mirror of
https://github.com/github/codeql.git
synced 2025-12-16 16:53:25 +01:00
Merge pull request #6407 from bmuskalla/charSeqSubSeq
Java: Track taint for CharSequence#subSequence
This commit is contained in:
Anders Schack-Mulligen
@@ -89,6 +89,7 @@ private module Frameworks {
|
||||
private import semmle.code.java.frameworks.JsonJava
|
||||
private import semmle.code.java.frameworks.Objects
|
||||
private import semmle.code.java.frameworks.Optional
|
||||
private import semmle.code.java.frameworks.Strings
|
||||
private import semmle.code.java.frameworks.spring.SpringCache
|
||||
private import semmle.code.java.frameworks.spring.SpringHttp
|
||||
private import semmle.code.java.frameworks.spring.SpringUtil
|
||||
|
||||
@@ -84,36 +84,6 @@ abstract class TaintPreservingCallable extends Callable {
|
||||
predicate transfersTaint(int src, int sink) { none() }
|
||||
}
|
||||
|
||||
private class StringTaintPreservingMethod extends TaintPreservingCallable {
|
||||
StringTaintPreservingMethod() {
|
||||
this.getDeclaringType() instanceof TypeString and
|
||||
(
|
||||
this.hasName([
|
||||
"concat", "copyValueOf", "endsWith", "format", "formatted", "getBytes", "indent",
|
||||
"intern", "join", "repeat", "split", "strip", "stripIndent", "stripLeading",
|
||||
"stripTrailing", "substring", "toCharArray", "toLowerCase", "toString", "toUpperCase",
|
||||
"trim"
|
||||
])
|
||||
or
|
||||
this.hasName("valueOf") and this.getParameterType(0) instanceof Array
|
||||
)
|
||||
}
|
||||
|
||||
override predicate returnsTaintFrom(int arg) {
|
||||
arg = -1 and not this.isStatic()
|
||||
or
|
||||
this.hasName(["concat", "copyValueOf", "valueOf"]) and arg = 0
|
||||
or
|
||||
this.hasName(["format", "formatted", "join"]) and arg = [0 .. getNumberOfParameters()]
|
||||
}
|
||||
}
|
||||
|
||||
private class StringTaintPreservingConstructor extends Constructor, TaintPreservingCallable {
|
||||
StringTaintPreservingConstructor() { this.getDeclaringType() instanceof TypeString }
|
||||
|
||||
override predicate returnsTaintFrom(int arg) { arg = 0 }
|
||||
}
|
||||
|
||||
private class NumberTaintPreservingCallable extends TaintPreservingCallable {
|
||||
int argument;
|
||||
|
||||
@@ -133,46 +103,3 @@ private class NumberTaintPreservingCallable extends TaintPreservingCallable {
|
||||
|
||||
override predicate returnsTaintFrom(int arg) { arg = argument }
|
||||
}
|
||||
|
||||
/** Holds for the types `StringBuilder`, `StringBuffer`, and `StringWriter`. */
|
||||
private predicate stringBuilderType(RefType t) {
|
||||
t instanceof StringBuildingType or
|
||||
t.hasQualifiedName("java.io", "StringWriter")
|
||||
}
|
||||
|
||||
private class StringBuilderTaintPreservingCallable extends TaintPreservingCallable {
|
||||
StringBuilderTaintPreservingCallable() {
|
||||
exists(Method m |
|
||||
this.(Method).overrides*(m) and
|
||||
stringBuilderType(m.getDeclaringType()) and
|
||||
m.hasName(["append", "insert", "replace", "toString", "write"])
|
||||
)
|
||||
or
|
||||
this.(Constructor).getParameterType(0) instanceof RefType and
|
||||
stringBuilderType(this.getDeclaringType())
|
||||
}
|
||||
|
||||
override predicate returnsTaintFrom(int arg) {
|
||||
arg = -1 and
|
||||
not this instanceof Constructor
|
||||
or
|
||||
this instanceof Constructor and arg = 0
|
||||
or
|
||||
this.hasName("append") and arg = 0
|
||||
or
|
||||
this.hasName("insert") and arg = 1
|
||||
or
|
||||
this.hasName("replace") and arg = 2
|
||||
}
|
||||
|
||||
override predicate transfersTaint(int src, int sink) {
|
||||
returnsTaintFrom(src) and
|
||||
sink = -1 and
|
||||
src != -1 and
|
||||
not this instanceof Constructor
|
||||
or
|
||||
this.hasName("write") and
|
||||
src = 0 and
|
||||
sink = -1
|
||||
}
|
||||
}
|
||||
|
||||
@@ -147,8 +147,6 @@ private predicate localAdditionalTaintExprStep(Expr src, Expr sink) {
|
||||
or
|
||||
comparisonStep(src, sink)
|
||||
or
|
||||
stringBuilderStep(src, sink)
|
||||
or
|
||||
serializationStep(src, sink)
|
||||
or
|
||||
formatStep(src, sink)
|
||||
@@ -392,15 +390,6 @@ private predicate comparisonStep(Expr tracked, Expr sink) {
|
||||
)
|
||||
}
|
||||
|
||||
/** Flow through a `StringBuilder`. */
|
||||
private predicate stringBuilderStep(Expr tracked, Expr sink) {
|
||||
exists(StringBuilderVar sbvar, MethodAccess input, int arg |
|
||||
input = sbvar.getAnInput(arg) and
|
||||
tracked = input.getArgument(arg) and
|
||||
sink = sbvar.getToStringCall()
|
||||
)
|
||||
}
|
||||
|
||||
/** Flow through data serialization. */
|
||||
private predicate serializationStep(Expr tracked, Expr sink) {
|
||||
exists(ObjectOutputStreamVar v, VariableAssign def |
|
||||
|
||||
@@ -9,7 +9,8 @@ private class ObjectsSummaryCsv extends SummaryModelCsv {
|
||||
[
|
||||
//`namespace; type; subtypes; name; signature; ext; input; output; kind`
|
||||
"java.util;Objects;false;requireNonNull;;;Argument[0];ReturnValue;value",
|
||||
"java.util;Objects;false;requireNonNullElse;;;Argument[0..1];ReturnValue;value",
|
||||
"java.util;Objects;false;requireNonNullElse;;;Argument[0];ReturnValue;value",
|
||||
"java.util;Objects;false;requireNonNullElse;;;Argument[1];ReturnValue;value",
|
||||
"java.util;Objects;false;requireNonNullElseGet;;;Argument[0];ReturnValue;value",
|
||||
"java.util;Objects;false;toString;;;Argument[1];ReturnValue;value"
|
||||
]
|
||||
|
||||
58
java/ql/lib/semmle/code/java/frameworks/Strings.qll
Normal file
58
java/ql/lib/semmle/code/java/frameworks/Strings.qll
Normal file
@@ -0,0 +1,58 @@
|
||||
/** Definitions of taint steps in String and String-related classes of the JDK */
|
||||
|
||||
import java
|
||||
private import semmle.code.java.dataflow.ExternalFlow
|
||||
|
||||
private class StringSummaryCsv extends SummaryModelCsv {
|
||||
override predicate row(string row) {
|
||||
row =
|
||||
[
|
||||
//`namespace; type; subtypes; name; signature; ext; input; output; kind`
|
||||
"java.lang;String;false;concat;(String);;Argument[0];ReturnValue;taint",
|
||||
"java.lang;String;false;concat;(String);;Argument[-1];ReturnValue;taint",
|
||||
"java.lang;String;false;copyValueOf;;;Argument[0];ReturnValue;taint",
|
||||
"java.lang;String;false;endsWith;;;Argument[-1];ReturnValue;taint",
|
||||
"java.lang;String;false;format;(Locale,String,Object[]);;Argument[1];ReturnValue;taint",
|
||||
"java.lang;String;false;format;(Locale,String,Object[]);;ArrayElement of Argument[2];ReturnValue;taint",
|
||||
"java.lang;String;false;format;(String,Object[]);;Argument[0];ReturnValue;taint",
|
||||
"java.lang;String;false;format;(String,Object[]);;ArrayElement of Argument[1];ReturnValue;taint",
|
||||
"java.lang;String;false;formatted;(Object[]);;Argument[-1];ReturnValue;taint",
|
||||
"java.lang;String;false;formatted;(Object[]);;ArrayElement of Argument[0];ReturnValue;taint",
|
||||
"java.lang;String;false;getBytes;;;Argument[-1];ReturnValue;taint",
|
||||
"java.lang;String;false;indent;;;Argument[-1];ReturnValue;taint",
|
||||
"java.lang;String;false;intern;;;Argument[-1];ReturnValue;taint",
|
||||
"java.lang;String;false;join;;;Argument[0..1];ReturnValue;taint",
|
||||
"java.lang;String;false;repeat;(int);;Argument[-1];ReturnValue;taint",
|
||||
"java.lang;String;false;split;;;Argument[-1];ReturnValue;taint",
|
||||
"java.lang;String;false;String;;;Argument[0];Argument[-1];taint",
|
||||
"java.lang;String;false;strip;;;Argument[-1];ReturnValue;taint",
|
||||
"java.lang;String;false;stripIndent;;;Argument[-1];ReturnValue;taint",
|
||||
"java.lang;String;false;stripLeading;;;Argument[-1];ReturnValue;taint",
|
||||
"java.lang;String;false;stripTrailing;;;Argument[-1];ReturnValue;taint",
|
||||
"java.lang;String;false;substring;;;Argument[-1];ReturnValue;taint",
|
||||
"java.lang;String;false;toCharArray;;;Argument[-1];ReturnValue;taint",
|
||||
"java.lang;String;false;toLowerCase;;;Argument[-1];ReturnValue;taint",
|
||||
