Skip to content

Commit d3d5879

Browse files
aibaarsaibaars
committed
Java: ContainerFlow add comments
Some method variants are captured by a super class. Added some comments to indicate where this happens to make review of missing methods easier in the future.
1 parent 24c6e50 commit d3d5879

File tree

1 file changed

+12
-3
lines changed

1 file changed

+12
-3
lines changed

java/ql/src/semmle/code/java/dataflow/internal/ContainerFlow.qll

Lines changed: 12 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -141,29 +141,34 @@ private predicate taintPreservingQualifierToMethod(Method m) {
141141
"removeFirst", "removeLast"])
142142
or
143143
// java.util.concurrent.BlockingQueue
144+
// covered by Queue: poll(long, TimeUnit)
144145
m.(CollectionMethod).hasName("take")
145146
or
146147
// java.util.concurrent.BlockingDeque
148+
// covered by Deque: pollFirst(long, TimeUnit), pollLast(long, TimeUnit)
147149
m.(CollectionMethod).hasName(["takeFirst", "takeLast"])
148150
or
149151
// java.util.SortedSet
150152
m.(CollectionMethod).hasName(["first", "headSet", "last", "subSet", "tailSet"])
151153
or
152154
// java.util.NavigableSet
155+
// covered by Deque: pollFirst(), pollLast()
156+
// covered by SortedSet: headSet(E, boolean), subSet(E, boolean, E, boolean) and tailSet(E, boolean)
153157
m
154158
.(CollectionMethod)
155159
.hasName(["ceiling", "descendingIterator", "descendingSet", "floor", "higher", "lower"])
156160
or
157-
//java.util.SortedMap
161+
// java.util.SortedMap
158162
m.(MapMethod).hasName(["headMap", "subMap", "tailMap"])
159163
or
160-
//java.util.NavigableMap
164+
// java.util.NavigableMap
165+
// covered by SortedMap: headMap(K, boolean), subMap(K, boolean, K, boolean), tailMap(K, boolean)
161166
m
162167
.(MapMethod)
163168
.hasName(["ceilingEntry", "descendingMap", "firstEntry", "floorEntry", "higherEntry",
164169
"lastEntry", "lowerEntry", "pollFirstEntry", "pollLastEntry"])
165170
or
166-
//java.util.Dictionary
171+
// java.util.Dictionary
167172
m
168173
.getDeclaringType()
169174
.getSourceDeclaration()
@@ -222,6 +227,7 @@ private predicate taintPreservingArgumentToQualifier(Method method, int arg) {
222227
arg = method.getNumberOfParameters() - 1
223228
or
224229
// java.util.List
230+
// covered by Collection: add(int, E), addAll(int, Collection<? extends E>)
225231
method.(CollectionMethod).hasName("set") and arg = 1
226232
or
227233
// java.util.Vector
@@ -234,15 +240,18 @@ private predicate taintPreservingArgumentToQualifier(Method method, int arg) {
234240
method.(CollectionMethod).hasName("offer") and arg = 0
235241
or
236242
// java.util.Deque
243+
// covered by Stack: push(E)
237244
method.(CollectionMethod).hasName(["addFirst", "addLast", "offerFirst", "offerLast"]) and arg = 0
238245
or
239246
// java.util.concurrent.BlockingQueue
247+
// covered by Queue: offer(E, long, TimeUnit)
240248
method.(CollectionMethod).hasName("put") and arg = 0
241249
or
242250
// java.util.concurrent.TransferQueue
243251
method.(CollectionMethod).hasName(["transfer", "tryTransfer"]) and arg = 0
244252
or
245253
// java.util.concurrent.BlockingDeque
254+
// covered by Deque: offerFirst(E, long, TimeUnit), offerLast(E, long, TimeUnit)
246255
method.(CollectionMethod).hasName(["putFirst", "putLast"]) and arg = 0
247256
or
248257
//java.util.Dictionary

0 commit comments

Comments
 (0)