Add tests for JacksonSerializability

Upgraded jackson stubs to 2.12

Author: atorralba

java/ql/test/experimental/query-tests/security/CWE-352/options

@@ -1 +1 @@
-  //semmle-extractor-options: --javac-args -cp ${testdir}/../../../../stubs/apache-http-4.4.13/:${testdir}/../../../../stubs/servlet-api-2.4:${testdir}/../../../../stubs/fastjson-1.2.74/:${testdir}/../../../../stubs/gson-2.8.6/:${testdir}/../../../../stubs/jackson-databind-2.10/:${testdir}/../../../../stubs/springframework-5.3.8/
+  //semmle-extractor-options: --javac-args -cp ${testdir}/../../../../stubs/apache-http-4.4.13/:${testdir}/../../../../stubs/servlet-api-2.4:${testdir}/../../../../stubs/fastjson-1.2.74/:${testdir}/../../../../stubs/gson-2.8.6/:${testdir}/../../../../stubs/jackson-databind-2.12/:${testdir}/../../../../stubs/springframework-5.3.8/

java/ql/test/library-tests/dataflow/taint-jackson/options

@@ -1 +1 @@
-//semmle-extractor-options: --javac-args -cp ${testdir}/../../../stubs/jackson-databind-2.10
+//semmle-extractor-options: --javac-args -cp ${testdir}/../../../stubs/jackson-databind-2.12

java/ql/test/library-tests/dataflow/taintsources/options

@@ -1 +1 @@
-//semmle-extractor-options: --javac-args -cp ${testdir}/../../../stubs/servlet-api-2.4:${testdir}/../../../stubs/springframework-5.3.8:${testdir}/../../../stubs/google-android-9.0.0:${testdir}/../../../stubs/playframework-2.6.x:${testdir}/../../../stubs/jackson-databind-2.10:${testdir}/../../../stubs/akka-2.6.x
+//semmle-extractor-options: --javac-args -cp ${testdir}/../../../stubs/servlet-api-2.4:${testdir}/../../../stubs/springframework-5.3.8:${testdir}/../../../stubs/google-android-9.0.0:${testdir}/../../../stubs/playframework-2.6.x:${testdir}/../../../stubs/jackson-databind-2.12:${testdir}/../../../stubs/akka-2.6.x

