Java: Add more neutral JDK models

This is similar to #15766, in the sense that it adds neutral models to prevent the model generator from generating summaries for them. These models were spotted while evaluating #14919.

Author: atorralba

java/ql/lib/ext/java.beans.model.yml

@@ -4,3 +4,12 @@ extensions:
       extensible: summaryModel
     data:
       - ["java.beans", "XMLDecoder", False, "XMLDecoder", "", "", "Argument[0]", "Argument[this]", "taint", "manual"]
+  - addsTo:
+      pack: codeql/java-all
+      extensible: neutralModel
+    data:
+      # summary neutrals
+      - ["java.beans", "PropertyEditor", "getAsText", "()", "summary", "manual"] # needs to be modeled by regular CodeQL matching the get and set keys to reduce FPs
+      - ["java.beans", "PropertyEditor", "getValue", "()", "summary", "manual"] # needs to be modeled by regular CodeQL matching the get and set keys to reduce FPs
+      - ["java.beans", "PropertyEditor", "setAsText", "()", "summary", "manual"] # needs to be modeled by regular CodeQL matching the get and set keys to reduce FPs
+      - ["java.beans", "PropertyEditor", "setValue", "()", "summary", "manual"] # needs to be modeled by regular CodeQL matching the get and set keys to reduce FPs

java/ql/lib/ext/java.io.model.yml

@@ -116,9 +116,12 @@ extensions:
       - ["java.io", "File", "isFile", "()", "summary", "manual"]
       - ["java.io", "File", "length", "()", "summary", "manual"]
       - ["java.io", "File", "isDirectory", "()", "summary", "manual"]
+      - ["java.io", "File", "listFiles", "", "summary", "manual"]
       - ["java.io", "File", "mkdirs", "()", "summary", "manual"]
       - ["java.io", "FileInputStream", "FileInputStream", "(File)", "summary", "manual"]
+      - ["java.io", "FileInputStream", "FileInputStream", "(String)", "summary", "manual"]
       - ["java.io", "InputStream", "close", "()", "summary", "manual"]
+      - ["java.io", "ObjectInput", "readObject", "()", "summary", "manual"]
       - ["java.io", "OutputStream", "flush", "()", "summary", "manual"]
       # The below APIs have numeric flow and are currently being stored as neutral models.
       # These may be changed to summary models with kinds "value-numeric" and "taint-numeric" (or similar) in the future.

java/ql/lib/ext/java.net.model.yml

@@ -61,3 +61,10 @@ extensions:
       - ["java.net", "URL", False, "toURI", "", "", "Argument[this]", "ReturnValue", "taint", "manual"]
       - ["java.net", "URL", False, "toString", "", "", "Argument[this]", "ReturnValue", "taint", "manual"]
       - ["java.net", "URLDecoder", False, "decode", "", "", "Argument[0]", "ReturnValue", "taint", "manual"]
+  - addsTo:
+      pack: codeql/java-all
+      extensible: neutralModel
+    data:
+      # summary neutrals
+      - ["java.net", "Socket", "getOutputStream", "()", "summary", "manual"]
+      - ["java.net", "Socket", "connect", "(SocketAddress,int)", "summary", "manual"]

java/ql/lib/ext/java.util.logging.yml

@@ -0,0 +1,8 @@
+extensions:
+  - addsTo:
+      pack: codeql/java-all
+      extensible: neutralModel
+    data:
+      # summary neutrals
+      - ["java.util.logging", "LogRecord", "getResourceBundle", "()", "summary", "manual"]
+      - ["java.util.logging", "LogRecord", "setParameters", "", "summary", "manual"]

