Skip to content

Commit 857c277

Browse files
author
Benjamin Muskalla
committed
Added missing model for ReadableByteChannel
This reveals more models for commons io
1 parent b20b3ab commit 857c277

File tree

1 file changed

+12
-13
lines changed
  • java/ql/lib/semmle/code/java/frameworks/apache

1 file changed

+12
-13
lines changed

java/ql/lib/semmle/code/java/frameworks/apache/IO.qll

Lines changed: 12 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -7,12 +7,7 @@ private import semmle.code.java.dataflow.ExternalFlow
77
private class ApacheCommonsIOCustomSummaryCsv extends SummaryModelCsv {
88
override predicate row(string row) {
99
row =
10-
[
11-
"org.apache.commons.io;IOUtils;true;copyLarge;(Reader,Writer);;Argument[0];Argument[1];taint",
12-
"org.apache.commons.io;IOUtils;false;readFully;(InputStream,ByteBuffer);;Argument[0];Argument[1];taint",
13-
"org.apache.commons.io;IOUtils;false;readFully;(ReadableByteChannel,ByteBuffer);;Argument[0];Argument[1];taint",
14-
"org.apache.commons.io;IOUtils;false;toBufferedInputStream;;;Argument[0];ReturnValue;taint"
15-
]
10+
["org.apache.commons.io;IOUtils;false;toBufferedInputStream;;;Argument[0];ReturnValue;taint"]
1611
}
1712
}
1813

