Rename {source,sink}Model to {source,sink}ModelCandidate.

Author: Max Schaefer

java/ql/automodel/test/AutomodelApplicationModeExtraction/PluginImpl.java

@@ -2,7 +2,7 @@
 
 public class PluginImpl extends Plugin {
     @Override
-    public void configure(String name, String value) { // $ sourceModel=configure(String,String):Parameter[0] sourceModel=configure(String,String):Parameter[1]
+    public void configure(String name, String value) { // $ sourceModelCandidate=configure(String,String):Parameter[0] sourceModelCandidate=configure(String,String):Parameter[1]
         // ...
     }
 }

java/ql/automodel/test/AutomodelApplicationModeExtraction/Test.java

@@ -16,34 +16,34 @@
 class Test {
 	public static void main(String[] args) throws Exception {
 		AtomicReference<String> reference = new AtomicReference<>(); // uninteresting (parameterless constructor)
-		reference.set( // $ sinkModel=set(Object):Argument[this]
+		reference.set( // $ sinkModelCandidate=set(Object):Argument[this]
 			args[0] // $ negativeSinkExample=set(Object):Argument[0] // modeled as a flow step
 		);  // $ negativeSourceExample=set(Object):ReturnValue // return type is void
 	}
 
 	public static void callSupplier(Supplier<String> supplier) {
-		supplier.get(); // $ sourceModel=get():ReturnValue sinkModel=get():Argument[this]
+		supplier.get(); // $ sourceModelCandidate=get():ReturnValue sinkModelCandidate=get():Argument[this]
 	}
 
 	public static void copyFiles(Path source, Path target, CopyOption option) throws Exception {
 		Files.copy(
 			source, // $ positiveSinkExample=copy(Path,Path,CopyOption[]):Argument[0](path-injection)
 			target, // $ positiveSinkExample=copy(Path,Path,CopyOption[]):Argument[1](path-injection)
 			option // no candidate (not modeled, but source and target are modeled)
-		); // $ sourceModel=copy(Path,Path,CopyOption[]):ReturnValue
+		); // $ sourceModelCandidate=copy(Path,Path,CopyOption[]):ReturnValue
 	}
 
 	public static InputStream getInputStream(Path openPath) throws Exception {
 		return Files.newInputStream(
-			openPath // $ sinkModel=newInputStream(Path,OpenOption[]):Argument[0] positiveSinkExample=newInputStream(Path,OpenOption[]):Argument[0](path-injection) // sink candidate because "only" ai-modeled, and useful as a candidate in regression testing
-		); // $ sourceModel=newInputStream(Path,OpenOption[]):ReturnValue
+			openPath // $ sinkModelCandidate=newInputStream(Path,OpenOption[]):Argument[0] positiveSinkExample=newInputStream(Path,OpenOption[]):Argument[0](path-injection) // sink candidate because "only" ai-modeled, and useful as a candidate in regression testing
+		); // $ sourceModelCandidate=newInputStream(Path,OpenOption[]):ReturnValue
 	}
 
 	public static InputStream getInputStream(String openPath) throws Exception {
 		return Test.getInputStream( // the call is not a source candidate (argument to local call)
 			Paths.get(
 				openPath // $ negativeSinkExample=get(String,String[]):Argument[0] // modeled as a flow step
-			) // $ sourceModel=get(String,String[]):ReturnValue
+			) // $ sourceModelCandidate=get(String,String[]):ReturnValue
 		);
 	}
 
@@ -59,16 +59,16 @@ public static void FilesWalkExample(Path p, FileVisitOption o) throws Exception
 			o, // the implicit varargs array is a candidate, annotated on the last line of the call
 			o // not a candidate (only the first arg corresponding to a varargs array
 			  // is extracted)
-		); // $ sourceModel=walk(Path,FileVisitOption[]):ReturnValue sinkModel=walk(Path,FileVisitOption[]):Argument[1]
+		); // $ sourceModelCandidate=walk(Path,FileVisitOption[]):ReturnValue sinkModelCandidate=walk(Path,FileVisitOption[]):Argument[1]
 	}
 
 	public static void WebSocketExample(URLConnection c) throws Exception {
-		c.getInputStream(); // $ sinkModel=getInputStream():Argument[this] positiveSourceExample=getInputStream():ReturnValue(remote) // not a source candidate (manual modeling)
+		c.getInputStream(); // $ sinkModelCandidate=getInputStream():Argument[this] positiveSourceExample=getInputStream():ReturnValue(remote) // not a source candidate (manual modeling)
 	}
 }
 
 class OverrideTest extends Exception {
-	public void printStackTrace(PrintWriter writer) { // $ sourceModel=printStackTrace(PrintWriter):Parameter[0]
+	public void printStackTrace(PrintWriter writer) { // $ sourceModelCandidate=printStackTrace(PrintWriter):Parameter[0]
 		return;
 	}
 
