Skip to content

Commit 5d3f108

Browse files
owen-mcowen-mc
committed
Fix erroneous treatment of varargs in models
1 parent 9533f12 commit 5d3f108

File tree

2 files changed

+44
-9
lines changed

2 files changed

+44
-9
lines changed

java/ql/src/semmle/code/java/frameworks/apache/Collections.qll

Lines changed: 9 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -607,7 +607,7 @@ private class ApacheIteratorUtilsModel extends SummaryModelCsv {
607607
"org.apache.commons.collections4;IteratorUtils;true;chainedIterator;(Iterator,Iterator);;Element of Argument[0];Element of ReturnValue;value",
608608
"org.apache.commons.collections4;IteratorUtils;true;chainedIterator;(Iterator,Iterator);;Element of Argument[1];Element of ReturnValue;value",
609609
"org.apache.commons.collections4;IteratorUtils;true;collatedIterator;(Comparator,Collection);;Element of Element of Argument[1];Element of ReturnValue;value",
610-
"org.apache.commons.collections4;IteratorUtils;true;collatedIterator;(Comparator,Iterator[]);;Element of Argument[1];Element of Element of ReturnValue;value",
610+
"org.apache.commons.collections4;IteratorUtils;true;collatedIterator;(Comparator,Iterator[]);;Element of ArrayElement of Argument[1];Element of ReturnValue;value",
611611
"org.apache.commons.collections4;IteratorUtils;true;collatedIterator;(Comparator,Iterator,Iterator);;Element of Argument[1];Element of ReturnValue;value",
612612
"org.apache.commons.collections4;IteratorUtils;true;collatedIterator;(Comparator,Iterator,Iterator);;Element of Argument[2];Element of ReturnValue;value",
613613
"org.apache.commons.collections4;IteratorUtils;true;filteredIterator;;;Element of Argument[0];Element of ReturnValue;value",
@@ -634,7 +634,7 @@ private class ApacheIteratorUtilsModel extends SummaryModelCsv {
634634
"org.apache.commons.collections4;IteratorUtils;true;unmodifiableListIterator;;;Element of Argument[0];Element of ReturnValue;value",
635635
"org.apache.commons.collections4;IteratorUtils;true;unmodifiableMapIterator;;;Element of Argument[0];Element of ReturnValue;value",
636636
"org.apache.commons.collections4;IteratorUtils;true;unmodifiableMapIterator;;;MapValue of Argument[0];MapValue of ReturnValue;value",
637-
"org.apache.commons.collections4;IteratorUtils;true;zippingIterator;(Iterator[]);;Element of Element of Argument[0];Element of ReturnValue;value",
637+
"org.apache.commons.collections4;IteratorUtils;true;zippingIterator;(Iterator[]);;Element of ArrayElement of Argument[0];Element of ReturnValue;value",
638638
"org.apache.commons.collections4;IteratorUtils;true;zippingIterator;(Iterator,Iterator);;Element of Argument[0];Element of ReturnValue;value",
639639
"org.apache.commons.collections4;IteratorUtils;true;zippingIterator;(Iterator,Iterator);;Element of Argument[1];Element of ReturnValue;value",
640640
"org.apache.commons.collections4;IteratorUtils;true;zippingIterator;(Iterator,Iterator,Iterator);;Element of Argument[0];Element of ReturnValue;value",
@@ -651,7 +651,7 @@ private class ApacheIteratorUtilsModel extends SummaryModelCsv {
651651
"org.apache.commons.collections;IteratorUtils;true;chainedIterator;(Iterator,Iterator);;Element of Argument[0];Element of ReturnValue;value",
652652
"org.apache.commons.collections;IteratorUtils;true;chainedIterator;(Iterator,Iterator);;Element of Argument[1];Element of ReturnValue;value",
653653
"org.apache.commons.collections;IteratorUtils;true;collatedIterator;(Comparator,Collection);;Element of Element of Argument[1];Element of ReturnValue;value",
