From dfad1fc7402cd28f2e90fc4c8c43fa1ce1a7b734 Mon Sep 17 00:00:00 2001
From: Jonathan Leitschuh <Jonathan.Leitschuh@gmail.com>
Date: Mon, 3 May 2021 12:58:00 -0400
Subject: [PATCH] [Java] Add support for
 com.google.common.base.MoreObjects#firstNonNull

---
 java/change-notes/2021-05-03-guava-first-non-null.md     | 2 ++
 java/ql/src/semmle/code/java/frameworks/guava/Base.qll   | 3 ++-
 .../ql/test/library-tests/frameworks/guava/TestBase.java | 6 ++++++
 .../guava-30.0/com/google/common/base/MoreObjects.java   | 9 +++++++++
 4 files changed, 19 insertions(+), 1 deletion(-)
 create mode 100644 java/change-notes/2021-05-03-guava-first-non-null.md
 create mode 100644 java/ql/test/stubs/guava-30.0/com/google/common/base/MoreObjects.java

diff --git a/java/change-notes/2021-05-03-guava-first-non-null.md b/java/change-notes/2021-05-03-guava-first-non-null.md
new file mode 100644
index 00000000000..3cd307d9455
--- /dev/null
+++ b/java/change-notes/2021-05-03-guava-first-non-null.md
@@ -0,0 +1,2 @@
+lgtm,codescanning
+* Increase coverage of the Guava framework by adding support for `com.google.common.base.MoreObjects#firstNonNull`.
diff --git a/java/ql/src/semmle/code/java/frameworks/guava/Base.qll b/java/ql/src/semmle/code/java/frameworks/guava/Base.qll
index 194d723caf5..04a97f79f53 100644
--- a/java/ql/src/semmle/code/java/frameworks/guava/Base.qll
+++ b/java/ql/src/semmle/code/java/frameworks/guava/Base.qll
@@ -35,7 +35,8 @@ private class GuavaBaseCsv extends SummaryModelCsv {
         "com.google.common.base;Splitter;false;splitToList;(CharSequence);;Argument[0];ReturnValue;taint",
         "com.google.common.base;Splitter;false;splitToStream;(CharSequence);;Argument[0];ReturnValue;taint",
         "com.google.common.base;Splitter$MapSplitter;false;split;(CharSequence);;Argument[0];ReturnValue;taint",
-        "com.google.common.base;Preconditions;false;checkNotNull;;;Argument[0];ReturnValue;value"
+        "com.google.common.base;Preconditions;false;checkNotNull;;;Argument[0];ReturnValue;value",
+        "com.google.common.base;MoreObjects;false;firstNonNull;;;Argument[0..1];ReturnValue;value"
       ]
   }
 }
diff --git a/java/ql/test/library-tests/frameworks/guava/TestBase.java b/java/ql/test/library-tests/frameworks/guava/TestBase.java
index 9ce907f4551..ad75f5cafbf 100644
--- a/java/ql/test/library-tests/frameworks/guava/TestBase.java
+++ b/java/ql/test/library-tests/frameworks/guava/TestBase.java
@@ -60,4 +60,10 @@ class TestBase {
     void test4() {
         sink(Preconditions.checkNotNull(taint())); // $numTaintFlow=1
     }
+
+    void test5() {
+        sink(MoreObjects.firstNonNull(taint(), taint())); // $numTaintFlow=2
+        sink(MoreObjects.firstNonNull(null, taint())); // $numTaintFlow=1
+        sink(MoreObjects.firstNonNull(taint(), null)); // $numTaintFlow=1
+    }
 }
diff --git a/java/ql/test/stubs/guava-30.0/com/google/common/base/MoreObjects.java b/java/ql/test/stubs/guava-30.0/com/google/common/base/MoreObjects.java
new file mode 100644
index 00000000000..3f4912b021b
--- /dev/null
+++ b/java/ql/test/stubs/guava-30.0/com/google/common/base/MoreObjects.java
@@ -0,0 +1,9 @@
+package com.google.common.base;
+
+import org.checkerframework.checker.nullness.qual.Nullable;
+
+public final class MoreObjects {
+    public static <T> T firstNonNull(@Nullable T first, @Nullable T second) {
+        return null;
+    }
+}
\ No newline at end of file