Skip to content

Commit cc4401b

Browse files
smowtonsmowton
committed
Add models of JsonPointer, JsonMergeDiff and JsonPatchBuilder
1 parent 5398594 commit cc4401b

File tree

2 files changed

+1313
-272
lines changed

2 files changed

+1313
-272
lines changed

java/ql/src/semmle/code/java/frameworks/JavaxJson.qll

Lines changed: 122 additions & 122 deletions
Original file line numberDiff line numberDiff line change
@@ -8,129 +8,129 @@ private import semmle.code.java.dataflow.ExternalFlow
88
private class FlowSummaries extends SummaryModelCsv {
99
override predicate row(string row) {
1010
row =
11-
["javax", "jakarta"] + ".json;" +
11+
["javax", "jakarta"] +
1212
[
13-
"Json;false;createArrayBuilder;(JsonArray);;Argument[0];ReturnValue;taint",
14-
"Json;false;createArrayBuilder;(Collection);;Element of Argument[0];ReturnValue;taint",
15-
"Json;false;createDiff;;;Argument[0..1];ReturnValue;taint",
16-
"Json;false;createMergeDiff;;;Argument[0..1];ReturnValue;taint",
17-
"Json;false;createMergePatch;;;Argument[0];ReturnValue;taint",
18-
"Json;false;createObjectBuilder;(JsonObject);;Argument[0];ReturnValue;taint",
19-
"Json;false;createObjectBuilder;(Map);;MapKey of Argument[0];ReturnValue;taint",
20-
"Json;false;createObjectBuilder;(Map);;MapValue of Argument[0];ReturnValue;taint",
21-
"Json;false;createPatch;;;Argument[0];ReturnValue;taint",
22-
"Json;false;createPatchBuilder;;;Argument[0];ReturnValue;taint",
23-
"Json;false;createPointer;;;Argument[0];ReturnValue;taint",
24-
"Json;false;createReader;;;Argument[0];ReturnValue;taint",
25-
"Json;false;createValue;;;Argument[0];ReturnValue;taint",
26-
"Json;false;createWriter;;;Argument[0];ReturnValue;taint",
27-
"JsonArray;false;getBoolean;;;Argument[-1];ReturnValue;taint",
28-
"JsonArray;false;getBoolean;;;Argument[1];ReturnValue;value",
29-
"JsonArray;false;getInt;;;Argument[-1];ReturnValue;taint",
30-
"JsonArray;false;getInt;;;Argument[1];ReturnValue;value",
31-
"JsonArray;false;getJsonArray;;;Argument[-1];ReturnValue;taint",
32-
"JsonArray;false;getJsonNumber;;;Argument[-1];ReturnValue;taint",
33-
"JsonArray;false;getJsonObject;;;Argument[-1];ReturnValue;taint",
34-
"JsonArray;false;getJsonString;;;Argument[-1];ReturnValue;taint",
35-
"JsonArray;false;getString;;;Argument[-1];ReturnValue;taint",
36-
"JsonArray;false;getString;;;Argument[1];ReturnValue;value",
37-
"JsonArray;false;getValuesAs;;;Argument[-1];ReturnValue;taint",
38-
"JsonArrayBuilder;false;add;;;Argument[-1];ReturnValue;value",
39-
"JsonArrayBuilder;false;add;(boolean);;Argument[0];Argument[-1];taint",
40-
"JsonArrayBuilder;false;add;(double);;Argument[0];Argument[-1];taint",
41-
"JsonArrayBuilder;false;add;(int);;Argument[0];Argument[-1];taint",
42-
"JsonArrayBuilder;false;add;(long);;Argument[0];Argument[-1];taint",
43-
"JsonArrayBuilder;false;add;(JsonArrayBuilder);;Argument[0];Argument[-1];taint",
44-
"JsonArrayBuilder;false;add;(JsonObjectBuilder);;Argument[0];Argument[-1];taint",
45-
"JsonArrayBuilder;false;add;(JsonValue);;Argument[0];Argument[-1];taint",
46-
"JsonArrayBuilder;false;add;(String);;Argument[0];Argument[-1];taint",