@@ -89,15 +89,15 @@ public static void FilesListExample(Path p) throws Exception {
 		Files.list(
 			Files.createDirectories(
 				p // $ positiveSinkExample=createDirectories(Path,FileAttribute[]):Argument[0](path-injection)
-			) // $ sourceModel=createDirectories(Path,FileAttribute[]):ReturnValue negativeSinkExample=list(Path):Argument[0] // modeled as a flow step
-		); // $ sourceModel=list(Path):ReturnValue
+			) // $ sourceModelCandidate=createDirectories(Path,FileAttribute[]):ReturnValue negativeSinkExample=list(Path):Argument[0] // modeled as a flow step
+		); // $ sourceModelCandidate=list(Path):ReturnValue
 
 		Files.delete(
-			p // $ sinkModel=delete(Path):Argument[0] positiveSinkExample=delete(Path):Argument[0](path-injection)
+			p // $ sinkModelCandidate=delete(Path):Argument[0] positiveSinkExample=delete(Path):Argument[0](path-injection)
 		); // $ negativeSourceExample=delete(Path):ReturnValue // return type is void
 
 		Files.deleteIfExists(
-			p // $ sinkModel=deleteIfExists(Path):Argument[0] positiveSinkExample=deleteIfExists(Path):Argument[0](path-injection)
+			p // $ sinkModelCandidate=deleteIfExists(Path):Argument[0] positiveSinkExample=deleteIfExists(Path):Argument[0](path-injection)
 		); // $ negativeSourceExample=deleteIfExists(Path):ReturnValue // return type is boolean
 	}
 }

java/ql/automodel/test/AutomodelExtractionTests.qll

@@ -24,7 +24,7 @@ signature module TestHelperSig<CandidateSig Candidate> {
 module Extraction<CandidateSig Candidate, TestHelperSig<Candidate> TestHelper> implements TestSig {
   string getARelevantTag() {
     result in [
-        "sourceModel", "sinkModel", // a candidate source/sink
+        "sourceModelCandidate", "sinkModelCandidate", // a candidate source/sink
         "positiveSourceExample", "positiveSinkExample", // a known source/sink
         "negativeSourceExample", "negativeSinkExample" // a known non-source/non-sink
       ]
@@ -46,7 +46,7 @@ module Extraction<CandidateSig Candidate, TestHelperSig<Candidate> TestHelper> i
     string extensibleType, string tag, string suffix
   ) {
     TestHelper::isCandidate(endpoint, name, signature, input, output, extensibleType) and
-    tag = extensibleType and
+    tag = ifSource(extensibleType, "sourceModelCandidate", "sinkModelCandidate") and
     suffix = ""
     or
     TestHelper::isNegativeExample(endpoint, name, signature, input, output, extensibleType) and

java/ql/automodel/test/AutomodelFrameworkModeExtraction/com/github/codeql/test/PublicClass.java

@@ -1,27 +1,27 @@
 package com.github.codeql.test;
 
 public class PublicClass {
-  public void stuff(String arg) { // $ sinkModel=stuff(String):Argument[this] sourceModel=stuff(String):Parameter[this] sinkModel=stuff(String):Argument[0] sourceModel=stuff(String):Parameter[0] // source candidates because it is an overrideable method
+  public void stuff(String arg) { // $ sinkModelCandidate=stuff(String):Argument[this] sourceModelCandidate=stuff(String):Parameter[this] sinkModelCandidate=stuff(String):Argument[0] sourceModelCandidate=stuff(String):Parameter[0] // source candidates because it is an overrideable method
     System.out.println(arg);
   }
 
-  public static void staticStuff(String arg) { // $ sinkModel=staticStuff(String):Argument[0] // `arg` is not a source candidate (not overrideabe); `this` is not a candidate (static method)
+  public static void staticStuff(String arg) { // $ sinkModelCandidate=staticStuff(String):Argument[0] // `arg` is not a source candidate (not overrideabe); `this` is not a candidate (static method)
     System.out.println(arg);
   }
 
-  protected void nonPublicStuff(String arg) { // $ sinkModel=nonPublicStuff(String):Argument[this] sourceModel=nonPublicStuff(String):Parameter[this] sinkModel=nonPublicStuff(String):Argument[0] sourceModel=nonPublicStuff(String):Parameter[0]
+  protected void nonPublicStuff(String arg) { // $ sinkModelCandidate=nonPublicStuff(String):Argument[this] sourceModelCandidate=nonPublicStuff(String):Parameter[this] sinkModelCandidate=nonPublicStuff(String):Argument[0] sourceModelCandidate=nonPublicStuff(String):Parameter[0]
     System.out.println(arg);
   }
 
   void packagePrivateStuff(String arg) { // no candidates because the method is not public
     System.out.println(arg);
   }
 
