github
diff --git a/‎java/ql/lib/semmle/code/java/Annotation.qll‎
Lines changed: 52 additions & 17 deletions b/‎java/ql/lib/semmle/code/java/Annotation.qll‎
Lines changed: 52 additions & 17 deletions
diff --git a/‎java/ql/test/library-tests/annotations/Annotatable.expected‎
Lines changed: 101 additions & 0 deletions b/‎java/ql/test/library-tests/annotations/Annotatable.expected‎
Lines changed: 101 additions & 0 deletions
@@ -66,6 +66,16 @@ class Annotation extends @annotation, Expr {
    */
   Expr getValue(string name) { filteredAnnotValue(this, this.getAnnotationElement(name), result) }
 
+  /**
+   * Gets the value of the annotation element, if its type is not an array.
+   * This guarantees that for consistency even elements of type array with a
+   * single value have no result, to prevent accidental error-prone usage.
+   */
+  private Expr getNonArrayValue(string name) {
+    result = this.getValue(name) and
+    not this.getAnnotationElement(name).getType() instanceof Array
+  }
+
   /**
    * If the value type of the annotation element with the specified `name` is an enum type,
    * gets the enum constant used as value for that element. This includes default values in
@@ -74,7 +84,7 @@ class Annotation extends @annotation, Expr {
    * If the element value type is an enum type array, use `getAnEnumConstantArrayValue`.
    */
   EnumConstant getEnumConstantValue(string name) {
-    result = this.getValue(name).(FieldRead).getField()
+    result = this.getNonArrayValue(name).(FieldRead).getField()
   }
 
   /**
@@ -87,20 +97,23 @@ class Annotation extends @annotation, Expr {
   string getStringValue(string name) {
     // Uses CompileTimeConstantExpr instead of StringLiteral because this can for example
     // be a read from a final variable as well.
-    result = this.getValue(name).(CompileTimeConstantExpr).getStringValue()
+    result = this.getNonArrayValue(name).(CompileTimeConstantExpr).getStringValue()
   }
 
   /**
-   * If the value type of the annotation element with the specified `name` is `int`,
-   * gets the int value used for that element. This includes default values in case no
-   * explicit value is specified.
+   * If the value type of the annotation element with the specified `name` is `int` or
+   * a smaller integral type or `char`, gets the int value used for that element.
+   * This includes default values in case no explicit value is specified.
    *
-   * If the element value type is an `int` array, use `getAnIntArrayValue`.
+   * If the element value type is an `int` array or an array of a smaller integral
+   * type or `char`, use `getAnIntArrayValue`.
    */
   int getIntValue(string name) {
     // Uses CompileTimeConstantExpr instead of IntegerLiteral because this can for example
     // be a read from a final variable as well.
-    result = this.getValue(name).(CompileTimeConstantExpr).getIntValue()
+    result = this.getNonArrayValue(name).(CompileTimeConstantExpr).getIntValue() and
+    // Verify that type is integral; ignore floating point elements with IntegerLiteral as value
+    this.getAnnotationElement(name).getType().hasName(["byte", "short", "int", "char"])
   }
 
   /**
@@ -111,7 +124,7 @@ class Annotation extends @annotation, Expr {
   boolean getBooleanValue(string name) {
     // Uses CompileTimeConstantExpr instead of BooleanLiteral because this can for example
     // be a read from a final variable as well.
-    result = this.getValue(name).(CompileTimeConstantExpr).getBooleanValue()
+    result = this.getNonArrayValue(name).(CompileTimeConstantExpr).getBooleanValue()
   }
 
   /**
@@ -121,7 +134,9 @@ class Annotation extends @annotation, Expr {
    *
    * If the element value type is a `Class` array, use `getATypeArrayValue`.
    */
-  Type getTypeValue(string name) { result = this.getValue(name).(TypeLiteral).getReferencedType() }
+  Type getTypeValue(string name) {
+    result = this.getNonArrayValue(name).(TypeLiteral).getReferencedType()
+  }
 
