Skip to content

Commit 59bd1e5

Browse files
atorralbaatorralba
authored
Merge pull request github#12228 from github/java/mad-decls-triage-request-2276
Java: Update MaD sink decls after triage
2 parents fed504c + 0439eb6 commit 59bd1e5

File tree

579 files changed

+30552
-34
lines changed

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

579 files changed

+30552
-34
lines changed

csharp/ql/lib/semmle/code/csharp/dataflow/FlowSummary.qll

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -137,6 +137,8 @@ private class RecordConstructorFlow extends SummarizedCallable {
137137
preservesValue = true
138138
)
139139
}
140+
141+
override predicate hasProvenance(string provenance) { provenance = "manual" }
140142
}
141143

142144
class RequiredSummaryComponentStack = Impl::Public::RequiredSummaryComponentStack;

csharp/ql/lib/semmle/code/csharp/dataflow/internal/FlowSummaryImpl.qll

Lines changed: 6 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -248,7 +248,9 @@ module Public {
248248
/**
249249
* Holds if all the summaries that apply to `this` are auto generated and not manually created.
250250
*/
251-
final predicate isAutoGenerated() { this.hasProvenance("generated") and not this.isManual() }
251+
final predicate isAutoGenerated() {
252+
this.hasProvenance(["generated", "ai-generated"]) and not this.isManual()
253+
}
252254

253255
/**
254256
* Holds if there exists a manual summary that applies to `this`.
@@ -268,7 +270,7 @@ module Public {
268270
/**
269271
* Holds if the neutral is auto generated.
270272
*/
271-
predicate isAutoGenerated() { neutralElement(this, "generated") }
273+
predicate isAutoGenerated() { neutralElement(this, ["generated", "ai-generated"]) }
272274

273275
/**
274276
* Holds if there exists a manual neutral that applies to `this`.
@@ -1202,11 +1204,11 @@ module Private {
12021204
}
12031205

12041206
private string renderProvenance(SummarizedCallable c) {
1205-
if c.isAutoGenerated() then result = "generated" else result = "manual"
1207+
if c.isManual() then result = "manual" else c.hasProvenance(result)
12061208
}
12071209

12081210
private string renderProvenanceNeutral(NeutralCallable c) {
1209-
if c.isAutoGenerated() then result = "generated" else result = "manual"
1211+
if c.isManual() then result = "manual" else c.hasProvenance(result)
12101212
}
12111213

12121214
/**

csharp/ql/lib/semmle/code/csharp/frameworks/EntityFramework.qll

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -86,6 +86,8 @@ module EntityFramework {
8686
abstract class EFSummarizedCallable extends SummarizedCallable {
8787
bindingset[this]
8888
EFSummarizedCallable() { any() }
89+
90+
override predicate hasProvenance(string provenance) { provenance = "manual" }
8991
}
9092

9193
private class DbSetAddOrUpdateRequiredSummaryComponentStack extends RequiredSummaryComponentStack {

go/ql/lib/semmle/go/dataflow/internal/FlowSummaryImpl.qll

Lines changed: 6 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -248,7 +248,9 @@ module Public {
248248
/**
249249
* Holds if all the summaries that apply to `this` are auto generated and not manually created.
250250
*/
251-
final predicate isAutoGenerated() { this.hasProvenance("generated") and not this.isManual() }
251+
final predicate isAutoGenerated() {
252+
this.hasProvenance(["generated", "ai-generated"]) and not this.isManual()
253+
}
252254

253255
/**
254256
* Holds if there exists a manual summary that applies to `this`.
@@ -268,7 +270,7 @@ module Public {
268270
/**
269271
* Holds if the neutral is auto generated.
270272
*/
271-
predicate isAutoGenerated() { neutralElement(this, "generated") }
273+
predicate isAutoGenerated() { neutralElement(this, ["generated", "ai-generated"]) }
272274

273275
/**
274276
* Holds if there exists a manual neutral that applies to `this`.
@@ -1202,11 +1204,11 @@ module Private {
12021204
}
12031205

12041206
private string renderProvenance(SummarizedCallable c) {
1205-
if c.isAutoGenerated() then result = "generated" else result = "manual"
1207+
if c.isManual() then result = "manual" else c.hasProvenance(result)
12061208
}
12071209

12081210
private string renderProvenanceNeutral(NeutralCallable c) {
1209-
if c.isAutoGenerated() then result = "generated" else result = "manual"
1211+
if c.isManual() then result = "manual" else c.hasProvenance(result)
12101212
}
12111213

