Recognize the model generator involvement in the models' provenances

atorralba · atorralba · commit eecab9122a75 · 2024-03-14T08:56:23.000+01:00
diff --git a/java/ql/lib/ext/java.beans.model.yml b/java/ql/lib/ext/java.beans.model.yml
@@ -9,7 +9,7 @@ extensions:
       extensible: neutralModel
     data:
       # summary neutrals
-      - ["java.beans", "PropertyEditor", "getAsText", "()", "summary", "manual"] # needs to be modeled by regular CodeQL matching the get and set keys to reduce FPs
-      - ["java.beans", "PropertyEditor", "getValue", "()", "summary", "manual"] # needs to be modeled by regular CodeQL matching the get and set keys to reduce FPs
-      - ["java.beans", "PropertyEditor", "setAsText", "()", "summary", "manual"] # needs to be modeled by regular CodeQL matching the get and set keys to reduce FPs
-      - ["java.beans", "PropertyEditor", "setValue", "()", "summary", "manual"] # needs to be modeled by regular CodeQL matching the get and set keys to reduce FPs
+      - ["java.beans", "PropertyEditor", "getAsText", "()", "summary", "df-manual"] # needs to be modeled by regular CodeQL matching the get and set keys to reduce FPs
+      - ["java.beans", "PropertyEditor", "getValue", "()", "summary", "df-manual"] # needs to be modeled by regular CodeQL matching the get and set keys to reduce FPs
+      - ["java.beans", "PropertyEditor", "setAsText", "()", "summary", "df-manual"] # needs to be modeled by regular CodeQL matching the get and set keys to reduce FPs
+      - ["java.beans", "PropertyEditor", "setValue", "()", "summary", "df-manual"] # needs to be modeled by regular CodeQL matching the get and set keys to reduce FPs
diff --git a/java/ql/lib/ext/java.io.model.yml b/java/ql/lib/ext/java.io.model.yml
@@ -80,7 +80,6 @@ extensions:
       - ["java.io", "File", True, "getName", "()", "", "Argument[this]", "ReturnValue", "taint", "manual"]
       - ["java.io", "File", True, "getParentFile", "()", "", "Argument[this]", "ReturnValue", "taint", "manual"]
       - ["java.io", "File", True, "getPath", "()", "", "Argument[this]", "ReturnValue", "taint", "manual"]
-      - ["java.io", "File", True, "listFiles", "()", "", "Argument[this]", "ReturnValue", "taint", "manual"]
       - ["java.io", "File", True, "toPath", "", "", "Argument[this]", "ReturnValue", "taint", "manual"]
       - ["java.io", "File", True, "toString", "", "", "Argument[this]", "ReturnValue", "taint", "manual"]
       - ["java.io", "File", True, "toURI", "", "", "Argument[this]", "ReturnValue", "taint", "manual"]
@@ -116,12 +115,12 @@ extensions:
       - ["java.io", "File", "isFile", "()", "summary", "manual"]
       - ["java.io", "File", "length", "()", "summary", "manual"]
       - ["java.io", "File", "isDirectory", "()", "summary", "manual"]
-      - ["java.io", "File", "listFiles", "", "summary", "manual"]
+      - ["java.io", "File", "listFiles", "", "summary", "df-manual"]
       - ["java.io", "File", "mkdirs", "()", "summary", "manual"]
       - ["java.io", "FileInputStream", "FileInputStream", "(File)", "summary", "manual"]
-      - ["java.io", "FileInputStream", "FileInputStream", "(String)", "summary", "manual"]
+      - ["java.io", "FileInputStream", "FileInputStream", "(String)", "summary", "df-manual"]
       - ["java.io", "InputStream", "close", "()", "summary", "manual"]
-      - ["java.io", "ObjectInput", "readObject", "()", "summary", "manual"]
+      - ["java.io", "ObjectInput", "readObject", "()", "summary", "df-manual"] # this is a deserialization sink modeled in regular CodeQL
       - ["java.io", "OutputStream", "flush", "()", "summary", "manual"]
