mirror of
https://github.com/github/codeql.git
synced 2026-04-23 15:55:18 +02:00
update inline tests
This commit is contained in:
am0o0
@@ -35,29 +35,29 @@ import org.apache.commons.compress.compressors.z.ZCompressorInputStream;
|
||||
public class CommonsCompressHandler {
|
||||
|
||||
static void commonsCompressArchiveInputStream(InputStream inputStream) throws ArchiveException {
|
||||
new ArArchiveInputStream(inputStream); // $bomb
|
||||
new ArjArchiveInputStream(inputStream); // $bomb
|
||||
new CpioArchiveInputStream(inputStream); // $bomb
|
||||
new JarArchiveInputStream(inputStream); // $bomb
|
||||
new ZipArchiveInputStream(inputStream); // $bomb
|
||||
new ArArchiveInputStream(inputStream); // $ hasTaintFlow="inputStream"
|
||||
new ArjArchiveInputStream(inputStream); // $ hasTaintFlow="inputStream"
|
||||
new CpioArchiveInputStream(inputStream); // $ hasTaintFlow="inputStream"
|
||||
new JarArchiveInputStream(inputStream); // $ hasTaintFlow="inputStream"
|
||||
new ZipArchiveInputStream(inputStream); // $ hasTaintFlow="inputStream"
|
||||
}
|
||||
|
||||
public static void commonsCompressorInputStream(InputStream inputStream) throws IOException {
|
||||
BufferedInputStream in = new BufferedInputStream(inputStream);
|
||||
OutputStream out = Files.newOutputStream(Path.of("tmpfile"));
|
||||
GzipCompressorInputStream gzIn = new GzipCompressorInputStream(in); // $bomb
|
||||
GzipCompressorInputStream gzIn = new GzipCompressorInputStream(in); // $ hasTaintFlow="in"
|
||||
// for testing
|
||||
new BrotliCompressorInputStream(in); // $bomb
|
||||
new BZip2CompressorInputStream(in); // $bomb
|
||||
new DeflateCompressorInputStream(in); // $bomb
|
||||
new Deflate64CompressorInputStream(in); // $bomb
|
||||
new BlockLZ4CompressorInputStream(in); // $bomb
|
||||
new LZMACompressorInputStream(in); // $bomb
|
||||
new Pack200CompressorInputStream(in); // $bomb
|
||||
new SnappyCompressorInputStream(in); // $bomb
|
||||
new XZCompressorInputStream(in); // $bomb
|
||||
new ZCompressorInputStream(in); // $bomb
|
||||
new ZstdCompressorInputStream(in); // $bomb
|
||||
new BrotliCompressorInputStream(in); // $ hasTaintFlow="in"
|
||||
new BZip2CompressorInputStream(in); // $ hasTaintFlow="in"
|
||||
new DeflateCompressorInputStream(in); // $ hasTaintFlow="in"
|
||||
new Deflate64CompressorInputStream(in); // $ hasTaintFlow="in"
|
||||
new BlockLZ4CompressorInputStream(in); // $ hasTaintFlow="in"
|
||||
new LZMACompressorInputStream(in); // $ hasTaintFlow="in"
|
||||
new Pack200CompressorInputStream(in); // $ hasTaintFlow="in"
|
||||
new SnappyCompressorInputStream(in); // $ hasTaintFlow="in"
|
||||
new XZCompressorInputStream(in); // $ hasTaintFlow="in"
|
||||
new ZCompressorInputStream(in); // $ hasTaintFlow="in"
|
||||
new ZstdCompressorInputStream(in); // $ hasTaintFlow="in"
|
||||
|
||||
int buffersize = 4096;
|
||||
final byte[] buffer = new byte[buffersize];
|
||||
@@ -72,7 +72,7 @@ public class CommonsCompressHandler {
|
||||
static void commonsCompressArchiveInputStream2(InputStream inputStream) {
|
||||
byte[] readBuffer = new byte[4096];
|
||||
try (org.apache.commons.compress.archivers.zip.ZipArchiveInputStream zipInputStream =
|
||||
new org.apache.commons.compress.archivers.zip.ZipArchiveInputStream(inputStream)) { // $bomb
|
||||
