github
/
codeql
зеркало из https://github.com/github/codeql.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность

Java: Autoformat semmle.code.java.frameworks.

This commit is contained in:
Anders Schack-Mulligen 2018-10-11 13:30:35 +02:00
Родитель 482733569a
Коммит 24f30999a4
82 изменённых файлов: 1264 добавлений и 1969 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

59
java/ql/src/semmle/code/java/frameworks/Assertions.qll
Просмотреть файл

@ -17,37 +17,40 @@ private predicate assertionMethod(Method m, AssertKind kind) {
exists(RefType junit |
m.getDeclaringType() = junit and
(junit.hasQualifiedName("org.junit", "Assert") or junit.hasQualifiedName("junit.framework", _))
|
m.hasName("assertNotNull") and kind = AssertKindNotNull() or
m.hasName("assertTrue") and kind = AssertKindTrue() or
m.hasName("assertFalse") and kind = AssertKindFalse() or
|
m.hasName("assertNotNull") and kind = AssertKindNotNull()
or
m.hasName("assertTrue") and kind = AssertKindTrue()
or
m.hasName("assertFalse") and kind = AssertKindFalse()
or
m.hasName("fail") and kind = AssertKindFail()
) or
)
or
exists(RefType objects |
m.getDeclaringType() = objects and
objects.hasQualifiedName("java.util", "Objects")
|
|
m.hasName("requireNonNull") and kind = AssertKindNotNull()
) or
)
or
exists(RefType preconditions |
m.getDeclaringType() = preconditions and
preconditions.hasQualifiedName("com.google.common.base", "Preconditions")
|
m.hasName("checkNotNull") and kind = AssertKindNotNull() or
m.hasName("checkArgument") and kind = AssertKindTrue() or
|
m.hasName("checkNotNull") and kind = AssertKindNotNull()
or
m.hasName("checkArgument") and kind = AssertKindTrue()
or
m.hasName("checkState") and kind = AssertKindTrue()
)
}
class AssertionMethod extends Method {
AssertionMethod() {
assertionMethod(this, _)
}
AssertionMethod() { assertionMethod(this, _) }
/** Gets a call to the assertion method. */
MethodAccess getACheck() {
result.getMethod().getSourceDeclaration() = this
}
MethodAccess getACheck() { result.getMethod().getSourceDeclaration() = this }
/** Gets a call to the assertion method with `checkedArg` as argument. */
MethodAccess getACheck(Expr checkedArg) {
@ -59,44 +62,40 @@ class AssertionMethod extends Method {
* A method that asserts that its argument is true.
*/
class AssertTrueMethod extends AssertionMethod {
AssertTrueMethod() {
assertionMethod(this, AssertKindTrue())
}
AssertTrueMethod() { assertionMethod(this, AssertKindTrue()) }
}
/**
* A method that asserts that its argument is false.
*/
class AssertFalseMethod extends AssertionMethod {
AssertFalseMethod() {
assertionMethod(this, AssertKindFalse())
}
AssertFalseMethod() { assertionMethod(this, AssertKindFalse()) }
}
/**
* A method that asserts that its argument is not null.
*/
class AssertNotNullMethod extends AssertionMethod {
AssertNotNullMethod() {
assertionMethod(this, AssertKindNotNull())
}
AssertNotNullMethod() { assertionMethod(this, AssertKindNotNull()) }
}
/**
* A method that unconditionally fails.
*/
class AssertFailMethod extends AssertionMethod {
AssertFailMethod() {
assertionMethod(this, AssertKindFail())
}
AssertFailMethod() { assertionMethod(this, AssertKindFail()) }
}
/** A trivially failing assertion. That is, `assert false` or its equivalents. */
predicate assertFail(BasicBlock bb, ControlFlowNode n) {
bb = n.getBasicBlock() and
(
exists(AssertTrueMethod m | n = m.getACheck(any(BooleanLiteral b | b.getBooleanValue() = false))) or
exists(AssertFalseMethod m | n = m.getACheck(any(BooleanLiteral b | b.getBooleanValue() = true))) or
exists(AssertTrueMethod m |
n = m.getACheck(any(BooleanLiteral b | b.getBooleanValue() = false))
) or
exists(AssertFalseMethod m |
n = m.getACheck(any(BooleanLiteral b | b.getBooleanValue() = true))
) or
exists(AssertFailMethod m | n = m.getACheck()) or
n.(AssertStmt).getExpr().getProperExpr().(BooleanLiteral).getBooleanValue() = false
)

53
java/ql/src/semmle/code/java/frameworks/Camel.qll
Просмотреть файл

@ -1,23 +1,19 @@
/**
* Apache Camel messaging framework.
*/
import java
import semmle.code.java.frameworks.spring.SpringCamel
import semmle.code.java.frameworks.camel.CamelJavaDSL
import semmle.code.java.frameworks.camel.CamelJavaAnnotations
/**
* A string describing a URI specified in an Apache Camel "to" declaration.
*/
class CamelToURI extends string {
CamelToURI() {
exists(SpringCamelXMLToElement toXMLElement |
this = toXMLElement.getURI()
) or
exists(CamelJavaDSLToDecl toJavaDSL |
this = toJavaDSL.getURI()
)
exists(SpringCamelXMLToElement toXMLElement | this = toXMLElement.getURI()) or
exists(CamelJavaDSLToDecl toJavaDSL | this = toJavaDSL.getURI())
}
}
@ -39,25 +35,20 @@ class CamelToBeanURI extends CamelToURI {
* parameter parts are optional.
*/
string getBeanIdentifier() {
if not exists(indexOf(":")) then
result = this
if not exists(indexOf(":"))
then result = this
else
exists(int start |
start = indexOf(":",0,0)+1
|
if not exists(indexOf("?")) then
result = suffix(start)
else
result = substring(start, indexOf("?", 0, 0))
exists(int start | start = indexOf(":", 0, 0) + 1 |
if not exists(indexOf("?"))
then result = suffix(start)
else result = substring(start, indexOf("?", 0, 0))
)
}
/**
* Gets the bean referenced by this URI.
*/
SpringBean getRefBean() {
result.getBeanIdentifier() = getBeanIdentifier()
}
SpringBean getRefBean() { result.getBeanIdentifier() = getBeanIdentifier() }
}
/**
@ -70,25 +61,25 @@ class CamelTargetClass extends Class {
this = camelXMLBeanRef.getRefBean().getClass() or
// A target may be defined by referencing a class, which Apache Camel will create into a bean.
this = camelXMLBeanRef.getBeanType()
) or
exists(CamelToBeanURI toBeanURI |
this = toBeanURI.getRefBean().getClass()
) or
)
or
exists(CamelToBeanURI toBeanURI | this = toBeanURI.getRefBean().getClass())
or
exists(SpringCamelXMLMethodElement xmlMethod |
this = xmlMethod.getRefBean().getClass() or
this = xmlMethod.getBeanType()
) or
exists(CamelJavaDSLMethodDecl methodDecl |
this = methodDecl.getABean()
) or
)
or
exists(CamelJavaDSLMethodDecl methodDecl | this = methodDecl.getABean())
or
/*
* Any beans referred to in Java DSL bean or beanRef elements are considered as possible
* targets. Whether the route builder is ever constructed or called is not considered.
*/
exists(CamelJavaDSLBeanDecl beanDecl |
this = beanDecl.getABeanClass()) or
exists(CamelJavaDSLBeanRefDecl beanRefDecl |
this = beanRefDecl.getABeanClass())
exists(CamelJavaDSLBeanDecl beanDecl | this = beanDecl.getABeanClass())
or
exists(CamelJavaDSLBeanRefDecl beanRefDecl | this = beanRefDecl.getABeanClass())
}
/**

13
java/ql/src/semmle/code/java/frameworks/Cucumber.qll
Просмотреть файл

@ -1,15 +1,14 @@
/**
* Cucumber is an open-source project for writing executable acceptance tests in human-readable `.feature` files.
*/
import java
/**
* An annotation defined in the Cucumber library.
*/
class CucumberAnnotation extends Annotation {
CucumberAnnotation() {
getType().getPackage().getName().matches("cucumber.api.java%")
}
CucumberAnnotation() { getType().getPackage().getName().matches("cucumber.api.java%") }
}
/**
@ -25,16 +24,12 @@ class CucumberJava8Language extends Interface {
* A step definition for Cucumber.
*/
class CucumberStepDefinition extends Method {
CucumberStepDefinition() {
getAnAnnotation() instanceof CucumberAnnotation
}
CucumberStepDefinition() { getAnAnnotation() instanceof CucumberAnnotation }
}
/**
* A class containing Cucumber step definitions.
*/
class CucumberStepDefinitionClass extends Class {
CucumberStepDefinitionClass() {
getAMember() instanceof CucumberStepDefinition
}
CucumberStepDefinitionClass() { getAMember() instanceof CucumberStepDefinition }
}

77
java/ql/src/semmle/code/java/frameworks/JAXB.qll
Просмотреть файл

@ -1,17 +1,14 @@
/* Definitions related to JAXB. */
import semmle.code.java.Type
library
class JAXBElement extends Class {
library class JAXBElement extends Class {
JAXBElement() {
this.getASupertype*().getQualifiedName() = "javax.xml.bind.JAXBElement" or
this.getAnAnnotation().getType().getName() = "XmlRootElement"
}
}
library
class JAXBMarshalMethod extends Method {
library class JAXBMarshalMethod extends Method {
JAXBMarshalMethod() {
this.getDeclaringType().getQualifiedName() = "javax.xml.bind.Marshaller" and
this.getName() = "marshal"
@ -19,38 +16,34 @@ class JAXBMarshalMethod extends Method {
}
class JaxbAnnotationType extends AnnotationType {
JaxbAnnotationType() {
getPackage().getName() = "javax.xml.bind.annotation"
}
JaxbAnnotationType() { getPackage().getName() = "javax.xml.bind.annotation" }
}
class JaxbAnnotated extends Annotatable {
JaxbAnnotated() {
getAnAnnotation().getType() instanceof JaxbAnnotationType
}
JaxbAnnotated() { getAnAnnotation().getType() instanceof JaxbAnnotationType }
predicate hasJaxbAnnotation(string name) {
hasJaxbAnnotation(this, name)
}
predicate hasJaxbAnnotation(string name) { hasJaxbAnnotation(this, name) }
}
private predicate hasJaxbAnnotation(Annotatable annotatable, string name) {
annotatable.getAnAnnotation().getType().(JaxbAnnotationType).hasName(name)
}
/**
* A class that is mapped to an XML schema.
*/
class JaxbType extends Class {
JaxbType() {
// Explicitly an `XmlType`.
hasJaxbAnnotation(this, "XmlType") or
hasJaxbAnnotation(this, "XmlRootElement") or
hasJaxbAnnotation(this, "XmlType")
or
hasJaxbAnnotation(this, "XmlRootElement")
or
/*
* There is at least one Jaxb annotation on a member of this class. The `@XmlType` is implied
* on any class, but we limit our identification to those that have some reference to JAXB.
*/
exists(AnnotationType at |
at = this.getAMember().getAnAnnotation().getType() and
at instanceof JaxbMemberAnnotation
@ -62,7 +55,7 @@ class JaxbType extends Class {
exists(Annotation a |
this.getAnAnnotation() = a and
a.getType().(JaxbAnnotationType).hasName("XmlAccessorType")
|
|
result.getAnAccess() = a.getValue("value").(VarAccess)
)
}
@ -71,8 +64,8 @@ class JaxbType extends Class {
* Gets the `XmlAccessType` associated with this class.
*/
XmlAccessType getXmlAccessType() {
if (exists(getDeclaredAccessType())) then
result = getDeclaredAccessType()
if (exists(getDeclaredAccessType()))
then result = getDeclaredAccessType()
else
// Default access type, if not specified.
result.isPublicMember()
@ -91,14 +84,17 @@ class XmlAccessType extends EnumConstant {
* All public getter/setter pairs and public fields will be bound.
*/
predicate isPublicMember() { getName() = "PUBLIC_MEMBER" }
/**
* All non-static, non-transient fields will be bound.
*/
predicate isField() { getName() = "FIELD" }
/**
* All getter/setter pairs will be bound.
*/
predicate isProperty() { getName() = "PROPERTY" }
/**
* Nothing will be bound automatically.
*/
@ -118,9 +114,7 @@ class JaxbMemberAnnotation extends JaxbAnnotationType {
}
}
private predicate isTransient(Member m) {
hasJaxbAnnotation(m, "XmlTransient")
}
private predicate isTransient(Member m) { hasJaxbAnnotation(m, "XmlTransient") }
/**
* A field is "bound" to an XML element or attribute if it is either annotated as such, or it is
@ -136,13 +130,13 @@ class JaxbBoundField extends Field {
not isTransient(this) and
(
// Explicitly annotated to be bound.
exists(getAnAnnotation().getType().(JaxbMemberAnnotation)) or
exists(getAnAnnotation().getType().(JaxbMemberAnnotation))
or
// Within a JAXB type which has an `XmlAcessType` that binds this field.
exists(JaxbType type |
this.getDeclaringType() = type
|
exists(JaxbType type | this.getDeclaringType() = type |
// All fields are automatically bound in this access type.
type.getXmlAccessType().isField() or
type.getXmlAccessType().isField()
or
// Only public fields are automatically bound in this access type.
(type.getXmlAccessType().isPublicMember() and isPublic())
)
@ -154,9 +148,7 @@ class JaxbBoundField extends Field {
* A getter or setter method, as defined by whether the method name starts with "set" or "get".
*/
library class GetterOrSetterMethod extends Method {
GetterOrSetterMethod() {
this.getName().matches("get%") or this.getName().matches("set%")
}
GetterOrSetterMethod() { this.getName().matches("get%") or this.getName().matches("set%") }
Field getField() {
result.getDeclaringType() = this.getDeclaringType() and
@ -167,23 +159,17 @@ library class GetterOrSetterMethod extends Method {
* Holds if this method has a "pair"ed method, e.g. whether there is an equivalent getter if this
* is a setter, and vice versa.
*/
predicate isProperty() {
exists(getPair())
}
predicate isProperty() { exists(getPair()) }
/**
* Gets the "pair" method, if one exists; that is, the getter if this is a setter, and vice versa.
*/
GetterOrSetterMethod getPair() {
result.getField() = this.getField() and not result = this
}
GetterOrSetterMethod getPair() { result.getField() = this.getField() and not result = this }
/**
* Gets either this method or its pair.
*/
GetterOrSetterMethod getThisOrPair() {
result.getField() = this.getField()
}
GetterOrSetterMethod getThisOrPair() { result.getField() = this.getField() }
}
/**
@ -196,21 +182,26 @@ class JaxbBoundGetterSetter extends GetterOrSetterMethod {
not isTransient(this.getPair()) and
(
// An annotated field which indicates that this is a getter or setter.
this.getField() instanceof JaxbBoundField or
this.getField() instanceof JaxbBoundField
or
// An annotation on this method or the pair that indicate that it is a valid setter/getter.
getThisOrPair().getAnAnnotation().getType() instanceof JaxbMemberAnnotation or
getThisOrPair().getAnAnnotation().getType() instanceof JaxbMemberAnnotation
or
// Within a JAXB type which has an `XmlAcessType` that binds this method.
exists(JaxbType c | this.getDeclaringType() = c |
/*
* If this is a "property" - both a setter and getter present for the XML element or attribute
* - the `XmlAccessType` of the declaring type may cause this property to be bound.
*/
isProperty() and
(
/*
* In the `PUBLIC_MEMBER` case all public properties are considered bound.
*/
(c.getXmlAccessType().isPublicMember() and isPublic()) or
(c.getXmlAccessType().isPublicMember() and isPublic())
or
// In "property" all properties are considered bound.
c.getXmlAccessType().isProperty()
)

32
java/ql/src/semmle/code/java/frameworks/JUnitAnnotations.qll
Просмотреть файл

@ -12,54 +12,42 @@ import java
* An `@org.junit.After` annotation.
*/
class AfterAnnotation extends Annotation {
AfterAnnotation() {
this.getType().hasQualifiedName("org.junit", "After")
}
AfterAnnotation() { this.getType().hasQualifiedName("org.junit", "After") }
}
/**
* An `@org.junit.AfterClass` annotation.
*/
class AfterClassAnnotation extends Annotation {
AfterClassAnnotation() {
this.getType().hasQualifiedName("org.junit", "AfterClass")
}
AfterClassAnnotation() { this.getType().hasQualifiedName("org.junit", "AfterClass") }
}
/**
* An `@org.junit.Before` annotation.
*/
class BeforeAnnotation extends Annotation {
BeforeAnnotation() {
this.getType().hasQualifiedName("org.junit", "Before")
}
BeforeAnnotation() { this.getType().hasQualifiedName("org.junit", "Before") }
}
/**
* An `@org.junit.BeforeClass` annotation.
*/
class BeforeClassAnnotation extends Annotation {
BeforeClassAnnotation() {
this.getType().hasQualifiedName("org.junit", "BeforeClass")
}
BeforeClassAnnotation() { this.getType().hasQualifiedName("org.junit", "BeforeClass") }
}
/**
* An `@org.junit.Ignore` annotation.
*/
class IgnoreAnnotation extends Annotation {
IgnoreAnnotation() {
this.getType().hasQualifiedName("org.junit", "Ignore")
}
IgnoreAnnotation() { this.getType().hasQualifiedName("org.junit", "Ignore") }
}
/**
* An `@org.junit.Test` annotation.
*/
class TestAnnotation extends Annotation {
TestAnnotation() {
this.getType().hasQualifiedName("org.junit", "Test")
}
TestAnnotation() { this.getType().hasQualifiedName("org.junit", "Test") }
}
/*
@ -71,14 +59,10 @@ class TestAnnotation extends Annotation {
* tests within a class should be run with a special `Runner`.
*/
class RunWithAnnotation extends Annotation {
RunWithAnnotation() {
this.getType().hasQualifiedName("org.junit.runner", "RunWith")
}
RunWithAnnotation() { this.getType().hasQualifiedName("org.junit.runner", "RunWith") }
/**
* Gets the runner that will be used.
*/
Type getRunner() {
result = getValue("value").(TypeLiteral).getTypeName().getType()
}
Type getRunner() { result = getValue("value").(TypeLiteral).getTypeName().getType() }
}

44
java/ql/src/semmle/code/java/frameworks/JavaxAnnotations.qll
Просмотреть файл

@ -5,33 +5,23 @@ import java
*/
class GeneratedAnnotation extends Annotation {
GeneratedAnnotation() {
this.getType().hasQualifiedName("javax.annotation", "Generated")
}
GeneratedAnnotation() { this.getType().hasQualifiedName("javax.annotation", "Generated") }
}
class PostConstructAnnotation extends Annotation {
PostConstructAnnotation() {
this.getType().hasQualifiedName("javax.annotation", "PostConstruct")
}
PostConstructAnnotation() { this.getType().hasQualifiedName("javax.annotation", "PostConstruct") }
}
class PreDestroyAnnotation extends Annotation {
PreDestroyAnnotation() {
this.getType().hasQualifiedName("javax.annotation", "PreDestroy")
}
PreDestroyAnnotation() { this.getType().hasQualifiedName("javax.annotation", "PreDestroy") }
}
class ResourceAnnotation extends Annotation {
ResourceAnnotation() {
this.getType().hasQualifiedName("javax.annotation", "Resource")
}
ResourceAnnotation() { this.getType().hasQualifiedName("javax.annotation", "Resource") }
}
class ResourcesAnnotation extends Annotation {
ResourcesAnnotation() {
this.getType().hasQualifiedName("javax.annotation", "Resources")
}
ResourcesAnnotation() { this.getType().hasQualifiedName("javax.annotation", "Resources") }
}
/**
@ -54,9 +44,7 @@ class DeclareRolesAnnotation extends Annotation {
}
class DenyAllAnnotation extends Annotation {
DenyAllAnnotation() {
this.getType().hasQualifiedName("javax.annotation.security", "DenyAll")
}
DenyAllAnnotation() { this.getType().hasQualifiedName("javax.annotation.security", "DenyAll") }
}
class PermitAllAnnotation extends Annotation {
@ -72,9 +60,7 @@ class RolesAllowedAnnotation extends Annotation {
}
class RunAsAnnotation extends Annotation {
RunAsAnnotation() {
this.getType().hasQualifiedName("javax.annotation.security", "RunAs")
}
RunAsAnnotation() { this.getType().hasQualifiedName("javax.annotation.security", "RunAs") }
}
/*
@ -82,9 +68,7 @@ class RunAsAnnotation extends Annotation {
*/
class AroundInvokeAnnotation extends Annotation {
AroundInvokeAnnotation() {
this.getType().hasQualifiedName("javax.interceptor", "AroundInvoke")
}
AroundInvokeAnnotation() { this.getType().hasQualifiedName("javax.interceptor", "AroundInvoke") }
}
class ExcludeClassInterceptorsAnnotation extends Annotation {
@ -100,9 +84,7 @@ class ExcludeDefaultInterceptorsAnnotation extends Annotation {
}
class InterceptorsAnnotation extends Annotation {
InterceptorsAnnotation() {
this.getType().hasQualifiedName("javax.interceptor", "Interceptors")
}
InterceptorsAnnotation() { this.getType().hasQualifiedName("javax.interceptor", "Interceptors") }
}
/*
@ -110,9 +92,7 @@ class InterceptorsAnnotation extends Annotation {
*/
class WebServiceAnnotation extends Annotation {
WebServiceAnnotation() {
this.getType().hasQualifiedName("javax.jws", "WebService")
}
WebServiceAnnotation() { this.getType().hasQualifiedName("javax.jws", "WebService") }
}
/*
@ -120,7 +100,5 @@ class WebServiceAnnotation extends Annotation {
*/
class WebServiceRefAnnotation extends Annotation {
WebServiceRefAnnotation() {
this.getType().hasQualifiedName("javax.xml.ws", "WebServiceRef")
}
WebServiceRefAnnotation() { this.getType().hasQualifiedName("javax.xml.ws", "WebServiceRef") }
}

49
java/ql/src/semmle/code/java/frameworks/JaxWS.qll
Просмотреть файл

@ -14,7 +14,8 @@ class JaxWsEndpoint extends Class {
}
Callable getARemoteMethod() {
result = this.getACallable() and (
result = this.getACallable() and
(
exists(AnnotationType a | a = result.getAnAnnotation().getType() |
a.hasName("WebMethod") or
a.hasName("WebEndpoint")
@ -30,7 +31,7 @@ private predicate hasPathAnnotation(Annotatable annotatable) {
exists(AnnotationType a |
a = annotatable.getAnAnnotation().getType() and
a.getPackage().getName() = "javax.ws.rs"
|
|
a.hasName("Path")
)
}
@ -43,7 +44,7 @@ class JaxRsResourceMethod extends Method {
exists(AnnotationType a |
a = this.getAnAnnotation().getType() and
a.getPackage().getName() = "javax.ws.rs"
|
|
a.hasName("GET") or
a.hasName("POST") or
a.hasName("DELETE") or
@ -63,15 +64,17 @@ class JaxRsResourceMethod extends Method {
class JaxRsResourceClass extends Class {
JaxRsResourceClass() {
// A root resource class has a @Path annotation on the class.
hasPathAnnotation(this) or
hasPathAnnotation(this)
or
// A sub-resource
exists(JaxRsResourceClass resourceClass, Method method |
/*
* This is a sub-resource class is if it is referred to from the sub-resource locator of
* another resource class.
*/
method = resourceClass.getASubResourceLocator()
|
|
this = method.getReturnType()
)
}
@ -100,9 +103,7 @@ class JaxRsResourceClass extends Class {
/**
* Holds if this class is a "root resource" class
*/
predicate isRootResource() {
hasPathAnnotation(this)
}
predicate isRootResource() { hasPathAnnotation(this) }
/**
* Gets a `Constructor` that may be called by a JaxRS container to construct this class reflectively.
@ -121,10 +122,9 @@ class JaxRsResourceClass extends Class {
* JaxRS can only construct the class using constructors that are public, and where the
* container can provide all of the parameters. This includes the no-arg constructor.
*/
result.isPublic() and
forall(Parameter p |
p = result.getAParameter()
|
forall(Parameter p | p = result.getAParameter() |
p.getAnAnnotation() instanceof JaxRsInjectionAnnotation
)
}
@ -156,7 +156,7 @@ class JaxRsInjectionAnnotation extends Annotation {
exists(AnnotationType a |
a = getType() and
a.getPackage().getName() = "javax.ws.rs"
|
|
a.hasName("BeanParam") or
a.hasName("CookieParam") or
a.hasName("FormParam") or
@ -164,21 +164,18 @@ class JaxRsInjectionAnnotation extends Annotation {
a.hasName("MatrixParam") or
a.hasName("PathParam") or
a.hasName("QueryParam")
) or
)
or
getType().hasQualifiedName("javax.ws.rs.core", "Context")
}
}
class JaxRsResponse extends Class {
JaxRsResponse() {
this.hasQualifiedName("javax.ws.rs.core", "Response")
}
JaxRsResponse() { this.hasQualifiedName("javax.ws.rs.core", "Response") }
}
class JaxRsResponseBuilder extends Class {
JaxRsResponseBuilder() {
this.hasQualifiedName("javax.ws.rs.core", "ResponseBuilder")
}
JaxRsResponseBuilder() { this.hasQualifiedName("javax.ws.rs.core", "ResponseBuilder") }
}
/**
@ -189,14 +186,12 @@ class JaxRsBeanParamConstructor extends Constructor {
JaxRsBeanParamConstructor() {
exists(JaxRsResourceClass resourceClass, Callable c, Parameter p |
c = resourceClass.getAnInjectableCallable()
|
|
p = c.getAParameter() and
p.getAnAnnotation().getType().hasQualifiedName("javax.ws.rs", "BeanParam") and
this.getDeclaringType().getSourceDeclaration() = p.getType().(RefType).getSourceDeclaration()
) and
forall(Parameter p |
p = getAParameter()
|
forall(Parameter p | p = getAParameter() |
p.getAnAnnotation() instanceof JaxRsInjectionAnnotation
)
}
@ -206,9 +201,7 @@ class JaxRsBeanParamConstructor extends Constructor {
* The class `javax.ws.rs.ext.MessageBodyReader`.
*/
class MessageBodyReader extends GenericInterface {
MessageBodyReader() {
this.hasQualifiedName("javax.ws.rs.ext", "MessageBodyReader")
}
MessageBodyReader() { this.hasQualifiedName("javax.ws.rs.ext", "MessageBodyReader") }
}
/**
@ -226,6 +219,8 @@ class MessageBodyReaderReadFrom extends Method {
*/
class MessageBodyReaderRead extends Method {
MessageBodyReaderRead() {
exists(Method m | m.getSourceDeclaration() instanceof MessageBodyReaderReadFrom | this.overrides*(m))
exists(Method m | m.getSourceDeclaration() instanceof MessageBodyReaderReadFrom |
this.overrides*(m)
)
}
}

22
java/ql/src/semmle/code/java/frameworks/Jdbc.qll
Просмотреть файл

@ -5,38 +5,27 @@
import semmle.code.java.Type
/*--- Types ---*/
/** The interface `java.sql.Connection`. */
class TypeConnection extends Interface {
TypeConnection() {
hasQualifiedName("java.sql", "Connection")
}
TypeConnection() { hasQualifiedName("java.sql", "Connection") }
}
/** The interface `java.sql.PreparedStatement`. */
class TypePreparedStatement extends Interface {
TypePreparedStatement() {
hasQualifiedName("java.sql", "PreparedStatement")
}
TypePreparedStatement() { hasQualifiedName("java.sql", "PreparedStatement") }
}
/** The interface `java.sql.ResultSet`. */
class TypeResultSet extends Interface {
TypeResultSet() {
hasQualifiedName("java.sql", "ResultSet")
}
TypeResultSet() { hasQualifiedName("java.sql", "ResultSet") }
}
/** The interface `java.sql.Statement`. */
class TypeStatement extends Interface {
TypeStatement() {
hasQualifiedName("java.sql", "Statement")
}
TypeStatement() { hasQualifiedName("java.sql", "Statement") }
}
/*--- Methods ---*/
/** A method with the name `prepareStatement` declared in `java.sql.Connection`. */
class ConnectionPrepareStatement extends Method {
ConnectionPrepareStatement() {
@ -45,7 +34,6 @@ class ConnectionPrepareStatement extends Method {
}
}
/** A method with the name `executeQuery` declared in `java.sql.Statement`. */
class StatementExecuteQuery extends Method {
StatementExecuteQuery() {
@ -87,9 +75,7 @@ class ResultSetGetStringMethod extends Method {
}
}
/*--- Other definitions ---*/
/**
* An expression representing SQL code that occurs as an argument of
* a method in `java.sql.Connection` or `java.sql.Statement`.