java/ql/test/library-tests/frameworks/jackson/Test.java

@@ -0,0 +1,316 @@
+package generatedtest;
+
+import com.fasterxml.jackson.core.JsonFactory;
+import com.fasterxml.jackson.core.JsonParser;
+import com.fasterxml.jackson.core.type.TypeReference;
+import com.fasterxml.jackson.databind.JavaType;
+import com.fasterxml.jackson.databind.JsonNode;
+import com.fasterxml.jackson.databind.ObjectMapper;
+import com.fasterxml.jackson.databind.ObjectReader;
+import java.io.DataInput;
+import java.io.File;
+import java.io.InputStream;
+import java.io.Reader;
+import java.net.URL;
+import java.util.Map;
+
+// Test case generated by GenerateFlowTestCase.ql
+public class Test {
+
+	Object newWithMapValue(Object element) {
+		return Map.of(null, element);
+	}
+
+	Object source() {
+		return null;
+	}
+
+	void sink(Object o) {}
+
+	public void test() throws Exception {
+
+		{
+			// "com.fasterxml.jackson.core;JsonFactory;false;createParser;;;Argument[0];ReturnValue;taint"
+			JsonParser out = null;
+			char[] in = (char[]) source();
+			JsonFactory instance = null;
+			out = instance.createParser(in, 0, 0);
+			sink(out); // $ hasTaintFlow
+		}
+		{
+			// "com.fasterxml.jackson.core;JsonFactory;false;createParser;;;Argument[0];ReturnValue;taint"
+			JsonParser out = null;
+			char[] in = (char[]) source();
+			JsonFactory instance = null;
+			out = instance.createParser(in);
+			sink(out); // $ hasTaintFlow
+		}
+		{
+			// "com.fasterxml.jackson.core;JsonFactory;false;createParser;;;Argument[0];ReturnValue;taint"
+			JsonParser out = null;
+			byte[] in = (byte[]) source();
+			JsonFactory instance = null;
+			out = instance.createParser(in, 0, 0);
+			sink(out); // $ hasTaintFlow
+		}
+		{
+			// "com.fasterxml.jackson.core;JsonFactory;false;createParser;;;Argument[0];ReturnValue;taint"
+			JsonParser out = null;
+			byte[] in = (byte[]) source();
+			JsonFactory instance = null;
+			out = instance.createParser(in);
+			sink(out); // $ hasTaintFlow
+		}
+		{
+			// "com.fasterxml.jackson.core;JsonFactory;false;createParser;;;Argument[0];ReturnValue;taint"
+			JsonParser out = null;
+			URL in = (URL) source();
+			JsonFactory instance = null;
+			out = instance.createParser(in);
+			sink(out); // $ hasTaintFlow
+		}
+		{
+			// "com.fasterxml.jackson.core;JsonFactory;false;createParser;;;Argument[0];ReturnValue;taint"
+			JsonParser out = null;
+			String in = (String) source();
+			JsonFactory instance = null;
+			out = instance.createParser(in);
+			sink(out); // $ hasTaintFlow
+		}
+		{
+			// "com.fasterxml.jackson.core;JsonFactory;false;createParser;;;Argument[0];ReturnValue;taint"
+			JsonParser out = null;
+			Reader in = (Reader) source();
+			JsonFactory instance = null;
+			out = instance.createParser(in);
+			sink(out); // $ hasTaintFlow
+		}
+		{
+			// "com.fasterxml.jackson.core;JsonFactory;false;createParser;;;Argument[0];ReturnValue;taint"
+			JsonParser out = null;
+			InputStream in = (InputStream) source();
+			JsonFactory instance = null;
+			out = instance.createParser(in);
+			sink(out); // $ hasTaintFlow
+		}
+		{
+			// "com.fasterxml.jackson.core;JsonFactory;false;createParser;;;Argument[0];ReturnValue;taint"
+			JsonParser out = null;
+			File in = (File) source();
+			JsonFactory instance = null;
+			out = instance.createParser(in);
+			sink(out); // $ hasTaintFlow
+		}
+		{
+			// "com.fasterxml.jackson.core;JsonFactory;false;createParser;;;Argument[0];ReturnValue;taint"
+			JsonParser out = null;
+			DataInput in = (DataInput) source();
+			JsonFactory instance = null;
+			out = instance.createParser(in);
+			sink(out); // $ hasTaintFlow
+		}
+		{
+			// "com.fasterxml.jackson.databind;ObjectMapper;false;createParser;;;Argument[0];ReturnValue;taint"
+			JsonParser out = null;
+			char[] in = (char[]) source();
+			ObjectMapper instance = null;
+			out = instance.createParser(in, 0, 0);
+			sink(out); // $ hasTaintFlow
+		}
+		{
+			// "com.fasterxml.jackson.databind;ObjectMapper;false;createParser;;;Argument[0];ReturnValue;taint"
+			JsonParser out = null;
+			char[] in = (char[]) source();
+			ObjectMapper instance = null;
+			out = instance.createParser(in);
+			sink(out); // $ hasTaintFlow
+		}
+		{
+			// "com.fasterxml.jackson.databind;ObjectMapper;false;createParser;;;Argument[0];ReturnValue;taint"
+			JsonParser out = null;
+			byte[] in = (byte[]) source();
+			ObjectMapper instance = null;
+			out = instance.createParser(in, 0, 0);
+			sink(out); // $ hasTaintFlow
+		}
+		{
+			// "com.fasterxml.jackson.databind;ObjectMapper;false;createParser;;;Argument[0];ReturnValue;taint"
+			JsonParser out = null;
+			byte[] in = (byte[]) source();
+			ObjectMapper instance = null;
+			out = instance.createParser(in);
+			sink(out); // $ hasTaintFlow
+		}
+		{
+			// "com.fasterxml.jackson.databind;ObjectMapper;false;createParser;;;Argument[0];ReturnValue;taint"
+			JsonParser out = null;
+			URL in = (URL) source();
+			ObjectMapper instance = null;
+			out = instance.createParser(in);
+			sink(out); // $ hasTaintFlow
+		}
+		{
+			// "com.fasterxml.jackson.databind;ObjectMapper;false;createParser;;;Argument[0];ReturnValue;taint"
+			JsonParser out = null;
+			String in = (String) source();
+			ObjectMapper instance = null;
+			out = instance.createParser(in);
+			sink(out); // $ hasTaintFlow
+		}
+		{
