Merge pull request #15499 from github/max-schaefer/automodel-functional-interface-expr

Automodel: Do not consider `@FunctionalInterface`-typed expressions as candidates.

Author: max-schaefer

java/ql/automodel/src/AutomodelApplicationModeCharacteristics.qll

@@ -600,6 +600,15 @@ private class OtherArgumentToModeledMethodCharacteristic extends Characteristics
   }
 }
 
+/**
+ * Holds if the type of the given expression is annotated with `@FunctionalInterface`.
+ */
+predicate hasFunctionalInterfaceType(Expr e) {
+  exists(RefType tp | tp = e.getType().getErasure() |
+    tp.getAnAssociatedAnnotation().getType().hasQualifiedName("java.lang", "FunctionalInterface")
+  )
+}
+
 /**
  * A characteristic that marks functional expression as likely not sinks.
  *
@@ -608,7 +617,11 @@ private class OtherArgumentToModeledMethodCharacteristic extends Characteristics
 private class FunctionValueCharacteristic extends CharacteristicsImpl::LikelyNotASinkCharacteristic {
   FunctionValueCharacteristic() { this = "function value" }
 
-  override predicate appliesToEndpoint(Endpoint e) { e.asNode().asExpr() instanceof FunctionalExpr }
+  override predicate appliesToEndpoint(Endpoint e) {
+    exists(Expr expr | expr = e.asNode().asExpr() |
+      expr instanceof FunctionalExpr or hasFunctionalInterfaceType(expr)
+    )
+  }
 }
 
 /**

java/ql/automodel/test/AutomodelApplicationModeExtraction/Test.java

@@ -9,6 +9,7 @@
 import java.util.concurrent.atomic.AtomicReference;
 import java.util.function.Supplier;
 import java.io.File;
+import java.io.FileFilter;
 import java.nio.file.FileVisitOption;
 import java.net.URLConnection;
 import java.util.concurrent.FutureTask;
@@ -22,7 +23,7 @@ public static void main(String[] args) throws Exception {
 	}
 
 	public static void callSupplier(Supplier<String> supplier) {
-		supplier.get(); // $ sourceModelCandidate=get():ReturnValue sinkModelCandidate=get():Argument[this]
+		supplier.get(); // $ sourceModelCandidate=get():ReturnValue
 	}
 
 	public static void copyFiles(Path source, Path target, CopyOption option) throws Exception {
@@ -65,6 +66,12 @@ public static void FilesWalkExample(Path p, FileVisitOption o) throws Exception
 	public static void WebSocketExample(URLConnection c) throws Exception {
 		c.getInputStream(); // $ sinkModelCandidate=getInputStream():Argument[this] positiveSourceExample=getInputStream():ReturnValue(remote) // not a source candidate (manual modeling)
 	}
+
+	public static void fileFilterExample(File f, FileFilter ff) {
+		f.listFiles( // $ sinkModelCandidate=listFiles(FileFilter):Argument[this]
+			ff
+		); // $ sourceModelCandidate=listFiles(FileFilter):ReturnValue
+	}
 }
 
 class OverrideTest extends Exception {