654-
"org.apache.commons.collections;IteratorUtils;true;collatedIterator;(Comparator,Iterator[]);;Element of Argument[1];Element of Element of ReturnValue;value",
654+
"org.apache.commons.collections;IteratorUtils;true;collatedIterator;(Comparator,Iterator[]);;Element of ArrayElement of Argument[1];Element of ReturnValue;value",
655655
"org.apache.commons.collections;IteratorUtils;true;collatedIterator;(Comparator,Iterator,Iterator);;Element of Argument[1];Element of ReturnValue;value",
656656
"org.apache.commons.collections;IteratorUtils;true;collatedIterator;(Comparator,Iterator,Iterator);;Element of Argument[2];Element of ReturnValue;value",
657657
"org.apache.commons.collections;IteratorUtils;true;filteredIterator;;;Element of Argument[0];Element of ReturnValue;value",
@@ -678,7 +678,7 @@ private class ApacheIteratorUtilsModel extends SummaryModelCsv {
678678
"org.apache.commons.collections;IteratorUtils;true;unmodifiableListIterator;;;Element of Argument[0];Element of ReturnValue;value",
679679
"org.apache.commons.collections;IteratorUtils;true;unmodifiableMapIterator;;;Element of Argument[0];Element of ReturnValue;value",
680680
"org.apache.commons.collections;IteratorUtils;true;unmodifiableMapIterator;;;MapValue of Argument[0];MapValue of ReturnValue;value",
681-
"org.apache.commons.collections;IteratorUtils;true;zippingIterator;(Iterator[]);;Element of Element of Argument[0];Element of ReturnValue;value",
681+
"org.apache.commons.collections;IteratorUtils;true;zippingIterator;(Iterator[]);;Element of ArrayElement of Argument[0];Element of ReturnValue;value",
682682
"org.apache.commons.collections;IteratorUtils;true;zippingIterator;(Iterator,Iterator);;Element of Argument[0];Element of ReturnValue;value",
683683
"org.apache.commons.collections;IteratorUtils;true;zippingIterator;(Iterator,Iterator);;Element of Argument[1];Element of ReturnValue;value",
684684
"org.apache.commons.collections;IteratorUtils;true;zippingIterator;(Iterator,Iterator,Iterator);;Element of Argument[0];Element of ReturnValue;value",
@@ -697,7 +697,7 @@ private class ApacheIterableUtilsModel extends SummaryModelCsv {
697697
[
698698
// Note that when lambdas are supported we should have a model for forEach, forEachButLast, transformedIterable
699699
"org.apache.commons.collections4;IterableUtils;true;boundedIterable;;;Element of Argument[0];Element of ReturnValue;value",
700-
"org.apache.commons.collections4;IterableUtils;true;chainedIterable;(Iterable[]);;Element of Element of Argument[0];Element of ReturnValue;value",
700+
"org.apache.commons.collections4;IterableUtils;true;chainedIterable;(Iterable[]);;Element of ArrayElement of Argument[0];Element of ReturnValue;value",
701701
"org.apache.commons.collections4;IterableUtils;true;chainedIterable;(Iterable,Iterable);;Element of Argument[0];Element of ReturnValue;value",
702702
"org.apache.commons.collections4;IterableUtils;true;chainedIterable;(Iterable,Iterable);;Element of Argument[1];Element of ReturnValue;value",
703703
"org.apache.commons.collections4;IterableUtils;true;chainedIterable;(Iterable,Iterable,Iterable);;Element of Argument[0];Element of ReturnValue;value",
@@ -725,10 +725,10 @@ private class ApacheIterableUtilsModel extends SummaryModelCsv {
725725
"org.apache.commons.collections4;IterableUtils;true;uniqueIterable;;;Element of Argument[0];Element of ReturnValue;value",
726726
"org.apache.commons.collections4;IterableUtils;true;unmodifiableIterable;;;Element of Argument[0];Element of ReturnValue;value",
