Merge pull request #12572 from github/java/update-mad-decls-after-triage-2023-03-17T15-01-35

Java: Update MaD Declarations after Triage

java/ql/lib/change-notes/2023-03-20-netty-hudson-models.md

@@ -0,0 +1,4 @@
+---
+category: minorAnalysis
+---
+* Added sink and summary dataflow models for the Jenkins and Netty frameworks.

java/ql/lib/ext/hudson.model.model.yml

@@ -0,0 +1,14 @@
+extensions:
+  - addsTo:
+      pack: codeql/java-all
+      extensible: summaryModel
+    data:
+      - ["hudson.model", "DirectoryBrowserSupport$Path", False, "Path", "(String,String,boolean,long,boolean,long)", "", "Argument[0]", "Argument[-1].SyntheticField[hudson.model.DirectoryBrowserSupport$Path.href]", "taint", "ai-generated"]
+  - addsTo:
+      pack: codeql/java-all
+      extensible: sinkModel
+    data:
+      - ["hudson.model", "DirectoryBrowserSupport", False, "DirectoryBrowserSupport", "(ModelObject,FilePath,String,String,boolean)", "", "Argument[1]", "read-file", "ai-generated"]
+      - ["hudson.model", "UpdateCenter$UpdateCenterConfiguration", True, "download", "(DownloadJob,URL)", "", "Argument[1]", "open-url", "ai-generated"]
+      - ["hudson.model", "UpdateCenter$UpdateCenterConfiguration", True, "install", "(DownloadJob,File,File)", "", "Argument[1]", "create-file", "ai-generated"] # should be delete-file
+      - ["hudson.model", "UpdateCenter$UpdateCenterConfiguration", True, "install", "(DownloadJob,File,File)", "", "Argument[2]", "create-file", "ai-generated"]

java/ql/lib/ext/hudson.os.model.yml

@@ -0,0 +1,6 @@
+extensions:
+  - addsTo:
+      pack: codeql/java-all
+      extensible: summaryModel
+    data:
+      - ["hudson.os", "WindowsUtil", True, "quoteArgument", "(String)", "", "Argument[0]", "ReturnValue", "taint", "ai-generated"]

java/ql/lib/ext/hudson.util.jna.model.yml

@@ -0,0 +1,8 @@
+extensions:
+  - addsTo:
+      pack: codeql/java-all
+      extensible: sinkModel
+    data:
+      - ["hudson.util.jna", "GNUCLibrary", True, "open", "(String,int)", "", "Argument[0]", "read-file", "ai-generated"]
+      - ["hudson.util.jna", "Kernel32", True, "MoveFileExA", "(String,String,int)", "", "Argument[0]", "create-file", "ai-generated"] # should be delete-file
+      - ["hudson.util.jna", "Kernel32", True, "MoveFileExA", "(String,String,int)", "", "Argument[1]", "create-file", "ai-generated"]

java/ql/lib/ext/hudson.util.model.yml

@@ -0,0 +1,11 @@
+extensions:
+  - addsTo:
+      pack: codeql/java-all
+      extensible: summaryModel
+    data:
+      - ["hudson.util", "QuotedStringTokenizer", True, "tokenize", "(String)", "", "Argument[0]", "ReturnValue", "taint", "ai-generated"]
+  - addsTo:
+      pack: codeql/java-all
+      extensible: sinkModel
+    data:
+      - ["hudson.util", "StreamTaskListener", True, "StreamTaskListener", "(File,boolean,Charset)", "", "Argument[0]", "create-file", "ai-generated"]

java/ql/lib/ext/io.netty.bootstrap.model.yml

@@ -0,0 +1,8 @@
+extensions:
+  - addsTo:
+      pack: codeql/java-all
+      extensible: sinkModel
+    data:
+      - ["io.netty.bootstrap", "Bootstrap", True, "connect", "(InetAddress,int)", "", "Argument[0]", "open-url", "ai-generated"]
+      - ["io.netty.bootstrap", "Bootstrap", True, "connect", "(SocketAddress)", "", "Argument[0]", "open-url", "ai-generated"]
+      - ["io.netty.bootstrap", "Bootstrap", True, "connect", "(String,int)", "", "Argument[0]", "open-url", "ai-generated"]

