hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-12 05:01:06 +01:00
Code Issues Packages Projects Releases Wiki Activity

java: understand more initializers

Browse Source 
Whne a fiels is assigned a safe type in a constructor,
that field is not exposed.
This commit is contained in:
yoff
2025-11-25 15:46:18 +01:00
parent a65d385297
commit c6240e5a99
3 changed files with 16 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
java/ql/lib/semmle/code/java/ConflictingAccess.qll
View File

@@ -63,12 +63,23 @@ class ExposedField extends Field {
not this.getType() instanceof LockType and
// field is not thread-safe
not isThreadSafeType(this.getType()) and
not isThreadSafeType(this.getInitializer().getType()) and
not isThreadSafeType(initialValue(this).getType()) and
// the initializer guarantees thread safety
not isThreadSafeInitializer(this.getInitializer())
not isThreadSafeInitializer(initialValue(this))
}
}
/**
* Gets the initial value for the field `f`.
* This is either a static initializer or an assignment in a constructor.
*/
Expr initialValue(Field f) {
result = f.getInitializer()
or
result = f.getAnAssignedValue() and
result.getEnclosingCallable() = f.getDeclaringType().getAConstructor()
}
/**
* A field access that is exposed to potential data races.
* We require the field to be in a class that is annotated as `@ThreadSafe`.

3
java/ql/test/query-tests/ThreadSafe/ThreadSafe.expected
View File

@@ -43,7 +43,4 @@
| examples/Test.java:60:5:60:10 | this.y | This field access (publicly accessible via $@) is not protected by any monitor, but the class is annotated as @ThreadSafe. | examples/Test.java:60:5:60:10 | this.y | this expression |
| examples/Test.java:74:5:74:10 | this.y | This field access (publicly accessible via $@) is not protected by any monitor, but the class is annotated as @ThreadSafe. | examples/Test.java:74:5:74:10 | this.y | this expression |
| examples/Test.java:74:14:74:14 | y | This field access (publicly accessible via $@) is not protected by any monitor, but the class is annotated as @ThreadSafe. | examples/Test.java:74:14:74:14 | y | this expression |
| examples/ThreadSafeInitializers.java:29:9:29:16 | sync_map | This field access (publicly accessible via $@) is not protected by any monitor, but the class is annotated as @ThreadSafe. | examples/ThreadSafeInitializers.java:29:9:29:16 | sync_map | this expression |
| examples/ThreadSafeInitializers.java:37:9:37:12 | cmap | This field access (publicly accessible via $@) is not protected by any monitor, but the class is annotated as @ThreadSafe. | examples/ThreadSafeInitializers.java:37:9:37:12 | cmap | this expression |
| examples/ThreadSafeInitializers.java:45:9:45:14 | this.y | This field access (publicly accessible via $@) is not protected by any monitor, but the class is annotated as @ThreadSafe. | examples/ThreadSafeInitializers.java:45:9:45:14 | this.y | this expression |
| examples/ThreadSafeInitializers.java:49:9:49:11 | set | This field access (publicly accessible via $@) is not protected by any monitor, but the class is annotated as @ThreadSafe. | examples/ThreadSafeInitializers.java:49:9:49:11 | set | this expression |

6
java/ql/test/query-tests/ThreadSafe/examples/ThreadSafeInitializers.java
View File

@@ -26,7 +26,7 @@ public class ThreadSafeInitializers {
}
public void sync_map_put(Integer i, Integer v) {
sync_map.put(i,v); // $ SPURIOUS: Alert
sync_map.put(i,v);
}
public void sync_map_initialised_put(Integer i, Integer v) {
@@ -34,7 +34,7 @@ public class ThreadSafeInitializers {
}
public void cmap_put(String s1, String s2) {
cmap.put(s1, s2); // $ SPURIOUS: Alert
cmap.put(s1, s2);
}
public void cmap_initialised_put(String s1, String s2) {
@@ -46,7 +46,7 @@ public class ThreadSafeInitializers {
}
public void set_add(Integer i) {
set.add(i); // $ SPURIOUS: Alert
set.add(i);
}
public void set_initialised_add(Integer i) {