47-
"JsonArrayBuilder;false;add;(BigDecimal);;Argument[0];Argument[-1];taint",
48-
"JsonArrayBuilder;false;add;(BigInteger);;Argument[0];Argument[-1];taint",
49-
"JsonArrayBuilder;false;add;(int,boolean);;Argument[1];Argument[-1];taint",
50-
"JsonArrayBuilder;false;add;(int,double);;Argument[1];Argument[-1];taint",
51-
"JsonArrayBuilder;false;add;(int,int);;Argument[1];Argument[-1];taint",
52-
"JsonArrayBuilder;false;add;(int,long);;Argument[1];Argument[-1];taint",
53-
"JsonArrayBuilder;false;add;(int,JsonArrayBuilder);;Argument[1];Argument[-1];taint",
54-
"JsonArrayBuilder;false;add;(int,JsonObjectBuilder);;Argument[1];Argument[-1];taint",
55-
"JsonArrayBuilder;false;add;(int,JsonValue);;Argument[1];Argument[-1];taint",
56-
"JsonArrayBuilder;false;add;(int,String);;Argument[1];Argument[-1];taint",
57-
"JsonArrayBuilder;false;add;(int,BigDecimal);;Argument[1];Argument[-1];taint",
58-
"JsonArrayBuilder;false;add;(int,BigInteger);;Argument[1];Argument[-1];taint",
59-
"JsonArrayBuilder;false;addAll;;;Argument[0];Argument[-1];taint",
60-
"JsonArrayBuilder;false;addAll;;;Argument[-1];ReturnValue;value",
61-
"JsonArrayBuilder;false;addNull;;;Argument[-1];ReturnValue;value",
62-
"JsonArrayBuilder;false;build;;;Argument[-1];ReturnValue;taint",
63-
"JsonArrayBuilder;false;remove;;;Argument[-1];ReturnValue;value",
64-
"JsonArrayBuilder;false;set;;;Argument[1];Argument[-1];taint",
65-
"JsonArrayBuilder;false;set;;;Argument[-1];ReturnValue;value",
66-
"JsonArrayBuilder;false;setNull;;;Argument[-1];ReturnValue;value",
67-
"JsonMergePatch;false;apply;;;Argument[-1];ReturnValue;taint",
68-
"JsonMergePatch;false;apply;;;Argument[0];ReturnValue;taint",
69-
"JsonMergePatch;false;toJsonValue;;;Argument[-1];ReturnValue;taint",
70-
"JsonNumber;false;bigDecimalValue;;;Argument[-1];ReturnValue;taint",
71-
"JsonNumber;false;bigIntegerValue;;;Argument[-1];ReturnValue;taint",
72-
"JsonNumber;false;bigIntegerValueExact;;;Argument[-1];ReturnValue;taint",
73-
"JsonNumber;false;doubleValue;;;Argument[-1];ReturnValue;taint",
74-
"JsonNumber;false;intValue;;;Argument[-1];ReturnValue;taint",
75-
"JsonNumber;false;intValueExact;;;Argument[-1];ReturnValue;taint",
76-
"JsonNumber;false;longValue;;;Argument[-1];ReturnValue;taint",
77-
"JsonNumber;false;longValueExact;;;Argument[-1];ReturnValue;taint",
78-
"JsonNumber;false;numberValue;;;Argument[-1];ReturnValue;taint",
79-
"JsonObject;false;getBoolean;;;Argument[-1];ReturnValue;taint",
80-
"JsonObject;false;getBoolean;;;Argument[1];ReturnValue;value",
81-
"JsonObject;false;getInt;;;Argument[-1];ReturnValue;taint",
82-
"JsonObject;false;getInt;;;Argument[1];ReturnValue;value",
83-
"JsonObject;false;getJsonArray;;;Argument[-1];ReturnValue;taint",
84-
"JsonObject;false;getJsonNumber;;;Argument[-1];ReturnValue;taint",
85-
"JsonObject;false;getJsonObject;;;Argument[-1];ReturnValue;taint",
86-
"JsonObject;false;getJsonString;;;Argument[-1];ReturnValue;taint",
87-
"JsonObject;false;getString;;;Argument[-1];ReturnValue;taint",
88-
"JsonObject;false;getString;;;Argument[1];ReturnValue;value",
89-
"JsonObjectBuilder;false;add;;;Argument[-1];ReturnValue;value",
