Skip to content

Commit 0c19da9

Browse files
author
Stephan Brandauer
committed
Update MaD Declarations after Triage
1 parent 8356991 commit 0c19da9

7 files changed

+50
-6
lines changed

java/ql/lib/ext/java.io.model.yml

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -3,8 +3,13 @@ extensions:
33
pack: codeql/java-all
44
extensible: sinkModel
55
data:
6+
- ["java.io", "File", True, "createTempFile", "(String,String,File)", "", "Argument[2]", "create-file", "ai-generated"]
7+
# suggested label is not supported: - ["java.io", "File", True, "renameTo", "(File)", "", "Argument[0]", "delete-file", "ai-generated"]
8+
- ["java.io", "FileInputStream", True, "FileInputStream", "(File)", "", "Argument[0]", "read-file", "ai-generated"]
69
- ["java.io", "FileOutputStream", False, "FileOutputStream", "", "", "Argument[0]", "create-file", "manual"]
710
- ["java.io", "FileOutputStream", False, "write", "", "", "Argument[0]", "write-file", "manual"]
11+
- ["java.io", "FileReader", True, "FileReader", "(File)", "", "Argument[0]", "read-file", "ai-generated"]
12+
- ["java.io", "FileReader", True, "FileReader", "(String)", "", "Argument[0]", "read-file", "ai-generated"]
813
- ["java.io", "FileWriter", False, "FileWriter", "", "", "Argument[0]", "create-file", "manual"]
914
- ["java.io", "PrintStream", False, "PrintStream", "(File)", "", "Argument[0]", "create-file", "manual"]
1015
- ["java.io", "PrintStream", False, "PrintStream", "(File,Charset)", "", "Argument[0]", "create-file", "manual"]
@@ -86,7 +91,6 @@ extensions:
8691
- ["java.io", "StringReader", False, "StringReader", "", "", "Argument[0]", "Argument[-1]", "taint", "manual"]
8792
- ["java.io", "Writer", True, "toString", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"]
8893
- ["java.io", "Writer", True, "write", "", "", "Argument[0]", "Argument[-1]", "taint", "manual"]
89-
9094
- addsTo:
9195
pack: codeql/java-all
9296
extensible: neutralModel

