Merge pull request #14919 from github/java/jdk-model-autogeneration

Java: add dataflow-generated models for JDK17
2026-04-27 17:55:19 +02:00 · 2024-04-04 21:12:55 +01:00
parent 32ea94e625 fdafaa2ff4
commit e10333bf2b
155 changed files with 14838 additions and 13 deletions
--- a/java/ql/test/library-tests/frameworks/apache-commons-lang3/StrBuilderTest.java
+++ b/java/ql/test/library-tests/frameworks/apache-commons-lang3/StrBuilderTest.java
@@ -18,8 +18,8 @@ class StrBuilderTest {

        StrBuilder sb1 = new StrBuilder(); sb1.append(taint().toCharArray()); sink(sb1.toString()); // $hasTaintFlow
        StrBuilder sb2 = new StrBuilder(); sb2.append(taint().toCharArray(), 0, 0); sink(sb2.toString()); // $hasTaintFlow
-        StrBuilder sb3 = new StrBuilder(); sb3.append(CharBuffer.wrap(taint().toCharArray())); sink(sb3.toString()); // $ MISSING: hasTaintFlow
-        StrBuilder sb4 = new StrBuilder(); sb4.append(CharBuffer.wrap(taint().toCharArray()), 0, 0); sink(sb4.toString()); // $ MISSING: hasTaintFlow
+        StrBuilder sb3 = new StrBuilder(); sb3.append(CharBuffer.wrap(taint().toCharArray())); sink(sb3.toString()); // $ hasTaintFlow
+        StrBuilder sb4 = new StrBuilder(); sb4.append(CharBuffer.wrap(taint().toCharArray()), 0, 0); sink(sb4.toString()); // $ hasTaintFlow
        StrBuilder sb5 = new StrBuilder(); sb5.append((CharSequence)taint()); sink(sb5.toString()); // $hasTaintFlow
        StrBuilder sb6 = new StrBuilder(); sb6.append((CharSequence)taint(), 0, 0); sink(sb6.toString()); // $hasTaintFlow
        StrBuilder sb7 = new StrBuilder(); sb7.append((Object)taint()); sink(sb7.toString()); // $hasTaintFlow
@@ -206,4 +206,4 @@ class StrBuilderTest {
        sink(fluentAllMethodsTest2); // $hasTaintFlow
    }

-}
+}
--- a/java/ql/test/library-tests/frameworks/apache-commons-lang3/StrBuilderTextTest.java
+++ b/java/ql/test/library-tests/frameworks/apache-commons-lang3/StrBuilderTextTest.java
@@ -18,8 +18,8 @@ class StrBuilderTextTest {

        StrBuilder sb1 = new StrBuilder(); sb1.append(taint().toCharArray()); sink(sb1.toString()); // $hasTaintFlow
        StrBuilder sb2 = new StrBuilder(); sb2.append(taint().toCharArray(), 0, 0); sink(sb2.toString()); // $hasTaintFlow
-        StrBuilder sb3 = new StrBuilder(); sb3.append(CharBuffer.wrap(taint().toCharArray())); sink(sb3.toString()); // $ MISSING: hasTaintFlow
-        StrBuilder sb4 = new StrBuilder(); sb4.append(CharBuffer.wrap(taint().toCharArray()), 0, 0); sink(sb4.toString()); // $ MISSING: hasTaintFlow
+        StrBuilder sb3 = new StrBuilder(); sb3.append(CharBuffer.wrap(taint().toCharArray())); sink(sb3.toString()); // $ hasTaintFlow
+        StrBuilder sb4 = new StrBuilder(); sb4.append(CharBuffer.wrap(taint().toCharArray()), 0, 0); sink(sb4.toString()); // $ hasTaintFlow
        StrBuilder sb5 = new StrBuilder(); sb5.append((CharSequence)taint()); sink(sb5.toString()); // $hasTaintFlow
        StrBuilder sb6 = new StrBuilder(); sb6.append((CharSequence)taint(), 0, 0); sink(sb6.toString()); // $hasTaintFlow
        StrBuilder sb7 = new StrBuilder(); sb7.append((Object)taint()); sink(sb7.toString()); // $hasTaintFlow
@@ -206,4 +206,4 @@ class StrBuilderTextTest {
        sink(fluentAllMethodsTest2); // $hasTaintFlow
    }

-}
+}
