Java: Add org.apache.commons.lang3.StringUtils.isBlank as a nullguard.

2018-12-07 16:18:32 +01:00 · 2018-12-07 16:18:32 +01:00 · f09eb67af0
--- a/java/ql/src/semmle/code/java/dataflow/NullGuards.qll
+++ b/java/ql/src/semmle/code/java/dataflow/NullGuards.qll
@ -94,6 +94,34 @@ Expr clearlyNotNullExpr() { result = clearlyNotNullExpr(_) }
 /** Holds if `v` is an SSA variable that is provably not `null`. */
 predicate clearlyNotNull(SsaVariable v) { clearlyNotNull(v, _) }

+/**
+ * Holds if the evaluation of a call to `m` resulting in the value `branch`
+ * implies that the argument to the call is guaranteed to be null if `isnull`
+ * is true, and non-null if `isnull` is false.
+ */
+predicate nullCheckMethod(Method m, boolean branch, boolean isnull) {
+  exists(boolean polarity |
+    m.getDeclaringType().hasQualifiedName("java.util", "Objects") and
+    (
+      m.hasName("isNull") and polarity = true
+      or
+      m.hasName("nonNull") and polarity = false
+    ) and
+    (
+      branch = true and isnull = polarity
+      or
+      branch = false and isnull = polarity.booleanNot()
+    )
+  )
+  or
+  m instanceof EqualsMethod and branch = true and isnull = false
+  or
+  m.getDeclaringType().hasQualifiedName("org.apache.commons.lang3", "StringUtils") and
+  m.hasName("isBlank") and
+  branch = false and
+  isnull = false
+}
+
 /**
 * Gets an expression that directly tests whether a given expression, `e`, is null or not.
 *
@ -114,29 +142,10 @@ Expr basicNullGuard(Expr e, boolean branch, boolean isnull) {
  or
  result.(InstanceOfExpr).getExpr() = e and branch = true and isnull = false
  or
-  exists(MethodAccess call, Method m, boolean polarity |
-    call = result and
-    call.getAnArgument() = e and
-    call.getMethod() = m and
-    m.getDeclaringType().hasQualifiedName("java.util", "Objects") and
-    (
-      m.hasName("isNull") and polarity = true
-      or
-      m.hasName("nonNull") and polarity = false
-    ) and
-    (
-      branch = true and isnull = polarity
-      or
-      branch = false and isnull = polarity.booleanNot()
-    )
-  )
-  or
  exists(MethodAccess call |
    call = result and
    call.getAnArgument() = e and
-    call.getMethod() instanceof EqualsMethod and
-    branch = true and
-    isnull = false
+    nullCheckMethod(call.getMethod(), branch, isnull)
  )
  or
  exists(EqualityTest eqtest |