Java: update write-file sink kind to file-system-store

2025-12-17 01:03:14 +01:00 · 2023-05-30 13:03:51 -04:00
parent ac8d985a63
commit eb1a8e2189
9 changed files with 33 additions and 34 deletions
--- a/java/ql/lib/ext/com.google.common.io.model.yml
+++ b/java/ql/lib/ext/com.google.common.io.model.yml
@@ -9,7 +9,7 @@ extensions:
      - ["com.google.common.io", "Files", False, "readLines", "(File,Charset)", "", "Argument[0]", "read-file", "ai-manual"]
      - ["com.google.common.io", "Files", False, "toByteArray", "(File)", "", "Argument[0]", "read-file", "ai-manual"]
      - ["com.google.common.io", "Files", False, "toString", "(File,Charset)", "", "Argument[0]", "read-file", "ai-manual"]
-      - ["com.google.common.io", "Files", False, "write", "(byte[],File)", "", "Argument[0]", "write-file", "ai-manual"]
+      - ["com.google.common.io", "Files", False, "write", "(byte[],File)", "", "Argument[0]", "file-content-store", "ai-manual"]
      - ["com.google.common.io", "Files", False, "write", "(byte[],File)", "", "Argument[1]", "create-file", "manual"]
  - addsTo:
      pack: codeql/java-all
--- a/java/ql/lib/ext/hudson.model.yml
+++ b/java/ql/lib/ext/hudson.model.yml
@@ -7,7 +7,7 @@ extensions:
      - ["hudson", "FilePath", False, "copyFrom", "(URL)", "", "Argument[0]", "read-file", "manual"]
      - ["hudson", "FilePath", False, "copyFrom", "(FileItem)", "", "Argument[0]", "read-file", "ai-manual"]
      - ["hudson", "FilePath", False, "copyRecursiveTo", "(DirScanner,FilePath,String,TarCompression)", "", "Argument[1]", "create-file", "ai-manual"]
-      - ["hudson", "FilePath", False, "copyRecursiveTo", "(DirScanner,FilePath,String)", "", "Argument[1]", "write-file", "ai-manual"]
+      - ["hudson", "FilePath", False, "copyRecursiveTo", "(DirScanner,FilePath,String)", "", "Argument[1]", "file-content-store", "ai-manual"]
      - ["hudson", "FilePath", False, "copyRecursiveTo", "(String,FilePath)", "", "Argument[1]", "create-file", "ai-manual"]
      - ["hudson", "FilePath", False, "copyRecursiveTo", "(String,String,FilePath)", "", "Argument[0]", "read-file", "ai-manual"]
      - ["hudson", "FilePath", False, "copyRecursiveTo", "(String,String,FilePath)", "", "Argument[2]", "create-file", "ai-manual"]
--- a/java/ql/lib/ext/hudson.util.model.yml
+++ b/java/ql/lib/ext/hudson.util.model.yml
@@ -15,11 +15,10 @@ extensions:
      - ["hudson.util", "TextFile", True, "lines", "()", "", "Argument[this]", "read-file", "manual"]
      - ["hudson.util", "TextFile", True, "read", "()", "", "Argument[this]", "read-file", "manual"]
      - ["hudson.util", "TextFile", True, "readTrim", "()", "", "Argument[this]", "read-file", "manual"]
-      - ["hudson.util", "TextFile", True, "write", "(String)", "", "Argument[0]", "write-file", "manual"]
+      - ["hudson.util", "TextFile", True, "write", "(String)", "", "Argument[0]", "file-content-store", "manual"]
  - addsTo:
      pack: codeql/java-all
      extensible: summaryModel
    data:
      - ["hudson.util", "QuotedStringTokenizer", True, "tokenize", "(String)", "", "Argument[0]", "ReturnValue", "taint", "ai-manual"]
      - ["hudson.util", "TextFile", True, "TextFile", "(File)", "", "Argument[0]", "Argument[this]", "taint", "ai-manual"]
-      
--- a/java/ql/lib/ext/java.io.model.yml
+++ b/java/ql/lib/ext/java.io.model.yml
@@ -8,7 +8,7 @@ extensions:
      - ["java.io", "FileInputStream", True, "FileInputStream", "(File)", "", "Argument[0]", "read-file", "ai-manual"]
      - ["java.io", "FileInputStream", True, "FileInputStream", "(String)", "", "Argument[0]", "read-file", "ai-manual"]
      - ["java.io", "FileOutputStream", False, "FileOutputStream", "", "", "Argument[0]", "create-file", "manual"]
-      - ["java.io", "FileOutputStream", False, "write", "", "", "Argument[0]", "write-file", "manual"]
+      - ["java.io", "FileOutputStream", False, "write", "", "", "Argument[0]", "file-content-store", "manual"]
