Skip to content

Java: model java.util.Collections#3869

Merged
aibaars merged 6 commits into
github:masterfrom
aibaars:util-collections
Jul 3, 2020
Merged

Java: model java.util.Collections#3869
aibaars merged 6 commits into
github:masterfrom
aibaars:util-collections

Conversation

@aibaars

@aibaars aibaars commented Jul 2, 2020

Copy link
Copy Markdown
Contributor

Add taint flow steps for java.util.Collections.

Comment thread java/ql/src/semmle/code/java/dataflow/internal/ContainerFlow.qll Outdated
Comment thread java/ql/src/semmle/code/java/dataflow/internal/ContainerFlow.qll Outdated
@aschackmull

Copy link
Copy Markdown
Contributor

LGTM. We should run a differences job to check for performance issues and result changes.

@aibaars

aibaars commented Jul 2, 2020

Copy link
Copy Markdown
Contributor Author

@intrigus-lgtm intrigus-lgtm left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ignore this please.

@aibaars aibaars marked this pull request as ready for review July 2, 2020 16:22
@aibaars aibaars requested a review from a team as a code owner July 2, 2020 16:22
@Marcono1234

Marcono1234 commented Jul 2, 2020

Copy link
Copy Markdown
Contributor

Would it make sense to cover java.lang.reflect.Array as well (given that you included predicates for Arrays)?

Edit: Apparently that is not part of this pull request anymore

@aibaars

aibaars commented Jul 2, 2020

Copy link
Copy Markdown
Contributor Author

Would it make sense to cover java.lang.reflect.Array as well (given that you included predicates for Arrays)?

Edit: Apparently that is not part of this pull request anymore

Apologies, I had accidentally included some unrelated commits on the branch.

@Marcono1234

Copy link
Copy Markdown
Contributor

Not directly related to the java.util.Collections class, but would it make sense to cover the unmodifiable collection factory methods added in Java 9 & 10 as well? Or should this be a separate GitHub issue?

Comment thread java/ql/src/semmle/code/java/dataflow/internal/ContainerFlow.qll Outdated
@aschackmull

Copy link
Copy Markdown
Contributor

Also, the differences job looks fine - a few additional results and no noticeable change in performance.

@aibaars

aibaars commented Jul 3, 2020

Copy link
Copy Markdown
Contributor Author

Not directly related to the java.util.Collections class, but would it make sense to cover the unmodifiable collection factory methods added in Java 9 & 10 as well? Or should this be a separate GitHub issue?

Thanks, I'll make a new PR for those methods.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

4 participants