Skip to content

Commit 2e89a11

Browse files
author
Stephan Brandauer
committed
Java: tests for automodel application mode candidate extraction
1 parent 18fe587 commit 2e89a11

File tree

3 files changed

+39
-0
lines changed

3 files changed

+39
-0
lines changed

java/ql/test/query-tests/Telemetry/AutomodelApplicationModeExtractCandidates/AutomodelApplicationModeExtractCandidates.expected

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,2 @@
1+
| Test.java:14:3:14:11 | reference | command-injection, path-injection, request-forgery, sql-injection\nrelated locations: $@.\nmetadata: $@, $@, $@, $@, $@, $@. | Test.java:14:3:14:24 | set(...) | CallContext | file://java.util.concurrent.atomic:1:1:1:1 | java.util.concurrent.atomic | package | file://AtomicReference:1:1:1:1 | AtomicReference | type | file://false:1:1:1:1 | false | subtypes | file://set:1:1:1:1 | set | name | file://(String):1:1:1:1 | (String) | signature | file://Argument[this]:1:1:1:1 | Argument[this] | input |
2+
| Test.java:20:3:20:10 | supplier | command-injection, path-injection, request-forgery, sql-injection\nrelated locations: $@.\nmetadata: $@, $@, $@, $@, $@, $@. | Test.java:20:3:20:16 | get(...) | CallContext | file://java.util.function:1:1:1:1 | java.util.function | package | file://Supplier:1:1:1:1 | Supplier | type | file://true:1:1:1:1 | true | subtypes | file://get:1:1:1:1 | get | name | file://():1:1:1:1 | () | signature | file://Argument[this]:1:1:1:1 | Argument[this] | input |

java/ql/test/query-tests/Telemetry/AutomodelApplicationModeExtractCandidates/AutomodelApplicationModeExtractCandidates.qlref

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1 @@
1+
Telemetry/AutomodelApplicationModeExtractCandidates.ql

java/ql/test/query-tests/Telemetry/AutomodelApplicationModeExtractCandidates/Test.java

Lines changed: 36 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,36 @@
1+
package com.github.codeql.test;
2+
3+
import java.io.InputStream;
4+
import java.nio.file.CopyOption;
5+
import java.nio.file.Files;
6+
import java.nio.file.Path;
7+
import java.nio.file.Paths;
8+
import java.util.concurrent.atomic.AtomicReference;
9+
import java.util.function.Supplier;
10+
11+
class AutomodelApplicationModeExtractCandidates {
12+
public static void main(String[] args) throws Exception {
13+
AtomicReference<String> reference = new AtomicReference<>(); // uninteresting (parameterless constructor)
14+
reference.set(args[0]); // arg[0] is not a candidate (modeled as value flow step)
15+
// ^^^^^^ Argument[this] is a candidate (should no longer be, once a recent PR
16+
// is merged)
17+
}
18+
19+
public static void callSupplier(Supplier<String> supplier) {
20+
supplier.get(); // Argument[this] is a candidate
21+
}
22+
23+
public static void copyFiles(Path source, Path target, CopyOption option) throws Exception {
24+
Files.copy(
25+
source, // no candidate (modeled)
26+
target, // no candidate (modeled)
27+
option // no candidate (not modeled, but source and target are modeled)
28+
);
29+
}
30+
31+
public static InputStream getInputStream(Path openPath) throws Exception {
32+
return Files.newInputStream(
33+
openPath // no candidate (known sink)
34+
);
35+
}
36+
}

0 commit comments

Comments
 (0)