From 2ff57d7c8abbb4a4143d580c278e7e6fd5884198 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jack=20N=C3=B8rskov=20J=C3=B8rgensen?= Date: Tue, 5 May 2026 10:34:54 +0200 Subject: [PATCH 1/2] Enable local threat-model by default --- shared/threat-models/ext/supported-threat-models.model.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/shared/threat-models/ext/supported-threat-models.model.yml b/shared/threat-models/ext/supported-threat-models.model.yml index 59589f50f386..65f2d01e195f 100644 --- a/shared/threat-models/ext/supported-threat-models.model.yml +++ b/shared/threat-models/ext/supported-threat-models.model.yml @@ -4,3 +4,4 @@ extensions: extensible: threatModelConfiguration data: - ["default", true, -2147483648] # The "default" threat model is included by default + - ["local", true, 0] From ae7f72d95042809ca265904a6116883944d5d1ac Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jack=20N=C3=B8rskov=20J=C3=B8rgensen?= Date: Tue, 5 May 2026 14:46:33 +0200 Subject: [PATCH 2/2] Add MaDs for Apache Avro --- .../org.apache.avro.file.model.yml | 35 +++++++++++++++++++ .../llmgenerator/org.apache.avro.io.model.yml | 8 +++++ .../org.apache.avro.message.model.yml | 20 +++++++++++ .../llmgenerator/org.apache.avro.model.yml | 21 +++++++++++ .../org.apache.avro.reflect.model.yml | 10 ++++++ .../org.apache.avro.specific.model.yml | 11 ++++++ 6 files changed, 105 insertions(+) create mode 100644 java/ql/lib/ext/generated/llmgenerator/org.apache.avro.file.model.yml create mode 100644 java/ql/lib/ext/generated/llmgenerator/org.apache.avro.io.model.yml create mode 100644 java/ql/lib/ext/generated/llmgenerator/org.apache.avro.message.model.yml create mode 100644 java/ql/lib/ext/generated/llmgenerator/org.apache.avro.model.yml create mode 100644 java/ql/lib/ext/generated/llmgenerator/org.apache.avro.reflect.model.yml create mode 100644 java/ql/lib/ext/generated/llmgenerator/org.apache.avro.specific.model.yml diff --git a/java/ql/lib/ext/generated/llmgenerator/org.apache.avro.file.model.yml b/java/ql/lib/ext/generated/llmgenerator/org.apache.avro.file.model.yml new file mode 100644 index 000000000000..5d46ebd48862 --- /dev/null +++ b/java/ql/lib/ext/generated/llmgenerator/org.apache.avro.file.model.yml @@ -0,0 +1,35 @@ +# THIS FILE IS AN AUTO-GENERATED MODELS AS DATA FILE. DO NOT EDIT. +# Generated from https://github.com/apache/avro.git#64ac2975ec26c59a322d5d110c300741792424f4 by codeql-mads-via-llm +extensions: + - addsTo: + pack: codeql/java-all + extensible: sinkModel + data: + - ["org.apache.avro.file", "DataFileReader", True, "DataFileReader", "(File,DatumReader)", "", "Argument[0]", "path-injection", "ai-generated"] + - ["org.apache.avro.file", "DataFileReader", True, "openReader", "(File,DatumReader)", "", "Argument[0]", "path-injection", "ai-generated"] + - ["org.apache.avro.file", "DataFileWriter", True, "appendTo", "(File)", "", "Argument[0]", "path-injection", "ai-generated"] + - ["org.apache.avro.file", "DataFileWriter", True, "create", "(Schema,File)", "", "Argument[1]", "path-injection", "ai-generated"] + - ["org.apache.avro.file", "SeekableFileInput", True, "SeekableFileInput", "(File)", "", "Argument[0]", "path-injection", "ai-generated"] + - ["org.apache.avro.file", "SyncableFileOutputStream", True, "SyncableFileOutputStream", "(File)", "", "Argument[0]", "path-injection", "ai-generated"] + - ["org.apache.avro.file", "SyncableFileOutputStream", True, "SyncableFileOutputStream", "(File,boolean)", "", "Argument[0]", "path-injection", "ai-generated"] + - ["org.apache.avro.file", "SyncableFileOutputStream", True, "SyncableFileOutputStream", "(String)", "", "Argument[0]", "path-injection", "ai-generated"] + - ["org.apache.avro.file", "SyncableFileOutputStream", True, "SyncableFileOutputStream", "(String,boolean)", "", "Argument[0]", "path-injection", "ai-generated"] + - addsTo: + pack: codeql/java-all + extensible: sourceModel + data: + - ["org.apache.avro.file", "DataFileReader12", True, "getMeta", "(String)", "", "ReturnValue", "file", "ai-generated"] + - ["org.apache.avro.file", "DataFileReader12", True, "getMetaString", "(String)", "", "ReturnValue", "file", "ai-generated"] + - ["org.apache.avro.file", "DataFileReader12", True, "getSchema", "()", "", "ReturnValue", "file", "ai-generated"] + - ["org.apache.avro.file", "DataFileReader12", True, "iterator", "()", "", "ReturnValue", "file", "ai-generated"] + - ["org.apache.avro.file", "DataFileReader12", True, "next", "()", "", "ReturnValue", "file", "ai-generated"] + - ["org.apache.avro.file", "DataFileReader12", True, "next", "(Object)", "", "ReturnValue", "file", "ai-generated"] + - ["org.apache.avro.file", "DataFileStream", True, "getMeta", "(String)", "", "ReturnValue", "file", "ai-generated"] + - ["org.apache.avro.file", "DataFileStream", True, "getMetaKeys", "()", "", "ReturnValue", "file", "ai-generated"] + - ["org.apache.avro.file", "DataFileStream", True, "getMetaString", "(String)", "", "ReturnValue", "file", "ai-generated"] + - ["org.apache.avro.file", "DataFileStream", True, "iterator", "()", "", "ReturnValue", "file", "ai-generated"] + - ["org.apache.avro.file", "DataFileStream", True, "next", "()", "", "ReturnValue", "file", "ai-generated"] + - ["org.apache.avro.file", "DataFileStream", True, "next", "(Object)", "", "ReturnValue", "file", "ai-generated"] + - ["org.apache.avro.file", "DataFileStream", True, "nextBlock", "()", "", "ReturnValue", "file", "ai-generated"] + - ["org.apache.avro.file", "FileReader", True, "next", "(Object)", "", "ReturnValue", "file", "ai-generated"] + - ["org.apache.avro.file", "SeekableInput", True, "read", "(byte[],int,int)", "", "Argument[0]", "file", "ai-generated"] diff --git a/java/ql/lib/ext/generated/llmgenerator/org.apache.avro.io.model.yml b/java/ql/lib/ext/generated/llmgenerator/org.apache.avro.io.model.yml new file mode 100644 index 000000000000..7114a74d7ea6 --- /dev/null +++ b/java/ql/lib/ext/generated/llmgenerator/org.apache.avro.io.model.yml @@ -0,0 +1,8 @@ +# THIS FILE IS AN AUTO-GENERATED MODELS AS DATA FILE. DO NOT EDIT. +# Generated from https://github.com/apache/avro.git#64ac2975ec26c59a322d5d110c300741792424f4 by codeql-mads-via-llm +extensions: + - addsTo: + pack: codeql/java-all + extensible: sinkModel + data: + - ["org.apache.avro.io", "DatumReader", True, "read", "(Object,Decoder)", "", "Argument[1]", "unsafe-deserialization", "ai-generated"] diff --git a/java/ql/lib/ext/generated/llmgenerator/org.apache.avro.message.model.yml b/java/ql/lib/ext/generated/llmgenerator/org.apache.avro.message.model.yml new file mode 100644 