Skip to content

Commit 95db816

Browse files
atorralbaatorralba
committed
Add CSV models for java.util.Scanner
1 parent 43ae5d4 commit 95db816

File tree

4 files changed

+191
-0
lines changed

4 files changed

+191
-0
lines changed

java/ql/lib/semmle/code/java/dataflow/internal/ContainerFlow.qll

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -244,8 +244,14 @@ private class ContainerFlowSummaries extends SummaryModelCsv {
244244
"java.util;Properties;true;getProperty;(String);;Argument[-1].MapValue;ReturnValue;value;manual",
245245
"java.util;Properties;true;getProperty;(String,String);;Argument[-1].MapValue;ReturnValue;value;manual",
246246
"java.util;Properties;true;getProperty;(String,String);;Argument[1];ReturnValue;value;manual",
247+
"java.util;Scanner;true;Scanner;;;Argument[0];Argument[-1];taint;manual",
247248
"java.util;Scanner;true;next;(Pattern);;Argument[-1];ReturnValue;taint;manual",
248249
"java.util;Scanner;true;next;(String);;Argument[-1];ReturnValue;taint;manual",
250+
"java.util;Scanner;true;reset;;;Argument[-1];ReturnValue;value;manual",
251+
"java.util;Scanner;true;skip;;;Argument[-1];ReturnValue;value;manual",
252+
"java.util;Scanner;true;useDelimiter;;;Argument[-1];ReturnValue;value;manual",
253+
"java.util;Scanner;true;useLocale;;;Argument[-1];ReturnValue;value;manual",
254+
"java.util;Scanner;true;useRadix;;;Argument[-1];ReturnValue;value;manual",
249255
"java.util;SortedMap;true;headMap;(Object);;Argument[-1].MapKey;ReturnValue.MapKey;value;manual",
250256
"java.util;SortedMap;true;headMap;(Object);;Argument[-1].MapValue;ReturnValue.MapValue;value;manual",
251257
"java.util;SortedMap;true;subMap;(Object,Object);;Argument[-1].MapKey;ReturnValue.MapKey;value;manual",

