Apply suggestions from code review

owen-mc · web-flow · commit f598027cbd30 · 2025-11-12T15:02:42.000Z
diff --git a/java/ql/lib/ext/jakarta.servlet.http.model.yml b/java/ql/lib/ext/jakarta.servlet.http.model.yml
@@ -8,8 +8,8 @@ extensions:
       - ["jakarta.servlet.http", "Part", True, "getName", "()", "", "ReturnValue", "remote", "manual"]
       - ["jakarta.servlet.http", "Part", True, "getContentType", "()", "", "ReturnValue", "remote", "manual"]
       - ["jakarta.servlet.http", "Part", True, "getHeader", "(String)", "", "ReturnValue", "remote", "manual"]
-      - ["jakarta.servlet.http", "Part", True, "getHeaders", "(String)", "", "ReturnValue", "remote", "manual"]
       - ["jakarta.servlet.http", "Part", True, "getHeaderNames", "()", "", "ReturnValue", "remote", "manual"]
+      - ["jakarta.servlet.http", "Part", True, "getHeaders", "(String)", "", "ReturnValue", "remote", "manual"]
       - ["jakarta.servlet.http", "Part", True, "getSubmittedFileName", "()", "", "ReturnValue", "remote", "manual"]
       - ["jakarta.servlet.http", "HttpServletRequest", False, "getHeader", "(String)", "", "ReturnValue", "remote", "manual"]
       - ["jakarta.servlet.http", "HttpServletRequest", False, "getHeaderNames", "()", "", "ReturnValue", "remote", "manual"]
diff --git a/java/ql/lib/ext/javax.servlet.http.model.yml b/java/ql/lib/ext/javax.servlet.http.model.yml
@@ -19,13 +19,13 @@ extensions:
       - ["javax.servlet.http", "HttpServletRequest", False, "getRequestURI", "()", "", "ReturnValue", "remote", "manual"]
       - ["javax.servlet.http", "HttpServletRequest", False, "getRequestURL", "()", "", "ReturnValue", "remote", "manual"]
       - ["javax.servlet.http", "HttpServletRequest", False, "getServletPath", "()", "", "ReturnValue", "remote", "manual"]
-      - ["javax.servlet.http", "Part", False, "getInputStream", "()", "", "ReturnValue", "remote", "manual"]
-      - ["javax.servlet.http", "Part", False, "getName", "()", "", "ReturnValue", "remote", "manual"]
       - ["javax.servlet.http", "Part", False, "getContentType", "()", "", "ReturnValue", "remote", "manual"]
       - ["javax.servlet.http", "Part", False, "getHeader", "(String)", "", "ReturnValue", "remote", "manual"]
-      - ["javax.servlet.http", "Part", False, "getSubmittedFileName", "()", "", "ReturnValue", "remote", "manual"]
-      - ["javax.servlet.http", "Part", False, "getHeaders", "(String)", "", "ReturnValue", "remote", "manual"]
       - ["javax.servlet.http", "Part", False, "getHeaderNames", "()", "", "ReturnValue", "remote", "manual"]
+      - ["javax.servlet.http", "Part", False, "getHeaders", "(String)", "", "ReturnValue", "remote", "manual"]
+      - ["javax.servlet.http", "Part", False, "getInputStream", "()", "", "ReturnValue", "remote", "manual"]
+      - ["javax.servlet.http", "Part", False, "getName", "()", "", "ReturnValue", "remote", "manual"]
+      - ["javax.servlet.http", "Part", False, "getSubmittedFileName", "()", "", "ReturnValue", "remote", "manual"]
 
 
   - addsTo:
diff --git a/java/ql/lib/ext/org.apache.commons.fileupload.model.yml b/java/ql/lib/ext/org.apache.commons.fileupload.model.yml
@@ -8,7 +8,7 @@ extensions:
       - ["org.apache.commons.fileupload", "FileItem", True, "getContentType", "()", "", "ReturnValue", "remote", "manual"]
       - ["org.apache.commons.fileupload", "FileItem", True, "getString", "()", "", "ReturnValue", "remote", "manual"]
       - ["org.apache.commons.fileupload", "FileItem", True, "getName", "()", "", "ReturnValue", "remote", "manual"]
-      - ["org.apache.commons.fileupload", "FileItem", True, "getName", "(String)", "", "ReturnValue", "remote", "manual"]
+      - ["org.apache.commons.fileupload", "FileItem", True, "getString "(String)", "", "ReturnValue", "remote", "manual"]
       - ["org.apache.commons.fileupload", "FileItem", True, "get", "()", "", "ReturnValue", "remote", "manual"]
       - ["org.apache.commons.fileupload", "FileItemStream", True, "getContentType", "()", "", "ReturnValue", "remote", "manual"]
       - ["org.apache.commons.fileupload", "FileItemStream", True, "getFieldName", "()", "", "ReturnValue", "remote", "manual"]
diff --git a/java/ql/test/library-tests/dataflow/taintsources/FileUpload.java b/java/ql/test/library-tests/dataflow/taintsources/FileUpload.java
@@ -28,10 +28,13 @@ public void test() throws Exception {
         sink(fileItem.get());            // $ hasRemoteValueFlow
         sink(fileItem.getString());      // $ hasRemoteValueFlow
         sink(fileItem.getContentType()); // $ hasRemoteValueFlow
+        sink(fileItem.getFieldName());        // $ hasRemoteValueFlow
+        sink(fileItem.getInputStream());        // $ hasRemoteValueFlow
         sink(fileItem.getName());        // $ hasRemoteValueFlow
 
         sink(fileItemStream.getFieldName()); // $ hasRemoteValueFlow
         sink(fileItemStream.getName()); // $ hasRemoteValueFlow
+        sink(fileItemStream.getContentType()); // $ hasRemoteValueFlow
         sink(fileItemStream.openStream()); // $ hasRemoteValueFlow
 
         sink(jakartaPart.getContentType());  // $ hasRemoteValueFlow
