Merge pull request #5273 from intrigus-lgtm/java/unify-main-method-check

aschackmull · web-flow · commit 37baf77b93f1 · 2021-03-01T09:05:28.000+01:00
Java: Remove duplicate code.
diff --git a/java/ql/src/experimental/Security/CWE/CWE-489/EJBMain.ql b/java/ql/src/experimental/Security/CWE/CWE-489/EJBMain.ql
@@ -9,13 +9,13 @@
 
 import java
 import semmle.code.java.J2EE
-import MainLib
+import TestLib
 
 /** The `main` method in an Enterprise Java Bean. */
 class EnterpriseBeanMainMethod extends Method {
   EnterpriseBeanMainMethod() {
     this.getDeclaringType() instanceof EnterpriseBean and
-    isMainMethod(this) and
+    this instanceof MainMethod and
     not isTestMethod(this)
   }
 }
diff --git a/java/ql/src/experimental/Security/CWE/CWE-489/TestLib.qll b/java/ql/src/experimental/Security/CWE/CWE-489/TestLib.qll
@@ -1,17 +1,7 @@
-/** Definitions related to the main method in a test program. */
+/** Definitions related to test methods. */
 
 import java
 
-/** Holds if `m` is the main method of a Java class with the signature `public static void main(String[] args)`. */
-predicate isMainMethod(Method m) {
-  m.hasName("main") and
-  m.isStatic() and
-  m.getReturnType() instanceof VoidType and
-  m.isPublic() and
-  m.getNumberOfParameters() = 1 and
-  m.getParameter(0).getType() instanceof Array
-}
-
 /**
  * Holds if `m` is a test method indicated by:
  *    a) in a test directory such as `src/test/java`
diff --git a/java/ql/src/experimental/Security/CWE/CWE-489/WebComponentMain.ql b/java/ql/src/experimental/Security/CWE/CWE-489/WebComponentMain.ql
@@ -9,7 +9,7 @@
 
 import java
 import semmle.code.java.frameworks.Servlets
-import MainLib
+import TestLib
 
 /** The java type `javax.servlet.Filter`. */
 class ServletFilterClass extends Class {
@@ -48,7 +48,7 @@ class WebComponentMainMethod extends Method {
           .getASupertype+()
           .hasQualifiedName("org.springframework.webflow.execution", "Action") // Spring actions
     ) and
-    isMainMethod(this) and
+    this instanceof MainMethod and
     not isTestMethod(this)
   }
 }

Original file line number	Diff line number	Diff line change
`@@ -9,13 +9,13 @@`
`9`	`9`
`10`	`10`	`import java`
`11`	`11`	`import semmle.code.java.J2EE`
`12`		`-import MainLib`
	`12`	`+import TestLib`
`13`	`13`
`14`	`14`	/** The `main` method in an Enterprise Java Bean. */
`15`	`15`	`class EnterpriseBeanMainMethod extends Method {`
`16`	`16`	`EnterpriseBeanMainMethod() {`
`17`	`17`	`this.getDeclaringType() instanceof EnterpriseBean and`
`18`		`- isMainMethod(this) and`
	`18`	`+ this instanceof MainMethod and`
`19`	`19`	`not isTestMethod(this)`
`20`	`20`	`}`
`21`	`21`	`}`