Skip to content

Commit 2d31bb8

Browse files
owen-mcowen-mc
committed
Remove toString taint propagation
We do not do this for other overrides of toString
1 parent 487a46a commit 2d31bb8

File tree

2 files changed

+0
-84
lines changed

2 files changed

+0
-84
lines changed

java/ql/src/semmle/code/java/frameworks/apache/Collections.qll

Lines changed: 0 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -68,7 +68,6 @@ private class ApacheCollectionsModel extends SummaryModelCsv {
6868
";FluentIterable;true;skip;;;Element of Argument[-1];Element of ReturnValue;value",
6969
";FluentIterable;true;toArray;;;Element of Argument[-1];ArrayElement of ReturnValue;value",
7070
";FluentIterable;true;toList;;;Element of Argument[-1];Element of ReturnValue;value",
71-
";FluentIterable;true;toString;;;Element of Argument[-1];ReturnValue;taint",
7271
";FluentIterable;true;unique;;;Element of Argument[-1];Element of ReturnValue;value",
7372
";FluentIterable;true;unmodifiable;;;Element of Argument[-1];Element of ReturnValue;value",
7473
";FluentIterable;true;zip;(Iterable);;Element of Argument[-1];Element of ReturnValue;value",
@@ -148,16 +147,12 @@ private class ApacheKeyValueModel extends SummaryModelCsv {
148147
".keyvalue;AbstractKeyValue;true;setKey;;;Argument[0];MapKey of Argument[-1];value",
149148
".keyvalue;AbstractKeyValue;true;setValue;;;MapValue of Argument[-1];ReturnValue;value",
150149
".keyvalue;AbstractKeyValue;true;setValue;;;Argument[0];MapValue of Argument[-1];value",
151-
".keyvalue;AbstractKeyValue;true;toString;;;MapKey of Argument[-1];ReturnValue;taint",
152-
".keyvalue;AbstractKeyValue;true;toString;;;MapValue of Argument[-1];ReturnValue;taint",
153150
".keyvalue;AbstractMapEntry;true;AbstractMapEntry;;;Argument[0];MapKey of Argument[-1];value",
154151
".keyvalue;AbstractMapEntry;true;AbstractMapEntry;;;Argument[1];MapValue of Argument[-1];value",
155152
".keyvalue;AbstractMapEntryDecorator;true;AbstractMapEntryDecorator;;;MapKey of Argument[0];MapKey of Argument[-1];value",
156153
".keyvalue;AbstractMapEntryDecorator;true;AbstractMapEntryDecorator;;;MapValue of Argument[0];MapValue of Argument[-1];value",
157154
".keyvalue;AbstractMapEntryDecorator;true;getMapEntry;;;MapKey of Argument[-1];MapKey of ReturnValue;value",
158155
".keyvalue;AbstractMapEntryDecorator;true;getMapEntry;;;MapValue of Argument[-1];MapValue of ReturnValue;value",
159-
".keyvalue;AbstractMapEntryDecorator;true;toString;;;MapKey of Argument[-1];ReturnValue;taint",
160-
".keyvalue;AbstractMapEntryDecorator;true;toString;;;MapValue of Argument[-1];ReturnValue;taint",
161156
".keyvalue;DefaultKeyValue;true;DefaultKeyValue;(Object,Object);;Argument[0];MapKey of Argument[-1];value",
162157
".keyvalue;DefaultKeyValue;true;DefaultKeyValue;(Object,Object);;Argument[1];MapValue of Argument[-1];value",
163158
".keyvalue;DefaultKeyValue;true;DefaultKeyValue;(KeyValue);;MapKey of Argument[0];MapKey of Argument[-1];value",
@@ -389,7 +384,6 @@ private class ApacheIteratorUtilsModel extends SummaryModelCsv {
389384
";IteratorUtils;true;toArray;;;Element of Argument[0];ArrayElement of ReturnValue;value",
390385
";IteratorUtils;true;toList;;;Element of Argument[0];Element of ReturnValue;value",
391386
";IteratorUtils;true;toListIterator;;;Element of Argument[0];Element of ReturnValue;value",
392-
";IteratorUtils;true;toString;;;Element of Argument[0];ReturnValue;taint",
393387
";IteratorUtils;true;toString;;;Argument[2];ReturnValue;taint",
394388
";IteratorUtils;true;toString;;;Argument[3];ReturnValue;taint",
395389
";IteratorUtils;true;toString;;;Argument[4];ReturnValue;taint",
@@ -441,7 +435,6 @@ private class ApacheIterableUtilsModel extends SummaryModelCsv {
441435
";IterableUtils;true;reversedIterable;;;Element of Argument[0];Element of ReturnValue;value",
442436
";IterableUtils;true;skippingIterable;;;Element of Argument[0];Element of ReturnValue;value",
443437
";IterableUtils;true;toList;;;Element of Argument[0];Element of ReturnValue;value",
444-
";IterableUtils;true;toString;;;Element of Argument[0];ReturnValue;taint",
445438
";IterableUtils;true;toString;;;Argument[2];ReturnValue;taint",
446439
";IterableUtils;true;toString;;;Argument[3];ReturnValue;taint",
447440
";IterableUtils;true;toString;;;Argument[4];ReturnValue;taint",

