Skip to content

Commit f876182

Browse files
author
Stephan Brandauer
committed
Review suggestions
1 parent edf7ba0 commit f876182

File tree

4 files changed

+13
-15
lines changed

4 files changed

+13
-15
lines changed

java/ql/lib/ext/com.google.common.io.model.yml

Lines changed: 3 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -3,13 +3,14 @@ extensions:
33
pack: codeql/java-all
44
extensible: sinkModel
55
data:
6-
- ["com.google.common.io", "Files", False, "asCharSink", "(File,Charset,FileWriteMode[])", "", "Argument[0]", "write-file", "ai-generated"] # this is a bit like a stream
6+
- ["com.google.common.io", "Files", False, "asCharSink", "(File,Charset,FileWriteMode[])", "", "Argument[0]", "create-file", "ai-generated"]
77
- ["com.google.common.io", "Files", False, "asCharSource", "(File,Charset)", "", "Argument[0]", "read-file", "ai-generated"]
88
- ["com.google.common.io", "Files", False, "copy", "(File,OutputStream)", "", "Argument[0]", "read-file", "ai-generated"]
99
- ["com.google.common.io", "Files", False, "readLines", "(File,Charset)", "", "Argument[0]", "read-file", "ai-generated"]
1010
- ["com.google.common.io", "Files", False, "toByteArray", "(File)", "", "Argument[0]", "read-file", "ai-generated"]
1111
- ["com.google.common.io", "Files", False, "toString", "(File,Charset)", "", "Argument[0]", "read-file", "ai-generated"]
12-
- ["com.google.common.io", "Files", False, "write", "(byte[],File)", "", "Argument[1]", "write-file", "ai-generated"]
12+
- ["com.google.common.io", "Files", False, "write", "(byte[],File)", "", "Argument[0]", "write-file", "ai-generated"]
13+
- ["com.google.common.io", "Files", False, "write", "(byte[],File)", "", "Argument[1]", "create-file", "manual"]
1314
- ["com.google.common.io", "Resources", False, "asByteSource", "(URL)", "", "Argument[0]", "url-open-stream", "manual"]
1415
- ["com.google.common.io", "Resources", False, "asCharSource", "(URL,Charset)", "", "Argument[0]", "url-open-stream", "manual"]
1516
- ["com.google.common.io", "Resources", False, "copy", "(URL,OutputStream)", "", "Argument[0]", "url-open-stream", "manual"]

java/ql/lib/ext/java.lang.model.yml

Lines changed: 6 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -8,14 +8,14 @@ extensions:
88
- ["java.lang", "ClassLoader", True, "getSystemResource", "(String)", "", "Argument[0]", "read-file", "ai-generated"]
99
- ["java.lang", "ClassLoader", True, "getSystemResourceAsStream", "(String)", "", "Argument[0]", "read-file", "ai-generated"]
1010
- ["java.lang", "Module", True, "getResourceAsStream", "(String)", "", "Argument[0]", "read-file", "ai-generated"]
11-
# suggested label is not supported: - ["java.lang", "ProcessBuilder", False, "command", "(String[])", "", "Argument[0]", "command-injection", "ai-generated"]
12-
# suggested label is not supported: - ["java.lang", "ProcessBuilder", False, "ProcessBuilder", "(List)", "", "Argument[0]", "command-injection", "ai-generated"]
13-
# suggested label is not supported: - ["java.lang", "Runtime", True, "exec", "(String,String[],File)", "", "Argument[0]", "command-injection", "ai-generated"]
14-
# suggested label is not supported: - ["java.lang", "Runtime", True, "exec", "(String,String[])", "", "Argument[0]", "command-injection", "ai-generated"]
15-
# suggested label is not supported: - ["java.lang", "Runtime", True, "exec", "(String[],String[])", "", "Argument[0]", "command-injection", "ai-generated"]
1611
# These are modeled in plain CodeQL. TODO: migrate them.
12+
# - ["java.lang", "ProcessBuilder", False, "command", "(String[])", "", "Argument[0]", "command-injection", "ai-generated"]
1713
# - ["java.lang", "ProcessBuilder", False, "directory", "(File)", "", "Argument[0]", "command-injection", "ai-generated"]
18-
# - ["java.lang", "ProcessBuilder", True, "ProcessBuilder", "(String[])", "", "Argument[0]", "command-injection", "ai-generated"]
14+
# - ["java.lang", "ProcessBuilder", False, "ProcessBuilder", "(List)", "", "Argument[0]", "command-injection", "ai-generated"]
15+
# - ["java.lang", "ProcessBuilder", False, "ProcessBuilder", "(String[])", "", "Argument[0]", "command-injection", "ai-generated"]
16+
# - ["java.lang", "Runtime", True, "exec", "(String,String[])", "", "Argument[0]", "command-injection", "ai-generated"]
17+
# - ["java.lang", "Runtime", True, "exec", "(String[],String[])", "", "Argument[0]", "command-injection", "ai-generated"]
18+
# - ["java.lang", "Runtime", True, "exec", "(String,String[],File)", "", "Argument[0]", "command-injection", "ai-generated"]
1919
# - ["java.lang", "Runtime", True, "exec", "(String,String[],File)", "", "Argument[2]", "command-injection", "ai-generated"]
2020
# - ["java.lang", "Runtime", True, "exec", "(String)", "", "Argument[0]", "command-injection", "ai-generated"]
2121
# - ["java.lang", "Runtime", True, "exec", "(String[],String[],File)", "", "Argument[0]", "command-injection", "ai-generated"]

