Java: Add some spurious source and sink examples.

michaelnebel · michaelnebel · commit 30249e4f2b3b · 2024-06-24T13:07:34.000+02:00
diff --git a/java/ql/test/utils/modelgenerator/dataflow/CaptureSinkModels.ext.yml b/java/ql/test/utils/modelgenerator/dataflow/CaptureSinkModels.ext.yml
@@ -5,6 +5,7 @@ extensions:
       extensible: sinkModel
     data:
       - [ "p", "Sinks", False, "sink", "(Object)", "", "Argument[0]", "test-sink", "manual" ]
+      - [ "p", "Sinks", False, "manualSinkAlreadyDefined", "(Object)", "", "Argument[0]", "test-sink", "manual" ]
 
   - addsTo:
       pack: codeql/java-all
diff --git a/java/ql/test/utils/modelgenerator/dataflow/CaptureSourceModels.ext.yml b/java/ql/test/utils/modelgenerator/dataflow/CaptureSourceModels.ext.yml
@@ -5,3 +5,10 @@ extensions:
       extensible: sourceModel
     data:
       - [ "p", "Sources", False, "source", "()", "", "ReturnValue", "test-source", "manual" ]
+      - [ "p", "Sources", False, "manualSourceAlreadyDefined", "()", "", "ReturnValue", "test-source", "manual" ]
+
+  - addsTo:
+      pack: codeql/java-all
+      extensible: neutralModel
+    data:
+      - ["p", "Sources", "manualNeutralSource", "()", "source", "manual"]
diff --git a/java/ql/test/utils/modelgenerator/dataflow/p/Sinks.java b/java/ql/test/utils/modelgenerator/dataflow/p/Sinks.java
@@ -71,4 +71,11 @@ public void wrapSinkSimpleType(String s) {
     Boolean b = s == "hello";
     sink(b);
   }
+
+  // Not a new sink as this callable already has a manual sink.
+  // SPURIOUS-sink=p;Sinks;true;manualSinkAlreadyDefined;(Object);;Argument[0];test-sink;df-generated
+  // neutral=p;Sinks;manualSinkAlreadyDefined;(Object);summary;df-generated
+  public void manualSinkAlreadyDefined(Object o) {
+    sink(o);
+  }
 }
diff --git a/java/ql/test/utils/modelgenerator/dataflow/p/Sources.java b/java/ql/test/utils/modelgenerator/dataflow/p/Sources.java
@@ -66,4 +66,19 @@ public String read() {
       return value.toString();
     }
   }
+
+  // Not a new source as this callable has been manually modelled
+  // as source neutral.
+  // SPURIOUS-source=p;Sources;true;manualNeutralSource;();;ReturnValue;test-source;df-generated
+  // neutral=p;Sources;manualNeutralSource;();summary;df-generated
+  public String manualNeutralSource() {
+    return source();
+  }
+
+  // Not a new source as this callable already has a manual source.
+  // SPURIOUS-source=p;Sources;true;manualSourceAlreadyDefined;();;ReturnValue;test-source;df-generated
+  // neutral=p;Sources;manualSourceAlreadyDefined;();summary;df-generated
+  public String manualSourceAlreadyDefined() {
+    return source();
+  }
 }

Original file line number	Diff line number	Diff line change
`@@ -71,4 +71,11 @@ public void wrapSinkSimpleType(String s) {`
`71`	`71`	`Boolean b = s == "hello";`
`72`	`72`	`sink(b);`
`73`	`73`	`}`
	`74`	`+`
	`75`	`+ // Not a new sink as this callable already has a manual sink.`
	`76`	`+ // SPURIOUS-sink=p;Sinks;true;manualSinkAlreadyDefined;(Object);;Argument[0];test-sink;df-generated`
	`77`	`+ // neutral=p;Sinks;manualSinkAlreadyDefined;(Object);summary;df-generated`
	`78`	`+ public void manualSinkAlreadyDefined(Object o) {`
	`79`	`+ sink(o);`
	`80`	`+ }`
`74`	`81`	`}`