From 0510b0c82552cc4d3eb85e093349113b47ea2de0 Mon Sep 17 00:00:00 2001 From: Chris Smowton Date: Thu, 5 Oct 2023 09:54:34 +0100 Subject: [PATCH 1/5] Java: restrict test to source methods Otherwise it finds standard library methods that depend on stdlib internals as to what happens to get extracted. In particular the extractor bump to JDK21 led to MethodHandles being in scope and a new method being found; seems better to avoid considering the standard library at all. --- java/ql/test/library-tests/sensitive-actions/test.expected | 2 -- java/ql/test/library-tests/sensitive-actions/test.ql | 2 +- 2 files changed, 1 insertion(+), 3 deletions(-) diff --git a/java/ql/test/library-tests/sensitive-actions/test.expected b/java/ql/test/library-tests/sensitive-actions/test.expected index ea02eacb73b3..118286cb7de9 100644 --- a/java/ql/test/library-tests/sensitive-actions/test.expected +++ b/java/ql/test/library-tests/sensitive-actions/test.expected @@ -67,5 +67,3 @@ sensitiveDataMethod | Test.java:37:18:37:31 | aaCryptAccntaa | | Test.java:39:18:39:33 | aaCryptTrustedaa | | Test.java:41:18:41:40 | aaCryptRefreshaaTokenaa | -| file:///modules/java.base/java/lang/invoke/MemberName.class:0:0:0:0 | isTrustedFinalField | -| file:///modules/java.base/java/lang/reflect/Field.class:0:0:0:0 | isTrustedFinal | diff --git a/java/ql/test/library-tests/sensitive-actions/test.ql b/java/ql/test/library-tests/sensitive-actions/test.ql index 517d5d86fe4d..0d3420eb1af7 100644 --- a/java/ql/test/library-tests/sensitive-actions/test.ql +++ b/java/ql/test/library-tests/sensitive-actions/test.ql @@ -9,4 +9,4 @@ query predicate sensitiveVariable(Variable v) { v.getName().regexpMatch(getCommonSensitiveInfoRegex()) } -query predicate sensitiveDataMethod(SensitiveDataMethod m) { any() } +query predicate sensitiveDataMethod(SensitiveDataMethod m) { m.fromSource() } From 8f985e00452135b916443be4600f7b864bdc065e Mon Sep 17 00:00:00 2001 From: Chris Smowton Date: Thu, 5 Oct 2023 10:08:27 +0100 Subject: [PATCH 2/5] Java: restrict test to source classes --- java/ql/test/library-tests/types/record-classes/RecordClasses.ql | 1 + 1 file changed, 1 insertion(+) diff --git a/java/ql/test/library-tests/types/record-classes/RecordClasses.ql b/java/ql/test/library-tests/types/record-classes/RecordClasses.ql index ecc9f5e957c2..71ac31d6031b 100644 --- a/java/ql/test/library-tests/types/record-classes/RecordClasses.ql +++ b/java/ql/test/library-tests/types/record-classes/RecordClasses.ql @@ -2,6 +2,7 @@ import java from Record r, boolean isFinal, boolean isStatic, string superTypes where + r.fromSource() and (if r.isFinal() then isFinal = true else isFinal = false) and (if r.isStatic() then isStatic = true else isStatic = false) and superTypes = concat(RefType superType | superType = r.getASupertype() | superType.toString(), ",") From 7fbba3a65903c218d790f65831a6e403d157868c Mon Sep 17 00:00:00 2001 From: Chris Smowton Date: Thu, 5 Oct 2023 11:40:31 +0100 Subject: [PATCH 3/5] Java: adapt stub to ExecutorService change in JDK19 --- .../sshd/common/util/threads/CloseableExecutorService.java | 2 ++ 1 file changed, 2 insertions(+) diff --git a/java/ql/test/stubs/apache-mina-sshd-2.8.0/org/apache/sshd/common/util/threads/CloseableExecutorService.java b/java/ql/test/stubs/apache-mina-sshd-2.8.0/org/apache/sshd/common/util/threads/CloseableExecutorService.java index ac65788f3c86..406ee6185442 100644 --- a/java/ql/test/stubs/apache-mina-sshd-2.8.0/org/apache/sshd/common/util/threads/CloseableExecutorService.java +++ b/java/ql/test/stubs/apache-mina-sshd-2.8.0/org/apache/sshd/common/util/threads/CloseableExecutorService.java @@ -9,4 +9,6 @@ public interface CloseableExecutorService extends Closeable, ExecutorService { default boolean awaitTermination(Duration p0){ return false; } + + default void close() { } } From bd77f572f13da795cd9bbcb597d41fa748532578 Mon Sep 17 00:00:00 2001 From: Chris Smowton Date: Mon, 16 Oct 2023 21:54:09 +0100 Subject: [PATCH 4/5] Compile collections test for Java 11 --- .../ql/test/library-tests/frameworks/apache-collections/options | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/java/ql/test/library-tests/frameworks/apache-collections/options b/java/ql/test/library-tests/frameworks/apache-collections/options index 7b0b8433220e..694c0bfe00dd 100644 --- a/java/ql/test/library-tests/frameworks/apache-collections/options +++ b/java/ql/test/library-tests/frameworks/apache-collections/options @@ -1 +1 @@ -//semmle-extractor-options: --javac-args -cp ${testdir}/../../../stubs/apache-commons-collections4-4.4 \ No newline at end of file +//semmle-extractor-options: --javac-args -cp ${testdir}/../../../stubs/apache-commons-collections4-4.4 --release 11 From 3145c53a19447d17ae20e0f9d95ce68878202c38 Mon Sep 17 00:00:00 2001 From: Chris Smowton Date: Mon, 16 Oct 2023 22:00:41 +0100 Subject: [PATCH 5/5] Accept test changes for JDK21 --- .../java-kotlin-collection-type-generic-methods/test.expected | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/java/ql/test/kotlin/library-tests/java-kotlin-collection-type-generic-methods/test.expected b/java/ql/test/kotlin/library-tests/java-kotlin-collection-type-generic-methods/test.expected index f3f148ff2157..4ccb82a3d0dd 100644 --- a/java/ql/test/kotlin/library-tests/java-kotlin-collection-type-generic-methods/test.expected +++ b/java/ql/test/kotlin/library-tests/java-kotlin-collection-type-generic-methods/test.expected @@ -165,6 +165,8 @@ methodWithDuplicate | List | add | int | | List | addAll | Collection | | List | addAll | int | +| List | addFirst | E | +| List | addLast | E | | List | contains | Object | | List | containsAll | Collection | | List | copyOf | Collection | @@ -213,6 +215,8 @@ methodWithDuplicate | List | add | int | | List | addAll | Collection | | List | addAll | int | +| List | addFirst | String | +| List | addLast | String | | List | contains | Object | | List | containsAll | Collection | | List | copyOf | Collection |