"java.lang;String;false;toString;;;Argument[-1];ReturnValue;value",
|
||||
"java.lang;String;false;toUpperCase;;;Argument[-1];ReturnValue;taint",
|
||||
"java.lang;String;false;trim;;;Argument[-1];ReturnValue;taint",
|
||||
"java.lang;String;false;valueOf;(char);;Argument[0];ReturnValue;taint",
|
||||
"java.lang;String;false;valueOf;(char[],int,int);;Argument[0];ReturnValue;taint",
|
||||
"java.lang;String;false;valueOf;(char[]);;Argument[0];ReturnValue;taint",
|
||||
"java.io;StringWriter;true;append;;;Argument[0];Argument[-1];taint",
|
||||
"java.io;StringWriter;true;append;;;Argument[-1];ReturnValue;value",
|
||||
"java.io;StringWriter;true;write;;;Argument[0];Argument[-1];taint",
|
||||
"java.lang;AbstractStringBuilder;true;AbstractStringBuilder;(String);;Argument[0];Argument[-1];taint",
|
||||
"java.lang;AbstractStringBuilder;true;append;;;Argument[0];Argument[-1];taint",
|
||||
"java.lang;AbstractStringBuilder;true;append;;;Argument[-1];ReturnValue;value",
|
||||
"java.lang;AbstractStringBuilder;true;insert;;;Argument[1];Argument[-1];taint",
|
||||
"java.lang;AbstractStringBuilder;true;insert;;;Argument[-1];ReturnValue;value",
|
||||
"java.lang;AbstractStringBuilder;true;replace;;;Argument[-1];ReturnValue;value",
|
||||
"java.lang;AbstractStringBuilder;true;replace;;;Argument[2];Argument[-1];taint",
|
||||
"java.lang;AbstractStringBuilder;true;toString;;;Argument[-1];ReturnValue;taint",
|
||||
"java.lang;StringBuffer;true;StringBuffer;(CharSequence);;Argument[0];Argument[-1];taint",
|
||||
"java.lang;StringBuffer;true;StringBuffer;(String);;Argument[0];Argument[-1];taint",
|
||||
"java.lang;StringBuilder;true;StringBuilder;;;Argument[0];Argument[-1];taint",
|
||||
"java.lang;CharSequence;true;subSequence;;;Argument[-1];ReturnValue;taint"
|
||||
]
|
||||
}
|
||||
}
|
||||
@@ -1,6 +1,8 @@
|
||||
edges
|
||||
| JakartaExpressionInjection.java:23:25:23:47 | getInputStream(...) : InputStream | JakartaExpressionInjection.java:23:54:23:58 | bytes [post update] : byte[] |
|
||||
| JakartaExpressionInjection.java:23:54:23:58 | bytes [post update] : byte[] | JakartaExpressionInjection.java:25:31:25:40 | expression : String |
|
||||
| JakartaExpressionInjection.java:23:54:23:58 | bytes [post update] : byte[] | JakartaExpressionInjection.java:24:48:24:52 | bytes : byte[] |
|
||||
| JakartaExpressionInjection.java:24:37:24:59 | new String(...) : String | JakartaExpressionInjection.java:25:31:25:40 | expression : String |
|
||||
| JakartaExpressionInjection.java:24:48:24:52 | bytes : byte[] | JakartaExpressionInjection.java:24:37:24:59 | new String(...) : String |
|
||||
| JakartaExpressionInjection.java:25:31:25:40 | expression : String | JakartaExpressionInjection.java:32:24:32:33 | expression : String |
|
||||
| JakartaExpressionInjection.java:25:31:25:40 | expression : String | JakartaExpressionInjection.java:40:24:40:33 | expression : String |
|
||||
| JakartaExpressionInjection.java:25:31:25:40 | expression : String | JakartaExpressionInjection.java:48:24:48:33 | expression : String |
|
||||
@@ -20,6 +22,8 @@ edges
|
||||
nodes
|
||||
| JakartaExpressionInjection.java:23:25:23:47 | getInputStream(...) : InputStream | semmle.label | getInputStream(...) : InputStream |
|
||||
| JakartaExpressionInjection.java:23:54:23:58 | bytes [post update] : byte[] | semmle.label | bytes [post update] : byte[] |
|
||||
| JakartaExpressionInjection.java:24:37:24:59 | new String(...) : String | semmle.label | new String(...) : String |
|
||||
| JakartaExpressionInjection.java:24:48:24:52 | bytes : byte[] | semmle.label | bytes : byte[] |
|
||||
| JakartaExpressionInjection.java:25:31:25:40 | expression : String | semmle.label | expression : String |
|
||||
| JakartaExpressionInjection.java:32:24:32:33 | expression : String | semmle.label | expression : String |
|
||||
| JakartaExpressionInjection.java:34:28:34:37 | expression | semmle.label | expression |
|
||||
|
||||
@@ -2,7 +2,8 @@ edges
|
||||
| JythonInjection.java:28:23:28:50 | getParameter(...) : String | JythonInjection.java:36:30:36:33 | code |
|
||||
| JythonInjection.java:53:23:53:50 | getParameter(...) : String | JythonInjection.java:58:44:58:47 | code |
|
||||
| JythonInjection.java:73:23:73:50 | getParameter(...) : String | JythonInjection.java:81:35:81:38 | code |
|
||||
| JythonInjection.java:97:23:97:50 | getParameter(...) : String | JythonInjection.java:106:61:106:75 | getBytes(...) |
|
||||
| JythonInjection.java:97:23:97:50 | getParameter(...) : String | JythonInjection.java:106:61:106:64 | code : String |
|
||||
| JythonInjection.java:106:61:106:64 | code : String | JythonInjection.java:106:61:106:75 | getBytes(...) |
|
||||
nodes
|
||||
| JythonInjection.java:28:23:28:50 | getParameter(...) : String | semmle.label | getParameter(...) : String |
|
||||
| JythonInjection.java:36:30:36:33 | code | semmle.label | code |
|
||||
@@ -11,6 +12,7 @@ nodes
|
||||
| JythonInjection.java:73:23:73:50 | getParameter(...) : String | semmle.label | getParameter(...) : String |
|
||||
| JythonInjection.java:81:35:81:38 | code | semmle.label | code |
|
||||
| JythonInjection.java:97:23:97:50 | getParameter(...) : String | semmle.label | getParameter(...) : String |
|
||||
| JythonInjection.java:106:61:106:64 | code : String | semmle.label | code : String |
|
||||
| JythonInjection.java:106:61:106:75 | getBytes(...) | semmle.label | getBytes(...) |
|
||||
| JythonInjection.java:131:40:131:63 | getInputStream(...) | semmle.label | getInputStream(...) |
|
||||
subpaths
|
||||
|
||||
@@ -1,7 +1,8 @@
|
||||
edges
|
||||
| RhinoServlet.java:28:23:28:50 | getParameter(...) : String | RhinoServlet.java:32:55:32:58 | code |
|
||||
| RhinoServlet.java:81:23:81:50 | getParameter(...) : String | RhinoServlet.java:83:54:83:57 | code |
|
||||
| RhinoServlet.java:88:23:88:50 | getParameter(...) : String | RhinoServlet.java:89:74:89:88 | getBytes(...) |
|
||||
| RhinoServlet.java:88:23:88:50 | getParameter(...) : String | RhinoServlet.java:89:74:89:77 | code : String |
|
||||
| RhinoServlet.java:89:74:89:77 | code : String | RhinoServlet.java:89:74:89:88 | getBytes(...) |
|
||||
| ScriptEngineTest.java:20:44:20:55 | input : String | ScriptEngineTest.java:24:37:24:41 | input |
|
||||
| ScriptEngineTest.java:27:51:27:62 | input : String | ScriptEngineTest.java:31:31:31:35 | input |
|
||||
| ScriptEngineTest.java:35:58:35:69 | input : String | ScriptEngineTest.java:39:31:39:35 | input |
|
||||
@@ -26,6 +27,7 @@ nodes
|
||||
| RhinoServlet.java:81:23:81:50 | getParameter(...) : String | semmle.label | getParameter(...) : String |
|
||||
| RhinoServlet.java:83:54:83:57 | code | semmle.label | code |
|
||||
| RhinoServlet.java:88:23:88:50 | getParameter(...) : String | semmle.label | getParameter(...) : String |
|
||||
| RhinoServlet.java:89:74:89:77 | code : String | semmle.label | code : String |
|
||||
| RhinoServlet.java:89:74:89:88 | getBytes(...) | semmle.label | getBytes(...) |
|
||||
| ScriptEngineTest.java:20:44:20:55 | input : String | semmle.label | input : String |
|
||||
| ScriptEngineTest.java:24:37:24:41 | input | semmle.label | input |
|
||||
|
||||
@@ -1,46 +1,70 @@
|
||||
edges
|
||||
| SpelInjection.java:15:22:15:44 | getInputStream(...) : InputStream | SpelInjection.java:18:13:18:14 | in : InputStream |
|
||||
| SpelInjection.java:18:13:18:14 | in : InputStream | SpelInjection.java:18:21:18:25 | bytes [post update] : byte[] |
|
||||
| SpelInjection.java:18:21:18:25 | bytes [post update] : byte[] | SpelInjection.java:23:5:23:14 | expression |
|
||||
| SpelInjection.java:18:21:18:25 | bytes [post update] : byte[] | SpelInjection.java:19:31:19:35 | bytes : byte[] |
|
||||
| SpelInjection.java:19:20:19:42 | new String(...) : String | SpelInjection.java:23:5:23:14 | expression |
|
||||
| SpelInjection.java:19:31:19:35 | bytes : byte[] | SpelInjection.java:19:20:19:42 | new String(...) : String |