727727
"org.apache.commons.collections4;IterableUtils;true;zippingIterable;;;Element of Argument[0];Element of ReturnValue;value",
728-
"org.apache.commons.collections4;IterableUtils;true;zippingIterable;(Iterable,Iterable[]);;Element of Element of Argument[1];Element of ReturnValue;value",
728+
"org.apache.commons.collections4;IterableUtils;true;zippingIterable;(Iterable,Iterable[]);;Element of ArrayElement of Argument[1];Element of ReturnValue;value",
729729
"org.apache.commons.collections4;IterableUtils;true;zippingIterable;(Iterable,Iterable);;Element of Argument[1];Element of ReturnValue;value",
730730
"org.apache.commons.collections;IterableUtils;true;boundedIterable;;;Element of Argument[0];Element of ReturnValue;value",
731-
"org.apache.commons.collections;IterableUtils;true;chainedIterable;(Iterable[]);;Element of Element of Argument[0];Element of ReturnValue;value",
731+
"org.apache.commons.collections;IterableUtils;true;chainedIterable;(Iterable[]);;Element of ArrayElement of Argument[0];Element of ReturnValue;value",
732732
"org.apache.commons.collections;IterableUtils;true;chainedIterable;(Iterable,Iterable);;Element of Argument[0];Element of ReturnValue;value",
733733
"org.apache.commons.collections;IterableUtils;true;chainedIterable;(Iterable,Iterable);;Element of Argument[1];Element of ReturnValue;value",
734734
"org.apache.commons.collections;IterableUtils;true;chainedIterable;(Iterable,Iterable,Iterable);;Element of Argument[0];Element of ReturnValue;value",
@@ -756,7 +756,7 @@ private class ApacheIterableUtilsModel extends SummaryModelCsv {
756756
"org.apache.commons.collections;IterableUtils;true;uniqueIterable;;;Element of Argument[0];Element of ReturnValue;value",
757757
"org.apache.commons.collections;IterableUtils;true;unmodifiableIterable;;;Element of Argument[0];Element of ReturnValue;value",
758758
"org.apache.commons.collections;IterableUtils;true;zippingIterable;;;Element of Argument[0];Element of ReturnValue;value",
759-
"org.apache.commons.collections;IterableUtils;true;zippingIterable;(Iterable,Iterable[]);;Element of Element of Argument[1];Element of ReturnValue;value",
759+
"org.apache.commons.collections;IterableUtils;true;zippingIterable;(Iterable,Iterable[]);;Element of ArrayElement of Argument[1];Element of ReturnValue;value",
760760
"org.apache.commons.collections;IterableUtils;true;zippingIterable;(Iterable,Iterable);;Element of Argument[1];Element of ReturnValue;value"
761761
]
762762
}
@@ -858,7 +858,7 @@ private class ApacheSetUtilsModel extends SummaryModelCsv {
858858
"org.apache.commons.collections4;SetUtils;true;difference;;;Element of Argument[0];Element of ReturnValue;value",
859859
"org.apache.commons.collections4;SetUtils;true;difference;;;Element of Argument[1];Element of ReturnValue;value",
860860
"org.apache.commons.collections4;SetUtils;true;emptyIfNull;;;Argument[0];ReturnValue;value",
861-
"org.apache.commons.collections4;SetUtils;true;hashSet;;;Element of Argument[0];Element of ReturnValue;value",
861+
"org.apache.commons.collections4;SetUtils;true;hashSet;;;ArrayElement of Argument[0];Element of ReturnValue;value",
862862
"org.apache.commons.collections4;SetUtils;true;intersection;;;Element of Argument[0];Element of ReturnValue;value",
863863
"org.apache.commons.collections4;SetUtils;true;intersection;;;Element of Argument[1];Element of ReturnValue;value",
864864
"org.apache.commons.collections4;SetUtils;true;orderedSet;;;Element of Argument[0];Element of ReturnValue;value",

