mirror of
https://github.com/github/codeql.git
synced 2026-02-01 07:42:57 +01:00
add explicit this qualifier on all of java
This commit is contained in:
Erik Krogh Kristensen
@@ -82,19 +82,19 @@ class SuppressedConstructor extends Constructor {
|
||||
SuppressedConstructor() {
|
||||
// Must be private or protected to suppress it.
|
||||
(
|
||||
isPrivate()
|
||||
this.isPrivate()
|
||||
or
|
||||
// A protected, suppressed constructor only makes sense in a non-abstract class.
|
||||
isProtected() and not getDeclaringType().isAbstract()
|
||||
this.isProtected() and not this.getDeclaringType().isAbstract()
|
||||
) and
|
||||
// Must be no-arg in order to replace the compiler generated default constructor.
|
||||
getNumberOfParameters() = 0 and
|
||||
this.getNumberOfParameters() = 0 and
|
||||
// Not the compiler-generated constructor itself.
|
||||
not isDefaultConstructor() and
|
||||
not this.isDefaultConstructor() and
|
||||
// Verify that there is only one statement, which is the `super()` call. This exists
|
||||
// even for empty constructors.
|
||||
getBody().(BlockStmt).getNumStmt() = 1 and
|
||||
getBody().(BlockStmt).getAStmt().(SuperConstructorInvocationStmt).getNumArgument() = 0 and
|
||||
this.getBody().(BlockStmt).getNumStmt() = 1 and
|
||||
this.getBody().(BlockStmt).getAStmt().(SuperConstructorInvocationStmt).getNumArgument() = 0 and
|
||||
// A constructor that is called is not acting to suppress the default constructor. We permit
|
||||
// calls from suppressed and default constructors - in both cases, they can only come from
|
||||
// sub-class constructors.
|
||||
@@ -105,7 +105,9 @@ class SuppressedConstructor extends Constructor {
|
||||
) and
|
||||
// If other constructors are declared, then no compiler-generated constructor is added, so
|
||||
// this constructor is not acting to suppress the default compiler-generated constructor.
|
||||
not exists(Constructor other | other = getDeclaringType().getAConstructor() and other != this)
|
||||
not exists(Constructor other |
|
||||
other = this.getDeclaringType().getAConstructor() and other != this
|
||||
)
|
||||
}
|
||||
}
|
||||
|
||||
@@ -114,7 +116,7 @@ class SuppressedConstructor extends Constructor {
|
||||
*/
|
||||
class NamespaceClass extends RefType {
|
||||
NamespaceClass() {
|
||||
fromSource() and
|
||||
this.fromSource() and
|
||||
// All members, apart from the default constructor and, if present, a "suppressed" constructor
|
||||
// must be static. There must be at least one member apart from the permitted constructors.
|
||||
forex(Member m |
|
||||
@@ -125,7 +127,9 @@ class NamespaceClass extends RefType {
|
||||
m.isStatic()
|
||||
) and
|
||||
// Must only extend other namespace classes, or `Object`.
|
||||
forall(RefType r | r = getASupertype() | r instanceof TypeObject or r instanceof NamespaceClass)
|
||||
forall(RefType r | r = this.getASupertype() |
|
||||
r instanceof TypeObject or r instanceof NamespaceClass
|
||||
)
|
||||
}
|
||||
}
|
||||
|
||||
@@ -197,7 +201,7 @@ class DeadClass extends SourceClassOrInterface {
|
||||
/**
|
||||
* Identify all the "dead" roots of this dead class.
|
||||
*/
|
||||
DeadRoot getADeadRoot() { result = getADeadRoot(getACallable()) }
|
||||
DeadRoot getADeadRoot() { result = getADeadRoot(this.getACallable()) }
|
||||
|
||||
/**
|
||||
* Holds if this dead class is only used within the class itself.
