hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 01:03:14 +01:00
Code Issues Packages Projects Releases Wiki Activity

Java: Update test expectations

Browse Source
This commit is contained in:
Tom Hvitved
2023-02-17 09:39:26 +01:00
parent 37fc8f5039
commit 0bceefc930
9 changed files with 46 additions and 46 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
java/ql/test/library-tests/frameworks/apache-commons-lang3/StrBuilderTest.java
View File

@@ -145,7 +145,7 @@ class StrBuilderTest {
// Test all fluent methods are passing taint through to their result:
StrBuilder fluentAllMethodsTest = new StrBuilder(taint());
sink(fluentAllMethodsTest // $hasTaintFlow
sink(fluentAllMethodsTest
.append("text")
.appendAll("text")
.appendFixedWidthPadLeft("text", 4, ' ')
@@ -171,7 +171,7 @@ class StrBuilderTest {
.setLength(500)
.setNewLineText("newline")
.setNullText("NULL")
.trim());
.trim()); // $hasTaintFlow
// Test all fluent methods are passing taint back to their qualifier:
StrBuilder fluentAllMethodsTest2 = new StrBuilder();

4
java/ql/test/library-tests/frameworks/apache-commons-lang3/StrBuilderTextTest.java
View File

@@ -145,7 +145,7 @@ class StrBuilderTextTest {
// Test all fluent methods are passing taint through to their result:
StrBuilder fluentAllMethodsTest = new StrBuilder(taint());
sink(fluentAllMethodsTest // $hasTaintFlow
sink(fluentAllMethodsTest
.append("text")
.appendAll("text")
.appendFixedWidthPadLeft("text", 4, ' ')
@@ -171,7 +171,7 @@ class StrBuilderTextTest {
.setLength(500)
.setNewLineText("newline")
.setNullText("NULL")
.trim());
.trim()); // $hasTaintFlow
// Test all fluent methods are passing taint back to their qualifier:
StrBuilder fluentAllMethodsTest2 = new StrBuilder();

4
java/ql/test/library-tests/frameworks/apache-commons-lang3/TextStringBuilderTest.java
View File

@@ -146,7 +146,7 @@ class TextStringBuilderTest {
// Test all fluent methods are passing taint through to their result:
TextStringBuilder fluentAllMethodsTest = new TextStringBuilder(taint());
sink(fluentAllMethodsTest // $hasTaintFlow
sink(fluentAllMethodsTest
.append("text")
.appendAll("text")
.appendFixedWidthPadLeft("text", 4, ' ')
@@ -172,7 +172,7 @@ class TextStringBuilderTest {
.setLength(500)
.setNewLineText("newline")
.setNullText("NULL")
.trim());
.trim()); // $hasTaintFlow
// Test all fluent methods are passing taint back to their qualifier:
TextStringBuilder fluentAllMethodsTest2 = new TextStringBuilder();

4
java/ql/test/query-tests/security/CWE-079/semmle/tests/JsfXSS.java
View File

@@ -24,9 +24,9 @@ public class JsfXSS extends Renderer
ResponseWriter writer = facesContext.getResponseWriter();
writer.write("<script type=\"text/javascript\">");
writer.write("(function(){");
writer.write("dswh.init('" + windowId + "','" // $xss
writer.write("dswh.init('" + windowId + "','"
+ "......" + "',"
+ -1 + ",{");
+ -1 + ",{"); // $xss
writer.write("});");
writer.write("})();");
writer.write("</script>");

4
java/ql/test/query-tests/security/CWE-489/debuggable-attribute/AndroidManifest.xml
View File

@@ -3,7 +3,7 @@
xmlns:tools="http://schemas.android.com/tools"
package="com.example.happybirthday">
<!-- $ hasDebuggableAttributeEnabled --> <application
<application
android:debuggable="true"
android:allowBackup="true"
android:dataExtractionRules="@xml/data_extraction_rules"
@@ -13,7 +13,7 @@
android:roundIcon="@mipmap/ic_launcher_round"
android:supportsRtl="true"
android:theme="@style/Theme.HappyBirthday"
tools:targetApi="31">
tools:targetApi="31"> <!-- $ hasDebuggableAttributeEnabled -->
<activity
android:name=".MainActivity"
android:exported="true">

4
java/ql/test/query-tests/security/CWE-489/debuggable-attribute/Testbuild/AndroidManifest.xml
View File

@@ -3,7 +3,7 @@
xmlns:tools="http://schemas.android.com/tools"
package="com.example.happybirthday">
<!-- Safe: manifest file located in build directory --> <application
<application
android:debuggable="true"
android:allowBackup="true"
android:dataExtractionRules="@xml/data_extraction_rules"
@@ -13,7 +13,7 @@
android:roundIcon="@mipmap/ic_launcher_round"
android:supportsRtl="true"
android:theme="@style/Theme.HappyBirthday"
tools:targetApi="31">
tools:targetApi="31"> <!-- Safe: manifest file located in build directory -->
<activity
android:name=".MainActivity"
android:exported="true">

