From 3cd737e40d43fe5108a2f5710bb733e2c37ce454 Mon Sep 17 00:00:00 2001 From: Kasper Svendsen Date: Thu, 18 Sep 2025 10:32:20 +0200 Subject: [PATCH 1/2] Overlay: Future-proof Java config discarding --- java/ql/lib/semmle/code/java/Overlay.qll | 20 +++++++++++--------- 1 file changed, 11 insertions(+), 9 deletions(-) diff --git a/java/ql/lib/semmle/code/java/Overlay.qll b/java/ql/lib/semmle/code/java/Overlay.qll index 1d1a3896ba71..27e8badc2336 100644 --- a/java/ql/lib/semmle/code/java/Overlay.qll +++ b/java/ql/lib/semmle/code/java/Overlay.qll @@ -73,22 +73,24 @@ private predicate discardReferableLocatable(@locatable el) { ) } +/** Gets the raw file for a configLocatable. */ overlay[local] -private predicate baseConfigLocatable(@configLocatable l) { not isOverlay() and exists(l) } +private string getRawFileForConfig(@configLocatable el) { + exists(@location loc, @file file | + configLocations(el, loc) and + locations_default(loc, file, _, _, _, _) and + files(file, result) + ) +} overlay[local] -private predicate overlayHasConfigLocatables() { - isOverlay() and - exists(@configLocatable el) +private string baseConfigLocatable(@configLocatable el) { + not isOverlay() and result = getRawFileForConfig(el) } overlay[discard_entity] private predicate discardBaseConfigLocatable(@configLocatable el) { - // The properties extractor is currently not incremental, so if - // the overlay contains any config locatables, the overlay should - // contain a full extraction and all config locatables from base - // should be discarded. - baseConfigLocatable(el) and overlayHasConfigLocatables() + overlayChangedFiles(baseConfigLocatable(el)) } overlay[local] From dbb9a26f78938a5ddd4763d56e9c7cdb54f204c5 Mon Sep 17 00:00:00 2001 From: Kasper Svendsen Date: Thu, 18 Sep 2025 10:35:11 +0200 Subject: [PATCH 2/2] Overlay: Future-proof Java XML discarding --- java/ql/lib/semmle/code/java/Overlay.qll | 22 +--------------------- java/ql/lib/semmle/code/xml/XML.qll | 11 +++++++++++ 2 files changed, 12 insertions(+), 21 deletions(-) diff --git a/java/ql/lib/semmle/code/java/Overlay.qll b/java/ql/lib/semmle/code/java/Overlay.qll index 27e8badc2336..0f6033d87b3d 100644 --- a/java/ql/lib/semmle/code/java/Overlay.qll +++ b/java/ql/lib/semmle/code/java/Overlay.qll @@ -18,7 +18,7 @@ predicate isOverlay() { databaseMetadata("isOverlay", "true") } overlay[local] string getRawFile(@locatable el) { exists(@location loc, @file file | - hasLocation(el, loc) and + (hasLocation(el, loc) or xmllocations(el, loc)) and locations_default(loc, file, _, _, _, _) and files(file, result) ) @@ -92,23 +92,3 @@ overlay[discard_entity] private predicate discardBaseConfigLocatable(@configLocatable el) { overlayChangedFiles(baseConfigLocatable(el)) } - -overlay[local] -private predicate baseXmlLocatable(@xmllocatable l) { - not isOverlay() and not files(l, _) and not xmlNs(l, _, _, _) -} - -overlay[local] -private predicate overlayHasXmlLocatable() { - isOverlay() and - exists(@xmllocatable l | not files(l, _) and not xmlNs(l, _, _, _)) -} - -overlay[discard_entity] -private predicate discardBaseXmlLocatable(@xmllocatable el) { - // The XML extractor is currently not incremental, so if - // the overlay contains any XML locatables, the overlay should - // contain a full extraction and all XML locatables from base - // should be discarded. - baseXmlLocatable(el) and overlayHasXmlLocatable() -} diff --git a/java/ql/lib/semmle/code/xml/XML.qll b/java/ql/lib/semmle/code/xml/XML.qll index e4073362fc6f..cd00991eb65c 100644 --- a/java/ql/lib/semmle/code/xml/XML.qll +++ b/java/ql/lib/semmle/code/xml/XML.qll @@ -6,6 +6,7 @@ module; import semmle.files.FileSystem private import codeql.xml.Xml +private import semmle.code.java.Overlay private module Input implements InputSig { class XmlLocatableBase = @xmllocatable or @xmlnamespaceable; @@ -69,3 +70,13 @@ private module Input implements InputSig { } import Make + +private class DiscardableXmlAttribute extends DiscardableLocatable, @xmlattribute { } + +private class DiscardableXmlElement extends DiscardableLocatable, @xmlelement { } + +private class DiscardableXmlComment extends DiscardableLocatable, @xmlcomment { } + +private class DiscardableXmlCharacters extends DiscardableLocatable, @xmlcharacters { } + +private class DiscardableXmlDtd extends DiscardableLocatable, @xmldtd { }