@@ -540,6 +535,8 @@ private class ApacheCommonsIOSummaryCsv extends SummaryModelCsv {
540535
"org.apache.commons.io;ByteOrderMark;true;getCharsetName;();;Argument[-1];ReturnValue;taint",
541536
"org.apache.commons.io;ByteOrderMark;true;toString;();;Argument[-1];ReturnValue;taint",
542537
"org.apache.commons.io;CopyUtils;true;copy;(InputStream,OutputStream);;Argument[0];Argument[1];taint",
538+
"org.apache.commons.io;CopyUtils;true;copy;(InputStream,Writer);;Argument[0];Argument[1];taint",
539+
"org.apache.commons.io;CopyUtils;true;copy;(InputStream,Writer,String);;Argument[0];Argument[1];taint",
543540
"org.apache.commons.io;CopyUtils;true;copy;(Reader,Writer);;Argument[0];Argument[1];taint",
544541
"org.apache.commons.io;CopyUtils;true;copy;(String,Writer);;Argument[0];Argument[1];taint",
545542
"org.apache.commons.io;CopyUtils;true;copy;(byte[],OutputStream);;Argument[0];Argument[1];taint",
@@ -598,8 +595,6 @@ private class ApacheCommonsIOSummaryCsv extends SummaryModelCsv {
598595
"org.apache.commons.io;IOUtils;true;copy;(Reader,Appendable,CharBuffer);;Argument[0];Argument[1];taint",
599596
"org.apache.commons.io;IOUtils;true;copy;(Reader,Appendable,CharBuffer);;Argument[0];Argument[2];taint",
600597
"org.apache.commons.io;IOUtils;true;copy;(Reader,Appendable,CharBuffer);;Argument[2];Argument[1];taint",
601-
"org.apache.commons.io;IOUtils;true;copy;(Reader,OutputStream);;Argument[0];Argument[1];taint",
602-
"org.apache.commons.io;IOUtils;true;copy;(Reader,OutputStream,String);;Argument[0];Argument[1];taint",
603598
"org.apache.commons.io;IOUtils;true;copy;(Reader,Writer);;Argument[0];Argument[1];taint",
604599
"org.apache.commons.io;IOUtils;true;copyLarge;(InputStream,OutputStream);;Argument[0];Argument[1];taint",
605600
"org.apache.commons.io;IOUtils;true;copyLarge;(InputStream,OutputStream,byte[]);;Argument[0];Argument[1];taint",
@@ -609,9 +604,11 @@ private class ApacheCommonsIOSummaryCsv extends SummaryModelCsv {
609604
"org.apache.commons.io;IOUtils;true;copyLarge;(InputStream,OutputStream,long,long,byte[]);;Argument[0];Argument[1];taint",
610605
"org.apache.commons.io;IOUtils;true;copyLarge;(InputStream,OutputStream,long,long,byte[]);;Argument[0];Argument[4];taint",
611606
"org.apache.commons.io;IOUtils;true;copyLarge;(InputStream,OutputStream,long,long,byte[]);;Argument[4];Argument[1];taint",
607+
"org.apache.commons.io;IOUtils;true;copyLarge;(Reader,Writer);;Argument[0];Argument[1];taint",
612608
"org.apache.commons.io;IOUtils;true;copyLarge;(Reader,Writer,char[]);;Argument[0];Argument[1];taint",
613609
"org.apache.commons.io;IOUtils;true;copyLarge;(Reader,Writer,char[]);;Argument[0];Argument[2];taint",
614610
"org.apache.commons.io;IOUtils;true;copyLarge;(Reader,Writer,char[]);;Argument[2];Argument[1];taint",
611+
"org.apache.commons.io;IOUtils;true;copyLarge;(Reader,Writer,long,long);;Argument[0];Argument[1];taint",
615612
"org.apache.commons.io;IOUtils;true;copyLarge;(Reader,Writer,long,long,char[]);;Argument[0];Argument[1];taint",
616613
"org.apache.commons.io;IOUtils;true;copyLarge;(Reader,Writer,long,long,char[]);;Argument[0];Argument[4];taint",
617614
"org.apache.commons.io;IOUtils;true;copyLarge;(Reader,Writer,long,long,char[]);;Argument[4];Argument[1];taint",
@@ -620,11 +617,13 @@ private class ApacheCommonsIOSummaryCsv extends SummaryModelCsv {
620617
"org.apache.commons.io;IOUtils;true;lineIterator;(Reader);;Argument[0];ReturnValue;taint",
621618
"org.apache.commons.io;IOUtils;true;read;(InputStream,byte[]);;Argument[0];Argument[1];taint",
622619
"org.apache.commons.io;IOUtils;true;read;(InputStream,byte[],int,int);;Argument[0];Argument[1];taint",
620+
"org.apache.commons.io;IOUtils;true;read;(ReadableByteChannel,ByteBuffer);;Argument[0];Argument[1];taint",
623621
"org.apache.commons.io;IOUtils;true;read;(Reader,char[]);;Argument[0];Argument[1];taint",
624622
"org.apache.commons.io;IOUtils;true;read;(Reader,char[],int,int);;Argument[0];Argument[1];taint",
625623
"org.apache.commons.io;IOUtils;true;readFully;(InputStream,byte[]);;Argument[0];Argument[1];taint",
626624
"org.apache.commons.io;IOUtils;true;readFully;(InputStream,byte[],int,int);;Argument[0];Argument[1];taint",
627625
"org.apache.commons.io;IOUtils;true;readFully;(InputStream,int);;Argument[0];ReturnValue;taint",
626+
"org.apache.commons.io;IOUtils;true;readFully;(ReadableByteChannel,ByteBuffer);;Argument[0];Argument[1];taint",
628627
"org.apache.commons.io;IOUtils;true;readFully;(Reader,char[]);;Argument[0];Argument[1];taint",
629628
"org.apache.commons.io;IOUtils;true;readFully;(Reader,char[],int,int);;Argument[0];Argument[1];taint",
630629
"org.apache.commons.io;IOUtils;true;readLines;(InputStream);;Argument[0];ReturnValue;taint",
