Add queries for getClass() calls on annotations and enums

Marcono1234 · Marcono1234 · commit 2eb2dd3daf2c · 2024-07-27T16:37:56.000+02:00
diff --git a/codeql-custom-queries-java/queries/likely-bugs/annotation-getClass-instead-of-annotationType.ql b/codeql-custom-queries-java/queries/likely-bugs/annotation-getClass-instead-of-annotationType.ql
@@ -0,0 +1,21 @@
+/**
+ * Finds calls to `getClass()` on annotation objects. The result will not be the annotation interface
+ * type but instead some internal implementation class which implements that interface. Therefore instead
+ * [`Annotation#annotationType()`](https://docs.oracle.com/en/java/javase/21/docs/api/java.base/java/lang/annotation/Annotation.html#annotationType())
+ * should be used which returns the annotation interface type, or maybe the code can be simplified
+ * using `instanceof`, for example `annotation instanceof MyAnnotation`.
+ *
+ * See also [this Stack Overflow question](https://stackoverflow.com/q/36293911) about
+ * the purpose of the `annotationType` method.
+ *
+ * @kind problem
+ * @id TODO
+ */
+
+import java
+
+from MethodAccess getClassCall
+where
+  getClassCall.getMethod().hasStringSignature("getClass()") and
+  getClassCall.getReceiverType() instanceof AnnotationType
+select getClassCall, "Instead of `getClass()` should prefer `annotationType()`"
diff --git a/codeql-custom-queries-java/queries/likely-bugs/enum-getClass-instead-of-getDeclaringClass.ql b/codeql-custom-queries-java/queries/likely-bugs/enum-getClass-instead-of-getDeclaringClass.ql
@@ -0,0 +1,21 @@
+/**
+ * Finds calls to `getClass()` on enum values. If an enum constant implements or overrides methods,
+ * it is created as anonymous class. In this case `getClass()` will return that anonymous class,
+ * which is often undesired. Instead
+ * [`Enum#getDeclaringClass()`](https://docs.oracle.com/en/java/javase/21/docs/api/java.base/java/lang/Enum.html#getDeclaringClass())
+ * should be used.
+ *
+ * @kind problem
+ * @id TODO
+ */
+
+import java
+
+from MethodAccess getClassCall
+where
+  getClassCall.getMethod().hasStringSignature("getClass()") and
+  getClassCall.getQualifier().getType() instanceof EnumType and
+  // Ignore own method access, then it is either intentional or at least risk of incorrect behavior
+  // is reduced since implementation of enum is in the same file
+  not getClassCall.isOwnMethodAccess()
+select getClassCall, "Instead of `getClass()` should prefer `getDeclaringClass()`"