   /** Gets the element being annotated. */
   Element getTarget() { result = this.getAnnotatedElement() }
@@ -169,13 +184,16 @@ class Annotation extends @annotation, Expr {
 
   /**
    * Gets a value of the annotation element with the specified `name`, which must be declared as an `int`
-   * array. This includes default values in case no explicit value is specified.
+   * array or an array of a smaller integral type or `char`. This includes default values in case no
+   * explicit value is specified.
    *
    * If the annotation element is defined with an array initializer, then the result will be one of the
    * elements of that array. Otherwise, the result will be the single expression used as value.
    */
   int getAnIntArrayValue(string name) {
-    result = this.getAnArrayValue(name).(CompileTimeConstantExpr).getIntValue()
+    result = this.getAnArrayValue(name).(CompileTimeConstantExpr).getIntValue() and
+    // Verify that type is integral; ignore floating point elements with IntegerLiteral as value
+    this.getAnnotationElement(name).getType().hasName(["byte[]", "short[]", "int[]", "char[]"])
   }
 
   /**
@@ -194,14 +212,16 @@ class Annotation extends @annotation, Expr {
    * declared as an array type. This includes default values in case no explicit value is specified.
    *
    * If the annotation element is defined with an array initializer, then the result will be the element
-   * at the given index of that array. Otherwise, the result will be the single expression defined for
-   * the value and the `index` will be 0.
+   * at the given index of that array, starting at 0. Otherwise, the result will be the single expression
+   * defined for the value and the `index` will be 0.
    */
   Expr getArrayValue(string name, int index) {
     this.getType().getAnnotationElement(name).getType() instanceof Array and
     exists(Expr value | value = this.getValue(name) |
       if value instanceof ArrayInit
-      then result = value.(ArrayInit).getInit(index)
+      then
+        // TODO: Currently reports incorrect index values in some cases, see https://github.com/github/codeql/issues/8645
+        result = value.(ArrayInit).getInit(index)
       else (
         index = 0 and result = value
       )
@@ -234,15 +254,21 @@ private predicate sourceAnnotValue(Annotation a, Method m, Expr val) {
 
 /** An abstract representation of language elements that can be annotated. */
 class Annotatable extends Element {
-  /** Holds if this element has an annotation, including inherited annotations. */
+  /**
+   * Holds if this element has an annotation, including inherited annotations.
+   * The retention policy of the annotation type is not considered.
+   */
   predicate hasAnnotation() { exists(this.getAnAnnotation()) }
 
-  /** Holds if this element has a declared annotation, excluding inherited annotations. */
+  /**
+   * Holds if this element has a declared annotation, excluding inherited annotations.
+   * The retention policy of the annotation type is not considered.
+   */
   predicate hasDeclaredAnnotation() { exists(this.getADeclaredAnnotation()) }
 
   /**
    * Holds if this element has the specified annotation, including inherited
-   * annotations.
+   * annotations. The retention policy of the annotation type is not considered.
    */
   predicate hasAnnotation(string package, string name) {
     exists(AnnotationType at | at = this.getAnAnnotation().getType() |
@@ -254,6 +280,7 @@ class Annotatable extends Element {
    * Gets an annotation that applies to this element, including inherited annotations.
    * The results only include _direct_ annotations; _indirect_ annotations, that is
    * repeated annotations in an (implicit) container annotation, are not included.
+   * The retention policy of the annotation type is not considered.
    */
   cached
   Annotation getAnAnnotation() {
@@ -263,6 +290,7 @@ class Annotatable extends Element {
 
   /**
    * Gets an annotation that is declared on this element, excluding inherited annotations.
+   * The retention policy of the annotation type is not considered.
    */
   Annotation getADeclaredAnnotation() { result.getAnnotatedElement() = this }
 