@@ -636,11 +635,8 @@ private class ApacheCommonsIOSummaryCsv extends SummaryModelCsv {
636635
"org.apache.commons.io;IOUtils;true;toByteArray;(InputStream,int);;Argument[0];ReturnValue;taint",
637636
"org.apache.commons.io;IOUtils;true;toByteArray;(InputStream,long);;Argument[0];ReturnValue;taint",
638637
"org.apache.commons.io;IOUtils;true;toByteArray;(Reader);;Argument[0];ReturnValue;taint",
639-
"org.apache.commons.io;IOUtils;true;toByteArray;(Reader,Charset);;Argument[0];ReturnValue;taint",
640638
"org.apache.commons.io;IOUtils;true;toByteArray;(Reader,String);;Argument[0];ReturnValue;taint",
641639
"org.apache.commons.io;IOUtils;true;toByteArray;(String);;Argument[0];ReturnValue;taint",
642-
"org.apache.commons.io;IOUtils;true;toCharArray;(InputStream);;Argument[0];ReturnValue;taint",
643-
"org.apache.commons.io;IOUtils;true;toCharArray;(InputStream,String);;Argument[0];ReturnValue;taint",
644640
"org.apache.commons.io;IOUtils;true;toInputStream;(CharSequence);;Argument[0];ReturnValue;taint",
645641
"org.apache.commons.io;IOUtils;true;toInputStream;(CharSequence,Charset);;Argument[0];ReturnValue;taint",
646642
"org.apache.commons.io;IOUtils;true;toInputStream;(CharSequence,String);;Argument[0];ReturnValue;taint",
@@ -653,7 +649,10 @@ private class ApacheCommonsIOSummaryCsv extends SummaryModelCsv {
653649
"org.apache.commons.io;IOUtils;true;toString;(Reader);;Argument[0];ReturnValue;taint",
654650
"org.apache.commons.io;IOUtils;true;toString;(byte[]);;Argument[0];ReturnValue;taint",
655651
"org.apache.commons.io;IOUtils;true;toString;(byte[],String);;Argument[0];ReturnValue;taint",
652+
"org.apache.commons.io;IOUtils;true;write;(CharSequence,OutputStream);;Argument[0];Argument[1];taint",
656653
"org.apache.commons.io;IOUtils;true;write;(CharSequence,OutputStream,Charset);;Argument[0];Argument[1];taint",
654+
"org.apache.commons.io;IOUtils;true;write;(CharSequence,OutputStream,String);;Argument[0];Argument[1];taint",
655+
"org.apache.commons.io;IOUtils;true;write;(CharSequence,Writer);;Argument[0];Argument[1];taint",
657656
"org.apache.commons.io;IOUtils;true;write;(String,OutputStream);;Argument[0];Argument[1];taint",
658657
"org.apache.commons.io;IOUtils;true;write;(String,OutputStream,Charset);;Argument[0];Argument[1];taint",
659658
"org.apache.commons.io;IOUtils;true;write;(String,OutputStream,String);;Argument[0];Argument[1];taint",
@@ -662,18 +661,18 @@ private class ApacheCommonsIOSummaryCsv extends SummaryModelCsv {
662661
"org.apache.commons.io;IOUtils;true;write;(StringBuffer,OutputStream,String);;Argument[0];Argument[1];taint",
663662
"org.apache.commons.io;IOUtils;true;write;(StringBuffer,Writer);;Argument[0];Argument[1];taint",
664663
"org.apache.commons.io;IOUtils;true;write;(byte[],OutputStream);;Argument[0];Argument[1];taint",
664+
"org.apache.commons.io;IOUtils;true;write;(byte[],Writer);;Argument[0];Argument[1];taint",
665665
"org.apache.commons.io;IOUtils;true;write;(byte[],Writer,Charset);;Argument[0];Argument[1];taint",
666+
"org.apache.commons.io;IOUtils;true;write;(byte[],Writer,String);;Argument[0];Argument[1];taint",
666667
"org.apache.commons.io;IOUtils;true;write;(char[],OutputStream);;Argument[0];Argument[1];taint",
667668
"org.apache.commons.io;IOUtils;true;write;(char[],OutputStream,Charset);;Argument[0];Argument[1];taint",
668669
"org.apache.commons.io;IOUtils;true;write;(char[],OutputStream,String);;Argument[0];Argument[1];taint",
669670
"org.apache.commons.io;IOUtils;true;write;(char[],Writer);;Argument[0];Argument[1];taint",
670671
"org.apache.commons.io;IOUtils;true;writeChunked;(byte[],OutputStream);;Argument[0];Argument[1];taint",
671672
"org.apache.commons.io;IOUtils;true;writeChunked;(char[],Writer);;Argument[0];Argument[1];taint",
672673
"org.apache.commons.io;IOUtils;true;writeLines;(Collection,String,OutputStream);;Argument[1];Argument[2];taint",
673-
"org.apache.commons.io;IOUtils;true;writeLines;(Collection,String,OutputStream);;Element of Argument[0];Argument[2];taint",
674674
"org.apache.commons.io;IOUtils;true;writeLines;(Collection,String,OutputStream,Charset);;Argument[1];Argument[2];taint",
675675
"org.apache.commons.io;IOUtils;true;writeLines;(Collection,String,OutputStream,String);;Argument[1];Argument[2];taint",
676-
"org.apache.commons.io;IOUtils;true;writeLines;(Collection,String,OutputStream,String);;Element of Argument[0];Argument[2];taint",
677676
"org.apache.commons.io;IOUtils;true;writeLines;(Collection,String,Writer);;Argument[1];Argument[2];taint",
678677
"org.apache.commons.io;IOUtils;true;writer;(Appendable);;Argument[0];ReturnValue;taint",
679678
"org.apache.commons.io;LineIterator;true;LineIterator;(Reader);;Argument[0];Argument[-1];taint",

0 commit comments

Comments
 (0)