|
||||
@@ -206,8 +210,8 @@ class DeadClass extends SourceClassOrInterface {
|
||||
// Accessed externally if any callable in the class has a possible liveness cause outside the
|
||||
// class. Only one step is required.
|
||||
not exists(Callable c |
|
||||
c = possibleLivenessCause(getACallable()) and
|
||||
not c = getACallable()
|
||||
c = possibleLivenessCause(this.getACallable()) and
|
||||
not c = this.getACallable()
|
||||
)
|
||||
}
|
||||
}
|
||||
@@ -229,7 +233,7 @@ abstract class WhitelistedLiveClass extends RefType { }
|
||||
*/
|
||||
class DeadMethod extends Callable {
|
||||
DeadMethod() {
|
||||
fromSource() and
|
||||
this.fromSource() and
|
||||
not isLive(this) and
|
||||
not this.(Constructor).isDefaultConstructor() and
|
||||
// Ignore `SuppressedConstructor`s in `NamespaceClass`es. There is no reason to use a suppressed
|
||||
|
||||
@@ -10,7 +10,7 @@ import semmle.code.java.frameworks.jackson.JacksonSerializability
|
||||
* This defines the set of fields for which we will determine liveness.
|
||||
*/
|
||||
library class SourceField extends Field {
|
||||
SourceField() { fromSource() }
|
||||
SourceField() { this.fromSource() }
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -26,7 +26,7 @@ class DeadField extends SourceField {
|
||||
*/
|
||||
predicate isInDeadScope() {
|
||||
// `EnumConstant`s, and fields in dead classes, are reported in other queries.
|
||||
getDeclaringType() instanceof DeadClass or
|
||||
this.getDeclaringType() instanceof DeadClass or
|
||||
this instanceof EnumConstant
|
||||
}
|
||||
}
|
||||
@@ -37,7 +37,7 @@ class DeadField extends SourceField {
|
||||
*/
|
||||
class LiveField extends SourceField {
|
||||
LiveField() {
|
||||
exists(FieldRead access | access = getAnAccess() |
|
||||
exists(FieldRead access | access = this.getAnAccess() |
|
||||
isLive(access.getEnclosingCallable())
|
||||
or
|
||||
exists(Annotation a |
|
||||
@@ -89,11 +89,11 @@ abstract class WhitelistedLiveField extends Field { }
|
||||
*/
|
||||
class SerialVersionUIDField extends ReflectivelyReadField {
|
||||
SerialVersionUIDField() {
|
||||
hasName("serialVersionUID") and
|
||||
isStatic() and
|
||||
isFinal() and
|
||||
getType().hasName("long") and
|
||||
getDeclaringType().getASupertype*() instanceof TypeSerializable
|
||||
this.hasName("serialVersionUID") and
|
||||
this.isStatic() and
|
||||
this.isFinal() and
|
||||
this.getType().hasName("long") and
|
||||
this.getDeclaringType().getASupertype*() instanceof TypeSerializable
|
||||
}
|
||||
}
|
||||
|
||||
@@ -104,7 +104,7 @@ class SerialVersionUIDField extends ReflectivelyReadField {
|
||||
class LiveJaxbBoundField extends ReflectivelyReadField, JaxbBoundField {
|
||||
LiveJaxbBoundField() {
|
||||
// If the class is considered live, it must have at least one live constructor.