--- a/java/ql/test/library-tests/frameworks/apache-commons-lang3/TextStringBuilderTest.java
+++ b/java/ql/test/library-tests/frameworks/apache-commons-lang3/TextStringBuilderTest.java
@@ -19,8 +19,8 @@ class TextStringBuilderTest {

        TextStringBuilder sb1 = new TextStringBuilder(); sb1.append(taint().toCharArray()); sink(sb1.toString()); // $hasTaintFlow
        TextStringBuilder sb2 = new TextStringBuilder(); sb2.append(taint().toCharArray(), 0, 0); sink(sb2.toString()); // $hasTaintFlow
-        TextStringBuilder sb3 = new TextStringBuilder(); sb3.append(CharBuffer.wrap(taint().toCharArray())); sink(sb3.toString()); // $ MISSING: hasTaintFlow
-        TextStringBuilder sb4 = new TextStringBuilder(); sb4.append(CharBuffer.wrap(taint().toCharArray()), 0, 0); sink(sb4.toString()); // $ MISSING: hasTaintFlow
+        TextStringBuilder sb3 = new TextStringBuilder(); sb3.append(CharBuffer.wrap(taint().toCharArray())); sink(sb3.toString()); // $ hasTaintFlow
+        TextStringBuilder sb4 = new TextStringBuilder(); sb4.append(CharBuffer.wrap(taint().toCharArray()), 0, 0); sink(sb4.toString()); // $ hasTaintFlow
        TextStringBuilder sb5 = new TextStringBuilder(); sb5.append((CharSequence)taint()); sink(sb5.toString()); // $hasTaintFlow
        TextStringBuilder sb6 = new TextStringBuilder(); sb6.append((CharSequence)taint(), 0, 0); sink(sb6.toString()); // $hasTaintFlow
        TextStringBuilder sb7 = new TextStringBuilder(); sb7.append((Object)taint()); sink(sb7.toString()); // $hasTaintFlow
@@ -207,4 +207,4 @@ class TextStringBuilderTest {
        sink(fluentAllMethodsTest2); // $hasTaintFlow
    }

-}
+}
--- a/java/ql/test/query-tests/Metrics/GeneratedVsManualCoverage/TopJdkApisTest/TopJdkApisTest.expected
+++ b/java/ql/test/query-tests/Metrics/GeneratedVsManualCoverage/TopJdkApisTest/TopJdkApisTest.expected
@@ -14,10 +14,10 @@
 | java.time.chrono | 0 | 0 | 0 | 1 | 1 | 0.0 | 0.0 | 0.0 | NaN | NaN | 1.0 |
 | java.time.format | 0 | 0 | 0 | 2 | 2 | 0.0 | 0.0 | 0.0 | NaN | NaN | 1.0 |
 | java.util | 0 | 0 | 86 | 64 | 150 | 0.5733333333333334 | 0.0 | 0.5733333333333334 | 0.0 | NaN | 0.4266666666666667 |
-| java.util.concurrent | 0 | 0 | 9 | 9 | 18 | 0.5 | 0.0 | 0.5 | 0.0 | NaN | 0.5 |
+| java.util.concurrent | 1 | 0 | 9 | 8 | 18 | 0.5555555555555556 | 0.05555555555555555 | 0.5 | 0.0 | 0.0 | 0.4444444444444444 |
 | java.util.concurrent.atomic | 0 | 0 | 2 | 11 | 13 | 0.15384615384615385 | 0.0 | 0.15384615384615385 | 0.0 | NaN | 0.8461538461538461 |
 | java.util.concurrent.locks | 0 | 0 | 0 | 2 | 2 | 0.0 | 0.0 | 0.0 | NaN | NaN | 1.0 |
 | java.util.function | 0 | 0 | 0 | 1 | 1 | 0.0 | 0.0 | 0.0 | NaN | NaN | 1.0 |
 | java.util.logging | 0 | 0 | 1 | 1 | 2 | 0.5 | 0.0 | 0.5 | 0.0 | NaN | 0.5 |
 | java.util.regex | 0 | 0 | 3 | 1 | 4 | 0.75 | 0.0 | 0.75 | 0.0 | NaN | 0.25 |
-| java.util.stream | 0 | 0 | 18 | 8 | 26 | 0.6923076923076923 | 0.0 | 0.6923076923076923 | 0.0 | NaN | 0.3076923076923077 |
+| java.util.stream | 1 | 0 | 18 | 7 | 26 | 0.7307692307692307 | 0.038461538461538464 | 0.6923076923076923 | 0.0 | 0.0 | 0.2692307692307692 |
--- a/java/ql/test/query-tests/security/CWE-090/LdapInjection.expected
+++ b/java/ql/test/query-tests/security/CWE-090/LdapInjection.expected
@@ -8,14 +8,20 @@ edges
 | LdapInjection.java:63:28:63:59 | jBadInitial : String | LdapInjection.java:65:29:65:55 | ... + ... | provenance |  |