java/ql/lib/ext/java.util.model.yml

@@ -107,6 +107,8 @@ extensions:
       - ["java.util", "Collections", False, "unmodifiableSortedMap", "(SortedMap)", "", "Argument[0].MapKey", "ReturnValue.MapKey", "value", "manual"]
       - ["java.util", "Collections", False, "unmodifiableSortedMap", "(SortedMap)", "", "Argument[0].MapValue", "ReturnValue.MapValue", "value", "manual"]
       - ["java.util", "Collections", False, "unmodifiableSortedSet", "(SortedSet)", "", "Argument[0].Element", "ReturnValue.Element", "value", "manual"]
+      - ["java.util", "ConcurrentHashMap", False, "ConcurrentHashMap", "(Map)", "", "Argument[0].MapKey", "Argument[this].MapKey", "value", "manual"]
+      - ["java.util", "ConcurrentHashMap", False, "ConcurrentHashMap", "(Map)", "", "Argument[0].MapValue", "Argument[this].MapValue", "value", "manual"]
       - ["java.util", "Deque", True, "addFirst", "(Object)", "", "Argument[0]", "Argument[this].Element", "value", "manual"]
       - ["java.util", "Deque", True, "addLast", "(Object)", "", "Argument[0]", "Argument[this].Element", "value", "manual"]
       - ["java.util", "Deque", True, "descendingIterator", "()", "", "Argument[this].Element", "ReturnValue.Element", "value", "manual"]
@@ -428,6 +430,7 @@ extensions:
       - ["java.util", "Collections", "emptySet", "()", "summary", "manual"]
       - ["java.util", "Collections", "sort", "", "summary", "manual"]
       - ["java.util", "Enumeration", "hasMoreElements", "()", "summary", "manual"]
+      - ["java.util", "EnumSet", "copyOf", "(EnumSet)", "summary", "manual"]
       - ["java.util", "HashMap", "containsKey", "(Object)", "summary", "manual"]
       - ["java.util", "HashMap", "HashMap", "(int)", "summary", "manual"]
       - ["java.util", "HashMap", "size", "()", "summary", "manual"]
@@ -454,6 +457,7 @@ extensions:
       - ["java.util", "Optional", "isEmpty", "()", "summary", "manual"]
       - ["java.util", "Optional", "isPresent", "()", "summary", "manual"]
       - ["java.util", "Random", "nextInt", "(int)", "summary", "manual"]
+      - ["java.util", "ResourceBundle", "getBundle", "", "summary", "manual"]
       - ["java.util", "Set", "contains", "(Object)", "summary", "manual"]
       - ["java.util", "Set", "isEmpty", "()", "summary", "manual"]
       - ["java.util", "Set", "size", "()", "summary", "manual"]

java/ql/lib/ext/java.util.prefs.model.yml

@@ -3,6 +3,8 @@ extensions:
       pack: codeql/java-all
       extensible: neutralModel
     data:
+      # summary neutrals
+      - ["java.util.prefs", "Preferences", "get", "(String,String)", "summary", "manual"]
       # sink neutrals
       - ["java.util.prefs", "AbstractPreferences", "nodeExists", "", "sink", "hq-manual"]
       - ["java.util.prefs", "Preferences", "nodeExists", "", "sink", "hq-manual"]

java/ql/lib/ext/java.util.regex.model.yml

@@ -30,4 +30,9 @@ extensions:
       pack: codeql/java-all
       extensible: neutralModel
     data:
+      - ["java.util.regex", "Matcher", "appendReplacement", "(StringBuffer,String)", "summary", "manual"]
+      - ["java.util.regex", "Matcher", "appendTail", "(StringBuffer)", "summary", "manual"]
       - ["java.util.regex", "Matcher", "find", "()", "summary", "manual"]
+      - ["java.util.regex", "Matcher", "pattern", "()", "summary", "manual"]
+      - ["java.util.regex", "Pattern", "compile", "(String,int)", "summary", "manual"]
+      - ["java.util.regex", "Pattern", "pattern", "()", "summary", "manual"]

java/ql/lib/ext/javax.crypto.model.yml

@@ -24,3 +24,5 @@ extensions:
       - ["javax.crypto", "Cipher", "update", "", "summary", "manual"]
       - ["javax.crypto", "Cipher", "updateAAD", "", "summary", "manual"]
       - ["javax.crypto", "Cipher", "wrap", "", "summary", "manual"]
+      - ["javax.crypto", "Mac", "init", "(Key)", "summary", "manual"]
+      - ["javax.crypto", "Mac", "doFinal", "()", "summary", "manual"]

java/ql/lib/ext/javax.crypto.spec.model.yml

@@ -26,3 +26,8 @@ extensions:
       - ["javax.crypto.spec", "PBEParameterSpec", False, "PBEParameterSpec", "", "", "Argument[0]", "encryption-salt", "manual"]
       - ["javax.crypto.spec", "SecretKeySpec", False, "SecretKeySpec", "(byte[],String)", "", "Argument[0]", "credentials-key", "hq-generated"]
       - ["javax.crypto.spec", "SecretKeySpec", False, "SecretKeySpec", "(byte[],int,int,String)", "", "Argument[0]", "credentials-key", "hq-generated"]
+  - addsTo:
+      pack: codeql/java-all
+      extensible: neutralModel
+    data:
+      - ["javax.crypto.spec", "SecretKeySpec", "SecretKeySpec", "(byte[],String)", "summary", "manual"]