hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-02 12:15:17 +02:00
Code Issues Packages Projects Releases Wiki Activity

Java: fix 'matches' false branch

Browse Source
This commit is contained in:
Jami Cogswell
2025-03-17 18:48:44 -04:00
parent 49d37c517d
commit 0d2e9ae469
2 changed files with 24 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
java/ql/test/library-tests/pathsanitizer/Test.java
View File

@@ -684,16 +684,33 @@ public class Test {
// branch = false
{
String source = (String) source();
if (source.matches(".*[\\./\\\\].*")) {
sink(source); // $ hasTaintFlow
} else {
sink(source); // Safe
}
}
{
String source = (String) source();
if (source.matches(".+[\\./\\\\].+")) {
sink(source); // $ hasTaintFlow
} else {
sink(source); // Safe
}
}
{
String source = (String) source();
// does not match whole string
if (source.matches("[\\./\\\\]+")) {
sink(source); // $ hasTaintFlow
} else {
sink(source); // $ Safe
sink(source); // $ hasTaintFlow
}
}
{
String source = (String) source();
// not a complete sanitizer since it doesn't protect against absolute path injection
if (source.matches("[\\.]+")) {
if (source.matches(".+[\\.].+")) {
sink(source); // $ hasTaintFlow
} else {
sink(source); // $ hasTaintFlow