Merge pull request #16578 from michaelnebel/java/dontliftneutral

Java: Do not lift neutrals in Model generation.
github · May 24, 2024 · 78d4745 · 78d4745
2 parents f5c654b + 9cf0995
commit 78d4745
Show file tree

Hide file tree

Showing 5 changed files with 43 additions and 15 deletions.
diff --git a/java/ql/src/utils/modelgenerator/internal/CaptureModelsSpecific.qll b/java/ql/src/utils/modelgenerator/internal/CaptureModelsSpecific.qll
@@ -80,10 +80,11 @@ predicate isUninterestingForDataFlowModels(Callable api) {
 predicate isUninterestingForTypeBasedFlowModels(Callable api) { none() }
 
 /**
- * A class of Callables that are relevant for generating summary, source and sinks models for.
+ * A class of callables that are potentially relevant for generating summary, source, sink
+ * and neutral models.
  *
- * In the Standard library and 3rd party libraries it the Callables that can be called
- * from outside the library itself.
+ * In the Standard library and 3rd party libraries it is the callables (or callables that have a
+ * super implementation) that can be called from outside the library itself.
  */
 class TargetApiSpecific extends Callable {
   private Callable lift;
@@ -97,6 +98,11 @@ class TargetApiSpecific extends Callable {
    * Gets the callable that a model will be lifted to.
    */
   Callable lift() { result = lift }
+
+  /**
+   * Holds if this callable is relevant in terms of generating models.
+   */
+  predicate isRelevant() { relevant(this) }
 }
 
 private string isExtensible(Callable c) {
@@ -114,23 +120,21 @@ private string typeAsModel(Callable c) {
   )
 }
 
-private predicate partialLiftedModel(
-  TargetApiSpecific api, string type, string extensible, string name, string parameters
+private predicate partialModel(
+  Callable api, string type, string extensible, string name, string parameters
 ) {
-  exists(Callable c | c = api.lift() |
-    type = typeAsModel(c) and
-    extensible = isExtensible(c) and
-    name = c.getName() and
-    parameters = ExternalFlow::paramsString(c)
-  )
+  type = typeAsModel(api) and
+  extensible = isExtensible(api) and
+  name = api.getName() and
+  parameters = ExternalFlow::paramsString(api)
 }
 
 /**
  * Computes the first 6 columns for MaD rows.
  */
 string asPartialModel(TargetApiSpecific api) {
   exists(string type, string extensible, string name, string parameters |
-    partialLiftedModel(api, type, extensible, name, parameters) and
+    partialModel(api.lift(), type, extensible, name, parameters) and
     result =
       type + ";" //
         + extensible + ";" //
@@ -145,7 +149,7 @@ string asPartialModel(TargetApiSpecific api) {
  */
 string asPartialNeutralModel(TargetApiSpecific api) {
   exists(string type, string name, string parameters |
-    partialLiftedModel(api, type, _, name, parameters) and
+    partialModel(api, type, _, name, parameters) and
     result =
       type + ";" //
         + name + ";" //

diff --git a/java/ql/src/utils/modelgenerator/internal/CaptureSummaryFlowQuery.qll b/java/ql/src/utils/modelgenerator/internal/CaptureSummaryFlowQuery.qll
@@ -79,5 +79,6 @@ string captureFlow(DataFlowTargetApi api) {
  */
 string captureNoFlow(DataFlowTargetApi api) {
   not exists(DataFlowTargetApi api0 | exists(captureFlow(api0)) and api0.lift() = api.lift()) and
+  api.isRelevant() and
   result = ModelPrinting::asNeutralSummaryModel(api)
 }
diff --git a/java/ql/test/utils/modelgenerator/dataflow/p/ImplOfExternalSPI.java b/java/ql/test/utils/modelgenerator/dataflow/p/ImplOfExternalSPI.java
@@ -7,7 +7,7 @@
 public class ImplOfExternalSPI extends AbstractImplOfExternalSPI {
 
   // sink=p;AbstractImplOfExternalSPI;true;accept;(File);;Argument[0];path-injection;df-generated
-  // neutral=p;AbstractImplOfExternalSPI;accept;(File);summary;df-generated
+  // neutral=p;ImplOfExternalSPI;accept;(File);summary;df-generated
   @Override
   public boolean accept(File pathname) {
     try {

diff --git a/java/ql/test/utils/modelgenerator/dataflow/p/Inheritance.java b/java/ql/test/utils/modelgenerator/dataflow/p/Inheritance.java
@@ -88,4 +88,28 @@ public String id(String s) {
       return s;
     }
   }
+
+  public interface INeutral {
+    String id(String s);
+  }
+
+  public class F implements INeutral {
+    // neutral=p;Inheritance$F;id;(String);summary;df-generated
+    public String id(String s) {
+      return "";
+    }
+  }
+
+  public class G implements INeutral {
+    // neutral=p;Inheritance$G;id;(String);summary;df-generated
+    public String id(String s) {
+      return "";
+    }
+  }
+
+  private class H implements INeutral {
+    public String id(String s) {
+      return "";
+    }
+  }
 }
diff --git a/java/ql/test/utils/modelgenerator/dataflow/p/PrivateFlowViaPublicInterface.java b/java/ql/test/utils/modelgenerator/dataflow/p/PrivateFlowViaPublicInterface.java
@@ -45,7 +45,6 @@ public OutputStream openStream() throws IOException {
       return null;
     }
 
-    // neutral=p;PrivateFlowViaPublicInterface$SPI;openStreamNone;();summary;df-generated
     @Override
     public OutputStream openStreamNone() throws IOException {
       return new FileOutputStream(new RandomPojo().someFile);