Detect usage of value-based class as key for IdentityHashMap

Marcono1234 · Marcono1234 · commit 80a7c05cf4f7 · 2023-08-19T22:38:00.000+02:00
diff --git a/codeql-custom-queries-java/queries/error-prone/value-based-class-identity-sensitive-operation.ql b/codeql-custom-queries-java/queries/error-prone/value-based-class-identity-sensitive-operation.ql
@@ -5,6 +5,8 @@
  * must only be compared using `equals(Object)` and `hashCode()`.
  *
  * See also https://bugs.openjdk.java.net/browse/JDK-8249100
+ * 
+ * @kind problem
  */
 
 import java
@@ -96,6 +98,11 @@ class ValueBasedForbiddenExpr extends Expr {
         or exists(IdentityHashCodeCall hashCodeCall |
             hashCodeCall.getArgument(0) = this
         )
+        or exists(TypeAccess identityHashMapType |
+            identityHashMapType.getType().(RefType).getSourceDeclaration().hasQualifiedName("java.util", "IdentityHashMap")
+            // `this` is the key type of the map, on which reference equality checks are performed
+            and this = identityHashMapType.getTypeArgument(0)
+        )
     }
 }
 

Original file line number	Diff line number	Diff line change
`@@ -5,6 +5,8 @@`
`5`	`5`	* must only be compared using `equals(Object)` and `hashCode()`.
`6`	`6`	`*`
`7`	`7`	`* See also https://bugs.openjdk.java.net/browse/JDK-8249100`
	`8`	`+ *`
	`9`	`+ * @kind problem`
`8`	`10`	`*/`
`9`	`11`
`10`	`12`	`import java`
`@@ -96,6 +98,11 @@ class ValueBasedForbiddenExpr extends Expr {`
`96`	`98`	`or exists(IdentityHashCodeCall hashCodeCall \|`
`97`	`99`	`hashCodeCall.getArgument(0) = this`
`98`	`100`	`)`
	`101`	`+ or exists(TypeAccess identityHashMapType \|`
	`102`	`+ identityHashMapType.getType().(RefType).getSourceDeclaration().hasQualifiedName("java.util", "IdentityHashMap")`
	`103`	+ // `this` is the key type of the map, on which reference equality checks are performed
	`104`	`+ and this = identityHashMapType.getTypeArgument(0)`
	`105`	`+ )`
`99`	`106`	`}`
`100`	`107`	`}`
`101`	`108`