10
java/ql/src/semmle/code/java/frameworks/Kryo.qll
Просмотреть файл

@ -7,19 +7,13 @@ import java
/**
* The type `com.esotericsoftware.kryo.Kryo`.
*/
class Kryo extends RefType {
Kryo() {
this.hasQualifiedName("com.esotericsoftware.kryo", "Kryo")
}
}
class Kryo extends RefType { Kryo() { this.hasQualifiedName("com.esotericsoftware.kryo", "Kryo") } }
/**
* A Kryo input stream.
*/
class KryoInput extends RefType {
KryoInput() {
this.hasQualifiedName("com.esotericsoftware.kryo.io", "Input")
}
KryoInput() { this.hasQualifiedName("com.esotericsoftware.kryo.io", "Input") }
}
/**

66
java/ql/src/semmle/code/java/frameworks/Lombok.qll
Просмотреть файл

@ -22,9 +22,7 @@ class LombokAnnotation extends Annotation {
* A Lombok `@NonNull` annotation.
*/
class LombokNonNullAnnotation extends LombokAnnotation {
LombokNonNullAnnotation() {
getType().hasName("NonNull")
}
LombokNonNullAnnotation() { getType().hasName("NonNull") }
}
/**
@ -34,9 +32,7 @@ class LombokNonNullAnnotation extends LombokAnnotation {
* automatically closed by Lombok in a generated try-finally block.
*/
class LombokCleanupAnnotation extends LombokAnnotation {
LombokCleanupAnnotation() {
getType().hasName("Cleanup")
}
LombokCleanupAnnotation() { getType().hasName("Cleanup") }
}
/**
@ -51,9 +47,7 @@ class LombokCleanupAnnotation extends LombokAnnotation {
* overridden by specifying `AccessLevel.NONE` for a field.
*/
class LombokGetterAnnotation extends LombokAnnotation {
LombokGetterAnnotation() {
getType().hasName("Getter")
}
LombokGetterAnnotation() { getType().hasName("Getter") }
}
/**
@ -68,9 +62,7 @@ class LombokGetterAnnotation extends LombokAnnotation {
* overridden by specifying `AccessLevel.NONE` for a field.
*/
class LombokSetterAnnotation extends LombokAnnotation {
LombokSetterAnnotation() {
getType().hasName("Setter")
}
LombokSetterAnnotation() { getType().hasName("Setter") }
}
/**
@ -80,9 +72,7 @@ class LombokSetterAnnotation extends LombokAnnotation {
* generates a `toString()` method.
*/
class LombokToStringAnnotation extends LombokAnnotation {
LombokToStringAnnotation() {
getType().hasName("ToString")
}
LombokToStringAnnotation() { getType().hasName("ToString") }
}
/**
@ -92,9 +82,7 @@ class LombokToStringAnnotation extends LombokAnnotation {
* generates suitable `equals` and `hashCode` methods.
*/
class LombokEqualsAndHashCodeAnnotation extends LombokAnnotation {
LombokEqualsAndHashCodeAnnotation() {
getType().hasName("EqualsAndHashCode")
}
LombokEqualsAndHashCodeAnnotation() { getType().hasName("EqualsAndHashCode") }
}
/**
@ -104,9 +92,7 @@ class LombokEqualsAndHashCodeAnnotation extends LombokAnnotation {
* generates a constructor with no parameters.
*/
class LombokNoArgsConstructorAnnotation extends LombokAnnotation {
LombokNoArgsConstructorAnnotation() {
getType().hasName("NoArgsConstructor")
}
LombokNoArgsConstructorAnnotation() { getType().hasName("NoArgsConstructor") }
}
/**
@ -118,9 +104,7 @@ class LombokNoArgsConstructorAnnotation extends LombokAnnotation {
* where it is declared.
*/
class LombokRequiredArgsConstructorAnnotation extends LombokAnnotation {
LombokRequiredArgsConstructorAnnotation() {
getType().hasName("RequiredArgsConstructor")
}
LombokRequiredArgsConstructorAnnotation() { getType().hasName("RequiredArgsConstructor") }
}
/**
@ -130,9 +114,7 @@ class LombokRequiredArgsConstructorAnnotation extends LombokAnnotation {
* generates a constructor with a parameter for each field in the class.
*/
class LombokAllArgsConstructorAnnotation extends LombokAnnotation {
LombokAllArgsConstructorAnnotation() {
getType().hasName("AllArgsConstructor")
}
LombokAllArgsConstructorAnnotation() { getType().hasName("AllArgsConstructor") }
}
/**
@ -142,9 +124,7 @@ class LombokAllArgsConstructorAnnotation extends LombokAnnotation {
* fields, `@Setter` on all non-final fields, and `@RequiredArgsConstructor`.
*/
class LombokDataAnnotation extends LombokAnnotation {
LombokDataAnnotation() {
getType().hasName("Data")
}
LombokDataAnnotation() { getType().hasName("Data") }
}
/**
@ -154,13 +134,12 @@ class LombokDataAnnotation extends LombokAnnotation {
*
* ```
* final @ToString @EqualsAndHashCode @AllArgsConstructor
*
* @FieldDefaults(makeFinal=true,level=AccessLevel.PRIVATE) @Getter
* ```
*/
class LombokValueAnnotation extends LombokAnnotation {
LombokValueAnnotation() {
getType().hasName("Value")
}
LombokValueAnnotation() { getType().hasName("Value") }
}
/**
@ -170,9 +149,7 @@ class LombokValueAnnotation extends LombokAnnotation {
* generates complex builder APIs for the class.
*/
class LombokBuilderAnnotation extends LombokAnnotation {
LombokBuilderAnnotation() {
getType().hasName("Builder")
}
LombokBuilderAnnotation() { getType().hasName("Builder") }
}
/**
@ -182,9 +159,7 @@ class LombokBuilderAnnotation extends LombokAnnotation {
* without declaring them in a `throws` clause.
*/
class LombokSneakyThrowsAnnotation extends LombokAnnotation {
LombokSneakyThrowsAnnotation() {
getType().hasName("SneakyThrows")
}
LombokSneakyThrowsAnnotation() { getType().hasName("SneakyThrows") }
}
/**
@ -196,9 +171,7 @@ class LombokSneakyThrowsAnnotation extends LombokAnnotation {
* methods annotated with `@Synchronized`.
*/
class LombokSynchronizedAnnotation extends LombokAnnotation {
LombokSynchronizedAnnotation() {
getType().hasName("Synchronized")
}
LombokSynchronizedAnnotation() { getType().hasName("Synchronized") }
}
/**
@ -208,9 +181,7 @@ class LombokSynchronizedAnnotation extends LombokAnnotation {
* generates a logger field named `log` with a specified type.
*/
class LombokLogAnnotation extends LombokAnnotation {
LombokLogAnnotation() {
getType().hasName("Log")
}
LombokLogAnnotation() { getType().hasName("Log") }
}
/*
@ -226,12 +197,13 @@ class LombokLogAnnotation extends LombokAnnotation {
*/
class LombokGetterAnnotatedField extends Field {
LombokGetterAnnotatedField() {
getAnAnnotation() instanceof LombokGetterAnnotation or
getAnAnnotation() instanceof LombokGetterAnnotation
or
exists(LombokAnnotation a |
a instanceof LombokGetterAnnotation or
a instanceof LombokDataAnnotation or
a instanceof LombokValueAnnotation
|
|
a = getDeclaringType().getSourceDeclaration().getAnAnnotation()
)
}

152
java/ql/src/semmle/code/java/frameworks/Mockito.qll
Просмотреть файл

@ -52,27 +52,27 @@ class MockitoInitMocks extends Method {
class MockitoInitedTest extends Class {
MockitoInitedTest() {
// Tests run with the Mockito runner.
exists(RunWithAnnotation a |
a = this.getAnAncestor().getAnAnnotation()
|
exists(RunWithAnnotation a | a = this.getAnAncestor().getAnAnnotation() |
a.getRunner().(RefType).hasQualifiedName("org.mockito.runners", "MockitoJUnitRunner") or
// Deprecated style.
a.getRunner().(RefType).hasQualifiedName("org.mockito.runners", "MockitoJUnit44Runner")
) or
)
or
// Call to `MockitoAnnotations.initMocks()`, either by the constructor or by a `@Before` method.
exists(MockitoInitMocks initMocks |
getAConstructor().calls*(initMocks) or
getAConstructor().calls*(initMocks)
or
exists(Method m |
m = getAnAncestor().getAMethod() and
(
m.hasAnnotation("org.junit", "Before") or
m.hasAnnotation("org.testng.annotations", "BeforeMethod")
) |
)
|
m.calls*(initMocks)
) or
exists(MethodAccess call |
call.getCallee() = initMocks
|
)
or
exists(MethodAccess call | call.getCallee() = initMocks |
call.getArgument(0).getType() = this
)
)
@ -106,9 +106,7 @@ class MockitoExclusiveAnnotation extends MockitoAnnotation {
* A field which has a Mockito annotation.
*/
class MockitoAnnotatedField extends Field {
MockitoAnnotatedField() {
getAnAnnotation() instanceof MockitoAnnotation
}
MockitoAnnotatedField() { getAnAnnotation() instanceof MockitoAnnotation }
/**
* Holds if this field will be processed by Mockito.
@ -143,11 +141,12 @@ class MockitoMockedField extends MockitoAnnotatedField {
predicate isReferencedByInjection() {
exists(MockitoInjectedField injectedField |
injectedField.getDeclaringType() = getDeclaringType()
|
|
/*
* A `@Mock` is injected if it is used in one of the invoked callables (constructor or
* setter), or injected directly onto a field.
*/
getType().(RefType).getAnAncestor() = injectedField.getAnInvokedCallable().getAParamType() or
getType().(RefType).getAnAncestor() = injectedField.getASetField().getType()
)
@ -158,9 +157,7 @@ class MockitoMockedField extends MockitoAnnotatedField {
* A field annotated with `@InjectMocks`.
*/
class MockitoInjectedField extends MockitoAnnotatedField {
MockitoInjectedField() {
hasAnnotation("org.mockito", "InjectMocks")
}
MockitoInjectedField() { hasAnnotation("org.mockito", "InjectMocks") }
override predicate isValid() {
super.isValid() and
@ -169,10 +166,10 @@ class MockitoInjectedField extends MockitoAnnotatedField {
* If we need to initialize the field, it is only valid if the type is a `Class` that is not
* local, is static if it is a nested class, and is not abstract.
*/
exists(getInitializer()) or
exists(Class c |
c = getType()
|
exists(getInitializer())
or
exists(Class c | c = getType() |
not c.isLocal() and
(getType() instanceof NestedClass implies c.(NestedClass).isStatic()) and
not c.isAbstract()
@ -182,6 +179,7 @@ class MockitoInjectedField extends MockitoAnnotatedField {
/*
* If neither of these is true, then mockito will fail to initialize this field.
*/
usingConstructorInjection() or
usingPropertyInjection()
)
@ -213,9 +211,7 @@ class MockitoInjectedField extends MockitoAnnotatedField {
/**
* Gets the class that will be injected, if this field is valid.
*/
MockitoMockInjectedClass getMockInjectedClass() {
result = super.getType()
}
MockitoMockInjectedClass getMockInjectedClass() { result = super.getType() }
/**
* Gets a callable invoked when injecting mocks into this field.
@ -224,40 +220,46 @@ class MockitoInjectedField extends MockitoAnnotatedField {
exists(MockitoMockInjectedClass mockInjectedClass |
// This is the type we are constructing/injecting.
mockInjectedClass = getType()
|
if usingConstructorInjection() then
|
if usingConstructorInjection()
then
/*
* If there is no initializer for this field, and there is a most mockable constructor,
* then we are doing a parameterized injection of mocks into a most mockable constructor.
*/
result = mockInjectedClass.getAMostMockableConstructor()
else if usingPropertyInjection() then
(
// We will call the no-arg constructor if the field wasn't initialized.
not exists(getInitializer()) and
result = mockInjectedClass.getNoArgsConstructor()
) or
(
/*
* Perform property injection into setter fields, but only where there exists a mock
* that can be injected into the method. Otherwise, the setter method is never called.
*/
result = mockInjectedClass.getASetterMethod() and
exists(MockitoMockedField mockedField |
mockedField.getDeclaringType() = this.getDeclaringType() and
mockedField.isValid()
|
/*
* We make a simplifying assumption here - in theory, each mock can only be injected
* once, but we instead assume that there are sufficient mocks to go around.
*/
mockedField.getType().(RefType).getAnAncestor() = result.getParameterType(0)
)
)
else
// There's no instance, and no no-arg constructor we can call, so injection fails.
none()
if usingPropertyInjection()
then
(
// We will call the no-arg constructor if the field wasn't initialized.
not exists(getInitializer()) and
result = mockInjectedClass.getNoArgsConstructor()
)
or
(
/*
* Perform property injection into setter fields, but only where there exists a mock
* that can be injected into the method. Otherwise, the setter method is never called.
*/
result = mockInjectedClass.getASetterMethod() and
exists(MockitoMockedField mockedField |
mockedField.getDeclaringType() = this.getDeclaringType() and
mockedField.isValid()
|
/*
* We make a simplifying assumption here - in theory, each mock can only be injected
* once, but we instead assume that there are sufficient mocks to go around.
*/
mockedField.getType().(RefType).getAnAncestor() = result.getParameterType(0)
)
)
else
// There's no instance, and no no-arg constructor we can call, so injection fails.
none()
)
}
@ -267,20 +269,21 @@ class MockitoInjectedField extends MockitoAnnotatedField {
* Field injection only occurs if property injection and not constructor injection is used.
*/
Field getASetField() {
if usingPropertyInjection() then
if usingPropertyInjection()
then
result = getMockInjectedClass().getASetField() and
exists(MockitoMockedField mockedField |
mockedField.getDeclaringType() = this.getDeclaringType() and
mockedField.isValid()
|
|
/*
* We make a simplifying assumption here - in theory, each mock can only be injected
* once, but we instead assume that there are sufficient mocks to go around.
*/
mockedField.getType().(RefType).getAnAncestor() = result.getType()
)
else
none()
else none()
}
}
@ -288,28 +291,29 @@ class MockitoInjectedField extends MockitoAnnotatedField {
* A field annotated with the Mockito `@Spy` annotation.
*/
class MockitoSpiedField extends MockitoAnnotatedField {
MockitoSpiedField() {
hasAnnotation("org.mockito", "Spy")
}
MockitoSpiedField() { hasAnnotation("org.mockito", "Spy") }
override predicate isValid() {
super.isValid() and
(
exists(getInitializer()) or
exists(Constructor c | c = getType().(RefType).getAConstructor() and c.getNumberOfParameters() = 0)
exists(getInitializer())
or
exists(Constructor c |
c = getType().(RefType).getAConstructor() and c.getNumberOfParameters() = 0
)
)
}
/**
* Holds if construction ever occurs.
*/
predicate isConstructed() {
not exists(getInitializer())
}
predicate isConstructed() { not exists(getInitializer()) }
}
private int mockableParameterCount(Constructor constructor) {
result = count(Parameter p | p = constructor.getAParameter() and p.getType() instanceof MockitoMockableType)
result = count(Parameter p |
p = constructor.getAParameter() and p.getType() instanceof MockitoMockableType
)
}
/**
@ -318,9 +322,7 @@ private int mockableParameterCount(Constructor constructor) {
library class MockitoMockInjectedClass extends Class {
MockitoMockInjectedClass() {
// There must be an `@InjectMock` field that has `this` as the type.
exists(MockitoInjectedField injectedField |
this = injectedField.getType()
)
exists(MockitoInjectedField injectedField | this = injectedField.getType())
}
/**
@ -352,9 +354,7 @@ library class MockitoMockInjectedClass extends Class {
*/
Method getASetterMethod() {
result = getAMethod() and
exists(MockitoSettableField settableField |
result = settableField.getSetterMethod()
)
exists(MockitoSettableField settableField | result = settableField.getSetterMethod())
}
/**
@ -377,9 +377,7 @@ class MockitoSettableField extends Field {
MockitoSettableField() {
not isFinal() and
not isStatic() and
exists(MockitoMockInjectedClass injectedClass |
injectedClass = this.getDeclaringType()
)
exists(MockitoMockInjectedClass injectedClass | injectedClass = this.getDeclaringType())
}
/**
@ -403,8 +401,10 @@ class MockitoMockMethod extends Method {
class MockitoMockedObject extends Expr {
MockitoMockedObject() {
this.(MethodAccess).getMethod() instanceof MockitoMockMethod or
this.(VarAccess).getVariable().getAnAssignedValue() instanceof MockitoMockedObject or
this.(MethodAccess).getMethod() instanceof MockitoMockMethod
or
this.(VarAccess).getVariable().getAnAssignedValue() instanceof MockitoMockedObject
or
exists(ReturnStmt ret |
this.(MethodAccess).getMethod() = ret.getEnclosingCallable() and
ret.getResult() instanceof MockitoMockedObject

10
java/ql/src/semmle/code/java/frameworks/Networking.qll
Просмотреть файл

@ -5,16 +5,10 @@
import semmle.code.java.Type
class TypeUrlConnection extends RefType {
TypeUrlConnection() {
hasQualifiedName("java.net", "URLConnection")
}
TypeUrlConnection() { hasQualifiedName("java.net", "URLConnection") }
}
class TypeSocket extends RefType {
TypeSocket() {
hasQualifiedName("java.net", "Socket")
}
}
class TypeSocket extends RefType { TypeSocket() { hasQualifiedName("java.net", "Socket") } }
class URLConnectionGetInputStreamMethod extends Method {
URLConnectionGetInputStreamMethod() {

17
java/ql/src/semmle/code/java/frameworks/Properties.qll
Просмотреть файл

@ -1,32 +1,25 @@
/* Definitions related to `java.util.Properties`. */
import semmle.code.java.Type
library
class TypeProperty extends Class {
TypeProperty() {
hasQualifiedName("java.util", "Properties")
}
library class TypeProperty extends Class {
TypeProperty() { hasQualifiedName("java.util", "Properties") }
}
library
class PropertiesGetPropertyMethod extends Method {
library class PropertiesGetPropertyMethod extends Method {
PropertiesGetPropertyMethod() {
getDeclaringType() instanceof TypeProperty and
hasName("getProperty")
}
}
library
class PropertiesSetPropertyMethod extends Method {
library class PropertiesSetPropertyMethod extends Method {
PropertiesSetPropertyMethod() {
getDeclaringType() instanceof TypeProperty and
hasName("setProperty")
}
}
library
class PropertiesStoreMethod extends Method {
library class PropertiesStoreMethod extends Method {
PropertiesStoreMethod() {
getDeclaringType() instanceof TypeProperty and
(getName().matches("store%") or getName() = "save")

16
java/ql/src/semmle/code/java/frameworks/Rmi.qll
Просмотреть файл

@ -1,22 +1,14 @@
/* Remote Method Invocation. */
import java
/** The interface `java.rmi.Remote`. */
class TypeRemote extends RefType {
TypeRemote() {
hasQualifiedName("java.rmi", "Remote")
}
}
class TypeRemote extends RefType { TypeRemote() { hasQualifiedName("java.rmi", "Remote") } }
/** A method that is intended to be called via RMI. */
class RemoteCallableMethod extends Method {
RemoteCallableMethod() {
remoteCallableMethod(this)
}
}
class RemoteCallableMethod extends Method { RemoteCallableMethod() { remoteCallableMethod(this) } }
private predicate remoteCallableMethod(Method method) {
method.getDeclaringType().getASupertype() instanceof TypeRemote or
method.getDeclaringType().getASupertype() instanceof TypeRemote
or
exists(Method meth | remoteCallableMethod(meth) and method.getAnOverride() = meth)
}

14
java/ql/src/semmle/code/java/frameworks/Selenium.qll
Просмотреть файл

@ -10,9 +10,7 @@ import semmle.code.java.Reflection
* The Selenium `PageFactory` class used to create page objects
*/
class SeleniumPageFactory extends Class {
SeleniumPageFactory() {
hasQualifiedName("org.openqa.selenium.support", "PageFactory")
}
SeleniumPageFactory() { hasQualifiedName("org.openqa.selenium.support", "PageFactory") }
}
/**
@ -27,18 +25,12 @@ class SeleniumInitElementsAccess extends MethodAccess {
/**
* Gets the class that is initialized by this call..
*/
Class getInitClass() {
result = inferClassParameterType(getArgument(1))
}
Class getInitClass() { result = inferClassParameterType(getArgument(1)) }
}
/**
* A class which is constructed by Selenium as a page object using `PageFactory.initElements(...)`.
*/
class SeleniumPageObject extends Class {
SeleniumPageObject() {
exists(SeleniumInitElementsAccess init |
this = init.getInitClass()
)
}
SeleniumPageObject() { exists(SeleniumInitElementsAccess init | this = init.getInitClass()) }
}

73
java/ql/src/semmle/code/java/frameworks/Servlets.qll
Просмотреть файл

@ -8,8 +8,7 @@ import semmle.code.java.Type
* The interface `javax.servlet.ServletRequest` or
* `javax.servlet.http.HttpServletRequest`.
*/
library
class ServletRequest extends RefType {
library class ServletRequest extends RefType {
ServletRequest() {
hasQualifiedName("javax.servlet", "ServletRequest") or
this instanceof HttpServletRequest
@ -19,19 +18,15 @@ class ServletRequest extends RefType {
/**
* The interface `javax.servlet.http.HttpServletRequest`.
*/
library
class HttpServletRequest extends RefType {
HttpServletRequest() {
hasQualifiedName("javax.servlet.http", "HttpServletRequest")
}
library class HttpServletRequest extends RefType {
HttpServletRequest() { hasQualifiedName("javax.servlet.http", "HttpServletRequest") }
}
/**
* The method `getParameter(String)` or `getParameterValues(String)`
* declared in `javax.servlet.ServletRequest`.
*/
library
class ServletRequestGetParameterMethod extends Method {
library class ServletRequestGetParameterMethod extends Method {
ServletRequestGetParameterMethod() {
getDeclaringType() instanceof ServletRequest and
(
@ -46,8 +41,7 @@ class ServletRequestGetParameterMethod extends Method {
/**
* The method `getParameterNames()` declared in `javax.servlet.ServletRequest`.
*/
library
class ServletRequestGetParameterNamesMethod extends Method {
library class ServletRequestGetParameterNamesMethod extends Method {
ServletRequestGetParameterNamesMethod() {
getDeclaringType() instanceof ServletRequest and
hasName("getParameterNames") and
@ -58,8 +52,7 @@ class ServletRequestGetParameterNamesMethod extends Method {
/**
* The method `getParameterMap()` declared in `javax.servlet.ServletRequest`.
*/
library
class ServletRequestGetParameterMapMethod extends Method {
library class ServletRequestGetParameterMapMethod extends Method {
ServletRequestGetParameterMapMethod() {
getDeclaringType() instanceof ServletRequest and
hasName("getParameterMap") and
@ -70,8 +63,7 @@ class ServletRequestGetParameterMapMethod extends Method {
/**
* The method `getQueryString()` declared in `javax.servlet.http.HttpServletRequest`.
*/
library
class HttpServletRequestGetQueryStringMethod extends Method {
library class HttpServletRequestGetQueryStringMethod extends Method {
HttpServletRequestGetQueryStringMethod() {
getDeclaringType() instanceof HttpServletRequest and
hasName("getQueryString") and
@ -82,8 +74,7 @@ class HttpServletRequestGetQueryStringMethod extends Method {
/**
* The method `getPathInfo()` declared in `javax.servlet.http.HttpServletRequest`.
*/
library
class HttpServletRequestGetPathMethod extends Method {
library class HttpServletRequestGetPathMethod extends Method {
HttpServletRequestGetPathMethod() {
getDeclaringType() instanceof HttpServletRequest and
hasName("getPathInfo") and
@ -94,8 +85,7 @@ class HttpServletRequestGetPathMethod extends Method {
/**
* The method `getHeader(String)` declared in `javax.servlet.http.HttpServletRequest`.
*/
library
class HttpServletRequestGetHeaderMethod extends Method {
library class HttpServletRequestGetHeaderMethod extends Method {
HttpServletRequestGetHeaderMethod() {
getDeclaringType() instanceof HttpServletRequest and
hasName("getHeader") and
@ -107,8 +97,7 @@ class HttpServletRequestGetHeaderMethod extends Method {
/**
* The method `getHeaders(String)` declared in `javax.servlet.http.HttpServletRequest`.
*/
library
class HttpServletRequestGetHeadersMethod extends Method {
library class HttpServletRequestGetHeadersMethod extends Method {
HttpServletRequestGetHeadersMethod() {
getDeclaringType() instanceof HttpServletRequest and
hasName("getHeaders") and
@ -120,8 +109,7 @@ class HttpServletRequestGetHeadersMethod extends Method {
/**
* The method `getHeaderNames()` declared in `javax.servlet.http.HttpServletRequest`.
*/
library
class HttpServletRequestGetHeaderNamesMethod extends Method {
library class HttpServletRequestGetHeaderNamesMethod extends Method {
HttpServletRequestGetHeaderNamesMethod() {
getDeclaringType() instanceof HttpServletRequest and
hasName("getHeaderNames") and
@ -132,8 +120,7 @@ class HttpServletRequestGetHeaderNamesMethod extends Method {
/**
* The method `getRequestURL()` declared in `javax.servlet.http.HttpServletRequest`.
*/
library
class HttpServletRequestGetRequestURLMethod extends Method {
library class HttpServletRequestGetRequestURLMethod extends Method {
HttpServletRequestGetRequestURLMethod() {
getDeclaringType() instanceof HttpServletRequest and
hasName("getRequestURL") and
@ -144,8 +131,7 @@ class HttpServletRequestGetRequestURLMethod extends Method {
/**
* The method `getRequestURI()` declared in `javax.servlet.http.HttpServletRequest`.
*/
library
class HttpServletRequestGetRequestURIMethod extends Method {
library class HttpServletRequestGetRequestURIMethod extends Method {
HttpServletRequestGetRequestURIMethod() {
getDeclaringType() instanceof HttpServletRequest and
hasName("getRequestURI") and
@ -156,8 +142,7 @@ class HttpServletRequestGetRequestURIMethod extends Method {
/**
* The method `getRemoteUser()` declared in `javax.servlet.http.HttpServletRequest`.
*/
library
class HttpServletRequestGetRemoteUserMethod extends Method {
library class HttpServletRequestGetRemoteUserMethod extends Method {
HttpServletRequestGetRemoteUserMethod() {
getDeclaringType() instanceof HttpServletRequest and
hasName("getRemoteUser") and
@ -168,8 +153,7 @@ class HttpServletRequestGetRemoteUserMethod extends Method {
/**
* The method `getInputStream()` or `getReader()` declared in `javax.servlet.ServletRequest`.
*/
library
class ServletRequestGetBodyMethod extends Method {
library class ServletRequestGetBodyMethod extends Method {
ServletRequestGetBodyMethod() {
getDeclaringType() instanceof ServletRequest and
(hasName("getInputStream") or hasName("getReader"))
@ -191,9 +175,7 @@ class ServletResponse extends RefType {
* The interface `javax.servlet.http.HttpServletResponse`.
*/
class HttpServletResponse extends RefType {
HttpServletResponse() {
hasQualifiedName("javax.servlet.http", "HttpServletResponse")
}
HttpServletResponse() { hasQualifiedName("javax.servlet.http", "HttpServletResponse") }
}
/**
@ -244,18 +226,14 @@ class ServletResponseGetOutputStreamMethod extends Method {
}
/** The class `javax.servlet.http.Cookie`. */
library
class TypeCookie extends Class {
TypeCookie() {
hasQualifiedName("javax.servlet.http", "Cookie")
}
library class TypeCookie extends Class {
TypeCookie() { hasQualifiedName("javax.servlet.http", "Cookie") }
}
/**
* The method `getValue(String)` declared in `javax.servlet.http.Cookie`.
*/
library
class CookieGetValueMethod extends Method {
library class CookieGetValueMethod extends Method {
CookieGetValueMethod() {
getDeclaringType() instanceof TypeCookie and
hasName("getValue") and
@ -266,8 +244,7 @@ class CookieGetValueMethod extends Method {
/**
* The method `getName()` declared in `javax.servlet.http.Cookie`.
*/
library
class CookieGetNameMethod extends Method {
library class CookieGetNameMethod extends Method {
CookieGetNameMethod() {
getDeclaringType() instanceof TypeCookie and
hasName("getName") and
@ -279,8 +256,7 @@ class CookieGetNameMethod extends Method {
/**
* The method `getComment()` declared in `javax.servlet.http.Cookie`.
*/
library
class CookieGetCommentMethod extends Method {
library class CookieGetCommentMethod extends Method {
CookieGetCommentMethod() {
getDeclaringType() instanceof TypeCookie and
hasName("getComment") and
@ -323,9 +299,7 @@ class ResponseSetHeaderMethod extends Method {
* A class that has `javax.servlet.Servlet` as an ancestor.
*/
class ServletClass extends Class {
ServletClass() {
getAnAncestor().hasQualifiedName("javax.servlet", "Servlet")
}
ServletClass() { getAnAncestor().hasQualifiedName("javax.servlet", "Servlet") }
}
/**
@ -348,5 +322,6 @@ class ServletWebXMLListenerType extends RefType {
* - `HttpSessionActivationListener`
* - `HttpSessionBindingListener`
*/
}
}
}

40
java/ql/src/semmle/code/java/frameworks/SnakeYaml.qll
Просмотреть файл

@ -11,9 +11,7 @@ import semmle.code.java.dataflow.DataFlow3
* The class `org.yaml.snakeyaml.constructor.Constructor`.
*/
class SnakeYamlConstructor extends RefType {
SnakeYamlConstructor() {
this.hasQualifiedName("org.yaml.snakeyaml.constructor", "Constructor")
}
SnakeYamlConstructor() { this.hasQualifiedName("org.yaml.snakeyaml.constructor", "Constructor") }
}
/**
@ -30,7 +28,8 @@ class SnakeYamlSafeConstructor extends RefType {
*/
class SafeSnakeYamlConstruction extends ClassInstanceExpr {
SafeSnakeYamlConstruction() {
this.getConstructedType() instanceof SnakeYamlSafeConstructor or
this.getConstructedType() instanceof SnakeYamlSafeConstructor
or
(
this.getConstructedType() instanceof SnakeYamlConstructor and
this.getNumArgument() > 0
@ -41,20 +40,22 @@ class SafeSnakeYamlConstruction extends ClassInstanceExpr {
/**
* The class `org.yaml.snakeyaml.Yaml`.
*/
class Yaml extends RefType {
Yaml() {
this.hasQualifiedName("org.yaml.snakeyaml", "Yaml")
}
}
class Yaml extends RefType { Yaml() { this.hasQualifiedName("org.yaml.snakeyaml", "Yaml") } }
private class SafeYamlConstructionFlowConfig extends DataFlow2::Configuration {
SafeYamlConstructionFlowConfig() { this = "SnakeYaml::SafeYamlConstructionFlowConfig" }
override predicate isSource(DataFlow::Node src) { src.asExpr() instanceof SafeSnakeYamlConstruction }
override predicate isSource(DataFlow::Node src) {
src.asExpr() instanceof SafeSnakeYamlConstruction
}
override predicate isSink(DataFlow::Node sink) { sink = yamlClassInstanceExprArgument(_) }
private DataFlow::ExprNode yamlClassInstanceExprArgument(ClassInstanceExpr cie) {
cie.getConstructedType() instanceof Yaml and
result.getExpr() = cie.getArgument(0)
}
ClassInstanceExpr getSafeYaml() { hasFlowTo(yamlClassInstanceExprArgument(result)) }
}
@ -62,15 +63,14 @@ private class SafeYamlConstructionFlowConfig extends DataFlow2::Configuration {
* An instance of `Yaml` that does not allow arbitrary constructor to be called.
*/
private class SafeYaml extends ClassInstanceExpr {
SafeYaml() {
exists(SafeYamlConstructionFlowConfig conf | conf.getSafeYaml() = this)
}
SafeYaml() { exists(SafeYamlConstructionFlowConfig conf | conf.getSafeYaml() = this) }
}
/** A call to a parse method of `Yaml`. */
private class SnakeYamlParse extends MethodAccess {
SnakeYamlParse() {
exists(Method m | m.getDeclaringType() instanceof Yaml and
exists(Method m |
m.getDeclaringType() instanceof Yaml and
(m.hasName("load") or m.hasName("loadAll") or m.hasName("loadAs") or m.hasName("parse")) and
m = this.getMethod()
)
@ -79,9 +79,15 @@ private class SnakeYamlParse extends MethodAccess {
private class SafeYamlFlowConfig extends DataFlow3::Configuration {
SafeYamlFlowConfig() { this = "SnakeYaml::SafeYamlFlowConfig" }
override predicate isSource(DataFlow::Node src) { src.asExpr() instanceof SafeYaml }
override predicate isSink(DataFlow::Node sink) { sink = yamlParseQualifier(_) }
private DataFlow::ExprNode yamlParseQualifier(SnakeYamlParse syp) { result.getExpr() = syp.getQualifier() }
private DataFlow::ExprNode yamlParseQualifier(SnakeYamlParse syp) {
result.getExpr() = syp.getQualifier()
}
SnakeYamlParse getASafeSnakeYamlParse() { hasFlowTo(yamlParseQualifier(result)) }
}
@ -89,7 +95,5 @@ private class SafeYamlFlowConfig extends DataFlow3::Configuration {
* A call to a parse method of `Yaml` that allows arbitrary constructor to be called.
*/
class UnsafeSnakeYamlParse extends SnakeYamlParse {
UnsafeSnakeYamlParse() {
not exists(SafeYamlFlowConfig sy | sy.getASafeSnakeYamlParse() = this)
}
UnsafeSnakeYamlParse() { not exists(SafeYamlFlowConfig sy | sy.getASafeSnakeYamlParse() = this) }
}

8
java/ql/src/semmle/code/java/frameworks/XStream.qll
Просмотреть файл

@ -8,9 +8,7 @@ import java
* The type `com.thoughtworks.xstream.XStream`.
*/
class XStream extends RefType {
XStream() {
this.hasQualifiedName("com.thoughtworks.xstream", "XStream")
}
XStream() { this.hasQualifiedName("com.thoughtworks.xstream", "XStream") }
}
/**
@ -38,7 +36,9 @@ class XStreamEnableWhiteListing extends MethodAccess {
exists(Field f |
this.getAnArgument() = f.getAnAccess() and
f.hasName("NONE") and
f.getDeclaringType().hasQualifiedName("com.thoughtworks.xstream.security", "NoTypePermission")
f
.getDeclaringType()
.hasQualifiedName("com.thoughtworks.xstream.security", "NoTypePermission")
)
)
}