|
||||
| SpelInjection.java:27:22:27:44 | getInputStream(...) : InputStream | SpelInjection.java:30:13:30:14 | in : InputStream |
|
||||
| SpelInjection.java:30:13:30:14 | in : InputStream | SpelInjection.java:30:21:30:25 | bytes [post update] : byte[] |
|
||||
| SpelInjection.java:30:21:30:25 | bytes [post update] : byte[] | SpelInjection.java:34:5:34:14 | expression |
|
||||
| SpelInjection.java:30:21:30:25 | bytes [post update] : byte[] | SpelInjection.java:31:31:31:35 | bytes : byte[] |
|
||||
| SpelInjection.java:31:20:31:42 | new String(...) : String | SpelInjection.java:34:5:34:14 | expression |
|
||||
| SpelInjection.java:31:31:31:35 | bytes : byte[] | SpelInjection.java:31:20:31:42 | new String(...) : String |
|
||||
| SpelInjection.java:38:22:38:44 | getInputStream(...) : InputStream | SpelInjection.java:41:13:41:14 | in : InputStream |
|
||||
| SpelInjection.java:41:13:41:14 | in : InputStream | SpelInjection.java:41:21:41:25 | bytes [post update] : byte[] |
|
||||
| SpelInjection.java:41:21:41:25 | bytes [post update] : byte[] | SpelInjection.java:48:5:48:14 | expression |
|
||||
| SpelInjection.java:41:21:41:25 | bytes [post update] : byte[] | SpelInjection.java:42:31:42:35 | bytes : byte[] |
|
||||
| SpelInjection.java:42:20:42:42 | new String(...) : String | SpelInjection.java:48:5:48:14 | expression |
|
||||
| SpelInjection.java:42:31:42:35 | bytes : byte[] | SpelInjection.java:42:20:42:42 | new String(...) : String |
|
||||
| SpelInjection.java:52:22:52:44 | getInputStream(...) : InputStream | SpelInjection.java:55:13:55:14 | in : InputStream |
|
||||
| SpelInjection.java:55:13:55:14 | in : InputStream | SpelInjection.java:55:21:55:25 | bytes [post update] : byte[] |
|
||||
| SpelInjection.java:55:21:55:25 | bytes [post update] : byte[] | SpelInjection.java:59:5:59:14 | expression |
|
||||
| SpelInjection.java:55:21:55:25 | bytes [post update] : byte[] | SpelInjection.java:56:31:56:35 | bytes : byte[] |
|
||||
| SpelInjection.java:56:20:56:42 | new String(...) : String | SpelInjection.java:59:5:59:14 | expression |
|
||||
| SpelInjection.java:56:31:56:35 | bytes : byte[] | SpelInjection.java:56:20:56:42 | new String(...) : String |
|
||||
| SpelInjection.java:63:22:63:44 | getInputStream(...) : InputStream | SpelInjection.java:66:13:66:14 | in : InputStream |
|
||||
| SpelInjection.java:66:13:66:14 | in : InputStream | SpelInjection.java:66:21:66:25 | bytes [post update] : byte[] |
|
||||
| SpelInjection.java:66:21:66:25 | bytes [post update] : byte[] | SpelInjection.java:70:5:70:14 | expression |
|
||||
| SpelInjection.java:66:21:66:25 | bytes [post update] : byte[] | SpelInjection.java:67:31:67:35 | bytes : byte[] |
|
||||
| SpelInjection.java:67:20:67:42 | new String(...) : String | SpelInjection.java:70:5:70:14 | expression |
|
||||
| SpelInjection.java:67:31:67:35 | bytes : byte[] | SpelInjection.java:67:20:67:42 | new String(...) : String |
|
||||
| SpelInjection.java:74:22:74:44 | getInputStream(...) : InputStream | SpelInjection.java:77:13:77:14 | in : InputStream |
|
||||
| SpelInjection.java:77:13:77:14 | in : InputStream | SpelInjection.java:77:21:77:25 | bytes [post update] : byte[] |
|
||||
| SpelInjection.java:77:21:77:25 | bytes [post update] : byte[] | SpelInjection.java:83:5:83:14 | expression |
|
||||
| SpelInjection.java:77:21:77:25 | bytes [post update] : byte[] | SpelInjection.java:78:31:78:35 | bytes : byte[] |
|
||||
| SpelInjection.java:78:20:78:42 | new String(...) : String | SpelInjection.java:83:5:83:14 | expression |
|
||||
| SpelInjection.java:78:31:78:35 | bytes : byte[] | SpelInjection.java:78:20:78:42 | new String(...) : String |
|
||||
nodes
|
||||
| SpelInjection.java:15:22:15:44 | getInputStream(...) : InputStream | semmle.label | getInputStream(...) : InputStream |
|
||||
| SpelInjection.java:18:13:18:14 | in : InputStream | semmle.label | in : InputStream |
|
||||
| SpelInjection.java:18:21:18:25 | bytes [post update] : byte[] | semmle.label | bytes [post update] : byte[] |
|
||||
| SpelInjection.java:19:20:19:42 | new String(...) : String | semmle.label | new String(...) : String |
|
||||
| SpelInjection.java:19:31:19:35 | bytes : byte[] | semmle.label | bytes : byte[] |
|
||||
| SpelInjection.java:23:5:23:14 | expression | semmle.label | expression |
|
||||
| SpelInjection.java:27:22:27:44 | getInputStream(...) : InputStream | semmle.label | getInputStream(...) : InputStream |
|
||||
| SpelInjection.java:30:13:30:14 | in : InputStream | semmle.label | in : InputStream |
|
||||
| SpelInjection.java:30:21:30:25 | bytes [post update] : byte[] | semmle.label | bytes [post update] : byte[] |
|
||||
| SpelInjection.java:31:20:31:42 | new String(...) : String | semmle.label | new String(...) : String |
|
||||
| SpelInjection.java:31:31:31:35 | bytes : byte[] | semmle.label | bytes : byte[] |
|
||||
| SpelInjection.java:34:5:34:14 | expression | semmle.label | expression |
|
||||
| SpelInjection.java:38:22:38:44 | getInputStream(...) : InputStream | semmle.label | getInputStream(...) : InputStream |
|
||||
| SpelInjection.java:41:13:41:14 | in : InputStream | semmle.label | in : InputStream |
|
||||
| SpelInjection.java:41:21:41:25 | bytes [post update] : byte[] | semmle.label | bytes [post update] : byte[] |
|
||||
| SpelInjection.java:42:20:42:42 | new String(...) : String | semmle.label | new String(...) : String |
|
||||
| SpelInjection.java:42:31:42:35 | bytes : byte[] | semmle.label | bytes : byte[] |
|
||||
| SpelInjection.java:48:5:48:14 | expression | semmle.label | expression |
|
||||
| SpelInjection.java:52:22:52:44 | getInputStream(...) : InputStream | semmle.label | getInputStream(...) : InputStream |
|
||||
| SpelInjection.java:55:13:55:14 | in : InputStream | semmle.label | in : InputStream |
|
||||
| SpelInjection.java:55:21:55:25 | bytes [post update] : byte[] | semmle.label | bytes [post update] : byte[] |
|
||||
| SpelInjection.java:56:20:56:42 | new String(...) : String | semmle.label | new String(...) : String |
|
||||
| SpelInjection.java:56:31:56:35 | bytes : byte[] | semmle.label | bytes : byte[] |
|
||||
| SpelInjection.java:59:5:59:14 | expression | semmle.label | expression |
|
||||
| SpelInjection.java:63:22:63:44 | getInputStream(...) : InputStream | semmle.label | getInputStream(...) : InputStream |
|
||||
| SpelInjection.java:66:13:66:14 | in : InputStream | semmle.label | in : InputStream |
|
||||
| SpelInjection.java:66:21:66:25 | bytes [post update] : byte[] | semmle.label | bytes [post update] : byte[] |
|
||||
| SpelInjection.java:67:20:67:42 | new String(...) : String | semmle.label | new String(...) : String |
|
||||
| SpelInjection.java:67:31:67:35 | bytes : byte[] | semmle.label | bytes : byte[] |
|
||||
| SpelInjection.java:70:5:70:14 | expression | semmle.label | expression |
|
||||
| SpelInjection.java:74:22:74:44 | getInputStream(...) : InputStream | semmle.label | getInputStream(...) : InputStream |
|
||||
| SpelInjection.java:77:13:77:14 | in : InputStream | semmle.label | in : InputStream |
|
||||
| SpelInjection.java:77:21:77:25 | bytes [post update] : byte[] | semmle.label | bytes [post update] : byte[] |
|
||||
| SpelInjection.java:78:20:78:42 | new String(...) : String | semmle.label | new String(...) : String |
|
||||
| SpelInjection.java:78:31:78:35 | bytes : byte[] | semmle.label | bytes : byte[] |
|
||||
| SpelInjection.java:83:5:83:14 | expression | semmle.label | expression |
|
||||
subpaths
|
||||
#select
|
||||
|
||||
@@ -1,8 +1,8 @@
|
||||
edges
|
||||
| ClientSuppliedIpUsedInSecurityCheck.java:16:21:16:33 | getClientIP(...) : String | ClientSuppliedIpUsedInSecurityCheck.java:17:37:17:38 | ip |
|
||||
| ClientSuppliedIpUsedInSecurityCheck.java:24:21:24:33 | getClientIP(...) : String | ClientSuppliedIpUsedInSecurityCheck.java:25:33:25:34 | ip |
|
||||
