Java: Cleanup threat models tests.

2026-04-24 00:05:14 +02:00 · 2023-10-25 14:02:31 +02:00
parent 33f10d8d19
commit b3e5b86f0a
12 changed files with 95 additions and 39 deletions
--- a/java/ql/test/library-tests/dataflow/threat-models/threat-models-flowtest2.ext.yml
+++ b/java/ql/test/library-tests/dataflow/threat-models/threat-models-flowtest2.ext.yml
@@ -1,10 +1,10 @@
 extensions:

  - addsTo:
-      pack: codeql/java-all
-      extensible: supportedThreatModels
+      pack: codeql/threat-models
+      extensible: threatModelConfiguration
    data:
-      - ["database"]
+      - ["database", true, 0]

  - addsTo:
      pack: codeql/java-all
--- a/java/ql/test/library-tests/dataflow/threat-models/threat-models-flowtest3.ext.yml
+++ b/java/ql/test/library-tests/dataflow/threat-models/threat-models-flowtest3.ext.yml
@@ -1,10 +1,10 @@
 extensions:

  - addsTo:
-      pack: codeql/java-all
-      extensible: supportedThreatModels
+      pack: codeql/threat-models
+      extensible: threatModelConfiguration
    data:
-      - ["local"]
+      - ["local", true, 0]

  - addsTo:
      pack: codeql/java-all
--- a/java/ql/test/library-tests/dataflow/threat-models/threat-models-flowtest4.ext.yml
+++ b/java/ql/test/library-tests/dataflow/threat-models/threat-models-flowtest4.ext.yml
@@ -1,10 +1,10 @@
 extensions:

  - addsTo:
-      pack: codeql/java-all
-      extensible: supportedThreatModels
+      pack: codeql/threat-models
+      extensible: threatModelConfiguration
    data:
-      - ["all"]
+      - ["all", true, 0]

  - addsTo:
      pack: codeql/java-all
--- a/java/ql/test/library-tests/dataflow/threat-models/threat-models-flowtest5.ext.yml
+++ b/java/ql/test/library-tests/dataflow/threat-models/threat-models-flowtest5.ext.yml
@@ -1,11 +1,11 @@
 extensions:

  - addsTo:
-      pack: codeql/java-all
-      extensible: supportedThreatModels
+      pack: codeql/threat-models
+      extensible: threatModelConfiguration
    data:
-      - ["environment"]
-      - ["commandargs"]
+      - ["environment", true, 0]
+      - ["commandargs", true, 0]