24
java/ql/src/semmle/code/java/frameworks/android/Intent.qll
Просмотреть файл

@ -1,33 +1,19 @@
import java
class TypeIntent extends Class {
TypeIntent() {
hasQualifiedName("android.content", "Intent")
}
}
class TypeIntent extends Class { TypeIntent() { hasQualifiedName("android.content", "Intent") } }
class TypeActivity extends Class {
TypeActivity() {
hasQualifiedName("android.app", "Activity")
}
}
class TypeActivity extends Class { TypeActivity() { hasQualifiedName("android.app", "Activity") } }
class TypeContext extends RefType {
TypeContext() {
hasQualifiedName("android.content", "Context")
}
TypeContext() { hasQualifiedName("android.content", "Context") }
}
class TypeBroadcastReceiver extends Class {
TypeBroadcastReceiver() {
hasQualifiedName("android.content", "BroadcastReceiver")
}
TypeBroadcastReceiver() { hasQualifiedName("android.content", "BroadcastReceiver") }
}
class AndroidGetIntentMethod extends Method {
AndroidGetIntentMethod() {
hasName("getIntent") and getDeclaringType() instanceof TypeActivity
}
AndroidGetIntentMethod() { hasName("getIntent") and getDeclaringType() instanceof TypeActivity }
}
class AndroidReceiveIntentMethod extends Method {

18
java/ql/src/semmle/code/java/frameworks/android/SQLite.qll
Просмотреть файл

@ -1,14 +1,10 @@
import java
class TypeSQLiteDatabase extends Class {
TypeSQLiteDatabase() {
hasQualifiedName("android.database.sqlite", "SQLiteDatabase")
}
TypeSQLiteDatabase() { hasQualifiedName("android.database.sqlite", "SQLiteDatabase") }
}
abstract class SQLiteRunner extends Method {
abstract int sqlIndex();
}
abstract class SQLiteRunner extends Method { abstract int sqlIndex(); }
class ExecSqlMethod extends SQLiteRunner {
ExecSqlMethod() {
@ -27,11 +23,8 @@ class QueryMethod extends SQLiteRunner {
override int sqlIndex() {
this.getName() = "query" and
(
if this.getParameter(0).getType() instanceof TypeString
then result = 2
else result = 3
) or
(if this.getParameter(0).getType() instanceof TypeString then result = 2 else result = 3)
or
this.getName() = "queryWithFactory" and result = 4
}
}
@ -43,7 +36,8 @@ class RawQueryMethod extends SQLiteRunner {
}
override int sqlIndex() {
this.getName() = "rawQuery" and result = 0 or
this.getName() = "rawQuery" and result = 0
or
this.getName() = "rawQueryWithFactory" and result = 1
}
}

14
java/ql/src/semmle/code/java/frameworks/android/WebView.qll
Просмотреть файл

@ -1,21 +1,13 @@
import java
class TypeWebView extends Class {
TypeWebView() {
hasQualifiedName("android.webkit", "WebView")
}
}
class TypeWebView extends Class { TypeWebView() { hasQualifiedName("android.webkit", "WebView") } }
class TypeWebViewClient extends Class {
TypeWebViewClient() {
hasQualifiedName("android.webkit", "WebViewClient")
}
TypeWebViewClient() { hasQualifiedName("android.webkit", "WebViewClient") }
}
class TypeWebSettings extends Class {
TypeWebSettings() {
hasQualifiedName("android.webkit", "WebSettings")
}
TypeWebSettings() { hasQualifiedName("android.webkit", "WebSettings") }
}
class WebViewGetSettingsMethod extends Method {

8
java/ql/src/semmle/code/java/frameworks/android/XmlParsing.qll
Просмотреть файл

@ -1,9 +1,7 @@
import java
class XmlPullParser extends Interface {
XmlPullParser() {
this.hasQualifiedName("org.xmlpull.v1", "XmlPullParser")
}
XmlPullParser() { this.hasQualifiedName("org.xmlpull.v1", "XmlPullParser") }
}
class XmlPullGetMethod extends Method {
@ -14,9 +12,7 @@ class XmlPullGetMethod extends Method {
}
class XmlAttrSet extends Interface {
XmlAttrSet() {
this.hasQualifiedName("android.util", "AttributeSet")
}
XmlAttrSet() { this.hasQualifiedName("android.util", "AttributeSet") }
}
class XmlAttrSetGetMethod extends Method {

14
java/ql/src/semmle/code/java/frameworks/apache/Exec.qll
Просмотреть файл

@ -1,24 +1,18 @@
/* Definitions related to the Apache Commons Exec library. */
import semmle.code.java.Type
library
class TypeCommandLine extends Class {
TypeCommandLine() {
hasQualifiedName("org.apache.commons.exec", "CommandLine")
}
library class TypeCommandLine extends Class {
TypeCommandLine() { hasQualifiedName("org.apache.commons.exec", "CommandLine") }
}
library
class MethodCommandLineParse extends Method {
library class MethodCommandLineParse extends Method {
MethodCommandLineParse() {
getDeclaringType() instanceof TypeCommandLine and
hasName("parse")
}
}
library
class MethodCommandLineAddArguments extends Method {
library class MethodCommandLineAddArguments extends Method {
MethodCommandLineAddArguments() {
getDeclaringType() instanceof TypeCommandLine and
hasName("addArguments")

54
java/ql/src/semmle/code/java/frameworks/camel/CamelJavaDSL.qll
Просмотреть файл

@ -13,6 +13,7 @@
*
* This creates a route to the `TargetBean` class for messages sent to "direct.start".
*/
import java
import semmle.code.java.Reflection
import semmle.code.java.frameworks.spring.Spring
@ -22,7 +23,10 @@ import semmle.code.java.frameworks.spring.Spring
*/
library class ProcessorDefinitionElement extends MethodAccess {
ProcessorDefinitionElement() {
getMethod().getDeclaringType().getSourceDeclaration().hasQualifiedName("org.apache.camel.model","ProcessorDefinition")
getMethod()
.getDeclaringType()
.getSourceDeclaration()
.hasQualifiedName("org.apache.camel.model", "ProcessorDefinition")
}
}
@ -32,16 +36,12 @@ library class ProcessorDefinitionElement extends MethodAccess {
* This declares a "target" for this route, described by the URI given as the first argument.
*/
class CamelJavaDSLToDecl extends ProcessorDefinitionElement {
CamelJavaDSLToDecl() {
getMethod().hasName("to")
}
CamelJavaDSLToDecl() { getMethod().hasName("to") }
/**
* Gets the URI specified by this `to` declaration.
*/
string getURI() {
result = getArgument(0).(CompileTimeConstantExpr).getStringValue()
}
string getURI() { result = getArgument(0).(CompileTimeConstantExpr).getStringValue() }
}
/**
@ -51,19 +51,19 @@ class CamelJavaDSLToDecl extends ProcessorDefinitionElement {
* or the bean object itself.
*/
class CamelJavaDSLBeanDecl extends ProcessorDefinitionElement {
CamelJavaDSLBeanDecl() {
getMethod().hasName("bean")
}
CamelJavaDSLBeanDecl() { getMethod().hasName("bean") }
/**
* Gets a bean class that may be registered as a target by this `bean()` declaration.
*/
RefType getABeanClass() {
if getArgument(0).getType() instanceof TypeClass then
if getArgument(0).getType() instanceof TypeClass
then
/*
* In this case, we've been given a Class<?>, which implies a Spring Bean of this type
* should be loaded. Infer the type of type parameter.
*/
result = inferClassParameterType(getArgument(0))
else
// In this case, the object itself is used as the target for the Apache Camel messages.
@ -79,22 +79,21 @@ class CamelJavaDSLBeanDecl extends ProcessorDefinitionElement {
* assumption that it either represetns a qualified name, or a Srping bean identifier.
*/
class CamelJavaDSLBeanRefDecl extends ProcessorDefinitionElement {
CamelJavaDSLBeanRefDecl() {
getMethod().hasName("beanRef")
}
CamelJavaDSLBeanRefDecl() { getMethod().hasName("beanRef") }
/**
* Gets the string describing the bean referred to.
*/
string getBeanRefString() {
result = getArgument(0).(CompileTimeConstantExpr).getStringValue()
}
string getBeanRefString() { result = getArgument(0).(CompileTimeConstantExpr).getStringValue() }
/**
* Gets a class that may be referred to by this bean reference.
*/
RefType getABeanClass() {
exists(SpringBean bean | bean.getBeanIdentifier() = getBeanRefString() | result = bean.getClass()) or
exists(SpringBean bean | bean.getBeanIdentifier() = getBeanRefString() |
result = bean.getClass()
)
or
result.getQualifiedName() = getBeanRefString()
}
}
@ -106,7 +105,10 @@ class CamelJavaDSLBeanRefDecl extends ProcessorDefinitionElement {
*/
class CamelJavaDSLMethodDecl extends MethodAccess {
CamelJavaDSLMethodDecl() {
getMethod().getDeclaringType().getSourceDeclaration().hasQualifiedName("org.apache.camel.builder","ExpressionClause") and
getMethod()
.getDeclaringType()
.getSourceDeclaration()
.hasQualifiedName("org.apache.camel.builder", "ExpressionClause") and
getMethod().hasName("method")
}
@ -114,14 +116,16 @@ class CamelJavaDSLMethodDecl extends MethodAccess {
* Gets a possible bean that this "method" expression represents.
*/
RefType getABean() {
if getArgument(0).getType() instanceof TypeString then
if getArgument(0).getType() instanceof TypeString
then
exists(SpringBean bean |
bean.getBeanIdentifier() = getArgument(0).(CompileTimeConstantExpr).getStringValue()
|
result = bean.getClass())
else if getArgument(0).getType() instanceof TypeClass then
result = inferClassParameterType(getArgument(0))
|
result = bean.getClass()
)
else
result = getArgument(0).getType()
if getArgument(0).getType() instanceof TypeClass
then result = inferClassParameterType(getArgument(0))
else result = getArgument(0).getType()
}
}

10
java/ql/src/semmle/code/java/frameworks/gigaspaces/GigaSpaces.qll
Просмотреть файл

@ -8,9 +8,7 @@ import java
* Holds if `eventDrivenClass` is an event listener Class which receives events from GigaSpaces.
*/
predicate isGigaSpacesEventDrivenClass(Class eventDrivenClass) {
exists(AnnotationType aType |
aType = eventDrivenClass.getAnAnnotation().getType()
|
exists(AnnotationType aType | aType = eventDrivenClass.getAnAnnotation().getType() |
aType.hasQualifiedName("org.openspaces.events", "EventDriven") or
aType.hasQualifiedName("org.openspaces.events.notify", "Notify") or
aType.hasQualifiedName("org.openspaces.events.polling", "Polling")
@ -22,9 +20,7 @@ predicate isGigaSpacesEventDrivenClass(Class eventDrivenClass) {
* when GigaSpaces is processing events.
*/
predicate isGigaSpacesEventMethod(Method eventMethod) {
exists(AnnotationType aType |
aType = eventMethod.getAnAnnotation().getType()
|
exists(AnnotationType aType | aType = eventMethod.getAnAnnotation().getType() |
aType.hasQualifiedName("org.openspaces.events.adapter", "SpaceDataEvent") or
aType.hasQualifiedName("org.openspaces.events", "EventTemplate") or
aType.hasQualifiedName("org.openspaces.events", "DynamicEventTemplate") or
@ -53,7 +49,7 @@ class GigaSpacesSpaceIdSetterMethod extends Method {
exists(GigaSpacesSpaceIdGetterMethod getterMethod |
getterMethod.getDeclaringType() = getDeclaringType() and
getName().prefix(3) = "set"
|
|
getterMethod.getName().suffix(3) = getName().suffix(3)
)
}

11
java/ql/src/semmle/code/java/frameworks/google/GoogleHttpClientApi.qll
Просмотреть файл

@ -14,18 +14,17 @@ private class TypeLiteralToParseAsFlowConfiguration extends DataFlow::Configurat
TypeLiteralToParseAsFlowConfiguration() {
this = "GoogleHttpClientApi::TypeLiteralToParseAsFlowConfiguration"
}
override predicate isSource(DataFlow::Node source) {
source.asExpr() instanceof TypeLiteral
}
override predicate isSource(DataFlow::Node source) { source.asExpr() instanceof TypeLiteral }
override predicate isSink(DataFlow::Node sink) {
exists(MethodAccess ma |
ma.getAnArgument() = sink.asExpr() and
ma.getMethod() instanceof ParseAsMethod
)
}
TypeLiteral getSourceWithFlowToParseAs() {
hasFlow(DataFlow::exprNode(result), _)
}
TypeLiteral getSourceWithFlowToParseAs() { hasFlow(DataFlow::exprNode(result), _) }
}
/** A field that is deserialized by `HttpResponse.parseAs`. */

39
java/ql/src/semmle/code/java/frameworks/gwt/GWT.qll
Просмотреть файл

@ -4,16 +4,12 @@ import GwtUiBinder
/** The `com.google.gwt.core.client.EntryPoint` interface. */
class GwtEntryPointInterface extends Interface {
GwtEntryPointInterface() {
this.hasQualifiedName("com.google.gwt.core.client", "EntryPoint")
}
GwtEntryPointInterface() { this.hasQualifiedName("com.google.gwt.core.client", "EntryPoint") }
}
/** A GWT class that implements the `EntryPoint` interface. */
class GwtEntryPointClass extends Class {
GwtEntryPointClass() {
this.getAnAncestor() instanceof GwtEntryPointInterface
}
GwtEntryPointClass() { this.getAnAncestor() instanceof GwtEntryPointInterface }
/** Gets the method serving as a GWT entry-point. */
Method getOnModuleLoadMethod() {
@ -39,11 +35,14 @@ class GwtEntryPointClass extends Class {
* In the absence of such a file, we cannot guarantee that `EntryPoint`s without annotations
* are live.
*/
isGwtXmlIncluded() implies
isGwtXmlIncluded()
implies
(
/*
* The entry point is live if it is specified in a `*.gwt.xml` file.
*/
exists(getAGwtXmlFile())
)
}
@ -55,9 +54,7 @@ class GwtEntryPointClass extends Class {
*/
class GwtCompilationUnit extends CompilationUnit {
GwtCompilationUnit() {
exists(GwtXmlFile f |
getRelativePath().matches(f.getARelativeSourcePath() + "%")
)
exists(GwtXmlFile f | getRelativePath().matches(f.getARelativeSourcePath() + "%"))
}
}
@ -77,12 +74,14 @@ private predicate jsniComment(Javadoc jsni, Method m) {
// The comment must start with `-{` ...
jsni.getChild(0).getText().matches("-{%") and
// ... and it must end with `}-`.
jsni.getChild(jsni.getNumChild()-1).getText().matches("%}-") and
jsni.getChild(jsni.getNumChild() - 1).getText().matches("%}-") and
// The associated callable must be marked as `native` ...
m.isNative() and
// ... and the comment has to be contained in `m`.
jsni.getFile() = m.getFile() and
jsni.getLocation().getStartLine() in [m.getLocation().getStartLine()..m.getLocation().getEndLine()]
jsni.getLocation().getStartLine() in [m.getLocation().getStartLine() .. m
.getLocation()
.getEndLine()]
}
/**
@ -90,26 +89,18 @@ private predicate jsniComment(Javadoc jsni, Method m) {
* implementing a native method.
*/
class JSNIComment extends Javadoc {
JSNIComment() {
jsniComment(this, _)
}
JSNIComment() { jsniComment(this, _) }
/** Gets the method implemented by this comment. */
Method getImplementedMethod() {
jsniComment(this, result)
}
Method getImplementedMethod() { jsniComment(this, result) }
}
/**
* A JavaScript Native Interface (JSNI) method.
*/
class JSNIMethod extends Method {
JSNIMethod() {
jsniComment(_, this)
}
JSNIMethod() { jsniComment(_, this) }
/** Gets the comment containing the JavaScript code for this method. */
JSNIComment getImplementation() {
jsniComment(result, this)
}
JSNIComment getImplementation() { jsniComment(result, this) }
}

49
java/ql/src/semmle/code/java/frameworks/gwt/GwtUiBinder.qll
Просмотреть файл

@ -9,55 +9,42 @@ import java
import GwtUiBinderXml
class GwtUiBinderClientAnnotation extends Annotation {
GwtUiBinderClientAnnotation() {
getType().getPackage().hasName("com.google.gwt.uibinder.client")
}
GwtUiBinderClientAnnotation() { getType().getPackage().hasName("com.google.gwt.uibinder.client") }
}
class GwtUiHandlerAnnotation extends GwtUiBinderClientAnnotation {
GwtUiHandlerAnnotation() {
getType().hasName("UiHandler")
}
GwtUiHandlerAnnotation() { getType().hasName("UiHandler") }
}
class GwtUiFieldAnnotation extends GwtUiBinderClientAnnotation {
GwtUiFieldAnnotation() {
getType().hasName("UiField")
}
GwtUiFieldAnnotation() { getType().hasName("UiField") }
}
class GwtUiTemplateAnnotation extends GwtUiBinderClientAnnotation {
GwtUiTemplateAnnotation() {
getType().hasName("UiTemplate")
}
GwtUiTemplateAnnotation() { getType().hasName("UiTemplate") }
}
class GwtUiFactoryAnnotation extends GwtUiBinderClientAnnotation {
GwtUiFactoryAnnotation() {
getType().hasName("UiFactory")
}
GwtUiFactoryAnnotation() { getType().hasName("UiFactory") }
}
class GwtUiConstructorAnnotation extends GwtUiBinderClientAnnotation {
GwtUiConstructorAnnotation() {
getType().hasName("UiConstructor")
}
GwtUiConstructorAnnotation() { getType().hasName("UiConstructor") }
}
/**
* A field that is reflectively written to, and read from, by the GWT UiBinder framework.
*/
class GwtUiField extends Field {
GwtUiField() {
getAnAnnotation() instanceof GwtUiFieldAnnotation
}
GwtUiField() { getAnAnnotation() instanceof GwtUiFieldAnnotation }
/**
* If true, the field must be filled before `UiBinder.createAndBindUi` is called.
* If false, `UiBinder.createAndBindUi` will fill the field.
*/
predicate isProvided() {
getAnAnnotation().(GwtUiFieldAnnotation).getValue("provided").(BooleanLiteral).getBooleanValue() = true
getAnAnnotation().(GwtUiFieldAnnotation).getValue("provided").(BooleanLiteral).getBooleanValue() =
true
}
}
@ -65,15 +52,17 @@ class GwtUiField extends Field {
* A method called as a handler for events thrown by GWT widgets.
*/
class GwtUiHandler extends Method {
GwtUiHandler() {
getAnAnnotation() instanceof GwtUiHandlerAnnotation
}
GwtUiHandler() { getAnAnnotation() instanceof GwtUiHandlerAnnotation }
/**
* Gets the name of the field for which this handler is registered.
*/
string getFieldName() {
result = getAnAnnotation().(GwtUiHandlerAnnotation).getValue("value").(CompileTimeConstantExpr).getStringValue()
result = getAnAnnotation()
.(GwtUiHandlerAnnotation)
.getValue("value")
.(CompileTimeConstantExpr)
.getStringValue()
}
/**
@ -90,16 +79,12 @@ class GwtUiHandler extends Method {
* construct an instance of a class specified in a UiBinder XML file.
*/
class GwtUiFactory extends Method {
GwtUiFactory() {
getAnAnnotation() instanceof GwtUiFactoryAnnotation
}
GwtUiFactory() { getAnAnnotation() instanceof GwtUiFactoryAnnotation }
}
/**
* A constructor that may be called by the UiBinder framework as a result of a `GWT.create()` call.
*/
class GwtUiConstructor extends Constructor {
GwtUiConstructor() {
getAnAnnotation() instanceof GwtUiConstructorAnnotation
}
GwtUiConstructor() { getAnAnnotation() instanceof GwtUiConstructorAnnotation }
}

12
java/ql/src/semmle/code/java/frameworks/gwt/GwtUiBinderXml.qll
Просмотреть файл

@ -6,14 +6,10 @@ import java
/** A GWT UiBinder XML template file with a `.ui.xml` suffix. */
class GwtUiTemplateXmlFile extends XMLFile {
GwtUiTemplateXmlFile() {
this.getBaseName().matches("%.ui.xml")
}
GwtUiTemplateXmlFile() { this.getBaseName().matches("%.ui.xml") }
/** Gets the top-level UiBinder element. */
GwtUiBinderTemplateElement getUiBinderElement() {
result = this.getAChild()
}
GwtUiBinderTemplateElement getUiBinderElement() { result = this.getAChild() }
}
/** The top-level `<ui:UiBinder>` element of a GWT UiBinder template XML file. */
@ -30,9 +26,7 @@ class GwtUiBinderTemplateElement extends XMLElement {
*/
class GwtComponentTemplateElement extends XMLElement {
GwtComponentTemplateElement() {
exists(GwtUiBinderTemplateElement templateElement |
this = templateElement.getAChild*()
|
exists(GwtUiBinderTemplateElement templateElement | this = templateElement.getAChild*() |
this.getNamespace().getURI().substring(0, 10) = "urn:import"
)
}

45
java/ql/src/semmle/code/java/frameworks/gwt/GwtXml.qll
Просмотреть файл

@ -3,20 +3,14 @@ import semmle.code.xml.XML
/**
* Holds if any `*.gwt.xml` files are included in this snapshot.
*/
predicate isGwtXmlIncluded() {
exists(GwtXmlFile webXML)
}
predicate isGwtXmlIncluded() { exists(GwtXmlFile webXML) }
/** A GWT module XML file with a `.gwt.xml` suffix. */
class GwtXmlFile extends XMLFile {
GwtXmlFile() {
this.getBaseName().matches("%.gwt.xml")
}
GwtXmlFile() { this.getBaseName().matches("%.gwt.xml") }
/** Gets the top-level module element of a GWT module XML file. */
GwtModuleElement getModuleElement() {
result = this.getAChild()
}
GwtModuleElement getModuleElement() { result = this.getAChild() }
/** Gets the name of an inherited GWT module, for example `com.google.gwt.user.User`. */
string getAnInheritedModuleName() {
@ -27,15 +21,13 @@ class GwtXmlFile extends XMLFile {
GwtXmlFile getAnInheritedXmlFile() {
exists(GwtXmlFile f, string name |
name = getAnInheritedModuleName() and
f.getAbsolutePath().matches("%/" + name.replaceAll(".","/") + ".gwt.xml") and
f.getAbsolutePath().matches("%/" + name.replaceAll(".", "/") + ".gwt.xml") and
result = f
)
}
/** Gets the relative path of the folder containing this GWT module XML file. */
string getRelativeRootFolderPath() {
result = getParentContainer().getRelativePath()
}
string getRelativeRootFolderPath() { result = getParentContainer().getRelativePath() }
/** Gets a GWT-translatable source sub-folder explicitly defined in a `<source>` element. */
string getAnExplicitSourceSubPath() {
@ -47,7 +39,8 @@ class GwtXmlFile extends XMLFile {
* Either the default `client` folder or as specified by `<source>` tags.
*/
string getASourceSubPath() {
(result = "client" and not exists(getAnExplicitSourceSubPath())) or
(result = "client" and not exists(getAnExplicitSourceSubPath()))
or
result = getAnExplicitSourceSubPath()
}
@ -69,19 +62,13 @@ class GwtModuleElement extends XMLElement {
}
/** Gets an element of the form `<inherits>`, which specifies a GWT module to inherit. */
GwtInheritsElement getAnInheritsElement() {
result = this.getAChild()
}
GwtInheritsElement getAnInheritsElement() { result = this.getAChild() }
/** Gets an element of the form `<entry-point>`, which specifies a GWT entry-point class name. */
GwtEntryPointElement getAnEntryPointElement() {
result = this.getAChild()
}
GwtEntryPointElement getAnEntryPointElement() { result = this.getAChild() }
/** Gets an element of the form `<source>`, which specifies a GWT-translatable source path. */
GwtSourceElement getASourceElement() {
result = this.getAChild()
}
GwtSourceElement getASourceElement() { result = this.getAChild() }
}
/** An `<inherits>` element within a GWT module XML file. */
@ -92,9 +79,7 @@ class GwtInheritsElement extends XMLElement {
}
/** Gets the name of an inherited GWT module, for example `com.google.gwt.user.User`. */
string getAnInheritedName() {
result = getAttribute("name").getValue()
}
string getAnInheritedName() { result = getAttribute("name").getValue() }
}
/** An `<entry-point>` element within a GWT module XML file. */
@ -105,9 +90,7 @@ class GwtEntryPointElement extends XMLElement {
}
/** Gets the name of a class that serves as a GWT entry-point. */
string getClassName() {
result = getAttribute("class").getValue().trim()
}
string getClassName() { result = getAttribute("class").getValue().trim() }
}
/** A `<source>` element within a GWT module XML file. */
@ -135,7 +118,5 @@ class GwtServletElement extends XMLElement {
}
/** Gets the name of a class that is used as a servlet. */
string getClassName() {
result = getAttribute("class").getValue().trim()
}
string getClassName() { result = getAttribute("class").getValue().trim() }
}

14
java/ql/src/semmle/code/java/frameworks/j2objc/J2ObjC.qll
Просмотреть файл

@ -8,7 +8,7 @@ class OCNIComment extends Javadoc {
// The comment must start with `-[` ...
getChild(0).getText().matches("-[%") and
// ... and it must end with `]-`.
getChild(getNumChild()-1).getText().matches("%]-")
getChild(getNumChild() - 1).getText().matches("%]-")
}
}
@ -18,7 +18,9 @@ private predicate ocniComment(OCNIComment ocni, Method m) {
m.isNative() and
// ... and the comment has to be contained in `m`.
ocni.getFile() = m.getFile() and
ocni.getLocation().getStartLine() in [m.getLocation().getStartLine()..m.getLocation().getEndLine()]
ocni.getLocation().getStartLine() in [m.getLocation().getStartLine() .. m
.getLocation()
.getEndLine()]
}
/**
@ -26,14 +28,10 @@ private predicate ocniComment(OCNIComment ocni, Method m) {
* implementing a native method.
*/
class OCNIMethodComment extends OCNIComment {
OCNIMethodComment() {
ocniComment(this, _)
}
OCNIMethodComment() { ocniComment(this, _) }
/** Gets the method implemented by this comment. */
Method getImplementedMethod() {
ocniComment(this, result)
}
Method getImplementedMethod() { ocniComment(this, result) }
}
/**

69
java/ql/src/semmle/code/java/frameworks/jackson/JacksonSerializability.qll
Просмотреть файл

@ -16,8 +16,7 @@ class JacksonJSONIgnoreAnnotation extends NonReflectiveAnnotation {
}
}
abstract class JacksonSerializableType extends Type {
}
abstract class JacksonSerializableType extends Type { }
/**
* A method used for serializing objects using Jackson. The final parameter is the object to be
@ -36,7 +35,7 @@ library class JacksonWriteValueMethod extends Method {
library class ExplicitlyWrittenJacksonSerializableType extends JacksonSerializableType {
ExplicitlyWrittenJacksonSerializableType() {
exists( MethodAccess ma |
exists(MethodAccess ma |
// A call to a Jackson write method...
ma.getMethod() instanceof JacksonWriteValueMethod and
// ...where `this` is used in the final argument, indicating that this type will be serialized.
@ -51,16 +50,15 @@ library class FieldReferencedJacksonSerializableType extends JacksonSerializable
}
}
abstract class JacksonDeserializableType extends Type {
}
abstract class JacksonDeserializableType extends Type { }
private class TypeLiteralToJacksonDatabindFlowConfiguration extends DataFlow::Configuration {
TypeLiteralToJacksonDatabindFlowConfiguration() {
this = "TypeLiteralToJacksonDatabindFlowConfiguration"
}
override predicate isSource(DataFlow::Node source) {
source.asExpr() instanceof TypeLiteral
}
override predicate isSource(DataFlow::Node source) { source.asExpr() instanceof TypeLiteral }
override predicate isSink(DataFlow::Node sink) {
exists(MethodAccess ma, Method m, int i |
ma.getArgument(i) = sink.asExpr() and
@ -73,9 +71,8 @@ private class TypeLiteralToJacksonDatabindFlowConfiguration extends DataFlow::Co
)
)
}
TypeLiteral getSourceWithFlowToJacksonDatabind() {
hasFlow(DataFlow::exprNode(result), _)
}
TypeLiteral getSourceWithFlowToJacksonDatabind() { hasFlow(DataFlow::exprNode(result), _) }
}
library class ExplicitlyReadJacksonDeserializableType extends JacksonDeserializableType {
@ -93,7 +90,7 @@ library class FieldReferencedJacksonDeSerializableType extends JacksonDeserializ
}
class JacksonSerializableField extends SerializableField {
JacksonSerializableField(){
JacksonSerializableField() {
exists(JacksonSerializableType superType |
superType = getDeclaringType().getASupertype*() and
not superType instanceof TypeObject and
@ -104,7 +101,7 @@ class JacksonSerializableField extends SerializableField {
}
class JacksonDeserializableField extends DeserializableField {
JacksonDeserializableField(){
JacksonDeserializableField() {
exists(JacksonDeserializableType superType |
superType = getDeclaringType().getASupertype*() and
not superType instanceof TypeObject and
@ -125,7 +122,7 @@ class JacksonAddMixinCall extends MethodAccess {
exists(Method m |
m = this.getMethod() and
m.getDeclaringType().hasQualifiedName("com.fasterxml.jackson.databind", "ObjectMapper")
|
|
m.hasName("addMixIn") or
m.hasName("addMixInAnnotations")
)
@ -134,45 +131,34 @@ class JacksonAddMixinCall extends MethodAccess {
/**
* Gets a possible type for the target of the mixing, if any can be deduced.
*/
RefType getATarget() {
result = inferClassParameterType(getArgument(0))
}
RefType getATarget() { result = inferClassParameterType(getArgument(0)) }
/**
* Gets a possible type that will be mixed in, if any can be deduced.
*/
RefType getAMixedInType() {
result = inferClassParameterType(getArgument(1))
}
RefType getAMixedInType() { result = inferClassParameterType(getArgument(1)) }
}
/**
* A Jackson annotation.
*/
class JacksonAnnotation extends Annotation {
JacksonAnnotation() {
getType().getPackage().hasName("com.fasterxml.jackson.annotation")
}
JacksonAnnotation() { getType().getPackage().hasName("com.fasterxml.jackson.annotation") }
}
/**
* A type used as a Jackson mixin type.
*/
class JacksonMixinType extends ClassOrInterface {
JacksonMixinType() {
exists(JacksonAddMixinCall mixinCall |
this = mixinCall.getAMixedInType()
)
}
JacksonMixinType() { exists(JacksonAddMixinCall mixinCall | this = mixinCall.getAMixedInType()) }
/**
* Gets a type that this type is mixed into.
*/
RefType getATargetType() {
exists(JacksonAddMixinCall mixinCall |
this = mixinCall.getAMixedInType()
|
result = mixinCall.getATarget())
exists(JacksonAddMixinCall mixinCall | this = mixinCall.getAMixedInType() |
result = mixinCall.getATarget()
)
}
/**
@ -198,18 +184,14 @@ class JacksonMixinType extends ClassOrInterface {
class JacksonMixedInCallable extends Callable {
JacksonMixedInCallable() {
exists(JacksonMixinType mixinType |
this = mixinType.getAMixedInCallable()
)
exists(JacksonMixinType mixinType | this = mixinType.getAMixedInCallable())
}
/**
* Gets a candidate target type that this callable can be mixed into.
*/
RefType getATargetType() {
exists(JacksonMixinType mixinType |
this = mixinType.getAMixedInCallable()
|
exists(JacksonMixinType mixinType | this = mixinType.getAMixedInCallable() |
result = mixinType.getATargetType()
)
}
@ -218,16 +200,17 @@ class JacksonMixedInCallable extends Callable {
* Gets a callable on a possible target that this is mixed into.
*/
Callable getATargetCallable() {
exists(RefType targetType |
targetType = getATargetType()
|
exists(RefType targetType | targetType = getATargetType() |
result = getATargetType().getACallable() and
if this instanceof Constructor then
if this instanceof Constructor
then
/*
* The mixed in type will have a different name to the target type, so just compare the
* parameters.
*/
result.getSignature().suffix(targetType.getName().length()) = getSignature().suffix(getDeclaringType().getName().length())
result.getSignature().suffix(targetType.getName().length()) = getSignature()
.suffix(getDeclaringType().getName().length())
else
// Signatures should match
result.getSignature() = getSignature()