@@ -302,6 +330,8 @@ class Annotatable extends Element {
    * - An annotation indirectly present on this element (in the form of a repeated annotation), or
    * - If an annotation of a type is neither directly nor indirectly present
    *   the result is an associated inherited annotation (recursively)
+   *
+   * The retention policy of the annotation type is not considered.
    */
   Annotation getAnAssociatedAnnotation() { result = this.getAnAssociatedAnnotation(_) }
 
@@ -320,6 +350,11 @@ class Annotatable extends Element {
     or
     this.(NestedClass).getEnclosingType().suppressesWarningsAbout(category)
     or
+    this.(LocalClassOrInterface)
+        .getLocalTypeDeclStmt()
+        .getEnclosingCallable()
+        .suppressesWarningsAbout(category)
+    or
     this.(LocalVariableDecl).getCallable().suppressesWarningsAbout(category)
   }
 }
 
@@ -0,0 +1,101 @@
+declaredAnnotation
+| Annotatable.java:8:16:8:40 | CustomInheritedAnnotation | Annotatable.java:7:5:7:14 | Inherited |
+| Annotatable.java:14:11:14:22 | WithDeclared | Annotatable.java:12:5:12:21 | CustomAnnotation |
+| Annotatable.java:14:11:14:22 | WithDeclared | Annotatable.java:13:5:13:38 | CustomInheritedAnnotation |
+| Annotatable.java:17:14:17:31 | methodWithDeclared | Annotatable.java:16:9:16:49 | CustomInheritedAnnotation |
+| Annotatable.java:22:14:22:31 | methodWithDeclared | Annotatable.java:21:9:21:17 | Override |
+| Annotatable.java:30:11:30:41 | SubclassDeclaringSameAnnotation | Annotatable.java:29:5:29:37 | CustomInheritedAnnotation |
+| Annotatable.java:35:15:35:35 | InterfaceWithDeclared | Annotatable.java:34:5:34:38 | CustomInheritedAnnotation |
+| Annotatable.java:47:16:47:35 | RepeatableAnnotation | Annotatable.java:46:5:46:42 | Repeatable |
+| Annotatable.java:52:16:52:43 | InheritedContainerAnnotation | Annotatable.java:51:5:51:14 | Inherited |
+| Annotatable.java:58:16:58:44 | InheritedRepeatableAnnotation | Annotatable.java:56:5:56:14 | Inherited |
+| Annotatable.java:58:16:58:44 | InheritedRepeatableAnnotation | Annotatable.java:57:5:57:51 | Repeatable |
+| Annotatable.java:63:16:63:44 | InheritedContainerAnnotation2 | Annotatable.java:62:5:62:14 | Inherited |
+| Annotatable.java:71:16:71:47 | NonInheritedRepeatableAnnotation | Annotatable.java:70:5:70:52 | Repeatable |
+| Annotatable.java:78:11:78:30 | WithAssociatedSingle | Annotatable.java:75:5:75:33 | RepeatableAnnotation |
+| Annotatable.java:78:11:78:30 | WithAssociatedSingle | Annotatable.java:76:5:76:42 | InheritedRepeatableAnnotation |
+| Annotatable.java:78:11:78:30 | WithAssociatedSingle | Annotatable.java:77:5:77:45 | NonInheritedRepeatableAnnotation |
+| Annotatable.java:86:11:86:30 | SubclassWithMultiple | Annotatable.class:0:0:0:0 | ContainerAnnotation |
+| Annotatable.java:86:11:86:30 | SubclassWithMultiple | Annotatable.class:0:0:0:0 | InheritedContainerAnnotation |
+| Annotatable.java:86:11:86:30 | SubclassWithMultiple | Annotatable.class:0:0:0:0 | InheritedContainerAnnotation2 |
+| Annotatable.java:92:11:92:44 | SubclassOfSingleWithEmptyContainer | Annotatable.java:90:5:90:37 | InheritedContainerAnnotation |
