mirror of
https://github.com/github/codeql.git
synced 2026-04-23 15:55:18 +02:00
Java: Cherry-pick test from https://github.com/github/codeql/pull/17051
This commit is contained in:
Anders Schack-Mulligen
@@ -0,0 +1,306 @@
|
||||
// Test cases for CWE-089 (SQL injection and Java Persistence query injection)
|
||||
// http://cwe.mitre.org/data/definitions/89.html
|
||||
package test.cwe089.semmle.tests;
|
||||
|
||||
import java.io.IOException;
|
||||
import java.sql.Connection;
|
||||
import java.sql.PreparedStatement;
|
||||
import java.sql.ResultSet;
|
||||
import java.sql.SQLException;
|
||||
import java.sql.Statement;
|
||||
import java.util.ArrayList;
|
||||
import java.util.Arrays;
|
||||
import java.util.Collections;
|
||||
import java.util.HashSet;
|
||||
import java.util.List;
|
||||
import java.util.Set;
|
||||
import java.util.function.Consumer;
|
||||
|
||||
class AllowListSanitizerWithJavaUtilList {
|
||||
public static Connection connection;
|
||||
public static final List<String> goodAllowList1 = List.of("allowed1", "allowed2", "allowed3");
|
||||
public static final List<String> goodAllowList2 = Collections.unmodifiableList(Arrays.asList("allowed1"));
|
||||
public static final List<String> goodAllowList3;
|
||||
public static final List<String> goodAllowList4;
|
||||
public static final List<String> badAllowList1 = List.of("allowed1", "allowed2", getNonConstantString());
|
||||
public static final List<String> badAllowList2 = Collections.unmodifiableList(Arrays.asList("allowed1", getNonConstantString()));
|
||||
public static final List<String> badAllowList3;
|
||||
public static final List<String> badAllowList4;
|
||||
public static final List<String> badAllowList5;
|
||||
public static List<String> badAllowList6 = List.of("allowed1", "allowed2", "allowed3");
|
||||
public final List<String> badAllowList7 = List.of("allowed1", "allowed2", "allowed3");
|
||||
|
||||
static {
|
||||
goodAllowList3 = List.of("allowed1", "allowed2", "allowed3");
|
||||
goodAllowList4 = Collections.unmodifiableList(Arrays.asList("allowed1", "allowed2"));
|
||||
badAllowList3 = List.of(getNonConstantString(), "allowed2", "allowed3");
|
||||
badAllowList4 = Collections.unmodifiableList(Arrays.asList("allowed1", getNonConstantString()));
|
||||
badAllowList5 = new ArrayList<String>();
|
||||
badAllowList5.add("allowed1");
|
||||
badAllowList5.add("allowed2");
|
||||
badAllowList5.add("allowed3");
|
||||
}
|
||||
|
||||
public static String getNonConstantString() {
|
||||
return String.valueOf(System.currentTimeMillis());
|
||||
}
|
||||
|
||||
public static void main(String[] args) throws IOException, SQLException {
|
||||
badAllowList6 = List.of("allowed1", getNonConstantString(), "allowed3");
|
||||
testStaticFields(args);
|
||||
testLocal(args);
|
||||
var x = new AllowListSanitizerWithJavaUtilList();
|
||||
x.testNonStaticFields(args);
|
||||
testMultipleSources(args);
|
||||
testEscape(args);
|
||||
}
|
||||
|
||||
private static void testStaticFields(String[] args) throws IOException, SQLException {
|
||||
String tainted = args[1];
|
||||
// GOOD: an allowlist is used with constant strings
|
||||
if(goodAllowList1.contains(tainted.toLowerCase())){
|
||||
String query = "SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY='"
|
||||
+ tainted + "' ORDER BY PRICE";
|
||||
ResultSet results = connection.createStatement().executeQuery(query);
|
||||
}
|
||||
// GOOD: an allowlist is used with constant strings
|
||||
if(goodAllowList2.contains(tainted.toUpperCase())){
|
||||
String query = "SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY='"
|
||||
+ tainted + "' ORDER BY PRICE";
|
||||
ResultSet results = connection.createStatement().executeQuery(query);
|
||||
}
|
||||
// GOOD: an allowlist is used with constant strings
|
||||
if(goodAllowList3.contains(tainted)){
|
||||
String query = "SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY='"
|
||||
+ tainted + "' ORDER BY PRICE";
|
||||
ResultSet results = connection.createStatement().executeQuery(query);
|
||||
}
|
||||
// GOOD: an allowlist is used with constant strings
|
||||
if(goodAllowList4.contains(tainted)){
|
||||
String query = "SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY='"
|
||||
+ tainted + "' ORDER BY PRICE";
|
||||
ResultSet results = connection.createStatement().executeQuery(query);
|
||||
}
|
||||
// BAD: an allowlist is used with constant strings
|
||||
if(badAllowList1.contains(tainted)){
|
||||
String query = "SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY='"
|
||||
+ tainted + "' ORDER BY PRICE";
|
||||
ResultSet results = connection.createStatement().executeQuery(query);
|
||||
}
|
||||
// BAD: an allowlist is used with constant strings
|
||||
if(badAllowList2.contains(tainted)){
|
||||
String query = "SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY='"
|
||||
+ tainted + "' ORDER BY PRICE";
|
||||
ResultSet results = connection.createStatement().executeQuery(query);
|
||||
}
|
||||
// BAD: an allowlist is used with constant strings
|
||||
if(badAllowList3.contains(tainted)){
|
||||
String query = "SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY='"
|
||||
+ tainted + "' ORDER BY PRICE";
|
||||
ResultSet results = connection.createStatement().executeQuery(query);
|
||||
}
|
||||
// BAD: an allowlist is used with constant strings
|
||||
if(badAllowList4.contains(tainted)){
|
||||
String query = "SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY='"
|
||||
+ tainted + "' ORDER BY PRICE";
|
||||
ResultSet results = connection.createStatement().executeQuery(query);
|
||||
}
|
||||
// BAD: an allowlist is used with constant strings
|
||||
if(badAllowList5.contains(tainted)){
|
||||
String query = "SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY='"
|
||||
+ tainted + "' ORDER BY PRICE";
|
||||
ResultSet results = connection.createStatement().executeQuery(query);
|
||||
}
|
||||
// BAD: the allowlist is in a non-final field
|
||||
if(badAllowList6.contains(tainted)){
|
||||
String query = "SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY='"
|
||||
+ tainted + "' ORDER BY PRICE";
|
||||
ResultSet results = connection.createStatement().executeQuery(query);
|
||||
}
|
||||
}
|
||||
|
||||
private void testNonStaticFields(String[] args) throws IOException, SQLException {
|
||||
String tainted = args[0];
|
||||
// BAD: the allowlist is in a non-static field
|
||||
if(badAllowList7.contains(tainted)){
|
||||
String query = "SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY='"
|
||||
+ tainted + "' ORDER BY PRICE";
|
||||
ResultSet results = connection.createStatement().executeQuery(query);
|
||||
}
|
||||
}
|
||||
|
||||
private static void testLocal(String[] args) throws IOException, SQLException {
|
||||
String tainted = args[1];
|
||||
// GOOD: an allowlist is used with constant strings
|
||||
{
|
||||
List<String> allowlist = List.of("allowed1", "allowed2", "allowed3");
|
||||
if(allowlist.contains(tainted.toLowerCase())){
|
||||
String query = "SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY='"
|
||||
+ tainted + "' ORDER BY PRICE";
|
||||
ResultSet results = connection.createStatement().executeQuery(query);
|
||||
}
|
||||
}
|
||||
// BAD: an allowlist is used but one of the entries is not a compile-time constant
|
||||
{
|
||||
List<String> allowlist = List.of("allowed1", "allowed2", args[2]);
|
||||
if(allowlist.contains(tainted)){
|
||||
String query = "SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY='"
|
||||
+ tainted + "' ORDER BY PRICE";
|
||||
ResultSet results = connection.createStatement().executeQuery(query);
|
||||
}
|
||||
}
|
||||
// GOOD: an allowlist is used with constant strings
|
||||
{
|
||||
String[] allowedArray = {"allowed1", "allowed2", "allowed3"};
|
||||
List<String> allowlist = List.of(allowedArray);
|
||||
if(allowlist.contains(tainted.toUpperCase())){
|
||||
String query = "SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY='"
|
||||
+ tainted + "' ORDER BY PRICE";
|
||||
ResultSet results = connection.createStatement().executeQuery(query);
|
||||
}
|
||||
}
|
||||
// BAD: an allowlist is used but one of the entries is not a compile-time constant
|
||||
{
|
||||
String[] allowedArray = {"allowed1", "allowed2", args[2]};
|
||||
List<String> allowlist = List.of(allowedArray);
|
||||
if(allowlist.contains(tainted)){
|
||||
String query = "SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY='"
|
||||
+ tainted + "' ORDER BY PRICE";
|
||||
ResultSet results = connection.createStatement().executeQuery(query);
|