new org.apache.commons.compress.archivers.zip.ZipArchiveInputStream(inputStream)) { // $ hasTaintFlow="inputStream"
|
||||
ArchiveEntry entry = null;
|
||||
while ((entry = zipInputStream.getNextEntry()) != null) {
|
||||
if (!zipInputStream.canReadEntryData(entry)) {
|
||||
@@ -104,7 +104,7 @@ public class CommonsCompressHandler {
|
||||
File f = new File("tmpfile");
|
||||
try (OutputStream outputStream = new FileOutputStream(f)) {
|
||||
int readLen;
|
||||
while ((readLen = zipInputStream.read(readBuffer)) != -1) { // $bomb
|
||||
while ((readLen = zipInputStream.read(readBuffer)) != -1) { // $ hasTaintFlow="zipInputStream"
|
||||
outputStream.write(readBuffer, 0, readLen);
|
||||
}
|
||||
}
|
||||
@@ -119,7 +119,7 @@ public class CommonsCompressHandler {
|
||||
int buffersize = 4096;
|
||||
final byte[] buffer = new byte[buffersize];
|
||||
int n = 0;
|
||||
while (-1 != (n = in.read(buffer))) { // $bomb
|
||||
while (-1 != (n = in.read(buffer))) { // $ hasTaintFlow="in"
|
||||
out.write(buffer, 0, n);
|
||||
}
|
||||
out.close();
|
||||
|
||||
@@ -10,7 +10,7 @@ public class SnappyHandler {
|
||||
public static void SnappyZipInputStream(InputStream inputStream) throws IOException {
|
||||
int readLen;
|
||||
byte[] readBuffer = new byte[4096];
|
||||
try (SnappyInputStream zipInputStream = new SnappyInputStream(inputStream)) { // $bomb
|
||||
try (SnappyInputStream zipInputStream = new SnappyInputStream(inputStream)) { // $ hasTaintFlow="inputStream"
|
||||
try (OutputStream outputStream = Files.newOutputStream(Paths.get("extractedFile"))) {
|
||||
while ((readLen = zipInputStream.read(readBuffer)) != -1) {
|
||||
outputStream.write(readBuffer, 0, readLen);
|
||||
|
||||
@@ -12,7 +12,7 @@ public class Zip4jHandler {
|
||||
LocalFileHeader localFileHeader;
|
||||
int readLen;
|
||||
byte[] readBuffer = new byte[4096];
|
||||
try (ZipInputStream zipInputStream = new ZipInputStream(inputStream)) { // $bomb
|
||||
try (ZipInputStream zipInputStream = new ZipInputStream(inputStream)) { // $ hasTaintFlow="inputStream"
|
||||
while ((localFileHeader = zipInputStream.getNextEntry()) != null) {
|
||||
File extractedFile = new File(localFileHeader.getFileName());
|
||||
try (OutputStream outputStream = new FileOutputStream(extractedFile)) {
|
||||
@@ -28,7 +28,7 @@ public class Zip4jHandler {
|
||||
LocalFileHeader localFileHeader;
|
||||
int readLen;
|
||||
byte[] readBuffer = new byte[4096];
|
||||
try (ZipInputStream zipInputStream = new ZipInputStream(inputStream)) { // $bomb
|
||||
try (ZipInputStream zipInputStream = new ZipInputStream(inputStream)) { // $ hasTaintFlow="inputStream"
|
||||
while ((localFileHeader = zipInputStream.getNextEntry()) != null) {
|
||||
File extractedFile = new File(localFileHeader.getFileName());
|
||||
try (OutputStream outputStream = new FileOutputStream(extractedFile)) {
|
||||
|
||||
@@ -24,7 +24,7 @@ public class ZipHandler {
|
||||
// FileInputStream fis = new FileInputStream(filename);
|
||||
CRC32 checkSum = new CRC32();
|
||||
CheckedInputStream gzis = new CheckedInputStream(inputStream, checkSum);
|
||||
try (ZipInputStream zis = new ZipInputStream(new BufferedInputStream(inputStream))) { // $bomb
|
||||
try (ZipInputStream zis = new ZipInputStream(new BufferedInputStream(inputStream))) { // $ hasTaintFlow="new BufferedInputStream(...)"