16
java/ql/src/semmle/code/java/frameworks/javaee/JavaServerFaces.qll
Просмотреть файл

@ -6,9 +6,7 @@ import semmle.code.java.frameworks.javaee.jsf.JSFFacesContextXML
* A method that is visible to faces, if the instance type is visible to faces.
*/
library class FacesVisibleMethod extends Method {
FacesVisibleMethod() {
isPublic() and not isStatic()
}
FacesVisibleMethod() { isPublic() and not isStatic() }
}
/**
@ -20,9 +18,7 @@ library class FacesVisibleMethod extends Method {
*/
class FacesManagedBean extends Class {
FacesManagedBean() {
exists(FacesManagedBeanAnnotation beanAnnotation |
this = beanAnnotation.getManagedBeanClass()
) or
exists(FacesManagedBeanAnnotation beanAnnotation | this = beanAnnotation.getManagedBeanClass()) or
exists(FacesConfigManagedBeanClass facesConfigBeanClassDecl |
this = facesConfigBeanClassDecl.getManagedBeanClass()
)
@ -40,15 +36,13 @@ class FacesAccessibleType extends RefType {
exists(RefType accessibleClass, FacesVisibleMethod accessibleMethod |
accessibleClass instanceof FacesManagedBean or
accessibleClass instanceof FacesAccessibleType
|
|
accessibleMethod = accessibleClass.getAMethod() and
this = accessibleMethod.getReturnType()
)
}
FacesVisibleMethod getAnAccessibleMethod() {
result = getAMethod()
}
FacesVisibleMethod getAnAccessibleMethod() { result = getAMethod() }
}
/**
@ -62,7 +56,7 @@ class FacesAccessibleType extends RefType {
class FacesComponent extends Class {
FacesComponent() {
// Must extend UIComponent for it to be a valid component.
getAnAncestor().hasQualifiedName("javax.faces.component","UIComponent") and
getAnAncestor().hasQualifiedName("javax.faces.component", "UIComponent") and
(
// Must be registered using either an annotation
exists(FacesComponentAnnotation componentAnnotation |

208
java/ql/src/semmle/code/java/frameworks/javaee/Persistence.qll
Просмотреть файл

@ -18,27 +18,31 @@ class PersistentEntity extends RefType {
* instead.
*/
string getAccessType() {
if exists(getAccessTypeFromAnnotation()) then
result = getAccessTypeFromAnnotation()
if exists(getAccessTypeFromAnnotation())
then result = getAccessTypeFromAnnotation()
else
/*
* If the access type is not explicit, then the location of the `Id` annotation determines
* which access type is used.
*/
if getAMethod().hasAnnotation("javax.persistence", "Id") then
result = "property"
else
result = "field"
if getAMethod().hasAnnotation("javax.persistence", "Id")
then result = "property"
else result = "field"
}
/**
* If there is an annotation on this class defining the access type, then this is the type.
*/
string getAccessTypeFromAnnotation() {
exists(AccessAnnotation accessType |
accessType = getAnAnnotation()
|
result = accessType.getValue("value").(FieldRead).getField().(EnumConstant).getName().toLowerCase()
exists(AccessAnnotation accessType | accessType = getAnAnnotation() |
result = accessType
.getValue("value")
.(FieldRead)
.getField()
.(EnumConstant)
.getName()
.toLowerCase()
)
}
}
@ -48,15 +52,11 @@ class PersistentEntity extends RefType {
*/
class AccessAnnotation extends Annotation {
AccessAnnotation() {
this.getType().hasQualifiedName("javax.persistence", "Access")
}
AccessAnnotation() { this.getType().hasQualifiedName("javax.persistence", "Access") }
}
class AccessTypeAnnotation extends Annotation {
AccessTypeAnnotation() {
this.getType().hasQualifiedName("javax.persistence", "AccessType")
}
AccessTypeAnnotation() { this.getType().hasQualifiedName("javax.persistence", "AccessType") }
}
class AssociationOverrideAnnotation extends Annotation {
@ -84,15 +84,11 @@ class AttributeOverridesAnnotation extends Annotation {
}
class BasicAnnotation extends Annotation {
BasicAnnotation() {
this.getType().hasQualifiedName("javax.persistence", "Basic")
}
BasicAnnotation() { this.getType().hasQualifiedName("javax.persistence", "Basic") }
}
class CacheableAnnotation extends Annotation {
CacheableAnnotation() {
this.getType().hasQualifiedName("javax.persistence", "Cacheable")
}
CacheableAnnotation() { this.getType().hasQualifiedName("javax.persistence", "Cacheable") }
}
class CollectionTableAnnotation extends Annotation {
@ -102,15 +98,11 @@ class CollectionTableAnnotation extends Annotation {
}
class ColumnAnnotation extends Annotation {
ColumnAnnotation() {
this.getType().hasQualifiedName("javax.persistence", "Column")
}
ColumnAnnotation() { this.getType().hasQualifiedName("javax.persistence", "Column") }
}
class ColumnResultAnnotation extends Annotation {
ColumnResultAnnotation() {
this.getType().hasQualifiedName("javax.persistence", "ColumnResult")
}
ColumnResultAnnotation() { this.getType().hasQualifiedName("javax.persistence", "ColumnResult") }
}
class DiscriminatorColumnAnnotation extends Annotation {
@ -132,27 +124,19 @@ class ElementCollectionAnnotation extends Annotation {
}
class EmbeddableAnnotation extends Annotation {
EmbeddableAnnotation() {
this.getType().hasQualifiedName("javax.persistence", "Embeddable")
}
EmbeddableAnnotation() { this.getType().hasQualifiedName("javax.persistence", "Embeddable") }
}
class EmbeddedAnnotation extends Annotation {
EmbeddedAnnotation() {
this.getType().hasQualifiedName("javax.persistence", "Embedded")
}
EmbeddedAnnotation() { this.getType().hasQualifiedName("javax.persistence", "Embedded") }
}
class EmbeddedIdAnnotation extends Annotation {
EmbeddedIdAnnotation() {
this.getType().hasQualifiedName("javax.persistence", "EmbeddedId")
}
EmbeddedIdAnnotation() { this.getType().hasQualifiedName("javax.persistence", "EmbeddedId") }
}
class EntityAnnotation extends Annotation {
EntityAnnotation() {
this.getType().hasQualifiedName("javax.persistence", "Entity")
}
EntityAnnotation() { this.getType().hasQualifiedName("javax.persistence", "Entity") }
}
class EntityListenersAnnotation extends Annotation {
@ -162,15 +146,11 @@ class EntityListenersAnnotation extends Annotation {
}
class EntityResultAnnotation extends Annotation {
EntityResultAnnotation() {
this.getType().hasQualifiedName("javax.persistence", "EntityResult")
}
EntityResultAnnotation() { this.getType().hasQualifiedName("javax.persistence", "EntityResult") }
}
class EnumeratedAnnotation extends Annotation {
EnumeratedAnnotation() {
this.getType().hasQualifiedName("javax.persistence", "Enumerated")
}
EnumeratedAnnotation() { this.getType().hasQualifiedName("javax.persistence", "Enumerated") }
}
class ExcludeDefaultListenersAnnotation extends Annotation {
@ -186,9 +166,7 @@ class ExcludeSuperclassListenersAnnotation extends Annotation {
}
class FieldResultAnnotation extends Annotation {
FieldResultAnnotation() {
this.getType().hasQualifiedName("javax.persistence", "FieldResult")
}
FieldResultAnnotation() { this.getType().hasQualifiedName("javax.persistence", "FieldResult") }
}
class GeneratedValueAnnotation extends Annotation {
@ -198,75 +176,51 @@ class GeneratedValueAnnotation extends Annotation {
}
class IdAnnotation extends Annotation {
IdAnnotation() {
this.getType().hasQualifiedName("javax.persistence", "Id")
}
IdAnnotation() { this.getType().hasQualifiedName("javax.persistence", "Id") }
}
class IdClassAnnotation extends Annotation {
IdClassAnnotation() {
this.getType().hasQualifiedName("javax.persistence", "IdClass")
}
IdClassAnnotation() { this.getType().hasQualifiedName("javax.persistence", "IdClass") }
}
class InheritanceAnnotation extends Annotation {
InheritanceAnnotation() {
this.getType().hasQualifiedName("javax.persistence", "Inheritance")
}
InheritanceAnnotation() { this.getType().hasQualifiedName("javax.persistence", "Inheritance") }
}
class JoinColumnAnnotation extends Annotation {
JoinColumnAnnotation() {
this.getType().hasQualifiedName("javax.persistence", "JoinColumn")
}
JoinColumnAnnotation() { this.getType().hasQualifiedName("javax.persistence", "JoinColumn") }
}
class JoinColumnsAnnotation extends Annotation {
JoinColumnsAnnotation() {
this.getType().hasQualifiedName("javax.persistence", "JoinColumns")
}
JoinColumnsAnnotation() { this.getType().hasQualifiedName("javax.persistence", "JoinColumns") }
}
class JoinTableAnnotation extends Annotation {
JoinTableAnnotation() {
this.getType().hasQualifiedName("javax.persistence", "JoinTable")
}
JoinTableAnnotation() { this.getType().hasQualifiedName("javax.persistence", "JoinTable") }
}
class LobAnnotation extends Annotation {
LobAnnotation() {
this.getType().hasQualifiedName("javax.persistence", "Lob")
}
LobAnnotation() { this.getType().hasQualifiedName("javax.persistence", "Lob") }
}
class ManyToManyAnnotation extends Annotation {
ManyToManyAnnotation() {
this.getType().hasQualifiedName("javax.persistence", "ManyToMany")
}
ManyToManyAnnotation() { this.getType().hasQualifiedName("javax.persistence", "ManyToMany") }
}
class ManyToOneAnnotation extends Annotation {
ManyToOneAnnotation() {
this.getType().hasQualifiedName("javax.persistence", "ManyToOne")
}
ManyToOneAnnotation() { this.getType().hasQualifiedName("javax.persistence", "ManyToOne") }
}
class MapKeyAnnotation extends Annotation {
MapKeyAnnotation() {
this.getType().hasQualifiedName("javax.persistence", "MapKey")
}
MapKeyAnnotation() { this.getType().hasQualifiedName("javax.persistence", "MapKey") }
}
class MapKeyClassAnnotation extends Annotation {
MapKeyClassAnnotation() {
this.getType().hasQualifiedName("javax.persistence", "MapKeyClass")
}
MapKeyClassAnnotation() { this.getType().hasQualifiedName("javax.persistence", "MapKeyClass") }
}
class MapKeyColumnAnnotation extends Annotation {
MapKeyColumnAnnotation() {
this.getType().hasQualifiedName("javax.persistence", "MapKeyColumn")
}
MapKeyColumnAnnotation() { this.getType().hasQualifiedName("javax.persistence", "MapKeyColumn") }
}
class MapKeyEnumeratedAnnotation extends Annotation {
@ -300,9 +254,7 @@ class MappedSuperclassAnnotation extends Annotation {
}
class MapsIdAnnotation extends Annotation {
MapsIdAnnotation() {
this.getType().hasQualifiedName("javax.persistence", "MapsId")
}
MapsIdAnnotation() { this.getType().hasQualifiedName("javax.persistence", "MapsId") }
}
class NamedNativeQueriesAnnotation extends Annotation {
@ -318,39 +270,27 @@ class NamedNativeQueryAnnotation extends Annotation {
}
class NamedQueriesAnnotation extends Annotation {
NamedQueriesAnnotation() {
this.getType().hasQualifiedName("javax.persistence", "NamedQueries")
}
NamedQueriesAnnotation() { this.getType().hasQualifiedName("javax.persistence", "NamedQueries") }
}
class NamedQueryAnnotation extends Annotation {
NamedQueryAnnotation() {
this.getType().hasQualifiedName("javax.persistence", "NamedQuery")
}
NamedQueryAnnotation() { this.getType().hasQualifiedName("javax.persistence", "NamedQuery") }
}
class OneToManyAnnotation extends Annotation {
OneToManyAnnotation() {
this.getType().hasQualifiedName("javax.persistence", "OneToMany")
}
OneToManyAnnotation() { this.getType().hasQualifiedName("javax.persistence", "OneToMany") }
}
class OneToOneAnnotation extends Annotation {
OneToOneAnnotation() {
this.getType().hasQualifiedName("javax.persistence", "OneToOne")
}
OneToOneAnnotation() { this.getType().hasQualifiedName("javax.persistence", "OneToOne") }
}
class OrderByAnnotation extends Annotation {
OrderByAnnotation() {
this.getType().hasQualifiedName("javax.persistence", "OrderBy")
}
OrderByAnnotation() { this.getType().hasQualifiedName("javax.persistence", "OrderBy") }
}
class OrderColumnAnnotation extends Annotation {
OrderColumnAnnotation() {
this.getType().hasQualifiedName("javax.persistence", "OrderColumn")
}
OrderColumnAnnotation() { this.getType().hasQualifiedName("javax.persistence", "OrderColumn") }
}
class PersistenceContextAnnotation extends Annotation {
@ -384,45 +324,31 @@ class PersistenceUnitsAnnotation extends Annotation {
}
class PostLoadAnnotation extends Annotation {
PostLoadAnnotation() {
this.getType().hasQualifiedName("javax.persistence", "PostLoad")
}
PostLoadAnnotation() { this.getType().hasQualifiedName("javax.persistence", "PostLoad") }
}
class PostPersistAnnotation extends Annotation {
PostPersistAnnotation() {
this.getType().hasQualifiedName("javax.persistence", "PostPersist")
}
PostPersistAnnotation() { this.getType().hasQualifiedName("javax.persistence", "PostPersist") }
}
class PostRemoveAnnotation extends Annotation {
PostRemoveAnnotation() {
this.getType().hasQualifiedName("javax.persistence", "PostRemove")
}
PostRemoveAnnotation() { this.getType().hasQualifiedName("javax.persistence", "PostRemove") }
}
class PostUpdateAnnotation extends Annotation {
PostUpdateAnnotation() {
this.getType().hasQualifiedName("javax.persistence", "PostUpdate")
}
PostUpdateAnnotation() { this.getType().hasQualifiedName("javax.persistence", "PostUpdate") }
}
class PrePersistAnnotation extends Annotation {
PrePersistAnnotation() {
this.getType().hasQualifiedName("javax.persistence", "PrePersist")
}
PrePersistAnnotation() { this.getType().hasQualifiedName("javax.persistence", "PrePersist") }
}
class PreRemoveAnnotation extends Annotation {
PreRemoveAnnotation() {
this.getType().hasQualifiedName("javax.persistence", "PreRemove")
}
PreRemoveAnnotation() { this.getType().hasQualifiedName("javax.persistence", "PreRemove") }
}
class PreUpdateAnnotation extends Annotation {
PreUpdateAnnotation() {
this.getType().hasQualifiedName("javax.persistence", "PreUpdate")
}
PreUpdateAnnotation() { this.getType().hasQualifiedName("javax.persistence", "PreUpdate") }
}
class PrimaryKeyJoinColumnAnnotation extends Annotation {
@ -438,9 +364,7 @@ class PrimaryKeyJoinColumnsAnnotation extends Annotation {
}
class QueryHintAnnotation extends Annotation {
QueryHintAnnotation() {
this.getType().hasQualifiedName("javax.persistence", "QueryHint")
}
QueryHintAnnotation() { this.getType().hasQualifiedName("javax.persistence", "QueryHint") }
}
class SecondaryTableAnnotation extends Annotation {
@ -474,9 +398,7 @@ class SqlResultSetMappingsAnnotation extends Annotation {
}
class TableAnnotation extends Annotation {
TableAnnotation() {
this.getType().hasQualifiedName("javax.persistence", "Table")
}
TableAnnotation() { this.getType().hasQualifiedName("javax.persistence", "Table") }
}
class TableGeneratorAnnotation extends Annotation {
@ -486,15 +408,11 @@ class TableGeneratorAnnotation extends Annotation {
}
class TemporalAnnotation extends Annotation {
TemporalAnnotation() {
this.getType().hasQualifiedName("javax.persistence", "Temporal")
}
TemporalAnnotation() { this.getType().hasQualifiedName("javax.persistence", "Temporal") }
}
class TransientAnnotation extends Annotation {
TransientAnnotation() {
this.getType().hasQualifiedName("javax.persistence", "Transient")
}
TransientAnnotation() { this.getType().hasQualifiedName("javax.persistence", "Transient") }
}
class UniqueConstraintAnnotation extends Annotation {
@ -504,16 +422,12 @@ class UniqueConstraintAnnotation extends Annotation {
}
class VersionAnnotation extends Annotation {
VersionAnnotation() {
this.getType().hasQualifiedName("javax.persistence", "Version")
}
VersionAnnotation() { this.getType().hasQualifiedName("javax.persistence", "Version") }
}
/** The interface `javax.persistence.EntityManager`. */
class TypeEntityManager extends Interface {
TypeEntityManager() {
this.hasQualifiedName("javax.persistence", "EntityManager")
}
TypeEntityManager() { this.hasQualifiedName("javax.persistence", "EntityManager") }
/** Gets a method named `createQuery` declared in the `EntityManager` interface. */
Method getACreateQueryMethod() {
@ -536,9 +450,7 @@ class TypeEntityManager extends Interface {
/** The interface `javax.persistence.Query`, which represents queries in the Java Persistence Query Language. */
class TypeQuery extends Interface {
TypeQuery() {
this.hasQualifiedName("javax.persistence", "Query")
}
TypeQuery() { this.hasQualifiedName("javax.persistence", "Query") }
/** Gets a method named `setParameter` declared in the `Query` interface. */
Method getASetParameterMethod() {

39
java/ql/src/semmle/code/java/frameworks/javaee/PersistenceXML.qll
Просмотреть файл

@ -4,22 +4,21 @@ import java
* A JavaEE persistence configuration XML file (persistence.xml).
*/
class PersistenceXMLFile extends XMLFile {
PersistenceXMLFile() {
this.getStem() = "persistence"
}
PersistenceXMLFile() { this.getStem() = "persistence" }
PersistenceXmlRoot getRoot() {
result = this.getAChild()
}
PersistenceXmlRoot getRoot() { result = this.getAChild() }
// convenience methods
SharedCacheModeElement getASharedCacheModeElement() {
result = this.getRoot().getAPersistenceUnitElement().getASharedCacheModeElement()
}
PersistencePropertyElement getAPropertyElement() {
result = this.getRoot().getAPersistenceUnitElement().getAPropertiesElement().getAPropertyElement()
result = this
.getRoot()
.getAPersistenceUnitElement()
.getAPropertiesElement()
.getAPropertyElement()
}
}
@ -29,9 +28,7 @@ class PersistenceXmlRoot extends XMLElement {
this.getName() = "persistence"
}
PersistenceUnitElement getAPersistenceUnitElement() {
result = this.getAChild()
}
PersistenceUnitElement getAPersistenceUnitElement() { result = this.getAChild() }
}
class PersistenceUnitElement extends XMLElement {
@ -40,13 +37,9 @@ class PersistenceUnitElement extends XMLElement {
this.getName() = "persistence-unit"
}
SharedCacheModeElement getASharedCacheModeElement() {
result = this.getAChild()
}
SharedCacheModeElement getASharedCacheModeElement() { result = this.getAChild() }
PersistencePropertiesElement getAPropertiesElement() {
result = this.getAChild()
}
PersistencePropertiesElement getAPropertiesElement() { result = this.getAChild() }
}
class SharedCacheModeElement extends XMLElement {
@ -55,13 +48,9 @@ class SharedCacheModeElement extends XMLElement {
this.getName() = "shared-cache-mode"
}
string getValue() {
result = this.getACharactersSet().getCharacters()
}
string getValue() { result = this.getACharactersSet().getCharacters() }
predicate isDisabled() {
this.getValue() = "NONE"
}
predicate isDisabled() { this.getValue() = "NONE" }
}
class PersistencePropertiesElement extends XMLElement {
@ -70,9 +59,7 @@ class PersistencePropertiesElement extends XMLElement {
this.getName() = "properties"
}
PersistencePropertyElement getAPropertyElement() {
result = this.getAChild()
}
PersistencePropertyElement getAPropertyElement() { result = this.getAChild() }
}
class PersistencePropertyElement extends XMLElement {