  - addsTo:
      pack: codeql/java-all
--- a/java/ql/test/library-tests/dataflow/threat-models/threat-models-flowtest6.expected
+++ b/java/ql/test/library-tests/dataflow/threat-models/threat-models-flowtest6.expected
@@ -0,0 +1,54 @@
+edges
+| Test.java:10:31:10:41 | data : byte[] | Test.java:11:23:11:26 | data : byte[] |
+| Test.java:11:23:11:26 | data : byte[] | Test.java:11:12:11:51 | new String(...) : String |
+| Test.java:19:5:19:25 | getInputStream(...) : InputStream | Test.java:19:32:19:35 | data [post update] : byte[] |
+| Test.java:19:32:19:35 | data [post update] : byte[] | Test.java:22:49:22:52 | data : byte[] |
+| Test.java:19:32:19:35 | data [post update] : byte[] | Test.java:25:69:25:72 | data : byte[] |
+| Test.java:22:49:22:52 | data : byte[] | Test.java:10:31:10:41 | data : byte[] |
+| Test.java:22:49:22:52 | data : byte[] | Test.java:22:36:22:53 | byteToString(...) |
+| Test.java:25:56:25:73 | byteToString(...) : String | Test.java:25:26:25:80 | ... + ... |
+| Test.java:25:69:25:72 | data : byte[] | Test.java:10:31:10:41 | data : byte[] |
+| Test.java:25:69:25:72 | data : byte[] | Test.java:25:56:25:73 | byteToString(...) : String |
+| Test.java:30:21:30:61 | executeQuery(...) : String | Test.java:33:26:33:68 | ... + ... |
+| Test.java:30:21:30:61 | executeQuery(...) : String | Test.java:36:36:36:41 | result |
+| Test.java:64:5:64:13 | System.in : InputStream | Test.java:64:20:64:23 | data [post update] : byte[] |
+| Test.java:64:20:64:23 | data [post update] : byte[] | Test.java:67:69:67:72 | data : byte[] |
+| Test.java:64:20:64:23 | data [post update] : byte[] | Test.java:70:49:70:52 | data : byte[] |
+| Test.java:67:56:67:73 | byteToString(...) : String | Test.java:67:26:67:80 | ... + ... |
+| Test.java:67:69:67:72 | data : byte[] | Test.java:10:31:10:41 | data : byte[] |
+| Test.java:67:69:67:72 | data : byte[] | Test.java:67:56:67:73 | byteToString(...) : String |
+| Test.java:70:49:70:52 | data : byte[] | Test.java:10:31:10:41 | data : byte[] |
+| Test.java:70:49:70:52 | data : byte[] | Test.java:70:36:70:53 | byteToString(...) |
+nodes
+| Test.java:10:31:10:41 | data : byte[] | semmle.label | data : byte[] |
+| Test.java:11:12:11:51 | new String(...) : String | semmle.label | new String(...) : String |
+| Test.java:11:23:11:26 | data : byte[] | semmle.label | data : byte[] |
+| Test.java:19:5:19:25 | getInputStream(...) : InputStream | semmle.label | getInputStream(...) : InputStream |
+| Test.java:19:32:19:35 | data [post update] : byte[] | semmle.label | data [post update] : byte[] |
+| Test.java:22:36:22:53 | byteToString(...) | semmle.label | byteToString(...) |
+| Test.java:22:49:22:52 | data : byte[] | semmle.label | data : byte[] |
+| Test.java:25:26:25:80 | ... + ... | semmle.label | ... + ... |
+| Test.java:25:56:25:73 | byteToString(...) : String | semmle.label | byteToString(...) : String |
+| Test.java:25:69:25:72 | data : byte[] | semmle.label | data : byte[] |
+| Test.java:30:21:30:61 | executeQuery(...) : String | semmle.label | executeQuery(...) : String |
+| Test.java:33:26:33:68 | ... + ... | semmle.label | ... + ... |
+| Test.java:36:36:36:41 | result | semmle.label | result |
+| Test.java:64:5:64:13 | System.in : InputStream | semmle.label | System.in : InputStream |
+| Test.java:64:20:64:23 | data [post update] : byte[] | semmle.label | data [post update] : byte[] |
+| Test.java:67:26:67:80 | ... + ... | semmle.label | ... + ... |
+| Test.java:67:56:67:73 | byteToString(...) : String | semmle.label | byteToString(...) : String |
+| Test.java:67:69:67:72 | data : byte[] | semmle.label | data : byte[] |
+| Test.java:70:36:70:53 | byteToString(...) | semmle.label | byteToString(...) |
+| Test.java:70:49:70:52 | data : byte[] | semmle.label | data : byte[] |
+subpaths
+| Test.java:22:49:22:52 | data : byte[] | Test.java:10:31:10:41 | data : byte[] | Test.java:11:12:11:51 | new String(...) : String | Test.java:22:36:22:53 | byteToString(...) |