java/ql/lib/ext/java.lang.model.yml

Lines changed: 10 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -3,13 +3,23 @@ extensions:
33
pack: codeql/java-all
44
extensible: sinkModel
55
data:
6+
- ["java.lang", "Class", False, "getResource", "(String)", "", "Argument[0]", "read-file", "ai-generated"]
7+
- ["java.lang", "ClassLoader", True, "getSystemResourceAsStream", "(String)", "", "Argument[0]", "read-file", "ai-generated"]
68
- ["java.lang", "Module", True, "getResourceAsStream", "(String)", "", "Argument[0]", "read-file", "ai-generated"]
9+
# suggested label is not supported: - ["java.lang", "ProcessBuilder", False, "directory", "(File)", "", "Argument[0]", "command-injection", "ai-generated"]
710
# suggested label is not supported: - ["java.lang", "ProcessBuilder", True, "ProcessBuilder", "(String[])", "", "Argument[0]", "command-injection", "ai-generated"]
11+
# suggested label is not supported: - ["java.lang", "Runtime", True, "exec", "(String,String[],File)", "", "Argument[2]", "command-injection", "ai-generated"]
12+
# suggested label is not supported: - ["java.lang", "Runtime", True, "exec", "(String)", "", "Argument[0]", "command-injection", "ai-generated"]
13+
# suggested label is not supported: - ["java.lang", "Runtime", True, "exec", "(String[],String[],File)", "", "Argument[0]", "command-injection", "ai-generated"]
14+
# suggested label is not supported: - ["java.lang", "Runtime", True, "exec", "(String[],String[],File)", "", "Argument[2]", "command-injection", "ai-generated"]
15+
# suggested label is not supported: - ["java.lang", "Runtime", True, "exec", "(String[])", "", "Argument[0]", "command-injection", "ai-generated"]
816
- ["java.lang", "String", False, "matches", "(String)", "", "Argument[0]", "regex-use[f-1]", "manual"]
917
- ["java.lang", "String", False, "replaceAll", "(String,String)", "", "Argument[0]", "regex-use[-1]", "manual"]
1018
- ["java.lang", "String", False, "replaceFirst", "(String,String)", "", "Argument[0]", "regex-use[-1]", "manual"]
1119
- ["java.lang", "String", False, "split", "(String)", "", "Argument[0]", "regex-use[-1]", "manual"]
1220
- ["java.lang", "String", False, "split", "(String,int)", "", "Argument[0]", "regex-use[-1]", "manual"]
21+
# suggested label is not supported: - ["java.lang", "System", False, "load", "(String)", "", "Argument[0]", "command-injection", "ai-generated"] # This is actually injecting a library.
22+
# suggested label is not supported: - ["java.lang", "System", False, "loadLibrary", "(String)", "", "Argument[0]", "command-injection", "ai-generated"] # This is actually injecting a library.
1323
- ["java.lang", "System$Logger", True, "log", "(Level,Object)", "", "Argument[1]", "logging", "manual"]
1424
- ["java.lang", "System$Logger", True, "log", "(Level,ResourceBundle,String,Object[])", "", "Argument[2..3]", "logging", "manual"]
1525
- ["java.lang", "System$Logger", True, "log", "(Level,ResourceBundle,String,Throwable)", "", "Argument[2]", "logging", "manual"]
@@ -98,7 +108,6 @@ extensions:
98108
- ["java.lang", "Throwable", False, "Throwable", "(Throwable)", "", "Argument[0]", "Argument[-1].SyntheticField[java.lang.Throwable.cause]", "value", "manual"]
99109
- ["java.lang", "Throwable", True, "getCause", "()", "", "Argument[-1].SyntheticField[java.lang.Throwable.cause]", "ReturnValue", "value", "manual"]
100110
- ["java.lang", "Throwable", True, "getMessage", "()", "", "Argument[-1].SyntheticField[java.lang.Throwable.message]", "ReturnValue", "value", "manual"]
101-
102111
- addsTo:
103112
pack: codeql/java-all
104113
extensible: neutralModel
@@ -131,7 +140,6 @@ extensions:
131140
- ["java.lang", "System", "nanoTime", "()", "manual"]
132141
- ["java.lang", "Thread", "currentThread", "()", "manual"]
133142
- ["java.lang", "Thread", "sleep", "(long)", "manual"]
134-
135143
# The below APIs have numeric flow and are currently being stored as neutral models.
136144
# These may be changed to summary models with kinds "value-numeric" and "taint-numeric" (or similar) in the future.
137145
- ["java.lang", "Integer", "intValue", "()", "manual"] # taint-numeric

java/ql/lib/ext/java.sql.model.yml

Lines changed: 2 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -5,6 +5,8 @@ extensions:
55
data:
66
- ["java.sql", "Connection", True, "prepareCall", "", "", "Argument[0]", "sql", "manual"]
77
- ["java.sql", "Connection", True, "prepareStatement", "", "", "Argument[0]", "sql", "manual"]
8+
- ["java.sql", "DatabaseMetaData", True, "getColumns", "(String,String,String,String)", "", "Argument[2]", "sql", "ai-generated"]
9+
- ["java.sql", "DatabaseMetaData", True, "getPrimaryKeys", "(String,String,String)", "", "Argument[2]", "sql", "ai-generated"]
810
- ["java.sql", "Driver", False, "connect", "(String,Properties)", "", "Argument[0]", "jdbc-url", "manual"]
911
- ["java.sql", "DriverManager", False, "getConnection", "(String)", "", "Argument[0]", "jdbc-url", "manual"]
1012
- ["java.sql", "DriverManager", False, "getConnection", "(String,Properties)", "", "Argument[0]", "jdbc-url", "manual"]
@@ -14,20 +16,17 @@ extensions:
1416
- ["java.sql", "Statement", True, "executeLargeUpdate", "", "", "Argument[0]", "sql", "manual"]
1517
- ["java.sql", "Statement", True, "executeQuery", "", "", "Argument[0]", "sql", "manual"]
1618
- ["java.sql", "Statement", True, "executeUpdate", "", "", "Argument[0]", "sql", "manual"]
17-
1819
- addsTo:
1920
pack: codeql/java-all
2021
extensible: summaryModel
2122
data:
2223
- ["java.sql", "PreparedStatement", True, "setString", "(int,String)", "", "Argument[1]", "Argument[-1]", "value", "manual"]
2324
- ["java.sql", "ResultSet", True, "getString", "(String)", "", "Argument[-1]", "ReturnValue", "taint", "manual"]
24-
2525
- addsTo:
2626
pack: codeql/java-all
2727
extensible: neutralModel
2828
data:
2929
- ["java.sql", "ResultSet", "next", "()", "manual"]
30-
3130
# The below APIs have numeric flow and are currently being stored as neutral models.
3231
# These may be changed to summary models with kinds "value-numeric" and "taint-numeric" (or similar) in the future.
3332
- ["java.sql", "PreparedStatement", "setInt", "(int,int)", "manual"] # value-numeric