       # The below APIs have numeric flow and are currently being stored as neutral models.
       # These may be changed to summary models with kinds "value-numeric" and "taint-numeric" (or similar) in the future.
diff --git a/java/ql/lib/ext/java.net.model.yml b/java/ql/lib/ext/java.net.model.yml
@@ -66,5 +66,5 @@ extensions:
       extensible: neutralModel
     data:
       # summary neutrals
-      - ["java.net", "Socket", "getOutputStream", "()", "summary", "manual"]
-      - ["java.net", "Socket", "connect", "(SocketAddress,int)", "summary", "manual"]
+      - ["java.net", "Socket", "getOutputStream", "()", "summary", "df-manual"]
+      - ["java.net", "Socket", "connect", "(SocketAddress,int)", "summary", "df-manual"]
diff --git a/java/ql/lib/ext/java.nio.file.model.yml b/java/ql/lib/ext/java.nio.file.model.yml
@@ -91,7 +91,7 @@ extensions:
     data:
       # summary neutrals
       - ["java.nio.file", "Files", "exists", "(Path,LinkOption[])", "summary", "manual"]
-      - ["java.nio.file", "Files", "newInputStream", "(Path,LinkOption[])", "summary", "manual"]
+      - ["java.nio.file", "Files", "newInputStream", "(Path,LinkOption[])", "summary", "df-manual"]
       # sink neutrals
       - ["java.nio.file", "Files", "getLastModifiedTime", "", "sink", "hq-manual"]
       - ["java.nio.file", "Files", "getOwner", "", "sink", "hq-manual"]
diff --git a/java/ql/lib/ext/java.util.logging.yml b/java/ql/lib/ext/java.util.logging.yml
@@ -4,5 +4,5 @@ extensions:
       extensible: neutralModel
     data:
       # summary neutrals
-      - ["java.util.logging", "LogRecord", "getResourceBundle", "()", "summary", "manual"]
-      - ["java.util.logging", "LogRecord", "setParameters", "", "summary", "manual"]
+      - ["java.util.logging", "LogRecord", "getResourceBundle", "()", "summary", "df-manual"]
+      - ["java.util.logging", "LogRecord", "setParameters", "", "summary", "df-manual"]
diff --git a/java/ql/lib/ext/java.util.model.yml b/java/ql/lib/ext/java.util.model.yml
@@ -107,8 +107,8 @@ extensions:
       - ["java.util", "Collections", False, "unmodifiableSortedMap", "(SortedMap)", "", "Argument[0].MapKey", "ReturnValue.MapKey", "value", "manual"]
       - ["java.util", "Collections", False, "unmodifiableSortedMap", "(SortedMap)", "", "Argument[0].MapValue", "ReturnValue.MapValue", "value", "manual"]
       - ["java.util", "Collections", False, "unmodifiableSortedSet", "(SortedSet)", "", "Argument[0].Element", "ReturnValue.Element", "value", "manual"]
-      - ["java.util", "ConcurrentHashMap", False, "ConcurrentHashMap", "(Map)", "", "Argument[0].MapKey", "Argument[this].MapKey", "value", "manual"]
-      - ["java.util", "ConcurrentHashMap", False, "ConcurrentHashMap", "(Map)", "", "Argument[0].MapValue", "Argument[this].MapValue", "value", "manual"]
+      - ["java.util", "ConcurrentHashMap", False, "ConcurrentHashMap", "(Map)", "", "Argument[0].MapKey", "Argument[this].MapKey", "value", "df-manual"]
+      - ["java.util", "ConcurrentHashMap", False, "ConcurrentHashMap", "(Map)", "", "Argument[0].MapValue", "Argument[this].MapValue", "value", "df-manual"]
       - ["java.util", "Deque", True, "addFirst", "(Object)", "", "Argument[0]", "Argument[this].Element", "value", "manual"]
       - ["java.util", "Deque", True, "addLast", "(Object)", "", "Argument[0]", "Argument[this].Element", "value", "manual"]