||||
}
|
||||
}
|
||||
// GOOD: an allowlist is used with constant strings
|
||||
{
|
||||
List<String> allowlist = Collections.unmodifiableList(Arrays.asList("allowed1"));
|
||||
if(allowlist.contains(tainted)){
|
||||
String query = "SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY='"
|
||||
+ tainted + "' ORDER BY PRICE";
|
||||
ResultSet results = connection.createStatement().executeQuery(query);
|
||||
}
|
||||
}
|
||||
// BAD: an allowlist is used but one of the entries is not a compile-time constant
|
||||
{
|
||||
List<String> allowlist = Collections.unmodifiableList(Arrays.asList("allowed1", "allowed2", args[2]));
|
||||
if(allowlist.contains(tainted)){
|
||||
String query = "SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY='"
|
||||
+ tainted + "' ORDER BY PRICE";
|
||||
ResultSet results = connection.createStatement().executeQuery(query);
|
||||
}
|
||||
}
|
||||
// GOOD: an allowlist is used with constant strings
|
||||
{
|
||||
String[] allowedArray = {"allowed1", "allowed2", "allowed3"};
|
||||
List<String> allowlist = Collections.unmodifiableList(Arrays.asList(allowedArray));
|
||||
if(allowlist.contains(tainted)){
|
||||
String query = "SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY='"
|
||||
+ tainted + "' ORDER BY PRICE";
|
||||
ResultSet results = connection.createStatement().executeQuery(query);
|
||||
}
|
||||
}
|
||||
// BAD: an allowlist is used but one of the entries is not a compile-time constant
|
||||
{
|
||||
String[] allowedArray = {"allowed1", "allowed2", args[2]};
|
||||
List<String> allowlist = Collections.unmodifiableList(Arrays.asList(allowedArray));
|
||||
if(allowlist.contains(tainted)){
|
||||
String query = "SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY='"
|
||||
+ tainted + "' ORDER BY PRICE";
|
||||
ResultSet results = connection.createStatement().executeQuery(query);
|
||||
}
|
||||
}
|
||||
// GOOD: an allowlist is used with constant string
|
||||
{
|
||||
List<String> allowlist = new ArrayList<String>();
|
||||
allowlist.add("allowed1");
|
||||
allowlist.add("allowed2");
|
||||
allowlist.add("allowed3");
|
||||
if(allowlist.contains(tainted)){
|
||||
String query = "SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY='"
|
||||
+ tainted + "' ORDER BY PRICE";
|
||||
ResultSet results = connection.createStatement().executeQuery(query);
|
||||
}
|
||||
}
|
||||
// BAD: an allowlist is used but one of the entries is not a compile-time constant
|
||||
{
|
||||
List<String> allowlist = new ArrayList<String>();
|
||||
allowlist.add("allowed1");
|
||||
allowlist.add(getNonConstantString());
|
||||
allowlist.add("allowed3");
|
||||
if(allowlist.contains(tainted)){
|
||||
String query = "SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY='"
|
||||
+ tainted + "' ORDER BY PRICE";
|
||||
ResultSet results = connection.createStatement().executeQuery(query);
|
||||
}
|
||||
}
|
||||
// BAD: an allowlist is used but it contains a non-compile-time constant element
|
||||
{
|
||||
List<String> allowlist = new ArrayList<String>();
|
||||
allowlist.add("allowed1");
|
||||
addNonConstantStringDirectly(allowlist);
|
||||
if(allowlist.contains(tainted)){
|
||||
String query = "SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY='"
|
||||
+ tainted + "' ORDER BY PRICE";
|
||||
ResultSet results = connection.createStatement().executeQuery(query);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
private static void testMultipleSources(String[] args) throws IOException, SQLException {
|
||||
String tainted = args[1];
|
||||
boolean b = args[2] == "True";
|
||||
{
|
||||
// BAD: an allowlist is used which might contain constant strings
|
||||
List<String> allowlist = new ArrayList<String>();
|
||||
allowlist.add("allowed1");
|
||||
if (b) {
|
||||
allowlist.add(getNonConstantString());
|
||||
}
|
||||
if(allowlist.contains(tainted)){
|
||||
String query = "SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY='"
|
||||
+ tainted + "' ORDER BY PRICE";
|
||||
ResultSet results = connection.createStatement().executeQuery(query);
|
||||
}
|
||||
}
|
||||
{
|
||||
// BAD: an allowlist is used which might contain constant strings
|
||||
List<String> allowlist = b ? goodAllowList1 : badAllowList1;
|
||||
if(allowlist.contains(tainted)){
|
||||
String query = "SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY='"
|
||||
+ tainted + "' ORDER BY PRICE";
|
||||
ResultSet results = connection.createStatement().executeQuery(query);
|
||||
}
|
||||
}
|
||||
{
|
||||
// BAD: an allowlist is used which might contain constant strings
|
||||
List<String> allowlist = b ? goodAllowList1 : List.of("allowed1", "allowed2", args[2]);;
|
||||
if(allowlist.contains(tainted)){
|
||||
String query = "SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY='"
|
||||
+ tainted + "' ORDER BY PRICE";
|
||||
ResultSet results = connection.createStatement().executeQuery(query);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
private static void testEscape(String[] args) throws IOException, SQLException {
|
||||
String tainted = args[1];
|
||||
boolean b = args[2] == "True";
|
||||
{
|
||||
// BAD: an allowlist is used which contains constant strings
|
||||
List<String> allowlist = new ArrayList<String>();
|
||||
addNonConstantStringViaLambda(e -> allowlist.add(e));
|
||||
if(allowlist.contains(tainted)){ // missing result
|
||||
String query = "SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY='"
|
||||
+ tainted + "' ORDER BY PRICE";
|
||||
ResultSet results = connection.createStatement().executeQuery(query);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
private static void addNonConstantStringDirectly(List<String> list) {
|
||||
list.add(getNonConstantString());
|
||||
}
|
||||
|
||||
private static void addNonConstantStringViaLambda(Consumer<String> adder) {
|
||||
adder.accept(getNonConstantString());
|
||||
}
|
||||
|
||||
}
|
||||
@@ -0,0 +1,305 @@
|
||||
// Test cases for CWE-089 (SQL injection and Java Persistence query injection)
|
||||
// http://cwe.mitre.org/data/definitions/89.html
|
||||
package test.cwe089.semmle.tests;
|
||||
|
||||
import java.io.IOException;
|
||||
import java.sql.Connection;
|
||||
import java.sql.PreparedStatement;
|
||||
import java.sql.ResultSet;
|
||||
import java.sql.SQLException;
|
||||
import java.sql.Statement;
|
||||
import java.util.HashSet;
|
||||
import java.util.List;
|
||||
import java.util.Arrays;
|
||||
import java.util.Collections;
|
||||
import java.util.Set;
|
||||
import java.util.function.Consumer;
|
||||
|
||||
class AllowListSanitizerWithJavaUtilSet {
|
||||
public static Connection connection;
|
||||
public static final Set<String> goodAllowList1 = Set.of("allowed1", "allowed2", "allowed3");
|
||||
public static final Set<String> goodAllowList2 = Collections.unmodifiableSet(new HashSet<String>(Arrays.asList("allowed1","allowed2")));
|
||||
public static final Set<String> goodAllowList3;
|
||||
public static final Set<String> goodAllowList4;
|
||||
public static final Set<String> badAllowList1 = Set.of("allowed1", "allowed2", getNonConstantString());
|
||||
public static final Set<String> badAllowList2 = Collections.unmodifiableSet(new HashSet<String>(Arrays.asList("allowed1", getNonConstantString())));
|
||||
public static final Set<String> badAllowList3;
|
||||
public static final Set<String> badAllowList4;
|
||||
public static final Set<String> badAllowList5;
|
||||
public static Set<String> badAllowList6 = Set.of("allowed1", "allowed2", "allowed3");
|
||||
public final Set<String> badAllowList7 = Set.of("allowed1", "allowed2", "allowed3");
|
||||
|
||||
static {
|
||||
goodAllowList3 = Set.of("allowed1", "allowed2", "allowed3");
|
||||
goodAllowList4 = Collections.unmodifiableSet(new HashSet<String>(Arrays.asList("allowed1", "allowed2")));
|
||||
badAllowList3 = Set.of(getNonConstantString(), "allowed2", "allowed3");
|
||||
badAllowList4 = Collections.unmodifiableSet(new HashSet<String>(Arrays.asList("allowed1", getNonConstantString())));
|
||||
badAllowList5 = new HashSet<String>();
|
||||
badAllowList5.add("allowed1");
|
||||
badAllowList5.add("allowed2");
|
||||
badAllowList5.add("allowed3");
|
||||
}
|
||||
|
||||
public static String getNonConstantString() {
|
||||
return String.valueOf(System.currentTimeMillis());
|
||||
}
|
||||
|
||||
public static void main(String[] args) throws IOException, SQLException {
|
||||
badAllowList6 = Set.of("allowed1", getNonConstantString(), "allowed3");
|
||||
testStaticFields(args);
|
||||
testLocal(args);
|
||||