+			// "com.fasterxml.jackson.databind;ObjectMapper;false;createParser;;;Argument[0];ReturnValue;taint"
+			JsonParser out = null;
+			Reader in = (Reader) source();
+			ObjectMapper instance = null;
+			out = instance.createParser(in);
+			sink(out); // $ hasTaintFlow
+		}
+		{
+			// "com.fasterxml.jackson.databind;ObjectMapper;false;createParser;;;Argument[0];ReturnValue;taint"
+			JsonParser out = null;
+			InputStream in = (InputStream) source();
+			ObjectMapper instance = null;
+			out = instance.createParser(in);
+			sink(out); // $ hasTaintFlow
+		}
+		{
+			// "com.fasterxml.jackson.databind;ObjectMapper;false;createParser;;;Argument[0];ReturnValue;taint"
+			JsonParser out = null;
+			File in = (File) source();
+			ObjectMapper instance = null;
+			out = instance.createParser(in);
+			sink(out); // $ hasTaintFlow
+		}
+		{
+			// "com.fasterxml.jackson.databind;ObjectMapper;false;createParser;;;Argument[0];ReturnValue;taint"
+			JsonParser out = null;
+			DataInput in = (DataInput) source();
+			ObjectMapper instance = null;
+			out = instance.createParser(in);
+			sink(out); // $ hasTaintFlow
+		}
+		{
+			// "com.fasterxml.jackson.databind;ObjectMapper;true;convertValue;;;Argument[0];ReturnValue;taint"
+			Object out = null;
+			Object in = (Object) source();
+			ObjectMapper instance = null;
+			out = instance.convertValue(in, (TypeReference) null);
+			sink(out); // $ hasTaintFlow
+		}
+		{
+			// "com.fasterxml.jackson.databind;ObjectMapper;true;convertValue;;;Argument[0];ReturnValue;taint"
+			Object out = null;
+			Object in = (Object) source();
+			ObjectMapper instance = null;
+			out = instance.convertValue(in, (JavaType) null);
+			sink(out); // $ hasTaintFlow
+		}
+		{
+			// "com.fasterxml.jackson.databind;ObjectMapper;true;convertValue;;;Argument[0];ReturnValue;taint"
+			Object out = null;
+			Object in = (Object) source();
+			ObjectMapper instance = null;
+			out = instance.convertValue(in, (Class) null);
+			sink(out); // $ hasTaintFlow
+		}
+		{
+			// "com.fasterxml.jackson.databind;ObjectMapper;true;valueToTree;;;Argument[0];ReturnValue;taint"
+			JsonNode out = null;
+			Object in = (Object) source();
+			ObjectMapper instance = null;
+			out = instance.valueToTree(in);
+			sink(out); // $ hasTaintFlow
+		}
+		{
+			// "com.fasterxml.jackson.databind;ObjectMapper;true;valueToTree;;;MapValue of
+			// Argument[0];ReturnValue;taint"
+			JsonNode out = null;
+			Object in = (Object) newWithMapValue(source());
+			ObjectMapper instance = null;
+			out = instance.valueToTree(in);
+			sink(out); // $ hasTaintFlow
+		}
+		{
+			// "com.fasterxml.jackson.databind;ObjectReader;false;createParser;;;Argument[0];ReturnValue;taint"
+			JsonParser out = null;
+			char[] in = (char[]) source();
+			ObjectReader instance = null;
+			out = instance.createParser(in, 0, 0);
+			sink(out); // $ hasTaintFlow
+		}
+		{
+			// "com.fasterxml.jackson.databind;ObjectReader;false;createParser;;;Argument[0];ReturnValue;taint"
+			JsonParser out = null;
+			char[] in = (char[]) source();
+			ObjectReader instance = null;
+			out = instance.createParser(in);
+			sink(out); // $ hasTaintFlow
+		}
+		{
+			// "com.fasterxml.jackson.databind;ObjectReader;false;createParser;;;Argument[0];ReturnValue;taint"
+			JsonParser out = null;
+			byte[] in = (byte[]) source();
+			ObjectReader instance = null;
+			out = instance.createParser(in, 0, 0);
+			sink(out); // $ hasTaintFlow
+		}
+		{
+			// "com.fasterxml.jackson.databind;ObjectReader;false;createParser;;;Argument[0];ReturnValue;taint"
+			JsonParser out = null;
+			byte[] in = (byte[]) source();
+			ObjectReader instance = null;
+			out = instance.createParser(in);
+			sink(out); // $ hasTaintFlow
+		}
+		{
+			// "com.fasterxml.jackson.databind;ObjectReader;false;createParser;;;Argument[0];ReturnValue;taint"
+			JsonParser out = null;
+			URL in = (URL) source();
+			ObjectReader instance = null;
+			out = instance.createParser(in);
+			sink(out); // $ hasTaintFlow
+		}
+		{
+			// "com.fasterxml.jackson.databind;ObjectReader;false;createParser;;;Argument[0];ReturnValue;taint"
+			JsonParser out = null;
+			String in = (String) source();
+			ObjectReader instance = null;
+			out = instance.createParser(in);
+			sink(out); // $ hasTaintFlow
+		}
+		{
+			// "com.fasterxml.jackson.databind;ObjectReader;false;createParser;;;Argument[0];ReturnValue;taint"
+			JsonParser out = null;
+			Reader in = (Reader) source();
+			ObjectReader instance = null;
+			out = instance.createParser(in);
+			sink(out); // $ hasTaintFlow
+		}
+		{
+			// "com.fasterxml.jackson.databind;ObjectReader;false;createParser;;;Argument[0];ReturnValue;taint"
+			JsonParser out = null;
+			InputStream in = (InputStream) source();
+			ObjectReader instance = null;
+			out = instance.createParser(in);
+			sink(out); // $ hasTaintFlow
+		}
+		{
+			// "com.fasterxml.jackson.databind;ObjectReader;false;createParser;;;Argument[0];ReturnValue;taint"
+			JsonParser out = null;
+			File in = (File) source();
+			ObjectReader instance = null;
+			out = instance.createParser(in);
+			sink(out); // $ hasTaintFlow
+		}
+		{
+			// "com.fasterxml.jackson.databind;ObjectReader;false;createParser;;;Argument[0];ReturnValue;taint"
+			JsonParser out = null;
+			DataInput in = (DataInput) source();
+			ObjectReader instance = null;
+			out = instance.createParser(in);
+			sink(out); // $ hasTaintFlow
+		}
+
+	}
+
+}