90-
"JsonObjectBuilder;false;add;;;Argument[1];Argument[-1];taint",
91-
"JsonObjectBuilder;false;addAll;;;Argument[0];ReturnValue;value",
92-
"JsonObjectBuilder;false;addAll;;;Argument[-1];ReturnValue;value",
93-
"JsonObjectBuilder;false;addNull;;;Argument[-1];ReturnValue;value",
94-
"JsonObjectBuilder;false;build;;;Argument[-1];ReturnValue;taint",
95-
"JsonObjectBuilder;false;remove;;;Argument[-1];ReturnValue;value",
96-
"JsonParserFactory;false;createParser;;;Argument[0];ReturnValue;taint",
97-
"JsonPatch;false;apply;;;Argument[-1];ReturnValue;taint",
98-
"JsonPatch;false;apply;;;Argument[0];ReturnValue;taint",
99-
"JsonPatch;false;toJsonArray;;;Argument[-1];ReturnValue;taint",
100-
"JsonPatchBuilder;false;add;;;Argument[0..1];ReturnValue;taint",
101-
"JsonPatchBuilder;false;add;;;Argument[-1];ReturnValue;value",
102-
"JsonPatchBuilder;false;build;;;Argument[-1];ReturnValue;taint",
103-
"JsonPatchBuilder;false;copy;;;Argument[0..1];ReturnValue;taint",
104-
"JsonPatchBuilder;false;copy;;;Argument[-1];ReturnValue;value",
105-
"JsonPatchBuilder;false;move;;;Argument[0..1];ReturnValue;taint",
106-
"JsonPatchBuilder;false;move;;;Argument[-1];ReturnValue;value",
107-
"JsonPatchBuilder;false;remove;;;Argument[0];ReturnValue;taint",
108-
"JsonPatchBuilder;false;remove;;;Argument[-1];ReturnValue;value",
109-
"JsonPatchBuilder;false;replace;;;Argument[0..1];ReturnValue;taint",
110-
"JsonPatchBuilder;false;replace;;;Argument[-1];ReturnValue;value",
111-
"JsonPatchBuilder;false;test;;;Argument[0..1];ReturnValue;taint",
112-
"JsonPatchBuilder;false;test;;;Argument[-1];ReturnValue;value",
113-
"JsonPointer;false;add;;;Argument[-1];ReturnValue;taint",
114-
"JsonPointer;false;add;;;Argument[0..1];ReturnValue;taint",
115-
"JsonPointer;false;getValue;;;Argument[0];ReturnValue;taint",
116-
"JsonPointer;false;remove;;;Argument[0];ReturnValue;taint",
117-
"JsonPointer;false;replace;;;Argument[0..1];ReturnValue;taint",
118-
"JsonPointer;false;toString;;;Argument[-1];ReturnValue;taint",
119-
"JsonReader;false;read;;;Argument[-1];ReturnValue;taint",
120-
"JsonReader;false;readArray;;;Argument[-1];ReturnValue;taint",
121-
"JsonReader;false;readObject;;;Argument[-1];ReturnValue;taint",
122-
"JsonReader;false;readValue;;;Argument[-1];ReturnValue;taint",
123-
"JsonReaderFactory;false;createReader;;;Argument[0];ReturnValue;taint",
124-
"JsonString;false;getChars;;;Argument[-1];ReturnValue;taint",
125-
"JsonString;false;getString;;;Argument[-1];ReturnValue;taint",
126-
"JsonStructure;true;getValue;;;Argument[-1];ReturnValue;taint",
127-
"JsonValue;true;asJsonArray;;;Argument[-1];ReturnValue;taint",
128-
"JsonValue;true;asJsonObject;;;Argument[-1];ReturnValue;taint",
129-
"JsonValue;true;toString;;;Argument[-1];ReturnValue;taint",
130-
"JsonWriter;false;write;;;Argument[0];Argument[-1];taint",
131-
"JsonWriter;false;writeArray;;;Argument[0];Argument[-1];taint",
132-
"JsonWriter;false;writeObject;;;Argument[0];Argument[-1];taint",
133-
"JsonWriterFactory;false;createWriter;;;Argument[-1];Argument[0];taint"
13+
".json;Json;false;createArrayBuilder;(JsonArray);;Argument[0];ReturnValue;taint",