var x = new AllowListSanitizerWithJavaUtilSet();
|
||||
x.testNonStaticFields(args);
|
||||
testMultipleSources(args);
|
||||
testEscape(args);
|
||||
}
|
||||
|
||||
private static void testStaticFields(String[] args) throws IOException, SQLException {
|
||||
String tainted = args[1];
|
||||
// GOOD: an allowlist is used with constant strings
|
||||
if(goodAllowList1.contains(tainted.toLowerCase())){
|
||||
String query = "SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY='"
|
||||
+ tainted + "' ORDER BY PRICE";
|
||||
ResultSet results = connection.createStatement().executeQuery(query);
|
||||
}
|
||||
// GOOD: an allowlist is used with constant strings
|
||||
if(goodAllowList2.contains(tainted.toUpperCase())){
|
||||
String query = "SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY='"
|
||||
+ tainted + "' ORDER BY PRICE";
|
||||
ResultSet results = connection.createStatement().executeQuery(query);
|
||||
}
|
||||
// GOOD: an allowlist is used with constant strings
|
||||
if(goodAllowList3.contains(tainted)){
|
||||
String query = "SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY='"
|
||||
+ tainted + "' ORDER BY PRICE";
|
||||
ResultSet results = connection.createStatement().executeQuery(query);
|
||||
}
|
||||
// GOOD: an allowlist is used with constant strings
|
||||
if(goodAllowList4.contains(tainted)){
|
||||
String query = "SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY='"
|
||||
+ tainted + "' ORDER BY PRICE";
|
||||
ResultSet results = connection.createStatement().executeQuery(query);
|
||||
}
|
||||
// BAD: an allowlist is used with constant strings
|
||||
if(badAllowList1.contains(tainted)){
|
||||
String query = "SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY='"
|
||||
+ tainted + "' ORDER BY PRICE";
|
||||
ResultSet results = connection.createStatement().executeQuery(query);
|
||||
}
|
||||
// BAD: an allowlist is used with constant strings
|
||||
if(badAllowList2.contains(tainted)){
|
||||
String query = "SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY='"
|
||||
+ tainted + "' ORDER BY PRICE";
|
||||
ResultSet results = connection.createStatement().executeQuery(query);
|
||||
}
|
||||
// BAD: an allowlist is used with constant strings
|
||||
if(badAllowList3.contains(tainted)){
|
||||
String query = "SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY='"
|
||||
+ tainted + "' ORDER BY PRICE";
|
||||
ResultSet results = connection.createStatement().executeQuery(query);
|
||||
}
|
||||
// BAD: an allowlist is used with constant strings
|
||||
if(badAllowList4.contains(tainted)){
|
||||
String query = "SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY='"
|
||||
+ tainted + "' ORDER BY PRICE";
|
||||
ResultSet results = connection.createStatement().executeQuery(query);
|
||||
}
|
||||
// BAD: an allowlist is used with constant strings
|
||||
if(badAllowList5.contains(tainted)){
|
||||
String query = "SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY='"
|
||||
+ tainted + "' ORDER BY PRICE";
|
||||
ResultSet results = connection.createStatement().executeQuery(query);
|
||||
}
|
||||
// BAD: the allowlist is in a non-final field
|
||||
if(badAllowList6.contains(tainted)){
|
||||
String query = "SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY='"
|
||||
+ tainted + "' ORDER BY PRICE";
|
||||
ResultSet results = connection.createStatement().executeQuery(query);
|
||||
}
|
||||
}
|
||||
|
||||
private void testNonStaticFields(String[] args) throws IOException, SQLException {
|
||||
String tainted = args[1];
|
||||
// BAD: the allowlist is in a non-static field
|
||||
if(badAllowList7.contains(tainted)){
|
||||
String query = "SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY='"
|
||||
+ tainted + "' ORDER BY PRICE";
|
||||
ResultSet results = connection.createStatement().executeQuery(query);
|
||||
}
|
||||
}
|
||||
|
||||
private static void testLocal(String[] args) throws IOException, SQLException {
|
||||
String tainted = args[1];
|
||||
// GOOD: an allowlist is used with constant strings
|
||||
{
|
||||
Set<String> allowlist = Set.of("allowed1", "allowed2", "allowed3");
|
||||
if(allowlist.contains(tainted.toLowerCase())){
|
||||
String query = "SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY='"
|
||||
+ tainted + "' ORDER BY PRICE";
|
||||
ResultSet results = connection.createStatement().executeQuery(query);
|
||||
}
|
||||
}
|
||||
// BAD: an allowlist is used but one of the entries is not a compile-time constant
|
||||
{
|
||||
Set<String> allowlist = Set.of("allowed1", "allowed2", args[2]);
|
||||
if(allowlist.contains(tainted)){
|
||||
String query = "SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY='"
|
||||
+ tainted + "' ORDER BY PRICE";
|
||||
ResultSet results = connection.createStatement().executeQuery(query);
|
||||
}
|
||||
}
|
||||
// GOOD: an allowlist is used with constant strings
|
||||
{
|
||||
String[] allowedArray = {"allowed1", "allowed2", "allowed3"};
|
||||
Set<String> allowlist = Set.of(allowedArray);
|
||||
if(allowlist.contains(tainted.toUpperCase())){
|
||||
String query = "SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY='"
|
||||
+ tainted + "' ORDER BY PRICE";
|
||||
ResultSet results = connection.createStatement().executeQuery(query);
|
||||
}
|
||||
}
|
||||
// BAD: an allowlist is used but one of the entries is not a compile-time constant
|
||||
{
|
||||
String[] allowedArray = {"allowed1", "allowed2", args[2]};
|
||||
Set<String> allowlist = Set.of(allowedArray);
|
||||
if(allowlist.contains(tainted)){
|
||||
String query = "SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY='"
|
||||
+ tainted + "' ORDER BY PRICE";
|
||||
ResultSet results = connection.createStatement().executeQuery(query);
|
||||
}
|
||||
}
|
||||
// GOOD: an allowlist is used with constant strings
|
||||
{
|
||||
Set<String> allowlist = Collections.unmodifiableSet(new HashSet<>(Arrays.asList("allowed1")));
|
||||
if(allowlist.contains(tainted)){
|
||||
String query = "SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY='"
|
||||
+ tainted + "' ORDER BY PRICE";
|
||||
ResultSet results = connection.createStatement().executeQuery(query);
|
||||
}
|
||||
}
|
||||
// BAD: an allowlist is used but one of the entries is not a compile-time constant
|
||||
{
|
||||
Set<String> allowlist = Collections.unmodifiableSet(new HashSet<>(Arrays.asList("allowed1", "allowed2", args[2])));
|
||||
if(allowlist.contains(tainted)){
|
||||
String query = "SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY='"
|
||||
+ tainted + "' ORDER BY PRICE";
|
||||
ResultSet results = connection.createStatement().executeQuery(query);
|
||||
}
|
||||
}
|
||||
// GOOD: an allowlist is used with constant strings
|
||||
{
|
||||
String[] allowedArray = {"allowed1", "allowed2", "allowed3"};
|
||||
Set<String> allowlist = Collections.unmodifiableSet(new HashSet<>(Arrays.asList(allowedArray)));
|
||||
if(allowlist.contains(tainted)){
|
||||
String query = "SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY='"
|
||||
+ tainted + "' ORDER BY PRICE";
|
||||
ResultSet results = connection.createStatement().executeQuery(query);
|
||||
}
|
||||
}
|
||||
// BAD: an allowlist is used but one of the entries is not a compile-time constant
|
||||
{
|
||||
String[] allowedArray = {"allowed1", "allowed2", args[2]};
|
||||
Set<String> allowlist = Collections.unmodifiableSet(new HashSet<>(Arrays.asList(allowedArray)));
|
||||
if(allowlist.contains(tainted)){
|
||||
String query = "SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY='"
|
||||
+ tainted + "' ORDER BY PRICE";
|
||||
ResultSet results = connection.createStatement().executeQuery(query);
|
||||
}
|
||||
}
|
||||
// GOOD: an allowlist is used with constant string
|
||||
{
|
||||
Set<String> allowlist = new HashSet<String>();
|
||||
allowlist.add("allowed1");
|
||||
allowlist.add("allowed2");
|
||||
allowlist.add("allowed3");
|
||||
if(allowlist.contains(tainted)){
|
||||
String query = "SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY='"
|
||||
+ tainted + "' ORDER BY PRICE";
|
||||
ResultSet results = connection.createStatement().executeQuery(query);
|
||||
}
|
||||
}
|
||||
// BAD: an allowlist is used but one of the entries is not a compile-time constant
|
||||
{
|
||||
Set<String> allowlist = new HashSet<String>();
|
||||
allowlist.add("allowed1");
|
||||
allowlist.add(getNonConstantString());
|
||||
allowlist.add("allowed3");
|
||||
if(allowlist.contains(tainted)){
|
||||
String query = "SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY='"
|
||||
