Skip to content

Commit

Permalink
Merge pull request #16062 from atorralba/atorralba/java/more-neutrals
Browse files Browse the repository at this point in the history
Java: Add more neutrals and improve `java.net.URL` models
  • Loading branch information
atorralba authored Mar 27, 2024
2 parents 3e96028 + 7a04467 commit b617667
Show file tree
Hide file tree
Showing 5 changed files with 96 additions and 4 deletions.
4 changes: 4 additions & 0 deletions java/ql/lib/change-notes/2024-03-26-url-models-precision.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
---
category: minorAnalysis
---
* Increased the precision of some dataflow models of the class `java.net.URL` by distinguishing the parts of a URL.
18 changes: 16 additions & 2 deletions java/ql/lib/ext/java.net.model.yml
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,7 @@ extensions:
- ["java.net", "DatagramSocket", True, "connect", "(SocketAddress)", "", "Argument[0]", "request-forgery", "ai-manual"]
- ["java.net", "PasswordAuthentication", False, "PasswordAuthentication", "(String,char[])", "", "Argument[1]", "credentials-password", "hq-generated"]
- ["java.net", "Socket", True, "Socket", "(String,int)", "", "Argument[0]", "request-forgery", "ai-manual"]
- ["java.net", "URL", False, "getContent", "", "", "Argument[this]", "request-forgery", "manual"]
- ["java.net", "URL", False, "openConnection", "", "", "Argument[this]", "request-forgery", "manual"]
- ["java.net", "URL", False, "openConnection", "(Proxy)", "", "Argument[0]", "request-forgery", "ai-manual"]
- ["java.net", "URL", False, "openStream", "", "", "Argument[this]", "request-forgery", "manual"]
Expand Down Expand Up @@ -52,9 +53,16 @@ extensions:
- ["java.net", "URI", False, "toASCIIString", "", "", "Argument[this]", "ReturnValue", "taint", "manual"]
- ["java.net", "URI", False, "toString", "", "", "Argument[this]", "ReturnValue", "taint", "manual"]
- ["java.net", "URI", False, "toURL", "", "", "Argument[this]", "ReturnValue", "taint", "manual"]
- ["java.net", "URL", False, "getFile", "()", "", "Argument[this]", "ReturnValue", "taint", "ai-manual"]
- ["java.net", "URL", False, "getPath", "()", "", "Argument[this]", "ReturnValue", "taint", "ai-manual"]
- ["java.net", "URL", False, "getFile", "()", "", "Argument[this].SyntheticField[java.net.URL.path]", "ReturnValue", "taint", "ai-manual"]
- ["java.net", "URL", False, "getPath", "()", "", "Argument[this].SyntheticField[java.net.URL.path]", "ReturnValue", "taint", "ai-manual"]
- ["java.net", "URL", False, "getQuery", "()", "", "Argument[this].SyntheticField[java.net.URL.path]", "ReturnValue", "taint", "df-manual"] # query is part of the path
- ["java.net", "URL", False, "URL", "(String)", "", "Argument[0]", "Argument[this]", "taint", "manual"]
- ["java.net", "URL", False, "URL", "(String,String,int,String)", "", "Argument[1]", "Argument[this]", "taint", "df-manual"]
- ["java.net", "URL", False, "URL", "(String,String,int,String)", "", "Argument[3]", "Argument[this].SyntheticField[java.net.URL.path]", "taint", "df-manual"]
- ["java.net", "URL", False, "URL", "(String,String,int,String,URLStreamHandler)", "", "Argument[1]", "Argument[this]", "taint", "df-manual"]
- ["java.net", "URL", False, "URL", "(String,String,int,String,URLStreamHandler)", "", "Argument[3]", "Argument[this].SyntheticField[java.net.URL.path]", "taint", "df-manual"]
- ["java.net", "URL", False, "URL", "(String,String,String)", "", "Argument[1]", "Argument[this]", "taint", "df-manual"]
- ["java.net", "URL", False, "URL", "(String,String,String)", "", "Argument[2]", "Argument[this].SyntheticField[java.net.URL.path]", "taint", "df-manual"]
- ["java.net", "URL", False, "URL", "(URL,String)", "", "Argument[0]", "Argument[this]", "taint", "ai-manual"]
- ["java.net", "URL", False, "URL", "(URL,String)", "", "Argument[1]", "Argument[this]", "taint", "ai-manual"]
- ["java.net", "URL", False, "toExternalForm", "", "", "Argument[this]", "ReturnValue", "taint", "manual"]
Expand All @@ -69,3 +77,9 @@ extensions:
- ["java.net", "Socket", "getOutputStream", "()", "summary", "df-manual"]
- ["java.net", "Socket", "connect", "(SocketAddress)", "summary", "df-manual"]
- ["java.net", "Socket", "connect", "(SocketAddress,int)", "summary", "df-manual"]
- ["java.net", "URL", "getContent", "()", "summary", "df-manual"]