+| Test.java:25:69:25:72 | data : byte[] | Test.java:10:31:10:41 | data : byte[] | Test.java:11:12:11:51 | new String(...) : String | Test.java:25:56:25:73 | byteToString(...) : String |
+| Test.java:67:69:67:72 | data : byte[] | Test.java:10:31:10:41 | data : byte[] | Test.java:11:12:11:51 | new String(...) : String | Test.java:67:56:67:73 | byteToString(...) : String |
+| Test.java:70:49:70:52 | data : byte[] | Test.java:10:31:10:41 | data : byte[] | Test.java:11:12:11:51 | new String(...) : String | Test.java:70:36:70:53 | byteToString(...) |
+#select
+| Test.java:19:5:19:25 | getInputStream(...) : InputStream | Test.java:22:36:22:53 | byteToString(...) |
+| Test.java:19:5:19:25 | getInputStream(...) : InputStream | Test.java:25:26:25:80 | ... + ... |
+| Test.java:30:21:30:61 | executeQuery(...) : String | Test.java:33:26:33:68 | ... + ... |
+| Test.java:30:21:30:61 | executeQuery(...) : String | Test.java:36:36:36:41 | result |
+| Test.java:64:5:64:13 | System.in : InputStream | Test.java:67:26:67:80 | ... + ... |
+| Test.java:64:5:64:13 | System.in : InputStream | Test.java:70:36:70:53 | byteToString(...) |
--- a/java/ql/test/library-tests/dataflow/threat-models/threat-models-flowtest6.ext.yml
+++ b/java/ql/test/library-tests/dataflow/threat-models/threat-models-flowtest6.ext.yml
@@ -0,0 +1,16 @@
+extensions:
+
+  - addsTo:
+      pack: codeql/threat-models
+      extensible: threatModelConfiguration
+    data:
+      - ["local", true, 0]
+      - ["environment", false, 1]
+
+  - addsTo:
+      pack: codeql/java-all
+      extensible: sourceModel
+    data:
+      - ["testlib", "TestSources", False, "executeQuery", "(String)", "", "ReturnValue", "database", "manual"]
+      - ["testlib", "TestSources", False, "readEnv", "(String)", "", "ReturnValue", "environment", "manual"]
+      - ["testlib", "TestSources", False, "getCustom", "(String)", "", "ReturnValue", "custom", "manual"]
--- a/java/ql/test/library-tests/dataflow/threat-models/threat-models-flowtest6.ql
+++ b/java/ql/test/library-tests/dataflow/threat-models/threat-models-flowtest6.ql
@@ -0,0 +1,12 @@
+/**
+ * This is a dataflow test using the "default" threat model with the
+ * addition of the threat model group "local", but without the
+ * "environment" threat model.
+ */
+
+import Test
+import ThreatModel::PathGraph
+
+from ThreatModel::PathNode source, ThreatModel::PathNode sink
+where ThreatModel::flowPath(source, sink)
+select source, sink
--- a/java/ql/test/library-tests/dataflow/threat-models/threat-models1.expected
+++ b/java/ql/test/library-tests/dataflow/threat-models/threat-models1.expected
@@ -1,4 +0,0 @@
-| default |
-| remote |
-| request |
-| response |
--- a/java/ql/test/library-tests/dataflow/threat-models/threat-models1.ql
+++ b/java/ql/test/library-tests/dataflow/threat-models/threat-models1.ql
@@ -1,3 +0,0 @@
-import codeql.threatmodels.ThreatModels as ThreatModels
-
-query predicate supportedThreatModels(string kind) { ThreatModels::currentThreatModel(kind) }
--- a/java/ql/test/library-tests/dataflow/threat-models/threat-models2.expected
+++ b/java/ql/test/library-tests/dataflow/threat-models/threat-models2.expected
@@ -1,9 +0,0 @@
-| commandargs |
-| database |
-| default |
-| environment |
-| file |
-| local |
-| remote |
-| request |
-| response |
--- a/java/ql/test/library-tests/dataflow/threat-models/threat-models2.ext.yml
+++ b/java/ql/test/library-tests/dataflow/threat-models/threat-models2.ext.yml
@@ -1,7 +0,0 @@
-extensions:
-
-  - addsTo:
-      pack: codeql/java-all
-      extensible: supportedThreatModels
-    data:
-      - ["local"] # Add the "local" group threat model.
--- a/java/ql/test/library-tests/dataflow/threat-models/threat-models2.ql
+++ b/java/ql/test/library-tests/dataflow/threat-models/threat-models2.ql
@@ -1,3 +0,0 @@
-import codeql.threatmodels.ThreatModels as ThreatModels
-
-query predicate supportedThreatModels(string kind) { ThreatModels::currentThreatModel(kind) }