+| Annotatable.java:92:11:92:44 | SubclassOfSingleWithEmptyContainer | Annotatable.java:91:5:91:38 | InheritedContainerAnnotation2 |
+| Annotatable.java:98:15:98:37 | InterfaceWithAssociated | Annotatable.class:0:0:0:0 | InheritedContainerAnnotation |
+| Annotatable.java:113:11:113:32 | WithAssociatedMultiple | Annotatable.class:0:0:0:0 | ContainerAnnotation |
+| Annotatable.java:113:11:113:32 | WithAssociatedMultiple | Annotatable.class:0:0:0:0 | InheritedContainerAnnotation |
+| Annotatable.java:113:11:113:32 | WithAssociatedMultiple | Annotatable.class:0:0:0:0 | InheritedContainerAnnotation2 |
+| Annotatable.java:116:14:116:39 | methodWithAssociatedSingle | Annotatable.java:115:9:115:53 | InheritedRepeatableAnnotation |
+| Annotatable.java:121:14:121:33 | methodWithAssociated | Annotatable.class:0:0:0:0 | InheritedContainerAnnotation |
+| Annotatable.java:126:14:126:39 | methodWithAssociatedSingle | Annotatable.java:125:9:125:17 | Override |
+| Annotatable.java:129:14:129:33 | methodWithAssociated | Annotatable.java:128:9:128:17 | Override |
+| Annotatable.java:138:11:138:28 | SubclassWithSingle | Annotatable.java:135:5:135:34 | RepeatableAnnotation |
+| Annotatable.java:138:11:138:28 | SubclassWithSingle | Annotatable.java:136:5:136:43 | InheritedRepeatableAnnotation |
+| Annotatable.java:138:11:138:28 | SubclassWithSingle | Annotatable.java:137:5:137:46 | NonInheritedRepeatableAnnotation |
+| Annotatable.java:144:11:144:46 | SubclassOfMultipleWithEmptyContainer | Annotatable.java:142:5:142:37 | InheritedContainerAnnotation |
+| Annotatable.java:144:11:144:46 | SubclassOfMultipleWithEmptyContainer | Annotatable.java:143:5:143:38 | InheritedContainerAnnotation2 |
+| Annotatable.java:150:35:153:5 | {...} | Annotatable.java:151:9:151:53 | InheritedRepeatableAnnotation |
+| Annotatable.java:150:35:153:5 | {...} | Annotatable.java:152:9:152:53 | InheritedRepeatableAnnotation |
+| Annotatable.java:154:11:154:45 | ExplicitContainerAndSingleContained | Annotatable.java:148:5:148:44 | InheritedRepeatableAnnotation |
+| Annotatable.java:154:11:154:45 | ExplicitContainerAndSingleContained | Annotatable.java:150:5:153:6 | InheritedContainerAnnotation |
+| Annotatable.java:160:16:160:41 | NestedAnnotationContainer1 | Annotatable.java:159:5:159:14 | Inherited |
+| Annotatable.java:166:16:166:32 | NestedAnnotation1 | Annotatable.java:164:5:164:14 | Inherited |
+| Annotatable.java:166:16:166:32 | NestedAnnotation1 | Annotatable.java:165:5:165:49 | Repeatable |
+| Annotatable.java:172:16:172:32 | NestedAnnotation2 | Annotatable.java:170:5:170:14 | Inherited |
+| Annotatable.java:172:16:172:32 | NestedAnnotation2 | Annotatable.java:171:5:171:40 | Repeatable |
+| Annotatable.java:182:11:182:30 | WithNestedAssociated | Annotatable.class:0:0:0:0 | NestedAnnotationContainer1 |
+| Annotatable.java:182:11:182:30 | WithNestedAssociated | Annotatable.java:177:5:177:27 | NestedAnnotation2 |
+| Annotatable.java:189:11:189:48 | WithNestedAssociatedExplicitContainers | Annotatable.class:0:0:0:0 | NestedAnnotationContainer1 |