- ["java.net", "URL", "getDefaultPort", "()", "summary", "df-manual"]
- ["java.net", "URL", "getPort", "()", "summary", "df-manual"]
- ["java.net", "URL", "getProtocol", "()", "summary", "df-manual"]
- ["java.net", "URL", "openConnection", "()", "summary", "df-manual"]
- ["java.net", "URL", "openStream", "()", "summary", "df-manual"]
27 changes: 25 additions & 2 deletions java/ql/lib/ext/java.nio.file.model.yml
Original file line number Diff line number Diff line change
Expand Up @@ -90,8 +90,31 @@ extensions:
extensible: neutralModel
data:
# summary neutrals
- ["java.nio.file", "Files", "exists", "(Path,LinkOption[])", "summary", "manual"]
- ["java.nio.file", "Files", "newInputStream", "(Path,OpenOption[])", "summary", "df-manual"]
- ["java.nio.file", "Files", "copy", "", "summary", "df-manual"]
- ["java.nio.file", "Files", "createDirectories", "", "summary", "df-manual"]
- ["java.nio.file", "Files", "createDirectory", "", "summary", "df-manual"]
- ["java.nio.file", "Files", "createFile", "", "summary", "df-manual"]
- ["java.nio.file", "Files", "createLink", "", "summary", "df-manual"]
- ["java.nio.file", "Files", "createSymbolicLink", "", "summary", "df-manual"]
- ["java.nio.file", "Files", "createTempDirectory", "", "summary", "df-manual"]
- ["java.nio.file", "Files", "createTempFile", "", "summary", "df-manual"]
- ["java.nio.file", "Files", "delete", "", "summary", "df-manual"]
- ["java.nio.file", "Files", "deleteIfExists", "", "summary", "df-manual"]
- ["java.nio.file", "Files", "getFileStore", "", "summary", "df-manual"]
- ["java.nio.file", "Files", "exists", "", "summary", "df-manual"]
- ["java.nio.file", "Files", "lines", "", "summary", "df-manual"]
- ["java.nio.file", "Files", "move", "", summary, "df-manual"]
- ["java.nio.file", "Files", "newBufferedReader", "", "summary", "df-manual"]
- ["java.nio.file", "Files", "newBufferedWriter", "", summary, "df-manual"]
- ["java.nio.file", "Files", "newInputStream", "", "summary", "df-manual"]
- ["java.nio.file", "Files", "newOutputStream", "", summary, "df-manual"]
- ["java.nio.file", "Files", "notExists", "", "summary", "df-manual"]
- ["java.nio.file", "Files", "probeContentType", "", "summary", "df-manual"]
- ["java.nio.file", "Files", "readAllBytes", "", "summary", "df-manual"]
- ["java.nio.file", "Files", "readAllLines", "", "summary", "df-manual"]
- ["java.nio.file", "Files", "readString", "", "summary", "df-manual"]
- ["java.nio.file", "Files", "write", "", summary, "df-manual"]
- ["java.nio.file", "Files", "writeString", "", summary, "df-manual"]
# sink neutrals
- ["java.nio.file", "Files", "getLastModifiedTime", "", "sink", "hq-manual"]
- ["java.nio.file", "Files", "getOwner", "", "sink", "hq-manual"]
Expand Down
40 changes: 40 additions & 0 deletions java/ql/lib/ext/java.security.cert.model.yml
Original file line number Diff line number Diff line change
Expand Up @@ -4,3 +4,43 @@ extensions:
extensible: sinkModel
data:
- ["java.security.cert", "X509CertSelector", False, "setSubjectPublicKey", "(byte[])", "", "Argument[0]", "credentials-key", "hq-generated"]
- addsTo:
pack: codeql/java-all
extensible: neutralModel
data:
- ["java.security.cert", "CertificateFactory", "CertificateFactory", "(CertificateFactorySpi,Provider,String)", "summary", "df-manual"]
- ["java.security.cert", "CertificateFactory", "generateCertificate", "(InputStream)", "summary", "df-manual"]
- ["java.security.cert", "CertificateFactory", "generateCertificates", "(InputStream)", "summary", "df-manual"]
- ["java.security.cert", "CertificateFactory", "generateCertPath", "", "summary", "df-manual"]
- ["java.security.cert", "CertificateFactory", "generateCRL", "(InputStream)", "summary", "df-manual"]
- ["java.security.cert", "CertificateFactory", "generateCRLs", "(InputStream)", "summary", "df-manual"]
- ["java.security.cert", "CertificateFactory", "getCertPathEncodings", "()", "summary", "df-manual"]
- ["java.security.cert", "CertificateFactory", "getInstance", "", "summary", "df-manual"]
- ["java.security.cert", "CertificateFactory", "getProvider", "()", "summary", "df-manual"]
- ["java.security.cert", "CertificateFactory", "getType", "()", "summary", "df-manual"]
- ["java.security.cert", "CertStore", "CertStore", "(CertStoreSpi,Provider,String,CertStoreParameters)", "summary", "df-manual"]