|
||||
exists(Constructor c | c = getDeclaringType().getAConstructor() | isLive(c))
|
||||
exists(Constructor c | c = this.getDeclaringType().getAConstructor() | isLive(c))
|
||||
}
|
||||
}
|
||||
|
||||
@@ -114,11 +114,11 @@ class LiveJaxbBoundField extends ReflectivelyReadField, JaxbBoundField {
|
||||
*/
|
||||
class JUnitAnnotatedField extends ReflectivelyReadField {
|
||||
JUnitAnnotatedField() {
|
||||
hasAnnotation("org.junit.experimental.theories", "DataPoint") or
|
||||
hasAnnotation("org.junit.experimental.theories", "DataPoints") or
|
||||
hasAnnotation("org.junit.runners", "Parameterized$Parameter") or
|
||||
hasAnnotation("org.junit", "Rule") or
|
||||
hasAnnotation("org.junit", "ClassRule")
|
||||
this.hasAnnotation("org.junit.experimental.theories", "DataPoint") or
|
||||
this.hasAnnotation("org.junit.experimental.theories", "DataPoints") or
|
||||
this.hasAnnotation("org.junit.runners", "Parameterized$Parameter") or
|
||||
this.hasAnnotation("org.junit", "Rule") or
|
||||
this.hasAnnotation("org.junit", "ClassRule")
|
||||
}
|
||||
}
|
||||
|
||||
@@ -164,8 +164,8 @@ class JPAReadField extends ReflectivelyReadField {
|
||||
)
|
||||
|
|
||||
not this.hasAnnotation("javax.persistence", "Transient") and
|
||||
not isStatic() and
|
||||
not isFinal()
|
||||
not this.isStatic() and
|
||||
not this.isFinal()
|
||||
)
|
||||
}
|
||||
}
|
||||
|
||||
@@ -102,7 +102,7 @@ library class JacksonReflectivelyConstructedClass extends ReflectivelyConstructe
|
||||
override Callable getALiveCallable() {
|
||||
// Constructors may be called by Jackson, if they are a no-arg, they have a suitable annotation,
|
||||
// or inherit a suitable annotation through a mixin.
|
||||
result = getAConstructor() and
|
||||
result = this.getAConstructor() and
|
||||
(
|
||||
result.getNumberOfParameters() = 0 or
|
||||
result.getAnAnnotation() instanceof JacksonAnnotation or
|
||||
@@ -153,7 +153,7 @@ class DeserializedClass extends ReflectivelyConstructedClass {
|
||||
*/
|
||||
class NewInstanceCall extends EntryPoint, NewInstance {
|
||||
override Constructor getALiveCallable() {
|
||||
result = getInferredConstructor() and
|
||||
result = this.getInferredConstructor() and
|
||||
// The `newInstance(...)` call must be used in a live context.
|
||||
isLive(this.getEnclosingCallable())
|
||||
}
|
||||
@@ -164,7 +164,7 @@ class NewInstanceCall extends EntryPoint, NewInstance {
|
||||
*/
|
||||
class ReflectiveMethodAccessEntryPoint extends EntryPoint, ReflectiveMethodAccess {
|
||||
override Method getALiveCallable() {
|
||||
result = inferAccessedMethod() and
|
||||
result = this.inferAccessedMethod() and
|
||||
// The `getMethod(...)` call must be used in a live context.
|
||||
isLive(this.getEnclosingCallable())
|
||||
}
|
||||
@@ -210,8 +210,8 @@ class JaxbXmlEnum extends AnnotationEntryPoint {
|
||||
class JaxbXmlType extends AnnotationEntryPoint, JaxbType {
|
||||
override Callable getALiveCallable() {
|
||||
// Must have a live no-arg constructor for JAXB to perform marshal/unmarshal.
|
||||
exists(Constructor c | c = getAConstructor() and c.getNumberOfParameters() = 0 | isLive(c)) and
|
||||
result = getACallable() and
|
||||
exists(Constructor c | c = this.getAConstructor() and c.getNumberOfParameters() = 0 | isLive(c)) and
|
||||
result = this.getACallable() and
|
||||
(
|
||||
// A bound getter or setter.
|
||||
result instanceof JaxbBoundGetterSetter
|
||||
@@ -262,7 +262,7 @@ class ManagedBeanImplEntryPoint extends EntryPoint, RegisteredManagedBeanImpl {
|
||||
// Find the method that will be called for each method on each managed bean that this class
|
||||
// implements.