 | LdapInjection.java:69:28:69:52 | jBad : String | LdapInjection.java:71:84:71:103 | ... + ... | provenance |  |
 | LdapInjection.java:69:55:69:88 | jBadDNNameAdd : String | LdapInjection.java:71:53:71:79 | ... + ... : String | provenance |  |
+| LdapInjection.java:71:16:71:31 | new LdapName(...) : LdapName | LdapInjection.java:71:16:71:81 | addAll(...) | provenance |  |
+| LdapInjection.java:71:40:71:80 | new LdapName(...) : LdapName | LdapInjection.java:71:16:71:31 | new LdapName(...) : LdapName | provenance |  |
 | LdapInjection.java:71:40:71:80 | new LdapName(...) : LdapName | LdapInjection.java:71:16:71:81 | addAll(...) | provenance |  |
 | LdapInjection.java:71:53:71:79 | ... + ... : String | LdapInjection.java:71:40:71:80 | new LdapName(...) : LdapName | provenance |  |
 | LdapInjection.java:75:28:75:52 | jBad : String | LdapInjection.java:79:47:79:66 | ... + ... | provenance |  |
 | LdapInjection.java:75:55:75:89 | jBadDNNameAdd2 : String | LdapInjection.java:78:30:78:57 | ... + ... : String | provenance |  |
 | LdapInjection.java:78:5:78:8 | name : LdapName | LdapInjection.java:79:40:79:43 | name : LdapName | provenance |  |
+| LdapInjection.java:78:5:78:8 | name [post update] : LdapName | LdapInjection.java:79:40:79:43 | name : LdapName | provenance |  |
 | LdapInjection.java:78:17:78:58 | new LdapName(...) : LdapName | LdapInjection.java:78:17:78:68 | getRdns(...) : List | provenance |  |
 | LdapInjection.java:78:17:78:68 | getRdns(...) : List | LdapInjection.java:78:5:78:8 | name : LdapName | provenance |  |
+| LdapInjection.java:78:17:78:68 | getRdns(...) : List | LdapInjection.java:78:5:78:8 | name [post update] : LdapName | provenance |  |
 | LdapInjection.java:78:30:78:57 | ... + ... : String | LdapInjection.java:78:17:78:58 | new LdapName(...) : LdapName | provenance |  |
+| LdapInjection.java:79:16:79:31 | new LdapName(...) : LdapName | LdapInjection.java:79:16:79:44 | addAll(...) | provenance |  |
+| LdapInjection.java:79:40:79:43 | name : LdapName | LdapInjection.java:79:16:79:31 | new LdapName(...) : LdapName | provenance |  |
 | LdapInjection.java:79:40:79:43 | name : LdapName | LdapInjection.java:79:16:79:44 | addAll(...) | provenance |  |
 | LdapInjection.java:83:28:83:52 | jBad : String | LdapInjection.java:85:75:85:94 | ... + ... | provenance |  |
 | LdapInjection.java:83:55:83:93 | jBadDNNameToString : String | LdapInjection.java:85:29:85:60 | ... + ... : String | provenance |  |
@@ -26,6 +32,8 @@ edges
 | LdapInjection.java:91:23:91:65 | new LdapName(...) : LdapName | LdapInjection.java:91:23:91:73 | clone(...) : Object | provenance |  |
 | LdapInjection.java:91:23:91:73 | clone(...) : Object | LdapInjection.java:91:16:91:73 | (...)... | provenance |  |
 | LdapInjection.java:91:36:91:64 | ... + ... : String | LdapInjection.java:91:23:91:65 | new LdapName(...) : LdapName | provenance |  |
+| LdapInjection.java:100:27:100:59 | jOkAttribute : String | LdapInjection.java:101:49:101:60 | jOkAttribute : String | provenance |  |
+| LdapInjection.java:101:49:101:60 | jOkAttribute : String | LdapInjection.java:101:29:101:75 | new BasicAttributes(...) | provenance |  |
 | LdapInjection.java:106:31:106:55 | uBad : String | LdapInjection.java:108:67:108:86 | ... + ... | provenance |  |