java/ql/test/library-tests/frameworks/apache-collections/Test.java

Lines changed: 35 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1863,6 +1863,13 @@ public void test() {
18631863
out = IterableUtils.boundedIterable(in, 0L);
18641864
sink(getElement(out)); // $ hasValueFlow
18651865
}
1866+
{
1867+
// "org.apache.commons.collections4;IterableUtils;true;chainedIterable;(Iterable[]);;Element of ArrayElement of Argument[0];Element of ReturnValue;value"
1868+
Iterable out = null;
1869+
Iterable in = newVectorWithElement((String)source());
1870+
out = IterableUtils.chainedIterable(in);
1871+
sink(getElement(out)); // $ hasValueFlow
1872+
}
18661873
{
18671874
// "org.apache.commons.collections4;IterableUtils;true;chainedIterable;(Iterable,Iterable);;Element of Argument[0];Element of ReturnValue;value"
18681875
Iterable out = null;
@@ -2080,6 +2087,13 @@ public void test() {
20802087
out = IterableUtils.zippingIterable((Iterable)null, in);
20812088
sink(getElement(out)); // $ hasValueFlow
20822089
}
2090+
{
2091+
// "org.apache.commons.collections4;IterableUtils;true;zippingIterable;(Iterable,Iterable[]);;Element of ArrayElement of Argument[1];Element of ReturnValue;value"
2092+
Iterable out = null;
2093+
Iterable in = newVectorWithElement((String)source());
2094+
out = IterableUtils.zippingIterable((Iterable)null, in);
2095+
sink(getElement(out)); // $ hasValueFlow
2096+
}
20832097
{
20842098
// "org.apache.commons.collections4;IterableUtils;true;zippingIterable;;;Element of Argument[0];Element of ReturnValue;value"
20852099
Iterable out = null;
@@ -2213,6 +2227,13 @@ public void test() {
22132227
out = IteratorUtils.collatedIterator((Comparator)null, in);
22142228
sink(getElement(out)); // $ hasValueFlow
22152229
}
2230+
{
2231+
// "org.apache.commons.collections4;IteratorUtils;true;collatedIterator;(Comparator,Iterator[]);;Element of ArrayElement of Argument[1];Element of ReturnValue;value"
2232+
Iterator out = null;
2233+
Iterator in = newListIteratorWithElement((String)source());
2234+
out = IteratorUtils.collatedIterator((Comparator)null, in);
2235+
sink(getElement(out)); // $ hasValueFlow
2236+
}
22162237
{
22172238
// "org.apache.commons.collections4;IteratorUtils;true;collatedIterator;(Comparator,Iterator,Iterator);;Element of Argument[1];Element of ReturnValue;value"
22182239
Iterator out = null;
@@ -2416,6 +2437,13 @@ public void test() {
24162437
out = IteratorUtils.unmodifiableMapIterator(in);
24172438
sink(getMapValue(out)); // $ hasValueFlow
24182439
}
2440+
{
2441+
// "org.apache.commons.collections4;IteratorUtils;true;zippingIterator;(Iterator[]);;Element of ArrayElement of Argument[0];Element of ReturnValue;value"
2442+
ZippingIterator out = null;
2443+
Iterator in = newListIteratorWithElement((String)source());
2444+
out = IteratorUtils.zippingIterator(in);
2445+
sink(getElement(out)); // $ hasValueFlow
2446+
}
24192447
{
24202448
// "org.apache.commons.collections4;IteratorUtils;true;zippingIterator;(Iterator,Iterator);;Element of Argument[0];Element of ReturnValue;value"
24212449
ZippingIterator out = null;
@@ -3123,6 +3151,13 @@ public void test() {
31233151
out = SetUtils.emptyIfNull(in);
31243152
sink(out); // $ hasValueFlow
31253153
}
3154+
{
3155+
// "org.apache.commons.collections4;SetUtils;true;hashSet;;;ArrayElement of Argument[0];Element of ReturnValue;value"
3156+
HashSet out = null;
3157+
Object in = source();
3158+
out = SetUtils.hashSet(in, null);
3159+
sink(getElement(out)); // $ hasValueFlow
3160+
}
31263161
{
31273162
// "org.apache.commons.collections4;SetUtils;true;intersection;;;Element of Argument[0];Element of ReturnValue;value"
31283163
SetUtils.SetView out = null;

0 commit comments

Comments
 (0)