      - ["java.io", "FileReader", True, "FileReader", "(File)", "", "Argument[0]", "read-file", "ai-manual"]
      - ["java.io", "FileReader", True, "FileReader", "(String)", "", "Argument[0]", "read-file", "ai-manual"]
      - ["java.io", "FileSystem", True, "createDirectory", "(File)", "", "Argument[0]", "create-file", "ai-manual"]
@@ -19,34 +19,34 @@ extensions:
      - ["java.io", "PrintStream", False, "PrintStream", "(String)", "", "Argument[0]", "create-file", "manual"]
      - ["java.io", "PrintStream", False, "PrintStream", "(String,Charset)", "", "Argument[0]", "create-file", "manual"]
      - ["java.io", "PrintStream", False, "PrintStream", "(String,String)", "", "Argument[0]", "create-file", "manual"]
-      - ["java.io", "PrintStream", True, "append", "", "", "Argument[0]", "write-file", "manual"]
-      - ["java.io", "PrintStream", True, "format", "(Locale,String,Object[])", "", "Argument[1..2]", "write-file", "manual"]
-      - ["java.io", "PrintStream", True, "format", "(String,Object[])", "", "Argument[0..1]", "write-file", "manual"]
-      - ["java.io", "PrintStream", True, "print", "", "", "Argument[0]", "write-file", "manual"]
-      - ["java.io", "PrintStream", True, "printf", "(Locale,String,Object[])", "", "Argument[1..2]", "write-file", "manual"]
-      - ["java.io", "PrintStream", True, "printf", "(String,Object[])", "", "Argument[0..1]", "write-file", "manual"]
-      - ["java.io", "PrintStream", True, "println", "", "", "Argument[0]", "write-file", "manual"]
-      - ["java.io", "PrintStream", True, "write", "", "", "Argument[0]", "write-file", "manual"]
-      - ["java.io", "PrintStream", True, "writeBytes", "", "", "Argument[0]", "write-file", "manual"]
+      - ["java.io", "PrintStream", True, "append", "", "", "Argument[0]", "file-content-store", "manual"]
+      - ["java.io", "PrintStream", True, "format", "(Locale,String,Object[])", "", "Argument[1..2]", "file-content-store", "manual"]
+      - ["java.io", "PrintStream", True, "format", "(String,Object[])", "", "Argument[0..1]", "file-content-store", "manual"]
+      - ["java.io", "PrintStream", True, "print", "", "", "Argument[0]", "file-content-store", "manual"]
+      - ["java.io", "PrintStream", True, "printf", "(Locale,String,Object[])", "", "Argument[1..2]", "file-content-store", "manual"]
+      - ["java.io", "PrintStream", True, "printf", "(String,Object[])", "", "Argument[0..1]", "file-content-store", "manual"]
+      - ["java.io", "PrintStream", True, "println", "", "", "Argument[0]", "file-content-store", "manual"]
+      - ["java.io", "PrintStream", True, "write", "", "", "Argument[0]", "file-content-store", "manual"]
+      - ["java.io", "PrintStream", True, "writeBytes", "", "", "Argument[0]", "file-content-store", "manual"]
      - ["java.io", "PrintWriter", False, "PrintWriter", "(File)", "", "Argument[0]", "create-file", "manual"]
      - ["java.io", "PrintWriter", False, "PrintWriter", "(File,Charset)", "", "Argument[0]", "create-file", "manual"]
      - ["java.io", "PrintWriter", False, "PrintWriter", "(File,String)", "", "Argument[0]", "create-file", "manual"]
      - ["java.io", "PrintWriter", False, "PrintWriter", "(String)", "", "Argument[0]", "create-file", "manual"]
      - ["java.io", "PrintWriter", False, "PrintWriter", "(String,Charset)", "", "Argument[0]", "create-file", "manual"]
      - ["java.io", "PrintWriter", False, "PrintWriter", "(String,String)", "", "Argument[0]", "create-file", "manual"]
-      - ["java.io", "PrintWriter", False, "format", "(Locale,String,Object[])", "", "Argument[1..2]", "write-file", "manual"]
-      - ["java.io", "PrintWriter", False, "format", "(String,Object[])", "", "Argument[0..1]", "write-file", "manual"]
-      - ["java.io", "PrintWriter", False, "print", "", "", "Argument[0]", "write-file", "manual"]
-      - ["java.io", "PrintWriter", False, "printf", "(Locale,String,Object[])", "", "Argument[1..2]", "write-file", "manual"]
