hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-04 21:25:44 +02:00
Code Issues Packages Projects Releases Wiki Activity

Address review comments

Browse Source
This commit is contained in:
Sauyon Lee
2021-08-17 12:45:47 -07:00
parent 390e48fdd2
commit 17cef3f498
2 changed files with 51 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

52
java/ql/test/library-tests/frameworks/spring/webutil/Test.java
View File

@@ -2441,14 +2441,6 @@ public class Test {
out = instance.getOriginatingRequestUri(in);
sink(out); // $hasTaintFlow
}
{
// "org.springframework.web.util;UrlPathHelper;false;getOriginatingServletPath;;;Argument[0];ReturnValue;taint"
String out = null;
HttpServletRequest in = (HttpServletRequest)source();
UrlPathHelper instance = null;
out = instance.getOriginatingServletPath(in);
sink(out); // $hasTaintFlow
}
{
// "org.springframework.web.util;UrlPathHelper;false;getRequestUri;;;Argument[0];ReturnValue;taint"
String out = null;
@@ -2621,6 +2613,50 @@ public class Test {
out = HtmlUtils.htmlEscapeHex(in);
sink(out); // $ hasTaintFlow
}
{
// "org.springframework.web.util;UriComponents;false;normalize;;;Argument[-1];ReturnValue;taint"
UriComponents out = null;
UriComponents in = (UriComponents)source();
out = in.normalize();
sink(out); // $ hasTaintFlow
}
{
// "org.springframework.web.util;UriComponents;false;toString;;;Argument[-1];ReturnValue;taint"
String out = null;
UriComponents in = (UriComponents)source();
out = in.toString();
sink(out); // $ hasTaintFlow
}
{
// "org.springframework.web.util;UriTemplate;false;toString;;;Argument[-1];ReturnValue;taint"
String out = null;
UriTemplate in = (UriTemplate)source();
out = in.toString();
sink(out); // $ hasTaintFlow
}
{
// "org.springframework.web.util;UrlPathHelper;false;getPathWithinApplication;;;Argument[0];ReturnValue;taint"
String out = null;
HttpServletRequest in = (HttpServletRequest)source();
UrlPathHelper instance = null;
out = instance.getPathWithinApplication(in);
sink(out); // $ hasTaintFlow
}
{
// "org.springframework.web.util;UrlPathHelper;false;getPathWithinServletMapping;;;Argument[0];ReturnValue;taint"
String out = null;
HttpServletRequest in = (HttpServletRequest)source();
UrlPathHelper instance = null;
out = instance.getPathWithinServletMapping(in);
sink(out); // $ hasTaintFlow
}
{
// "org.springframework.web.util;WebUtils;false;setSessionAttribute;;;Argument[2];Argument[0];taint"
HttpServletRequest out = null;
Object in = (Object)source();
WebUtils.setSessionAttribute(out, null, in);
sink(out); // $ hasTaintFlow
}
}