| ClientSuppliedIpUsedInSecurityCheck.java:43:27:43:62 | getHeader(...) : String | ClientSuppliedIpUsedInSecurityCheck.java:47:16:47:34 | split(...) : String[] |
|
||||
| ClientSuppliedIpUsedInSecurityCheck.java:43:27:43:62 | getHeader(...) : String | ClientSuppliedIpUsedInSecurityCheck.java:47:16:47:37 | ...[...] : String |
|
||||
| ClientSuppliedIpUsedInSecurityCheck.java:43:27:43:62 | getHeader(...) : String | ClientSuppliedIpUsedInSecurityCheck.java:47:16:47:23 | xfHeader : String |
|
||||
| ClientSuppliedIpUsedInSecurityCheck.java:47:16:47:23 | xfHeader : String | ClientSuppliedIpUsedInSecurityCheck.java:47:16:47:34 | split(...) : String[] |
|
||||
| ClientSuppliedIpUsedInSecurityCheck.java:47:16:47:34 | split(...) : String[] | ClientSuppliedIpUsedInSecurityCheck.java:47:16:47:37 | ...[...] : String |
|
||||
| ClientSuppliedIpUsedInSecurityCheck.java:47:16:47:37 | ...[...] : String | ClientSuppliedIpUsedInSecurityCheck.java:16:21:16:33 | getClientIP(...) : String |
|
||||
| ClientSuppliedIpUsedInSecurityCheck.java:47:16:47:37 | ...[...] : String | ClientSuppliedIpUsedInSecurityCheck.java:24:21:24:33 | getClientIP(...) : String |
|
||||
@@ -12,6 +12,7 @@ nodes
|
||||
| ClientSuppliedIpUsedInSecurityCheck.java:24:21:24:33 | getClientIP(...) : String | semmle.label | getClientIP(...) : String |
|
||||
| ClientSuppliedIpUsedInSecurityCheck.java:25:33:25:34 | ip | semmle.label | ip |
|
||||
| ClientSuppliedIpUsedInSecurityCheck.java:43:27:43:62 | getHeader(...) : String | semmle.label | getHeader(...) : String |
|
||||
| ClientSuppliedIpUsedInSecurityCheck.java:47:16:47:23 | xfHeader : String | semmle.label | xfHeader : String |
|
||||
| ClientSuppliedIpUsedInSecurityCheck.java:47:16:47:34 | split(...) : String[] | semmle.label | split(...) : String[] |
|
||||
| ClientSuppliedIpUsedInSecurityCheck.java:47:16:47:37 | ...[...] : String | semmle.label | ...[...] : String |
|
||||
subpaths
|
||||
|
||||
@@ -5,8 +5,11 @@ edges
|
||||
| SpringUrlRedirect.java:36:30:36:47 | redirectUrl : String | SpringUrlRedirect.java:37:47:37:57 | redirectUrl |
|
||||
| SpringUrlRedirect.java:41:24:41:41 | redirectUrl : String | SpringUrlRedirect.java:44:29:44:39 | redirectUrl |
|
||||
| SpringUrlRedirect.java:49:24:49:41 | redirectUrl : String | SpringUrlRedirect.java:52:30:52:40 | redirectUrl |
|
||||
| SpringUrlRedirect.java:57:24:57:41 | redirectUrl : String | SpringUrlRedirect.java:58:30:58:66 | format(...) |
|
||||
| SpringUrlRedirect.java:62:24:62:41 | redirectUrl : String | SpringUrlRedirect.java:63:30:63:76 | format(...) |
|
||||
| SpringUrlRedirect.java:57:24:57:41 | redirectUrl : String | SpringUrlRedirect.java:58:55:58:65 | redirectUrl : String |
|
||||
| SpringUrlRedirect.java:58:30:58:66 | new ..[] { .. } [[]] : String | SpringUrlRedirect.java:58:30:58:66 | format(...) |
|
||||
| SpringUrlRedirect.java:58:55:58:65 | redirectUrl : String | SpringUrlRedirect.java:58:30:58:66 | new ..[] { .. } [[]] : String |
|
||||
| SpringUrlRedirect.java:62:24:62:41 | redirectUrl : String | SpringUrlRedirect.java:63:44:63:68 | ... + ... : String |
|
||||
| SpringUrlRedirect.java:63:44:63:68 | ... + ... : String | SpringUrlRedirect.java:63:30:63:76 | format(...) |
|
||||
| SpringUrlRedirect.java:89:38:89:55 | redirectUrl : String | SpringUrlRedirect.java:91:38:91:48 | redirectUrl : String |
|
||||
| SpringUrlRedirect.java:91:38:91:48 | redirectUrl : String | SpringUrlRedirect.java:91:27:91:49 | create(...) |
|
||||
| SpringUrlRedirect.java:96:39:96:56 | redirectUrl : String | SpringUrlRedirect.java:98:44:98:54 | redirectUrl : String |
|
||||
@@ -45,8 +48,11 @@ nodes
|
||||
| SpringUrlRedirect.java:52:30:52:40 | redirectUrl | semmle.label | redirectUrl |
|
||||
| SpringUrlRedirect.java:57:24:57:41 | redirectUrl : String | semmle.label | redirectUrl : String |
|
||||
| SpringUrlRedirect.java:58:30:58:66 | format(...) | semmle.label | format(...) |
|
||||
| SpringUrlRedirect.java:58:30:58:66 | new ..[] { .. } [[]] : String | semmle.label | new ..[] { .. } [[]] : String |
|
||||
| SpringUrlRedirect.java:58:55:58:65 | redirectUrl : String | semmle.label | redirectUrl : String |
|
||||
| SpringUrlRedirect.java:62:24:62:41 | redirectUrl : String | semmle.label | redirectUrl : String |
|
||||
| SpringUrlRedirect.java:63:30:63:76 | format(...) | semmle.label | format(...) |
|
||||
| SpringUrlRedirect.java:63:44:63:68 | ... + ... : String | semmle.label | ... + ... : String |
|
||||
| SpringUrlRedirect.java:89:38:89:55 | redirectUrl : String | semmle.label | redirectUrl : String |
|
||||
| SpringUrlRedirect.java:91:27:91:49 | create(...) | semmle.label | create(...) |
|
||||
| SpringUrlRedirect.java:91:38:91:48 | redirectUrl : String | semmle.label | redirectUrl : String |
|
||||
|
||||
@@ -1,16 +1,20 @@
|
||||
edges
|
||||
| HashWithoutSalt.java:10:36:10:43 | password : String | HashWithoutSalt.java:10:36:10:54 | getBytes(...) |
|
||||
| HashWithoutSalt.java:25:13:25:20 | password : String | HashWithoutSalt.java:25:13:25:31 | getBytes(...) |
|
||||
| HashWithoutSalt.java:93:22:93:29 | password : String | HashWithoutSalt.java:94:17:94:25 | passBytes |
|
||||
| HashWithoutSalt.java:111:22:111:29 | password : String | HashWithoutSalt.java:112:18:112:26 | passBytes |
|
||||
| HashWithoutSalt.java:93:22:93:29 | password : String | HashWithoutSalt.java:93:22:93:40 | getBytes(...) : byte[] |
|
||||
| HashWithoutSalt.java:93:22:93:40 | getBytes(...) : byte[] | HashWithoutSalt.java:94:17:94:25 | passBytes |
|
||||
| HashWithoutSalt.java:111:22:111:29 | password : String | HashWithoutSalt.java:111:22:111:40 | getBytes(...) : byte[] |
|
||||
| HashWithoutSalt.java:111:22:111:40 | getBytes(...) : byte[] | HashWithoutSalt.java:112:18:112:26 | passBytes |
|
||||
nodes
|
||||
| HashWithoutSalt.java:10:36:10:43 | password : String | semmle.label | password : String |
|
||||
| HashWithoutSalt.java:10:36:10:54 | getBytes(...) | semmle.label | getBytes(...) |
|
||||
| HashWithoutSalt.java:25:13:25:20 | password : String | semmle.label | password : String |
|
||||
| HashWithoutSalt.java:25:13:25:31 | getBytes(...) | semmle.label | getBytes(...) |
|
||||
| HashWithoutSalt.java:93:22:93:29 | password : String | semmle.label | password : String |
|
||||
| HashWithoutSalt.java:93:22:93:40 | getBytes(...) : byte[] | semmle.label | getBytes(...) : byte[] |
|
||||
| HashWithoutSalt.java:94:17:94:25 | passBytes | semmle.label | passBytes |
|
||||
| HashWithoutSalt.java:111:22:111:29 | password : String | semmle.label | password : String |
|
||||
| HashWithoutSalt.java:111:22:111:40 | getBytes(...) : byte[] | semmle.label | getBytes(...) : byte[] |
|
||||
| HashWithoutSalt.java:112:18:112:26 | passBytes | semmle.label | passBytes |
|
||||
subpaths
|
||||
#select
|
||||
|
||||
@@ -10,6 +10,13 @@
|
||||
| A.java:10:22:10:28 | taint(...) | A.java:17:9:17:105 | format(...) |
|
||||
| A.java:10:22:10:28 | taint(...) | A.java:17:9:17:105 | new ..[] { .. } |
|
||||
| A.java:10:22:10:28 | taint(...) | A.java:17:102:17:104 | bad |
|
||||
| A.java:10:22:10:28 | taint(...) | file:///modules/java.base/java/lang/String.class:0:0:0:0 | [summary] read: [] of argument 0 in formatted |
|
||||
| A.java:10:22:10:28 | taint(...) | file:///modules/java.base/java/lang/String.class:0:0:0:0 | [summary] read: [] of argument 1 in format |
|
||||
| A.java:10:22:10:28 | taint(...) | file:///modules/java.base/java/lang/String.class:0:0:0:0 | [summary] to write: return (return) in format |
|
||||
| A.java:10:22:10:28 | taint(...) | file:///modules/java.base/java/lang/String.class:0:0:0:0 | [summary] to write: return (return) in formatted |
|
||||
| A.java:10:22:10:28 | taint(...) | file:///modules/java.base/java/lang/String.class:0:0:0:0 | parameter this |
|
||||
| A.java:10:22:10:28 | taint(...) | file://:0:0:0:0 | p0 |
|
||||
| A.java:10:22:10:28 | taint(...) | file://:0:0:0:0 | p1 |
|
||||
| A.java:21:22:21:28 | taint(...) | A.java:21:22:21:28 | taint(...) |