 | LdapInjection.java:106:58:106:84 | uBadDN : String | LdapInjection.java:108:20:108:39 | ... + ... | provenance |  |
 | LdapInjection.java:112:31:112:67 | uBadFilterCreate : String | LdapInjection.java:113:72:113:87 | uBadFilterCreate : String | provenance |  |
@@ -154,6 +162,7 @@ nodes
 | LdapInjection.java:65:29:65:55 | ... + ... | semmle.label | ... + ... |
 | LdapInjection.java:69:28:69:52 | jBad : String | semmle.label | jBad : String |
 | LdapInjection.java:69:55:69:88 | jBadDNNameAdd : String | semmle.label | jBadDNNameAdd : String |
+| LdapInjection.java:71:16:71:31 | new LdapName(...) : LdapName | semmle.label | new LdapName(...) : LdapName |
 | LdapInjection.java:71:16:71:81 | addAll(...) | semmle.label | addAll(...) |
 | LdapInjection.java:71:40:71:80 | new LdapName(...) : LdapName | semmle.label | new LdapName(...) : LdapName |
 | LdapInjection.java:71:53:71:79 | ... + ... : String | semmle.label | ... + ... : String |
@@ -161,9 +170,11 @@ nodes
 | LdapInjection.java:75:28:75:52 | jBad : String | semmle.label | jBad : String |
 | LdapInjection.java:75:55:75:89 | jBadDNNameAdd2 : String | semmle.label | jBadDNNameAdd2 : String |
 | LdapInjection.java:78:5:78:8 | name : LdapName | semmle.label | name : LdapName |
+| LdapInjection.java:78:5:78:8 | name [post update] : LdapName | semmle.label | name [post update] : LdapName |
 | LdapInjection.java:78:17:78:58 | new LdapName(...) : LdapName | semmle.label | new LdapName(...) : LdapName |
 | LdapInjection.java:78:17:78:68 | getRdns(...) : List | semmle.label | getRdns(...) : List |
 | LdapInjection.java:78:30:78:57 | ... + ... : String | semmle.label | ... + ... : String |
+| LdapInjection.java:79:16:79:31 | new LdapName(...) : LdapName | semmle.label | new LdapName(...) : LdapName |
 | LdapInjection.java:79:16:79:44 | addAll(...) | semmle.label | addAll(...) |
 | LdapInjection.java:79:40:79:43 | name : LdapName | semmle.label | name : LdapName |
 | LdapInjection.java:79:47:79:66 | ... + ... | semmle.label | ... + ... |
@@ -180,6 +191,9 @@ nodes
 | LdapInjection.java:91:23:91:73 | clone(...) : Object | semmle.label | clone(...) : Object |
 | LdapInjection.java:91:36:91:64 | ... + ... : String | semmle.label | ... + ... : String |
 | LdapInjection.java:91:76:91:95 | ... + ... | semmle.label | ... + ... |
+| LdapInjection.java:100:27:100:59 | jOkAttribute : String | semmle.label | jOkAttribute : String |
+| LdapInjection.java:101:29:101:75 | new BasicAttributes(...) | semmle.label | new BasicAttributes(...) |
+| LdapInjection.java:101:49:101:60 | jOkAttribute : String | semmle.label | jOkAttribute : String |
 | LdapInjection.java:106:31:106:55 | uBad : String | semmle.label | uBad : String |
 | LdapInjection.java:106:58:106:84 | uBadDN : String | semmle.label | uBadDN : String |
 | LdapInjection.java:108:20:108:39 | ... + ... | semmle.label | ... + ... |
@@ -348,6 +362,7 @@ subpaths
 | LdapInjection.java:85:75:85:94 | ... + ... | LdapInjection.java:83:28:83:52 | jBad : String | LdapInjection.java:85:75:85:94 | ... + ... | This LDAP query depends on a $@. | LdapInjection.java:83:28:83:52 | jBad | user-provided value |
 | LdapInjection.java:91:16:91:73 | (...)... | LdapInjection.java:89:55:89:90 | jBadDNNameClone : String | LdapInjection.java:91:16:91:73 | (...)... | This LDAP query depends on a $@. | LdapInjection.java:89:55:89:90 | jBadDNNameClone | user-provided value |