java/ql/test/library-tests/frameworks/jackson/options

@@ -0,0 +1 @@
+//semmle-extractor-options: --javac-args -cp ${testdir}/../../../stubs/jackson-databind-2.12:${testdir}/../../../stubs/jackson-core-2.12

java/ql/test/library-tests/frameworks/jackson/test.expected

@@ -0,0 +1,53 @@
+import java
+import semmle.code.java.dataflow.DataFlow
+import semmle.code.java.dataflow.ExternalFlow
+import semmle.code.java.dataflow.TaintTracking
+import TestUtilities.InlineExpectationsTest
+
+class ValueFlowConf extends DataFlow::Configuration {
+  ValueFlowConf() { this = "qltest:valueFlowConf" }
+
+  override predicate isSource(DataFlow::Node n) {
+    n.asExpr().(MethodAccess).getMethod().hasName("source")
+  }
+
+  override predicate isSink(DataFlow::Node n) {
+    n.asExpr().(Argument).getCall().getCallee().hasName("sink")
+  }
+}
+
+class TaintFlowConf extends TaintTracking::Configuration {
+  TaintFlowConf() { this = "qltest:taintFlowConf" }
+
+  override predicate isSource(DataFlow::Node n) {
+    n.asExpr().(MethodAccess).getMethod().hasName("source")
+  }
+
+  override predicate isSink(DataFlow::Node n) {
+    n.asExpr().(Argument).getCall().getCallee().hasName("sink")
+  }
+}
+
+class HasFlowTest extends InlineExpectationsTest {
+  HasFlowTest() { this = "HasFlowTest" }
+
+  override string getARelevantTag() { result = ["hasValueFlow", "hasTaintFlow"] }
+
+  override predicate hasActualResult(Location location, string element, string tag, string value) {
+    tag = "hasValueFlow" and
+    exists(DataFlow::Node src, DataFlow::Node sink, ValueFlowConf conf | conf.hasFlow(src, sink) |
+      sink.getLocation() = location and
+      element = sink.toString() and
+      value = ""
+    )
+    or
+    tag = "hasTaintFlow" and
+    exists(DataFlow::Node src, DataFlow::Node sink, TaintFlowConf conf |
+      conf.hasFlow(src, sink) and not any(ValueFlowConf c).hasFlow(src, sink)
+    |
+      sink.getLocation() = location and
+      element = sink.toString() and
+      value = ""
+    )
+  }
+}

java/ql/test/library-tests/frameworks/jackson/test.ql

@@ -1 +1 @@
-//semmle-extractor-options: --javac-args -cp ${testdir}/../../../stubs/playframework-2.6.x:${testdir}/../../../stubs/jackson-databind-2.10:${testdir}/../../../stubs/akka-2.6.x
+//semmle-extractor-options: --javac-args -cp ${testdir}/../../../stubs/playframework-2.6.x:${testdir}/../../../stubs/jackson-databind-2.12:${testdir}/../../../stubs/akka-2.6.x

java/ql/test/library-tests/frameworks/play/options

@@ -0,0 +1,8 @@
+package com.fasterxml.jackson.core;
+
+public abstract class JacksonException extends java.io.IOException {
+    public abstract String getOriginalMessage();
+
+    public abstract Object getProcessor();
+
+}