+annotationAdditional
+| Annotatable.java:20:11:20:18 | Subclass | Annotatable.java:13:5:13:38 | CustomInheritedAnnotation |
+| Annotatable.java:26:11:26:21 | SubSubclass | Annotatable.java:13:5:13:38 | CustomInheritedAnnotation |
+| Annotatable.java:86:11:86:30 | SubclassWithMultiple | Annotatable.java:76:5:76:42 | InheritedRepeatableAnnotation |
+| Annotatable.java:92:11:92:44 | SubclassOfSingleWithEmptyContainer | Annotatable.java:76:5:76:42 | InheritedRepeatableAnnotation |
+| Annotatable.java:124:11:124:32 | WithAssociatedSubclass | Annotatable.class:0:0:0:0 | InheritedContainerAnnotation |
+| Annotatable.java:124:11:124:32 | WithAssociatedSubclass | Annotatable.class:0:0:0:0 | InheritedContainerAnnotation2 |
+| Annotatable.java:133:11:133:35 | WithAssociatedSubSubclass | Annotatable.class:0:0:0:0 | InheritedContainerAnnotation |
+| Annotatable.java:133:11:133:35 | WithAssociatedSubSubclass | Annotatable.class:0:0:0:0 | InheritedContainerAnnotation2 |
+| Annotatable.java:138:11:138:28 | SubclassWithSingle | Annotatable.class:0:0:0:0 | InheritedContainerAnnotation |
+| Annotatable.java:138:11:138:28 | SubclassWithSingle | Annotatable.class:0:0:0:0 | InheritedContainerAnnotation2 |
+| Annotatable.java:156:11:156:35 | ExplicitContainerSubclass | Annotatable.java:148:5:148:44 | InheritedRepeatableAnnotation |
+| Annotatable.java:156:11:156:35 | ExplicitContainerSubclass | Annotatable.java:150:5:153:6 | InheritedContainerAnnotation |
+| Annotatable.java:184:11:184:38 | WithNestedAssociatedSubclass | Annotatable.class:0:0:0:0 | NestedAnnotationContainer1 |
+| Annotatable.java:184:11:184:38 | WithNestedAssociatedSubclass | Annotatable.java:177:5:177:27 | NestedAnnotation2 |
+| Annotatable.java:191:11:191:56 | WithNestedAssociatedExplicitContainersSubclass | Annotatable.class:0:0:0:0 | NestedAnnotationContainer1 |
+bugAnnotationAdditional
+associatedAnnotationAdditional
+| Annotatable.java:86:11:86:30 | SubclassWithMultiple | Annotatable.class:0:0:0:0 | InheritedRepeatableAnnotation |
+| Annotatable.java:86:11:86:30 | SubclassWithMultiple | Annotatable.class:0:0:0:0 | InheritedRepeatableAnnotation |
+| Annotatable.java:86:11:86:30 | SubclassWithMultiple | Annotatable.class:0:0:0:0 | NonInheritedRepeatableAnnotation |
+| Annotatable.java:86:11:86:30 | SubclassWithMultiple | Annotatable.class:0:0:0:0 | NonInheritedRepeatableAnnotation |
+| Annotatable.java:86:11:86:30 | SubclassWithMultiple | Annotatable.class:0:0:0:0 | RepeatableAnnotation |
+| Annotatable.java:86:11:86:30 | SubclassWithMultiple | Annotatable.class:0:0:0:0 | RepeatableAnnotation |
+| Annotatable.java:98:15:98:37 | InterfaceWithAssociated | Annotatable.class:0:0:0:0 | InheritedRepeatableAnnotation |
+| Annotatable.java:98:15:98:37 | InterfaceWithAssociated | Annotatable.class:0:0:0:0 | InheritedRepeatableAnnotation |
+| Annotatable.java:113:11:113:32 | WithAssociatedMultiple | Annotatable.class:0:0:0:0 | InheritedRepeatableAnnotation |
+| Annotatable.java:113:11:113:32 | WithAssociatedMultiple | Annotatable.class:0:0:0:0 | InheritedRepeatableAnnotation |
