hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-26 09:15:12 +02:00
Code Issues Packages Projects Releases Wiki Activity

Add review suggestions

Browse Source
This commit is contained in:
Tony Torralba
2022-09-23 09:41:29 +02:00
parent 0650c016f6
commit 389e8c4fe8
3 changed files with 11 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
java/ql/lib/change-notes/2022-09-22-stringjoiner-summaries.md
View File

@@ -2,4 +2,3 @@
category: minorAnalysis
---
* Added new flow steps for `java.util.StringJoiner`.

13
java/ql/test/library-tests/dataflow/taint/StringJoinerTests.java
View File

@@ -16,22 +16,22 @@ public class StringJoinerTests {
out = new StringJoiner(in);
sink(out);
}
// "java.util;StringJoiner;true;StringJoiner;(CharSequence,CharSequence,CharSequence);;Argument[0];Argument[-1];taint;manual"
{
// "java.util;StringJoiner;true;StringJoiner;(CharSequence,CharSequence,CharSequence);;Argument[0];Argument[-1];taint;manual"
StringJoiner out = null;
CharSequence in = (CharSequence) taint();
out = new StringJoiner(in, null, null);
sink(out);
}
// "java.util;StringJoiner;true;StringJoiner;(CharSequence,CharSequence,CharSequence);;Argument[1];Argument[-1];taint;manual"
{
// "java.util;StringJoiner;true;StringJoiner;(CharSequence,CharSequence,CharSequence);;Argument[1];Argument[-1];taint;manual"
StringJoiner out = null;
CharSequence in = (CharSequence) taint();
out = new StringJoiner(null, in, null);
sink(out);
}
// "java.util;StringJoiner;true;StringJoiner;(CharSequence,CharSequence,CharSequence);;Argument[2];Argument[-1];taint;manual"
{
// "java.util;StringJoiner;true;StringJoiner;(CharSequence,CharSequence,CharSequence);;Argument[2];Argument[-1];taint;manual"
StringJoiner out = null;
CharSequence in = (CharSequence) taint();
out = new StringJoiner(null, null, in);
@@ -72,6 +72,13 @@ public class StringJoinerTests {
out = in.setEmptyValue(null);
sink(out);
}
{
// "java.util;StringJoiner;true;setEmptyValue;;;Argument[0];Argument[-1];taint;manual"
StringJoiner out = null;
CharSequence in = (CharSequence) taint();
out.setEmptyValue(in);
sink(out);
}
{
// "java.util;StringJoiner;true;toString;;;Argument[-1];ReturnValue;taint;manual"
String out = null;

1
java/ql/test/library-tests/dataflow/taint/test.expected
View File

@@ -81,6 +81,7 @@
| StringJoinerTests.java:64:37:64:43 | taint(...) | StringJoinerTests.java:66:9:66:11 | out |
| StringJoinerTests.java:71:37:71:43 | taint(...) | StringJoinerTests.java:73:9:73:11 | out |
| StringJoinerTests.java:78:37:78:43 | taint(...) | StringJoinerTests.java:80:9:80:11 | out |
| StringJoinerTests.java:85:37:85:43 | taint(...) | StringJoinerTests.java:87:9:87:11 | out |
| Varargs.java:7:8:7:14 | taint(...) | Varargs.java:14:10:14:10 | s |
| Varargs.java:8:8:8:14 | taint(...) | Varargs.java:19:10:19:10 | s |
| Varargs.java:8:17:8:23 | taint(...) | Varargs.java:19:10:19:10 | s |