-      - ["java.io", "PrintWriter", False, "printf", "(String,Object[])", "", "Argument[0..1]", "write-file", "manual"]
-      - ["java.io", "PrintWriter", False, "println", "", "", "Argument[0]", "write-file", "manual"]
+      - ["java.io", "PrintWriter", False, "format", "(Locale,String,Object[])", "", "Argument[1..2]", "file-content-store", "manual"]
+      - ["java.io", "PrintWriter", False, "format", "(String,Object[])", "", "Argument[0..1]", "file-content-store", "manual"]
+      - ["java.io", "PrintWriter", False, "print", "", "", "Argument[0]", "file-content-store", "manual"]
+      - ["java.io", "PrintWriter", False, "printf", "(Locale,String,Object[])", "", "Argument[1..2]", "file-content-store", "manual"]
+      - ["java.io", "PrintWriter", False, "printf", "(String,Object[])", "", "Argument[0..1]", "file-content-store", "manual"]
+      - ["java.io", "PrintWriter", False, "println", "", "", "Argument[0]", "file-content-store", "manual"]
      - ["java.io", "RandomAccessFile", False, "RandomAccessFile", "", "", "Argument[0]", "create-file", "manual"]
-      - ["java.io", "RandomAccessFile", False, "write", "", "", "Argument[0]", "write-file", "manual"]
-      - ["java.io", "RandomAccessFile", False, "writeBytes", "", "", "Argument[0]", "write-file", "manual"]
-      - ["java.io", "RandomAccessFile", False, "writeChars", "", "", "Argument[0]", "write-file", "manual"]
-      - ["java.io", "RandomAccessFile", False, "writeUTF", "", "", "Argument[0]", "write-file", "manual"]
-      - ["java.io", "Writer", True, "append", "", "", "Argument[0]", "write-file", "manual"]
-      - ["java.io", "Writer", True, "write", "", "", "Argument[0]", "write-file", "manual"]
+      - ["java.io", "RandomAccessFile", False, "write", "", "", "Argument[0]", "file-content-store", "manual"]
+      - ["java.io", "RandomAccessFile", False, "writeBytes", "", "", "Argument[0]", "file-content-store", "manual"]
+      - ["java.io", "RandomAccessFile", False, "writeChars", "", "", "Argument[0]", "file-content-store", "manual"]
+      - ["java.io", "RandomAccessFile", False, "writeUTF", "", "", "Argument[0]", "file-content-store", "manual"]
+      - ["java.io", "Writer", True, "append", "", "", "Argument[0]", "file-content-store", "manual"]
+      - ["java.io", "Writer", True, "write", "", "", "Argument[0]", "file-content-store", "manual"]
  - addsTo:
      pack: codeql/java-all
      extensible: summaryModel
--- a/java/ql/lib/ext/java.nio.file.model.yml
+++ b/java/ql/lib/ext/java.nio.file.model.yml
@@ -6,7 +6,7 @@ extensions:
      - ["java.nio.file", "Files", False, "copy", "(Path,OutputStream)", "", "Argument[0]", "read-file", "manual"]
      - ["java.nio.file", "Files", False, "copy", "(Path,Path,CopyOption[])", "", "Argument[0]", "read-file", "manual"]
      - ["java.nio.file", "Files", False, "copy", "(Path,Path,CopyOption[])", "", "Argument[1]", "create-file", "manual"]
-      - ["java.nio.file", "Files", False, "copy", "(InputStream,Path,CopyOption[])", "", "Argument[0]", "write-file", "manual"]
+      - ["java.nio.file", "Files", False, "copy", "(InputStream,Path,CopyOption[])", "", "Argument[0]", "file-content-store", "manual"]
      - ["java.nio.file", "Files", False, "copy", "(InputStream,Path,CopyOption[])", "", "Argument[1]", "create-file", "manual"]
      - ["java.nio.file", "Files", False, "createDirectories", "", "", "Argument[0]", "create-file", "manual"]
      - ["java.nio.file", "Files", False, "createDirectory", "", "", "Argument[0]", "create-file", "manual"]
@@ -32,9 +32,9 @@ extensions:
      - ["java.nio.file", "Files", False, "readString", "(Path,Charset)", "", "Argument[0]", "read-file", "ai-manual"]
      - ["java.nio.file", "Files", False, "readString", "(Path)", "", "Argument[0]", "read-file", "ai-manual"]
      - ["java.nio.file", "Files", False, "write", "", "", "Argument[0]", "create-file", "manual"]