+ tainted + "' ORDER BY PRICE";
|
||||
ResultSet results = connection.createStatement().executeQuery(query);
|
||||
}
|
||||
}
|
||||
// BAD: an allowlist is used but it contains a non-compile-time constant element
|
||||
{
|
||||
Set<String> allowlist = new HashSet<String>();
|
||||
allowlist.add("allowed1");
|
||||
addNonConstantStringDirectly(allowlist);
|
||||
if(allowlist.contains(tainted)){
|
||||
String query = "SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY='"
|
||||
+ tainted + "' ORDER BY PRICE";
|
||||
ResultSet results = connection.createStatement().executeQuery(query);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
private static void testMultipleSources(String[] args) throws IOException, SQLException {
|
||||
String tainted = args[1];
|
||||
boolean b = args[2] == "True";
|
||||
{
|
||||
// BAD: an allowlist is used which might contain constant strings
|
||||
Set<String> allowlist = new HashSet<String>();
|
||||
allowlist.add("allowed1");
|
||||
if (b) {
|
||||
allowlist.add(getNonConstantString());
|
||||
}
|
||||
if(allowlist.contains(tainted)){
|
||||
String query = "SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY='"
|
||||
+ tainted + "' ORDER BY PRICE";
|
||||
ResultSet results = connection.createStatement().executeQuery(query);
|
||||
}
|
||||
}
|
||||
{
|
||||
// BAD: an allowlist is used which might contain constant strings
|
||||
Set<String> allowlist = b ? goodAllowList1 : badAllowList1;
|
||||
if(allowlist.contains(tainted)){
|
||||
String query = "SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY='"
|
||||
+ tainted + "' ORDER BY PRICE";
|
||||
ResultSet results = connection.createStatement().executeQuery(query);
|
||||
}
|
||||
}
|
||||
{
|
||||
// BAD: an allowlist is used which might contain constant strings
|
||||
Set<String> allowlist = b ? goodAllowList1 : Set.of("allowed1", "allowed2", args[2]);;
|
||||
if(allowlist.contains(tainted)){
|
||||
String query = "SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY='"
|
||||
+ tainted + "' ORDER BY PRICE";
|
||||
ResultSet results = connection.createStatement().executeQuery(query);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
private static void testEscape(String[] args) throws IOException, SQLException {
|
||||
String tainted = args[1];
|
||||
boolean b = args[2] == "True";
|
||||
{
|
||||
// BAD: an allowlist is used which contains constant strings
|
||||
Set<String> allowlist = new HashSet<String>();
|
||||
addNonConstantStringViaLambda(e -> allowlist.add(e));
|
||||
if(allowlist.contains(tainted)){ // missing result
|
||||
String query = "SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY='"
|
||||
+ tainted + "' ORDER BY PRICE";
|
||||
ResultSet results = connection.createStatement().executeQuery(query);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
private static void addNonConstantStringDirectly(Set<String> set) {
|
||||
set.add(getNonConstantString());
|
||||
}
|
||||
|
||||
private static void addNonConstantStringViaLambda(Consumer<String> adder) {
|
||||
adder.accept(getNonConstantString());
|
||||
}
|
||||
|
||||
}
|
||||
@@ -1,3 +1,55 @@
|
||||
| AllowListSanitizerWithJavaUtilList.java:64:66:64:70 | query | Query built by concatenation with $@, which may be untrusted. | AllowListSanitizerWithJavaUtilList.java:63:8:63:14 | tainted | this expression |
|
||||
| AllowListSanitizerWithJavaUtilList.java:70:66:70:70 | query | Query built by concatenation with $@, which may be untrusted. | AllowListSanitizerWithJavaUtilList.java:69:8:69:14 | tainted | this expression |
|
||||
| AllowListSanitizerWithJavaUtilList.java:76:66:76:70 | query | Query built by concatenation with $@, which may be untrusted. | AllowListSanitizerWithJavaUtilList.java:75:8:75:14 | tainted | this expression |
|
||||
| AllowListSanitizerWithJavaUtilList.java:82:66:82:70 | query | Query built by concatenation with $@, which may be untrusted. | AllowListSanitizerWithJavaUtilList.java:81:8:81:14 | tainted | this expression |
|
||||
| AllowListSanitizerWithJavaUtilList.java:88:66:88:70 | query | Query built by concatenation with $@, which may be untrusted. | AllowListSanitizerWithJavaUtilList.java:87:8:87:14 | tainted | this expression |
|
||||
| AllowListSanitizerWithJavaUtilList.java:94:66:94:70 | query | Query built by concatenation with $@, which may be untrusted. | AllowListSanitizerWithJavaUtilList.java:93:8:93:14 | tainted | this expression |
|
||||
| AllowListSanitizerWithJavaUtilList.java:100:66:100:70 | query | Query built by concatenation with $@, which may be untrusted. | AllowListSanitizerWithJavaUtilList.java:99:8:99:14 | tainted | this expression |
|
||||
| AllowListSanitizerWithJavaUtilList.java:106:66:106:70 | query | Query built by concatenation with $@, which may be untrusted. | AllowListSanitizerWithJavaUtilList.java:105:8:105:14 | tainted | this expression |
|
||||
| AllowListSanitizerWithJavaUtilList.java:112:66:112:70 | query | Query built by concatenation with $@, which may be untrusted. | AllowListSanitizerWithJavaUtilList.java:111:8:111:14 | tainted | this expression |
|
||||
| AllowListSanitizerWithJavaUtilList.java:118:66:118:70 | query | Query built by concatenation with $@, which may be untrusted. | AllowListSanitizerWithJavaUtilList.java:117:8:117:14 | tainted | this expression |
|
||||
| AllowListSanitizerWithJavaUtilList.java:128:66:128:70 | query | Query built by concatenation with $@, which may be untrusted. | AllowListSanitizerWithJavaUtilList.java:127:8:127:14 | tainted | this expression |
|
||||
| AllowListSanitizerWithJavaUtilList.java:140:67:140:71 | query | Query built by concatenation with $@, which may be untrusted. | AllowListSanitizerWithJavaUtilList.java:139:9:139:15 | tainted | this expression |
|
||||
| AllowListSanitizerWithJavaUtilList.java:149:67:149:71 | query | Query built by concatenation with $@, which may be untrusted. | AllowListSanitizerWithJavaUtilList.java:148:9:148:15 | tainted | this expression |
|
||||
| AllowListSanitizerWithJavaUtilList.java:159:67:159:71 | query | Query built by concatenation with $@, which may be untrusted. | AllowListSanitizerWithJavaUtilList.java:158:9:158:15 | tainted | this expression |
|
||||
| AllowListSanitizerWithJavaUtilList.java:169:67:169:71 | query | Query built by concatenation with $@, which may be untrusted. | AllowListSanitizerWithJavaUtilList.java:168:9:168:15 | tainted | this expression |
|
||||
| AllowListSanitizerWithJavaUtilList.java:178:67:178:71 | query | Query built by concatenation with $@, which may be untrusted. | AllowListSanitizerWithJavaUtilList.java:177:9:177:15 | tainted | this expression |
|
||||
| AllowListSanitizerWithJavaUtilList.java:187:67:187:71 | query | Query built by concatenation with $@, which may be untrusted. | AllowListSanitizerWithJavaUtilList.java:186:9:186:15 | tainted | this expression |
|
||||
| AllowListSanitizerWithJavaUtilList.java:197:67:197:71 | query | Query built by concatenation with $@, which may be untrusted. | AllowListSanitizerWithJavaUtilList.java:196:9:196:15 | tainted | this expression |
|
||||
| AllowListSanitizerWithJavaUtilList.java:207:67:207:71 | query | Query built by concatenation with $@, which may be untrusted. | AllowListSanitizerWithJavaUtilList.java:206:9:206:15 | tainted | this expression |
|
||||
| AllowListSanitizerWithJavaUtilList.java:219:67:219:71 | query | Query built by concatenation with $@, which may be untrusted. | AllowListSanitizerWithJavaUtilList.java:218:9:218:15 | tainted | this expression |
|
||||
| AllowListSanitizerWithJavaUtilList.java:231:67:231:71 | query | Query built by concatenation with $@, which may be untrusted. | AllowListSanitizerWithJavaUtilList.java:230:9:230:15 | tainted | this expression |
|
||||
| AllowListSanitizerWithJavaUtilList.java:242:67:242:71 | query | Query built by concatenation with $@, which may be untrusted. | AllowListSanitizerWithJavaUtilList.java:241:9:241:15 | tainted | this expression |
|
||||
| AllowListSanitizerWithJavaUtilList.java:260:67:260:71 | query | Query built by concatenation with $@, which may be untrusted. | AllowListSanitizerWithJavaUtilList.java:259:9:259:15 | tainted | this expression |
|
||||
| AllowListSanitizerWithJavaUtilList.java:269:67:269:71 | query | Query built by concatenation with $@, which may be untrusted. | AllowListSanitizerWithJavaUtilList.java:268:9:268:15 | tainted | this expression |
|
||||
| AllowListSanitizerWithJavaUtilList.java:278:67:278:71 | query | Query built by concatenation with $@, which may be untrusted. | AllowListSanitizerWithJavaUtilList.java:277:9:277:15 | tainted | this expression |