|
||||
| A.java:21:22:21:28 | taint(...) | A.java:25:9:25:9 | f [post update] |
|
||||
| A.java:21:22:21:28 | taint(...) | A.java:25:9:25:27 | format(...) |
|
||||
@@ -26,6 +33,8 @@
|
||||
| A.java:30:22:30:28 | taint(...) | A.java:35:24:35:26 | bad |
|
||||
| A.java:30:22:30:28 | taint(...) | A.java:36:9:36:10 | sb |
|
||||
| A.java:30:22:30:28 | taint(...) | A.java:36:9:36:21 | toString(...) |
|
||||
| A.java:30:22:30:28 | taint(...) | file:///modules/java.base/java/lang/StringBuilder.class:0:0:0:0 | [summary] to write: return (return) in toString |
|
||||
| A.java:30:22:30:28 | taint(...) | file:///modules/java.base/java/lang/StringBuilder.class:0:0:0:0 | parameter this |
|
||||
| A.java:40:22:40:28 | taint(...) | A.java:40:22:40:28 | taint(...) |
|
||||
| A.java:40:22:40:28 | taint(...) | A.java:43:9:43:10 | sb [post update] |
|
||||
| A.java:40:22:40:28 | taint(...) | A.java:43:9:43:22 | append(...) |
|
||||
@@ -34,3 +43,7 @@
|
||||
| A.java:40:22:40:28 | taint(...) | A.java:45:9:45:38 | format(...) |
|
||||
| A.java:40:22:40:28 | taint(...) | A.java:45:9:45:49 | toString(...) |
|
||||
| A.java:40:22:40:28 | taint(...) | A.java:45:23:45:24 | sb |
|
||||
| A.java:40:22:40:28 | taint(...) | file:///modules/java.base/java/lang/StringBuilder.class:0:0:0:0 | [summary] to write: argument -1 in append |
|
||||
| A.java:40:22:40:28 | taint(...) | file:///modules/java.base/java/lang/StringBuilder.class:0:0:0:0 | [summary] to write: return (return) in append |
|
||||
| A.java:40:22:40:28 | taint(...) | file:///modules/java.base/java/lang/StringBuilder.class:0:0:0:0 | parameter this |
|
||||
| A.java:40:22:40:28 | taint(...) | file://:0:0:0:0 | p0 |
|
||||
|
||||
@@ -46,6 +46,9 @@ public class B {
|
||||
// tainted - tokenized string
|
||||
String token = new StringTokenizer(badEscape).nextToken();
|
||||
sink(token);
|
||||
// tainted - fluent concatenation
|
||||
String fluentConcat = "".concat("str").concat(token).concat("bar");
|
||||
sink(fluentConcat);
|
||||
|
||||
// not tainted
|
||||
String safe = notTainty(complex);
|
||||
|
||||
13
java/ql/test/library-tests/dataflow/taint/CharSeq.java
Normal file
13
java/ql/test/library-tests/dataflow/taint/CharSeq.java
Normal file
@@ -0,0 +1,13 @@
|
||||
public class CharSeq {
|
||||
public static String taint() { return "tainted"; }
|
||||
|
||||
public static void sink(Object o) { }
|
||||
|
||||
void test1() {
|
||||
CharSequence seq = taint().subSequence(0,1);
|
||||
sink(seq);
|
||||
|
||||
CharSequence seqFromSeq = seq.subSequence(0, 1);
|
||||
sink(seqFromSeq);
|
||||
}
|
||||
}
|
||||
@@ -14,29 +14,32 @@
|
||||
| B.java:15:21:15:27 | taint(...) | B.java:42:10:42:25 | valueOfSubstring |
|
||||
| B.java:15:21:15:27 | taint(...) | B.java:45:10:45:18 | badEscape |
|
||||
| B.java:15:21:15:27 | taint(...) | B.java:48:10:48:14 | token |
|
||||
| B.java:15:21:15:27 | taint(...) | B.java:65:10:65:13 | cond |
|
||||
| B.java:15:21:15:27 | taint(...) | B.java:68:10:68:14 | logic |
|
||||
| B.java:15:21:15:27 | taint(...) | B.java:70:10:70:39 | endsWith(...) |
|
||||
| B.java:15:21:15:27 | taint(...) | B.java:73:10:73:14 | logic |
|
||||
| B.java:15:21:15:27 | taint(...) | B.java:51:10:51:21 | fluentConcat |
|
||||
| B.java:15:21:15:27 | taint(...) | B.java:68:10:68:13 | cond |
|
||||
| B.java:15:21:15:27 | taint(...) | B.java:71:10:71:14 | logic |
|
||||
| B.java:15:21:15:27 | taint(...) | B.java:73:10:73:39 | endsWith(...) |
|
||||
| B.java:15:21:15:27 | taint(...) | B.java:76:10:76:14 | logic |
|
||||
| B.java:15:21:15:27 | taint(...) | B.java:84:10:84:16 | trimmed |
|
||||
| B.java:15:21:15:27 | taint(...) | B.java:86:10:86:14 | split |
|
||||
| B.java:15:21:15:27 | taint(...) | B.java:88:10:88:14 | lower |
|
||||
| B.java:15:21:15:27 | taint(...) | B.java:90:10:90:14 | upper |
|
||||
| B.java:15:21:15:27 | taint(...) | B.java:92:10:92:14 | bytes |
|
||||
| B.java:15:21:15:27 | taint(...) | B.java:94:10:94:17 | toString |
|
||||
| B.java:15:21:15:27 | taint(...) | B.java:96:10:96:13 | subs |
|
||||
| B.java:15:21:15:27 | taint(...) | B.java:98:10:98:13 | repl |
|
||||
| B.java:15:21:15:27 | taint(...) | B.java:100:10:100:16 | replAll |
|
||||
| B.java:15:21:15:27 | taint(...) | B.java:102:10:102:18 | replFirst |
|
||||
| B.java:15:21:15:27 | taint(...) | B.java:115:12:115:25 | serializedData |
|
||||
| B.java:15:21:15:27 | taint(...) | B.java:127:12:127:27 | deserializedData |
|
||||
| B.java:15:21:15:27 | taint(...) | B.java:136:10:136:21 | taintedArray |
|
||||
| B.java:15:21:15:27 | taint(...) | B.java:138:10:138:22 | taintedArray2 |
|
||||
| B.java:15:21:15:27 | taint(...) | B.java:140:10:140:22 | taintedArray3 |
|
||||
| B.java:15:21:15:27 | taint(...) | B.java:143:10:143:44 | toURL(...) |
|
||||
| B.java:15:21:15:27 | taint(...) | B.java:146:10:146:37 | toPath(...) |
|
||||
| B.java:15:21:15:27 | taint(...) | B.java:149:10:149:46 | toFile(...) |
|
||||
| B.java:15:21:15:27 | taint(...) | B.java:79:10:79:14 | logic |
|
||||
| B.java:15:21:15:27 | taint(...) | B.java:87:10:87:16 | trimmed |
|
||||
| B.java:15:21:15:27 | taint(...) | B.java:89:10:89:14 | split |
|
||||
| B.java:15:21:15:27 | taint(...) | B.java:91:10:91:14 | lower |
|
||||
| B.java:15:21:15:27 | taint(...) | B.java:93:10:93:14 | upper |
|
||||
| B.java:15:21:15:27 | taint(...) | B.java:95:10:95:14 | bytes |
|
||||
| B.java:15:21:15:27 | taint(...) | B.java:97:10:97:17 | toString |
|
||||
| B.java:15:21:15:27 | taint(...) | B.java:99:10:99:13 | subs |
|
||||
| B.java:15:21:15:27 | taint(...) | B.java:101:10:101:13 | repl |
|
||||
| B.java:15:21:15:27 | taint(...) | B.java:103:10:103:16 | replAll |
|
||||
| B.java:15:21:15:27 | taint(...) | B.java:105:10:105:18 | replFirst |
|
||||
| B.java:15:21:15:27 | taint(...) | B.java:118:12:118:25 | serializedData |
|
||||
| B.java:15:21:15:27 | taint(...) | B.java:130:12:130:27 | deserializedData |
|
||||
| B.java:15:21:15:27 | taint(...) | B.java:139:10:139:21 | taintedArray |
|
||||
| B.java:15:21:15:27 | taint(...) | B.java:141:10:141:22 | taintedArray2 |
|
||||
| B.java:15:21:15:27 | taint(...) | B.java:143:10:143:22 | taintedArray3 |
|
||||
| B.java:15:21:15:27 | taint(...) | B.java:146:10:146:44 | toURL(...) |
|
||||
| B.java:15:21:15:27 | taint(...) | B.java:149:10:149:37 | toPath(...) |
|
||||
| B.java:15:21:15:27 | taint(...) | B.java:152:10:152:46 | toFile(...) |
|
||||
| CharSeq.java:7:26:7:32 | taint(...) | CharSeq.java:8:12:8:14 | seq |
|
||||
| CharSeq.java:7:26:7:32 | taint(...) | CharSeq.java:11:12:11:21 | seqFromSeq |
|
||||
| MethodFlow.java:7:22:7:28 | taint(...) | MethodFlow.java:8:10:8:16 | tainted |
|
||||
| MethodFlow.java:9:31:9:37 | taint(...) | MethodFlow.java:10:10:10:17 | tainted2 |
|
||||
| MethodFlow.java:11:35:11:41 | taint(...) | MethodFlow.java:12:10:12:17 | tainted3 |
|
||||
|
||||
@@ -4,9 +4,13 @@ edges
|
||||
| Test.java:29:30:29:42 | args : String[] | Test.java:36:47:36:52 | query1 |
|
||||
| Test.java:29:30:29:42 | args : String[] | Test.java:42:57:42:62 | query2 |
|
||||
| Test.java:29:30:29:42 | args : String[] | Test.java:50:62:50:67 | query3 |
|
||||
| Test.java:29:30:29:42 | args : String[] | Test.java:62:47:62:61 | querySbToString |
|
||||
| Test.java:29:30:29:42 | args : String[] | Test.java:58:19:58:26 | category : String |
|
||||
| Test.java:29:30:29:42 | args : String[] | Test.java:70:40:70:44 | query |
|
||||
| Test.java:29:30:29:42 | args : String[] | Test.java:78:46:78:50 | query |
|
||||
| Test.java:58:4:58:10 | querySb [post update] : StringBuilder | Test.java:60:29:60:35 | querySb : StringBuilder |
|
||||
| Test.java:58:19:58:26 | category : String | Test.java:58:4:58:10 | querySb [post update] : StringBuilder |
|
||||
| Test.java:60:29:60:35 | querySb : StringBuilder | Test.java:60:29:60:46 | toString(...) : String |
|
||||
| Test.java:60:29:60:46 | toString(...) : String | Test.java:62:47:62:61 | querySbToString |