298
java/ql/src/semmle/code/java/frameworks/javaee/ejb/EJB.qll
Просмотреть файл

@ -6,9 +6,7 @@ import EJBJarXML
*/
abstract class EJB extends Class {
/** Gets a `Callable` that is directly or indirectly called from within the EJB. */
Callable getAUsedCallable() {
getACallable().polyCalls*(result)
}
Callable getAUsedCallable() { getACallable().polyCalls*(result) }
}
/**
@ -23,7 +21,11 @@ class SessionEJB extends EJB {
this.getAnAnnotation().getType().hasName("Stateful") or
// XML deployment descriptor.
exists(EjbJarXMLFile f |
this.getQualifiedName() = f.getASessionElement().getAnEjbClassElement().getACharactersSet().getCharacters()
this.getQualifiedName() = f
.getASessionElement()
.getAnEjbClassElement()
.getACharactersSet()
.getCharacters()
)
}
@ -48,8 +50,7 @@ class SessionEJB extends EJB {
* Any business interfaces that are declared explicitly
* using either an annotation or an XML deployment descriptor.
*/
private
BusinessInterface getAnExplicitBusinessInterface() {
private BusinessInterface getAnExplicitBusinessInterface() {
result.(AnnotatedBusinessInterface).getAnEJB() = this or
result.(XmlSpecifiedBusinessInterface).getAnEJB() = this
}
@ -58,8 +59,7 @@ class SessionEJB extends EJB {
* Any implemented interfaces that are not explicitly excluded
* from being a business interface by the EJB 3.0 specification.
*/
private
Interface getAnImplementedBusinessInterfaceCandidate() {
private Interface getAnImplementedBusinessInterfaceCandidate() {
result = this.getASupertype() and
not result.hasQualifiedName("java.io", "Serializable") and
not result.hasQualifiedName("java.io", "Externalizable") and
@ -72,14 +72,17 @@ class SessionEJB extends EJB {
or
exists(AnnotatedRemoteHomeInterface i | i.getAnEJB() = this |
result = i.getAnAssociatedRemoteInterface()
) or
)
or
result.(XmlSpecifiedRemoteInterface).getAnEJB() = this
}
/** Any remote home interfaces of this EJB. */
LegacyEjbRemoteHomeInterface getARemoteHomeInterface() {
(result = this.getASupertype() and result instanceof ExtendedRemoteHomeInterface) or
result.(AnnotatedRemoteHomeInterface).getAnEJB() = this or
(result = this.getASupertype() and result instanceof ExtendedRemoteHomeInterface)
or
result.(AnnotatedRemoteHomeInterface).getAnEJB() = this
or
result.(XmlSpecifiedRemoteHomeInterface).getAnEJB() = this
}
@ -89,26 +92,25 @@ class SessionEJB extends EJB {
or
exists(AnnotatedLocalHomeInterface i | i.getAnEJB() = this |
result = i.getAnAssociatedLocalInterface()
) or
)
or
result.(XmlSpecifiedLocalInterface).getAnEJB() = this
}
/** Any local home interfaces of this EJB. */
LegacyEjbLocalHomeInterface getALocalHomeInterface() {
(result = this.getASupertype() and result instanceof ExtendedLocalHomeInterface) or
result.(AnnotatedLocalHomeInterface).getAnEJB() = this or
(result = this.getASupertype() and result instanceof ExtendedLocalHomeInterface)
or
result.(AnnotatedLocalHomeInterface).getAnEJB() = this
or
result.(XmlSpecifiedLocalHomeInterface).getAnEJB() = this
}
/** Any `ejbCreate*` methods required for legacy remote or local home interfaces. */
EjbCreateMethod getAnEjbCreateMethod() {
this.inherits(result)
}
EjbCreateMethod getAnEjbCreateMethod() { this.inherits(result) }
/** Any `@Init` methods required for `@RemoteHome` or `@LocalHome` legacy interfaces. */
EjbAnnotatedInitMethod getAnAnnotatedInitMethod() {
this.inherits(result)
}
EjbAnnotatedInitMethod getAnAnnotatedInitMethod() { this.inherits(result) }
}
/**
@ -117,7 +119,8 @@ class SessionEJB extends EJB {
class StatefulSessionEJB extends SessionEJB {
StatefulSessionEJB() {
// EJB annotations.
this.getAnAnnotation().getType().hasName("Stateful") or
this.getAnAnnotation().getType().hasName("Stateful")
or
// XML deployment descriptor.
exists(EjbJarXMLFile f, EjbJarSessionElement se |
se = f.getASessionElement() and
@ -133,7 +136,8 @@ class StatefulSessionEJB extends SessionEJB {
class StatelessSessionEJB extends SessionEJB {
StatelessSessionEJB() {
// EJB annotations.
this.getAnAnnotation().getType().hasName("Stateless") or
this.getAnAnnotation().getType().hasName("Stateless")
or
// XML deployment descriptor.
exists(EjbJarXMLFile f, EjbJarSessionElement se |
se = f.getASessionElement() and
@ -154,7 +158,11 @@ class MessageDrivenBean extends EJB {
this.getAnAnnotation().getType().hasName("MessageDriven") or
// XML deployment descriptor.
exists(EjbJarXMLFile f |
this.getQualifiedName() = f.getAMessageDrivenElement().getAnEjbClassElement().getACharactersSet().getCharacters()
this.getQualifiedName() = f
.getAMessageDrivenElement()
.getAnEjbClassElement()
.getACharactersSet()
.getCharacters()
)
}
}
@ -168,7 +176,11 @@ class EntityEJB extends EJB {
this instanceof EntityBean or
// XML deployment descriptor.
exists(EjbJarXMLFile f |
this.getQualifiedName() = f.getAnEntityElement().getAnEjbClassElement().getACharactersSet().getCharacters()
this.getQualifiedName() = f
.getAnEntityElement()
.getAnEjbClassElement()
.getACharactersSet()
.getCharacters()
)
}
}
@ -206,18 +218,14 @@ abstract class BusinessInterfaceAnnotation extends EjbInterfaceAnnotation { }
* An instance of a `@Remote` annotation.
*/
class RemoteAnnotation extends BusinessInterfaceAnnotation {
RemoteAnnotation() {
this.getType().hasQualifiedName("javax.ejb", "Remote")
}
RemoteAnnotation() { this.getType().hasQualifiedName("javax.ejb", "Remote") }
}
/**
* An instance of a `@Local` annotation.
*/
class LocalAnnotation extends BusinessInterfaceAnnotation {
LocalAnnotation() {
this.getType().hasQualifiedName("javax.ejb", "Local")
}
LocalAnnotation() { this.getType().hasQualifiedName("javax.ejb", "Local") }
}
/**
@ -228,8 +236,10 @@ class LocalAnnotation extends BusinessInterfaceAnnotation {
abstract class BusinessInterface extends Interface {
/** Gets an EJB to which this business interface belongs. */
abstract SessionEJB getAnEJB();
/** Holds if this business interface is declared local. */
abstract predicate isLocal();
/** Holds if this business interface is declared remote. */
abstract predicate isRemote();
}
@ -240,7 +250,11 @@ abstract class BusinessInterface extends Interface {
class XmlSpecifiedBusinessInterface extends BusinessInterface {
XmlSpecifiedBusinessInterface() {
exists(EjbJarXMLFile f |
this.getQualifiedName() = f.getASessionElement().getABusinessElement().getACharactersSet().getCharacters()
this.getQualifiedName() = f
.getASessionElement()
.getABusinessElement()
.getACharactersSet()
.getCharacters()
)
}
@ -254,13 +268,21 @@ class XmlSpecifiedBusinessInterface extends BusinessInterface {
override predicate isLocal() {
exists(EjbJarXMLFile f |
this.getQualifiedName() = f.getASessionElement().getABusinessLocalElement().getACharactersSet().getCharacters()
this.getQualifiedName() = f
.getASessionElement()
.getABusinessLocalElement()
.getACharactersSet()
.getCharacters()
)
}
override predicate isRemote() {
exists(EjbJarXMLFile f |
this.getQualifiedName() = f.getASessionElement().getABusinessRemoteElement().getACharactersSet().getCharacters()
this.getQualifiedName() = f
.getASessionElement()
.getABusinessRemoteElement()
.getACharactersSet()
.getCharacters()
)
}
}
@ -285,13 +307,9 @@ class AnnotatedBusinessInterface extends BusinessInterface {
result.getAnAnnotation().(BusinessInterfaceAnnotation).getANamedType() = this
}
override predicate isLocal() {
this instanceof LocalAnnotatedBusinessInterface
}
override predicate isLocal() { this instanceof LocalAnnotatedBusinessInterface }
override predicate isRemote() {
this instanceof RemoteAnnotatedBusinessInterface
}
override predicate isRemote() { this instanceof RemoteAnnotatedBusinessInterface }
}
/**
@ -319,9 +337,7 @@ class LocalAnnotatedBusinessInterface extends AnnotatedBusinessInterface {
*/
class InitAnnotation extends Annotation {
InitAnnotation() {
this.getType().hasQualifiedName("javax.ejb", "Init")
}
InitAnnotation() { this.getType().hasQualifiedName("javax.ejb", "Init") }
}
class EjbAnnotatedInitMethod extends Method {
@ -337,9 +353,7 @@ class EjbCreateMethod extends Method {
exists(SessionEJB ejb | ejb.inherits(this))
}
string getMethodSuffix() {
result = this.getName().substring(9, this.getName().length())
}
string getMethodSuffix() { result = this.getName().substring(9, this.getName().length()) }
}
class EjbInterfaceCreateMethod extends Method {
@ -348,9 +362,7 @@ class EjbInterfaceCreateMethod extends Method {
exists(LegacyEjbHomeInterface i | i.inherits(this))
}
string getMethodSuffix() {
result = this.getName().substring(6, this.getName().length())
}
string getMethodSuffix() { result = this.getName().substring(6, this.getName().length()) }
}
/*
@ -364,18 +376,14 @@ abstract class HomeAnnotation extends EjbInterfaceAnnotation { }
* An instance of a `@RemoteHome` annotation.
*/
class RemoteHomeAnnotation extends HomeAnnotation {
RemoteHomeAnnotation() {
this.getType().hasQualifiedName("javax.ejb", "RemoteHome")
}
RemoteHomeAnnotation() { this.getType().hasQualifiedName("javax.ejb", "RemoteHome") }
}
/**
* An instance of a `@LocalHome` annotation.
*/
class LocalHomeAnnotation extends HomeAnnotation {
LocalHomeAnnotation() {
this.getType().hasQualifiedName("javax.ejb", "LocalHome")
}
LocalHomeAnnotation() { this.getType().hasQualifiedName("javax.ejb", "LocalHome") }
}
/**
@ -386,9 +394,7 @@ abstract class LegacyEjbInterface extends Interface { }
/** Common superclass for legacy EJB remote home and local home interfaces. */
abstract class LegacyEjbHomeInterface extends LegacyEjbInterface {
/** Any `create*` method of this (remote or local) home interface. */
EjbInterfaceCreateMethod getACreateMethod() {
this.inherits(result)
}
EjbInterfaceCreateMethod getACreateMethod() { this.inherits(result) }
}
/** A legacy remote interface. */
@ -401,7 +407,11 @@ class ExtendedRemoteInterface extends LegacyEjbRemoteInterface, RemoteEJBInterfa
class XmlSpecifiedRemoteInterface extends LegacyEjbRemoteInterface {
XmlSpecifiedRemoteInterface() {
exists(EjbJarXMLFile f |
this.getQualifiedName() = f.getASessionElement().getARemoteElement().getACharactersSet().getCharacters()
this.getQualifiedName() = f
.getASessionElement()
.getARemoteElement()
.getACharactersSet()
.getCharacters()
)
}
@ -428,20 +438,20 @@ class AnnotatedRemoteHomeInterface extends LegacyEjbRemoteHomeInterface {
}
/** Gets an EJB to which this interface belongs. */
SessionEJB getAnEJB() {
result.getAnAnnotation().(RemoteHomeAnnotation).getANamedType() = this
}
SessionEJB getAnEJB() { result.getAnAnnotation().(RemoteHomeAnnotation).getANamedType() = this }
Interface getAnAssociatedRemoteInterface() {
result = getACreateMethod().getReturnType()
}
Interface getAnAssociatedRemoteInterface() { result = getACreateMethod().getReturnType() }
}
/** A legacy remote home interface specified within an XML deployment descriptor. */
class XmlSpecifiedRemoteHomeInterface extends LegacyEjbRemoteHomeInterface {
XmlSpecifiedRemoteHomeInterface() {
exists(EjbJarXMLFile f |
this.getQualifiedName() = f.getASessionElement().getARemoteHomeElement().getACharactersSet().getCharacters()
this.getQualifiedName() = f
.getASessionElement()
.getARemoteHomeElement()
.getACharactersSet()
.getCharacters()
)
}
@ -465,7 +475,11 @@ class ExtendedLocalInterface extends LegacyEjbLocalInterface, LocalEJBInterface
class XmlSpecifiedLocalInterface extends LegacyEjbLocalInterface {
XmlSpecifiedLocalInterface() {
exists(EjbJarXMLFile f |
this.getQualifiedName() = f.getASessionElement().getALocalElement().getACharactersSet().getCharacters()
this.getQualifiedName() = f
.getASessionElement()
.getALocalElement()
.getACharactersSet()
.getCharacters()
)
}
@ -493,20 +507,20 @@ class AnnotatedLocalHomeInterface extends LegacyEjbLocalHomeInterface {
}
/** Gets an EJB to which this interface belongs. */
SessionEJB getAnEJB() {
result.getAnAnnotation().(LocalHomeAnnotation).getANamedType() = this
}
SessionEJB getAnEJB() { result.getAnAnnotation().(LocalHomeAnnotation).getANamedType() = this }
Interface getAnAssociatedLocalInterface() {
result = getACreateMethod().getReturnType()
}
Interface getAnAssociatedLocalInterface() { result = getACreateMethod().getReturnType() }
}
/** A legacy local home interface specified within an XML deployment descriptor. */
class XmlSpecifiedLocalHomeInterface extends LegacyEjbLocalHomeInterface {
XmlSpecifiedLocalHomeInterface() {
exists(EjbJarXMLFile f |
this.getQualifiedName() = f.getASessionElement().getALocalHomeElement().getACharactersSet().getCharacters()
this.getQualifiedName() = f
.getASessionElement()
.getALocalHomeElement()
.getACharactersSet()
.getCharacters()
)
}
@ -545,9 +559,7 @@ class RemoteInterface extends Interface {
* A "remote method" is a method that is available on the remote
* interface (either because it's declared or inherited).
*/
Method getARemoteMethod() {
this.inherits(result)
}
Method getARemoteMethod() { this.inherits(result) }
Method getARemoteMethodImplementation() {
result = getARemoteMethodImplementationChecked() or
@ -619,8 +631,7 @@ Type getAnRmiIncompatibleType(Method m) {
*/
/** Holds if exception `ex` is an unchecked exception. */
private
predicate uncheckedException(Exception ex) {
private predicate uncheckedException(Exception ex) {
ex.getType().getASupertype*().hasQualifiedName("java.lang", "Error") or
ex.getType().getASupertype*().hasQualifiedName("java.lang", "RuntimeException")
}
@ -629,8 +640,7 @@ predicate uncheckedException(Exception ex) {
* Holds if method `m` contains an explicit `throws` clause
* with the same (unchecked) exception type as `ex`.
*/
private
predicate throwsExplicitUncheckedException(Method m, Exception ex) {
private predicate throwsExplicitUncheckedException(Method m, Exception ex) {
exists(ThrowStmt ts | ts.getEnclosingCallable() = m |
uncheckedException(ex) and
ts.getExpr().getType() = ex.getType()
@ -668,17 +678,24 @@ Type inheritsMatchingMethodExceptThrows(SessionEJB ejb, Method m) {
* Holds if `ejb` inherits an `ejbCreate` or `@Init` method matching `create` method `m`.
* (Ignores `throws` clauses.)
*/
predicate inheritsMatchingCreateMethodIgnoreThrows(StatefulSessionEJB ejb, EjbInterfaceCreateMethod icm) {
predicate inheritsMatchingCreateMethodIgnoreThrows(
StatefulSessionEJB ejb, EjbInterfaceCreateMethod icm
) {
exists(EjbCreateMethod cm | cm = ejb.getAnEjbCreateMethod() |
cm.getMethodSuffix() = icm.getMethodSuffix() and
cm.getNumberOfParameters() = icm.getNumberOfParameters() and
forall(Parameter p, Parameter q, int idx | p = cm.getParameter(idx) and q = icm.getParameter(idx) |
forall(Parameter p, Parameter q, int idx |
p = cm.getParameter(idx) and q = icm.getParameter(idx)
|
p.getType() = q.getType()
)
) or
)
or
exists(EjbAnnotatedInitMethod im | im = ejb.getAnAnnotatedInitMethod() |
im.getNumberOfParameters() = icm.getNumberOfParameters() and
forall(Parameter p, Parameter q, int idx | p = im.getParameter(idx) and q = icm.getParameter(idx) |
forall(Parameter p, Parameter q, int idx |
p = im.getParameter(idx) and q = icm.getParameter(idx)
|
p.getType() = q.getType()
)
)
@ -692,20 +709,29 @@ Type inheritsMatchingCreateMethodExceptThrows(StatefulSessionEJB ejb, EjbInterfa
exists(EjbCreateMethod cm | cm = ejb.getAnEjbCreateMethod() |
cm.getMethodSuffix() = icm.getMethodSuffix() and
cm.getNumberOfParameters() = icm.getNumberOfParameters() and
forall(Parameter p, Parameter q, int idx | p = cm.getParameter(idx) and q = icm.getParameter(idx) |
forall(Parameter p, Parameter q, int idx |
p = cm.getParameter(idx) and q = icm.getParameter(idx)
|
p.getType() = q.getType()
) and
exists(Exception ex | ex = cm.getAnException() and not throwsExplicitUncheckedException(cm, ex) |
exists(Exception ex |
ex = cm.getAnException() and not throwsExplicitUncheckedException(cm, ex)
|
not ex.getType().(RefType).hasSupertype*(icm.getAnException().getType()) and
result = ex.getType()
)
) or
)
or
exists(EjbAnnotatedInitMethod im | im = ejb.getAnAnnotatedInitMethod() |
im.getNumberOfParameters() = icm.getNumberOfParameters() and
forall(Parameter p, Parameter q, int idx | p = im.getParameter(idx) and q = icm.getParameter(idx) |
forall(Parameter p, Parameter q, int idx |
p = im.getParameter(idx) and q = icm.getParameter(idx)
|
p.getType() = q.getType()
) and
exists(Exception ex | ex = im.getAnException() and not throwsExplicitUncheckedException(im, ex) |
exists(Exception ex |
ex = im.getAnException() and not throwsExplicitUncheckedException(im, ex)
|
not ex.getType().(RefType).hasSupertype*(icm.getAnException().getType()) and
result = ex.getType()
)
@ -717,9 +743,7 @@ Type inheritsMatchingCreateMethodExceptThrows(StatefulSessionEJB ejb, EjbInterfa
*/
class AccessTimeoutAnnotation extends Annotation {
AccessTimeoutAnnotation() {
this.getType().hasQualifiedName("javax.ejb", "AccessTimeout")
}
AccessTimeoutAnnotation() { this.getType().hasQualifiedName("javax.ejb", "AccessTimeout") }
}
class ActivationConfigPropertyAnnotation extends Annotation {
@ -729,15 +753,11 @@ class ActivationConfigPropertyAnnotation extends Annotation {
}
class AfterBeginAnnotation extends Annotation {
AfterBeginAnnotation() {
this.getType().hasQualifiedName("javax.ejb", "AfterBegin")
}
AfterBeginAnnotation() { this.getType().hasQualifiedName("javax.ejb", "AfterBegin") }
}
class AfterCompletionAnnotation extends Annotation {
AfterCompletionAnnotation() {
this.getType().hasQualifiedName("javax.ejb", "AfterCompletion")
}
AfterCompletionAnnotation() { this.getType().hasQualifiedName("javax.ejb", "AfterCompletion") }
}
class ApplicationExceptionAnnotation extends Annotation {
@ -747,15 +767,11 @@ class ApplicationExceptionAnnotation extends Annotation {
}
class AsynchronousAnnotation extends Annotation {
AsynchronousAnnotation() {
this.getType().hasQualifiedName("javax.ejb", "Asynchronous")
}
AsynchronousAnnotation() { this.getType().hasQualifiedName("javax.ejb", "Asynchronous") }
}
class BeforeCompletionAnnotation extends Annotation {
BeforeCompletionAnnotation() {
this.getType().hasQualifiedName("javax.ejb", "BeforeCompletion")
}
BeforeCompletionAnnotation() { this.getType().hasQualifiedName("javax.ejb", "BeforeCompletion") }
}
class ConcurrencyManagementAnnotation extends Annotation {
@ -765,111 +781,74 @@ class ConcurrencyManagementAnnotation extends Annotation {
}
class DependsOnAnnotation extends Annotation {
DependsOnAnnotation() {
this.getType().hasQualifiedName("javax.ejb", "DependsOn")
}
DependsOnAnnotation() { this.getType().hasQualifiedName("javax.ejb", "DependsOn") }
}
class EJBAnnotation extends Annotation {
EJBAnnotation() {
this.getType().hasQualifiedName("javax.ejb", "EJB")
}
EJBAnnotation() { this.getType().hasQualifiedName("javax.ejb", "EJB") }
}
class EJBsAnnotation extends Annotation {
EJBsAnnotation() {
this.getType().hasQualifiedName("javax.ejb", "EJBs")
}
EJBsAnnotation() { this.getType().hasQualifiedName("javax.ejb", "EJBs") }
}
// See above for `@Init`, `@Local`.
class LocalBeanAnnotation extends Annotation {
LocalBeanAnnotation() {
this.getType().hasQualifiedName("javax.ejb", "LocalBean")
}
LocalBeanAnnotation() { this.getType().hasQualifiedName("javax.ejb", "LocalBean") }
}
// See above for `@LocalHome`.
class LockAnnotation extends Annotation {
LockAnnotation() {
this.getType().hasQualifiedName("javax.ejb", "Lock")
}
LockAnnotation() { this.getType().hasQualifiedName("javax.ejb", "Lock") }
}
class MessageDrivenAnnotation extends Annotation {
MessageDrivenAnnotation() {
this.getType().hasQualifiedName("javax.ejb", "MessageDriven")
}
MessageDrivenAnnotation() { this.getType().hasQualifiedName("javax.ejb", "MessageDriven") }
}
class PostActivateAnnotation extends Annotation {
PostActivateAnnotation() {
this.getType().hasQualifiedName("javax.ejb", "PostActivate")
}
PostActivateAnnotation() { this.getType().hasQualifiedName("javax.ejb", "PostActivate") }
}
class PrePassivateAnnotation extends Annotation {
PrePassivateAnnotation() {
this.getType().hasQualifiedName("javax.ejb", "PrePassivate")
}
PrePassivateAnnotation() { this.getType().hasQualifiedName("javax.ejb", "PrePassivate") }
}
// See above for `@Remote`, `@RemoteHome`.
class RemoveAnnotation extends Annotation {
RemoveAnnotation() {
this.getType().hasQualifiedName("javax.ejb", "Remove")
}
RemoveAnnotation() { this.getType().hasQualifiedName("javax.ejb", "Remove") }
}
class ScheduleAnnotation extends Annotation {
ScheduleAnnotation() {
this.getType().hasQualifiedName("javax.ejb", "Schedule")
}
ScheduleAnnotation() { this.getType().hasQualifiedName("javax.ejb", "Schedule") }
}
class SchedulesAnnotation extends Annotation {
SchedulesAnnotation() {
this.getType().hasQualifiedName("javax.ejb", "Schedules")
}
SchedulesAnnotation() { this.getType().hasQualifiedName("javax.ejb", "Schedules") }
}
class SingletonAnnotation extends Annotation {
SingletonAnnotation() {
this.getType().hasQualifiedName("javax.ejb", "Singleton")
}
SingletonAnnotation() { this.getType().hasQualifiedName("javax.ejb", "Singleton") }
}
class StartupAnnotation extends Annotation {
StartupAnnotation() {
this.getType().hasQualifiedName("javax.ejb", "Startup")
}
StartupAnnotation() { this.getType().hasQualifiedName("javax.ejb", "Startup") }
}
class StatefulAnnotation extends Annotation {
StatefulAnnotation() {
this.getType().hasQualifiedName("javax.ejb", "Stateful")
}
StatefulAnnotation() { this.getType().hasQualifiedName("javax.ejb", "Stateful") }
}
class StatefulTimeoutAnnotation extends Annotation {
StatefulTimeoutAnnotation() {
this.getType().hasQualifiedName("javax.ejb", "StatefulTimeout")
}
StatefulTimeoutAnnotation() { this.getType().hasQualifiedName("javax.ejb", "StatefulTimeout") }
}
class StatelessAnnotation extends Annotation {
StatelessAnnotation() {
this.getType().hasQualifiedName("javax.ejb", "Stateless")
}
StatelessAnnotation() { this.getType().hasQualifiedName("javax.ejb", "Stateless") }
}
class TimeoutAnnotation extends Annotation {
TimeoutAnnotation() {
this.getType().hasQualifiedName("javax.ejb", "Timeout")
}
TimeoutAnnotation() { this.getType().hasQualifiedName("javax.ejb", "Timeout") }
}
class TransactionAttributeAnnotation extends Annotation {
@ -911,7 +890,8 @@ class RequiresNewTransactionAttributeAnnotation extends TransactionAttributeAnno
TransactionAttributeAnnotation getInnermostTransactionAttributeAnnotation(Method m) {
// A `TransactionAttribute` annotation can either be on the method itself,
// in which case it supersedes any such annotation on the declaring class...
result = m.getAnAnnotation() or
result = m.getAnAnnotation()
or
// ...or if the declaring class has such an annotation, the annotation applies to
// any method declared within the class that does not itself have such an annotation.
(

46
java/ql/src/semmle/code/java/frameworks/javaee/ejb/EJBJarXML.qll
Просмотреть файл

@ -4,16 +4,11 @@ import java
* An EJB deployment descriptor XML file named `ejb-jar.xml`.
*/
class EjbJarXMLFile extends XMLFile {
EjbJarXMLFile() {
this.getStem() = "ejb-jar"
}
EjbJarXMLFile() { this.getStem() = "ejb-jar" }
EjbJarRootElement getRoot() {
result = this.getAChild()
}
EjbJarRootElement getRoot() { result = this.getAChild() }
// Convenience methods.
EjbJarEnterpriseBeansElement getAnEnterpriseBeansElement() {
result = this.getRoot().getAnEnterpriseBeansElement()
}
@ -37,9 +32,7 @@ class EjbJarRootElement extends XMLElement {
this.getName() = "ejb-jar"
}
EjbJarEnterpriseBeansElement getAnEnterpriseBeansElement() {
result = this.getAChild()
}
EjbJarEnterpriseBeansElement getAnEnterpriseBeansElement() { result = this.getAChild() }
}
class EjbJarEnterpriseBeansElement extends XMLElement {
@ -65,9 +58,7 @@ class EjbJarEnterpriseBeansElement extends XMLElement {
}
abstract class EjbJarBeanTypeElement extends XMLElement {
EjbJarBeanTypeElement() {
this.getParent() instanceof EjbJarEnterpriseBeansElement
}
EjbJarBeanTypeElement() { this.getParent() instanceof EjbJarEnterpriseBeansElement }
XMLElement getAnEjbClassElement() {
result = this.getAChild() and
@ -76,9 +67,7 @@ abstract class EjbJarBeanTypeElement extends XMLElement {
}
class EjbJarSessionElement extends EjbJarBeanTypeElement {
EjbJarSessionElement() {
this.getName() = "session"
}
EjbJarSessionElement() { this.getName() = "session" }
XMLElement getABusinessLocalElement() {
result = this.getAChild() and
@ -115,16 +104,11 @@ class EjbJarSessionElement extends EjbJarBeanTypeElement {
result.getName() = "local-home"
}
EjbJarSessionTypeElement getASessionTypeElement() {
result = this.getAChild()
}
EjbJarSessionTypeElement getASessionTypeElement() { result = this.getAChild() }
EjbJarInitMethodElement getAnInitMethodElement() {
result = this.getAChild()
}
EjbJarInitMethodElement getAnInitMethodElement() { result = this.getAChild() }
// Convenience methods.
XMLElement getACreateMethodNameElement() {
result = getAnInitMethodElement().getACreateMethodElement().getAMethodNameElement()
}
@ -135,15 +119,11 @@ class EjbJarSessionElement extends EjbJarBeanTypeElement {
}
class EjbJarMessageDrivenElement extends EjbJarBeanTypeElement {
EjbJarMessageDrivenElement() {
this.getName() = "message-driven"
}
EjbJarMessageDrivenElement() { this.getName() = "message-driven" }
}
class EjbJarEntityElement extends EjbJarBeanTypeElement {
EjbJarEntityElement() {
this.getName() = "entity"
}
EjbJarEntityElement() { this.getName() = "entity" }
}
class EjbJarSessionTypeElement extends XMLElement {
@ -152,13 +132,9 @@ class EjbJarSessionTypeElement extends XMLElement {
this.getName() = "session-type"
}
predicate isStateful() {
this.getACharactersSet().getCharacters() = "Stateful"
}
predicate isStateful() { this.getACharactersSet().getCharacters() = "Stateful" }
predicate isStateless() {
this.getACharactersSet().getCharacters() = "Stateless"
}
predicate isStateless() { this.getACharactersSet().getCharacters() = "Stateless" }
}
class EjbJarInitMethodElement extends XMLElement {

170
java/ql/src/semmle/code/java/frameworks/javaee/ejb/EJBRestrictions.qll
Просмотреть файл

@ -22,7 +22,8 @@ private predicate ejbPolyCalls(Callable origin, Callable target) {
}
private predicate ejbPolyCallsPlus(Callable origin, Callable target) {
exists(EJB ejb | origin = ejb.getACallable() | ejbPolyCalls(origin, target)) or
exists(EJB ejb | origin = ejb.getACallable() | ejbPolyCalls(origin, target))
or
exists(Callable mid | ejbPolyCallsPlus(origin, mid) and ejbPolyCalls(mid, target))
}
@ -86,15 +87,11 @@ class ForbiddenSecurityConfigurationCallable extends ForbiddenCallable {
}
class ForbiddenSerializationCallable extends ForbiddenCallable {
ForbiddenSerializationCallable() {
this instanceof ForbiddenSerializationMethod
}
ForbiddenSerializationCallable() { this instanceof ForbiddenSerializationMethod }
}
class ForbiddenSetFactoryCallable extends ForbiddenCallable {
ForbiddenSetFactoryCallable() {
this instanceof ForbiddenSetFactoryMethod
}
ForbiddenSetFactoryCallable() { this instanceof ForbiddenSetFactoryMethod }
}
class ForbiddenServerSocketCallable extends ForbiddenCallable {
@ -105,17 +102,18 @@ class ForbiddenServerSocketCallable extends ForbiddenCallable {
class ForbiddenSynchronizationCallable extends ForbiddenCallable {
ForbiddenSynchronizationCallable() {
this.isSynchronized() or
exists(SynchronizedStmt synch | synch.getEnclosingCallable() = this) or
exists(FieldAccess fa | fa.getEnclosingCallable() = this and fa.getField().isVolatile()) or
this.isSynchronized()
or
exists(SynchronizedStmt synch | synch.getEnclosingCallable() = this)
or
exists(FieldAccess fa | fa.getEnclosingCallable() = this and fa.getField().isVolatile())
or
this.getDeclaringType().getPackage() instanceof ConcurrentPackage
}
}
class ForbiddenStaticFieldCallable extends ForbiddenCallable {
ForbiddenStaticFieldCallable() {
exists(forbiddenStaticFieldUse(this))
}
ForbiddenStaticFieldCallable() { exists(forbiddenStaticFieldUse(this)) }
}
FieldAccess forbiddenStaticFieldUse(Callable c) {
@ -131,9 +129,7 @@ class ForbiddenThreadingCallable extends ForbiddenCallable {
}
class ForbiddenThisCallable extends ForbiddenCallable {
ForbiddenThisCallable() {
exists(forbiddenThisUse(this))
}
ForbiddenThisCallable() { exists(forbiddenThisUse(this)) }
}
ThisAccess forbiddenThisUse(Callable c) {
@ -201,15 +197,11 @@ class SecurityConfigClass extends Class {
}
class ClassLoaderClass extends Class {
ClassLoaderClass() {
this.hasQualifiedName("java.lang", "ClassLoader")
}
ClassLoaderClass() { this.hasQualifiedName("java.lang", "ClassLoader") }
}
class SecurityManagerClass extends Class {
SecurityManagerClass() {
this.hasQualifiedName("java.lang", "SecurityManager")
}
SecurityManagerClass() { this.hasQualifiedName("java.lang", "SecurityManager") }
}
class FileInputOutputClass extends Class {
@ -231,7 +223,6 @@ class FileInputOutputClass extends Class {
*/
// Forbidden container interference.
class ForbiddenContainerInterferenceMethod extends Method {
ForbiddenContainerInterferenceMethod() {
this instanceof SystemExitMethod or
@ -250,7 +241,10 @@ class SystemExitMethod extends Method {
this.hasName("exit") and
this.getNumberOfParameters() = 1 and
this.getParameter(0).getType().(PrimitiveType).hasName("int") and
this.getDeclaringType().getASupertype*().getSourceDeclaration()
this
.getDeclaringType()
.getASupertype*()
.getSourceDeclaration()
.hasQualifiedName("java.lang", "System")
}
}
@ -260,7 +254,10 @@ class RuntimeExitOrHaltMethod extends Method {
(this.hasName("exit") or this.hasName("halt")) and
this.getNumberOfParameters() = 1 and
this.getParameter(0).getType().(PrimitiveType).hasName("int") and
this.getDeclaringType().getASupertype*().getSourceDeclaration()
this
.getDeclaringType()
.getASupertype*()
.getSourceDeclaration()
.hasQualifiedName("java.lang", "Runtime")
}
}
@ -270,7 +267,10 @@ class RuntimeAddOrRemoveShutdownHookMethod extends Method {
(this.hasName("addShutdownHook") or this.hasName("removeShutdownHook")) and
this.getNumberOfParameters() = 1 and
this.getParameter(0).getType().(RefType).hasQualifiedName("java.lang", "Thread") and
this.getDeclaringType().getASupertype*().getSourceDeclaration()
this
.getDeclaringType()
.getASupertype*()
.getSourceDeclaration()
.hasQualifiedName("java.lang", "Runtime")
}
}
@ -280,7 +280,10 @@ class SystemSetPrintStreamMethod extends Method {
(this.hasName("setErr") or this.hasName("setOut")) and
this.getNumberOfParameters() = 1 and
this.getParameter(0).getType().(RefType).hasQualifiedName("java.io", "PrintStream") and
this.getDeclaringType().getASupertype*().getSourceDeclaration()
this
.getDeclaringType()
.getASupertype*()
.getSourceDeclaration()
.hasQualifiedName("java.lang", "System")
}
}
@ -290,7 +293,10 @@ class SystemSetInputStreamMethod extends Method {
this.hasName("setIn") and
this.getNumberOfParameters() = 1 and
this.getParameter(0).getType().(RefType).hasQualifiedName("java.io", "InputStream") and
this.getDeclaringType().getASupertype*().getSourceDeclaration()
this
.getDeclaringType()
.getASupertype*()
.getSourceDeclaration()
.hasQualifiedName("java.lang", "System")
}
}
@ -299,7 +305,10 @@ class SystemGetSecurityManagerMethod extends Method {
SystemGetSecurityManagerMethod() {
this.hasName("getSecurityManager") and
this.hasNoParameters() and
this.getDeclaringType().getASupertype*().getSourceDeclaration()
this
.getDeclaringType()
.getASupertype*()
.getSourceDeclaration()
.hasQualifiedName("java.lang", "System")
}
}
@ -309,7 +318,10 @@ class SystemSetSecurityManagerMethod extends Method {
this.hasName("setSecurityManager") and
this.getNumberOfParameters() = 1 and
this.getParameter(0).getType().(RefType).hasQualifiedName("java.lang", "SecurityManager") and
this.getDeclaringType().getASupertype*().getSourceDeclaration()
this
.getDeclaringType()
.getASupertype*()
.getSourceDeclaration()
.hasQualifiedName("java.lang", "System")
}
}
@ -318,13 +330,15 @@ class SystemInheritedChannelMethod extends Method {
SystemInheritedChannelMethod() {
this.hasName("inheritedChannel") and
this.hasNoParameters() and
this.getDeclaringType().getASupertype*().getSourceDeclaration()
this
.getDeclaringType()
.getASupertype*()
.getSourceDeclaration()
.hasQualifiedName("java.lang", "System")
}
}
// Forbidden serialization.
class ForbiddenSerializationMethod extends Method {
ForbiddenSerializationMethod() {
this instanceof EnableReplaceObjectMethod or
@ -341,7 +355,10 @@ class EnableReplaceObjectMethod extends Method {
this.hasName("enableReplaceObject") and
this.getNumberOfParameters() = 1 and
this.getParameter(0).getType().(PrimitiveType).hasName("boolean") and
this.getDeclaringType().getASupertype*().getSourceDeclaration()
this
.getDeclaringType()
.getASupertype*()
.getSourceDeclaration()
.hasQualifiedName("java.io", "ObjectOutputStream")
}
}
@ -351,7 +368,10 @@ class ReplaceObjectMethod extends Method {
this.hasName("replaceObject") and
this.getNumberOfParameters() = 1 and
this.getParameter(0).getType() instanceof TypeObject and
this.getDeclaringType().getASupertype*().getSourceDeclaration()
this
.getDeclaringType()
.getASupertype*()
.getSourceDeclaration()
.hasQualifiedName("java.io", "ObjectOutputStream")
}
}
@ -361,7 +381,10 @@ class EnableResolveObjectMethod extends Method {
this.hasName("enableResolveObject") and
this.getNumberOfParameters() = 1 and
this.getParameter(0).getType().(PrimitiveType).hasName("boolean") and
this.getDeclaringType().getASupertype*().getSourceDeclaration()
this
.getDeclaringType()
.getASupertype*()
.getSourceDeclaration()
.hasQualifiedName("java.io", "ObjectInputStream")
}
}
@ -371,7 +394,10 @@ class ResolveObjectMethod extends Method {
this.hasName("resolveObject") and
this.getNumberOfParameters() = 1 and
this.getParameter(0).getType() instanceof TypeObject and
this.getDeclaringType().getASupertype*().getSourceDeclaration()
this
.getDeclaringType()
.getASupertype*()
.getSourceDeclaration()
.hasQualifiedName("java.io", "ObjectInputStream")
}
}
@ -381,7 +407,10 @@ class ResolveClassMethod extends Method {
this.hasName("resolveClass") and
this.getNumberOfParameters() = 1 and
this.getParameter(0).getType().(RefType).hasQualifiedName("java.io", "ObjectStreamClass") and
this.getDeclaringType().getASupertype*().getSourceDeclaration()
this
.getDeclaringType()
.getASupertype*()
.getSourceDeclaration()
.hasQualifiedName("java.io", "ObjectInputStream")
}
}
@ -390,15 +419,22 @@ class ResolveProxyClassMethod extends Method {
ResolveProxyClassMethod() {
this.hasName("resolveProxyClass") and
this.getNumberOfParameters() = 1 and
this.getParameter(0).getType().(Array).getComponentType().(RefType)
this
.getParameter(0)
.getType()
.(Array)
.getComponentType()
.(RefType)
.hasQualifiedName("java.lang", "String") and
this.getDeclaringType().getASupertype*().getSourceDeclaration()
this
.getDeclaringType()
.getASupertype*()
.getSourceDeclaration()
.hasQualifiedName("java.io", "ObjectInputStream")
}
}
// Forbidden "set factory" methods.
class ForbiddenSetFactoryMethod extends Method {
ForbiddenSetFactoryMethod() {
this instanceof SetSocketFactoryMethod or
@ -411,9 +447,16 @@ class SetSocketFactoryMethod extends Method {
SetSocketFactoryMethod() {
this.hasName("setSocketFactory") and
this.getNumberOfParameters() = 1 and
this.getParameter(0).getType().(RefType).getSourceDeclaration()
this
.getParameter(0)
.getType()
.(RefType)
.getSourceDeclaration()
.hasQualifiedName("java.net", "SocketImplFactory") and
this.getDeclaringType().getASupertype*().getSourceDeclaration()
this
.getDeclaringType()
.getASupertype*()
.getSourceDeclaration()
.hasQualifiedName("java.net", "ServerSocket")
}
}
@ -422,9 +465,16 @@ class SetSocketImplFactoryMethod extends Method {
SetSocketImplFactoryMethod() {
this.hasName("setSocketImplFactory") and
this.getNumberOfParameters() = 1 and
this.getParameter(0).getType().(RefType).getSourceDeclaration()
this
.getParameter(0)
.getType()
.(RefType)
.getSourceDeclaration()
.hasQualifiedName("java.net", "SocketImplFactory") and
this.getDeclaringType().getASupertype*().getSourceDeclaration()
this
.getDeclaringType()
.getASupertype*()
.getSourceDeclaration()
.hasQualifiedName("java.net", "Socket")
}
}
@ -433,15 +483,21 @@ class SetUrlStreamHandlerFactoryMethod extends Method {
SetUrlStreamHandlerFactoryMethod() {
this.hasName("setURLStreamHandlerFactory") and
this.getNumberOfParameters() = 1 and
this.getParameter(0).getType().(RefType).getSourceDeclaration()
this
.getParameter(0)
.getType()
.(RefType)
.getSourceDeclaration()
.hasQualifiedName("java.net", "URLStreamHandlerFactory") and
this.getDeclaringType().getASupertype*().getSourceDeclaration()
this
.getDeclaringType()
.getASupertype*()
.getSourceDeclaration()
.hasQualifiedName("java.net", "URL")
}
}
// Forbidden native code methods.
class ForbiddenNativeCodeMethod extends Method {
ForbiddenNativeCodeMethod() {
this instanceof SystemOrRuntimeLoadLibraryMethod or
@ -455,11 +511,16 @@ class SystemOrRuntimeLoadLibraryMethod extends Method {
this.getNumberOfParameters() = 1 and
this.getParameter(0).getType().(RefType).hasQualifiedName("java.lang", "String") and
(
this.getDeclaringType().getASupertype*().getSourceDeclaration()
.hasQualifiedName("java.lang", "System")
or
this.getDeclaringType().getASupertype*().getSourceDeclaration()
.hasQualifiedName("java.lang", "Runtime")
this
.getDeclaringType()
.getASupertype*()
.getSourceDeclaration()
.hasQualifiedName("java.lang", "System") or
this
.getDeclaringType()
.getASupertype*()
.getSourceDeclaration()
.hasQualifiedName("java.lang", "Runtime")
)
}
}
@ -467,7 +528,10 @@ class SystemOrRuntimeLoadLibraryMethod extends Method {
class RuntimeExecMethod extends Method {
RuntimeExecMethod() {
this.hasName("exec") and
this.getDeclaringType().getASupertype*().getSourceDeclaration()
this
.getDeclaringType()
.getASupertype*()
.getSourceDeclaration()
.hasQualifiedName("java.lang", "Runtime")
}
}