 | LdapInjection.java:91:76:91:95 | ... + ... | LdapInjection.java:89:28:89:52 | jBad : String | LdapInjection.java:91:76:91:95 | ... + ... | This LDAP query depends on a $@. | LdapInjection.java:89:28:89:52 | jBad | user-provided value |
+| LdapInjection.java:101:29:101:75 | new BasicAttributes(...) | LdapInjection.java:100:27:100:59 | jOkAttribute : String | LdapInjection.java:101:29:101:75 | new BasicAttributes(...) | This LDAP query depends on a $@. | LdapInjection.java:100:27:100:59 | jOkAttribute | user-provided value |
 | LdapInjection.java:108:20:108:39 | ... + ... | LdapInjection.java:106:58:106:84 | uBadDN : String | LdapInjection.java:108:20:108:39 | ... + ... | This LDAP query depends on a $@. | LdapInjection.java:106:58:106:84 | uBadDN | user-provided value |
 | LdapInjection.java:108:67:108:86 | ... + ... | LdapInjection.java:106:31:106:55 | uBad : String | LdapInjection.java:108:67:108:86 | ... + ... | This LDAP query depends on a $@. | LdapInjection.java:106:31:106:55 | uBad | user-provided value |
 | LdapInjection.java:113:58:113:88 | create(...) | LdapInjection.java:112:31:112:67 | uBadFilterCreate : String | LdapInjection.java:113:58:113:88 | create(...) | This LDAP query depends on a $@. | LdapInjection.java:112:31:112:67 | uBadFilterCreate | user-provided value |
--- a/java/ql/test/utils/modeleditor/ApplicationModeEndpoints.expected
+++ b/java/ql/test/utils/modeleditor/ApplicationModeEndpoints.expected
@@ -1,13 +1,23 @@
 | com/github/codeql/test/NonPublicClass.java:5:5:5:28 | println(...) | java.io | PrintStream | println | (String) | true | rt.jar |  | sink | source |
+| com/github/codeql/test/NonPublicClass.java:5:5:5:28 | println(...) | java.io | PrintStream | println | (String) | true | rt.jar |  | summary | source |
 | com/github/codeql/test/PublicClass.java:8:5:8:27 | println(...) | java.io | PrintStream | println | (String) | true | rt.jar |  | sink | source |
+| com/github/codeql/test/PublicClass.java:8:5:8:27 | println(...) | java.io | PrintStream | println | (String) | true | rt.jar |  | summary | source |
 | com/github/codeql/test/PublicClass.java:12:5:12:27 | println(...) | java.io | PrintStream | println | (String) | true | rt.jar |  | sink | source |
+| com/github/codeql/test/PublicClass.java:12:5:12:27 | println(...) | java.io | PrintStream | println | (String) | true | rt.jar |  | summary | source |
 | com/github/codeql/test/PublicClass.java:16:5:16:45 | println(...) | java.io | PrintStream | println | (Object) | true | rt.jar |  | sink | source |
+| com/github/codeql/test/PublicClass.java:16:5:16:45 | println(...) | java.io | PrintStream | println | (Object) | true | rt.jar |  | summary | source |
 | com/github/codeql/test/PublicClass.java:16:24:16:44 | get(...) | java.nio.file | Paths | get | (String,String[]) | true | rt.jar |  | summary | source |
 | com/github/codeql/test/PublicClass.java:20:5:20:68 | println(...) | java.io | PrintStream | println | (Object) | true | rt.jar |  | sink | source |
-| com/github/codeql/test/PublicClass.java:20:24:20:47 | getDefault(...) | java.nio.file | FileSystems | getDefault | () | false | rt.jar |  |  | source |