|
||||
this.inherits(result) and
|
||||
result.(Method).overrides(getAnImplementedManagedBean().getAMethod())
|
||||
result.(Method).overrides(this.getAnImplementedManagedBean().getAMethod())
|
||||
}
|
||||
}
|
||||
|
||||
@@ -377,7 +377,7 @@ class JavaxResourceAnnotatedMethod extends CallableEntryPointOnConstructedClass
|
||||
*/
|
||||
class JavaxManagedBeanReflectivelyConstructed extends ReflectivelyConstructedClass {
|
||||
JavaxManagedBeanReflectivelyConstructed() {
|
||||
getAnAnnotation() instanceof JavaxManagedBeanAnnotation
|
||||
this.getAnAnnotation() instanceof JavaxManagedBeanAnnotation
|
||||
}
|
||||
}
|
||||
|
||||
@@ -413,13 +413,13 @@ class PersistencePropertyMethod extends CallableEntryPoint {
|
||||
*/
|
||||
class PersistenceCallbackMethod extends CallableEntryPoint {
|
||||
PersistenceCallbackMethod() {
|
||||
getAnAnnotation() instanceof PrePersistAnnotation or
|
||||
getAnAnnotation() instanceof PreRemoveAnnotation or
|
||||
getAnAnnotation() instanceof PreUpdateAnnotation or
|
||||
getAnAnnotation() instanceof PostPersistAnnotation or
|
||||
getAnAnnotation() instanceof PostRemoveAnnotation or
|
||||
getAnAnnotation() instanceof PostUpdateAnnotation or
|
||||
getAnAnnotation() instanceof PostLoadAnnotation
|
||||
this.getAnAnnotation() instanceof PrePersistAnnotation or
|
||||
this.getAnAnnotation() instanceof PreRemoveAnnotation or
|
||||
this.getAnAnnotation() instanceof PreUpdateAnnotation or
|
||||
this.getAnAnnotation() instanceof PostPersistAnnotation or
|
||||
this.getAnAnnotation() instanceof PostRemoveAnnotation or
|
||||
this.getAnAnnotation() instanceof PostUpdateAnnotation or
|
||||
this.getAnAnnotation() instanceof PostLoadAnnotation
|
||||
}
|
||||
}
|
||||
|
||||
@@ -429,20 +429,20 @@ class PersistenceCallbackMethod extends CallableEntryPoint {
|
||||
*/
|
||||
class ArbitraryXMLEntryPoint extends ReflectivelyConstructedClass {
|
||||
ArbitraryXMLEntryPoint() {
|
||||
fromSource() and
|
||||
this.fromSource() and
|
||||
exists(XMLAttribute attribute |
|
||||
attribute.getName() = "className" or
|
||||
attribute.getName().matches("%ClassName") or
|
||||
attribute.getName() = "class" or
|
||||
attribute.getName().matches("%Class")
|
||||
|
|
||||
attribute.getValue() = getQualifiedName()
|
||||
attribute.getValue() = this.getQualifiedName()
|
||||
)
|
||||
}
|
||||
|
||||
override Callable getALiveCallable() {
|
||||
// Any constructor on these classes, as we don't know which may be called.
