From f09eb67af0e6d74bdd4255a255f53085521c7a13 Mon Sep 17 00:00:00 2001
From: Anders Schack-Mulligen <schack@semmle.com>
Date: Fri, 7 Dec 2018 16:18:32 +0100
Subject: [PATCH] Java: Add org.apache.commons.lang3.StringUtils.isBlank as a
 nullguard.

---
 .../semmle/code/java/dataflow/NullGuards.qll  | 49 +++++++++++--------
 1 file changed, 29 insertions(+), 20 deletions(-)

diff --git a/java/ql/src/semmle/code/java/dataflow/NullGuards.qll b/java/ql/src/semmle/code/java/dataflow/NullGuards.qll
index a8d0c194d19a..bb946fc88f67 100644
--- a/java/ql/src/semmle/code/java/dataflow/NullGuards.qll
+++ b/java/ql/src/semmle/code/java/dataflow/NullGuards.qll
@@ -94,6 +94,34 @@ Expr clearlyNotNullExpr() { result = clearlyNotNullExpr(_) }
 /** Holds if `v` is an SSA variable that is provably not `null`. */
 predicate clearlyNotNull(SsaVariable v) { clearlyNotNull(v, _) }
 
+/**
+ * Holds if the evaluation of a call to `m` resulting in the value `branch`
+ * implies that the argument to the call is guaranteed to be null if `isnull`
+ * is true, and non-null if `isnull` is false.
+ */
+predicate nullCheckMethod(Method m, boolean branch, boolean isnull) {
+  exists(boolean polarity |
+    m.getDeclaringType().hasQualifiedName("java.util", "Objects") and
+    (
+      m.hasName("isNull") and polarity = true
+      or
+      m.hasName("nonNull") and polarity = false
+    ) and
+    (
+      branch = true and isnull = polarity
+      or
+      branch = false and isnull = polarity.booleanNot()
+    )
+  )
+  or
+  m instanceof EqualsMethod and branch = true and isnull = false
+  or
+  m.getDeclaringType().hasQualifiedName("org.apache.commons.lang3", "StringUtils") and
+  m.hasName("isBlank") and
+  branch = false and
+  isnull = false
+}
+
 /**
  * Gets an expression that directly tests whether a given expression, `e`, is null or not.
  *
@@ -114,29 +142,10 @@ Expr basicNullGuard(Expr e, boolean branch, boolean isnull) {
   or
   result.(InstanceOfExpr).getExpr() = e and branch = true and isnull = false
   or
-  exists(MethodAccess call, Method m, boolean polarity |
-    call = result and
-    call.getAnArgument() = e and
-    call.getMethod() = m and
-    m.getDeclaringType().hasQualifiedName("java.util", "Objects") and
-    (
-      m.hasName("isNull") and polarity = true
-      or
-      m.hasName("nonNull") and polarity = false
-    ) and
-    (
-      branch = true and isnull = polarity
-      or
-      branch = false and isnull = polarity.booleanNot()
-    )
-  )
-  or
   exists(MethodAccess call |
     call = result and
     call.getAnArgument() = e and
-    call.getMethod() instanceof EqualsMethod and
-    branch = true and
-    isnull = false
+    nullCheckMethod(call.getMethod(), branch, isnull)
   )
   or
   exists(EqualityTest eqtest |