Skip to content

Commit 9cc10e4

Browse files
authored
Merge pull request github#9257 from michaelnebel/java/mad-commons-io-sha
Java: Update commons-io SHA for model regeneration and update models.
2 parents 42ec635 + 61151d8 commit 9cc10e4

File tree

8 files changed

+694
-675
lines changed

8 files changed

+694
-675
lines changed

.github/workflows/mad_modelDiff.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -61,7 +61,7 @@ jobs:
6161
DATABASE=$2
6262
cd codeql-$QL_VARIANT
6363
SHORTNAME=`basename $DATABASE`
64-
python java/ql/src/utils/model-generator/GenerateFlowModel.py $DATABASE $MODELS/${SHORTNAME}.qll
64+
python java/ql/src/utils/model-generator/GenerateFlowModel.py --with-summaries --with-sinks $DATABASE $MODELS/${SHORTNAME}.qll
6565
mv $MODELS/${SHORTNAME}.qll $MODELS/${SHORTNAME}Generated_${QL_VARIANT}.qll
6666
cd ..
6767
}

.github/workflows/mad_regenerate-models.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -20,7 +20,7 @@ jobs:
2020
ref: ["placeholder"]
2121
include:
2222
- slug: "apache/commons-io"
23-
ref: "8985de8fe74f6622a419b37a6eed0dbc484dc128"
23+
ref: "13258ce2d07aa0e764bbaa8020af4dcd3a02a620"
2424
exclude:
2525
- slug: "placeholder"
2626
ref: "placeholder"

java/ql/lib/semmle/code/java/dataflow/ExternalFlow.qll

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -92,6 +92,7 @@ private module Frameworks {
9292
private import semmle.code.java.frameworks.apache.IO
9393
private import semmle.code.java.frameworks.apache.Lang
9494
private import semmle.code.java.frameworks.Flexjson
95+
private import semmle.code.java.frameworks.generated
9596
private import semmle.code.java.frameworks.guava.Guava
9697
private import semmle.code.java.frameworks.jackson.JacksonSerializability
9798
private import semmle.code.java.frameworks.javaee.jsf.JSFRenderer

java/ql/lib/semmle/code/java/frameworks/apache/IO.qll

Lines changed: 8 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1,16 +1,21 @@
11
/** Custom definitions related to the Apache Commons IO library. */
22

33
import java
4-
import IOGenerated
54
private import semmle.code.java.dataflow.ExternalFlow
65

7-
// TODO: manual models that were not generated yet
86
private class ApacheCommonsIOCustomSummaryCsv extends SummaryModelCsv {
7+
/**
8+
* Models that are not yet auto generated or where the generated summaries will
9+
* be ignored.
10+
* Note that if a callable has any handwritten summary, all generated summaries
11+
* will be ignored for that callable.
12+
*/
913
override predicate row(string row) {
1014
row =
1115
[
1216
"org.apache.commons.io;IOUtils;false;toBufferedInputStream;;;Argument[0];ReturnValue;taint",
13-
"org.apache.commons.io;IOUtils;true;writeLines;(Collection,String,Writer);;Argument[0];Argument[2];taint",
17+
"org.apache.commons.io;IOUtils;true;writeLines;(Collection,String,Writer);;Argument[0].Element;Argument[2];taint",
18+
"org.apache.commons.io;IOUtils;true;writeLines;(Collection,String,Writer);;Argument[1];Argument[2];taint",
1419
"org.apache.commons.io;IOUtils;true;toByteArray;(Reader);;Argument[0];ReturnValue;taint",
1520
"org.apache.commons.io;IOUtils;true;toByteArray;(Reader,String);;Argument[0];ReturnValue;taint",
1621
]

java/ql/lib/semmle/code/java/frameworks/apache/IOGenerated.qll

Lines changed: 666 additions & 667 deletions
Large diffs are not rendered by default.
Lines changed: 9 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,9 @@
1+
/**
2+
* A module importing all generated Models as Data models.
3+
*/
4+
5+
import java
6+
7+
private module GeneratedFrameworks {
8+
private import apache.IOGenerated
9+
}

java/ql/src/utils/model-generator/RegenerateModels.py

Lines changed: 3 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -39,8 +39,9 @@ def regenerateModel(lgtmSlug, extractedDb):
3939
modelFile = defaultModelPath + "/" + lgtmSlugToModelFile[lgtmSlug]
4040
codeQlRoot = findGitRoot()
4141
targetModel = codeQlRoot + "/" + modelFile
42-
subprocess.check_call([codeQlRoot + "/java/ql/src/utils/model-generator/GenerateFlowModel.py", extractedDb,
43-
targetModel])
42+
subprocess.check_call([codeQlRoot + "/java/ql/src/utils/model-generator/GenerateFlowModel.py",
43+
"--with-summaries", "--with-sinks",
44+
extractedDb, targetModel])
4445
print("Regenerated " + targetModel)
4546
shutil.rmtree(tmpDir)
4647

java/ql/src/utils/model-generator/internal/CaptureModelsSpecific.qll

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -232,4 +232,8 @@ string asInputArgument(DataFlow::Node source) {
232232
* Holds if `kind` is a relevant sink kind for creating sink models.
233233
*/
234234
bindingset[kind]
235-
predicate isRelevantSinkKind(string kind) { not kind = "logging" }
235+
predicate isRelevantSinkKind(string kind) {
236+
not kind = "logging" and
237+
not kind.matches("regex-use%") and
238+
not kind = "write-file"
239+
}

0 commit comments

Comments
 (0)