+| com/github/codeql/test/PublicClass.java:20:5:20:68 | println(...) | java.io | PrintStream | println | (Object) | true | rt.jar |  | summary | source |
+| com/github/codeql/test/PublicClass.java:20:24:20:47 | getDefault(...) | java.nio.file | FileSystems | getDefault | () | true | rt.jar |  | neutral | source |
 | com/github/codeql/test/PublicClass.java:20:24:20:67 | getPath(...) | java.nio.file | FileSystem | getPath | (String,String[]) | true | rt.jar |  | summary | source |
 | com/github/codeql/test/PublicClass.java:24:5:24:27 | println(...) | java.io | PrintStream | println | (String) | true | rt.jar |  | sink | source |
+| com/github/codeql/test/PublicClass.java:24:5:24:27 | println(...) | java.io | PrintStream | println | (String) | true | rt.jar |  | summary | source |
 | com/github/codeql/test/PublicGenericClass.java:7:5:7:27 | println(...) | java.io | PrintStream | println | (Object) | true | rt.jar |  | sink | source |
+| com/github/codeql/test/PublicGenericClass.java:7:5:7:27 | println(...) | java.io | PrintStream | println | (Object) | true | rt.jar |  | summary | source |
 | com/github/codeql/test/PublicGenericClass.java:11:5:11:27 | println(...) | java.io | PrintStream | println | (Object) | true | rt.jar |  | sink | source |
+| com/github/codeql/test/PublicGenericClass.java:11:5:11:27 | println(...) | java.io | PrintStream | println | (Object) | true | rt.jar |  | summary | source |
 | com/github/codeql/test/PublicGenericInterface.java:8:7:8:29 | println(...) | java.io | PrintStream | println | (String) | true | rt.jar |  | sink | source |
+| com/github/codeql/test/PublicGenericInterface.java:8:7:8:29 | println(...) | java.io | PrintStream | println | (String) | true | rt.jar |  | summary | source |
 | com/github/codeql/test/PublicInterface.java:7:7:7:29 | println(...) | java.io | PrintStream | println | (String) | true | rt.jar |  | sink | source |
+| com/github/codeql/test/PublicInterface.java:7:7:7:29 | println(...) | java.io | PrintStream | println | (String) | true | rt.jar |  | summary | source |
--- a/java/ql/test/utils/modelgenerator/dataflow/CaptureNeutralModels.expected
+++ b/java/ql/test/utils/modelgenerator/dataflow/CaptureNeutralModels.expected
@@ -14,7 +14,6 @@
 | p;Pojo;getFloatArray;();summary;df-generated |
 | p;Pojo;getIntValue;();summary;df-generated |
 | p;Pojo;getPrimitiveArray;();summary;df-generated |
-| p;PrivateFlowViaPublicInterface$SPI;openStream;();summary;df-generated |
 | p;PrivateFlowViaPublicInterface$SPI;openStreamNone;();summary;df-generated |
 | p;PrivateFlowViaPublicInterface;createAnSPIWithoutTrackingFile;(File);summary;df-generated |
 | p;Sinks;copyFileToDirectory;(Path,Path,CopyOption[]);summary;df-generated |
--- a/java/ql/test/utils/modelgenerator/dataflow/CaptureSummaryModels.expected
+++ b/java/ql/test/utils/modelgenerator/dataflow/CaptureSummaryModels.expected
@@ -43,4 +43,5 @@
 | p;Pojo;false;getCharArray;();;Argument[this];ReturnValue;taint;df-generated |
 | p;Pojo;false;getValue;();;Argument[this];ReturnValue;taint;df-generated |
 | p;Pojo;false;setValue;(String);;Argument[0];Argument[this];taint;df-generated |
+| p;PrivateFlowViaPublicInterface$SPI;true;openStream;();;Argument[this];ReturnValue;taint;df-generated |
 | p;PrivateFlowViaPublicInterface;true;createAnSPI;(File);;Argument[0];ReturnValue;taint;df-generated |