|
||||
| Test.java:183:33:183:45 | args : String[] | Test.java:209:47:209:68 | queryWithUserTableName |
|
||||
| Test.java:213:26:213:38 | args : String[] | Test.java:214:11:214:14 | args : String[] |
|
||||
| Test.java:213:26:213:38 | args : String[] | Test.java:218:14:218:17 | args : String[] |
|
||||
@@ -20,6 +24,10 @@ nodes
|
||||
| Test.java:36:47:36:52 | query1 | semmle.label | query1 |
|
||||
| Test.java:42:57:42:62 | query2 | semmle.label | query2 |
|
||||
| Test.java:50:62:50:67 | query3 | semmle.label | query3 |
|
||||
| Test.java:58:4:58:10 | querySb [post update] : StringBuilder | semmle.label | querySb [post update] : StringBuilder |
|
||||
| Test.java:58:19:58:26 | category : String | semmle.label | category : String |
|
||||
| Test.java:60:29:60:35 | querySb : StringBuilder | semmle.label | querySb : StringBuilder |
|
||||
| Test.java:60:29:60:46 | toString(...) : String | semmle.label | toString(...) : String |
|
||||
| Test.java:62:47:62:61 | querySbToString | semmle.label | querySbToString |
|
||||
| Test.java:70:40:70:44 | query | semmle.label | query |
|
||||
| Test.java:78:46:78:50 | query | semmle.label | query |
|
||||
|
||||
@@ -28,7 +28,8 @@ edges
|
||||
| LdapInjection.java:147:76:147:109 | uBadSRDNAsync : String | LdapInjection.java:151:19:151:19 | s |
|
||||
| LdapInjection.java:155:31:155:70 | uBadFilterCreateNOT : String | LdapInjection.java:156:58:156:115 | createNOTFilter(...) |
|
||||
| LdapInjection.java:160:31:160:75 | uBadFilterCreateToString : String | LdapInjection.java:161:58:161:107 | toString(...) |
|
||||
| LdapInjection.java:165:32:165:82 | uBadFilterCreateToStringBuffer : String | LdapInjection.java:168:58:168:69 | toString(...) |
|
||||
| LdapInjection.java:165:32:165:82 | uBadFilterCreateToStringBuffer : String | LdapInjection.java:168:58:168:58 | b : StringBuilder |
|
||||
| LdapInjection.java:168:58:168:58 | b : StringBuilder | LdapInjection.java:168:58:168:69 | toString(...) |
|
||||
| LdapInjection.java:172:32:172:78 | uBadSearchRequestDuplicate : String | LdapInjection.java:176:14:176:26 | duplicate(...) |
|
||||
| LdapInjection.java:180:32:180:80 | uBadROSearchRequestDuplicate : String | LdapInjection.java:184:14:184:26 | duplicate(...) |
|
||||
| LdapInjection.java:188:32:188:74 | uBadSearchRequestSetDN : String | LdapInjection.java:192:14:192:14 | s |
|
||||
@@ -49,7 +50,8 @@ edges
|
||||
| LdapInjection.java:276:31:276:68 | sBadLdapQueryBase : String | LdapInjection.java:277:12:277:66 | base(...) |
|
||||
| LdapInjection.java:281:31:281:71 | sBadLdapQueryComplex : String | LdapInjection.java:282:24:282:98 | is(...) |
|
||||
| LdapInjection.java:286:31:286:69 | sBadFilterToString : String | LdapInjection.java:287:18:287:83 | toString(...) |
|
||||
| LdapInjection.java:291:31:291:67 | sBadFilterEncode : String | LdapInjection.java:294:18:294:29 | toString(...) |
|
||||
| LdapInjection.java:291:31:291:67 | sBadFilterEncode : String | LdapInjection.java:294:18:294:18 | s : StringBuffer |
|
||||
| LdapInjection.java:294:18:294:18 | s : StringBuffer | LdapInjection.java:294:18:294:29 | toString(...) |
|
||||
| LdapInjection.java:314:30:314:54 | aBad : String | LdapInjection.java:316:36:316:55 | ... + ... |
|
||||
| LdapInjection.java:314:57:314:83 | aBadDN : String | LdapInjection.java:316:14:316:33 | ... + ... |
|
||||
| LdapInjection.java:320:30:320:54 | aBad : String | LdapInjection.java:322:65:322:84 | ... + ... |
|
||||
@@ -113,6 +115,7 @@ nodes
|
||||
| LdapInjection.java:160:31:160:75 | uBadFilterCreateToString : String | semmle.label | uBadFilterCreateToString : String |
|
||||
| LdapInjection.java:161:58:161:107 | toString(...) | semmle.label | toString(...) |
|
||||
| LdapInjection.java:165:32:165:82 | uBadFilterCreateToStringBuffer : String | semmle.label | uBadFilterCreateToStringBuffer : String |
|
||||
| LdapInjection.java:168:58:168:58 | b : StringBuilder | semmle.label | b : StringBuilder |
|
||||
| LdapInjection.java:168:58:168:69 | toString(...) | semmle.label | toString(...) |
|
||||
| LdapInjection.java:172:32:172:78 | uBadSearchRequestDuplicate : String | semmle.label | uBadSearchRequestDuplicate : String |
|
||||
| LdapInjection.java:176:14:176:26 | duplicate(...) | semmle.label | duplicate(...) |
|
||||
@@ -155,6 +158,7 @@ nodes
|
||||
| LdapInjection.java:286:31:286:69 | sBadFilterToString : String | semmle.label | sBadFilterToString : String |
|
||||
| LdapInjection.java:287:18:287:83 | toString(...) | semmle.label | toString(...) |
|
||||
| LdapInjection.java:291:31:291:67 | sBadFilterEncode : String | semmle.label | sBadFilterEncode : String |
|
||||
| LdapInjection.java:294:18:294:18 | s : StringBuffer | semmle.label | s : StringBuffer |
|
||||
| LdapInjection.java:294:18:294:29 | toString(...) | semmle.label | toString(...) |
|
||||
| LdapInjection.java:314:30:314:54 | aBad : String | semmle.label | aBad : String |
|
||||
| LdapInjection.java:314:57:314:83 | aBadDN : String | semmle.label | aBadDN : String |
|
||||
|
||||
@@ -1,8 +1,12 @@
|
||||
edges
|
||||
| Test.java:76:27:76:60 | getProperty(...) : String | Test.java:80:31:80:34 | size |
|
||||
| Test.java:76:27:76:60 | getProperty(...) : String | Test.java:86:34:86:37 | size |
|
||||
| Test.java:76:27:76:60 | getProperty(...) : String | Test.java:78:37:78:48 | userProperty : String |
|
||||
| Test.java:78:37:78:48 | userProperty : String | Test.java:78:37:78:55 | trim(...) : String |
|
||||
| Test.java:78:37:78:55 | trim(...) : String | Test.java:80:31:80:34 | size |
|
||||
| Test.java:78:37:78:55 | trim(...) : String | Test.java:86:34:86:37 | size |
|
||||
nodes
|
||||
| Test.java:76:27:76:60 | getProperty(...) : String | semmle.label | getProperty(...) : String |
|
||||
| Test.java:78:37:78:48 | userProperty : String | semmle.label | userProperty : String |
|
||||
| Test.java:78:37:78:55 | trim(...) : String | semmle.label | trim(...) : String |
|
||||
| Test.java:80:31:80:34 | size | semmle.label | size |
|
||||
| Test.java:86:34:86:37 | size | semmle.label | size |
|
||||
subpaths
|
||||
|
||||
@@ -1,7 +1,11 @@
|
||||
edges
|
||||
| Test.java:14:27:14:60 | getProperty(...) : String | Test.java:19:34:19:38 | index |
|
||||
| Test.java:14:27:14:60 | getProperty(...) : String | Test.java:16:38:16:49 | userProperty : String |
|
||||
| Test.java:16:38:16:49 | userProperty : String | Test.java:16:38:16:56 | trim(...) : String |
|
||||
| Test.java:16:38:16:56 | trim(...) : String | Test.java:19:34:19:38 | index |
|
||||
nodes
|
||||
| Test.java:14:27:14:60 | getProperty(...) : String | semmle.label | getProperty(...) : String |
|
||||
| Test.java:16:38:16:49 | userProperty : String | semmle.label | userProperty : String |
|
||||
| Test.java:16:38:16:56 | trim(...) : String | semmle.label | trim(...) : String |
|
||||
| Test.java:19:34:19:38 | index | semmle.label | index |
|
||||
subpaths
|
||||
#select
|
||||
|
||||
@@ -9,15 +9,19 @@ edges
|
||||
| ArithmeticTainted.java:18:40:18:56 | readerInputStream : InputStreamReader | ArithmeticTainted.java:18:21:18:57 | new BufferedReader(...) : BufferedReader |
|
||||
| ArithmeticTainted.java:19:26:19:39 | readerBuffered : BufferedReader | ArithmeticTainted.java:19:26:19:50 | readLine(...) : String |
|
||||
| ArithmeticTainted.java:19:26:19:39 | readerBuffered : BufferedReader | ArithmeticTainted.java:19:26:19:50 | readLine(...) : String |
|
||||
| ArithmeticTainted.java:19:26:19:50 | readLine(...) : String | ArithmeticTainted.java:32:17:32:20 | data |
|
||||
| ArithmeticTainted.java:19:26:19:50 | readLine(...) : String | ArithmeticTainted.java:40:17:40:20 | data |
|
||||
| ArithmeticTainted.java:19:26:19:50 | readLine(...) : String | ArithmeticTainted.java:50:17:50:20 | data |
|
||||
| ArithmeticTainted.java:19:26:19:50 | readLine(...) : String | ArithmeticTainted.java:64:20:64:23 | data : Number |
|
||||