-  public PublicClass(Object input) { // $ sourceModel=PublicClass(Object):ReturnValue sinkModel=PublicClass(Object):Argument[0] // `this` is not a candidate because it is a constructor
+  public PublicClass(Object input) { // $ sourceModelCandidate=PublicClass(Object):ReturnValue sinkModelCandidate=PublicClass(Object):Argument[0] // `this` is not a candidate because it is a constructor
   }
 
    // `input` and `input` are source candidates, but not sink candidates (is-style method)
-  public Boolean isIgnored(Object input) { // $ negativeSinkExample=isIgnored(Object):Argument[this] sourceModel=isIgnored(Object):Parameter[this] negativeSinkExample=isIgnored(Object):Argument[0] sourceModel=isIgnored(Object):Parameter[0]
+  public Boolean isIgnored(Object input) { // $ negativeSinkExample=isIgnored(Object):Argument[this] sourceModelCandidate=isIgnored(Object):Parameter[this] negativeSinkExample=isIgnored(Object):Argument[0] sourceModelCandidate=isIgnored(Object):Parameter[0]
     return false;
   }
 }

java/ql/automodel/test/AutomodelFrameworkModeExtraction/com/github/codeql/test/PublicInterface.java

@@ -1,9 +1,9 @@
 package com.github.codeql.test;
 
 public interface PublicInterface {
-    public int stuff(String arg); // $ sinkModel=stuff(String):Argument[this] sourceModel=stuff(String):Parameter[this] sinkModel=stuff(String):Argument[0] sourceModel=stuff(String):Parameter[0]  // result is _not_ a source candidate source (primitive return type)
+    public int stuff(String arg); // $ sinkModelCandidate=stuff(String):Argument[this] sourceModelCandidate=stuff(String):Parameter[this] sinkModelCandidate=stuff(String):Argument[0] sourceModelCandidate=stuff(String):Parameter[0]  // result is _not_ a source candidate source (primitive return type)
 
-    public static void staticStuff(String arg) { // $ sinkModel=staticStuff(String):Argument[0] // not a source candidate (static method)
+    public static void staticStuff(String arg) { // $ sinkModelCandidate=staticStuff(String):Argument[0] // not a source candidate (static method)
       System.out.println(arg);
     }
 }

java/ql/automodel/test/AutomodelFrameworkModeExtraction/java/io/File.java

@@ -7,7 +7,7 @@ public int compareTo( // $ negativeSinkExample=compareTo(File):Argument[this] ne
         return 0;
     }
 
-    public boolean setLastModified(long time) { // $ sinkModel=setLastModified(long):Argument[this] sourceModel=setLastModified(long):Parameter[this] // time is not a candidate (primitive type)
+    public boolean setLastModified(long time) { // $ sinkModelCandidate=setLastModified(long):Argument[this] sourceModelCandidate=setLastModified(long):Parameter[this] // time is not a candidate (primitive type)
         return false;
     } // return value is not a source candidate because it's a primitive
 }

java/ql/automodel/test/AutomodelFrameworkModeExtraction/java/nio/file/Files.java

@@ -11,7 +11,7 @@
 public class Files {
     public static void copy( // method result is not a candidate source (void)
         Path source, // $ positiveSinkExample=copy(Path,OutputStream):Argument[0](path-injection) // manual model exists
-        OutputStream out // $ sinkModel=copy(Path,OutputStream):Argument[1] 
+        OutputStream out // $ sinkModelCandidate=copy(Path,OutputStream):Argument[1]
         /* NB: may be worthwhile to implement the
            same behavior as in application mode where out would not be a
            candidate because there already is a model for another parameter of
@@ -22,9 +22,9 @@ public static void copy( // method result is not a candidate source (void)
         // ...
     }
 
-    public static InputStream newInputStream( // $ sourceModel=newInputStream(Path,OpenOption[]):ReturnValue
-        Path openPath, // $ positiveSinkExample=newInputStream(Path,OpenOption[]):Argument[0](path-injection) sinkModel=newInputStream(Path,OpenOption[]):Argument[0] // known sink, but still a candidate (ai-modeled, and useful as a candidate in regression testing)
-        OpenOption... options // $ sinkModel=newInputStream(Path,OpenOption[]):Argument[1]
+    public static InputStream newInputStream( // $ sourceModelCandidate=newInputStream(Path,OpenOption[]):ReturnValue
+        Path openPath, // $ positiveSinkExample=newInputStream(Path,OpenOption[]):Argument[0](path-injection) sinkModelCandidate=newInputStream(Path,OpenOption[]):Argument[0] // known sink, but still a candidate (ai-modeled, and useful as a candidate in regression testing)
+        OpenOption... options // $ sinkModelCandidate=newInputStream(Path,OpenOption[]):Argument[1]
     ) throws IOException {
         return  new FileInputStream(openPath.toFile());
     }