|
||||
result = getAConstructor()
|
||||
result = this.getAConstructor()
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -18,7 +18,7 @@ class TestMethodEntry extends CallableEntryPoint {
|
||||
or
|
||||
exists(AnnotationType a | a = this.getAnAnnotation().getType() |
|
||||
a.hasQualifiedName("org.junit.runners", "Parameterized$Parameters") and
|
||||
getDeclaringType() instanceof ParameterizedJUnitTest
|
||||
this.getDeclaringType() instanceof ParameterizedJUnitTest
|
||||
)
|
||||
}
|
||||
}
|
||||
@@ -28,12 +28,12 @@ class TestMethodEntry extends CallableEntryPoint {
|
||||
*/
|
||||
class BeforeOrAfterEntry extends CallableEntryPoint {
|
||||
BeforeOrAfterEntry() {
|
||||
getAnAnnotation() instanceof TestNGBeforeAnnotation or
|
||||
getAnAnnotation() instanceof TestNGAfterAnnotation or
|
||||
getAnAnnotation() instanceof BeforeAnnotation or
|
||||
getAnAnnotation() instanceof BeforeClassAnnotation or
|
||||
getAnAnnotation() instanceof AfterAnnotation or
|
||||
getAnAnnotation() instanceof AfterClassAnnotation
|
||||
this.getAnAnnotation() instanceof TestNGBeforeAnnotation or
|
||||
this.getAnAnnotation() instanceof TestNGAfterAnnotation or
|
||||
this.getAnAnnotation() instanceof BeforeAnnotation or
|
||||
this.getAnAnnotation() instanceof BeforeClassAnnotation or
|
||||
this.getAnAnnotation() instanceof AfterAnnotation or
|
||||
this.getAnAnnotation() instanceof AfterClassAnnotation
|
||||
}
|
||||
}
|
||||
|
||||
@@ -44,7 +44,7 @@ class JUnitTheories extends CallableEntryPoint {
|
||||
JUnitTheories() {
|
||||
exists(AnnotationType a |
|
||||
a = this.getAnAnnotation().getType() and
|
||||
getDeclaringType() instanceof JUnitTheoryTest
|
||||
this.getDeclaringType() instanceof JUnitTheoryTest
|
||||
|
|
||||
a.hasQualifiedName("org.junit.experimental.theories", "Theory") or
|
||||
a.hasQualifiedName("org.junit.experimental.theories", "DataPoint") or
|
||||
@@ -63,7 +63,7 @@ class JUnitDataPointField extends ReflectivelyReadField {
|
||||
a.hasQualifiedName("org.junit.experimental.theories", "DataPoint") or
|
||||
a.hasQualifiedName("org.junit.experimental.theories", "DataPoints")
|
||||
) and
|
||||
getDeclaringType() instanceof JUnitTheoryTest
|
||||
this.getDeclaringType() instanceof JUnitTheoryTest
|
||||
)
|
||||
}
|
||||
}
|
||||
@@ -152,7 +152,7 @@ class CucumberConstructedClass extends ReflectivelyConstructedClass {
|
||||
// Consider any constructor to be live - Cucumber calls a runtime-specified dependency
|
||||
// injection framework (possibly an in-built one) to construct these instances, so any
|
||||
// constructor could be called.
|
||||
result = getAConstructor()
|
||||
result = this.getAConstructor()
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -29,7 +29,7 @@ class ServletConstructedClass extends ReflectivelyConstructedClass {
|
||||
*/
|
||||
class ServletListenerClass extends ReflectivelyConstructedClass {
|
||||
ServletListenerClass() {
|
||||
getAnAncestor() instanceof ServletWebXMLListenerType and
|
||||
this.getAnAncestor() instanceof ServletWebXMLListenerType and
|
||||
// If we have seen any `web.xml` files, this listener will be considered to be live only if it is
|
||||
// referred to as a listener-class in at least one. If no `web.xml` files are found, we assume
|
||||
// that XML extraction was not enabled, and therefore consider all listener classes as live.
|
||||
@@ -47,7 +47,7 @@ class ServletListenerClass extends ReflectivelyConstructedClass {
|
||||
*/
|
||||
class ServletFilterClass extends ReflectivelyConstructedClass {
|
||||
ServletFilterClass() {
|
||||
getASupertype*().hasQualifiedName("javax.servlet", "Filter") and
|
||||
this.getASupertype*().hasQualifiedName("javax.servlet", "Filter") and
|
||||
// If we have seen any `web.xml` files, this filter will be considered to be live only if it is
|
||||
// referred to as a filter-class in at least one. If no `web.xml` files are found, we assume
|
||||
// that XML extraction was not enabled, and therefore consider all filter classes as live.
|
||||
|
||||
Reference in New Issue
Block a user