|
||||
ZipEntry entry;
|
||||
int entries = 0;
|
||||
long total = 0;
|
||||
@@ -38,7 +38,7 @@ public class ZipHandler {
|
||||
}
|
||||
FileOutputStream fos = new FileOutputStream("/tmp/tmptmp");
|
||||
BufferedOutputStream dest = new BufferedOutputStream(fos, BUFFER);
|
||||
while (total + BUFFER <= TOOBIG && (count = zis.read(data, 0, BUFFER)) != -1) { // $bomb
|
||||
while (total + BUFFER <= TOOBIG && (count = zis.read(data, 0, BUFFER)) != -1) { // $ hasTaintFlow="zis"
|
||||
dest.write(data, 0, count);
|
||||
total += count;
|
||||
}
|
||||
@@ -63,7 +63,7 @@ public class ZipHandler {
|
||||
int BUFFER = 512;
|
||||
int TOOBIG = 100 * 1024 * 1024; // 100MB
|
||||
// FileInputStream fis = new FileInputStream(filename);
|
||||
try (ZipInputStream zis = new ZipInputStream(new BufferedInputStream(inputStream))) { // $bomb
|
||||
try (ZipInputStream zis = new ZipInputStream(new BufferedInputStream(inputStream))) { // $ hasTaintFlow="new BufferedInputStream(...)"
|
||||
ZipEntry entry;
|
||||
while ((entry = zis.getNextEntry()) != null) {
|
||||
System.out.println("Extracting: " + entry);
|
||||
@@ -78,7 +78,7 @@ public class ZipHandler {
|
||||
}
|
||||
FileOutputStream fos = new FileOutputStream(entry.getName());
|
||||
BufferedOutputStream dest = new BufferedOutputStream(fos, BUFFER);
|
||||
while ((count = zis.read(data, 0, BUFFER)) != -1) { // $bomb
|
||||
while ((count = zis.read(data, 0, BUFFER)) != -1) { // $ hasTaintFlow="zis"
|
||||
dest.write(data, 0, count);
|
||||
}
|
||||
dest.flush();
|
||||
@@ -91,7 +91,7 @@ public class ZipHandler {
|
||||
public static void ZipInputStreamUnsafe(InputStream inputStream) throws IOException {
|
||||
int BUFFER = 512;
|
||||
// FileInputStream fis = new FileInputStream(filename);
|
||||
try (ZipInputStream zis = new ZipInputStream(new BufferedInputStream(inputStream))) { // $bomb
|
||||
try (ZipInputStream zis = new ZipInputStream(new BufferedInputStream(inputStream))) { // $ hasTaintFlow="new BufferedInputStream(...)"
|
||||
ZipEntry entry;
|
||||
while ((entry = zis.getNextEntry()) != null) {
|
||||
System.out.println("Extracting: " + entry);
|
||||
@@ -100,7 +100,7 @@ public class ZipHandler {
|
||||
// Write the files to the disk
|
||||
FileOutputStream fos = new FileOutputStream(entry.getName());
|
||||
BufferedOutputStream dest = new BufferedOutputStream(fos, BUFFER);
|
||||
while ((count = zis.read(data, 0, BUFFER)) != -1) { // $bomb
|
||||
while ((count = zis.read(data, 0, BUFFER)) != -1) { // $ hasTaintFlow="zis"
|
||||
dest.write(data, 0, count);
|
||||
}
|
||||
dest.flush();
|
||||
@@ -112,12 +112,12 @@ public class ZipHandler {
|
||||
|
||||
public static void GZipInputStreamUnsafe(InputStream inputStream) throws IOException {
|
||||
int BUFFER = 512;
|
||||
try (GZIPInputStream gzis = new GZIPInputStream(inputStream)) { // $bomb
|
||||
try (GZIPInputStream gzis = new GZIPInputStream(inputStream)) { // $ hasTaintFlow="inputStream"
|
||||
int count;
|
||||
byte[] data = new byte[BUFFER];
|
||||
FileOutputStream fos = new FileOutputStream("/tmp/tmp");
|
||||
BufferedOutputStream dest = new BufferedOutputStream(fos, BUFFER);
|
||||
while ((count = gzis.read(data, 0, BUFFER)) != -1) { // $bomb
|
||||
while ((count = gzis.read(data, 0, BUFFER)) != -1) { // $ hasTaintFlow="gzis"
|
||||
dest.write(data, 0, count);
|