-      - ["java.nio.file", "Files", False, "write", "", "", "Argument[1]", "write-file", "manual"]
+      - ["java.nio.file", "Files", False, "write", "", "", "Argument[1]", "file-content-store", "manual"]
      - ["java.nio.file", "Files", False, "writeString", "", "", "Argument[0]", "create-file", "manual"]
-      - ["java.nio.file", "Files", False, "writeString", "", "", "Argument[1]", "write-file", "manual"]
+      - ["java.nio.file", "Files", False, "writeString", "", "", "Argument[1]", "file-content-store", "manual"]
      - ["java.nio.file", "Files", True, "move", "(Path,Path,CopyOption[])", "", "Argument[1]", "create-file", "ai-manual"]
      - ["java.nio.file", "Files", True, "move", "(Path,Path,CopyOption[])", "", "Argument[0]", "create-file", "ai-manual"] # should be delete-file
      - ["java.nio.file", "Files", True, "delete", "(Path)", "", "Argument[0]", "create-file", "ai-manual"] # should be delete-file
--- a/java/ql/lib/ext/org.apache.commons.io.model.yml
+++ b/java/ql/lib/ext/org.apache.commons.io.model.yml
@@ -16,8 +16,8 @@ extensions:
      pack: codeql/java-all
      extensible: sinkModel
    data:
-      - ["org.apache.commons.io", "FileUtils", True, "copyInputStreamToFile", "(InputStream,File)", "", "Argument[0]", "write-file", "ai-manual"]
+      - ["org.apache.commons.io", "FileUtils", True, "copyInputStreamToFile", "(InputStream,File)", "", "Argument[0]", "file-content-store", "ai-manual"]
      - ["org.apache.commons.io", "FileUtils", True, "copyInputStreamToFile", "(InputStream,File)", "", "Argument[1]", "create-file", "manual"]
-      - ["org.apache.commons.io", "FileUtils", True, "copyToFile", "(InputStream,File)", "", "Argument[0]", "write-file", "ai-manual"]
+      - ["org.apache.commons.io", "FileUtils", True, "copyToFile", "(InputStream,File)", "", "Argument[0]", "file-content-store", "ai-manual"]
      - ["org.apache.commons.io", "FileUtils", True, "copyToFile", "(InputStream,File)", "", "Argument[1]", "create-file", "manual"]
      - ["org.apache.commons.io", "FileUtils", True, "openInputStream", "(File)", "", "Argument[0]", "read-file", "ai-manual"]
--- a/java/ql/lib/semmle/code/java/dataflow/ExternalFlow.qll
+++ b/java/ql/lib/semmle/code/java/dataflow/ExternalFlow.qll
@@ -277,7 +277,7 @@ module ModelValidation {
          "open-url", "jndi-injection", "ldap-injection", "sql-injection", "jdbc-url",
          "log-injection", "mvel-injection", "xpath-injection", "groovy-injection",
          "html-injection", "js-injection", "ognl-injection", "intent-redirection",
-          "pending-intents", "url-redirection", "create-file", "read-file", "write-file",
+          "pending-intents", "url-redirection", "create-file", "read-file", "file-content-store",
          "hostname-verification", "response-splitting", "information-leak", "xslt-injection",
          "jexl-injection", "bean-validation", "template-injection", "fragment-injection",
          "command-injection"
--- a/java/ql/lib/semmle/code/java/security/CleartextStorageAndroidFilesystemQuery.qll
+++ b/java/ql/lib/semmle/code/java/security/CleartextStorageAndroidFilesystemQuery.qll
@@ -40,7 +40,7 @@ class LocalFileOpenCall extends Storable {

 /** Holds if `input` is written into `file`. */
 private predicate filesystemInput(DataFlow::Node file, Argument input) {
-  exists(DataFlow::Node write | sinkNode(write, "write-file") |
+  exists(DataFlow::Node write | sinkNode(write, "file-content-store") |
    input = write.asExpr() or
    isVarargs(input, write)
  ) and
--- a/java/ql/src/utils/modelgenerator/internal/CaptureModelsSpecific.qll
+++ b/java/ql/src/utils/modelgenerator/internal/CaptureModelsSpecific.qll
@@ -252,7 +252,7 @@ bindingset[kind]
 predicate isRelevantSinkKind(string kind) {
  not kind = "log-injection" and
  not kind.matches("regex-use%") and
-  not kind = "write-file"
+  not kind = "file-content-store"
 }

 /**