12
java/ql/src/semmle/code/java/frameworks/javaee/jsf/JSFAnnotations.qll
Просмотреть файл

@ -4,16 +4,12 @@ import default
* A Java Server Faces `ManagedBean` annotation on a class.
*/
class FacesManagedBeanAnnotation extends Annotation {
FacesManagedBeanAnnotation() {
getType().hasQualifiedName("javax.faces.bean", "ManagedBean")
}
FacesManagedBeanAnnotation() { getType().hasQualifiedName("javax.faces.bean", "ManagedBean") }
/**
* Gets the `Class` of the managed bean.
*/
Class getManagedBeanClass() {
result = getAnnotatedElement()
}
Class getManagedBeanClass() { result = getAnnotatedElement() }
}
/**
@ -29,7 +25,5 @@ class FacesComponentAnnotation extends Annotation {
/**
* Gets the `Class` of the FacesComponent, if this annotation is valid.
*/
Class getFacesComponentClass() {
result = getAnnotatedElement()
}
Class getFacesComponentClass() { result = getAnnotatedElement() }
}

25
java/ql/src/semmle/code/java/frameworks/javaee/jsf/JSFFacesContextXML.qll
Просмотреть файл

@ -1,6 +1,7 @@
/**
* Provides classes for JSF "Application Configuration Resources File", usually called `faces-config.xml`.
*/
import default
/**
@ -19,25 +20,19 @@ class FacesConfigXMLFile extends XMLFile {
* An XML element in a `FacesConfigXMLFile`.
*/
class FacesConfigXMLElement extends XMLElement {
FacesConfigXMLElement() {
this.getFile() instanceof FacesConfigXMLFile
}
FacesConfigXMLElement() { this.getFile() instanceof FacesConfigXMLFile }
/**
* Gets the value for this element, with leading and trailing whitespace trimmed.
*/
string getValue() {
result = allCharactersString().trim()
}
string getValue() { result = allCharactersString().trim() }
}
/**
* An element in a JSF config file that declares a managed bean.
*/
class FacesConfigManagedBean extends FacesConfigXMLElement {
FacesConfigManagedBean() {
getName() = "managed-bean"
}
FacesConfigManagedBean() { getName() = "managed-bean" }
}
/**
@ -52,18 +47,14 @@ class FacesConfigManagedBeanClass extends FacesConfigXMLElement {
/**
* Gets the `Class` of the managed bean.
*/
Class getManagedBeanClass() {
result.getQualifiedName() = getValue()
}
Class getManagedBeanClass() { result.getQualifiedName() = getValue() }
}
/**
* An element in a JSF config file that declares a custom component.
*/
class FacesConfigComponent extends FacesConfigXMLElement {
FacesConfigComponent() {
getName() = "component"
}
FacesConfigComponent() { getName() = "component" }
}
/**
@ -78,7 +69,5 @@ class FacesConfigComponentClass extends FacesConfigXMLElement {
/**
* Gets the `Class` of the faces component.
*/
Class getFacesComponentClass() {
result.getQualifiedName() = getValue()
}
Class getFacesComponentClass() { result.getQualifiedName() = getValue() }
}

2
java/ql/src/semmle/code/java/frameworks/spring/Spring.qll
Просмотреть файл

@ -1,5 +1,4 @@
import java
import semmle.code.java.frameworks.spring.SpringAbstractRef
import semmle.code.java.frameworks.spring.SpringAlias
import semmle.code.java.frameworks.spring.SpringArgType
@ -35,6 +34,5 @@ import semmle.code.java.frameworks.spring.SpringReplacedMethod
import semmle.code.java.frameworks.spring.SpringSet
import semmle.code.java.frameworks.spring.SpringValue
import semmle.code.java.frameworks.spring.SpringXMLElement
import semmle.code.java.frameworks.spring.metrics.MetricSpringBean
import semmle.code.java.frameworks.spring.metrics.MetricSpringBeanFile

16
java/ql/src/semmle/code/java/frameworks/spring/SpringAbstractRef.qll
Просмотреть файл

@ -10,24 +10,16 @@ class SpringAbstractRef extends SpringXMLElement {
}
/** Holds if this reference has a bean attribute. */
predicate hasBeanName() {
this.hasAttribute("bean")
}
predicate hasBeanName() { this.hasAttribute("bean") }
/** Gets the value of the bean attribute. */
string getBeanName() {
result = this.getAttributeValue("bean")
}
string getBeanName() { result = this.getAttributeValue("bean") }
/** Holds if this reference has a local attribute. */
predicate hasBeanLocalName() {
this.hasAttribute("local")
}
predicate hasBeanLocalName() { this.hasAttribute("local") }
/** Gets the value of the local attribute. */
string getBeanLocalName() {
result = this.getAttributeValue("local")
}
string getBeanLocalName() { result = this.getAttributeValue("local") }
/** Gets the bean pointed to by this reference. */
SpringBean getBean() {

12
java/ql/src/semmle/code/java/frameworks/spring/SpringAlias.qll
Просмотреть файл

@ -4,19 +4,13 @@ import semmle.code.java.frameworks.spring.SpringBean
/** An `<alias>` element in Spring XML files. */
class SpringAlias extends SpringXMLElement {
SpringAlias() {
this.getName() = "alias"
}
SpringAlias() { this.getName() = "alias" }
/** Gets the value of the `alias` attribute. */
string getBeanAlias() {
result = this.getAttributeValue("alias")
}
string getBeanAlias() { result = this.getAttributeValue("alias") }
/** Gets the value of the `name` attribute. */
string getBeanName() {
result = this.getAttributeValue("name")
}
string getBeanName() { result = this.getAttributeValue("name") }
/** Gets the bean referred to by the alias. */
SpringBean getBean() {

8
java/ql/src/semmle/code/java/frameworks/spring/SpringArgType.qll
Просмотреть файл

@ -3,12 +3,8 @@ import semmle.code.java.frameworks.spring.SpringXMLElement
/** An `<arg-type>` element in Spring XML files. */
class SpringArgType extends SpringXMLElement {
SpringArgType() {
this.getName() = "arg-type"
}
SpringArgType() { this.getName() = "arg-type" }
/** Gets the value of the `match` attribute. */
string getMatchPattern() {
result = this.getAttributeValue("match")
}
string getMatchPattern() { result = this.getAttributeValue("match") }
}

12
java/ql/src/semmle/code/java/frameworks/spring/SpringAttribute.qll
Просмотреть файл

@ -3,17 +3,11 @@ import semmle.code.java.frameworks.spring.SpringXMLElement
/** An `<attribute>` element in Spring XML files. */
class SpringAttribute extends SpringXMLElement {
SpringAttribute() {
this.getName() = "attribute"
}
SpringAttribute() { this.getName() = "attribute" }
/** Gets the value of the `key` attribute. */
string getKeyString() {
result = this.getAttributeValue("key")
}
string getKeyString() { result = this.getAttributeValue("key") }
/** Gets the value of the `value` attribute. */
string getValueString() {
result = this.getAttributeValue("value")
}
string getValueString() { result = this.getAttributeValue("value") }
}

172
java/ql/src/semmle/code/java/frameworks/spring/SpringAutowire.qll
Просмотреть файл

@ -1,6 +1,7 @@
/**
* Provides classes and predicates for identifying methods and constructors called by Spring injection.
*/
import java
import SpringComponentScan
@ -25,6 +26,7 @@ class SpringComponentConstructor extends Constructor {
/*
* Must be a live Spring component.
*/
getDeclaringType().(SpringComponent).isLive() and
(
this.getNumberOfParameters() = 0 or
@ -38,9 +40,7 @@ class SpringComponentConstructor extends Constructor {
* constructed.
*/
class SpringBeanReflectivelyConstructed extends Constructor {
SpringBeanReflectivelyConstructed() {
this.getDeclaringType() instanceof SpringBeanRefType
}
SpringBeanReflectivelyConstructed() { this.getDeclaringType() instanceof SpringBeanRefType }
}
/**
@ -66,9 +66,10 @@ class SpringBeanXMLAutowiredSetterMethod extends Method {
/*
* The bean as marked with some form of autowiring in the XML file.
*/
exists(string xmlAutowire |
xmlAutowire = this.getDeclaringType().(SpringBeanRefType).getSpringBean().getAutowire()
|
|
not xmlAutowire = "default" and
not xmlAutowire = "no"
)
@ -82,22 +83,27 @@ class SpringBeanXMLAutowiredSetterMethod extends Method {
SpringBean getInjectedBean() {
exists(string xmlAutowire |
xmlAutowire = this.getDeclaringType().(SpringBeanRefType).getSpringBean().getAutowire()
|
|
(
xmlAutowire = "byName" and
// There is a bean whose name is the same as this setter method.
this.getName().toLowerCase() = "set" + result.getBeanIdentifier().toLowerCase()
) or
)
or
(
(
xmlAutowire = "byType" or
xmlAutowire = "byType"
or
(
/*
* When it is set to autodetect, we use "byType" if there is a no-arg constructor. This
* approach has been removed in Spring 4.x.
*/
xmlAutowire = "autodetect" and
exists(Constructor c | c = this.getDeclaringType().getAConstructor() | c.getNumberOfParameters() = 0)
exists(Constructor c | c = this.getDeclaringType().getAConstructor() |
c.getNumberOfParameters() = 0
)
)
) and
// The resulting bean is of the right type.
@ -133,37 +139,27 @@ class SpringBeanAutowiredCallable extends Callable {
/**
* If the enclosing type is declared as a component, return the `SpringComponent`.
*/
SpringComponent getEnclosingSpringComponent() {
result = this.getDeclaringType()
}
SpringComponent getEnclosingSpringComponent() { result = this.getDeclaringType() }
/**
* Gets the qualifier annotation for parameter at `pos`, if any.
*/
SpringQualifierAnnotation getQualifier(int pos) {
result = getParameter(pos).getAnAnnotation()
}
SpringQualifierAnnotation getQualifier(int pos) { result = getParameter(pos).getAnAnnotation() }
/**
* Gets the qualifier annotation for this method, if any.
*/
SpringQualifierAnnotation getQualifier() {
result = getAnAnnotation()
}
SpringQualifierAnnotation getQualifier() { result = getAnAnnotation() }
/**
* Gets the resource annotation for this method, if any.
*/
SpringResourceAnnotation getResource() {
result = getAnAnnotation()
}
SpringResourceAnnotation getResource() { result = getAnAnnotation() }
/**
* Gets a bean that will be injected into this callable.
*/
SpringBean getAnInjectedBean() {
result = getInjectedBean(_)
}
SpringBean getAnInjectedBean() { result = getInjectedBean(_) }
/**
* Gets the `SpringBean`, if any, that will be injected for the parameter at position `pos`,
@ -173,24 +169,25 @@ class SpringBeanAutowiredCallable extends Callable {
// Must be a sub-type of the parameter type
result.getClass().getAnAncestor() = getParameterType(pos) and
// Now look up bean
if exists(getQualifier(pos)) then
if exists(getQualifier(pos))
then
// Resolved by `@Qualifier("qualifier")` specified on the parameter
result = getQualifier(pos).getSpringBean()
else if exists(getQualifier()) and getNumberOfParameters() = 1 then
// Resolved by `@Qualifier("qualifier")` on the method
(
else
if exists(getQualifier()) and getNumberOfParameters() = 1
then (
// Resolved by `@Qualifier("qualifier")` on the method
pos = 0 and
result = getQualifier().getSpringBean()
)
else if exists(getResource().getNameValue()) and getNumberOfParameters() = 1 then
// Resolved by looking at the name part of `@Resource(name="qualifier")`
(
pos = 0 and
result = getResource().getSpringBean()
)
else
// Otherwise no restrictions, just by type
any()
) else
if exists(getResource().getNameValue()) and getNumberOfParameters() = 1
then (
// Resolved by looking at the name part of `@Resource(name="qualifier")`
pos = 0 and
result = getResource().getSpringBean()
) else
// Otherwise no restrictions, just by type
any()
}
/**
@ -201,24 +198,25 @@ class SpringBeanAutowiredCallable extends Callable {
// Must be a sub-type of the parameter type
result.getAnAncestor() = getParameterType(pos) and
// Now look up bean
if exists(getQualifier(pos)) then
if exists(getQualifier(pos))
then
// Resolved by `@Qualifier("qualifier")` specified on the parameter
result = getQualifier(pos).getSpringComponent()
else if exists(getQualifier()) and getNumberOfParameters() = 1 then
// Resolved by `@Qualifier("qualifier")` on the method
(
else
if exists(getQualifier()) and getNumberOfParameters() = 1
then (
// Resolved by `@Qualifier("qualifier")` on the method
pos = 0 and
result = getQualifier().getSpringComponent()
)
else if exists(getResource().getNameValue()) and getNumberOfParameters() = 1 then
// Resolved by looking at the name part of `@Resource(name="qualifier")`
(
pos = 0 and
result = getResource().getSpringComponent()
)
else
// Otherwise no restrictions, just by type
any()
) else
if exists(getResource().getNameValue()) and getNumberOfParameters() = 1
then (
// Resolved by looking at the name part of `@Resource(name="qualifier")`
pos = 0 and
result = getResource().getSpringComponent()
) else
// Otherwise no restrictions, just by type
any()
}
}
@ -230,6 +228,7 @@ class SpringBeanAutowiredField extends Field {
// Marked as `@Autowired`.
hasInjectAnnotation(this)
}
/**
* If the enclosing type is declared as a bean in an XML file, return the `SpringBean` it is
* defined in.
@ -241,23 +240,17 @@ class SpringBeanAutowiredField extends Field {
/**
* If the enclosing type is declared as a component, return the `SpringComponent`.
*/
SpringComponent getEnclosingSpringComponent() {
result = this.getDeclaringType()
}
SpringComponent getEnclosingSpringComponent() { result = this.getDeclaringType() }
/**
* Gets the qualifier annotation for this method, if any.
*/
SpringQualifierAnnotation getQualifier() {
result = getAnAnnotation()
}
SpringQualifierAnnotation getQualifier() { result = getAnAnnotation() }
/**
* Gets the resource annotation for this method, if any.
*/
SpringResourceAnnotation getResource() {
result = getAnAnnotation()
}
SpringResourceAnnotation getResource() { result = getAnAnnotation() }
/**
* Gets the `SpringBean`, if any, that will be injected for this field, considering any `@Qualifier`
@ -267,15 +260,18 @@ class SpringBeanAutowiredField extends Field {
// Must be a sub-type of the parameter type
result.getClass().getAnAncestor() = getType() and
// Now look up bean
if exists(getQualifier()) then
if exists(getQualifier())
then
// Resolved by `@Qualifier("qualifier")` specified on the field
result = getQualifier().getSpringBean()
else if exists(getResource().getNameValue())then
// Resolved by looking at the name part of `@Resource(name="qualifier")`
result = getResource().getSpringBean()
else
// Otherwise no restrictions, just by type
any()
if exists(getResource().getNameValue())
then
// Resolved by looking at the name part of `@Resource(name="qualifier")`
result = getResource().getSpringBean()
else
// Otherwise no restrictions, just by type
any()
}
/**
@ -286,15 +282,18 @@ class SpringBeanAutowiredField extends Field {
// Must be a sub-type of the parameter type
result.getAnAncestor() = getType() and
// Now look up bean
if exists(getQualifier()) then
if exists(getQualifier())
then
// Resolved by `@Qualifier("qualifier")` specified on the field
result = getQualifier().getSpringComponent()
else if exists(getResource().getNameValue()) then
// Resolved by looking at the name part of `@Resource(name="qualifier")`
result = getResource().getSpringComponent()
else
// Otherwise no restrictions, just by type
any()
if exists(getResource().getNameValue())
then
// Resolved by looking at the name part of `@Resource(name="qualifier")`
result = getResource().getSpringComponent()
else
// Otherwise no restrictions, just by type
any()
}
}
@ -327,14 +326,11 @@ class SpringQualifierDefinitionAnnotation extends Annotation {
}
}
/**
* A qualifier annotation on a method or field that is used to disambiguate which bean will be used.
*/
class SpringQualifierAnnotation extends Annotation {
SpringQualifierAnnotation() {
getType() instanceof SpringQualifierAnnotationType
}
SpringQualifierAnnotation() { getType() instanceof SpringQualifierAnnotationType }
/**
* Gets the value of the qualifier field for this qualifier.
@ -346,16 +342,12 @@ class SpringQualifierAnnotation extends Annotation {
/**
* Gets the bean definition in an XML file that this qualifier resolves to, if any.
*/
SpringBean getSpringBean() {
result.getQualifierValue() = getQualifierValue()
}
SpringBean getSpringBean() { result.getQualifierValue() = getQualifierValue() }
/**
* Gets the Spring component that this qualifier resolves to, if any.
*/
SpringComponent getSpringComponent() {
result.getQualifierValue() = getQualifierValue()
}
SpringComponent getSpringComponent() { result.getQualifierValue() = getQualifierValue() }
}
/**
@ -363,28 +355,20 @@ class SpringQualifierAnnotation extends Annotation {
* autowired by Spring, and can optionally specify a qualifier in the "name".
*/
class SpringResourceAnnotation extends Annotation {
SpringResourceAnnotation() {
getType().hasQualifiedName("javax.inject", "Resource")
}
SpringResourceAnnotation() { getType().hasQualifiedName("javax.inject", "Resource") }
/**
* Gets the specified name value, if any.
*/
string getNameValue() {
result = getValue("name").(CompileTimeConstantExpr).getStringValue()
}
string getNameValue() { result = getValue("name").(CompileTimeConstantExpr).getStringValue() }
/**
* Gets the bean definition in an XML file that the resource resolves to, if any.
*/
SpringBean getSpringBean() {
result.getQualifierValue() = getNameValue()
}
SpringBean getSpringBean() { result.getQualifierValue() = getNameValue() }
/**
* Gets the Spring component that this qualifier resolves to, if any.
*/
SpringComponent getSpringComponent() {
result.getQualifierValue() = getNameValue()
}
SpringComponent getSpringComponent() { result.getQualifierValue() = getNameValue() }
}

207
java/ql/src/semmle/code/java/frameworks/spring/SpringBean.qll
Просмотреть файл

@ -19,36 +19,24 @@ class SpringBean extends SpringXMLElement {
not getNamespace().getURI() = "http://camel.apache.org/schema/spring"
}
override string toString() {
result = this.getBeanIdentifier()
}
override string toString() { result = this.getBeanIdentifier() }
/**
* Holds if this element is a top-level bean definition.
*/
predicate isTopLevel() {
this.getParent().getName() = "beans"
}
predicate isTopLevel() { this.getParent().getName() = "beans" }
/** Holds if this element has an `id` attribute. */
predicate hasBeanId() {
this.hasAttribute("id")
}
predicate hasBeanId() { this.hasAttribute("id") }
/** Gets the value of the `id` attribute. */
string getBeanId() {
result = this.getAttribute("id").getValue()
}
string getBeanId() { result = this.getAttribute("id").getValue() }
/** Holds if the bean has a `name` attribute. */
predicate hasBeanName() {
this.hasAttribute("name")
}
predicate hasBeanName() { this.hasAttribute("name") }
/** Gets the value of the `name` attribute. */
string getBeanName() {
result = this.getAttribute("name").getValue()
}
string getBeanName() { result = this.getAttribute("name").getValue() }
/** Holds if the bean has a `name`, `id` or `class` attribute. */
predicate hasBeanIdentifier() {
@ -62,9 +50,9 @@ class SpringBean extends SpringXMLElement {
// Aliasing is currently not supported.
if this.hasBeanId()
then result = this.getBeanId()
else (if this.hasBeanName()
then result = this.getBeanName()
else result = this.getClassName())
else (
if this.hasBeanName() then result = this.getBeanName() else result = this.getClassName()
)
}
/** Holds if the bean is abstract. */
@ -72,14 +60,13 @@ class SpringBean extends SpringXMLElement {
exists(XMLAttribute a |
a = this.getAttribute("abstract") and
a.getValue() = "true"
) or
)
or
not exists(this.getClass())
}
/** Gets the raw value of the `autowire` attribute. */
string getAutowireRaw() {
result = this.getAttributeValueWithDefault("autowire")
}
string getAutowireRaw() { result = this.getAttributeValueWithDefault("autowire") }
/**
* Gets the `autowire` value for the bean, taking any default values from the
@ -92,19 +79,13 @@ class SpringBean extends SpringXMLElement {
}
/** Gets the value for the `autowire-candidate` attribute. */
string getAutowireCandidate() {
result = this.getAttributeValueWithDefault("autowire-candidate")
}
string getAutowireCandidate() { result = this.getAttributeValueWithDefault("autowire-candidate") }
/** Holds if the bean has a `class` attribute. */
predicate hasClassNameRaw() {
this.hasAttribute("class")
}
predicate hasClassNameRaw() { this.hasAttribute("class") }
/** Gets the value of the bean's `class` attribute, if any. */
string getClassNameRaw() {
result = this.getAttribute("class").getValue()
}
string getClassNameRaw() { result = this.getAttribute("class").getValue() }
/** Holds if the bean has a class name, taking parent inheritance into account. */
predicate hasClassName() {
@ -120,14 +101,10 @@ class SpringBean extends SpringXMLElement {
}
/** Gets the Java class referred to by the bean's class name. */
RefType getClass() {
result.getQualifiedName() = this.getClassName()
}
RefType getClass() { result.getQualifiedName() = this.getClassName() }
/** Gets the value of the `dependency-check` attribute, if any. */
string getDependencyCheckRaw() {
result = this.getAttributeValueWithDefault("dependency-check")
}
string getDependencyCheckRaw() { result = this.getAttributeValueWithDefault("dependency-check") }
/**
* Gets the `dependency-check` value for the bean, taking any default values declared
@ -140,19 +117,13 @@ class SpringBean extends SpringXMLElement {
}
/** Gets the value of the `depends-on` attribute. */
string getDependsOnString() {
result = this.getAttributeValue("depends-on")
}
string getDependsOnString() { result = this.getAttributeValue("depends-on") }
/** Holds if the bean has a `destroy-method` attribute. */
predicate hasDestroyMethodNameRaw() {
this.hasAttribute("destroy-method")
}
predicate hasDestroyMethodNameRaw() { this.hasAttribute("destroy-method") }
/** Gets the value of the bean's `destroy-method` attribute. */
string getDestroyMethodNameRaw() {
result = this.getAttributeValue("destroy-method")
}
string getDestroyMethodNameRaw() { result = this.getAttributeValue("destroy-method") }
/**
* Holds if the bean has a `destroy-method` name, taking bean inheritance and `<beans>`
@ -188,14 +159,10 @@ class SpringBean extends SpringXMLElement {
}
/** Holds if the bean has a `factory-bean` attribute. */
predicate hasFactoryBeanNameRaw() {
this.hasAttribute("factory-bean")
}
predicate hasFactoryBeanNameRaw() { this.hasAttribute("factory-bean") }
/** Gets the value of the `factory-bean` attribute. */
string getFactoryBeanNameRaw() {
result = this.getAttributeValue("factory-bean")
}
string getFactoryBeanNameRaw() { result = this.getAttributeValue("factory-bean") }
/** Gets the name of the bean's `factory-bean`, taking bean inheritance into account. */
string getFactoryBeanName() {
@ -205,14 +172,10 @@ class SpringBean extends SpringXMLElement {
}
/** Holds if the bean as a `factory-method` attribute. */
predicate hasFactoryMethodNameRaw() {
this.hasAttribute("factory-method")
}
predicate hasFactoryMethodNameRaw() { this.hasAttribute("factory-method") }
/** Gets the value of the `factory-method` attribute. */
string getFactoryMethodNameRaw() {
result = this.getAttributeValue("factory-method")
}
string getFactoryMethodNameRaw() { result = this.getAttributeValue("factory-method") }
/** Gets the name of the bean's `factory-method`, taking bean inheritance into account. */
string getFactoryMethodName() {
@ -222,14 +185,10 @@ class SpringBean extends SpringXMLElement {
}
/** Holds if the bean has an `init-method` attribute. */
predicate hasInitMethodNameRaw() {
this.hasAttribute("init-method")
}
predicate hasInitMethodNameRaw() { this.hasAttribute("init-method") }
/** Gets the value of the bean's `init-method` attribute. */
string getInitMethodNameRaw() {
result = this.getAttributeValue("init-method")
}
string getInitMethodNameRaw() { result = this.getAttributeValue("init-method") }
/**
* Holds if the bean has an `init-method` name, taking bean inheritance and `<beans>`
@ -265,24 +224,16 @@ class SpringBean extends SpringXMLElement {
}
/** Gets the name of the bean's parent bean. */
string getBeanParentName() {
result = this.getAttributeValue("parent")
}
string getBeanParentName() { result = this.getAttributeValue("parent") }
/** Holds if the bean has a `parent` attribute. */
predicate hasBeanParentName() {
this.hasAttribute("parent")
}
predicate hasBeanParentName() { this.hasAttribute("parent") }
/** Gets the `SpringBean` parent of this bean. */
SpringBean getBeanParent() {
result.getBeanIdentifier() = this.getBeanParentName()
}
SpringBean getBeanParent() { result.getBeanIdentifier() = this.getBeanParentName() }
/** Holds if this bean has a parent bean. */
predicate hasBeanParent() {
exists(SpringBean b | b = this.getBeanParent())
}
predicate hasBeanParent() { exists(SpringBean b | b = this.getBeanParent()) }
predicate hasBeanAncestor(SpringBean ancestor) {
ancestor = this.getBeanParent() or
@ -290,9 +241,7 @@ class SpringBean extends SpringXMLElement {
}
/** Gets the value of the bean's `lazy-init` attribute. */
string getLazyInitRaw() {
result = this.getAttributeValueWithDefault("lazy-init")
}
string getLazyInitRaw() { result = this.getAttributeValueWithDefault("lazy-init") }
/**
* Holds if the bean is to be lazily initialized.
@ -326,16 +275,17 @@ class SpringBean extends SpringXMLElement {
/**
* Gets a `<property>` element declared in this bean (not inherited from parent beans).
*/
SpringProperty getADeclaredProperty() {
result = this.getASpringChild()
}
SpringProperty getADeclaredProperty() { result = this.getASpringChild() }
/** Any `<property>` elements inherited from parent beans. */
SpringProperty getAnInheritedProperty() {
(not exists(SpringProperty thisProperty |
thisProperty = this.getADeclaredProperty() and
result.getPropertyName() = thisProperty.getPropertyName())
) and (
(
not exists(SpringProperty thisProperty |
thisProperty = this.getADeclaredProperty() and
result.getPropertyName() = thisProperty.getPropertyName()
)
) and
(
result = this.getBeanParent().getADeclaredProperty() or
result = this.getBeanParent().getAnInheritedProperty()
)
@ -351,16 +301,17 @@ class SpringBean extends SpringXMLElement {
}
/** Gets a `<constructor-arg>` element declared in this bean. */
SpringConstructorArg getADeclaredConstructorArg() {
result = this.getASpringChild()
}
SpringConstructorArg getADeclaredConstructorArg() { result = this.getASpringChild() }
/** Gets a `<constructor-arg>` element inherited from the parent bean. */
SpringConstructorArg getAnInheritedConstructorArg() {
(not exists(SpringConstructorArg thisArg |
thisArg = this.getADeclaredConstructorArg() and
thisArg.conflictsWithArg(result))
) and (
(
not exists(SpringConstructorArg thisArg |
thisArg = this.getADeclaredConstructorArg() and
thisArg.conflictsWithArg(result)
)
) and
(
result = this.getBeanParent().getADeclaredConstructorArg() or
result = this.getBeanParent().getAnInheritedConstructorArg()
)
@ -376,16 +327,17 @@ class SpringBean extends SpringXMLElement {
}
/** Gets a `<lookup-method>` element declared in this bean. */
SpringLookupMethod getADeclaredLookupMethod() {
result = this.getASpringChild()
}
SpringLookupMethod getADeclaredLookupMethod() { result = this.getASpringChild() }
/** Gets a `<lookup-method>` element inherited from the parent bean. */
SpringLookupMethod getAnInheritedLookupMethod() {
(not exists(SpringLookupMethod thisMethod |
thisMethod = this.getADeclaredLookupMethod() and
thisMethod.getMethodName() = result.getMethodName())
) and (
(
not exists(SpringLookupMethod thisMethod |
thisMethod = this.getADeclaredLookupMethod() and
thisMethod.getMethodName() = result.getMethodName()
)
) and
(
result = this.getBeanParent().getADeclaredLookupMethod() or
result = this.getBeanParent().getAnInheritedLookupMethod()
)
@ -401,16 +353,17 @@ class SpringBean extends SpringXMLElement {
}
/** Gets a `<replaced-method>` element declared in this bean. */
SpringReplacedMethod getADeclaredReplacedMethod() {
result = this.getASpringChild()
}
SpringReplacedMethod getADeclaredReplacedMethod() { result = this.getASpringChild() }
/** Gets a `<replaced-method>` element inherited from the parent bean. */
SpringReplacedMethod getAnInheritedReplacedMethod() {
(not exists(SpringReplacedMethod thisMethod |
thisMethod = this.getADeclaredReplacedMethod() and
thisMethod.getMethodName() = result.getMethodName())
) and (
(
not exists(SpringReplacedMethod thisMethod |
thisMethod = this.getADeclaredReplacedMethod() and
thisMethod.getMethodName() = result.getMethodName()
)
) and
(
result = this.getBeanParent().getADeclaredReplacedMethod() or
result = this.getBeanParent().getAnInheritedReplacedMethod()
)
@ -428,27 +381,22 @@ class SpringBean extends SpringXMLElement {
/**
* Gets the `SpringBean` specified by reference as the factory bean.
*/
SpringBean getFactoryBean() {
result.getBeanIdentifier() = this.getFactoryBeanName()
}
SpringBean getFactoryBean() { result.getBeanIdentifier() = this.getFactoryBeanName() }
/**
* Gets the factory method that the Java method corresponds to.
*/
Method getFactoryMethod() {
exists(string factoryMethod |
factoryMethod = this.getFactoryMethodName()
|
exists(string factoryMethod | factoryMethod = this.getFactoryMethodName() |
// If a factory bean is specified, use that, otherwise use the current bean.
(
if exists(this.getFactoryBeanName()) then
result.getDeclaringType() = getFactoryBean().getClass()
else
(
result.getDeclaringType() = this.getClass() and
// Must be static because we don't yet have an instance.
result.isStatic()
)
if exists(this.getFactoryBeanName())
then result.getDeclaringType() = getFactoryBean().getClass()
else (
result.getDeclaringType() = this.getClass() and
// Must be static because we don't yet have an instance.
result.isStatic()
)
) and
// The factory method has this name.
result.getName() = factoryMethod
@ -460,16 +408,13 @@ class SpringBean extends SpringXMLElement {
* the bean identifier if no qualifier is specified.
*/
string getQualifierValue() {
if exists(getQualifier()) then
result = getQualifier().getQualifierValue()
else
result = getBeanIdentifier()
if exists(getQualifier())
then result = getQualifier().getQualifierValue()
else result = getBeanIdentifier()
}
/**
* Gets the qualifier for this bean.
*/
SpringQualifier getQualifier() {
result = this.getASpringChild()
}
SpringQualifier getQualifier() { result = this.getASpringChild() }
}