index 000000000000..3ee4552539e1 --- /dev/null +++ b/java/ql/lib/ext/generated/llmgenerator/org.apache.avro.message.model.yml @@ -0,0 +1,20 @@ +# THIS FILE IS AN AUTO-GENERATED MODELS AS DATA FILE. DO NOT EDIT. +# Generated from https://github.com/apache/avro.git#64ac2975ec26c59a322d5d110c300741792424f4 by codeql-mads-via-llm +extensions: + - addsTo: + pack: codeql/java-all + extensible: sinkModel + data: + - ["org.apache.avro.message", "BinaryMessageDecoder", True, "decode", "(InputStream,Object)", "", "Argument[0]", "unsafe-deserialization", "ai-generated"] + - ["org.apache.avro.message", "MessageDecoder", True, "decode", "(ByteBuffer)", "", "Argument[0]", "unsafe-deserialization", "ai-generated"] + - ["org.apache.avro.message", "MessageDecoder", True, "decode", "(ByteBuffer,Object)", "", "Argument[0]", "unsafe-deserialization", "ai-generated"] + - ["org.apache.avro.message", "MessageDecoder", True, "decode", "(InputStream)", "", "Argument[0]", "unsafe-deserialization", "ai-generated"] + - ["org.apache.avro.message", "MessageDecoder", True, "decode", "(InputStream,Object)", "", "Argument[0]", "unsafe-deserialization", "ai-generated"] + - ["org.apache.avro.message", "MessageDecoder", True, "decode", "(byte[])", "", "Argument[0]", "unsafe-deserialization", "ai-generated"] + - ["org.apache.avro.message", "MessageDecoder", True, "decode", "(byte[],Object)", "", "Argument[0]", "unsafe-deserialization", "ai-generated"] + - ["org.apache.avro.message", "MessageDecoder$BaseDecoder", True, "decode", "(ByteBuffer)", "", "Argument[0]", "unsafe-deserialization", "ai-generated"] + - ["org.apache.avro.message", "MessageDecoder$BaseDecoder", True, "decode", "(ByteBuffer,Object)", "", "Argument[0]", "unsafe-deserialization", "ai-generated"] + - ["org.apache.avro.message", "MessageDecoder$BaseDecoder", True, "decode", "(InputStream)", "", "Argument[0]", "unsafe-deserialization", "ai-generated"] + - ["org.apache.avro.message", "MessageDecoder$BaseDecoder", True, "decode", "(byte[])", "", "Argument[0]", "unsafe-deserialization", "ai-generated"] + - ["org.apache.avro.message", "MessageDecoder$BaseDecoder", True, "decode", "(byte[],Object)", "", "Argument[0]", "unsafe-deserialization", "ai-generated"] + - ["org.apache.avro.message", "RawMessageDecoder", True, "decode", "(InputStream,Object)", "", "Argument[0]", "unsafe-deserialization", "ai-generated"] diff --git a/java/ql/lib/ext/generated/llmgenerator/org.apache.avro.model.yml b/java/ql/lib/ext/generated/llmgenerator/org.apache.avro.model.yml new file mode 100644 index 000000000000..79bd8917eca5 --- /dev/null +++ b/java/ql/lib/ext/generated/llmgenerator/org.apache.avro.model.yml @@ -0,0 +1,21 @@ +# THIS FILE IS AN AUTO-GENERATED MODELS AS DATA FILE. DO NOT EDIT. +# Generated from https://github.com/apache/avro.git#64ac2975ec26c59a322d5d110c300741792424f4 by codeql-mads-via-llm +extensions: + - addsTo: + pack: codeql/java-all + extensible: sinkModel + data: + - ["org.apache.avro", "Protocol", True, "parse", "(File)", "", "Argument[0]", "path-injection", "ai-generated"] + - ["org.apache.avro", "Schema", True, "parse", "(File)", "", "Argument[0]", "path-injection", "ai-generated"] + - ["org.apache.avro", "Schema$Parser", True, "parse", "(File)", "", "Argument[0]", "path-injection", "ai-generated"] + - ["org.apache.avro", "SchemaParser", True, "parse", "(File)", "", "Argument[0]", "path-injection", "ai-generated"] + - ["org.apache.avro", "SchemaParser", True, "parse", "(File,Charset)", "", "Argument[0]", "path-injection", "ai-generated"] + - ["org.apache.avro", "SchemaParser", True, "parse", "(Path)", "", "Argument[0]", "path-injection", "ai-generated"] + - ["org.apache.avro", "SchemaParser", True, "parse", "(Path,Charset)", "", "Argument[0]", "path-injection", "ai-generated"] + - ["org.apache.avro", "SchemaParser", True, "parse", "(URI,Charset)", "", "Argument[0]", "request-forgery", "ai-generated"] + - addsTo: + pack: codeql/java-all + extensible: sourceModel + data: + - ["org.apache.avro", "Protocol", True, "parse", "(File)", "", "ReturnValue", "file", "ai-generated"] + - ["org.apache.avro", "Schema$Parser", True, "parse", "(File)", "", "ReturnValue", "file", "ai-generated"] diff --git a/java/ql/lib/ext/generated/llmgenerator/org.apache.avro.reflect.model.yml b/java/ql/lib/ext/generated/llmgenerator/org.apache.avro.reflect.model.yml new file mode 100644 index 000000000000..b6f9d0ba4269 --- /dev/null +++ b/java/ql/lib/ext/generated/llmgenerator/org.apache.avro.reflect.model.yml @@ -0,0 +1,10 @@ +# THIS FILE IS AN AUTO-GENERATED MODELS AS DATA FILE. DO NOT EDIT. +# Generated from https://github.com/apache/avro.git#64ac2975ec26c59a322d5d110c300741792424f4 by codeql-mads-via-llm +extensions: + - addsTo: + pack: codeql/java-all + extensible: sinkModel + data: + - ["org.apache.avro.reflect", "ReflectDatumReader", True, "read", "(Object,Schema,ResolvingDecoder)", "", "Argument[2]", "unsafe-deserialization", "ai-generated"] + - ["org.apache.avro.reflect", "ReflectDatumReader", True, "readArray", "(Object,Schema,ResolvingDecoder)", "", "Argument[2]", "unsafe-deserialization", "ai-generated"] + - ["org.apache.avro.reflect", "ReflectDatumReader", True, "readField", "(Object,Schema$Field,Object,ResolvingDecoder,Object)", "", "Argument[3]", "unsafe-deserialization", "ai-generated"] diff --git a/java/ql/lib/ext/generated/llmgenerator/org.apache.avro.specific.model.yml b/java/ql/lib/ext/generated/llmgenerator/org.apache.avro.specific.model.yml new file mode 100644 index 000000000000..ffa6ae6cb0d7 --- /dev/null +++ b/java/ql/lib/ext/generated/llmgenerator/org.apache.avro.specific.model.yml @@ -0,0 +1,11 @@ +# THIS FILE IS AN AUTO-GENERATED MODELS AS DATA FILE. DO NOT EDIT. +# Generated from https://github.com/apache/avro.git#64ac2975ec26c59a322d5d110c300741792424f4 by codeql-mads-via-llm +extensions: + - addsTo: + pack: codeql/java-all + extensible: sinkModel + data: + - ["org.apache.avro.specific", "SpecificDatumReader", True, "readField", "(Object,Schema$Field,Object,ResolvingDecoder,Object)", "", "Argument[3]", "unsafe-deserialization", "ai-generated"] + - ["org.apache.avro.specific", "SpecificDatumReader", True, "readRecord", "(Object,Schema,ResolvingDecoder)", "", "Argument[2]", "unsafe-deserialization", "ai-generated"] + - ["org.apache.avro.specific", "SpecificExceptionBase", True, "readExternal", "(ObjectInput)", "", "Argument[0]", "unsafe-deserialization", "ai-generated"] + - ["org.apache.avro.specific", "SpecificRecordBase", True, "readExternal", "(ObjectInput)", "", "Argument[0]", "unsafe-deserialization", "ai-generated"]