       - ["java.util", "Deque", True, "descendingIterator", "()", "", "Argument[this].Element", "ReturnValue.Element", "value", "manual"]
@@ -430,14 +430,14 @@ extensions:
       - ["java.util", "Collections", "emptySet", "()", "summary", "manual"]
       - ["java.util", "Collections", "sort", "", "summary", "manual"]
       - ["java.util", "Enumeration", "hasMoreElements", "()", "summary", "manual"]
-      - ["java.util", "EnumSet", "allOf", "(Class)", "summary", "manual"]
-      - ["java.util", "EnumSet", "clone", "()", "summary", "manual"]
-      - ["java.util", "EnumSet", "complementOf", "(EnumSet)", "summary", "manual"]
-      - ["java.util", "EnumSet", "copyOf", "(Collection)", "summary", "manual"]
-      - ["java.util", "EnumSet", "copyOf", "(EnumSet)", "summary", "manual"]
-      - ["java.util", "EnumSet", "noneOf", "(Class)", "summary", "manual"]
-      - ["java.util", "EnumSet", "of", "", "summary", "manual"]
-      - ["java.util", "EnumSet", "range", "(Object,Object)", "summary", "manual"]
+      - ["java.util", "EnumSet", "allOf", "(Class)", "summary", "df-manual"]
+      - ["java.util", "EnumSet", "clone", "()", "summary", "df-manual"]
+      - ["java.util", "EnumSet", "complementOf", "(EnumSet)", "summary", "df-manual"]
+      - ["java.util", "EnumSet", "copyOf", "(Collection)", "summary", "df-manual"]
+      - ["java.util", "EnumSet", "copyOf", "(EnumSet)", "summary", "df-manual"]
+      - ["java.util", "EnumSet", "noneOf", "(Class)", "summary", "df-manual"]
+      - ["java.util", "EnumSet", "of", "", "summary", "df-manual"]
+      - ["java.util", "EnumSet", "range", "(Object,Object)", "summary", "df-manual"]
       - ["java.util", "HashMap", "containsKey", "(Object)", "summary", "manual"]
       - ["java.util", "HashMap", "HashMap", "(int)", "summary", "manual"]
       - ["java.util", "HashMap", "size", "()", "summary", "manual"]
@@ -464,7 +464,7 @@ extensions:
       - ["java.util", "Optional", "isEmpty", "()", "summary", "manual"]
       - ["java.util", "Optional", "isPresent", "()", "summary", "manual"]
       - ["java.util", "Random", "nextInt", "(int)", "summary", "manual"]
-      - ["java.util", "ResourceBundle", "getBundle", "", "summary", "manual"]
+      - ["java.util", "ResourceBundle", "getBundle", "", "summary", "df-manual"]
       - ["java.util", "Set", "contains", "(Object)", "summary", "manual"]
       - ["java.util", "Set", "isEmpty", "()", "summary", "manual"]
       - ["java.util", "Set", "size", "()", "summary", "manual"]
diff --git a/java/ql/lib/ext/java.util.prefs.model.yml b/java/ql/lib/ext/java.util.prefs.model.yml
@@ -4,20 +4,20 @@ extensions:
       extensible: neutralModel
     data:
       # summary neutrals
-      - ["java.util.prefs", "Preferences", "get", "(String,String)", "summary", "manual"] # needs to be modeled by regular CodeQL matching the get and set keys to reduce FPs
-      - ["java.util.prefs", "Preferences", "getBoolean", "(String,boolean)", "summary", "manual"] # needs to be modeled by regular CodeQL matching the get and set keys to reduce FPs
-      - ["java.util.prefs", "Preferences", "getByteArray", "(String,byte[])", "summary", "manual"] # needs to be modeled by regular CodeQL matching the get and set keys to reduce FPs
-      - ["java.util.prefs", "Preferences", "getDouble", "(String,double)", "summary", "manual"] # needs to be modeled by regular CodeQL matching the get and set keys to reduce FPs