14+
".json;Json;false;createArrayBuilder;(Collection);;Element of Argument[0];ReturnValue;taint",
15+
".json;Json;false;createDiff;;;Argument[0..1];ReturnValue;taint",
16+
".json;Json;false;createMergeDiff;;;Argument[0..1];ReturnValue;taint",
17+
".json;Json;false;createMergePatch;;;Argument[0];ReturnValue;taint",
18+
".json;Json;false;createObjectBuilder;(JsonObject);;Argument[0];ReturnValue;taint",
19+
".json;Json;false;createObjectBuilder;(Map);;MapKey of Argument[0];ReturnValue;taint",
20+
".json;Json;false;createObjectBuilder;(Map);;MapValue of Argument[0];ReturnValue;taint",
21+
".json;Json;false;createPatch;;;Argument[0];ReturnValue;taint",
22+
".json;Json;false;createPatchBuilder;;;Argument[0];ReturnValue;taint",
23+
".json;Json;false;createPointer;;;Argument[0];ReturnValue;taint",
24+
".json;Json;false;createReader;;;Argument[0];ReturnValue;taint",
25+
".json;Json;false;createValue;;;Argument[0];ReturnValue;taint",
26+
".json;Json;false;createWriter;;;Argument[0];ReturnValue;taint",
27+
".json;JsonArray;false;getBoolean;;;Argument[-1];ReturnValue;taint",
28+
".json;JsonArray;false;getBoolean;;;Argument[1];ReturnValue;value",
29+
".json;JsonArray;false;getInt;;;Argument[-1];ReturnValue;taint",
30+
".json;JsonArray;false;getInt;;;Argument[1];ReturnValue;value",
31+
".json;JsonArray;false;getJsonArray;;;Argument[-1];ReturnValue;taint",
32+
".json;JsonArray;false;getJsonNumber;;;Argument[-1];ReturnValue;taint",
33+
".json;JsonArray;false;getJsonObject;;;Argument[-1];ReturnValue;taint",
34+
".json;JsonArray;false;getJsonString;;;Argument[-1];ReturnValue;taint",
35+
".json;JsonArray;false;getString;;;Argument[-1];ReturnValue;taint",
36+
".json;JsonArray;false;getString;;;Argument[1];ReturnValue;value",
37+
".json;JsonArray;false;getValuesAs;;;Argument[-1];ReturnValue;taint",
38+
".json;JsonArrayBuilder;false;add;;;Argument[-1];ReturnValue;value",
39+
".json;JsonArrayBuilder;false;add;(boolean);;Argument[0];Argument[-1];taint",
40+
".json;JsonArrayBuilder;false;add;(double);;Argument[0];Argument[-1];taint",
41+
".json;JsonArrayBuilder;false;add;(int);;Argument[0];Argument[-1];taint",
42+
".json;JsonArrayBuilder;false;add;(long);;Argument[0];Argument[-1];taint",
43+
".json;JsonArrayBuilder;false;add;(JsonArrayBuilder);;Argument[0];Argument[-1];taint",
44+
".json;JsonArrayBuilder;false;add;(JsonObjectBuilder);;Argument[0];Argument[-1];taint",
45+
".json;JsonArrayBuilder;false;add;(JsonValue);;Argument[0];Argument[-1];taint",
46+
".json;JsonArrayBuilder;false;add;(String);;Argument[0];Argument[-1];taint",
47+
".json;JsonArrayBuilder;false;add;(BigDecimal);;Argument[0];Argument[-1];taint",
48+
".json;JsonArrayBuilder;false;add;(BigInteger);;Argument[0];Argument[-1];taint",
49+
".json;JsonArrayBuilder;false;add;(int,boolean);;Argument[1];Argument[-1];taint",
50+
".json;JsonArrayBuilder;false;add;(int,double);;Argument[1];Argument[-1];taint",
51+
".json;JsonArrayBuilder;false;add;(int,int);;Argument[1];Argument[-1];taint",
52+
".json;JsonArrayBuilder;false;add;(int,long);;Argument[1];Argument[-1];taint",
53+