| ArithmeticTainted.java:19:26:19:50 | readLine(...) : String | ArithmeticTainted.java:95:37:95:40 | data |
|
||||
| ArithmeticTainted.java:19:26:19:50 | readLine(...) : String | ArithmeticTainted.java:118:9:118:12 | data : Number |
|
||||
| ArithmeticTainted.java:19:26:19:50 | readLine(...) : String | ArithmeticTainted.java:119:10:119:13 | data : Number |
|
||||
| ArithmeticTainted.java:19:26:19:50 | readLine(...) : String | ArithmeticTainted.java:120:10:120:13 | data : Number |
|
||||
| ArithmeticTainted.java:19:26:19:50 | readLine(...) : String | ArithmeticTainted.java:121:10:121:13 | data : Number |
|
||||
| ArithmeticTainted.java:19:26:19:50 | readLine(...) : String | ArithmeticTainted.java:21:29:21:40 | stringNumber : String |
|
||||
| ArithmeticTainted.java:19:26:19:50 | readLine(...) : String | ArithmeticTainted.java:21:29:21:40 | stringNumber : String |
|
||||
| ArithmeticTainted.java:21:29:21:40 | stringNumber : String | ArithmeticTainted.java:21:29:21:47 | trim(...) : String |
|
||||
| ArithmeticTainted.java:21:29:21:40 | stringNumber : String | ArithmeticTainted.java:21:29:21:47 | trim(...) : String |
|
||||
| ArithmeticTainted.java:21:29:21:47 | trim(...) : String | ArithmeticTainted.java:32:17:32:20 | data |
|
||||
| ArithmeticTainted.java:21:29:21:47 | trim(...) : String | ArithmeticTainted.java:40:17:40:20 | data |
|
||||
| ArithmeticTainted.java:21:29:21:47 | trim(...) : String | ArithmeticTainted.java:50:17:50:20 | data |
|
||||
| ArithmeticTainted.java:21:29:21:47 | trim(...) : String | ArithmeticTainted.java:64:20:64:23 | data : Number |
|
||||
| ArithmeticTainted.java:21:29:21:47 | trim(...) : String | ArithmeticTainted.java:95:37:95:40 | data |
|
||||
| ArithmeticTainted.java:21:29:21:47 | trim(...) : String | ArithmeticTainted.java:118:9:118:12 | data : Number |
|
||||
| ArithmeticTainted.java:21:29:21:47 | trim(...) : String | ArithmeticTainted.java:119:10:119:13 | data : Number |
|
||||
| ArithmeticTainted.java:21:29:21:47 | trim(...) : String | ArithmeticTainted.java:120:10:120:13 | data : Number |
|
||||
| ArithmeticTainted.java:21:29:21:47 | trim(...) : String | ArithmeticTainted.java:121:10:121:13 | data : Number |
|
||||
| ArithmeticTainted.java:64:4:64:10 | tainted [post update] [dat] : Number | ArithmeticTainted.java:66:18:66:24 | tainted [dat] : Number |
|
||||
| ArithmeticTainted.java:64:20:64:23 | data : Number | ArithmeticTainted.java:64:4:64:10 | tainted [post update] [dat] : Number |
|
||||
| ArithmeticTainted.java:64:20:64:23 | data : Number | Holder.java:12:22:12:26 | d : Number |
|
||||
@@ -49,6 +53,10 @@ nodes
|
||||
| ArithmeticTainted.java:19:26:19:39 | readerBuffered : BufferedReader | semmle.label | readerBuffered : BufferedReader |
|
||||
| ArithmeticTainted.java:19:26:19:50 | readLine(...) : String | semmle.label | readLine(...) : String |
|
||||
| ArithmeticTainted.java:19:26:19:50 | readLine(...) : String | semmle.label | readLine(...) : String |
|
||||
| ArithmeticTainted.java:21:29:21:40 | stringNumber : String | semmle.label | stringNumber : String |
|
||||
| ArithmeticTainted.java:21:29:21:40 | stringNumber : String | semmle.label | stringNumber : String |
|
||||
| ArithmeticTainted.java:21:29:21:47 | trim(...) : String | semmle.label | trim(...) : String |
|
||||
| ArithmeticTainted.java:21:29:21:47 | trim(...) : String | semmle.label | trim(...) : String |
|
||||
| ArithmeticTainted.java:32:17:32:20 | data | semmle.label | data |
|
||||
| ArithmeticTainted.java:40:17:40:20 | data | semmle.label | data |
|
||||
| ArithmeticTainted.java:50:17:50:20 | data | semmle.label | data |
|
||||
|
||||
@@ -18,29 +18,37 @@ edges
|
||||
| SchemaTests.java:45:56:45:76 | getInputStream(...) : InputStream | SchemaTests.java:45:39:45:77 | new StreamSource(...) |
|
||||
| SimpleXMLTests.java:24:63:24:83 | getInputStream(...) : InputStream | SimpleXMLTests.java:24:41:24:84 | new InputStreamReader(...) |
|
||||
| SimpleXMLTests.java:30:5:30:25 | getInputStream(...) : InputStream | SimpleXMLTests.java:30:32:30:32 | b [post update] : byte[] |
|
||||
| SimpleXMLTests.java:30:32:30:32 | b [post update] : byte[] | SimpleXMLTests.java:31:41:31:53 | new String(...) |
|
||||
| SimpleXMLTests.java:30:32:30:32 | b [post update] : byte[] | SimpleXMLTests.java:31:52:31:52 | b : byte[] |
|
||||
| SimpleXMLTests.java:31:52:31:52 | b : byte[] | SimpleXMLTests.java:31:41:31:53 | new String(...) |
|
||||
| SimpleXMLTests.java:37:5:37:25 | getInputStream(...) : InputStream | SimpleXMLTests.java:37:32:37:32 | b [post update] : byte[] |
|
||||
| SimpleXMLTests.java:37:32:37:32 | b [post update] : byte[] | SimpleXMLTests.java:38:41:38:53 | new String(...) |
|
||||
| SimpleXMLTests.java:37:32:37:32 | b [post update] : byte[] | SimpleXMLTests.java:38:52:38:52 | b : byte[] |
|
||||
| SimpleXMLTests.java:38:52:38:52 | b : byte[] | SimpleXMLTests.java:38:41:38:53 | new String(...) |
|
||||
| SimpleXMLTests.java:43:63:43:83 | getInputStream(...) : InputStream | SimpleXMLTests.java:43:41:43:84 | new InputStreamReader(...) |
|
||||
| SimpleXMLTests.java:68:59:68:79 | getInputStream(...) : InputStream | SimpleXMLTests.java:68:37:68:80 | new InputStreamReader(...) |
|
||||
| SimpleXMLTests.java:73:59:73:79 | getInputStream(...) : InputStream | SimpleXMLTests.java:73:37:73:80 | new InputStreamReader(...) |
|
||||
| SimpleXMLTests.java:78:48:78:68 | getInputStream(...) : InputStream | SimpleXMLTests.java:78:26:78:69 | new InputStreamReader(...) |
|
||||
| SimpleXMLTests.java:83:48:83:68 | getInputStream(...) : InputStream | SimpleXMLTests.java:83:26:83:69 | new InputStreamReader(...) |
|
||||
| SimpleXMLTests.java:89:5:89:25 | getInputStream(...) : InputStream | SimpleXMLTests.java:89:32:89:32 | b [post update] : byte[] |
|
||||
| SimpleXMLTests.java:89:32:89:32 | b [post update] : byte[] | SimpleXMLTests.java:90:37:90:49 | new String(...) |
|
||||
| SimpleXMLTests.java:89:32:89:32 | b [post update] : byte[] | SimpleXMLTests.java:90:48:90:48 | b : byte[] |
|
||||
| SimpleXMLTests.java:90:48:90:48 | b : byte[] | SimpleXMLTests.java:90:37:90:49 | new String(...) |
|
||||
| SimpleXMLTests.java:96:5:96:25 | getInputStream(...) : InputStream | SimpleXMLTests.java:96:32:96:32 | b [post update] : byte[] |
|
||||
| SimpleXMLTests.java:96:32:96:32 | b [post update] : byte[] | SimpleXMLTests.java:97:37:97:49 | new String(...) |
|
||||
| SimpleXMLTests.java:96:32:96:32 | b [post update] : byte[] | SimpleXMLTests.java:97:48:97:48 | b : byte[] |
|
||||
| SimpleXMLTests.java:97:48:97:48 | b : byte[] | SimpleXMLTests.java:97:37:97:49 | new String(...) |
|
||||
| SimpleXMLTests.java:103:5:103:25 | getInputStream(...) : InputStream | SimpleXMLTests.java:103:32:103:32 | b [post update] : byte[] |
|
||||
| SimpleXMLTests.java:103:32:103:32 | b [post update] : byte[] | SimpleXMLTests.java:104:26:104:38 | new String(...) |
|
||||
| SimpleXMLTests.java:103:32:103:32 | b [post update] : byte[] | SimpleXMLTests.java:104:37:104:37 | b : byte[] |
|
||||
| SimpleXMLTests.java:104:37:104:37 | b : byte[] | SimpleXMLTests.java:104:26:104:38 | new String(...) |
|
||||
| SimpleXMLTests.java:110:5:110:25 | getInputStream(...) : InputStream | SimpleXMLTests.java:110:32:110:32 | b [post update] : byte[] |
|
||||
| SimpleXMLTests.java:110:32:110:32 | b [post update] : byte[] | SimpleXMLTests.java:111:26:111:38 | new String(...) |
|
||||
| SimpleXMLTests.java:110:32:110:32 | b [post update] : byte[] | SimpleXMLTests.java:111:37:111:37 | b : byte[] |
|
||||
| SimpleXMLTests.java:111:37:111:37 | b : byte[] | SimpleXMLTests.java:111:26:111:38 | new String(...) |
|
||||
| SimpleXMLTests.java:119:44:119:64 | getInputStream(...) : InputStream | SimpleXMLTests.java:119:22:119:65 | new InputStreamReader(...) |
|
||||
| SimpleXMLTests.java:129:44:129:64 | getInputStream(...) : InputStream | SimpleXMLTests.java:129:22:129:65 | new InputStreamReader(...) |
