Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Java: add IOUtils.toByteArray summaries #16964

Merged
merged 9 commits into from
Jul 16, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 4 additions & 0 deletions java/ql/lib/change-notes/2024-07-11-toByteArray-summary.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
---
category: minorAnalysis
---
* Added summary models for `org.apache.commons.io.IOUtils.toByteArray`.
8 changes: 8 additions & 0 deletions java/ql/lib/ext/org.apache.commons.io.model.yml
Original file line number Diff line number Diff line change
Expand Up @@ -10,8 +10,16 @@ extensions:
# Note that if a callable has any handwritten summary, all generated summaries
# will be ignored for that callable.
- ["org.apache.commons.io", "IOUtils", False, "toBufferedInputStream", "", "", "Argument[0]", "ReturnValue", "taint", "manual"]
- ["org.apache.commons.io", "IOUtils", True, "toByteArray", "(InputStream)", "", "Argument[0]", "ReturnValue", "taint", "manual"]
- ["org.apache.commons.io", "IOUtils", True, "toByteArray", "(InputStream,int)", "", "Argument[0]", "ReturnValue", "taint", "manual"]
- ["org.apache.commons.io", "IOUtils", True, "toByteArray", "(InputStream,long)", "", "Argument[0]", "ReturnValue", "taint", "manual"]
- ["org.apache.commons.io", "IOUtils", True, "toByteArray", "(Reader)", "", "Argument[0]", "ReturnValue", "taint", "manual"]
- ["org.apache.commons.io", "IOUtils", True, "toByteArray", "(Reader,Charset)", "", "Argument[0]", "ReturnValue", "taint", "manual"]
- ["org.apache.commons.io", "IOUtils", True, "toByteArray", "(Reader,String)", "", "Argument[0]", "ReturnValue", "taint", "manual"]
- ["org.apache.commons.io", "IOUtils", True, "toByteArray", "(String)", "", "Argument[0]", "ReturnValue", "taint", "manual"]
- ["org.apache.commons.io", "IOUtils", True, "toByteArray", "(URI)", "", "Argument[0]", "ReturnValue", "taint", "manual"]
- ["org.apache.commons.io", "IOUtils", True, "toByteArray", "(URL)", "", "Argument[0]", "ReturnValue", "taint", "manual"]
- ["org.apache.commons.io", "IOUtils", True, "toByteArray", "(URLConnection)", "", "Argument[0]", "ReturnValue", "taint", "manual"]
- ["org.apache.commons.io", "IOUtils", True, "writeLines", "(Collection,String,Writer)", "", "Argument[0].Element", "Argument[2]", "taint", "manual"]
- ["org.apache.commons.io", "IOUtils", True, "writeLines", "(Collection,String,Writer)", "", "Argument[1]", "Argument[2]", "taint", "manual"]
- addsTo:
Expand Down
2,078 changes: 1,039 additions & 1,039 deletions java/ql/test/experimental/query-tests/security/CWE-020/Log4jInjectionTest.expected

Large diffs are not rendered by default.