11
java/ql/src/semmle/code/java/frameworks/spring/SpringBeanFile.qll
Просмотреть файл

@ -21,9 +21,7 @@ class SpringBeanFile extends XMLFile {
* Use `SpringBean.isTopLevel()` to obtain only the `<bean>`
* elements that are direct children of `<beans>`.
*/
SpringBean getABean() {
exists(SpringBean b | b.getFile() = this and result = b)
}
SpringBean getABean() { exists(SpringBean b | b.getFile() = this and result = b) }
/** Gets the `<beans>` element of the file. */
XMLElement getBeansElement() {
@ -36,7 +34,12 @@ class SpringBeanFile extends XMLFile {
* applicable to any profile.
*/
string getAProfileExpr() {
result = getBeansElement().getAttribute("profile").getValue().splitAt(",").splitAt(" ").splitAt(";") and
result = getBeansElement()
.getAttribute("profile")
.getValue()
.splitAt(",")
.splitAt(" ")
.splitAt(";") and
result.length() != 0
}

8
java/ql/src/semmle/code/java/frameworks/spring/SpringBeanRefType.qll
Просмотреть файл

@ -6,12 +6,8 @@ import semmle.code.java.frameworks.spring.SpringBean
* a class attribute in a `<bean>` element.
*/
class SpringBeanRefType extends RefType {
SpringBeanRefType() {
exists(SpringBean b | b.getClass() = this)
}
SpringBeanRefType() { exists(SpringBean b | b.getClass() = this) }
/** Gets the `<bean>` element that refers to this `RefType`. */
SpringBean getSpringBean() {
result.getClass() = this
}
SpringBean getSpringBean() { result.getClass() = this }
}

41
java/ql/src/semmle/code/java/frameworks/spring/SpringCamel.qll
Просмотреть файл

@ -10,9 +10,7 @@ import semmle.code.java.frameworks.spring.SpringBean
* An Apache Camel element in a Spring Beans file.
*/
class SpringCamelXMLElement extends SpringXMLElement {
SpringCamelXMLElement() {
getNamespace().getURI() = "http://camel.apache.org/schema/spring"
}
SpringCamelXMLElement() { getNamespace().getURI() = "http://camel.apache.org/schema/spring" }
}
/**
@ -21,9 +19,7 @@ class SpringCamelXMLElement extends SpringXMLElement {
* All Apache Camel Spring elements are nested within a `<camelContext>` or a `<routeContext>`.
*/
class SpringCamelXMLContext extends SpringCamelXMLElement {
SpringCamelXMLContext() {
getName() = "camelContext"
}
SpringCamelXMLContext() { getName() = "camelContext" }
}
/**
@ -33,9 +29,7 @@ class SpringCamelXMLContext extends SpringCamelXMLElement {
* `<camelContext>`.
*/
class SpringCamelXMLRouteContext extends SpringCamelXMLElement {
SpringCamelXMLRouteContext() {
getName() = "routeContext"
}
SpringCamelXMLRouteContext() { getName() = "routeContext" }
}
/**
@ -49,6 +43,7 @@ class SpringCamelXMLRoute extends SpringCamelXMLElement {
/*
* A route must either be in a `<routeContext>` or a `<camelContext>`.
*/
(
getParent() instanceof SpringCamelXMLRouteContext or
getParent() instanceof SpringCamelXMLContext
@ -75,16 +70,12 @@ class SpringCamelXMLRouteElement extends SpringCamelXMLElement {
* route.
*/
class SpringCamelXMLBeanRef extends SpringCamelXMLRouteElement {
SpringCamelXMLBeanRef() {
getName() = "bean"
}
SpringCamelXMLBeanRef() { getName() = "bean" }
/**
* Gets the Spring bean that is referenced by this route bean definition, if any.
*/
SpringBean getRefBean() {
result.getBeanIdentifier() = getAttribute("ref").getValue()
}
SpringBean getRefBean() { result.getBeanIdentifier() = getAttribute("ref").getValue() }
/**
* Gets the RefType referred to by `beanType` attribute, if any.
@ -92,9 +83,7 @@ class SpringCamelXMLBeanRef extends SpringCamelXMLRouteElement {
* This defines the bean that should be created by Apache Camel as a target of this route. In
* this case, no pre-existing bean is required.
*/
RefType getBeanType() {
result.getQualifiedName() = getAttribute("beanType").getValue()
}
RefType getBeanType() { result.getQualifiedName() = getAttribute("beanType").getValue() }
}
/**
@ -105,16 +94,12 @@ class SpringCamelXMLBeanRef extends SpringCamelXMLRouteElement {
* consists of a bean name and optional method name.
*/
class SpringCamelXMLToElement extends SpringCamelXMLRouteElement {
SpringCamelXMLToElement() {
getName() = "to"
}
SpringCamelXMLToElement() { getName() = "to" }
/**
* Gets the URI attribute for this `<to>` element.
*/
string getURI() {
result = getAttribute("uri").getValue()
}
string getURI() { result = getAttribute("uri").getValue() }
}
/**
@ -126,9 +111,7 @@ class SpringCamelXMLToElement extends SpringCamelXMLRouteElement {
* (if "beanType" is used.
*/
class SpringCamelXMLMethodElement extends SpringCamelXMLElement {
SpringCamelXMLMethodElement() {
getName() = "method"
}
SpringCamelXMLMethodElement() { getName() = "method" }
/**
* Gets the `SpringBean` that this method expression refers to.
@ -141,7 +124,5 @@ class SpringCamelXMLMethodElement extends SpringCamelXMLElement {
/**
* Gets the class based on the `beanType` attribute.
*/
RefType getBeanType() {
result.getQualifiedName() = getAttribute("beanType").getValue()
}
RefType getBeanType() { result.getQualifiedName() = getAttribute("beanType").getValue() }
}

65
java/ql/src/semmle/code/java/frameworks/spring/SpringComponentScan.qll
Просмотреть файл

@ -14,17 +14,13 @@ class SpringXMLComponentScan extends SpringXMLElement {
this.getNamespace().getPrefix() = "context"
}
string getBasePackages() {
result = this.getAttributeValue("base-package")
}
string getBasePackages() { result = this.getAttributeValue("base-package") }
/**
* Gets a profile expression for which this `component-scan` is enabled, or nothing if it is
* applicable to any profile.
*/
string getAProfileExpr() {
result = getSpringBeanFile().getAProfileExpr()
}
string getAProfileExpr() { result = getSpringBeanFile().getAProfileExpr() }
}
/**
@ -41,14 +37,17 @@ class SpringComponentScan extends Annotation {
*/
string getBasePackages() {
// "value" and "basePackages" are synonymous, and are simple strings
result = getAValue("basePackages").(StringLiteral).getRepresentedString() or
result = getAValue("value").(StringLiteral).getRepresentedString() or
result = getAValue("basePackages").(StringLiteral).getRepresentedString()
or
result = getAValue("value").(StringLiteral).getRepresentedString()
or
exists(TypeLiteral typeLiteral |
/*
* Base package classes are type literals whose package should be considered a base package.
*/
typeLiteral = getAValue("basePackageClasses")
|
|
result = typeLiteral.getTypeName().getType().(RefType).getPackage().getName()
)
}
@ -65,12 +64,13 @@ class SpringBasePackage extends string {
* Interpret the contexts of the `web.xml` "contextConfigLocation" parameter as a base package,
* but only if the appropriate context class is chosen.
*/
exists(WebXMLFile webXML |
webXML.getContextParamValue("contextClass") =
"org.springframework.web.context.support.AnnotationConfigWebApplicationContext"
|
webXML.getContextParamValue("contextClass") = "org.springframework.web.context.support.AnnotationConfigWebApplicationContext"
|
basePackages = webXML.getContextParamValue("contextConfigLocation")
) or
)
or
exists(SpringComponent c, Annotation componentScan |
c.hasAnnotation("org.springframework.context.annotation", "Configuration") and
componentScan = c.getAnAnnotation() and
@ -79,8 +79,10 @@ class SpringBasePackage extends string {
* For a `@ComponentScan` annotation to take effect, the configuration class must already be
* picked up by the component scan.
*/
c.isLive()
) or
)
or
exists(SpringXMLComponentScan xmlComponentScan |
basePackages = xmlComponentScan.getBasePackages() and
// The component scan profile must be active, if one is specified.
@ -88,7 +90,8 @@ class SpringBasePackage extends string {
not exists(xmlComponentScan.getAProfileExpr()) or
xmlComponentScan.getAProfileExpr().(SpringProfileExpr).isActive()
)
) |
)
|
// Simpler than the regex alternative
this = basePackages.splitAt(" ").splitAt(":").splitAt(",") and
not this.length() = 0
@ -114,9 +117,7 @@ class SpringComponentAnnotation extends AnnotationType {
* In order for Spring XML to be "enabled", XML must have been indexed into the snapshot, and that
* XML must contain the appropriate Spring configuration files.
*/
private predicate isSpringXMLEnabled() {
exists(SpringXMLElement springXMLElement)
}
private predicate isSpringXMLEnabled() { exists(SpringXMLElement springXMLElement) }
/**
* A Spring component class, identified by the presence of a particular annotation.
@ -130,9 +131,7 @@ class SpringComponent extends RefType {
/**
* Gets a qualifier used to distinguish when this class should be autowired into other classes.
*/
SpringQualifierDefinitionAnnotation getQualifier() {
result = getAnAnnotation()
}
SpringQualifierDefinitionAnnotation getQualifier() { result = getAnAnnotation() }
/**
* Gets the `@Component` or equivalent annotation.
@ -146,14 +145,13 @@ class SpringComponent extends RefType {
* Gets the bean identifier for this component.
*/
string getBeanIdentifier() {
if exists(getComponentAnnotation().getValue("value")) then
if exists(getComponentAnnotation().getValue("value"))
then
// If the name has been specified in the component annotation, use that.
result = getComponentAnnotation().getValue("value").(CompileTimeConstantExpr).getStringValue()
else
// Otherwise use the name of the class, with the initial letter lower cased.
exists(string name |
name = getName()
|
exists(string name | name = getName() |
result = name.charAt(0).toLowerCase() + name.suffix(1)
)
}
@ -163,7 +161,8 @@ class SpringComponent extends RefType {
* resolving autowiring on other classes.
*/
string getQualifierValue() {
if exists(getQualifier()) then
if exists(getQualifier())
then
// If given a qualifier, use the value specified.
result = getQualifier().getQualifierValue()
else
@ -187,11 +186,15 @@ class SpringComponent extends RefType {
* enabled, then the package of this class must belong in one of the packages defined as a base
* package.
*/
not isSpringXMLEnabled() or (
not isSpringXMLEnabled()
or
(
exists(SpringBasePackage sbp |
this.getPackage().getName().prefix(sbp.length() + 1) = sbp + "." or
this.getPackage().getName() = sbp
) and (
) and
(
not exists(getAProfileExpr()) or
getAProfileExpr().(SpringProfileExpr).isActive()
)
@ -205,8 +208,10 @@ class SpringComponent extends RefType {
string getAProfileExpr() {
exists(Annotation profileAnnotation |
profileAnnotation = getAnAnnotation() and
profileAnnotation.getType().hasQualifiedName("org.springframework.context.annotation", "Profile")
|
profileAnnotation
.getType()
.hasQualifiedName("org.springframework.context.annotation", "Profile")
|
result = profileAnnotation.getAValue("value").(StringLiteral).getRepresentedString()
)
}

40
java/ql/src/semmle/code/java/frameworks/spring/SpringConstructorArg.qll
Просмотреть файл

@ -6,29 +6,19 @@ import semmle.code.java.frameworks.spring.SpringValue
/** A `<constructor-arg>` element in a Spring XML file. */
class SpringConstructorArg extends SpringXMLElement {
SpringConstructorArg() {
this.getName() = "constructor-arg"
}
SpringConstructorArg() { this.getName() = "constructor-arg" }
/** Holds if this `constructor-arg` element has an `index` attribute. */
predicate hasArgIndex() {
this.hasAttribute("index")
}
predicate hasArgIndex() { this.hasAttribute("index") }
/** Gets the value of the `index` attribute. */
string getArgIndex() {
result = this.getAttributeValue("index")
}
string getArgIndex() { result = this.getAttributeValue("index") }
/** Holds if the `constructor-arg` has a `ref` attribute. */
predicate hasArgRefString() {
this.hasAttribute("ref")
}
predicate hasArgRefString() { this.hasAttribute("ref") }
/** Gets the value of the `ref` attribute. */
string getArgRefString() {
result = this.getAttributeValue("ref")
}
string getArgRefString() { result = this.getAttributeValue("ref") }
/**
* Gets the bean pointed to by the `ref` attribute or a child `<ref>` or `<idref>` element.
@ -40,24 +30,16 @@ class SpringConstructorArg extends SpringXMLElement {
}
/** Holds if the `constructor-arg` has a `type` attribute. */
predicate hasArgTypeName() {
this.hasAttribute("type")
}
predicate hasArgTypeName() { this.hasAttribute("type") }
/** Gets the value of the `type` attribute. */
string getArgTypeName() {
result = this.getAttributeValue("type")
}
string getArgTypeName() { result = this.getAttributeValue("type") }
/** Gets the Java `RefType` (class or interface) that the `type` attribute refers to. */
RefType getArgType() {
result.getQualifiedName() = this.getArgTypeName()
}
RefType getArgType() { result.getQualifiedName() = this.getArgTypeName() }
/** Holds if the `constructor-arg` has a `value` attribute. */
predicate hasArgValueString() {
this.hasAttribute("value")
}
predicate hasArgValueString() { this.hasAttribute("value") }
/**
* Gets the value of the `value` attribute.
@ -65,9 +47,7 @@ class SpringConstructorArg extends SpringXMLElement {
* Note that this does not take into consideration any
* nested `<value>` elements. (See also `getArgValue()`.)
*/
string getArgValueString() {
result = this.getAttributeValue("value")
}
string getArgValueString() { result = this.getAttributeValue("value") }
/**
* Gets the value of the `value` attribute, or the content of a child `<value>`

27
java/ql/src/semmle/code/java/frameworks/spring/SpringController.qll
Просмотреть файл

@ -16,18 +16,14 @@ class SpringControllerAnnotation extends AnnotationType {
* A class annotated, directly or indirectly, as a Spring `Controller`.
*/
class SpringController extends Class {
SpringController() {
getAnAnnotation().getType() instanceof SpringControllerAnnotation
}
SpringController() { getAnAnnotation().getType() instanceof SpringControllerAnnotation }
}
/**
* A method on a Spring controller which is accessed by the Spring MVC framework.
*/
abstract class SpringControllerMethod extends Method {
SpringControllerMethod() {
getDeclaringType() instanceof SpringController
}
SpringControllerMethod() { getDeclaringType() instanceof SpringController }
}
/**
@ -41,6 +37,7 @@ class SpringModelAttributeMethod extends SpringControllerMethod {
* the annotation. We have to do this explicit check because the @ModelAttribute annotation is
* not declared with @Inherited.
*/
exists(Method superMethod |
this.overrides*(superMethod) and
superMethod.hasAnnotation("org.springframework.web.bind.annotation", "ModelAttribute")
@ -58,6 +55,7 @@ class SpringInitBinderMethod extends SpringControllerMethod {
* the annotation. We have to do this explicit check because the @InitBinder annotation is
* not declared with @Inherited.
*/
exists(Method superMethod |
this.overrides*(superMethod) and
superMethod.hasAnnotation("org.springframework.web.bind.annotation", "InitBinder")
@ -75,6 +73,7 @@ class SpringRequestMappingMethod extends SpringControllerMethod {
* the annotation. We have to do this explicit check because the @RequestMapping annotation is
* not declared with @Inherited.
*/
exists(Method superMethod |
this.overrides*(superMethod) and
superMethod.hasAnnotation("org.springframework.web.bind.annotation", "RequestMapping")
@ -87,9 +86,7 @@ class SpringRequestMappingMethod extends SpringControllerMethod {
* the method, which will be used to render the response e.g. as a JSP file.
*/
abstract class SpringModel extends Parameter {
SpringModel() {
getCallable() instanceof SpringRequestMappingMethod
}
SpringModel() { getCallable() instanceof SpringRequestMappingMethod }
/**
* Types for which instances are placed inside the model.
@ -101,15 +98,13 @@ abstract class SpringModel extends Parameter {
* A `java.util.Map` can be accepted as the model parameter for a Spring `RequestMapping` method.
*/
class SpringModelPlainMap extends SpringModel {
SpringModelPlainMap() {
getType().(RefType).hasQualifiedName("java.util", "Map")
}
SpringModelPlainMap() { getType().(RefType).hasQualifiedName("java.util", "Map") }
override RefType getATypeInModel() {
exists(MethodAccess methodCall |
methodCall.getQualifier() = getAnAccess() and
methodCall.getCallee().hasName("put")
|
|
result = methodCall.getArgument(1).getType()
)
}
@ -129,7 +124,7 @@ class SpringModelModel extends SpringModel {
exists(MethodAccess methodCall |
methodCall.getQualifier() = getAnAccess() and
methodCall.getCallee().hasName("addAttribute")
|
|
result = methodCall.getArgument(methodCall.getNumArgument() - 1).getType()
)
}
@ -143,8 +138,6 @@ class SpringModelResponseType extends RefType {
exists(SpringModelAttributeMethod modelAttributeMethod |
this = modelAttributeMethod.getReturnType()
) or
exists(SpringModel model |
usesType(model.getATypeInModel(), this)
)
exists(SpringModel model | usesType(model.getATypeInModel(), this))
}
}

4
java/ql/src/semmle/code/java/frameworks/spring/SpringDescription.qll
Просмотреть файл

@ -7,7 +7,5 @@ import semmle.code.java.frameworks.spring.SpringXMLElement
* Its contents can be accessed using `SpringXMLElement.getContentString()`.
*/
class SpringDescription extends SpringXMLElement {
SpringDescription() {
this.getName() = "description"
}
SpringDescription() { this.getName() = "description" }
}

65
java/ql/src/semmle/code/java/frameworks/spring/SpringEntry.qll
Просмотреть файл

@ -7,29 +7,19 @@ import semmle.code.java.frameworks.spring.SpringValue
/** An `<entry>` element in Spring XML files. */
class SpringEntry extends SpringXMLElement {
SpringEntry() {
this.getName() = "entry"
}
SpringEntry() { this.getName() = "entry" }
/** Holds if this `entry` has a `key` attribute. */
predicate hasKeyString() {
this.hasAttribute("key")
}
predicate hasKeyString() { this.hasAttribute("key") }
/** Gets the value of the `key` attribute. */
string getKeyString() {
result = this.getAttributeValue("key")
}
string getKeyString() { result = this.getAttributeValue("key") }
/** Holds if this `entry` has a `key-ref` attribute. */
predicate hasKeyRefString() {
this.hasAttribute("key-ref")
}
predicate hasKeyRefString() { this.hasAttribute("key-ref") }
/** Gets the value of `key-ref` attribute. */
string getKeyRefString() {
result = this.getAttributeValue("key-ref")
}
string getKeyRefString() { result = this.getAttributeValue("key-ref") }
/**
* Gets the bean pointed to by the `key-ref` attribute, or a nested
@ -38,22 +28,19 @@ class SpringEntry extends SpringXMLElement {
SpringBean getKeyRefBean() {
if this.hasKeyRefString()
then result.getBeanIdentifier() = this.getKeyRefString()
else exists(SpringKey key, SpringAbstractRef ref |
key = this.getASpringChild() and
ref = key.getASpringChild() and
result = ref.getBean()
)
else
exists(SpringKey key, SpringAbstractRef ref |
key = this.getASpringChild() and
ref = key.getASpringChild() and
result = ref.getBean()
)
}
/** Holds if this `entry` has a `value` attribute. */
predicate hasValueStringRaw() {
this.hasAttribute("value")
}
predicate hasValueStringRaw() { this.hasAttribute("value") }
/** Gets the value of the `value` attribute. */
string getValueStringRaw() {
result = this.getAttributeValue("value")
}
string getValueStringRaw() { result = this.getAttributeValue("value") }
/**
* Gets the value of the `value` attribute, or a nested `<value>` element, whichever
@ -62,21 +49,18 @@ class SpringEntry extends SpringXMLElement {
string getValueString() {
if this.hasValueStringRaw()
then result = this.getValueStringRaw()
else exists(SpringValue val |
val = this.getASpringChild() and
result = val.getContentString()
)
else
exists(SpringValue val |
val = this.getASpringChild() and
result = val.getContentString()
)
}
/** Holds if this `entry` has a `value-ref` attribute. */
predicate hasValueRefString() {
this.hasAttribute("value-ref")
}
predicate hasValueRefString() { this.hasAttribute("value-ref") }
/** Gets the value of the `value-ref` attribute. */
string getValueRefString() {
result = this.getAttributeValue("value-ref")
}
string getValueRefString() { result = this.getAttributeValue("value-ref") }
/**
* Gets the bean pointed to by either the `value-ref` attribute, or a nested
@ -85,9 +69,10 @@ class SpringEntry extends SpringXMLElement {
SpringBean getValueRefBean() {
if this.hasValueRefString()
then result.getBeanIdentifier() = this.getValueRefString()
else exists(SpringAbstractRef ref |
ref = this.getASpringChild() and
result = ref.getBean()
)
else
exists(SpringAbstractRef ref |
ref = this.getASpringChild() and
result = ref.getBean()
)
}
}

22
java/ql/src/semmle/code/java/frameworks/spring/SpringFlex.qll
Просмотреть файл

@ -10,9 +10,7 @@ import semmle.code.java.frameworks.spring.SpringXMLElement
/** Represents a `<remoting-destination>` element in Spring XML files. */
class SpringRemotingDestination extends SpringXMLElement {
SpringRemotingDestination() {
this.getName() = "remoting-destination"
}
SpringRemotingDestination() { this.getName() = "remoting-destination" }
/**
* Gets the bean that this remoting destination refers to.
@ -44,7 +42,8 @@ class SpringRemotingDestinationClass extends Class {
SpringRemotingDestinationClass() {
exists(SpringRemotingDestination remotingDestination |
this = remotingDestination.getSpringBean().getClass()
) or
)
or
(
hasAnnotation("org.springframework.flex.remoting", "RemotingDestination") and
// Must either be a live bean, or a live component.
@ -58,9 +57,7 @@ class SpringRemotingDestinationClass extends Class {
/**
* Gets the XML configuration of the remoting destination, if it was configured in XML.
*/
SpringRemotingDestination getRemotingDestinationXML() {
this = result.getSpringBean().getClass()
}
SpringRemotingDestination getRemotingDestinationXML() { this = result.getSpringBean().getClass() }
/**
* Holds if the class is operating on an "include" or "exclude" basis.
@ -71,7 +68,10 @@ class SpringRemotingDestinationClass extends Class {
* basis, only those methods that are not marked as excluded are exported.
*/
predicate isIncluding() {
exists(Method m | m = getAMethod() | m.hasAnnotation("org.springframework.flex.remoting", "RemotingInclude")) or
exists(Method m | m = getAMethod() |
m.hasAnnotation("org.springframework.flex.remoting", "RemotingInclude")
)
or
exists(getRemotingDestinationXML().getAnIncludeMethod())
}
@ -80,11 +80,11 @@ class SpringRemotingDestinationClass extends Class {
*/
Method getARemotingMethod() {
result = this.getAMethod() and
if isIncluding() then
if isIncluding()
then
result.hasAnnotation("org.springframework.flex.remoting", "RemotingInclude") or
result.getName() = getRemotingDestinationXML().getAnIncludeMethod()
else
(
else (
not result.hasAnnotation("org.springframework.flex.remoting", "RemotingExclude") and
not result.getName() = getRemotingDestinationXML().getAnExcludeMethod()
)

6
java/ql/src/semmle/code/java/frameworks/spring/SpringIdRef.qll
Просмотреть файл

@ -2,8 +2,4 @@ import java
import semmle.code.java.frameworks.spring.SpringAbstractRef
/** An `<idref>` element in a Spring XML file. */
class SpringIdRef extends SpringAbstractRef {
SpringIdRef() {
this.getName() = "idref"
}
}
class SpringIdRef extends SpringAbstractRef { SpringIdRef() { this.getName() = "idref" } }

8
java/ql/src/semmle/code/java/frameworks/spring/SpringImport.qll
Просмотреть файл

@ -3,12 +3,8 @@ import semmle.code.java.frameworks.spring.SpringXMLElement
/** An `<import>` element in a Spring XML file. */
class SpringImport extends SpringXMLElement {
SpringImport() {
this.getName() = "import"
}
SpringImport() { this.getName() = "import" }
/** Gets the value of the `resource` attribute. */
string getResourceString() {
result = this.getAttributeValue("resource")
}
string getResourceString() { result = this.getAttributeValue("resource") }
}

6
java/ql/src/semmle/code/java/frameworks/spring/SpringKey.qll
Просмотреть файл

@ -2,8 +2,4 @@ import java
import semmle.code.java.frameworks.spring.SpringXMLElement
/** A `<key>` element in Spring XML files. */
class SpringKey extends SpringXMLElement {
SpringKey() {
this.getName() = "key"
}
}
class SpringKey extends SpringXMLElement { SpringKey() { this.getName() = "key" } }

6
java/ql/src/semmle/code/java/frameworks/spring/SpringList.qll
Просмотреть файл

@ -2,8 +2,4 @@ import java
import semmle.code.java.frameworks.spring.SpringListOrSet
/** A `<list>` element in Spring XML files. */
class SpringList extends SpringListOrSet {
SpringList() {
this.getName() = "list"
}
}
class SpringList extends SpringListOrSet { SpringList() { this.getName() = "list" } }

8
java/ql/src/semmle/code/java/frameworks/spring/SpringListOrSet.qll
Просмотреть файл

@ -12,12 +12,8 @@ class SpringListOrSet extends SpringMergable {
}
/** Gets the value of the `value-type` attribute. */
string getValueTypeName() {
result = this.getAttributeValue("value-type")
}
string getValueTypeName() { result = this.getAttributeValue("value-type") }
/** Gets the Java `RefType` (class or interface) that corresponds to the `value-type` attribute. */
RefType getValueType() {
result.getQualifiedName() = this.getValueTypeName()
}
RefType getValueType() { result.getQualifiedName() = this.getValueTypeName() }
}

16
java/ql/src/semmle/code/java/frameworks/spring/SpringLookupMethod.qll
Просмотреть файл

@ -4,24 +4,16 @@ import semmle.code.java.frameworks.spring.SpringBean
/** A `<lookup-method>` element in a Spring XML file. */
class SpringLookupMethod extends SpringXMLElement {
SpringLookupMethod() {
this.getName() = "lookup-method"
}
SpringLookupMethod() { this.getName() = "lookup-method" }
/** Gets the value of the `bean` attribute. */
string getBeanName() {
result = this.getAttributeValue("bean")
}
string getBeanName() { result = this.getAttributeValue("bean") }
/** Gets the bean referred to by the `bean` attribute. */
SpringBean getBean() {
result.getBeanIdentifier() = this.getBeanName()
}
SpringBean getBean() { result.getBeanIdentifier() = this.getBeanName() }
/** Gets the value of the `name` attribute. */
string getMethodName() {
result = this.getAttributeValue("name")
}
string getMethodName() { result = this.getAttributeValue("name") }
/**
* Gets the Java method referred to by the lookup-method element.

20
java/ql/src/semmle/code/java/frameworks/spring/SpringMap.qll
Просмотреть файл

@ -3,27 +3,17 @@ import semmle.code.java.frameworks.spring.SpringMergable
/** A `<map>` element in Spring XML files. */
class SpringMap extends SpringMergable {
SpringMap() {
this.getName() = "map"
}
SpringMap() { this.getName() = "map" }
/** Gets the value of the `key-type` attribute. */
string getKeyTypeName() {
result = this.getAttributeValue("key-type")
}
string getKeyTypeName() { result = this.getAttributeValue("key-type") }
/** Gets the Java `RefType` (class or interface) that is referred to by the `key-type` attribute. */
RefType getKeyType() {
result.getQualifiedName() = this.getKeyTypeName()
}
RefType getKeyType() { result.getQualifiedName() = this.getKeyTypeName() }
/** Gets the value of the `value-type` attribute. */
string getValueTypeName() {
result = this.getAttributeValue("value-type")
}
string getValueTypeName() { result = this.getAttributeValue("value-type") }
/** Gets the Java `RefType` (class or interface) that is referred to by the `value-type` attribute. */
RefType getValueType() {
result.getQualifiedName() = this.getValueTypeName()
}
RefType getValueType() { result.getQualifiedName() = this.getValueTypeName() }
}

4
java/ql/src/semmle/code/java/frameworks/spring/SpringMergable.qll
Просмотреть файл

@ -5,9 +5,7 @@ import semmle.code.java.frameworks.spring.SpringXMLElement
* A common superclass for mergeable Spring XML elements (`list`, `map`).
*/
/*abstract*/ class SpringMergable extends SpringXMLElement {
string getMergeRaw() {
result = this.getAttributeValueWithDefault("merge")
}
string getMergeRaw() { result = this.getAttributeValueWithDefault("merge") }
/** Holds if this element is merged, taking `default-merged` values in `<beans>` into account. */
predicate isMerged() {

12
java/ql/src/semmle/code/java/frameworks/spring/SpringMeta.qll
Просмотреть файл

@ -3,17 +3,11 @@ import semmle.code.java.frameworks.spring.SpringXMLElement
/** A `<meta>` element in Spring XML files. */
class SpringMeta extends SpringXMLElement {
SpringMeta() {
this.getName() = "meta"
}
SpringMeta() { this.getName() = "meta" }
/** Gets the value of the `key` attribute. */
string getMetaKey() {
result = this.getAttributeValue("key")
}
string getMetaKey() { result = this.getAttributeValue("key") }
/** Gets the value of the `value` attribute. */
string getMetaValue() {
result = this.getAttributeValue("value")
}
string getMetaValue() { result = this.getAttributeValue("value") }
}

6
java/ql/src/semmle/code/java/frameworks/spring/SpringNull.qll
Просмотреть файл

@ -2,8 +2,4 @@ import java
import semmle.code.java.frameworks.spring.SpringXMLElement
/** A `<null>` element in Spring XML files. */
class SpringNull extends SpringXMLElement {
SpringNull() {
this.getName() = "null"
}
}
class SpringNull extends SpringXMLElement { SpringNull() { this.getName() = "null" } }

30
java/ql/src/semmle/code/java/frameworks/spring/SpringProfile.qll
Просмотреть файл

@ -18,9 +18,7 @@ class SpringProfileExpr extends string {
/**
* Gets the profile described in this profile expression.
*/
string getProfile() {
result = this
}
string getProfile() { result = this }
/**
* This profile expression is active if it can ever be evaluated to true, according to our
@ -39,24 +37,18 @@ class SpringProfileExpr extends string {
* A Spring profile expression that begins with "!", indicating a negated expression.
*/
class NotSpringProfileExpr extends SpringProfileExpr {
NotSpringProfileExpr() {
this.prefix(1) = "!"
}
NotSpringProfileExpr() { this.prefix(1) = "!" }
/**
* Gets the profile described in this profile expression.
*/
override string getProfile() {
result = this.substring(1, this.length())
}
override string getProfile() { result = this.substring(1, this.length()) }
/**
* This profile expression is active if it can ever be evaluated to true, according to our
* knowledge of which profiles are sometimes/never/always enabled.
*/
override predicate isActive() {
not getProfile() instanceof AlwaysEnabledSpringProfile
}
override predicate isActive() { not getProfile() instanceof AlwaysEnabledSpringProfile }
}
/**
@ -64,21 +56,16 @@ class NotSpringProfileExpr extends SpringProfileExpr {
*/
class SpringProfile extends string {
SpringProfile() {
exists(SpringProfileExpr springProfileExpr |
this = springProfileExpr.getProfile()
)
exists(SpringProfileExpr springProfileExpr | this = springProfileExpr.getProfile())
}
}
/**
* A Spring profile that is always enabled.
*/
abstract class AlwaysEnabledSpringProfile extends string {
bindingset[this]
AlwaysEnabledSpringProfile() {
this.length() < 100
}
AlwaysEnabledSpringProfile() { this.length() < 100 }
}
/**
@ -96,13 +83,10 @@ class SometimesEnabledSpringProfile extends string {
}
}
/**
* A Spring profile that is never enabled.
*/
abstract class NeverEnabledSpringProfile extends string {
bindingset[this]
NeverEnabledSpringProfile() {
this.length() < 100
}
NeverEnabledSpringProfile() { this.length() < 100 }
}

8
java/ql/src/semmle/code/java/frameworks/spring/SpringProp.qll
Просмотреть файл

@ -3,12 +3,8 @@ import semmle.code.java.frameworks.spring.SpringXMLElement
/** A `<prop>` element in Spring XML files. */
class SpringProp extends SpringXMLElement {
SpringProp() {
this.getName() = "prop"
}
SpringProp() { this.getName() = "prop" }
/** Gets the value of the `key` attribute. */
string getKeyString() {
result = this.getAttributeValue("key")
}
string getKeyString() { result = this.getAttributeValue("key") }
}

53
java/ql/src/semmle/code/java/frameworks/spring/SpringProperty.qll
Просмотреть файл

@ -7,48 +7,35 @@ import semmle.code.java.frameworks.spring.SpringValue
/** A `<property>` element in Spring XML files. */
class SpringProperty extends SpringXMLElement {
SpringProperty() {
this.getName() = "property"
}
SpringProperty() { this.getName() = "property" }
override string toString() {
result = this.getPropertyName()
}
override string toString() { result = this.getPropertyName() }
/** Gets the value of the `name` attribute. */
string getPropertyName() {
result = this.getAttributeValue("name")
}
string getPropertyName() { result = this.getAttributeValue("name") }
/** Holds if this property has a `ref` attribute. */
predicate hasPropertyRefString() {
this.hasAttribute("ref")
}
predicate hasPropertyRefString() { this.hasAttribute("ref") }
/** Gets the value of the `ref` attribute. */
string getPropertyRefString() {
result = this.getAttributeValue("ref")
}
string getPropertyRefString() { result = this.getAttributeValue("ref") }
/** Gets the bean referred to by the `ref` attribute or a nested `<ref>` element. */
SpringBean getPropertyRefBean() {
if this.hasPropertyRefString()
then result.getBeanIdentifier() = this.getPropertyRefString()
else exists(SpringAbstractRef ref |
ref = this.getASpringChild() and
result = ref.getBean()
)
else
exists(SpringAbstractRef ref |
ref = this.getASpringChild() and
result = ref.getBean()
)
}
/** Holds if this property has a `value` attribute. */
predicate hasPropertyValueString() {
this.hasAttribute("value")
}
predicate hasPropertyValueString() { this.hasAttribute("value") }
/** Gets the value of the `value` attribute. */
string getPropertyValueString() {
result = this.getAttributeValue("value")
}
string getPropertyValueString() { result = this.getAttributeValue("value") }
/**
* Gets the value of the `value` attribute, or a nested `<value>` element,
@ -57,10 +44,11 @@ class SpringProperty extends SpringXMLElement {
string getPropertyValue() {
if this.hasPropertyValueString()
then result = this.getPropertyValueString()
else exists(SpringValue val |
val = this.getASpringChild() and
result = val.getContentString()
)
else
exists(SpringValue val |
val = this.getASpringChild() and
result = val.getContentString()
)
}
/**
@ -68,8 +56,11 @@ class SpringProperty extends SpringXMLElement {
* Currently only checks the property name and references to beans.
*/
override predicate isSimilar(SpringXMLElement element) {
exists(SpringProperty other | other = element and this.getPropertyName() = other.getPropertyName() |
this.getPropertyRefBean() = other.getPropertyRefBean() or
exists(SpringProperty other |
other = element and this.getPropertyName() = other.getPropertyName()
|
this.getPropertyRefBean() = other.getPropertyRefBean()
or
exists(SpringBean thisBean, SpringBean otherBean |
thisBean = this.getASpringChild() and
otherBean = other.getASpringChild() and

6
java/ql/src/semmle/code/java/frameworks/spring/SpringProps.qll
Просмотреть файл

@ -2,8 +2,4 @@ import java
import semmle.code.java.frameworks.spring.SpringMergable
/** A `<props>` element in a Spring XML file. */
class SpringProps extends SpringMergable {
SpringProps() {
this.getName() = "props"
}
}
class SpringProps extends SpringMergable { SpringProps() { this.getName() = "props" } }

12
java/ql/src/semmle/code/java/frameworks/spring/SpringQualifier.qll
Просмотреть файл

@ -3,9 +3,7 @@ import semmle.code.java.frameworks.spring.SpringXMLElement
/** A `<qualifier>` element in a Spring XML file. */
class SpringQualifier extends SpringXMLElement {
SpringQualifier() {
this.getName() = "qualifier"
}
SpringQualifier() { this.getName() = "qualifier" }
/** Gets the name of the Java class of this qualifier. */
string getQualifierTypeName() {
@ -15,12 +13,8 @@ class SpringQualifier extends SpringXMLElement {
}
/** Holds if this qualifier has a `value` attribute. */
predicate hasQualifierValue() {
this.hasAttribute("value")
}
predicate hasQualifierValue() { this.hasAttribute("value") }
/** Gets the value of the `value` attribute. */
string getQualifierValue() {
result = this.getAttributeValue("value")
}
string getQualifierValue() { result = this.getAttributeValue("value") }
}

12
java/ql/src/semmle/code/java/frameworks/spring/SpringRef.qll
Просмотреть файл

@ -3,19 +3,13 @@ import semmle.code.java.frameworks.spring.SpringAbstractRef
/** A `<ref>` element in a Spring XML file. */
class SpringRef extends SpringAbstractRef {
SpringRef() {
this.getName() = "ref"
}
SpringRef() { this.getName() = "ref" }
/** Holds if this `ref` has a `parent` attribute. */
predicate hasBeanNameInParent() {
this.hasAttribute("parent")
}
predicate hasBeanNameInParent() { this.hasAttribute("parent") }
/** Gets the value of the `parent` attribute. */
string getBeanNameInParent() {
result = this.getAttributeValue("parent")
}
string getBeanNameInParent() { result = this.getAttributeValue("parent") }
/** Gets the bean referred to by the `ref` element. */
override SpringBean getBean() {

16
java/ql/src/semmle/code/java/frameworks/spring/SpringReplacedMethod.qll
Просмотреть файл

@ -4,22 +4,14 @@ import semmle.code.java.frameworks.spring.SpringBean
/** A `<replaced-method>` element in a Spring XML file. */
class SpringReplacedMethod extends SpringXMLElement {
SpringReplacedMethod() {
this.getName() = "replaced-method"
}
SpringReplacedMethod() { this.getName() = "replaced-method" }
/** Gets the value of the `name` attribute. */
string getMethodName() {
result = this.getAttributeValue("name")
}
string getMethodName() { result = this.getAttributeValue("name") }
/** Gets the value of the `replacer` attribute. */
string getReplacerBeanName() {
result = this.getAttributeValue("replacer")
}
string getReplacerBeanName() { result = this.getAttributeValue("replacer") }
/** Gets the bean referred to by the `replacer` attribute. */
SpringBean getReplacerBean() {
result.getBeanIdentifier() = this.getReplacerBeanName()
}
SpringBean getReplacerBean() { result.getBeanIdentifier() = this.getReplacerBeanName() }
}

6
java/ql/src/semmle/code/java/frameworks/spring/SpringSet.qll
Просмотреть файл

@ -2,8 +2,4 @@ import java
import semmle.code.java.frameworks.spring.SpringListOrSet
/** A `<set>` element in a Spring XML file. */
class SpringSet extends SpringListOrSet {
SpringSet() {
this.getName() = "set"
}
}
class SpringSet extends SpringListOrSet { SpringSet() { this.getName() = "set" } }

12
java/ql/src/semmle/code/java/frameworks/spring/SpringValue.qll
Просмотреть файл

@ -3,17 +3,11 @@ import semmle.code.java.frameworks.spring.SpringXMLElement
/** A `<value>` element in a Spring XML file. */
class SpringValue extends SpringXMLElement {
SpringValue() {
this.getName() = "value"
}
SpringValue() { this.getName() = "value" }
/** Gets the value of the `type` attribute. */
string getTypeName() {
result = this.getAttributeValue("type")
}
string getTypeName() { result = this.getAttributeValue("type") }
/** Gets the Java `RefType` (class or interface) referred to by the `type` attribute. */
RefType getType() {
result.getQualifiedName() = this.getTypeName()
}
RefType getType() { result.getQualifiedName() = this.getTypeName() }
}

24
java/ql/src/semmle/code/java/frameworks/spring/SpringXMLElement.qll
Просмотреть файл

@ -4,19 +4,13 @@ import semmle.code.java.frameworks.spring.SpringBean
/** A common superclass for all Spring XML elements. */
class SpringXMLElement extends XMLElement {
SpringXMLElement() {
this.getFile() instanceof SpringBeanFile
}
SpringXMLElement() { this.getFile() instanceof SpringBeanFile }
/** Gets a child of this Spring XML element. */
SpringXMLElement getASpringChild() {
result = this.getAChild()
}
SpringXMLElement getASpringChild() { result = this.getAChild() }
/** Gets the bean file of this XML element. */
SpringBeanFile getSpringBeanFile() {
result = this.getFile()
}
SpringBeanFile getSpringBeanFile() { result = this.getFile() }
/**
* Gets the value of the attribute with name `attributeName`, or "default" if the
@ -25,8 +19,8 @@ class SpringXMLElement extends XMLElement {
string getAttributeValueWithDefault(string attributeName) {
this.hasAttribute(attributeName) and
if exists(XMLAttribute a | a = this.getAttribute(attributeName))
then result = this.getAttributeValue(attributeName)
else result = "default"
then result = this.getAttributeValue(attributeName)
else result = "default"
}
/** Gets the closest enclosing `<bean>` element. */
@ -39,11 +33,7 @@ class SpringXMLElement extends XMLElement {
/**
* Overridden by subclasses. Used to match `value`, `property` and `ref` elements for similarity.
*/
predicate isSimilar(SpringXMLElement other) {
none()
}
predicate isSimilar(SpringXMLElement other) { none() }
string getContentString() {
result = this.allCharactersString()
}
string getContentString() { result = this.allCharactersString() }
}

40
java/ql/src/semmle/code/java/frameworks/spring/metrics/MetricSpringBean.qll
Просмотреть файл

@ -11,19 +11,23 @@ predicate springDepends(SpringBean b1, SpringBean b2, SpringXMLElement cause) {
ref.getEnclosingBean() = b1 and
ref.getBean() = b2 and
cause = ref
) or
)
or
exists(SpringConstructorArg arg |
arg.getEnclosingBean() = b1 and
arg.getArgRefBean() = b2 and
cause = arg
) or
)
or
exists(SpringEntry entry |
entry.getEnclosingBean() = b1 and
( entry.getKeyRefBean() = b2 or
(
entry.getKeyRefBean() = b2 or
entry.getValueRefBean() = b2
) and
cause = entry
) or
)
or
exists(SpringProperty prop |
prop.getEnclosingBean() = b1 and
prop.getPropertyRefBean() = b2 and
@ -32,35 +36,25 @@ predicate springDepends(SpringBean b1, SpringBean b2, SpringXMLElement cause) {
}
class MetricSpringBean extends SpringBean {
int getAfferentCoupling() {
result = count(SpringBean other |
springDepends(other, this, _)
)
}
int getAfferentCoupling() { result = count(SpringBean other | springDepends(other, this, _)) }
int getEfferentCoupling() {
result = count(SpringBean other |
springDepends(this, other, _)
)
}
int getEfferentCoupling() { result = count(SpringBean other | springDepends(this, other, _)) }
int getLocalAfferentCoupling() {
result = count(SpringBean other |
springDepends(other, this, _) and
this.getSpringBeanFile() = other.getSpringBeanFile()
)
springDepends(other, this, _) and
this.getSpringBeanFile() = other.getSpringBeanFile()
)
}
int getLocalEfferentCoupling() {
result = count(SpringBean other |
springDepends(this, other, _) and
this.getSpringBeanFile() = other.getSpringBeanFile()
)
springDepends(this, other, _) and
this.getSpringBeanFile() = other.getSpringBeanFile()
)
}
SpringBean getABeanDependency() {
springDepends(this, result, _)
}
SpringBean getABeanDependency() { springDepends(this, result, _) }
SpringBean getALocalBeanDependency() {
springDepends(this, result, _) and

4
java/ql/src/semmle/code/java/frameworks/spring/metrics/MetricSpringBeanFile.qll
Просмотреть файл

@ -15,7 +15,5 @@ class MetricSpringBeanFile extends SpringBeanFile {
result = count(MetricSpringBeanFile other | other.getASpringBeanFileDependency() = this)
}
int getEfferentCoupling() {
result = count(this.getASpringBeanFileDependency())
}
int getEfferentCoupling() { result = count(this.getASpringBeanFileDependency()) }
}

106
java/ql/src/semmle/code/java/frameworks/struts/StrutsActions.qll
Просмотреть файл

@ -19,19 +19,22 @@ class Struts2ActionClass extends Class {
* If there are no XML files present, then we assume we any class that extends a struts 2
* action must be reflectively constructed, as we have no better indication.
*/
not exists(XMLFile xmlFile) and
this.getAnAncestor().hasQualifiedName("com.opensymphony.xwork2", "Action")
) or
)
or
/*
* If there is a struts.xml file, then any class that is specified as an action is considered
* to be reflectively constructed.
*/
exists(StrutsXMLAction strutsAction |
this = strutsAction.getActionClass()
) or
exists(StrutsXMLAction strutsAction | this = strutsAction.getActionClass())
or
/*
* We have determined that this is an action class due to the conventions plugin.
*/
this instanceof Struts2ConventionActionClass
}
@ -40,9 +43,10 @@ class Struts2ActionClass extends Class {
*/
Method getActionMethod() {
this.inherits(result) and
if getStrutsMapperClass(this) = "org.apache.struts2.dispatcher.mapper.Restful2ActionMapper" or
getStrutsMapperClass(this) = "org.apache.struts2.dispatcher.mapper.RestfulActionMapper" then
(
if
getStrutsMapperClass(this) = "org.apache.struts2.dispatcher.mapper.Restful2ActionMapper" or
getStrutsMapperClass(this) = "org.apache.struts2.dispatcher.mapper.RestfulActionMapper"
then (
// The "Restful" action mapper maps rest APIs to specific methods
result.hasName("index") or
result.hasName("create") or
@ -50,44 +54,48 @@ class Struts2ActionClass extends Class {
result.hasName("view") or
result.hasName("remove") or
result.hasName("update")
)
else if getStrutsMapperClass(this) = "org.apache.struts2.rest.RestActionMapper" or
getStrutsMapperClass(this) = "rest" then
(
/*
* The "Rest" action mapper is provided with the rest plugin, and maps rest APIs to specific
* methods based on a "ruby-on-rails" style.
*/
result.hasName("index") or
result.hasName("show") or
result.hasName("edit") or
result.hasName("editNew") or
result.hasName("create") or
result.hasName("update") or
result.hasName("destroy")
)
else if exists(getStrutsMapperClass(this)) then
// Any method could be live, as this is a custom mapper
any()
else
(
// Use the default mapping
exists(StrutsXMLAction strutsAction |
this = strutsAction.getActionClass() and
result = strutsAction.getActionMethod()
) or
result = this.(Struts2ConventionActionClass).getAnActionMethod() or
(
// In the fall-back case, use both the "execute" and any annotated methods
not exists(XMLFile xmlFile) and
(
result.hasName("executes") or
exists(StrutsActionAnnotation actionAnnotation |
result = actionAnnotation.getActionCallable()
) else
if
getStrutsMapperClass(this) = "org.apache.struts2.rest.RestActionMapper" or
getStrutsMapperClass(this) = "rest"
then (
/*
* The "Rest" action mapper is provided with the rest plugin, and maps rest APIs to specific
* methods based on a "ruby-on-rails" style.
*/
result.hasName("index") or
result.hasName("show") or
result.hasName("edit") or
result.hasName("editNew") or
result.hasName("create") or
result.hasName("update") or
result.hasName("destroy")
) else
if exists(getStrutsMapperClass(this))
then
// Any method could be live, as this is a custom mapper
any()
else (
// Use the default mapping
exists(StrutsXMLAction strutsAction |
this = strutsAction.getActionClass() and
result = strutsAction.getActionMethod()
)
or
result = this.(Struts2ConventionActionClass).getAnActionMethod()
or
(
// In the fall-back case, use both the "execute" and any annotated methods
not exists(XMLFile xmlFile) and
(
result.hasName("executes") or
exists(StrutsActionAnnotation actionAnnotation |
result = actionAnnotation.getActionCallable()
)
)
)
)
)
)
}
/**
@ -108,7 +116,9 @@ class Struts2ActionClass extends Class {
exists(Struts2ActionMethod actionMethod |
actionMethod = getActionMethod() and
inherits(result) and
result.hasName("prepare" + actionMethod.getName().charAt(0).toUpperCase() + actionMethod.getName().suffix(1))
result
.hasName("prepare" + actionMethod.getName().charAt(0).toUpperCase() +
actionMethod.getName().suffix(1))
)
}
}
@ -118,9 +128,7 @@ class Struts2ActionClass extends Class {
*/
class Struts2ActionMethod extends Method {
Struts2ActionMethod() {
exists(Struts2ActionClass actionClass |
this = actionClass.getActionMethod()
)
exists(Struts2ActionClass actionClass | this = actionClass.getActionMethod())
}
}
@ -129,8 +137,6 @@ class Struts2ActionMethod extends Method {
*/
class Struts2PrepareMethod extends Method {
Struts2PrepareMethod() {
exists(Struts2ActionClass actionClass |
this = actionClass.getPrepareMethod()
)
exists(Struts2ActionClass actionClass | this = actionClass.getPrepareMethod())
}
}

19
java/ql/src/semmle/code/java/frameworks/struts/StrutsAnnotations.qll
Просмотреть файл

@ -13,15 +13,12 @@ class StrutsAnnotation extends Annotation {
* A struts annotation that signifies the annotated method should be treated as an action.
*/
class StrutsActionAnnotation extends StrutsAnnotation {
StrutsActionAnnotation() {
this.getType().hasName("Action")
}
StrutsActionAnnotation() { this.getType().hasName("Action") }
Callable getActionCallable() {
result = getAnnotatedElement() or
exists(StrutsActionsAnnotation actions |
this = actions.getAnAction()
|
result = getAnnotatedElement()
or
exists(StrutsActionsAnnotation actions | this = actions.getAnAction() |
result = actions.getAnnotatedElement()
)
}
@ -31,14 +28,10 @@ class StrutsActionAnnotation extends StrutsAnnotation {
* A struts annotation that represents a group of actions for the annotated method.
*/
class StrutsActionsAnnotation extends StrutsAnnotation {
StrutsActionsAnnotation() {
this.getType().hasName("Actions")
}
StrutsActionsAnnotation() { this.getType().hasName("Actions") }
/**
* Gets an Action annotation contained in this Actions annotation.
*/
StrutsActionAnnotation getAnAction() {
result = this.getAValue("value")
}
StrutsActionAnnotation getAnAction() { result = this.getAValue("value") }
}

37
java/ql/src/semmle/code/java/frameworks/struts/StrutsConventions.qll
Просмотреть файл

@ -25,7 +25,7 @@ private Folder getSourceFolder(CompilationUnit compilationUnit) {
exists(string relativePath, string fullPath |
relativePath = compilationUnit.getPackage().getName().replaceAll(".", "/") and
fullPath = compilationUnit.getFile().getParentContainer().getAbsolutePath()
|
|
result.getAbsolutePath() = fullPath.prefix(fullPath.length() - relativePath.length() - 1)
)
}
@ -33,7 +33,7 @@ private Folder getSourceFolder(CompilationUnit compilationUnit) {
private predicate strutsConventionAnnotationUsedInFolder(Folder f) {
exists(Annotation a |
a.getType().getPackage().hasName("org.apache.struts2.convention.annotation")
|
|
getSourceFolder(a.getAnnotatedElement().getCompilationUnit()) = f
)
}
@ -50,13 +50,16 @@ private predicate strutsConventionAnnotationUsedInFolder(Folder f) {
*/
private predicate isStrutsConventionPluginUsed(RefType refType) {
// A convention annotation is used within the same source folder as this RefType.
strutsConventionAnnotationUsedInFolder(getSourceFolder(refType.getCompilationUnit())) or
strutsConventionAnnotationUsedInFolder(getSourceFolder(refType.getCompilationUnit()))
or
// The struts configuration file for this file sets a convention property
getRootXMLFile(refType).getAConstant().getName().matches("struts.convention%") or
getRootXMLFile(refType).getAConstant().getName().matches("struts.convention%")
or
// We've found the POM for this RefType, and it includes a dependency on the convention plugin
exists(Pom pom |
pom.getASourceRefType() = refType and
pom.getADependency() instanceof Struts2ConventionDependency)
pom.getADependency() instanceof Struts2ConventionDependency
)
}
/**
@ -69,8 +72,9 @@ StrutsXMLFile getRootXMLFile(RefType refType) {
exists(StrutsFolder strutsFolder |
strutsFolder = refType.getFile().getParentContainer*() and
strutsFolder.isUnique()
|
result = strutsFolder.getAStrutsRootFile())
|
result = strutsFolder.getAStrutsRootFile()
)
}
/**
@ -79,10 +83,9 @@ StrutsXMLFile getRootXMLFile(RefType refType) {
* If no configuration is supplied, or identified, the default is "Action".
*/
private string getConventionSuffix(RefType refType) {
if exists(getRootXMLFile(refType).getConstantValue("struts.convention.action.suffix")) then
result = getRootXMLFile(refType).getConstantValue("struts.convention.action.suffix")
else
result = "Action"
if exists(getRootXMLFile(refType).getConstantValue("struts.convention.action.suffix"))
then result = getRootXMLFile(refType).getConstantValue("struts.convention.action.suffix")
else result = "Action"
}
/**
@ -116,12 +119,12 @@ class Struts2ConventionActionClass extends Class {
*/
Method getAnActionMethod() {
this.inherits(result) and
// Default mapping
(
result.hasName("execute") or
exists(StrutsActionAnnotation actionAnnotation |
result = actionAnnotation.getActionCallable()
)
// Default mapping
(
result.hasName("execute") or
exists(StrutsActionAnnotation actionAnnotation |
result = actionAnnotation.getActionCallable()
)
)
}
}

94
java/ql/src/semmle/code/java/frameworks/struts/StrutsXML.qll
Просмотреть файл

@ -4,9 +4,7 @@ import semmle.code.xml.XML
/**
* Holds if any struts XML files are included in this snapshot.
*/
predicate isStrutsXMLIncluded() {
exists(StrutsXMLFile strutsXML)
}
predicate isStrutsXMLIncluded() { exists(StrutsXMLFile strutsXML) }
/**
* A struts 2 configuration file.
@ -21,42 +19,30 @@ abstract class StrutsXMLFile extends XMLFile {
/**
* Gets a "root" struts configuration file that includes this file.
*/
StrutsRootXMLFile getARoot() {
result.getAnIncludedFile() = this
}
StrutsRootXMLFile getARoot() { result.getAnIncludedFile() = this }
/**
* Gets a directly included file.
*/
StrutsXMLFile getADirectlyIncludedFile() {
exists(StrutsXMLInclude include |
include.getFile() = this
|
result = include.getIncludedFile()
)
exists(StrutsXMLInclude include | include.getFile() = this | result = include.getIncludedFile())
}
/**
* Gets a transitively included file.
*/
StrutsXMLFile getAnIncludedFile() {
result = getADirectlyIncludedFile*()
}
StrutsXMLFile getAnIncludedFile() { result = getADirectlyIncludedFile*() }
/**
* Gets a `<constant>` defined in this file, or an included file.
*/
StrutsXMLConstant getAConstant() {
result.getFile() = getAnIncludedFile()
}
StrutsXMLConstant getAConstant() { result.getFile() = getAnIncludedFile() }
/**
* Gets the value of the constant with the given `name`.
*/
string getConstantValue(string name) {
exists(StrutsXMLConstant constant |
constant = getAConstant()
|
exists(StrutsXMLConstant constant | constant = getAConstant() |
constant.getConstantName() = name and
result = constant.getConstantValue()
)
@ -79,11 +65,7 @@ class StrutsRootXMLFile extends StrutsXMLFile {
* A Struts 2 configuration XML file included, directly or indirectly, by a root Struts configuration.
*/
class StrutsIncludedXMLFile extends StrutsXMLFile {
StrutsIncludedXMLFile() {
exists(StrutsXMLInclude include |
this = include.getIncludedFile()
)
}
StrutsIncludedXMLFile() { exists(StrutsXMLInclude include | this = include.getIncludedFile()) }
}
/**
@ -91,9 +73,7 @@ class StrutsIncludedXMLFile extends StrutsXMLFile {
*/
class StrutsFolder extends Folder {
StrutsFolder() {
exists(Container c |
c = getAChildContainer()
|
exists(Container c | c = getAChildContainer() |
c instanceof StrutsFolder or
c instanceof StrutsXMLFile
)
@ -102,9 +82,7 @@ class StrutsFolder extends Folder {
/**
* Holds if this folder has a unique Struts root configuration file.
*/
predicate isUnique() {
count(getAStrutsRootFile()) = 1
}
predicate isUnique() { count(getAStrutsRootFile()) = 1 }
/**
* Gets a struts root configuration that applies to this folder.
@ -119,16 +97,12 @@ class StrutsFolder extends Folder {
* An XML element in a `StrutsXMLFile`.
*/
class StrutsXMLElement extends XMLElement {
StrutsXMLElement() {
this.getFile() instanceof StrutsXMLFile
}
StrutsXMLElement() { this.getFile() instanceof StrutsXMLFile }
/**
* Gets the value for this element, with leading and trailing whitespace trimmed.
*/
string getValue() {
result = allCharactersString().trim()
}
string getValue() { result = allCharactersString().trim() }
}
/**
@ -138,9 +112,7 @@ class StrutsXMLElement extends XMLElement {
* configuration. The file is looked up using the classpath.
*/
class StrutsXMLInclude extends StrutsXMLElement {
StrutsXMLInclude() {
this.getName() = "include"
}
StrutsXMLInclude() { this.getName() = "include" }
/**
* Gets the XMLFile that we believe is included by this include statement.
@ -149,9 +121,7 @@ class StrutsXMLInclude extends StrutsXMLElement {
* potentially be included.
*/
XMLFile getIncludedFile() {
exists(string file |
file = getAttribute("file").getValue()
|
exists(string file | file = getAttribute("file").getValue() |
result.getAbsolutePath().matches("%" + escapeForMatch(file))
)
}
@ -161,9 +131,7 @@ class StrutsXMLInclude extends StrutsXMLElement {
* Escape a string for use as the matcher in a string.match(..) call.
*/
bindingset[s]
private string escapeForMatch(string s) {
result = s.replaceAll("%", "\\%").replaceAll("_", "\\_")
}
private string escapeForMatch(string s) { result = s.replaceAll("%", "\\%").replaceAll("_", "\\_") }
/**
* Struts 2 wildcard matching.
@ -174,19 +142,16 @@ private string escapeForMatch(string s) {
*/
bindingset[matches, wildcardstring]
private predicate strutsWildcardMatching(string matches, string wildcardstring) {
if (wildcardstring.matches("%{%}%")) then
matches.matches(escapeForMatch(wildcardstring).regexpReplaceAll("\\{[0-9]\\}", "%"))
else
matches = wildcardstring
if (wildcardstring.matches("%{%}%"))
then matches.matches(escapeForMatch(wildcardstring).regexpReplaceAll("\\{[0-9]\\}", "%"))
else matches = wildcardstring
}
/**
* A `<action>` element within a `struts.xml` file.
*/
class StrutsXMLAction extends StrutsXMLElement {
StrutsXMLAction() {
this.getName() = "action"
}
StrutsXMLAction() { this.getName() = "action" }
/**
* Gets the `Class` that is referenced by this Struts action.
@ -195,9 +160,7 @@ class StrutsXMLAction extends StrutsXMLElement {
strutsWildcardMatching(result.getQualifiedName(), getAttribute("class").getValue())
}
string getMethodName() {
result = getAttribute("method").getValue()
}
string getMethodName() { result = getAttribute("method").getValue() }
/**
* Gets the `Method` which is referenced by this action.
@ -206,10 +169,9 @@ class StrutsXMLAction extends StrutsXMLElement {
*/
Method getActionMethod() {
getActionClass().inherits(result) and
if (exists(getMethodName())) then
strutsWildcardMatching(result.getName(), getMethodName())
else
result.hasName("execute")
if (exists(getMethodName()))
then strutsWildcardMatching(result.getName(), getMethodName())
else result.hasName("execute")
}
}
@ -217,15 +179,9 @@ class StrutsXMLAction extends StrutsXMLElement {
* A `<constant>` property, representing a configuration parameter to struts.
*/
class StrutsXMLConstant extends StrutsXMLElement {
StrutsXMLConstant() {
getName() = "constant"
}
StrutsXMLConstant() { getName() = "constant" }
string getConstantName() {
result = getAttribute("name").getValue()
}
string getConstantName() { result = getAttribute("name").getValue() }
string getConstantValue() {
result = getAttribute("value").getValue()
}
string getConstantValue() { result = getAttribute("value").getValue() }
}