|
||||
| AllowListSanitizerWithJavaUtilList.java:293:67:293:71 | query | Query built by concatenation with $@, which may be untrusted. | AllowListSanitizerWithJavaUtilList.java:292:9:292:15 | tainted | this expression |
|
||||
| AllowListSanitizerWithJavaUtilSet.java:63:66:63:70 | query | Query built by concatenation with $@, which may be untrusted. | AllowListSanitizerWithJavaUtilSet.java:62:8:62:14 | tainted | this expression |
|
||||
| AllowListSanitizerWithJavaUtilSet.java:69:66:69:70 | query | Query built by concatenation with $@, which may be untrusted. | AllowListSanitizerWithJavaUtilSet.java:68:8:68:14 | tainted | this expression |
|
||||
| AllowListSanitizerWithJavaUtilSet.java:75:66:75:70 | query | Query built by concatenation with $@, which may be untrusted. | AllowListSanitizerWithJavaUtilSet.java:74:8:74:14 | tainted | this expression |
|
||||
| AllowListSanitizerWithJavaUtilSet.java:81:66:81:70 | query | Query built by concatenation with $@, which may be untrusted. | AllowListSanitizerWithJavaUtilSet.java:80:8:80:14 | tainted | this expression |
|
||||
| AllowListSanitizerWithJavaUtilSet.java:87:66:87:70 | query | Query built by concatenation with $@, which may be untrusted. | AllowListSanitizerWithJavaUtilSet.java:86:8:86:14 | tainted | this expression |
|
||||
| AllowListSanitizerWithJavaUtilSet.java:93:66:93:70 | query | Query built by concatenation with $@, which may be untrusted. | AllowListSanitizerWithJavaUtilSet.java:92:8:92:14 | tainted | this expression |
|
||||
| AllowListSanitizerWithJavaUtilSet.java:99:66:99:70 | query | Query built by concatenation with $@, which may be untrusted. | AllowListSanitizerWithJavaUtilSet.java:98:8:98:14 | tainted | this expression |
|
||||
| AllowListSanitizerWithJavaUtilSet.java:105:66:105:70 | query | Query built by concatenation with $@, which may be untrusted. | AllowListSanitizerWithJavaUtilSet.java:104:8:104:14 | tainted | this expression |
|
||||
| AllowListSanitizerWithJavaUtilSet.java:111:66:111:70 | query | Query built by concatenation with $@, which may be untrusted. | AllowListSanitizerWithJavaUtilSet.java:110:8:110:14 | tainted | this expression |
|
||||
| AllowListSanitizerWithJavaUtilSet.java:117:66:117:70 | query | Query built by concatenation with $@, which may be untrusted. | AllowListSanitizerWithJavaUtilSet.java:116:8:116:14 | tainted | this expression |
|
||||
| AllowListSanitizerWithJavaUtilSet.java:127:66:127:70 | query | Query built by concatenation with $@, which may be untrusted. | AllowListSanitizerWithJavaUtilSet.java:126:8:126:14 | tainted | this expression |
|
||||
| AllowListSanitizerWithJavaUtilSet.java:139:67:139:71 | query | Query built by concatenation with $@, which may be untrusted. | AllowListSanitizerWithJavaUtilSet.java:138:9:138:15 | tainted | this expression |
|
||||
| AllowListSanitizerWithJavaUtilSet.java:148:67:148:71 | query | Query built by concatenation with $@, which may be untrusted. | AllowListSanitizerWithJavaUtilSet.java:147:9:147:15 | tainted | this expression |
|
||||
| AllowListSanitizerWithJavaUtilSet.java:158:67:158:71 | query | Query built by concatenation with $@, which may be untrusted. | AllowListSanitizerWithJavaUtilSet.java:157:9:157:15 | tainted | this expression |
|
||||
| AllowListSanitizerWithJavaUtilSet.java:168:67:168:71 | query | Query built by concatenation with $@, which may be untrusted. | AllowListSanitizerWithJavaUtilSet.java:167:9:167:15 | tainted | this expression |
|
||||
| AllowListSanitizerWithJavaUtilSet.java:177:67:177:71 | query | Query built by concatenation with $@, which may be untrusted. | AllowListSanitizerWithJavaUtilSet.java:176:9:176:15 | tainted | this expression |
|
||||
| AllowListSanitizerWithJavaUtilSet.java:186:67:186:71 | query | Query built by concatenation with $@, which may be untrusted. | AllowListSanitizerWithJavaUtilSet.java:185:9:185:15 | tainted | this expression |
|
||||
| AllowListSanitizerWithJavaUtilSet.java:196:67:196:71 | query | Query built by concatenation with $@, which may be untrusted. | AllowListSanitizerWithJavaUtilSet.java:195:9:195:15 | tainted | this expression |
|
||||
| AllowListSanitizerWithJavaUtilSet.java:206:67:206:71 | query | Query built by concatenation with $@, which may be untrusted. | AllowListSanitizerWithJavaUtilSet.java:205:9:205:15 | tainted | this expression |
|
||||
| AllowListSanitizerWithJavaUtilSet.java:218:67:218:71 | query | Query built by concatenation with $@, which may be untrusted. | AllowListSanitizerWithJavaUtilSet.java:217:9:217:15 | tainted | this expression |
|
||||
| AllowListSanitizerWithJavaUtilSet.java:230:67:230:71 | query | Query built by concatenation with $@, which may be untrusted. | AllowListSanitizerWithJavaUtilSet.java:229:9:229:15 | tainted | this expression |
|
||||
| AllowListSanitizerWithJavaUtilSet.java:241:67:241:71 | query | Query built by concatenation with $@, which may be untrusted. | AllowListSanitizerWithJavaUtilSet.java:240:9:240:15 | tainted | this expression |
|
||||
| AllowListSanitizerWithJavaUtilSet.java:259:67:259:71 | query | Query built by concatenation with $@, which may be untrusted. | AllowListSanitizerWithJavaUtilSet.java:258:9:258:15 | tainted | this expression |
|
||||
| AllowListSanitizerWithJavaUtilSet.java:268:67:268:71 | query | Query built by concatenation with $@, which may be untrusted. | AllowListSanitizerWithJavaUtilSet.java:267:9:267:15 | tainted | this expression |
|
||||
| AllowListSanitizerWithJavaUtilSet.java:277:67:277:71 | query | Query built by concatenation with $@, which may be untrusted. | AllowListSanitizerWithJavaUtilSet.java:276:9:276:15 | tainted | this expression |
|
||||
| AllowListSanitizerWithJavaUtilSet.java:292:67:292:71 | query | Query built by concatenation with $@, which may be untrusted. | AllowListSanitizerWithJavaUtilSet.java:291:9:291:15 | tainted | this expression |
|
||||
| Test.java:36:47:36:52 | query1 | Query built by concatenation with $@, which may be untrusted. | Test.java:35:8:35:15 | category | this expression |
|
||||
| Test.java:42:57:42:62 | query2 | Query built by concatenation with $@, which may be untrusted. | Test.java:41:51:41:52 | id | this expression |
|
||||
| Test.java:50:62:50:67 | query3 | Query built by concatenation with $@, which may be untrusted. | Test.java:49:8:49:15 | category | this expression |
|
||||
|
||||
@@ -1,4 +1,38 @@
|
||||
#select
|
||||
| AllowListSanitizerWithJavaUtilList.java:88:66:88:70 | query | AllowListSanitizerWithJavaUtilList.java:48:26:48:38 | args : String[] | AllowListSanitizerWithJavaUtilList.java:88:66:88:70 | query | This query depends on a $@. | AllowListSanitizerWithJavaUtilList.java:48:26:48:38 | args | user-provided value |
|
||||
| AllowListSanitizerWithJavaUtilList.java:94:66:94:70 | query | AllowListSanitizerWithJavaUtilList.java:48:26:48:38 | args : String[] | AllowListSanitizerWithJavaUtilList.java:94:66:94:70 | query | This query depends on a $@. | AllowListSanitizerWithJavaUtilList.java:48:26:48:38 | args | user-provided value |
|
||||
| AllowListSanitizerWithJavaUtilList.java:100:66:100:70 | query | AllowListSanitizerWithJavaUtilList.java:48:26:48:38 | args : String[] | AllowListSanitizerWithJavaUtilList.java:100:66:100:70 | query | This query depends on a $@. | AllowListSanitizerWithJavaUtilList.java:48:26:48:38 | args | user-provided value |
|
||||
| AllowListSanitizerWithJavaUtilList.java:106:66:106:70 | query | AllowListSanitizerWithJavaUtilList.java:48:26:48:38 | args : String[] | AllowListSanitizerWithJavaUtilList.java:106:66:106:70 | query | This query depends on a $@. | AllowListSanitizerWithJavaUtilList.java:48:26:48:38 | args | user-provided value |
|
||||
| AllowListSanitizerWithJavaUtilList.java:112:66:112:70 | query | AllowListSanitizerWithJavaUtilList.java:48:26:48:38 | args : String[] | AllowListSanitizerWithJavaUtilList.java:112:66:112:70 | query | This query depends on a $@. | AllowListSanitizerWithJavaUtilList.java:48:26:48:38 | args | user-provided value |
|
||||
| AllowListSanitizerWithJavaUtilList.java:118:66:118:70 | query | AllowListSanitizerWithJavaUtilList.java:48:26:48:38 | args : String[] | AllowListSanitizerWithJavaUtilList.java:118:66:118:70 | query | This query depends on a $@. | AllowListSanitizerWithJavaUtilList.java:48:26:48:38 | args | user-provided value |
|
||||
| AllowListSanitizerWithJavaUtilList.java:128:66:128:70 | query | AllowListSanitizerWithJavaUtilList.java:48:26:48:38 | args : String[] | AllowListSanitizerWithJavaUtilList.java:128:66:128:70 | query | This query depends on a $@. | AllowListSanitizerWithJavaUtilList.java:48:26:48:38 | args | user-provided value |