java/ql/lib/ext/io.netty.channel.model.yml

@@ -0,0 +1,14 @@
+extensions:
+  - addsTo:
+      pack: codeql/java-all
+      extensible: sinkModel
+    data:
+      - ["io.netty.channel", "Channel$Unsafe", True, "connect", "(SocketAddress,SocketAddress,ChannelPromise)", "", "Argument[0]", "open-url", "ai-generated"]
+      - ["io.netty.channel", "ChannelDuplexHandler", True, "connect", "(ChannelHandlerContext,SocketAddress,SocketAddress,ChannelPromise)", "", "Argument[1]", "open-url", "ai-generated"]
+      - ["io.netty.channel", "ChannelOutboundHandlerAdapter", True, "connect", "(ChannelHandlerContext,SocketAddress,SocketAddress,ChannelPromise)", "", "Argument[1]", "open-url", "ai-generated"]
+      - ["io.netty.channel", "ChannelOutboundInvoker", True, "connect", "(SocketAddress,ChannelPromise)", "", "Argument[0]", "open-url", "ai-generated"]
+      - ["io.netty.channel", "ChannelOutboundInvoker", True, "connect", "(SocketAddress,SocketAddress,ChannelPromise)", "", "Argument[0]", "open-url", "ai-generated"]
+      - ["io.netty.channel", "ChannelOutboundInvoker", True, "connect", "(SocketAddress)", "", "Argument[0]", "open-url", "ai-generated"]
+      - ["io.netty.channel", "DefaultChannelPipeline", False, "connect", "(SocketAddress,ChannelPromise)", "", "Argument[0]", "open-url", "ai-generated"]
+      - ["io.netty.channel", "DefaultChannelPipeline", False, "connect", "(SocketAddress,SocketAddress,ChannelPromise)", "", "Argument[0]", "open-url", "ai-generated"]
+      - ["io.netty.channel", "DefaultChannelPipeline", False, "connect", "(SocketAddress,SocketAddress)", "", "Argument[0]", "open-url", "ai-generated"]

java/ql/lib/ext/io.netty.handler.codec.http.model.yml

@@ -0,0 +1,12 @@
+extensions:
+  - addsTo:
+      pack: codeql/java-all
+      extensible: sinkModel
+    data:
+      - ["io.netty.handler.codec.http", "DefaultFullHttpRequest", True, "DefaultFullHttpRequest", "(HttpVersion,HttpMethod,String,ByteBuf)", "", "Argument[2]", "open-url", "ai-generated"]
+      - ["io.netty.handler.codec.http", "DefaultHttpRequest", True, "DefaultHttpRequest", "(HttpVersion,HttpMethod,String)", "", "Argument[2]", "open-url", "ai-generated"]
+  - addsTo:
+      pack: codeql/java-all
+      extensible: summaryModel
+    data:
+      - ["io.netty.handler.codec.http", "QueryStringEncoder", True, "QueryStringEncoder", "(String)", "", "Argument[0]", "Argument[-1]", "taint", "ai-generated"]

java/ql/lib/ext/io.netty.handler.codec.http.multipart.model.yml

@@ -0,0 +1,6 @@
+extensions:
+  - addsTo:
+      pack: codeql/java-all
+      extensible: sinkModel
+    data:
+      - ["io.netty.handler.codec.http.multipart", "HttpPostRequestEncoder", True, "addBodyFileUpload", "(String,File,String,boolean)", "", "Argument[1]", "read-file", "ai-generated"]

java/ql/lib/ext/io.netty.handler.ssl.model.yml

@@ -0,0 +1,7 @@
+extensions:
+  - addsTo:
+      pack: codeql/java-all
+      extensible: sinkModel
+    data:
+      - ["io.netty.handler.ssl", "OpenSslServerContext", False, "OpenSslServerContext", "(File,File)", "", "Argument[0]", "read-file", "ai-generated"]
+      - ["io.netty.handler.ssl", "SslContextBuilder", False, "forServer", "(File,File)", "", "Argument[0]", "read-file", "ai-generated"]

java/ql/lib/ext/io.netty.handler.stream.model.yml

@@ -0,0 +1,6 @@
+extensions:
+  - addsTo:
+      pack: codeql/java-all
+      extensible: sinkModel
+    data:
+      - ["io.netty.handler.stream", "ChunkedFile", True, "ChunkedFile", "(RandomAccessFile,long,long,int)", "", "Argument[0]", "read-file", "ai-generated"]

java/ql/lib/ext/io.netty.util.internal.model.yml

@@ -0,0 +1,13 @@
+extensions:
+  - addsTo:
+      pack: codeql/java-all
+      extensible: sinkModel
+    data:
+      - ["io.netty.util.internal", "PlatformDependent", False, "createTempFile", "(String,String,File)", "", "Argument[2]", "create-file", "ai-generated"]
+      - ["io.netty.util.internal", "SocketUtils", False, "connect", "(Socket,SocketAddress,int)", "", "Argument[1]", "open-url", "ai-generated"]
+  - addsTo:
+      pack: codeql/java-all
+      extensible: summaryModel
+    data:
+      - ["io.netty.util.internal", "SocketUtils", False, "addressByName", "(String)", "", "Argument[0]", "ReturnValue", "taint", "ai-generated"]
+      - ["io.netty.util.internal", "SocketUtils", False, "allAddressesByName", "(String)", "", "Argument[0]", "ReturnValue", "taint", "ai-generated"]