Java: add more test cases

Jami Cogswell · Jami Cogswell · commit 9762423fbc8e · 2022-12-16T15:26:54.000-05:00
diff --git a/java/ql/lib/ext/java.lang.model.yml b/java/ql/lib/ext/java.lang.model.yml
@@ -49,7 +49,6 @@ extensions:
       - ["java.lang", "RuntimeException", False, "RuntimeException", "(String)", "", "Argument[0]", "Argument[-1].SyntheticField[java.lang.Throwable.message]", "value", "manual"]
       - ["java.lang", "RuntimeException", False, "RuntimeException", "(Throwable)", "", "Argument[0]", "Argument[-1].SyntheticField[java.lang.Throwable.cause]", "value", "manual"]
       - ["java.lang", "String", False, "String", "", "", "Argument[0]", "Argument[-1]", "taint", "manual"]
-      - ["java.lang", "String", False, "charAt", "(int)", "", "Argument[-1]", "ReturnValue", "taint", "manual"]
       - ["java.lang", "String", False, "concat", "(String)", "", "Argument[-1]", "ReturnValue", "taint", "manual"]
       - ["java.lang", "String", False, "concat", "(String)", "", "Argument[0]", "ReturnValue", "taint", "manual"]
       - ["java.lang", "String", False, "copyValueOf", "", "", "Argument[0]", "ReturnValue", "taint", "manual"]
diff --git a/java/ql/lib/ext/java.sql.model.yml b/java/ql/lib/ext/java.sql.model.yml
@@ -19,4 +19,4 @@ extensions:
       pack: codeql/java-all
       extensible: extSummaryModel
     data:
-      - ["java.sql", "ResultSet", True, "getString", "(String)", "", "Argument[-1].Element", "ReturnValue", "value", "manual"]
+      - ["java.sql", "ResultSet", True, "getString", "(String)", "", "Argument[-1]", "ReturnValue", "taint", "manual"]
diff --git a/java/ql/test/ext/TestModels/Test.java b/java/ql/test/ext/TestModels/Test.java
@@ -1,3 +1,6 @@
+import java.math.BigDecimal;
+import java.sql.ResultSet;
+
 public class Test {
 
     void sink(Object o) { }
@@ -19,5 +22,24 @@ public void test() throws Exception {
 
         Throwable t = new Throwable((Throwable)source());
         sink((Throwable)t.getCause()); // $hasValueFlow
+
+        Integer x = (Integer)source();
+        int y = x;
+        sink(String.valueOf(y)); // $hasTaintFlow
+
+        String s1 = (String)source();
+        sink(Integer.parseInt(s1)); // $hasTaintFlow
+
+        String s2 = (String)source();
+        int i = 0;
+        sink(s2.charAt(i)); // $hasTaintFlow
+
+        String s3 = (String)source();
+        sink(new BigDecimal(s3)); // $hasTaintFlow
+
+        ResultSet rs = (ResultSet)source();
+        sink(rs.getString("")); // $hasTaintFlow
+
+
     }
 }