java/ql/test/library-tests/scanner/Test.java

Lines changed: 183 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,183 @@
1+
package generatedtest;
2+
3+
import java.io.File;
4+
import java.io.InputStream;
5+
import java.nio.channels.ReadableByteChannel;
6+
import java.nio.charset.Charset;
7+
import java.nio.file.Path;
8+
import java.util.Scanner;
9+
import java.util.regex.Pattern;
10+
11+
// Test case generated by GenerateFlowTestCase.ql
12+
public class Test {
13+
14+
Object source() { return null; }
15+
void sink(Object o) { }
16+
17+
public void test() throws Exception {
18+
19+
{
20+
// "java.util;Scanner;true;Scanner;;;Argument[0];Argument[-1];taint;manual"
21+
Scanner out = null;
22+
File in = (File)source();
23+
out = new Scanner(in);
24+
sink(out); // $ hasTaintFlow
25+
}
26+
{
27+
// "java.util;Scanner;true;Scanner;;;Argument[0];Argument[-1];taint;manual"
28+
Scanner out = null;
29+
File in = (File)source();
30+
out = new Scanner(in, (Charset)null);
31+
sink(out); // $ hasTaintFlow
32+
}
33+
{
34+
// "java.util;Scanner;true;Scanner;;;Argument[0];Argument[-1];taint;manual"
35+
Scanner out = null;
36+
File in = (File)source();
37+
out = new Scanner(in, (String)null);
38+
sink(out); // $ hasTaintFlow
39+
}
40+
{
41+
// "java.util;Scanner;true;Scanner;;;Argument[0];Argument[-1];taint;manual"
42+
Scanner out = null;
43+
InputStream in = (InputStream)source();
44+
out = new Scanner(in);
45+
sink(out); // $ hasTaintFlow
46+
}
47+
{
48+
// "java.util;Scanner;true;Scanner;;;Argument[0];Argument[-1];taint;manual"
49+
Scanner out = null;
50+
InputStream in = (InputStream)source();
51+
out = new Scanner(in, (Charset)null);
52+
sink(out); // $ hasTaintFlow
53+
}
54+
{
55+
// "java.util;Scanner;true;Scanner;;;Argument[0];Argument[-1];taint;manual"
56+
Scanner out = null;
57+
InputStream in = (InputStream)source();
58+
out = new Scanner(in, (String)null);
59+
sink(out); // $ hasTaintFlow
60+
}
61+
{
62+
// "java.util;Scanner;true;Scanner;;;Argument[0];Argument[-1];taint;manual"
63+
Scanner out = null;
64+
Path in = (Path)source();
65+
out = new Scanner(in);
66+
sink(out); // $ hasTaintFlow
67+
}
68+
{
69+
// "java.util;Scanner;true;Scanner;;;Argument[0];Argument[-1];taint;manual"
70+
Scanner out = null;
71+
Path in = (Path)source();
72+
out = new Scanner(in, (Charset)null);
73+
sink(out); // $ hasTaintFlow
74+
}
75+
{
76+
// "java.util;Scanner;true;Scanner;;;Argument[0];Argument[-1];taint;manual"
77+
Scanner out = null;
78+
Path in = (Path)source();
79+
out = new Scanner(in, (String)null);
80+
sink(out); // $ hasTaintFlow
81+
}
82+
{
83+
// "java.util;Scanner;true;Scanner;;;Argument[0];Argument[-1];taint;manual"
84+
Scanner out = null;
85+
Readable in = (Readable)source();
86+
out = new Scanner(in);
87+
sink(out); // $ hasTaintFlow
88+
}
89+
{
90+
// "java.util;Scanner;true;Scanner;;;Argument[0];Argument[-1];taint;manual"
91+
Scanner out = null;
92+
ReadableByteChannel in = (ReadableByteChannel)source();
93+
out = new Scanner(in);
94+
sink(out); // $ hasTaintFlow
95+
}
96+
{
97+
// "java.util;Scanner;true;Scanner;;;Argument[0];Argument[-1];taint;manual"
98+
Scanner out = null;
99+
ReadableByteChannel in = (ReadableByteChannel)source();
100+
out = new Scanner(in, (Charset)null);
101+
sink(out); // $ hasTaintFlow
102+
}
103+
{
104+
// "java.util;Scanner;true;Scanner;;;Argument[0];Argument[-1];taint;manual"
105+
Scanner out = null;
106+
ReadableByteChannel in = (ReadableByteChannel)source();
107+
out = new Scanner(in, (String)null);
108+
sink(out); // $ hasTaintFlow
109+
}
110+
{
111+
// "java.util;Scanner;true;Scanner;;;Argument[0];Argument[-1];taint;manual"
112+
Scanner out = null;
113+
String in = (String)source();
114+
out = new Scanner(in);
115+
sink(out); // $ hasTaintFlow
116+
}
117+
{
118+
// "java.util;Scanner;true;next;(Pattern);;Argument[-1];ReturnValue;taint;manual"
119+
String out = null;
120+
Scanner in = (Scanner)source();
121+
out = in.next((Pattern)null);
122+
sink(out); // $ hasTaintFlow
123+
}
124+
{
125+
// "java.util;Scanner;true;next;(String);;Argument[-1];ReturnValue;taint;manual"
126+
String out = null;
127+
Scanner in = (Scanner)source();
128+
out = in.next((String)null);
129+
sink(out); // $ hasTaintFlow
130+
}
131+
{
132+
// "java.util;Scanner;true;reset;;;Argument[-1];ReturnValue;value;manual"
133+
Scanner out = null;
134+
Scanner in = (Scanner)source();
135+
out = in.reset();
136+
sink(out); // $ hasValueFlow
137+
}
138+
{
139+
// "java.util;Scanner;true;skip;;;Argument[-1];ReturnValue;value;manual"
140+
Scanner out = null;
141+
Scanner in = (Scanner)source();
142+
out = in.skip((Pattern)null);
143+
sink(out); // $ hasValueFlow
144+
}
145+
{
146+
// "java.util;Scanner;true;skip;;;Argument[-1];ReturnValue;value;manual"
147+
Scanner out = null;
148+
Scanner in = (Scanner)source();
149+
out = in.skip((String)null);
150+
sink(out); // $ hasValueFlow
151+
}
152+
{
153+
// "java.util;Scanner;true;useDelimiter;;;Argument[-1];ReturnValue;value;manual"
154+
Scanner out = null;
155+
Scanner in = (Scanner)source();
156+
out = in.useDelimiter((Pattern)null);
157+
sink(out); // $ hasValueFlow
158+
}
159+
{
160+
// "java.util;Scanner;true;useDelimiter;;;Argument[-1];ReturnValue;value;manual"
161+
Scanner out = null;
162+
Scanner in = (Scanner)source();
163+
out = in.useDelimiter((String)null);
164+
sink(out); // $ hasValueFlow
165+
}
166+
{
167+
// "java.util;Scanner;true;useLocale;;;Argument[-1];ReturnValue;value;manual"
168+
Scanner out = null;
169+
Scanner in = (Scanner)source();
170+
out = in.useLocale(null);
171+
sink(out); // $ hasValueFlow
172+
}
173+
{
174+
// "java.util;Scanner;true;useRadix;;;Argument[-1];ReturnValue;value;manual"
175+
Scanner out = null;
176+
Scanner in = (Scanner)source();
177+
out = in.useRadix(0);
178+
sink(out); // $ hasValueFlow
179+
}
180+
181+
}
182+
183+
}

java/ql/test/library-tests/scanner/test.expected

Whitespace-only changes.

java/ql/test/library-tests/scanner/test.ql

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,2 @@
1+
import java
2+
import TestUtilities.InlineFlowTest

0 commit comments

Comments
 (0)