|
||||
| AllowListSanitizerWithJavaUtilList.java:149:67:149:71 | query | AllowListSanitizerWithJavaUtilList.java:48:26:48:38 | args : String[] | AllowListSanitizerWithJavaUtilList.java:149:67:149:71 | query | This query depends on a $@. | AllowListSanitizerWithJavaUtilList.java:48:26:48:38 | args | user-provided value |
|
||||
| AllowListSanitizerWithJavaUtilList.java:169:67:169:71 | query | AllowListSanitizerWithJavaUtilList.java:48:26:48:38 | args : String[] | AllowListSanitizerWithJavaUtilList.java:169:67:169:71 | query | This query depends on a $@. | AllowListSanitizerWithJavaUtilList.java:48:26:48:38 | args | user-provided value |
|
||||
| AllowListSanitizerWithJavaUtilList.java:187:67:187:71 | query | AllowListSanitizerWithJavaUtilList.java:48:26:48:38 | args : String[] | AllowListSanitizerWithJavaUtilList.java:187:67:187:71 | query | This query depends on a $@. | AllowListSanitizerWithJavaUtilList.java:48:26:48:38 | args | user-provided value |
|
||||
| AllowListSanitizerWithJavaUtilList.java:207:67:207:71 | query | AllowListSanitizerWithJavaUtilList.java:48:26:48:38 | args : String[] | AllowListSanitizerWithJavaUtilList.java:207:67:207:71 | query | This query depends on a $@. | AllowListSanitizerWithJavaUtilList.java:48:26:48:38 | args | user-provided value |
|
||||
| AllowListSanitizerWithJavaUtilList.java:231:67:231:71 | query | AllowListSanitizerWithJavaUtilList.java:48:26:48:38 | args : String[] | AllowListSanitizerWithJavaUtilList.java:231:67:231:71 | query | This query depends on a $@. | AllowListSanitizerWithJavaUtilList.java:48:26:48:38 | args | user-provided value |
|
||||
| AllowListSanitizerWithJavaUtilList.java:242:67:242:71 | query | AllowListSanitizerWithJavaUtilList.java:48:26:48:38 | args : String[] | AllowListSanitizerWithJavaUtilList.java:242:67:242:71 | query | This query depends on a $@. | AllowListSanitizerWithJavaUtilList.java:48:26:48:38 | args | user-provided value |
|
||||
| AllowListSanitizerWithJavaUtilList.java:260:67:260:71 | query | AllowListSanitizerWithJavaUtilList.java:48:26:48:38 | args : String[] | AllowListSanitizerWithJavaUtilList.java:260:67:260:71 | query | This query depends on a $@. | AllowListSanitizerWithJavaUtilList.java:48:26:48:38 | args | user-provided value |
|
||||
| AllowListSanitizerWithJavaUtilList.java:269:67:269:71 | query | AllowListSanitizerWithJavaUtilList.java:48:26:48:38 | args : String[] | AllowListSanitizerWithJavaUtilList.java:269:67:269:71 | query | This query depends on a $@. | AllowListSanitizerWithJavaUtilList.java:48:26:48:38 | args | user-provided value |
|
||||
| AllowListSanitizerWithJavaUtilList.java:278:67:278:71 | query | AllowListSanitizerWithJavaUtilList.java:48:26:48:38 | args : String[] | AllowListSanitizerWithJavaUtilList.java:278:67:278:71 | query | This query depends on a $@. | AllowListSanitizerWithJavaUtilList.java:48:26:48:38 | args | user-provided value |
|
||||
| AllowListSanitizerWithJavaUtilList.java:293:67:293:71 | query | AllowListSanitizerWithJavaUtilList.java:48:26:48:38 | args : String[] | AllowListSanitizerWithJavaUtilList.java:293:67:293:71 | query | This query depends on a $@. | AllowListSanitizerWithJavaUtilList.java:48:26:48:38 | args | user-provided value |
|
||||
| AllowListSanitizerWithJavaUtilSet.java:87:66:87:70 | query | AllowListSanitizerWithJavaUtilSet.java:47:26:47:38 | args : String[] | AllowListSanitizerWithJavaUtilSet.java:87:66:87:70 | query | This query depends on a $@. | AllowListSanitizerWithJavaUtilSet.java:47:26:47:38 | args | user-provided value |
|
||||
| AllowListSanitizerWithJavaUtilSet.java:93:66:93:70 | query | AllowListSanitizerWithJavaUtilSet.java:47:26:47:38 | args : String[] | AllowListSanitizerWithJavaUtilSet.java:93:66:93:70 | query | This query depends on a $@. | AllowListSanitizerWithJavaUtilSet.java:47:26:47:38 | args | user-provided value |
|
||||
| AllowListSanitizerWithJavaUtilSet.java:99:66:99:70 | query | AllowListSanitizerWithJavaUtilSet.java:47:26:47:38 | args : String[] | AllowListSanitizerWithJavaUtilSet.java:99:66:99:70 | query | This query depends on a $@. | AllowListSanitizerWithJavaUtilSet.java:47:26:47:38 | args | user-provided value |
|
||||
| AllowListSanitizerWithJavaUtilSet.java:105:66:105:70 | query | AllowListSanitizerWithJavaUtilSet.java:47:26:47:38 | args : String[] | AllowListSanitizerWithJavaUtilSet.java:105:66:105:70 | query | This query depends on a $@. | AllowListSanitizerWithJavaUtilSet.java:47:26:47:38 | args | user-provided value |
|
||||
| AllowListSanitizerWithJavaUtilSet.java:111:66:111:70 | query | AllowListSanitizerWithJavaUtilSet.java:47:26:47:38 | args : String[] | AllowListSanitizerWithJavaUtilSet.java:111:66:111:70 | query | This query depends on a $@. | AllowListSanitizerWithJavaUtilSet.java:47:26:47:38 | args | user-provided value |
|
||||
| AllowListSanitizerWithJavaUtilSet.java:117:66:117:70 | query | AllowListSanitizerWithJavaUtilSet.java:47:26:47:38 | args : String[] | AllowListSanitizerWithJavaUtilSet.java:117:66:117:70 | query | This query depends on a $@. | AllowListSanitizerWithJavaUtilSet.java:47:26:47:38 | args | user-provided value |
|
||||
| AllowListSanitizerWithJavaUtilSet.java:127:66:127:70 | query | AllowListSanitizerWithJavaUtilSet.java:47:26:47:38 | args : String[] | AllowListSanitizerWithJavaUtilSet.java:127:66:127:70 | query | This query depends on a $@. | AllowListSanitizerWithJavaUtilSet.java:47:26:47:38 | args | user-provided value |
|
||||
| AllowListSanitizerWithJavaUtilSet.java:148:67:148:71 | query | AllowListSanitizerWithJavaUtilSet.java:47:26:47:38 | args : String[] | AllowListSanitizerWithJavaUtilSet.java:148:67:148:71 | query | This query depends on a $@. | AllowListSanitizerWithJavaUtilSet.java:47:26:47:38 | args | user-provided value |
|
||||
| AllowListSanitizerWithJavaUtilSet.java:168:67:168:71 | query | AllowListSanitizerWithJavaUtilSet.java:47:26:47:38 | args : String[] | AllowListSanitizerWithJavaUtilSet.java:168:67:168:71 | query | This query depends on a $@. | AllowListSanitizerWithJavaUtilSet.java:47:26:47:38 | args | user-provided value |
|
||||
| AllowListSanitizerWithJavaUtilSet.java:186:67:186:71 | query | AllowListSanitizerWithJavaUtilSet.java:47:26:47:38 | args : String[] | AllowListSanitizerWithJavaUtilSet.java:186:67:186:71 | query | This query depends on a $@. | AllowListSanitizerWithJavaUtilSet.java:47:26:47:38 | args | user-provided value |
|
||||
| AllowListSanitizerWithJavaUtilSet.java:206:67:206:71 | query | AllowListSanitizerWithJavaUtilSet.java:47:26:47:38 | args : String[] | AllowListSanitizerWithJavaUtilSet.java:206:67:206:71 | query | This query depends on a $@. | AllowListSanitizerWithJavaUtilSet.java:47:26:47:38 | args | user-provided value |
|
||||
| AllowListSanitizerWithJavaUtilSet.java:230:67:230:71 | query | AllowListSanitizerWithJavaUtilSet.java:47:26:47:38 | args : String[] | AllowListSanitizerWithJavaUtilSet.java:230:67:230:71 | query | This query depends on a $@. | AllowListSanitizerWithJavaUtilSet.java:47:26:47:38 | args | user-provided value |
|
||||
| AllowListSanitizerWithJavaUtilSet.java:241:67:241:71 | query | AllowListSanitizerWithJavaUtilSet.java:47:26:47:38 | args : String[] | AllowListSanitizerWithJavaUtilSet.java:241:67:241:71 | query | This query depends on a $@. | AllowListSanitizerWithJavaUtilSet.java:47:26:47:38 | args | user-provided value |
|
||||
| AllowListSanitizerWithJavaUtilSet.java:259:67:259:71 | query | AllowListSanitizerWithJavaUtilSet.java:47:26:47:38 | args : String[] | AllowListSanitizerWithJavaUtilSet.java:259:67:259:71 | query | This query depends on a $@. | AllowListSanitizerWithJavaUtilSet.java:47:26:47:38 | args | user-provided value |
|
||||
| AllowListSanitizerWithJavaUtilSet.java:268:67:268:71 | query | AllowListSanitizerWithJavaUtilSet.java:47:26:47:38 | args : String[] | AllowListSanitizerWithJavaUtilSet.java:268:67:268:71 | query | This query depends on a $@. | AllowListSanitizerWithJavaUtilSet.java:47:26:47:38 | args | user-provided value |
|
||||
| AllowListSanitizerWithJavaUtilSet.java:277:67:277:71 | query | AllowListSanitizerWithJavaUtilSet.java:47:26:47:38 | args : String[] | AllowListSanitizerWithJavaUtilSet.java:277:67:277:71 | query | This query depends on a $@. | AllowListSanitizerWithJavaUtilSet.java:47:26:47:38 | args | user-provided value |
|
||||