||||
}
|
||||
dest.flush();
|
||||
@@ -127,12 +127,12 @@ public class ZipHandler {
|
||||
|
||||
public static void InflaterInputStreamUnsafe(InputStream inputStream) throws IOException {
|
||||
int BUFFER = 512;
|
||||
try (InflaterInputStream Izis = new InflaterInputStream(inputStream)) { // $bomb
|
||||
try (InflaterInputStream Izis = new InflaterInputStream(inputStream)) { // $ hasTaintFlow="inputStream"
|
||||
int count;
|
||||
byte[] data = new byte[BUFFER];
|
||||
FileOutputStream fos = new FileOutputStream("/tmp/tmp");
|
||||
BufferedOutputStream dest = new BufferedOutputStream(fos, BUFFER);
|
||||
while ((count = Izis.read(data, 0, BUFFER)) != -1) { // $bomb
|
||||
while ((count = Izis.read(data, 0, BUFFER)) != -1) { // $ hasTaintFlow="Izis"
|
||||
dest.write(data, 0, count);
|
||||
}
|
||||
dest.flush();
|
||||
@@ -142,7 +142,7 @@ public class ZipHandler {
|
||||
|
||||
public static void InflaterUnsafe(byte[] inputBytes) throws DataFormatException, IOException {
|
||||
Inflater inflater = new Inflater();
|
||||
inflater.setInput(inputBytes); // $bomb
|
||||
inflater.setInput(inputBytes); // $ hasTaintFlow="inputBytes"
|
||||
try (final ByteArrayOutputStream outputStream = new ByteArrayOutputStream(inputBytes.length)) {
|
||||
byte[] buffer = new byte[1024];
|
||||
while (!inflater.finished()) {
|
||||
@@ -156,7 +156,7 @@ public class ZipHandler {
|
||||
public static void ZipFile1(String zipFilePath) throws DataFormatException, IOException {
|
||||
try {
|
||||
System.out.println("zipFilePath = " + zipFilePath);
|
||||
ZipFile zipFile = new ZipFile(zipFilePath); // $bomb
|
||||
ZipFile zipFile = new ZipFile(zipFilePath); // $ hasTaintFlow="zipFilePath"
|
||||
Enumeration<? extends ZipEntry> entries = zipFile.entries();
|
||||
while (entries.hasMoreElements()) {
|
||||
ZipEntry entry = entries.nextElement();
|
||||
@@ -169,7 +169,7 @@ public class ZipHandler {
|
||||
} else {
|
||||
String destPath = "tmp" + File.separator + entry.getName();
|
||||
|
||||
try (InputStream inputStream = zipFile.getInputStream(entry); // $bomb
|
||||
try (InputStream inputStream = zipFile.getInputStream(entry); // $ hasTaintFlow="zipFile"
|
||||
FileOutputStream outputStream = new FileOutputStream(destPath);) {
|
||||
int data = inputStream.read();
|
||||
while (data != -1) {
|
||||
|
||||
@@ -1,2 +0,0 @@
|
||||
testFailures
|
||||
failures
|
||||
|
||||
@@ -1,18 +1,9 @@
|
||||
import java
|
||||
import experimental.semmle.code.java.security.DecompressionBombQuery
|
||||
import TestUtilities.InlineExpectationsTest
|
||||
import TestUtilities.InlineFlowTest
|
||||
import TaintFlowTestArgString<DecompressionBombsConfig, getArgString/2>
|
||||
|
||||
module BombTest implements TestSig {
|
||||
string getARelevantTag() { result = "bomb" }
|
||||
|
||||
predicate hasActualResult(Location location, string element, string tag, string value) {
|
||||
tag = "bomb" and
|
||||
exists(DataFlow::Node sink | DecompressionBombsFlow::flowTo(sink) |
|
||||
sink.getLocation() = location and
|
||||
element = sink.toString() and
|
||||
value = ""
|
||||
)
|
||||
}
|
||||
string getArgString(DataFlow::Node src, DataFlow::Node sink) {
|
||||
exists(src) and
|
||||
result = "\"" + sink.toString() + "\""
|
||||
}
|
||||
|
||||
import MakeTest<BombTest>
|
||||
|
||||
Reference in New Issue
Block a user