hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-22 19:56:32 +01:00
Code Issues Packages Projects Releases Wiki Activity

Add test for File.startsWith

Browse Source
This commit is contained in:
Tony Torralba
2022-12-05 11:52:50 +01:00
parent 71a6b09bad
commit 47d61e0b4d
1 changed files with 23 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
java/ql/test/library-tests/pathsanitizer/TestKt.kt
View File

@@ -106,7 +106,18 @@ class TestKt {
} }
run { run {
val source: File? = source() as File? val source: File? = source() as File?
val normalized: File = source!!.canonicalFile.toString() val normalized: File = source!!.canonicalFile
if (normalized.startsWith("/safe")) {
sink(source) // Safe
sink(normalized) // Safe
} else {
sink(source) // $ hasTaintFlow
sink(normalized) // $ hasTaintFlow
}
}
run {
val source: File? = source() as File?
val normalized: String = source!!.canonicalFile.toString()
if (normalized.startsWith("/safe")) { if (normalized.startsWith("/safe")) {
sink(source) // Safe sink(source) // Safe
sink(normalized) // Safe sink(normalized) // Safe
@@ -337,6 +348,17 @@ class TestKt {
sink(normalized) // $ hasTaintFlow sink(normalized) // $ hasTaintFlow
} }
} }
run {
val source: File? = source() as File?
val normalized: File = source!!.canonicalFile
if (!normalized.startsWith("/data")) {
sink(source) // Safe
sink(normalized) // Safe
} else {
sink(source) // $ hasTaintFlow
sink(normalized) // $ hasTaintFlow
}
}
run { run {
val source: File? = source() as File? val source: File? = source() as File?
val normalized: String = source!!.canonicalFile.toString() val normalized: String = source!!.canonicalFile.toString()