Original file line number Diff line number Diff line change
Expand Up @@ -19,18 +19,18 @@ edges
| SpringUrlRedirect.java:104:39:104:56 | redirectUrl : String | SpringUrlRedirect.java:106:37:106:47 | redirectUrl : String | provenance | |
| SpringUrlRedirect.java:106:9:106:19 | httpHeaders [post update] : HttpHeaders | SpringUrlRedirect.java:108:68:108:78 | httpHeaders | provenance | |
| SpringUrlRedirect.java:106:9:106:19 | httpHeaders [post update] : HttpHeaders [<map.value>, <element>] : String | SpringUrlRedirect.java:108:68:108:78 | httpHeaders | provenance | |
| SpringUrlRedirect.java:106:37:106:47 | redirectUrl : String | SpringUrlRedirect.java:106:9:106:19 | httpHeaders [post update] : HttpHeaders | provenance | MaD:49232 |
| SpringUrlRedirect.java:106:37:106:47 | redirectUrl : String | SpringUrlRedirect.java:106:9:106:19 | httpHeaders [post update] : HttpHeaders [<map.value>, <element>] : String | provenance | MaD:49473 |
| SpringUrlRedirect.java:106:37:106:47 | redirectUrl : String | SpringUrlRedirect.java:106:9:106:19 | httpHeaders [post update] : HttpHeaders | provenance | MaD:49240 |
| SpringUrlRedirect.java:106:37:106:47 | redirectUrl : String | SpringUrlRedirect.java:106:9:106:19 | httpHeaders [post update] : HttpHeaders [<map.value>, <element>] : String | provenance | MaD:49481 |
| SpringUrlRedirect.java:112:39:112:56 | redirectUrl : String | SpringUrlRedirect.java:114:37:114:47 | redirectUrl : String | provenance | |
| SpringUrlRedirect.java:114:9:114:19 | httpHeaders [post update] : HttpHeaders | SpringUrlRedirect.java:116:37:116:47 | httpHeaders | provenance | |
| SpringUrlRedirect.java:114:9:114:19 | httpHeaders [post update] : HttpHeaders [<map.value>, <element>] : String | SpringUrlRedirect.java:116:37:116:47 | httpHeaders | provenance | |
| SpringUrlRedirect.java:114:37:114:47 | redirectUrl : String | SpringUrlRedirect.java:114:9:114:19 | httpHeaders [post update] : HttpHeaders | provenance | MaD:49232 |
| SpringUrlRedirect.java:114:37:114:47 | redirectUrl : String | SpringUrlRedirect.java:114:9:114:19 | httpHeaders [post update] : HttpHeaders [<map.value>, <element>] : String | provenance | MaD:49473 |
| SpringUrlRedirect.java:114:37:114:47 | redirectUrl : String | SpringUrlRedirect.java:114:9:114:19 | httpHeaders [post update] : HttpHeaders | provenance | MaD:49240 |
| SpringUrlRedirect.java:114:37:114:47 | redirectUrl : String | SpringUrlRedirect.java:114:9:114:19 | httpHeaders [post update] : HttpHeaders [<map.value>, <element>] : String | provenance | MaD:49481 |
| SpringUrlRedirect.java:120:33:120:50 | redirectUrl : String | SpringUrlRedirect.java:122:37:122:47 | redirectUrl : String | provenance | |
| SpringUrlRedirect.java:122:9:122:19 | httpHeaders [post update] : HttpHeaders | SpringUrlRedirect.java:124:49:124:59 | httpHeaders | provenance | |
| SpringUrlRedirect.java:122:9:122:19 | httpHeaders [post update] : HttpHeaders [<map.value>, <element>] : String | SpringUrlRedirect.java:124:49:124:59 | httpHeaders | provenance | |
| SpringUrlRedirect.java:122:37:122:47 | redirectUrl : String | SpringUrlRedirect.java:122:9:122:19 | httpHeaders [post update] : HttpHeaders | provenance | MaD:49232 |
| SpringUrlRedirect.java:122:37:122:47 | redirectUrl : String | SpringUrlRedirect.java:122:9:122:19 | httpHeaders [post update] : HttpHeaders [<map.value>, <element>] : String | provenance | MaD:49473 |
| SpringUrlRedirect.java:122:37:122:47 | redirectUrl : String | SpringUrlRedirect.java:122:9:122:19 | httpHeaders [post update] : HttpHeaders | provenance | MaD:49240 |
| SpringUrlRedirect.java:122:37:122:47 | redirectUrl : String | SpringUrlRedirect.java:122:9:122:19 | httpHeaders [post update] : HttpHeaders [<map.value>, <element>] : String | provenance | MaD:49481 |
| SpringUrlRedirect.java:128:33:128:50 | redirectUrl : String | SpringUrlRedirect.java:130:44:130:54 | redirectUrl : String | provenance | |
| SpringUrlRedirect.java:130:9:130:19 | httpHeaders : HttpHeaders | SpringUrlRedirect.java:132:49:132:59 | httpHeaders | provenance | |
| SpringUrlRedirect.java:130:33:130:55 | create(...) : URI | SpringUrlRedirect.java:130:9:130:19 | httpHeaders : HttpHeaders | provenance | Config |
Expand Down
Original file line number Diff line number Diff line change
@@ -1 +1 @@
| org.apache.commons.io | 14 | 1 | 1 | 2 | 18 | 0.8888888888888888 | 0.8333333333333334 | 0.1111111111111111 | 0.5 | 0.06666666666666667 | 0.16666666666666666 |
| org.apache.commons.io | 13 | 2 | 1 | 2 | 18 | 0.8888888888888888 | 0.8333333333333334 | 0.16666666666666666 | 0.6666666666666666 | 0.13333333333333333 | 0.2222222222222222 |
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,6 @@ public static void readFully(InputStream input, byte[] buffer) throws IOExceptio
public static byte[] readFully(InputStream input, int length) throws IOException { return null; }
public static List<String> readLines(InputStream input, String encoding) throws IOException { return null; }
public static BufferedReader toBufferedReader(Reader reader) { return null; }
public static byte[] toByteArray(InputStream input, int size) throws IOException { return null; }
public static char[] toCharArray(InputStream is, String encoding) throws IOException { return null; }
public static InputStream toInputStream(String input, String encoding) throws IOException { return null; }
public static String toString(InputStream input, String encoding) throws IOException { return null; }
Expand All @@ -25,6 +24,7 @@ public static void writeChunked(char[] data, Writer output) throws IOException {

// Both
public static void writeLines(Collection<?> lines, String lineEnding, Writer writer) throws IOException { }
public static byte[] toByteArray(InputStream input, int size) throws IOException { return null; }

// No model
public static void noSummary(String string) throws IOException { }
Expand Down
Loading
Loading