Add support for Promise.value and Promise::flatMap

2026-04-30 19:26:02 +02:00 · 2021-04-30 17:48:41 -04:00
parent b2ad128beb
commit b2e3df29b3
3 changed files with 41 additions and 8 deletions
--- a/java/ql/test/library-tests/frameworks/ratpack/resources/Resource.java
+++ b/java/ql/test/library-tests/frameworks/ratpack/resources/Resource.java
@@ -1,12 +1,17 @@
 import ratpack.core.handling.Context;
 import ratpack.core.http.TypedData;
 import ratpack.core.form.UploadedFile;
+import ratpack.exec.Promise;
 import java.io.OutputStream;

 class Resource {

    void sink(Object o) {}

+    String taint() {
+        return null;
+    }
+
    void test1(Context ctx) {
        sink(ctx.getRequest().getContentLength()); //$hasTaintFlow
        sink(ctx.getRequest().getCookies()); //$hasTaintFlow
@@ -53,4 +58,14 @@ class Resource {
            .next(this::sink) //$hasTaintFlow
            .then(this::sink); //$hasTaintFlow
    }
+
+    void test6() {
+        String tainted = taint();
+        Promise.value(tainted);
+        sink(Promise.value(tainted)); //$hasTaintFlow
+        Promise
+            .value(tainted)
+            .flatMap(a -> Promise.value(a))
+            .then(this::sink); //$hasTaintFlow
+    }
 }
--- a/java/ql/test/stubs/ratpack-1.9.x/ratpack/exec/Promise.java
+++ b/java/ql/test/stubs/ratpack-1.9.x/ratpack/exec/Promise.java
@@ -43,8 +43,14 @@ import ratpack.func.Function;
 */
@SuppressWarnings("JavadocReference")
 public interface Promise<T> {
+  static <T> Promise<T> value(T t) {
+    return null;
+  }
+
  <O> Promise<O> map(Function<? super T, ? extends O> transformer);

+  <O> Promise<O> flatMap(Function<? super T, ? extends Promise<O>> transformer);
+
  void then(Action<? super T> then);

  Promise<T> next(Action<? super T> action);