".json;JsonArrayBuilder;false;add;(int,JsonArrayBuilder);;Argument[1];Argument[-1];taint",
54+
".json;JsonArrayBuilder;false;add;(int,JsonObjectBuilder);;Argument[1];Argument[-1];taint",
55+
".json;JsonArrayBuilder;false;add;(int,JsonValue);;Argument[1];Argument[-1];taint",
56+
".json;JsonArrayBuilder;false;add;(int,String);;Argument[1];Argument[-1];taint",
57+
".json;JsonArrayBuilder;false;add;(int,BigDecimal);;Argument[1];Argument[-1];taint",
58+
".json;JsonArrayBuilder;false;add;(int,BigInteger);;Argument[1];Argument[-1];taint",
59+
".json;JsonArrayBuilder;false;addAll;;;Argument[0];Argument[-1];taint",
60+
".json;JsonArrayBuilder;false;addAll;;;Argument[-1];ReturnValue;value",
61+
".json;JsonArrayBuilder;false;addNull;;;Argument[-1];ReturnValue;value",
62+
".json;JsonArrayBuilder;false;build;;;Argument[-1];ReturnValue;taint",
63+
".json;JsonArrayBuilder;false;remove;;;Argument[-1];ReturnValue;value",
64+
".json;JsonArrayBuilder;false;set;;;Argument[1];Argument[-1];taint",
65+
".json;JsonArrayBuilder;false;set;;;Argument[-1];ReturnValue;value",
66+
".json;JsonArrayBuilder;false;setNull;;;Argument[-1];ReturnValue;value",
67+
".json;JsonMergePatch;false;apply;;;Argument[-1];ReturnValue;taint",
68+
".json;JsonMergePatch;false;apply;;;Argument[0];ReturnValue;taint",
69+
".json;JsonMergePatch;false;toJsonValue;;;Argument[-1];ReturnValue;taint",
70+
".json;JsonNumber;false;bigDecimalValue;;;Argument[-1];ReturnValue;taint",
71+
".json;JsonNumber;false;bigIntegerValue;;;Argument[-1];ReturnValue;taint",
72+
".json;JsonNumber;false;bigIntegerValueExact;;;Argument[-1];ReturnValue;taint",
73+
".json;JsonNumber;false;doubleValue;;;Argument[-1];ReturnValue;taint",
74+
".json;JsonNumber;false;intValue;;;Argument[-1];ReturnValue;taint",
75+
".json;JsonNumber;false;intValueExact;;;Argument[-1];ReturnValue;taint",
76+
".json;JsonNumber;false;longValue;;;Argument[-1];ReturnValue;taint",
77+
".json;JsonNumber;false;longValueExact;;;Argument[-1];ReturnValue;taint",
78+
".json;JsonNumber;false;numberValue;;;Argument[-1];ReturnValue;taint",
79+
".json;JsonObject;false;getBoolean;;;Argument[-1];ReturnValue;taint",
80+
".json;JsonObject;false;getBoolean;;;Argument[1];ReturnValue;value",
81+
".json;JsonObject;false;getInt;;;Argument[-1];ReturnValue;taint",
82+
".json;JsonObject;false;getInt;;;Argument[1];ReturnValue;value",
83+
".json;JsonObject;false;getJsonArray;;;Argument[-1];ReturnValue;taint",
84+
".json;JsonObject;false;getJsonNumber;;;Argument[-1];ReturnValue;taint",
85+
".json;JsonObject;false;getJsonObject;;;Argument[-1];ReturnValue;taint",
86+
".json;JsonObject;false;getJsonString;;;Argument[-1];ReturnValue;taint",
87+
".json;JsonObject;false;getString;;;Argument[-1];ReturnValue;taint",
88+
".json;JsonObject;false;getString;;;Argument[1];ReturnValue;value",
89+
".json;JsonObjectBuilder;false;add;;;Argument[-1];ReturnValue;value",
90+
".json;JsonObjectBuilder;false;add;;;Argument[1];Argument[-1];taint",
91+
".json;JsonObjectBuilder;false;addAll;;;Argument[0];ReturnValue;value",
92+
".json;JsonObjectBuilder;false;addAll;;;Argument[-1];ReturnValue;value",
93+
