Java: add 'sink' kind

Jami Cogswell · Jami Cogswell · commit 60b07083c3b5 · 2023-05-26T18:55:13.000-04:00
diff --git a/java/ql/lib/ext/java.nio.file.spi.model.yml b/java/ql/lib/ext/java.nio.file.spi.model.yml
@@ -3,5 +3,6 @@ extensions:
       pack: codeql/java-all
       extensible: neutralModel
     data:
-      - ["java.nio.file.spi", "FileSystemProvider" "isHidden", "", "manual"]
-      - ["java.nio.file.spi", "FileSystemProvider" "isSameFile", "", "manual"]
+      # sink neutrals
+      - ["java.nio.file.spi", "FileSystemProvider" "isHidden", "", "sink", "manual"]
+      - ["java.nio.file.spi", "FileSystemProvider" "isSameFile", "", "sink", "manual"]
diff --git a/java/ql/lib/ext/java.text.model.yml b/java/ql/lib/ext/java.text.model.yml
@@ -3,12 +3,14 @@ extensions:
       pack: codeql/java-all
       extensible: neutralModel
     data:
-      - ["java.text", "Collator" "compare", "", "manual"]
-      - ["java.text", "Collator" "equals", "", "manual"]
-      - ["java.text", "RuleBasedCollator", "compare", "", "manual"]
-
+      # summary neutrals
       # The below APIs have numeric flow and are currently being stored as neutral models.
       # These may be changed to summary models with kinds "value-numeric" and "taint-numeric" (or similar) in the future.
       - ["java.text", "DateFormat", "format", "(Date)", "summary", "manual"]                   # taint-numeric
       - ["java.text", "DateFormat", "parse", "(String)", "summary", "manual"]                  # taint-numeric
       - ["java.text", "SimpleDateFormat", "SimpleDateFormat", "(String)", "summary", "manual"] # taint-numeric
+
+      # sink neutrals
+      - ["java.text", "Collator" "compare", "", "sink", "manual"]
+      - ["java.text", "Collator" "equals", "", "sink", "manual"]
+      - ["java.text", "RuleBasedCollator", "compare", "", "sink", "manual"]
diff --git a/java/ql/lib/ext/java.util.prefs.model.yml b/java/ql/lib/ext/java.util.prefs.model.yml
@@ -3,5 +3,6 @@ extensions:
       pack: codeql/java-all
       extensible: neutralModel
     data:
-      - ["java.util.prefs", "AbstractPreferences", "nodeExists", "", "manual"]
-      - ["java.util.prefs", "Preferences", "nodeExists", "", "manual"]
+      # sink neutrals
+      - ["java.util.prefs", "AbstractPreferences", "nodeExists", "", "sink", "manual"]
+      - ["java.util.prefs", "Preferences", "nodeExists", "", "sink", "manual"]
diff --git a/java/ql/lib/ext/org.apache.hc.client5.http.protocol.model.yml b/java/ql/lib/ext/org.apache.hc.client5.http.protocol.model.yml
@@ -3,4 +3,5 @@ extensions:
       pack: codeql/java-all
       extensible: neutralModel
     data:
-      - ["org.apache.hc.client5.http.protocol", "RedirectLocations", "contains", "", "manual"]
+      # sink neutrals
+      - ["org.apache.hc.client5.http.protocol", "RedirectLocations", "contains", "", "sink", "manual"]
