experimentalSinkModel to sinkModel, remove one path injection sink that already exist before

am0o0 · am0o0 · commit 7e5f2e2a4826 · 2024-07-03T08:55:12.000+02:00
diff --git a/java/ql/lib/ext/experimental/s3-transfer-manager.model.yml b/java/ql/lib/ext/experimental/s3-transfer-manager.model.yml
@@ -1,7 +1,7 @@
 extensions:
   - addsTo:
       pack: codeql/java-all
-      extensible: experimentalSinkModel
+      extensible: sinkModel
     data:
       - ["software.amazon.awssdk.transfer.s3.model","ResumableFileUpload",true,"serializeToFile","(Path)","","Argument[0]","path-injection","manual"]
       - ["software.amazon.awssdk.transfer.s3.model","DownloadFileRequest$Builder",true,"destination","(Path)","","Argument[0]","path-injection","manual"]
diff --git a/java/ql/lib/ext/experimental/spring-core.model.yml b/java/ql/lib/ext/experimental/spring-core.model.yml
@@ -1,7 +1,7 @@
 extensions:
   - addsTo:
       pack: codeql/java-all
-      extensible: experimentalSinkModel
+      extensible: sinkModel
     data:
       - ["org.springframework.core.io","FileSystemResource",true,"FileSystemResource","(FileSystem,String)","","Argument[1]","path-injection","manual"]
       - ["org.springframework.core.io","FileSystemResource",true,"FileSystemResource","(File)","","Argument[0]","path-injection","manual"]
@@ -23,5 +23,4 @@ extensions:
       - ["org.springframework.util","FileSystemUtils",true,"deleteRecursively","(Path)","","Argument[0]","path-injection","manual"]
       - ["org.springframework.util","ResourceUtils",true,"getFile","(String)","","Argument[0]","path-injection","manual"]
       - ["org.springframework.util","FileCopyUtils",true,"copyToByteArray","(File)","","Argument[0]","path-injection","manual"]
-      - ["org.springframework.util","FileCopyUtils",true,"copyToString","(Reader)","","Argument[0]","path-injection","manual"]
       - ["org.springframework.util","FileSystemUtils",true,"copyRecursively","(File,File)","","Argument[0]","path-injection","manual"]
diff --git a/java/ql/lib/ext/experimental/zip4j.model.yml b/java/ql/lib/ext/experimental/zip4j.model.yml
@@ -1,7 +1,7 @@
 extensions:
   - addsTo:
       pack: codeql/java-all
-      extensible: experimentalSinkModel
+      extensible: sinkModel
     data:
       - ["net.lingala.zip4j","ZipFile",true,"extractAll","(String)","","Argument[0]","path-injection","manual"]
       - ["net.lingala.zip4j","ZipFile",true,"ZipFile","(String)","","Argument[0]","path-injection","manual"]
diff --git a/java/ql/test/query-tests/security/CWE-022/semmle/tests/NewPathInjection/PathInjection/src/main/java/com/PathInjection/SpringIoPathInjection.java b/java/ql/test/query-tests/security/CWE-022/semmle/tests/NewPathInjection/PathInjection/src/main/java/com/PathInjection/SpringIoPathInjection.java
@@ -43,6 +43,5 @@ public void PathInjection(String path) throws IOException {
     FileSystemUtils.deleteRecursively(filePath); // $ PathInjection
     FileCopyUtils.copy(pathFile, pathFile); // $ PathInjection
     FileCopyUtils.copyToByteArray(pathFile); // $ PathInjection
-    FileCopyUtils.copyToString(new FileReader("fa"));
   }
 }

Original file line number	Diff line number	Diff line change
`@@ -43,6 +43,5 @@ public void PathInjection(String path) throws IOException {`
`43`	`43`	`FileSystemUtils.deleteRecursively(filePath); // $ PathInjection`
`44`	`44`	`FileCopyUtils.copy(pathFile, pathFile); // $ PathInjection`
`45`	`45`	`FileCopyUtils.copyToByteArray(pathFile); // $ PathInjection`
`46`		`- FileCopyUtils.copyToString(new FileReader("fa"));`
`47`	`46`	`}`
`48`	`47`	`}`