- ["java.security.cert", "CertStore", "getCertificates", "(CertSelector)", "summary", "df-manual"]
- ["java.security.cert", "CertStore", "getCertStoreCertificates", "()", "summary", "df-manual"]
- ["java.security.cert", "CertStore", "getCRLs", "(CRLSelector)", "summary", "df-manual"]
- ["java.security.cert", "CertStore", "getDefaultType", "()", "summary", "df-manual"]
- ["java.security.cert", "CertStore", "getInstance", "", "summary", "df-manual"]
- ["java.security.cert", "CertStore", "getProvider", "()", "summary", "df-manual"]
- ["java.security.cert", "CertStore", "getType", "()", "summary", "df-manual"]
- ["java.security.cert", "PKIXParameters", "PKIXParameters", "", "summary", "df-manual"]
- ["java.security.cert", "PKIXParameters", "addCertPathChecker", "(PKIXCertPathChecker)", "summary", "df-manual"]
- ["java.security.cert", "PKIXParameters", "addCertStore", "(CertStore)", "summary", "df-manual"]
- ["java.security.cert", "PKIXParameters", "getCertPathCheckers", "()", "summary", "df-manual"]
- ["java.security.cert", "PKIXParameters", "getCertStores", "()", "summary", "df-manual"]
- ["java.security.cert", "PKIXParameters", "getDate", "()", "summary", "df-manual"]
- ["java.security.cert", "PKIXParameters", "getInitialPolicies", "()", "summary", "df-manual"]
- ["java.security.cert", "PKIXParameters", "getPolicyQualifiersRejected", "()", "summary", "df-manual"]
- ["java.security.cert", "PKIXParameters", "getSigProvider", "()", "summary", "df-manual"]
- ["java.security.cert", "PKIXParameters", "getTargetCertConstraints", "()", "summary", "df-manual"]
- ["java.security.cert", "PKIXParameters", "getTrustAnchors", "()", "summary", "df-manual"]
- ["java.security.cert", "PKIXParameters", "setAnyPolicyInhibited", "(boolean)", "summary", "df-manual"]
- ["java.security.cert", "PKIXParameters", "setCertPathCheckers", "(List)", "summary", "df-manual"]
- ["java.security.cert", "PKIXParameters", "setCertStores", "(List)", "summary", "df-manual"]
- ["java.security.cert", "PKIXParameters", "setDate", "(Date)", "summary", "df-manual"]
- ["java.security.cert", "PKIXParameters", "setSigProvider", "(String)", "summary", "df-manual"]
- ["java.security.cert", "PKIXParameters", "setTargetConstraints", "(CertSelector)", "summary", "df-manual"]
- ["java.security.cert", "PKIXParameters", "setTrustAnchors", "(Set)", "summary", "df-manual"]
11 changes: 11 additions & 0 deletions java/ql/lib/ext/java.security.model.yml
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,17 @@ extensions:
- ["java.security", "KeyStoreSpi", True, "engineSetKeyEntry", "(String,Key,char[],Certificate[])", "", "Argument[2]", "credentials-password", "hq-generated"]
- ["java.security", "KeyStoreSpi", True, "engineStore", "(OutputStream,char[])", "", "Argument[1]", "credentials-password", "hq-generated"]
- ["java.security", "KeyStoreSpi", True, "engineSetKeyEntry", "(String,byte[],Certificate[])", "", "Argument[1]", "credentials-key", "hq-generated"]
- addsTo:
pack: codeql/java-all
extensible: summaryModel
data:
- ["java.security", "CodeSource", False, "CodeSource", "(URL,Certificate[])", "", "Argument[0]", "Argument[this]", "taint", "df-manual"]
- ["java.security", "CodeSource", False, "CodeSource", "(URL,Certificate[])", "", "Argument[1].ArrayElement", "Argument[this].SyntheticField[java.security.CodeSource.certificates].ArrayElement", "value", "df-manual"]
- ["java.security", "CodeSource", False, "CodeSource", "(URL,CodeSigner[])", "", "Argument[0]", "Argument[this]", "taint", "df-manual"]
- ["java.security", "CodeSource", False, "CodeSource", "(URL,CodeSigner[])", "", "Argument[1].ArrayElement", "Argument[this].SyntheticField[java.security.CodeSource.codeSigners].ArrayElement", "value", "df-manual"]
- ["java.security", "CodeSource", False, "getCertificates", "()", "", "Argument[this].SyntheticField[java.security.CodeSource.certificates].ArrayElement", "ReturnValue.ArrayElement", "value", "df-manual"]
- ["java.security", "CodeSource", False, "getCodeSigners", "()", "", "Argument[this].SyntheticField[java.security.CodeSource.codeSigners].ArrayElement", "ReturnValue.ArrayElement", "value", "df-manual"]
- ["java.security", "CodeSource", False, "getLocation", "()", "", "Argument[this]", "ReturnValue", "taint", "df-manual"]
- addsTo:
pack: codeql/java-all
extensible: neutralModel
Expand Down

0 comments on commit b617667

Please sign in to comment.