| AllowListSanitizerWithJavaUtilSet.java:292:67:292:71 | query | AllowListSanitizerWithJavaUtilSet.java:47:26:47:38 | args : String[] | AllowListSanitizerWithJavaUtilSet.java:292:67:292:71 | query | This query depends on a $@. | AllowListSanitizerWithJavaUtilSet.java:47:26:47:38 | args | user-provided value |
|
||||
| Mongo.java:17:45:17:67 | parse(...) | Mongo.java:10:29:10:41 | args : String[] | Mongo.java:17:45:17:67 | parse(...) | This query depends on a $@. | Mongo.java:10:29:10:41 | args | user-provided value |
|
||||
| Mongo.java:21:49:21:52 | json | Mongo.java:10:29:10:41 | args : String[] | Mongo.java:21:49:21:52 | json | This query depends on a $@. | Mongo.java:10:29:10:41 | args | user-provided value |
|
||||
| Test.java:36:47:36:52 | query1 | Test.java:227:26:227:38 | args : String[] | Test.java:36:47:36:52 | query1 | This query depends on a $@. | Test.java:227:26:227:38 | args | user-provided value |
|
||||
@@ -10,6 +44,60 @@
|
||||
| Test.java:209:47:209:68 | queryWithUserTableName | Test.java:227:26:227:38 | args : String[] | Test.java:209:47:209:68 | queryWithUserTableName | This query depends on a $@. | Test.java:227:26:227:38 | args | user-provided value |
|
||||
| Test.java:221:81:221:111 | ... + ... | Test.java:227:26:227:38 | args : String[] | Test.java:221:81:221:111 | ... + ... | This query depends on a $@. | Test.java:227:26:227:38 | args | user-provided value |
|
||||
edges
|
||||
| AllowListSanitizerWithJavaUtilList.java:48:26:48:38 | args : String[] | AllowListSanitizerWithJavaUtilList.java:50:20:50:23 | args : String[] | provenance | |
|
||||
| AllowListSanitizerWithJavaUtilList.java:48:26:48:38 | args : String[] | AllowListSanitizerWithJavaUtilList.java:51:13:51:16 | args : String[] | provenance | |
|
||||
| AllowListSanitizerWithJavaUtilList.java:48:26:48:38 | args : String[] | AllowListSanitizerWithJavaUtilList.java:53:25:53:28 | args : String[] | provenance | |
|
||||
| AllowListSanitizerWithJavaUtilList.java:48:26:48:38 | args : String[] | AllowListSanitizerWithJavaUtilList.java:54:23:54:26 | args : String[] | provenance | |
|
||||
| AllowListSanitizerWithJavaUtilList.java:48:26:48:38 | args : String[] | AllowListSanitizerWithJavaUtilList.java:55:14:55:17 | args : String[] | provenance | |
|
||||
| AllowListSanitizerWithJavaUtilList.java:50:20:50:23 | args : String[] | AllowListSanitizerWithJavaUtilList.java:58:39:58:51 | args : String[] | provenance | |
|
||||
| AllowListSanitizerWithJavaUtilList.java:51:13:51:16 | args : String[] | AllowListSanitizerWithJavaUtilList.java:132:32:132:44 | args : String[] | provenance | |
|
||||
| AllowListSanitizerWithJavaUtilList.java:53:25:53:28 | args : String[] | AllowListSanitizerWithJavaUtilList.java:122:35:122:47 | args : String[] | provenance | |
|
||||
| AllowListSanitizerWithJavaUtilList.java:54:23:54:26 | args : String[] | AllowListSanitizerWithJavaUtilList.java:247:42:247:54 | args : String[] | provenance | |
|
||||
| AllowListSanitizerWithJavaUtilList.java:55:14:55:17 | args : String[] | AllowListSanitizerWithJavaUtilList.java:283:33:283:45 | args : String[] | provenance | |
|
||||
| AllowListSanitizerWithJavaUtilList.java:58:39:58:51 | args : String[] | AllowListSanitizerWithJavaUtilList.java:88:66:88:70 | query | provenance | Sink:MaD:6 |
|
||||
| AllowListSanitizerWithJavaUtilList.java:58:39:58:51 | args : String[] | AllowListSanitizerWithJavaUtilList.java:94:66:94:70 | query | provenance | Sink:MaD:6 |
|
||||
| AllowListSanitizerWithJavaUtilList.java:58:39:58:51 | args : String[] | AllowListSanitizerWithJavaUtilList.java:100:66:100:70 | query | provenance | Sink:MaD:6 |
|
||||
| AllowListSanitizerWithJavaUtilList.java:58:39:58:51 | args : String[] | AllowListSanitizerWithJavaUtilList.java:106:66:106:70 | query | provenance | Sink:MaD:6 |
|
||||
| AllowListSanitizerWithJavaUtilList.java:58:39:58:51 | args : String[] | AllowListSanitizerWithJavaUtilList.java:112:66:112:70 | query | provenance | Sink:MaD:6 |
|
||||
| AllowListSanitizerWithJavaUtilList.java:58:39:58:51 | args : String[] | AllowListSanitizerWithJavaUtilList.java:118:66:118:70 | query | provenance | Sink:MaD:6 |
|
||||
| AllowListSanitizerWithJavaUtilList.java:122:35:122:47 | args : String[] | AllowListSanitizerWithJavaUtilList.java:128:66:128:70 | query | provenance | Sink:MaD:6 |
|
||||
| AllowListSanitizerWithJavaUtilList.java:132:32:132:44 | args : String[] | AllowListSanitizerWithJavaUtilList.java:149:67:149:71 | query | provenance | Sink:MaD:6 |
|
||||
| AllowListSanitizerWithJavaUtilList.java:132:32:132:44 | args : String[] | AllowListSanitizerWithJavaUtilList.java:169:67:169:71 | query | provenance | Sink:MaD:6 |
|
||||
| AllowListSanitizerWithJavaUtilList.java:132:32:132:44 | args : String[] | AllowListSanitizerWithJavaUtilList.java:187:67:187:71 | query | provenance | Sink:MaD:6 |
|
||||
| AllowListSanitizerWithJavaUtilList.java:132:32:132:44 | args : String[] | AllowListSanitizerWithJavaUtilList.java:207:67:207:71 | query | provenance | Sink:MaD:6 |
|
||||
| AllowListSanitizerWithJavaUtilList.java:132:32:132:44 | args : String[] | AllowListSanitizerWithJavaUtilList.java:231:67:231:71 | query | provenance | Sink:MaD:6 |
|
||||
| AllowListSanitizerWithJavaUtilList.java:132:32:132:44 | args : String[] | AllowListSanitizerWithJavaUtilList.java:242:67:242:71 | query | provenance | Sink:MaD:6 |
|
||||
| AllowListSanitizerWithJavaUtilList.java:247:42:247:54 | args : String[] | AllowListSanitizerWithJavaUtilList.java:260:67:260:71 | query | provenance | Sink:MaD:6 |
|
||||
| AllowListSanitizerWithJavaUtilList.java:247:42:247:54 | args : String[] | AllowListSanitizerWithJavaUtilList.java:269:67:269:71 | query | provenance | Sink:MaD:6 |
|
||||
| AllowListSanitizerWithJavaUtilList.java:247:42:247:54 | args : String[] | AllowListSanitizerWithJavaUtilList.java:278:67:278:71 | query | provenance | Sink:MaD:6 |
|
||||
| AllowListSanitizerWithJavaUtilList.java:283:33:283:45 | args : String[] | AllowListSanitizerWithJavaUtilList.java:293:67:293:71 | query | provenance | Sink:MaD:6 |
|
||||
| AllowListSanitizerWithJavaUtilSet.java:47:26:47:38 | args : String[] | AllowListSanitizerWithJavaUtilSet.java:49:20:49:23 | args : String[] | provenance | |
|
||||
| AllowListSanitizerWithJavaUtilSet.java:47:26:47:38 | args : String[] | AllowListSanitizerWithJavaUtilSet.java:50:13:50:16 | args : String[] | provenance | |
|
||||
| AllowListSanitizerWithJavaUtilSet.java:47:26:47:38 | args : String[] | AllowListSanitizerWithJavaUtilSet.java:52:25:52:28 | args : String[] | provenance | |
|
||||
| AllowListSanitizerWithJavaUtilSet.java:47:26:47:38 | args : String[] | AllowListSanitizerWithJavaUtilSet.java:53:23:53:26 | args : String[] | provenance | |
|
||||
| AllowListSanitizerWithJavaUtilSet.java:47:26:47:38 | args : String[] | AllowListSanitizerWithJavaUtilSet.java:54:14:54:17 | args : String[] | provenance | |
|
||||
| AllowListSanitizerWithJavaUtilSet.java:49:20:49:23 | args : String[] | AllowListSanitizerWithJavaUtilSet.java:57:39:57:51 | args : String[] | provenance | |
|
||||
| AllowListSanitizerWithJavaUtilSet.java:50:13:50:16 | args : String[] | AllowListSanitizerWithJavaUtilSet.java:131:32:131:44 | args : String[] | provenance | |
|
||||
| AllowListSanitizerWithJavaUtilSet.java:52:25:52:28 | args : String[] | AllowListSanitizerWithJavaUtilSet.java:121:35:121:47 | args : String[] | provenance | |
|
||||
| AllowListSanitizerWithJavaUtilSet.java:53:23:53:26 | args : String[] | AllowListSanitizerWithJavaUtilSet.java:246:42:246:54 | args : String[] | provenance | |
|
||||
| AllowListSanitizerWithJavaUtilSet.java:54:14:54:17 | args : String[] | AllowListSanitizerWithJavaUtilSet.java:282:33:282:45 | args : String[] | provenance | |
|
||||
| AllowListSanitizerWithJavaUtilSet.java:57:39:57:51 | args : String[] | AllowListSanitizerWithJavaUtilSet.java:87:66:87:70 | query | provenance | Sink:MaD:6 |
|
||||
| AllowListSanitizerWithJavaUtilSet.java:57:39:57:51 | args : String[] | AllowListSanitizerWithJavaUtilSet.java:93:66:93:70 | query | provenance | Sink:MaD:6 |
|
||||
| AllowListSanitizerWithJavaUtilSet.java:57:39:57:51 | args : String[] | AllowListSanitizerWithJavaUtilSet.java:99:66:99:70 | query | provenance | Sink:MaD:6 |
|
||||
| AllowListSanitizerWithJavaUtilSet.java:57:39:57:51 | args : String[] | AllowListSanitizerWithJavaUtilSet.java:105:66:105:70 | query | provenance | Sink:MaD:6 |
|
||||
| AllowListSanitizerWithJavaUtilSet.java:57:39:57:51 | args : String[] | AllowListSanitizerWithJavaUtilSet.java:111:66:111:70 | query | provenance | Sink:MaD:6 |
|
||||
| AllowListSanitizerWithJavaUtilSet.java:57:39:57:51 | args : String[] | AllowListSanitizerWithJavaUtilSet.java:117:66:117:70 | query | provenance | Sink:MaD:6 |
