io;BufferedReader;true;readLine;;;Argument[-1];ReturnValue;taint;manual",
"java.io;Reader;true;read;();;Argument[-1];ReturnValue;taint;manual",
// arg to return

98
java/ql/test/library-tests/paths/Test.java Normal file
View File

@@ -0,0 +1,98 @@
package generatedtest;
import java.io.File;
import java.net.URI;
import java.nio.file.Path;
import java.nio.file.Paths;
// Test case generated by GenerateFlowTestCase.ql
public class Test {
Object source() { return null; }
void sink(Object o) { }
public void test() throws Exception {
{
// "java.nio.file;Path;true;normalize;;;Argument[-1];ReturnValue;taint;manual"
Path out = null;
Path in = (Path)source();
out = in.normalize();
sink(out); // $ hasTaintFlow
}
{
// "java.nio.file;Path;true;resolve;;;Argument[-1..0];ReturnValue;taint;manual"
Path out = null;
Path in = (Path)source();
Path instance = null;
out = instance.resolve(in);
sink(out); // $ hasTaintFlow
}
{
// "java.nio.file;Path;true;resolve;;;Argument[-1..0];ReturnValue;taint;manual"
Path out = null;
Path in = (Path)source();
out = in.resolve((Path)null);
sink(out); // $ hasTaintFlow
}
{
// "java.nio.file;Path;true;resolve;;;Argument[-1..0];ReturnValue;taint;manual"
Path out = null;
Path in = (Path)source();
out = in.resolve((String)null);
sink(out); // $ hasTaintFlow
}
{
// "java.nio.file;Path;true;resolve;;;Argument[-1..0];ReturnValue;taint;manual"
Path out = null;
String in = (String)source();
Path instance = null;
out = instance.resolve(in);
sink(out); // $ hasTaintFlow
}
{
// "java.nio.file;Path;true;toFile;;;Argument[-1];ReturnValue;taint;manual"
File out = null;
Path in = (Path)source();
out = in.toFile();
sink(out); // $ hasTaintFlow
}
{
// "java.nio.file;Path;true;toString;;;Argument[-1];ReturnValue;taint;manual"
String out = null;
Path in = (Path)source();
out = in.toString();
sink(out); // $ hasTaintFlow
}
{
// "java.nio.file;Path;true;toUri;;;Argument[-1];ReturnValue;taint;manual"
URI out = null;
Path in = (Path)source();
out = in.toUri();
sink(out); // $ hasTaintFlow
}
{
// "java.nio.file;Paths;true;get;;;Argument[0..1];ReturnValue;taint;manual"
Path out = null;
String in = (String)source();
out = Paths.get(in, (String[])null);
sink(out); // $ hasTaintFlow
}
{
// "java.nio.file;Paths;true;get;;;Argument[0..1];ReturnValue;taint;manual"
Path out = null;
String[] in = (String[])source();
out = Paths.get((String)null, in);
sink(out); // $ hasTaintFlow
}
{
// "java.nio.file;Paths;true;get;;;Argument[0..1];ReturnValue;taint;manual"
Path out = null;
URI in = (URI)source();
out = Paths.get(in);
sink(out); // $ hasTaintFlow
}
}
}

0
java/ql/test/library-tests/paths/test.expected Normal file
View File

2
java/ql/test/library-tests/paths/test.ql Normal file
View File

@@ -0,0 +1,2 @@
import java
import TestUtilities.InlineFlowTest