Java: remove Supplier.get model

2025-12-17 01:03:14 +01:00 · 2023-01-12 17:09:13 -05:00
parent f040ff2d8d
commit a43f3cf95f
4 changed files with 2 additions and 10 deletions
--- a/java/ql/lib/ext/java.util.function.model.yml
+++ b/java/ql/lib/ext/java.util.function.model.yml
@@ -4,9 +4,3 @@ extensions:
      extensible: sinkModel
    data:
      - ["java.util.function", "Predicate", False, "test", "(Object)", "", "Argument[-1]", "regex-use[0]", "manual"]
-
-  - addsTo:
-      pack: codeql/java-all
-      extensible: summaryModel
-    data:
-      - ["java.util.function", "Supplier", False, "get", "()", "", "Argument[-1]", "ReturnValue", "value", "manual"]
--- a/java/ql/test/ext/TestModels/Test.java
+++ b/java/ql/test/ext/TestModels/Test.java
@@ -77,10 +77,6 @@ public class Test {
            AtomicReference ar = new AtomicReference(source());
            sink(ar.get());  // $hasValueFlow

-            // java.util.function
-            Supplier<Double> sup = (Supplier)source();
-            sink(sup.get()); // $hasValueFlow
-
            // java.util
            StringJoiner sj1 = new StringJoiner(",");
            sink(sj1.add((CharSequence)source())); // $hasTaintFlow
--- a/java/ql/test/ext/TopJdkApis/TopJdkApis.qll
+++ b/java/ql/test/ext/TopJdkApis/TopJdkApis.qll
@@ -147,6 +147,7 @@ class TopJdkApi extends SummarizedCallableBase {
   * `java.lang.Throwable#printStackTrace()`: should probably not be a general step, but there might be specialised queries that care
   * `java.util.function.Consumer#accept(Object)`: specialized lambda flow
   * `java.util.function.Function#apply(Object)`: specialized lambda flow
+   * `java.util.function.Supplier#get()`: lambda flow
   * `java.util.stream.Collectors#joining(CharSequence)`: cannot be modeled completely without a model for `java.util.stream.Stream#collect(Collector)` as well
   * `java.util.stream.Collectors#toMap(Function,Function)`: specialized collectors flow
   * `java.util.stream.Stream#collect(Collector)`: handled separately on a case-by-case basis as it is too complex for MaD
--- a/java/ql/test/ext/TopJdkApis/TopJdkApisTest.expected
+++ b/java/ql/test/ext/TopJdkApis/TopJdkApisTest.expected
@@ -2,6 +2,7 @@
 | java.lang.Throwable#printStackTrace() | no manual model |
 | java.util.function.Consumer#accept(Object) | no manual model |
 | java.util.function.Function#apply(Object) | no manual model |
+| java.util.function.Supplier#get() | no manual model |
 | java.util.stream.Collectors#joining(CharSequence) | no manual model |
 | java.util.stream.Collectors#toMap(Function,Function) | no manual model |
 | java.util.stream.Stream#collect(Collector) | no manual model |