|
||||
| AllowListSanitizerWithJavaUtilSet.java:121:35:121:47 | args : String[] | AllowListSanitizerWithJavaUtilSet.java:127:66:127:70 | query | provenance | Sink:MaD:6 |
|
||||
| AllowListSanitizerWithJavaUtilSet.java:131:32:131:44 | args : String[] | AllowListSanitizerWithJavaUtilSet.java:148:67:148:71 | query | provenance | Sink:MaD:6 |
|
||||
| AllowListSanitizerWithJavaUtilSet.java:131:32:131:44 | args : String[] | AllowListSanitizerWithJavaUtilSet.java:168:67:168:71 | query | provenance | Sink:MaD:6 |
|
||||
| AllowListSanitizerWithJavaUtilSet.java:131:32:131:44 | args : String[] | AllowListSanitizerWithJavaUtilSet.java:186:67:186:71 | query | provenance | Sink:MaD:6 |
|
||||
| AllowListSanitizerWithJavaUtilSet.java:131:32:131:44 | args : String[] | AllowListSanitizerWithJavaUtilSet.java:206:67:206:71 | query | provenance | Sink:MaD:6 |
|
||||
| AllowListSanitizerWithJavaUtilSet.java:131:32:131:44 | args : String[] | AllowListSanitizerWithJavaUtilSet.java:230:67:230:71 | query | provenance | Sink:MaD:6 |
|
||||
| AllowListSanitizerWithJavaUtilSet.java:131:32:131:44 | args : String[] | AllowListSanitizerWithJavaUtilSet.java:241:67:241:71 | query | provenance | Sink:MaD:6 |
|
||||
| AllowListSanitizerWithJavaUtilSet.java:246:42:246:54 | args : String[] | AllowListSanitizerWithJavaUtilSet.java:259:67:259:71 | query | provenance | Sink:MaD:6 |
|
||||
| AllowListSanitizerWithJavaUtilSet.java:246:42:246:54 | args : String[] | AllowListSanitizerWithJavaUtilSet.java:268:67:268:71 | query | provenance | Sink:MaD:6 |
|
||||
| AllowListSanitizerWithJavaUtilSet.java:246:42:246:54 | args : String[] | AllowListSanitizerWithJavaUtilSet.java:277:67:277:71 | query | provenance | Sink:MaD:6 |
|
||||
| AllowListSanitizerWithJavaUtilSet.java:282:33:282:45 | args : String[] | AllowListSanitizerWithJavaUtilSet.java:292:67:292:71 | query | provenance | Sink:MaD:6 |
|
||||
| Mongo.java:10:29:10:41 | args : String[] | Mongo.java:17:56:17:66 | stringQuery : String | provenance | |
|
||||
| Mongo.java:10:29:10:41 | args : String[] | Mongo.java:21:49:21:52 | json | provenance | |
|
||||
| Mongo.java:17:56:17:66 | stringQuery : String | Mongo.java:17:45:17:67 | parse(...) | provenance | Config |
|
||||
@@ -40,6 +128,62 @@ models
|
||||
| 6 | Summary: java.lang; AbstractStringBuilder; true; append; ; ; Argument[0]; Argument[this]; taint; manual |
|
||||
| 7 | Summary: java.lang; CharSequence; true; toString; ; ; Argument[this]; ReturnValue; taint; manual |
|
||||
nodes
|
||||
| AllowListSanitizerWithJavaUtilList.java:48:26:48:38 | args : String[] | semmle.label | args : String[] |
|
||||
| AllowListSanitizerWithJavaUtilList.java:50:20:50:23 | args : String[] | semmle.label | args : String[] |
|
||||
| AllowListSanitizerWithJavaUtilList.java:51:13:51:16 | args : String[] | semmle.label | args : String[] |
|
||||
| AllowListSanitizerWithJavaUtilList.java:53:25:53:28 | args : String[] | semmle.label | args : String[] |
|
||||
| AllowListSanitizerWithJavaUtilList.java:54:23:54:26 | args : String[] | semmle.label | args : String[] |
|
||||
| AllowListSanitizerWithJavaUtilList.java:55:14:55:17 | args : String[] | semmle.label | args : String[] |
|
||||
| AllowListSanitizerWithJavaUtilList.java:58:39:58:51 | args : String[] | semmle.label | args : String[] |
|
||||
| AllowListSanitizerWithJavaUtilList.java:88:66:88:70 | query | semmle.label | query |
|
||||
| AllowListSanitizerWithJavaUtilList.java:94:66:94:70 | query | semmle.label | query |
|
||||
| AllowListSanitizerWithJavaUtilList.java:100:66:100:70 | query | semmle.label | query |
|
||||
| AllowListSanitizerWithJavaUtilList.java:106:66:106:70 | query | semmle.label | query |
|
||||
| AllowListSanitizerWithJavaUtilList.java:112:66:112:70 | query | semmle.label | query |
|
||||
| AllowListSanitizerWithJavaUtilList.java:118:66:118:70 | query | semmle.label | query |
|
||||
| AllowListSanitizerWithJavaUtilList.java:122:35:122:47 | args : String[] | semmle.label | args : String[] |
|
||||
| AllowListSanitizerWithJavaUtilList.java:128:66:128:70 | query | semmle.label | query |
|
||||
| AllowListSanitizerWithJavaUtilList.java:132:32:132:44 | args : String[] | semmle.label | args : String[] |
|
||||
| AllowListSanitizerWithJavaUtilList.java:149:67:149:71 | query | semmle.label | query |
|
||||
| AllowListSanitizerWithJavaUtilList.java:169:67:169:71 | query | semmle.label | query |
|
||||
| AllowListSanitizerWithJavaUtilList.java:187:67:187:71 | query | semmle.label | query |
|
||||
| AllowListSanitizerWithJavaUtilList.java:207:67:207:71 | query | semmle.label | query |
|
||||
| AllowListSanitizerWithJavaUtilList.java:231:67:231:71 | query | semmle.label | query |
|
||||
| AllowListSanitizerWithJavaUtilList.java:242:67:242:71 | query | semmle.label | query |
|
||||
| AllowListSanitizerWithJavaUtilList.java:247:42:247:54 | args : String[] | semmle.label | args : String[] |
|
||||
| AllowListSanitizerWithJavaUtilList.java:260:67:260:71 | query | semmle.label | query |
|
||||
| AllowListSanitizerWithJavaUtilList.java:269:67:269:71 | query | semmle.label | query |
|
||||
| AllowListSanitizerWithJavaUtilList.java:278:67:278:71 | query | semmle.label | query |
|
||||
| AllowListSanitizerWithJavaUtilList.java:283:33:283:45 | args : String[] | semmle.label | args : String[] |
|
||||
| AllowListSanitizerWithJavaUtilList.java:293:67:293:71 | query | semmle.label | query |
|
||||
| AllowListSanitizerWithJavaUtilSet.java:47:26:47:38 | args : String[] | semmle.label | args : String[] |
|
||||
| AllowListSanitizerWithJavaUtilSet.java:49:20:49:23 | args : String[] | semmle.label | args : String[] |
|
||||
| AllowListSanitizerWithJavaUtilSet.java:50:13:50:16 | args : String[] | semmle.label | args : String[] |
|
||||
| AllowListSanitizerWithJavaUtilSet.java:52:25:52:28 | args : String[] | semmle.label | args : String[] |
|
||||
| AllowListSanitizerWithJavaUtilSet.java:53:23:53:26 | args : String[] | semmle.label | args : String[] |
|
||||
| AllowListSanitizerWithJavaUtilSet.java:54:14:54:17 | args : String[] | semmle.label | args : String[] |
|
||||
| AllowListSanitizerWithJavaUtilSet.java:57:39:57:51 | args : String[] | semmle.label | args : String[] |
|
||||
| AllowListSanitizerWithJavaUtilSet.java:87:66:87:70 | query | semmle.label | query |
|
||||
| AllowListSanitizerWithJavaUtilSet.java:93:66:93:70 | query | semmle.label | query |
|
||||
| AllowListSanitizerWithJavaUtilSet.java:99:66:99:70 | query | semmle.label | query |
|
||||
| AllowListSanitizerWithJavaUtilSet.java:105:66:105:70 | query | semmle.label | query |
|
||||
| AllowListSanitizerWithJavaUtilSet.java:111:66:111:70 | query | semmle.label | query |
|
||||
| AllowListSanitizerWithJavaUtilSet.java:117:66:117:70 | query | semmle.label | query |
|
||||
| AllowListSanitizerWithJavaUtilSet.java:121:35:121:47 | args : String[] | semmle.label | args : String[] |
|
||||
| AllowListSanitizerWithJavaUtilSet.java:127:66:127:70 | query | semmle.label | query |
|
||||
| AllowListSanitizerWithJavaUtilSet.java:131:32:131:44 | args : String[] | semmle.label | args : String[] |
|
||||
| AllowListSanitizerWithJavaUtilSet.java:148:67:148:71 | query | semmle.label | query |
|
||||
| AllowListSanitizerWithJavaUtilSet.java:168:67:168:71 | query | semmle.label | query |
|
||||
| AllowListSanitizerWithJavaUtilSet.java:186:67:186:71 | query | semmle.label | query |
|
||||
| AllowListSanitizerWithJavaUtilSet.java:206:67:206:71 | query | semmle.label | query |
|
||||
| AllowListSanitizerWithJavaUtilSet.java:230:67:230:71 | query | semmle.label | query |
|
||||
| AllowListSanitizerWithJavaUtilSet.java:241:67:241:71 | query | semmle.label | query |
|
||||
| AllowListSanitizerWithJavaUtilSet.java:246:42:246:54 | args : String[] | semmle.label | args : String[] |
|
||||
| AllowListSanitizerWithJavaUtilSet.java:259:67:259:71 | query | semmle.label | query |
|
||||
| AllowListSanitizerWithJavaUtilSet.java:268:67:268:71 | query | semmle.label | query |
|
||||
| AllowListSanitizerWithJavaUtilSet.java:277:67:277:71 | query | semmle.label | query |
|
||||
| AllowListSanitizerWithJavaUtilSet.java:282:33:282:45 | args : String[] | semmle.label | args : String[] |
|
||||
| AllowListSanitizerWithJavaUtilSet.java:292:67:292:71 | query | semmle.label | query |
|
||||
| Mongo.java:10:29:10:41 | args : String[] | semmle.label | args : String[] |
|
||||
| Mongo.java:17:45:17:67 | parse(...) | semmle.label | parse(...) |
|
||||
| Mongo.java:17:56:17:66 | stringQuery : String | semmle.label | stringQuery : String |
|
||||
|
||||
Reference in New Issue
Block a user