12
java/ql/test/query-tests/security/CWE-524/res/layout/Test.xml
View File

@@ -4,9 +4,9 @@
xmlns:app="http://schemas.android.com/apk/res-auto">
<!-- $hasResult --> <EditText
<EditText
android:id="@+id/test1_password"
android:inputType="text"/>
android:inputType="text"/> <!-- $hasResult -->
<EditText
android:id="@+id/test2_safe"
@@ -20,12 +20,12 @@
android:id="@+id/test4_password"
android:inputType="textPassword"/>
<!-- $hasResult --> <EditText
<EditText
android:id="@+id/test5_bank_account_name"
android:inputType="textMultiLine"/>
android:inputType="textMultiLine"/> <!-- $hasResult -->
<!-- $hasResult --> <EditText
android:id="@+id/test6_password"/>
<EditText
android:id="@+id/test6_password"/> <!-- $hasResult -->
<EditText
android:id="@+id/test7_password"/>

48
java/ql/test/query-tests/security/CWE-926/AndroidManifest.xml
View File

@@ -14,58 +14,58 @@
android:theme="@style/Theme.HappyBirthday"
tools:targetApi="31">
<!-- $ hasImplicitExport --> <activity
<activity
android:name=".Activity">
<intent-filter>
<action android:name="android.intent.action.VIEW" />
</intent-filter>
</activity>
</activity> <!-- $ hasImplicitExport -->
<!-- $ hasImplicitExport --> <receiver
<receiver
android:name=".CheckInstall">
<intent-filter>
<action android:name="android.intent.action.PACKAGE_INSTALL"/>
</intent-filter>
</receiver>
</receiver> <!-- $ hasImplicitExport -->
<!-- $ hasImplicitExport --> <service
<service
android:name=".backgroundService">
<intent-filter>
<action android:name="android.intent.action.START_BACKGROUND"/>
</intent-filter>
</service>
</service> <!-- $ hasImplicitExport -->
<!-- $ hasImplicitExport --> <provider
<provider
android:name=".MyCloudProvider">
<intent-filter>
<action android:name="android.intent.action.DOCUMENTS_PROVIDER"/>
</intent-filter>
</provider>
</provider> <!-- $ hasImplicitExport -->
<!-- Safe: 'android:exported' explicitly set --> <activity
<activity
android:name=".Activity"
android:exported="true">
<intent-filter>
<action android:name="android.intent.action.VIEW" />
</intent-filter>
</activity>
</activity> <!-- Safe: 'android:exported' explicitly set -->
<!-- Safe: no intent filter --> <activity
<activity
android:name=".Activity">
</activity>
</activity> <!-- Safe: no intent filter -->
<!-- Safe: has 'permission' attribute --> <activity
<activity
android:name=".Activity"
android:permission=".Test">
<intent-filter>
<action android:name="android.intent.action.VIEW" />
</intent-filter>
</activity>
</activity> <!-- Safe: has 'permission' attribute -->
<!-- Safe: 'provider' with read and write permissions set --> <provider
<provider
android:name=".MyCloudProvider"
android:readPermission=".TestRead"
android:writePermission=".TestWrite">
@@ -73,41 +73,41 @@
<action android:name="android.intent.action.DOCUMENTS_PROVIDER"/>
</intent-filter>
</provider>
</provider> <!-- Safe: 'provider' with read and write permissions set -->
<!-- $ hasImplicitExport --> <provider
<provider
android:name=".MyCloudProvider"
android:readPermission=".TestRead">
<intent-filter>
<action android:name="android.intent.action.DOCUMENTS_PROVIDER"/>
</intent-filter>
</provider>
</provider> <!-- $ hasImplicitExport -->
<!-- $ hasImplicitExport --> <provider
<provider
android:name=".MyCloudProvider"
android:writePermission=".TestWrite">
<intent-filter>
<action android:name="android.intent.action.DOCUMENTS_PROVIDER"/>
</intent-filter>
</provider>
</provider> <!-- $ hasImplicitExport -->
<!-- Safe: has category 'android.intent.category.LAUNCHER' --> <activity
<activity
android:name=".Activity">
<intent-filter>
<action android:name="android.intent.action.MAIN" />
<category android:name="android.intent.category.LAUNCHER" />
</intent-filter>
</activity>
</activity> <!-- Safe: has category 'android.intent.category.LAUNCHER' -->
<!-- Safe: has action 'android.intent.category.MAIN' --> <activity
<activity
android:name=".Activity">
<intent-filter>
<action android:name="android.intent.action.MAIN" />
</intent-filter>
</activity>
</activity> <!-- Safe: has action 'android.intent.category.MAIN' -->
</application>

8
java/ql/test/query-tests/security/CWE-926/incomplete_provider_permissions/AndroidManifest.xml
View File

@@ -17,22 +17,22 @@
<!-- Read Only -->
<!-- $ hasIncompletePermissions --><provider
<provider
android:name=".MyContentProviderRO"
android:authorities="table"
android:enabled="true"
android:exported="true"
android:readPermission="android.permission.MANAGE_DOCUMENTS"></provider>
android:readPermission="android.permission.MANAGE_DOCUMENTS"></provider><!-- $ hasIncompletePermissions -->
<!-- Write Only -->
<!-- $ hasIncompletePermissions --> <provider
<provider
android:name=".MyContentProviderWO"
android:authorities="table"
android:enabled="true"
android:exported="true"
android:writePermission="android.permission.MANAGE_DOCUMENTS"></provider>
android:writePermission="android.permission.MANAGE_DOCUMENTS"></provider><!-- $ hasIncompletePermissions -->
<!-- Full -->