java/ql/lib/ext/javafx.scene.web.model.yml

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,6 @@
1+
extensions:
2+
- addsTo:
3+
pack: codeql/java-all
4+
extensible: sinkModel
5+
data:
6+
- ["javafx.scene.web", "WebEngine", False, "load", "(String)", "", "Argument[0]", "open-url", "ai-generated"]

java/ql/lib/ext/org.apache.commons.compress.archivers.tar.model.yml

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,7 @@
1+
extensions:
2+
- addsTo:
3+
pack: codeql/java-all
4+
extensible: summaryModel
5+
data:
6+
- ["org.apache.commons.compress.archivers.tar", "TarArchiveEntry", True, "TarArchiveEntry", "(String,boolean)", "", "Argument[0]", "Argument[-1]", "taint", "ai-generated"]
7+
- ["org.apache.commons.compress.archivers.tar", "TarArchiveEntry", True, "TarArchiveEntry", "(String)", "", "Argument[0]", "Argument[-1]", "taint", "ai-generated"]

java/ql/lib/ext/org.apache.http.client.utils.model.yml

Lines changed: 12 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,12 @@
1+
extensions:
2+
- addsTo:
3+
pack: codeql/java-all
4+
extensible: summaryModel
5+
data:
6+
- ["org.apache.http.client.utils", "URIBuilder", True, "setHost", "(String)", "", "Argument[0]", "Argument[-1]", "taint", "ai-generated"]
7+
- ["org.apache.http.client.utils", "URIBuilder", True, "setHost", "(String)", "", "Argument[0]", "ReturnValue", "taint", "ai-generated"]
8+
- ["org.apache.http.client.utils", "URIBuilder", True, "setPath", "(String)", "", "Argument[0]", "Argument[-1].SyntheticField[org.apache.http.client.utils.URIBuilder.path]", "taint", "ai-generated"]
9+
- ["org.apache.http.client.utils", "URIBuilder", True, "setPathSegments", "(List)", "", "Argument[0]", "Argument[-1].SyntheticField[org.apache.http.client.utils.URIBuilder.path]", "taint", "ai-generated"]
10+
- ["org.apache.http.client.utils", "URIBuilder", True, "URIBuilder", "(String)", "", "Argument[0]", "Argument[-1]", "taint", "ai-generated"]
11+
- ["org.apache.http.client.utils", "URIBuilder", True, "URIBuilder", "(URI)", "", "Argument[0]", "Argument[-1]", "taint", "ai-generated"]
12+
- ["org.apache.http.client.utils", "URLEncodedUtils", True, "parse", "(URI,String)", "", "Argument[0]", "ReturnValue.Element", "taint", "ai-generated"]

java/ql/lib/ext/org.codehaus.cargo.container.installer.model.yml

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,8 @@
1+
extensions:
2+
- addsTo:
3+
pack: codeql/java-all
4+
extensible: sinkModel
5+
data:
6+
- ["org.codehaus.cargo.container.installer", "ZipURLInstaller", True, "ZipURLInstaller", "(URL,String,String)", "", "Argument[0]", "open-url", "ai-generated"]
7+
- ["org.codehaus.cargo.container.installer", "ZipURLInstaller", True, "ZipURLInstaller", "(URL,String,String)", "", "Argument[1]", "create-file", "ai-generated"]
8+
- ["org.codehaus.cargo.container.installer", "ZipURLInstaller", True, "ZipURLInstaller", "(URL,String,String)", "", "Argument[2]", "create-file", "ai-generated"]

0 commit comments

Comments
 (0)