mirror of
https://github.com/github/codeql.git
synced 2025-12-16 16:53:25 +01:00
Merge pull request #6580 from smowton/smowton/admin/guava-models-mistakes
Fix minor mistakes in old Guava models
This commit is contained in:
Chris Smowton
@@ -62,7 +62,7 @@ private class GuavaBaseCsv extends SummaryModelCsv {
|
||||
"com.google.common.base;Converter;true;apply;(Object);;Argument[0];ReturnValue;taint",
|
||||
"com.google.common.base;Converter;true;convert;(Object);;Argument[0];ReturnValue;taint",
|
||||
"com.google.common.base;Converter;true;convertAll;(Iterable);;Element of Argument[0];Element of ReturnValue;taint",
|
||||
"com.google.common.base;Supplier;true;get;();;Argument[0];ReturnValue;taint",
|
||||
"com.google.common.base;Supplier;true;get;();;Argument[-1];ReturnValue;taint",
|
||||
"com.google.common.base;Suppliers;false;ofInstance;(Object);;Argument[0];ReturnValue;taint",
|
||||
"com.google.common.base;Suppliers;false;memoize;(Supplier);;Argument[0];ReturnValue;taint",
|
||||
"com.google.common.base;Suppliers;false;memoizeWithExpiration;(Supplier,long,TimeUnit);;Argument[0];ReturnValue;taint",
|
||||
|
||||
@@ -34,7 +34,7 @@ private class GuavaIoCsv extends SummaryModelCsv {
|
||||
"com.google.common.io;ByteSource;true;slice;(long,long);;Argument[-1];ReturnValue;taint",
|
||||
"com.google.common.io;ByteSource;true;wrap;(byte[]);;Argument[0];ReturnValue;taint",
|
||||
"com.google.common.io;ByteStreams;false;copy;(InputStream,OutputStream);;Argument[0];Argument[1];taint",
|
||||
"com.google.common.io;ByteStreams;false;copy;(ReadablyByteChannel,WritableByteChannel);;Argument[0];Argument[1];taint",
|
||||
"com.google.common.io;ByteStreams;false;copy;(ReadableByteChannel,WritableByteChannel);;Argument[0];Argument[1];taint",
|
||||
"com.google.common.io;ByteStreams;false;limit;(InputStream,long);;Argument[0];ReturnValue;taint",
|
||||
"com.google.common.io;ByteStreams;false;newDataInput;(byte[]);;Argument[0];ReturnValue;taint",
|
||||
"com.google.common.io;ByteStreams;false;newDataInput;(byte[],int);;Argument[0];ReturnValue;taint",
|
||||
|
||||
@@ -75,7 +75,7 @@ class TestBase {
|
||||
}
|
||||
|
||||
void test6() {
|
||||
sink(Suppliers.memoize(Suppliers.memoizeWithExpiration(Suppliers.synchronizedSupplier(Suppliers.ofInstance(taint())), 3, TimeUnit.HOURS))); // $numTaintFlow=1
|
||||
sink(Suppliers.memoize(Suppliers.memoizeWithExpiration(Suppliers.synchronizedSupplier(Suppliers.ofInstance(taint())), 3, TimeUnit.HOURS)).get()); // $numTaintFlow=1
|
||||
}
|
||||
|
||||
void test7() {
|
||||
|
||||
@@ -8,7 +8,11 @@ import java.io.ByteArrayInputStream;
|
||||
import java.io.ByteArrayOutputStream;
|
||||
import java.io.InputStream;
|
||||
import java.io.Closeable;
|
||||
import java.nio.channels.FileChannel;
|
||||
import java.nio.channels.ReadableByteChannel;
|
||||
import java.nio.channels.WritableByteChannel;
|
||||
import java.nio.file.Path;
|
||||
import java.nio.file.Paths;
|
||||
import java.io.IOException;
|
||||
|
||||
class TestIO {
|
||||
@@ -16,6 +20,7 @@ class TestIO {
|
||||
String staint(){ return (String) taint(); }
|
||||
byte[] btaint() { return (byte[]) taint(); }
|
||||
InputStream itaint() { return (InputStream) taint(); }
|
||||
ReadableByteChannel rbctaint() { return (ReadableByteChannel) taint(); }
|
||||
Reader rtaint() { return new InputStreamReader(itaint()); }
|
||||
Path ptaint() { return (Path) taint(); }
|
||||
|
||||
@@ -75,6 +80,16 @@ class TestIO {
|
||||
}
|
||||
|
||||
void test3() throws IOException {
|
||||
{
|
||||
ByteArrayOutputStream out = new ByteArrayOutputStream();
|
||||
ByteStreams.copy(itaint(), out);
|
||||
sink(out); // $numTaintFlow=1
|
||||
}
|
||||
{
|
||||
WritableByteChannel out = FileChannel.open(Paths.get("/tmp/xyz"));
|
||||
ByteStreams.copy(rbctaint(), out);
|
||||
sink(out); // $numTaintFlow=1
|
||||
}
|
||||
sink(ByteStreams.limit(itaint(), 1337)); // $numTaintFlow=1
|
||||
sink(ByteStreams.newDataInput(btaint())); // $numTaintFlow=1
|
||||
sink(ByteStreams.newDataInput(btaint(), 0)); // $numTaintFlow=1
|
||||
|
||||
Reference in New Issue
Block a user