".json;JsonObjectBuilder;false;addNull;;;Argument[-1];ReturnValue;value",
94+
".json;JsonObjectBuilder;false;build;;;Argument[-1];ReturnValue;taint",
95+
".json;JsonObjectBuilder;false;remove;;;Argument[-1];ReturnValue;value",
96+
".json;JsonPatch;false;apply;;;Argument[-1];ReturnValue;taint",
97+
".json;JsonPatch;false;apply;;;Argument[0];ReturnValue;taint",
98+
".json;JsonPatch;false;toJsonArray;;;Argument[-1];ReturnValue;taint",
99+
".json;JsonPatchBuilder;false;add;;;Argument[0..1];ReturnValue;taint",
100+
".json;JsonPatchBuilder;false;add;;;Argument[-1];ReturnValue;value",
101+
".json;JsonPatchBuilder;false;build;;;Argument[-1];ReturnValue;taint",
102+
".json;JsonPatchBuilder;false;copy;;;Argument[0..1];ReturnValue;taint",
103+
".json;JsonPatchBuilder;false;copy;;;Argument[-1];ReturnValue;value",
104+
".json;JsonPatchBuilder;false;move;;;Argument[0..1];ReturnValue;taint",
105+
".json;JsonPatchBuilder;false;move;;;Argument[-1];ReturnValue;value",
106+
".json;JsonPatchBuilder;false;remove;;;Argument[0];ReturnValue;taint",
107+
".json;JsonPatchBuilder;false;remove;;;Argument[-1];ReturnValue;value",
108+
".json;JsonPatchBuilder;false;replace;;;Argument[0..1];ReturnValue;taint",
109+
".json;JsonPatchBuilder;false;replace;;;Argument[-1];ReturnValue;value",
110+
".json;JsonPatchBuilder;false;test;;;Argument[0..1];ReturnValue;taint",
111+
".json;JsonPatchBuilder;false;test;;;Argument[-1];ReturnValue;value",
112+
".json;JsonPointer;false;add;;;Argument[-1];ReturnValue;taint",
113+
".json;JsonPointer;false;add;;;Argument[0..1];ReturnValue;taint",
114+
".json;JsonPointer;false;getValue;;;Argument[0];ReturnValue;taint",
115+
".json;JsonPointer;false;remove;;;Argument[0];ReturnValue;taint",
116+
".json;JsonPointer;false;replace;;;Argument[0..1];ReturnValue;taint",
117+
".json;JsonPointer;false;toString;;;Argument[-1];ReturnValue;taint",
118+
".json;JsonReader;false;read;;;Argument[-1];ReturnValue;taint",
119+
".json;JsonReader;false;readArray;;;Argument[-1];ReturnValue;taint",
120+
".json;JsonReader;false;readObject;;;Argument[-1];ReturnValue;taint",
121+
".json;JsonReader;false;readValue;;;Argument[-1];ReturnValue;taint",
122+
".json;JsonReaderFactory;false;createReader;;;Argument[0];ReturnValue;taint",
123+
".json;JsonString;false;getChars;;;Argument[-1];ReturnValue;taint",
124+
".json;JsonString;false;getString;;;Argument[-1];ReturnValue;taint",
125+
".json;JsonStructure;true;getValue;;;Argument[-1];ReturnValue;taint",
126+
".json;JsonValue;true;asJsonArray;;;Argument[-1];ReturnValue;taint",
127+
".json;JsonValue;true;asJsonObject;;;Argument[-1];ReturnValue;taint",
128+
".json;JsonValue;true;toString;;;Argument[-1];ReturnValue;taint",
129+
".json;JsonWriter;false;write;;;Argument[0];Argument[-1];taint",
130+
".json;JsonWriter;false;writeArray;;;Argument[0];Argument[-1];taint",
131+
".json;JsonWriter;false;writeObject;;;Argument[0];Argument[-1];taint",
132+
".json;JsonWriterFactory;false;createWriter;;;Argument[-1];Argument[0];taint",
133+
".json.stream;JsonParserFactory;false;createParser;;;Argument[0];ReturnValue;taint"
134134
]
135135
}
136136
}

0 commit comments

Comments
 (0)