+| Annotatable.java:113:11:113:32 | WithAssociatedMultiple | Annotatable.class:0:0:0:0 | NonInheritedRepeatableAnnotation |
+| Annotatable.java:113:11:113:32 | WithAssociatedMultiple | Annotatable.class:0:0:0:0 | NonInheritedRepeatableAnnotation |
+| Annotatable.java:113:11:113:32 | WithAssociatedMultiple | Annotatable.class:0:0:0:0 | RepeatableAnnotation |
+| Annotatable.java:113:11:113:32 | WithAssociatedMultiple | Annotatable.class:0:0:0:0 | RepeatableAnnotation |
+| Annotatable.java:121:14:121:33 | methodWithAssociated | Annotatable.class:0:0:0:0 | InheritedRepeatableAnnotation |
+| Annotatable.java:121:14:121:33 | methodWithAssociated | Annotatable.class:0:0:0:0 | InheritedRepeatableAnnotation |
+| Annotatable.java:124:11:124:32 | WithAssociatedSubclass | Annotatable.class:0:0:0:0 | InheritedRepeatableAnnotation |
+| Annotatable.java:124:11:124:32 | WithAssociatedSubclass | Annotatable.class:0:0:0:0 | InheritedRepeatableAnnotation |
+| Annotatable.java:133:11:133:35 | WithAssociatedSubSubclass | Annotatable.class:0:0:0:0 | InheritedRepeatableAnnotation |
+| Annotatable.java:133:11:133:35 | WithAssociatedSubSubclass | Annotatable.class:0:0:0:0 | InheritedRepeatableAnnotation |
+| Annotatable.java:144:11:144:46 | SubclassOfMultipleWithEmptyContainer | Annotatable.class:0:0:0:0 | InheritedRepeatableAnnotation |
+| Annotatable.java:144:11:144:46 | SubclassOfMultipleWithEmptyContainer | Annotatable.class:0:0:0:0 | InheritedRepeatableAnnotation |
+| Annotatable.java:154:11:154:45 | ExplicitContainerAndSingleContained | Annotatable.java:151:9:151:53 | InheritedRepeatableAnnotation |
+| Annotatable.java:154:11:154:45 | ExplicitContainerAndSingleContained | Annotatable.java:152:9:152:53 | InheritedRepeatableAnnotation |
+| Annotatable.java:156:11:156:35 | ExplicitContainerSubclass | Annotatable.java:151:9:151:53 | InheritedRepeatableAnnotation |
+| Annotatable.java:156:11:156:35 | ExplicitContainerSubclass | Annotatable.java:152:9:152:53 | InheritedRepeatableAnnotation |
+| Annotatable.java:182:11:182:30 | WithNestedAssociated | Annotatable.class:0:0:0:0 | NestedAnnotation1 |
+| Annotatable.java:182:11:182:30 | WithNestedAssociated | Annotatable.class:0:0:0:0 | NestedAnnotation1 |
+| Annotatable.java:184:11:184:38 | WithNestedAssociatedSubclass | Annotatable.class:0:0:0:0 | NestedAnnotation1 |
+| Annotatable.java:184:11:184:38 | WithNestedAssociatedSubclass | Annotatable.class:0:0:0:0 | NestedAnnotation1 |
+| Annotatable.java:189:11:189:48 | WithNestedAssociatedExplicitContainers | Annotatable.class:0:0:0:0 | NestedAnnotation1 |
+| Annotatable.java:189:11:189:48 | WithNestedAssociatedExplicitContainers | Annotatable.class:0:0:0:0 | NestedAnnotation1 |
+| Annotatable.java:191:11:191:56 | WithNestedAssociatedExplicitContainersSubclass | Annotatable.class:0:0:0:0 | NestedAnnotation1 |
+| Annotatable.java:191:11:191:56 | WithNestedAssociatedExplicitContainersSubclass | Annotatable.class:0:0:0:0 | NestedAnnotation1 |
+associatedAnnotationNotInherited
+| Annotatable.java:86:11:86:30 | SubclassWithMultiple | Annotatable.java:76:5:76:42 | InheritedRepeatableAnnotation |