Skip to content

Commit 8b03e8c

Browse files
michaelnebelmichaelnebel
committed
Java: Promote models for CWE-400.
1 parent 97a3b47 commit 8b03e8c

File tree

3 files changed

+7
-11
lines changed

3 files changed

+7
-11
lines changed

java/ext/experimental/java.lang.model.yml renamed to java/ext/manual/java.lang.model.yml

Lines changed: 5 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -1,12 +1,12 @@
11
extensions:
22
- addsTo:
33
pack: codeql/java-all
4-
extensible: experimentalSinkModel
4+
extensible: sinkModel
55
data:
6-
- ["java.lang", "Thread", True, "sleep", "", "", "Argument[0]", "thread-pause", "manual", "thread-resource-abuse"]
6+
- ["java.lang", "Thread", True, "sleep", "", "", "Argument[0]", "thread-pause", "manual"] #thread-resource-abuse
77
- addsTo:
88
pack: codeql/java-all
9-
extensible: experimentalSummaryModel
9+
extensible: summaryModel
1010
data:
11-
- ["java.lang", "Math", False, "max", "", "", "Argument[0..1]", "ReturnValue", "value", "manual", "thread-resource-abuse"]
12-
- ["java.lang", "Math", False, "min", "", "", "Argument[0..1]", "ReturnValue", "value", "manual", "thread-resource-abuse"]
11+
- ["java.lang", "Math", False, "max", "", "", "Argument[0..1]", "ReturnValue", "value", "manual"] #thread-resource-abuse
12+
- ["java.lang", "Math", False, "min", "", "", "Argument[0..1]", "ReturnValue", "value", "manual"] #thread-resource-abuse

java/ext/experimental/java.util.concurrent.model.yml renamed to java/ext/manual/java.util.concurrent.model.yml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
extensions:
22
- addsTo:
33
pack: codeql/java-all
4-
extensible: experimentalSinkModel
4+
extensible: sinkModel
55
data:
6-
- ["java.util.concurrent", "TimeUnit", True, "sleep", "", "", "Argument[0]", "thread-pause", "manual", "thread-resource-abuse"]
6+
- ["java.util.concurrent", "TimeUnit", True, "sleep", "", "", "Argument[0]", "thread-pause", "manual"] #thread-resource-abuse

java/src/security/CWE-400/ThreadResourceAbuse.qll

Lines changed: 0 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -7,10 +7,6 @@ import semmle.code.java.arithmetic.Overflow
77
import semmle.code.java.dataflow.FlowSteps
88
import semmle.code.java.controlflow.Guards
99

10-
private class ActivateModels extends ActiveExperimentalModels {
11-
ActivateModels() { this = "thread-resource-abuse" }
12-
}
13-
1410
/** A sink representing methods pausing a thread. */
1511
class PauseThreadSink extends DataFlow::Node {
1612
PauseThreadSink() { sinkNode(this, "thread-pause") }

0 commit comments

Comments
 (0)