-      - ["java.util.prefs", "Preferences", "getFloat", "(String,float)", "summary", "manual"] # needs to be modeled by regular CodeQL matching the get and set keys to reduce FPs
-      - ["java.util.prefs", "Preferences", "getInt", "(String,int)", "summary", "manual"] # needs to be modeled by regular CodeQL matching the get and set keys to reduce FPs
-      - ["java.util.prefs", "Preferences", "getLong", "(String,int)", "summary", "manual"] # needs to be modeled by regular CodeQL matching the get and set keys to reduce FPs
-      - ["java.util.prefs", "Preferences", "put", "(String,String)", "summary", "manual"] # needs to be modeled by regular CodeQL matching the get and set keys to reduce FPs
-      - ["java.util.prefs", "Preferences", "putBoolean", "(String,boolean)", "summary", "manual"] # needs to be modeled by regular CodeQL matching the get and set keys to reduce FPs
-      - ["java.util.prefs", "Preferences", "putByteArray", "(String,byte[])", "summary", "manual"] # needs to be modeled by regular CodeQL matching the get and set keys to reduce FPs
-      - ["java.util.prefs", "Preferences", "putDouble", "(String,double)", "summary", "manual"] # needs to be modeled by regular CodeQL matching the get and set keys to reduce FPs
-      - ["java.util.prefs", "Preferences", "putFloat", "(String,float)", "summary", "manual"] # needs to be modeled by regular CodeQL matching the get and set keys to reduce FPs
-      - ["java.util.prefs", "Preferences", "putInt", "(String,int)", "summary", "manual"] # needs to be modeled by regular CodeQL matching the get and set keys to reduce FPs
-      - ["java.util.prefs", "Preferences", "putLong", "(String,int)", "summary", "manual"] # needs to be modeled by regular CodeQL matching the get and set keys to reduce FPs
+      - ["java.util.prefs", "Preferences", "get", "(String,String)", "summary", "df-manual"] # needs to be modeled by regular CodeQL matching the get and set keys to reduce FPs
+      - ["java.util.prefs", "Preferences", "getBoolean", "(String,boolean)", "summary", "df-manual"] # needs to be modeled by regular CodeQL matching the get and set keys to reduce FPs
+      - ["java.util.prefs", "Preferences", "getByteArray", "(String,byte[])", "summary", "df-manual"] # needs to be modeled by regular CodeQL matching the get and set keys to reduce FPs
+      - ["java.util.prefs", "Preferences", "getDouble", "(String,double)", "summary", "df-manual"] # needs to be modeled by regular CodeQL matching the get and set keys to reduce FPs
+      - ["java.util.prefs", "Preferences", "getFloat", "(String,float)", "summary", "df-manual"] # needs to be modeled by regular CodeQL matching the get and set keys to reduce FPs
+      - ["java.util.prefs", "Preferences", "getInt", "(String,int)", "summary", "df-manual"] # needs to be modeled by regular CodeQL matching the get and set keys to reduce FPs
+      - ["java.util.prefs", "Preferences", "getLong", "(String,int)", "summary", "df-manual"] # needs to be modeled by regular CodeQL matching the get and set keys to reduce FPs
+      - ["java.util.prefs", "Preferences", "put", "(String,String)", "summary", "df-manual"] # needs to be modeled by regular CodeQL matching the get and set keys to reduce FPs
+      - ["java.util.prefs", "Preferences", "putBoolean", "(String,boolean)", "summary", "df-manual"] # needs to be modeled by regular CodeQL matching the get and set keys to reduce FPs
