Exclude test directories of typical build tools

luchua-bc · luchua-bc · commit e916ce8b9bcc · 2021-02-18T00:50:38.000Z
diff --git a/java/ql/src/experimental/Security/CWE/CWE-489/ServletMain.ql b/java/ql/src/experimental/Security/CWE/CWE-489/ServletMain.ql
@@ -42,7 +42,8 @@ class ServletMainMethod extends Method {
     this.getNumberOfParameters() = 1 and
     this.getParameter(0).getType() instanceof Array and
     not this.getDeclaringType().getName().toLowerCase().matches("%test%") and // Simple check to exclude test classes to reduce FPs
-    not this.getDeclaringType().getPackage().getName().toLowerCase().matches("%test%") // Simple check to exclude classes in test packages to reduce FPs
+    not this.getDeclaringType().getPackage().getName().toLowerCase().matches("%test%") and // Simple check to exclude classes in test packages to reduce FPs
+    not exists(this.getLocation().getFile().getAbsolutePath().indexOf("/src/test/java")) //  Match test directory structure of build tools like maven
   }
 }
 

Original file line number	Diff line number	Diff line change
`@@ -42,7 +42,8 @@ class ServletMainMethod extends Method {`
`42`	`42`	`this.getNumberOfParameters() = 1 and`
`43`	`43`	`this.getParameter(0).getType() instanceof Array and`
`44`	`44`	`not this.getDeclaringType().getName().toLowerCase().matches("%test%") and // Simple check to exclude test classes to reduce FPs`
`45`		`- not this.getDeclaringType().getPackage().getName().toLowerCase().matches("%test%") // Simple check to exclude classes in test packages to reduce FPs`
	`45`	`+ not this.getDeclaringType().getPackage().getName().toLowerCase().matches("%test%") and // Simple check to exclude classes in test packages to reduce FPs`
	`46`	`+ not exists(this.getLocation().getFile().getAbsolutePath().indexOf("/src/test/java")) // Match test directory structure of build tools like maven`
`46`	`47`	`}`
`47`	`48`	`}`
`48`	`49`