12121214
/**

java/ql/lib/ext/java.lang.model.yml

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -3,6 +3,8 @@ extensions:
33
pack: codeql/java-all
44
extensible: sinkModel
55
data:
6+
- ["java.lang", "Module", True, "getResourceAsStream", "(String)", "", "Argument[0]", "read-file", "ai-generated"]
7+
# suggested label is not supported: - ["java.lang", "ProcessBuilder", True, "ProcessBuilder", "(String[])", "", "Argument[0]", "command-injection", "ai-generated"]
68
- ["java.lang", "String", False, "matches", "(String)", "", "Argument[0]", "regex-use[f-1]", "manual"]
79
- ["java.lang", "String", False, "replaceAll", "(String,String)", "", "Argument[0]", "regex-use[-1]", "manual"]
810
- ["java.lang", "String", False, "replaceFirst", "(String,String)", "", "Argument[0]", "regex-use[-1]", "manual"]

java/ql/lib/ext/org.apache.hadoop.hive.metastore.api.model.yml

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,7 @@
1+
extensions:
2+
- addsTo:
3+
pack: codeql/java-all
4+
extensible: sinkModel
5+
data:
6+
- ["org.apache.hadoop.hive.metastore.api", "DefaultConstraintsRequest", True, "DefaultConstraintsRequest", "(String,String,String)", "", "Argument[1]", "sql", "ai-generated"]
7+

java/ql/lib/ext/org.apache.hadoop.hive.metastore.model.yml

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,8 @@
1+
extensions:
2+
- addsTo:
3+
pack: codeql/java-all
4+
extensible: sinkModel
5+
data:
6+
- ["org.apache.hadoop.hive.metastore", "ObjectStore", True, "updatePartitionColumnStatistics", "(ColumnStatistics,List,String,long)", "", "Argument[0]", "sql", "ai-generated"]
7+
- ["org.apache.hadoop.hive.metastore", "ObjectStore", True, "updatePartitionColumnStatistics", "(ColumnStatistics,List)", "", "Argument[0]", "sql", "ai-generated"]
8+

java/ql/lib/ext/org.apache.hive.hcatalog.templeton.model.yml

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,7 @@
1+
extensions:
2+
- addsTo:
3+
pack: codeql/java-all
4+
extensible: sinkModel
5+
data:
6+
- ["org.apache.hive.hcatalog.templeton", "HcatDelegator", True, "addOneColumn", "(String,String,String,ColumnDesc)", "", "Argument[3]", "sql", "ai-generated"]
7+

java/ql/lib/semmle/code/java/dataflow/ExternalFlow.qll

Lines changed: 5 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -67,9 +67,10 @@
6767
* "taint" indicates a default additional taint step and "value" indicates a
6868
* globally applicable value-preserving step.
6969
* 9. The `provenance` column is a tag to indicate the origin of the summary.
70-
* There are two supported values: "generated" and "manual". "generated" means that
71-
* the model has been emitted by the model generator tool and "manual" means
72-
* that the model has been written by hand.
70+
* The supported values are: "manual", "generated" and "ai-generated". "manual"
71+
* means that the model has been written by hand, "generated" means that
72+
* the model has been emitted by the model generator tool and
73+
* "ai-generated" means that the model has been AI generated (ATM project).
7374
*/
7475

7576
import java
@@ -308,7 +309,7 @@ module ModelValidation {
308309
not ext.regexpMatch("|Annotated") and
309310
result = "Unrecognized extra API graph element \"" + ext + "\" in " + pred + " model."
310311
or
311-
not provenance = ["manual", "generated"] and
312+
not provenance = ["manual", "generated", "ai-generated"] and
312313
result = "Unrecognized provenance description \"" + provenance + "\" in " + pred + " model."
313314
)
314315
}

java/ql/lib/semmle/code/java/dataflow/internal/FlowSummaryImpl.qll

Lines changed: 6 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -248,7 +248,9 @@ module Public {
248248
/**
249249
* Holds if all the summaries that apply to `this` are auto generated and not manually created.
250250
*/
251-
final predicate isAutoGenerated() { this.hasProvenance("generated") and not this.isManual() }
251+
final predicate isAutoGenerated() {
252+
this.hasProvenance(["generated", "ai-generated"]) and not this.isManual()
253+
}
252254

253255
/**
254256
* Holds if there exists a manual summary that applies to `this`.
@@ -268,7 +270,7 @@ module Public {
268270
/**
269271
* Holds if the neutral is auto generated.
270272
*/
271-
predicate isAutoGenerated() { neutralElement(this, "generated") }
273+
predicate isAutoGenerated() { neutralElement(this, ["generated", "ai-generated"]) }
272274

273275
/**
274276
* Holds if there exists a manual neutral that applies to `this`.
@@ -1202,11 +1204,11 @@ module Private {
12021204
}
12031205

12041206
private string renderProvenance(SummarizedCallable c) {
1205-
if c.isAutoGenerated() then result = "generated" else result = "manual"
1207+
if c.isManual() then result = "manual" else c.hasProvenance(result)
12061208
}
12071209

12081210
private string renderProvenanceNeutral(NeutralCallable c) {
1209-
if c.isAutoGenerated() then result = "generated" else result = "manual"
1211+
if c.isManual() then result = "manual" else c.hasProvenance(result)
12101212
}
12111213

12121214
/**

0 commit comments

Comments
 (0)