+      - ["java.util.prefs", "Preferences", "putByteArray", "(String,byte[])", "summary", "df-manual"] # needs to be modeled by regular CodeQL matching the get and set keys to reduce FPs
+      - ["java.util.prefs", "Preferences", "putDouble", "(String,double)", "summary", "df-manual"] # needs to be modeled by regular CodeQL matching the get and set keys to reduce FPs
+      - ["java.util.prefs", "Preferences", "putFloat", "(String,float)", "summary", "df-manual"] # needs to be modeled by regular CodeQL matching the get and set keys to reduce FPs
+      - ["java.util.prefs", "Preferences", "putInt", "(String,int)", "summary", "df-manual"] # needs to be modeled by regular CodeQL matching the get and set keys to reduce FPs
+      - ["java.util.prefs", "Preferences", "putLong", "(String,int)", "summary", "df-manual"] # needs to be modeled by regular CodeQL matching the get and set keys to reduce FPs
       # sink neutrals
       - ["java.util.prefs", "AbstractPreferences", "nodeExists", "", "sink", "hq-manual"]
       - ["java.util.prefs", "Preferences", "nodeExists", "", "sink", "hq-manual"]
diff --git a/java/ql/lib/ext/java.util.regex.model.yml b/java/ql/lib/ext/java.util.regex.model.yml
@@ -30,9 +30,9 @@ extensions:
       pack: codeql/java-all
       extensible: neutralModel
     data:
-      - ["java.util.regex", "Matcher", "appendReplacement", "(StringBuffer,String)", "summary", "manual"]
-      - ["java.util.regex", "Matcher", "appendTail", "(StringBuffer)", "summary", "manual"]
+      - ["java.util.regex", "Matcher", "appendReplacement", "(StringBuffer,String)", "summary", "df-manual"]
+      - ["java.util.regex", "Matcher", "appendTail", "(StringBuffer)", "summary", "df-manual"]
       - ["java.util.regex", "Matcher", "find", "()", "summary", "manual"]
-      - ["java.util.regex", "Matcher", "pattern", "()", "summary", "manual"]
-      - ["java.util.regex", "Pattern", "compile", "(String,int)", "summary", "manual"]
-      - ["java.util.regex", "Pattern", "pattern", "()", "summary", "manual"]
+      - ["java.util.regex", "Matcher", "pattern", "()", "summary", "df-manual"]
+      - ["java.util.regex", "Pattern", "compile", "(String,int)", "summary", "df-manual"]
+      - ["java.util.regex", "Pattern", "pattern", "()", "summary", "df-manual"]
diff --git a/java/ql/lib/ext/javax.crypto.model.yml b/java/ql/lib/ext/javax.crypto.model.yml
@@ -24,5 +24,5 @@ extensions:
       - ["javax.crypto", "Cipher", "update", "", "summary", "manual"]
       - ["javax.crypto", "Cipher", "updateAAD", "", "summary", "manual"]
       - ["javax.crypto", "Cipher", "wrap", "", "summary", "manual"]
-      - ["javax.crypto", "Mac", "init", "(Key)", "summary", "manual"]
-      - ["javax.crypto", "Mac", "doFinal", "()", "summary", "manual"]
+      - ["javax.crypto", "Mac", "init", "(Key)", "summary", "df-manual"]
+      - ["javax.crypto", "Mac", "doFinal", "()", "summary", "df-manual"]
diff --git a/java/ql/lib/ext/javax.crypto.spec.model.yml b/java/ql/lib/ext/javax.crypto.spec.model.yml
@@ -30,4 +30,4 @@ extensions:
       pack: codeql/java-all
       extensible: neutralModel
     data:
-      - ["javax.crypto.spec", "SecretKeySpec", "SecretKeySpec", "(byte[],String)", "summary", "manual"]
+      - ["javax.crypto.spec", "SecretKeySpec", "SecretKeySpec", "(byte[],String)", "summary", "df-manual"]