|
||||
| SimpleXMLTests.java:139:44:139:64 | getInputStream(...) : InputStream | SimpleXMLTests.java:139:22:139:65 | new InputStreamReader(...) |
|
||||
| SimpleXMLTests.java:145:5:145:25 | getInputStream(...) : InputStream | SimpleXMLTests.java:145:32:145:32 | b [post update] : byte[] |
|
||||
| SimpleXMLTests.java:145:32:145:32 | b [post update] : byte[] | SimpleXMLTests.java:146:22:146:34 | new String(...) |
|
||||
| SimpleXMLTests.java:145:32:145:32 | b [post update] : byte[] | SimpleXMLTests.java:146:33:146:33 | b : byte[] |
|
||||
| SimpleXMLTests.java:146:33:146:33 | b : byte[] | SimpleXMLTests.java:146:22:146:34 | new String(...) |
|
||||
| SimpleXMLTests.java:152:5:152:25 | getInputStream(...) : InputStream | SimpleXMLTests.java:152:32:152:32 | b [post update] : byte[] |
|
||||
| SimpleXMLTests.java:152:32:152:32 | b [post update] : byte[] | SimpleXMLTests.java:153:22:153:34 | new String(...) |
|
||||
| SimpleXMLTests.java:152:32:152:32 | b [post update] : byte[] | SimpleXMLTests.java:153:33:153:33 | b : byte[] |
|
||||
| SimpleXMLTests.java:153:33:153:33 | b : byte[] | SimpleXMLTests.java:153:22:153:34 | new String(...) |
|
||||
| TransformerTests.java:20:44:20:64 | getInputStream(...) : InputStream | TransformerTests.java:20:27:20:65 | new StreamSource(...) |
|
||||
| TransformerTests.java:21:40:21:60 | getInputStream(...) : InputStream | TransformerTests.java:21:23:21:61 | new StreamSource(...) |
|
||||
| TransformerTests.java:71:44:71:64 | getInputStream(...) : InputStream | TransformerTests.java:71:27:71:65 | new StreamSource(...) |
|
||||
@@ -123,9 +131,11 @@ nodes
|
||||
| SimpleXMLTests.java:30:5:30:25 | getInputStream(...) : InputStream | semmle.label | getInputStream(...) : InputStream |
|
||||
| SimpleXMLTests.java:30:32:30:32 | b [post update] : byte[] | semmle.label | b [post update] : byte[] |
|
||||
| SimpleXMLTests.java:31:41:31:53 | new String(...) | semmle.label | new String(...) |
|
||||
| SimpleXMLTests.java:31:52:31:52 | b : byte[] | semmle.label | b : byte[] |
|
||||
| SimpleXMLTests.java:37:5:37:25 | getInputStream(...) : InputStream | semmle.label | getInputStream(...) : InputStream |
|
||||
| SimpleXMLTests.java:37:32:37:32 | b [post update] : byte[] | semmle.label | b [post update] : byte[] |
|
||||
| SimpleXMLTests.java:38:41:38:53 | new String(...) | semmle.label | new String(...) |
|
||||
| SimpleXMLTests.java:38:52:38:52 | b : byte[] | semmle.label | b : byte[] |
|
||||
| SimpleXMLTests.java:43:41:43:84 | new InputStreamReader(...) | semmle.label | new InputStreamReader(...) |
|
||||
| SimpleXMLTests.java:43:63:43:83 | getInputStream(...) : InputStream | semmle.label | getInputStream(...) : InputStream |
|
||||
| SimpleXMLTests.java:48:37:48:57 | getInputStream(...) | semmle.label | getInputStream(...) |
|
||||
@@ -143,15 +153,19 @@ nodes
|
||||
| SimpleXMLTests.java:89:5:89:25 | getInputStream(...) : InputStream | semmle.label | getInputStream(...) : InputStream |
|
||||
| SimpleXMLTests.java:89:32:89:32 | b [post update] : byte[] | semmle.label | b [post update] : byte[] |
|
||||
| SimpleXMLTests.java:90:37:90:49 | new String(...) | semmle.label | new String(...) |
|
||||
| SimpleXMLTests.java:90:48:90:48 | b : byte[] | semmle.label | b : byte[] |
|
||||
| SimpleXMLTests.java:96:5:96:25 | getInputStream(...) : InputStream | semmle.label | getInputStream(...) : InputStream |
|
||||
| SimpleXMLTests.java:96:32:96:32 | b [post update] : byte[] | semmle.label | b [post update] : byte[] |
|
||||
| SimpleXMLTests.java:97:37:97:49 | new String(...) | semmle.label | new String(...) |
|
||||
| SimpleXMLTests.java:97:48:97:48 | b : byte[] | semmle.label | b : byte[] |
|
||||
| SimpleXMLTests.java:103:5:103:25 | getInputStream(...) : InputStream | semmle.label | getInputStream(...) : InputStream |
|
||||
| SimpleXMLTests.java:103:32:103:32 | b [post update] : byte[] | semmle.label | b [post update] : byte[] |
|
||||
| SimpleXMLTests.java:104:26:104:38 | new String(...) | semmle.label | new String(...) |
|
||||
| SimpleXMLTests.java:104:37:104:37 | b : byte[] | semmle.label | b : byte[] |
|
||||
| SimpleXMLTests.java:110:5:110:25 | getInputStream(...) : InputStream | semmle.label | getInputStream(...) : InputStream |
|
||||
| SimpleXMLTests.java:110:32:110:32 | b [post update] : byte[] | semmle.label | b [post update] : byte[] |
|
||||
| SimpleXMLTests.java:111:26:111:38 | new String(...) | semmle.label | new String(...) |
|
||||
| SimpleXMLTests.java:111:37:111:37 | b : byte[] | semmle.label | b : byte[] |
|
||||
| SimpleXMLTests.java:115:22:115:42 | getInputStream(...) | semmle.label | getInputStream(...) |
|
||||
| SimpleXMLTests.java:119:22:119:65 | new InputStreamReader(...) | semmle.label | new InputStreamReader(...) |
|
||||
| SimpleXMLTests.java:119:44:119:64 | getInputStream(...) : InputStream | semmle.label | getInputStream(...) : InputStream |
|
||||
@@ -164,9 +178,11 @@ nodes
|
||||
| SimpleXMLTests.java:145:5:145:25 | getInputStream(...) : InputStream | semmle.label | getInputStream(...) : InputStream |
|
||||
| SimpleXMLTests.java:145:32:145:32 | b [post update] : byte[] | semmle.label | b [post update] : byte[] |
|
||||
| SimpleXMLTests.java:146:22:146:34 | new String(...) | semmle.label | new String(...) |
|
||||
| SimpleXMLTests.java:146:33:146:33 | b : byte[] | semmle.label | b : byte[] |
|
||||
| SimpleXMLTests.java:152:5:152:25 | getInputStream(...) : InputStream | semmle.label | getInputStream(...) : InputStream |
|
||||
| SimpleXMLTests.java:152:32:152:32 | b [post update] : byte[] | semmle.label | b [post update] : byte[] |
|
||||
| SimpleXMLTests.java:153:22:153:34 | new String(...) | semmle.label | new String(...) |
|
||||
| SimpleXMLTests.java:153:33:153:33 | b : byte[] | semmle.label | b : byte[] |
|
||||
| TransformerTests.java:20:27:20:65 | new StreamSource(...) | semmle.label | new StreamSource(...) |
|
||||
| TransformerTests.java:20:44:20:64 | getInputStream(...) : InputStream | semmle.label | getInputStream(...) : InputStream |
|
||||
| TransformerTests.java:21:23:21:61 | new StreamSource(...) | semmle.label | new StreamSource(...) |
|
||||
|
||||
@@ -3,13 +3,17 @@ edges
|
||||
| Test.java:11:6:11:46 | new InputStreamReader(...) : InputStreamReader | Test.java:10:36:11:47 | new BufferedReader(...) : BufferedReader |
|
||||
| Test.java:11:28:11:36 | System.in : InputStream | Test.java:11:6:11:46 | new InputStreamReader(...) : InputStreamReader |
|
||||
| Test.java:12:26:12:39 | readerBuffered : BufferedReader | Test.java:12:26:12:50 | readLine(...) : String |
|
||||
| Test.java:12:26:12:50 | readLine(...) : String | Test.java:21:22:21:25 | data |
|
||||
| Test.java:12:26:12:50 | readLine(...) : String | Test.java:14:27:14:38 | stringNumber : String |
|
||||
| Test.java:14:27:14:38 | stringNumber : String | Test.java:14:27:14:45 | trim(...) : String |
|
||||
| Test.java:14:27:14:45 | trim(...) : String | Test.java:21:22:21:25 | data |
|
||||
nodes
|
||||
| Test.java:10:36:11:47 | new BufferedReader(...) : BufferedReader | semmle.label | new BufferedReader(...) : BufferedReader |
|
||||
| Test.java:11:6:11:46 | new InputStreamReader(...) : InputStreamReader | semmle.label | new InputStreamReader(...) : InputStreamReader |
|
||||
| Test.java:11:28:11:36 | System.in : InputStream | semmle.label | System.in : InputStream |
|
||||
| Test.java:12:26:12:39 | readerBuffered : BufferedReader | semmle.label | readerBuffered : BufferedReader |
|
||||
| Test.java:12:26:12:50 | readLine(...) : String | semmle.label | readLine(...) : String |
|
||||
| Test.java:14:27:14:38 | stringNumber : String | semmle.label | stringNumber : String |
|
||||
| Test.java:14:27:14:45 | trim(...) : String | semmle.label | trim(...) : String |
|
||||
| Test.java:21:22:21:25 | data | semmle.label | data |
|
||||
subpaths
|
||||
#select
|
||||
|
||||
Reference in New Issue
Block a user