Java: Add some spurious source and sink model generation examples.

michaelnebel · michaelnebel · commit 1185e28ea201 · 2024-06-19T14:10:56.000+02:00
diff --git a/java/ql/test/utils/modelgenerator/dataflow/CaptureSourceModels.ext.yml b/java/ql/test/utils/modelgenerator/dataflow/CaptureSourceModels.ext.yml
@@ -0,0 +1,7 @@
+extensions:
+
+  - addsTo:
+      pack: codeql/java-all
+      extensible: sourceModel
+    data:
+      - [ "p", "Sources", False, "source", "()", "", "ReturnValue", "test-source", "manual" ]
diff --git a/java/ql/test/utils/modelgenerator/dataflow/p/Sinks.java b/java/ql/test/utils/modelgenerator/dataflow/p/Sinks.java
@@ -64,4 +64,12 @@ public void hasManualSinkNeutral(Object o) {
   public void compoundPropgate(Sinks s) {
     s.fieldSink();
   }
+
+  // Not a new sink because a simple type is used in an intermediate step
+  // SPURIOUS-sink=p;Sinks;true;wrapSinkSimpleType;(String);;Argument[0];test-sink;df-generated
+  // neutral=p;Sinks;wrapSinkSimpleType;(String);summary;df-generated
+  public void wrapSinkSimpleType(String s) {
+    Boolean b = s == "hello";
+    sink(b);
+  }
 }
diff --git a/java/ql/test/utils/modelgenerator/dataflow/p/Sources.java b/java/ql/test/utils/modelgenerator/dataflow/p/Sources.java
@@ -8,6 +8,12 @@
 
 public class Sources {
 
+  // Defined as a source in the model file next to the test.
+  // neutral=p;Sources;source;();summary;df-generated
+  public String source() {
+    return "";
+  }
+
   // source=p;Sources;true;readUrl;(URL);;ReturnValue;remote;df-generated
   // sink=p;Sources;true;readUrl;(URL);;Argument[0];request-forgery;df-generated
   // neutral=p;Sources;readUrl;(URL);summary;df-generated
@@ -37,4 +43,28 @@ public void sourceToParameter(InputStream[] streams, List<InputStream> otherStre
     streams[0] = socket.accept().getInputStream();
     otherStreams.add(socket.accept().getInputStream());
   }
+
+  // Not a new source because a simple type is used in an intermediate step
+  // SPURIOUS-source=p;Sources;true;wrapSourceGetBool;();;ReturnValue;test-source;df-generated
+  // neutral=p;Sources;wrapSourceGetBool;();summary;df-generated
+  public Boolean wrapSourceGetBool() {
+    String s = source();
+    return s == "hello";
+  }
+
+  public class SourceReader {
+    @Override
+    public String toString() {
+      return source();
+    }
+  }
+
+  public class MyContainer<T> {
+    private T value;
+
+    // neutral=p;Sources$MyContainer;read;();summary;df-generated
+    public String read() {
+      return value.toString();
+    }
+  }
 }

Original file line number	Diff line number	Diff line change
`@@ -64,4 +64,12 @@ public void hasManualSinkNeutral(Object o) {`
`64`	`64`	`public void compoundPropgate(Sinks s) {`
`65`	`65`	`s.fieldSink();`
`66`	`66`	`}`
	`67`	`+`
	`68`	`+ // Not a new sink because a simple type is used in an intermediate step`
	`69`	`+ // SPURIOUS-sink=p;Sinks;true;wrapSinkSimpleType;(String);;Argument[0];test-sink;df-generated`
	`70`	`+ // neutral=p;Sinks;wrapSinkSimpleType;(String);summary;df-generated`
	`71`	`+ public void wrapSinkSimpleType(String s) {`
	`72`	`+ Boolean b = s == "hello";`
	`73`	`+ sink(b);`
	`74`	`+ }`
`67`	`75`	`}`