java/ql/lib/ext/java.nio.file.model.yml

Lines changed: 3 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -11,14 +11,12 @@ extensions:
1111
- ["java.nio.file", "Files", False, "createLink", "", "", "Argument[0]", "create-file", "manual"]
1212
- ["java.nio.file", "Files", False, "createSymbolicLink", "", "", "Argument[0]", "create-file", "manual"]
1313
- ["java.nio.file", "Files", False, "createTempDirectory", "(Path,String,FileAttribute[])", "", "Argument[0]", "create-file", "manual"]
14-
- ["java.nio.file", "Files", False, "createTempDirectory", "(String,FileAttribute[])", "", "Argument[0]", "create-file", "ai-generated"]
1514
- ["java.nio.file", "Files", False, "createTempDirectory", "(String)", "", "Argument[0]", "create-file", "ai-generated"]
1615
- ["java.nio.file", "Files", False, "createTempFile", "(Path,String,String,FileAttribute[])", "", "Argument[0]", "create-file", "manual"]
1716
- ["java.nio.file", "Files", False, "createTempFile", "(Path,String,String)", "", "Argument[0]", "create-file", "ai-generated"]
1817
- ["java.nio.file", "Files", False, "delete", "(Path)", "", "Argument[0]", "create-file", "ai-generated"] # should be delete-file
1918
- ["java.nio.file", "Files", False, "deleteIfExists", "(Path)", "", "Argument[0]", "create-file", "ai-generated"] # should be delete-file
20-
# suggested label is not supported: - ["java.nio.file", "Files", False, "deleteIfExists", "(Path)", "", "Argument[0]", "delete-file", "ai-generated"]
21-
- ["java.nio.file", "Files", False, "lines", "(Path,Charset)", "", "Argument[0]", "read-file", "ai-generated"]
19+
- ["java.nio.file", "Files", False, "deleteIfExists", "(Path)", "", "Argument[0]", "create-file", "ai-generated"] # should be delete-file
2220
- ["java.nio.file", "Files", False, "lines", "(Path,Charset)", "", "Argument[0]", "read-file", "ai-generated"]
2321
- ["java.nio.file", "Files", False, "lines", "(Path)", "", "Argument[0]", "read-file", "ai-generated"]
2422
- ["java.nio.file", "Files", False, "move", "", "", "Argument[1]", "create-file", "manual"]
@@ -40,8 +38,8 @@ extensions:
4038
- ["java.nio.file", "Files", True, "delete", "(Path)", "", "Argument[0]", "create-file", "ai-generated"] # should be delete-file
4139
- ["java.nio.file", "Files", True, "newInputStream", "(Path,OpenOption[])", "", "Argument[0]", "read-file", "ai-generated"]
4240
- ["java.nio.file", "Files", True, "newOutputStream", "(Path,OpenOption[])", "", "Argument[0]", "create-file", "ai-generated"]
43-
# suggested label is not supported: - ["java.nio.file", "SecureDirectoryStream", True, "deleteDirectory", "(Path)", "", "Argument[0]", "delete-file", "ai-generated"]
44-
# suggested label is not supported: - ["java.nio.file", "SecureDirectoryStream", True, "deleteFile", "(Path)", "", "Argument[0]", "delete-file", "ai-generated"]
41+
- ["java.nio.file", "SecureDirectoryStream", True, "deleteDirectory", "(Path)", "", "Argument[0]", "create-file", "ai-generated"] # should be delete-file
42+
- ["java.nio.file", "SecureDirectoryStream", True, "deleteFile", "(Path)", "", "Argument[0]", "create-file", "ai-generated"] # should be delete-file
4543
- addsTo:
4644
pack: codeql/java-all
4745
extensible: summaryModel

java/ql/lib/ext/kotlin.io.model.yml

Lines changed: 1 addition & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -3,7 +3,7 @@ extensions:
33
pack: codeql/java-all
44
extensible: sinkModel
55
data:
6-
# suggested label is not supported: - ["kotlin.io", "FilesKt", False, "deleteRecursively", "(File)", "", "Argument[0]", "delete-file", "ai-generated"]
6+
- ["kotlin.io", "FilesKt", False, "deleteRecursively", "(File)", "", "Argument[0]", "create-file", "ai-generated"] # should be delete-file
77
- ["kotlin.io", "FilesKt", False, "inputStream", "(File)", "", "Argument[0]", "read-file", "ai-generated"]
88
- ["kotlin.io", "FilesKt", False, "readBytes", "(File)", "", "Argument[0]", "read-file", "ai-generated"]
99
- ["kotlin.io", "FilesKt", False, "readText", "(File,Charset)", "", "Argument[0]", "read-file", "ai-generated"]
@@ -19,4 +19,3 @@ extensions:
1919
- ["kotlin.io", "FilesKt", False, "resolve", "(File,File)", "", "Argument[0]", "ReturnValue", "taint", "ai-generated"]
2020
- ["kotlin.io", "FilesKt", False, "resolve", "(File,String)", "", "Argument[0]", "ReturnValue", "taint", "ai-generated"]
2121
- ["kotlin.io", "FilesKt", False, "toRelativeString", "(File,File)", "", "Argument[0]", "ReturnValue", "taint", "ai-generated"]
22-
- ["kotlin.io", "FilesKt", False, "toRelativeString", "(File,File)", "", "Argument[1]", "ReturnValue", "taint", "ai-generated"]

0 commit comments

Comments
 (0)