java/ql/test/library-tests/frameworks/apache-collections/Test.java

Lines changed: 0 additions & 77 deletions
Original file line numberDiff line numberDiff line change
@@ -315,20 +315,6 @@ public void test() {
315315
out = in.mySetValue((Object)null);
316316
sink(out); // $ hasValueFlow
317317
}
318-
{
319-
// "org.apache.commons.collections4.keyvalue;AbstractKeyValue;true;toString;;;MapKey of Argument[-1];ReturnValue;taint"
320-
String out = null;
321-
AbstractKeyValue in = newMAKVWithMapKey((String)source());
322-
out = in.toString();
323-
sink(out); // $ hasTaintFlow
324-
}
325-
{
326-
// "org.apache.commons.collections4.keyvalue;AbstractKeyValue;true;toString;;;MapValue of Argument[-1];ReturnValue;taint"
327-
String out = null;
328-
AbstractKeyValue in = newMAKVWithMapValue((String)source());
329-
out = in.toString();
330-
sink(out); // $ hasTaintFlow
331-
}
332318
{
333319
// "org.apache.commons.collections4.keyvalue;AbstractMapEntry;true;AbstractMapEntry;;;Argument[0];MapKey of Argument[-1];value"
334320
AbstractMapEntry out = null;
@@ -371,20 +357,6 @@ public void test() {
371357
out = in.myGetMapEntry();
372358
sink(getMapValueFromEntry(out)); // $ hasValueFlow
373359
}
374-
{
375-
// "org.apache.commons.collections4.keyvalue;AbstractMapEntryDecorator;true;toString;;;MapKey of Argument[-1];ReturnValue;taint"
376-
String out = null;
377-
AbstractMapEntryDecorator in = newMAMEDWithMapKey((String)source());
378-
out = in.toString();
379-
sink(out); // $ hasTaintFlow
380-
}
381-
{
382-
// "org.apache.commons.collections4.keyvalue;AbstractMapEntryDecorator;true;toString;;;MapValue of Argument[-1];ReturnValue;taint"
383-
String out = null;
384-
AbstractMapEntryDecorator in = newMAMEDWithMapValue((String)source());
385-
out = in.toString();
386-
sink(out); // $ hasTaintFlow
387-
}
388360
{
389361
// "org.apache.commons.collections4.keyvalue;DefaultKeyValue;true;DefaultKeyValue;(Entry);;MapKey of Argument[0];MapKey of Argument[-1];value"
390362
DefaultKeyValue out = null;
@@ -1763,13 +1735,6 @@ public void test() {
17631735
out = in.toList();
17641736
sink(getElement(out)); // $ hasValueFlow
17651737
}
1766-
{
1767-
// "org.apache.commons.collections4;FluentIterable;true;toString;;;Element of Argument[-1];ReturnValue;taint"
1768-
String out = null;
1769-
FluentIterable in = newFluentIterableWithElement((String)source());
1770-
out = in.toString();
1771-
sink(out); // $ hasTaintFlow
1772-
}
17731738
{
17741739
// "org.apache.commons.collections4;FluentIterable;true;unique;;;Element of Argument[-1];Element of ReturnValue;value"
17751740
FluentIterable out = null;
@@ -2178,27 +2143,6 @@ public void test() {
21782143
out = IterableUtils.toList(in);
21792144
sink(getElement(out)); // $ hasValueFlow
21802145
}
2181-
{
2182-
// "org.apache.commons.collections4;IterableUtils;true;toString;;;Element of Argument[0];ReturnValue;taint"
2183-
String out = null;
2184-
Iterable in = newVectorWithElement((String)source());
2185-
out = IterableUtils.toString(in, null, null, null, null);
2186-
sink(out); // $ hasTaintFlow
2187-
}
2188-
{
2189-
// "org.apache.commons.collections4;IterableUtils;true;toString;;;Element of Argument[0];ReturnValue;taint"
2190-
String out = null;
2191-
Iterable in = newVectorWithElement((String)source());
2192-
out = IterableUtils.toString(in, null);
2193-
sink(out); // $ hasTaintFlow
2194-
}
2195-
{
2196-
// "org.apache.commons.collections4;IterableUtils;true;toString;;;Element of Argument[0];ReturnValue;taint"
2197-
String out = null;
2198-
Iterable in = newVectorWithElement((String)source());
2199-
out = IterableUtils.toString(in);
2200-
sink(out); // $ hasTaintFlow
2201-
}
22022146
{
22032147
// "org.apache.commons.collections4;IterableUtils;true;toString;;;Argument[2];ReturnValue;taint"
22042148
String out = null;
@@ -2598,27 +2542,6 @@ public void test() {
25982542
out = IteratorUtils.toListIterator(in);
25992543
sink(getElement(out)); // $ hasValueFlow
26002544
}
2601-
{
2602-
// "org.apache.commons.collections4;IteratorUtils;true;toString;;;Element of Argument[0];ReturnValue;taint"
2603-
String out = null;
2604-
Iterator in = newListIteratorWithElement((String)source());
2605-
out = IteratorUtils.toString(in, null, null, null, null);
2606-
sink(out); // $ hasTaintFlow
2607-
}
2608-
{
2609-
// "org.apache.commons.collections4;IteratorUtils;true;toString;;;Element of Argument[0];ReturnValue;taint"
2610-
String out = null;
2611-
Iterator in = newListIteratorWithElement((String)source());
2612-
out = IteratorUtils.toString(in, null);
2613-
sink(out); // $ hasTaintFlow
2614-
}
2615-
{
2616-
// "org.apache.commons.collections4;IteratorUtils;true;toString;;;Element of Argument[0];ReturnValue;taint"
2617-
String out = null;
2618-
Iterator in = newListIteratorWithElement((String)source());
2619-
out = IteratorUtils.toString(in);
2620-
sink(out); // $ hasTaintFlow
2621-
}
26222545
{
26232546
// "org.apache.commons.collections4;IteratorUtils;true;toString;;;Argument[2];ReturnValue;taint"
26242547
String out = null;

0 commit comments

Comments
 (0)