hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-27 09:45:15 +02:00
Code Issues Packages Projects Releases Wiki Activity

Improved tests

Browse Source 
Note that a FN test case was added
This commit is contained in:
Tony Torralba
2021-09-14 15:51:08 +02:00
parent 0640b41f00
commit 4e93330cb9
2 changed files with 35 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

36
java/ql/test/query-tests/security/CWE-807/semmle/tests/ConditionalBypassTest.java
View File

@@ -57,7 +57,6 @@ class ConditionalBypassTest {
if (adminCookie.getValue() == "false")
login(user, password);
else {
// do something else
login(user, password);
}
}
@@ -69,17 +68,19 @@ class ConditionalBypassTest {
login(user, password);
else {
// do something else
doIt();
}
login(user, password);
}
public static void test3(String user, String password) {
Cookie adminCookie = getCookies()[0];
// BAD: login may not happen
if (adminCookie.getValue() == "false") // $ hasConditionalBypassTest
login(user, password);
else {
// do something else
// BAD: login may not happen
doIt();
}
return;
}
@@ -97,6 +98,37 @@ class ConditionalBypassTest {
return;
}
public static void test5(String user, String password) throws Exception {
Cookie adminCookie = getCookies()[0];
// GOOD: exit with Exception if condition is not met
if (adminCookie.getValue() == "false") {
throw new Exception();
}
login(user, password);
}
public static void test6(String user, String password) {
Cookie adminCookie = getCookies()[0];
// GOOD: exit with return if condition is not met
if (adminCookie.getValue() == "false") {
return;
}
login(user, password);
}
public static void test7(String user, String password) {
Cookie adminCookie = getCookies()[0];
// FALSE NEGATIVE: login is bypasseable
if (adminCookie.getValue() == "false") { // $ MISSING: $ hasConditionalBypassTest
login(user, password);
return;
} else {
doIt();
}
}
public static void login(String user, String password) {
// login
}

1
java/ql/test/query-tests/security/CWE-807/semmle/tests/TaintedPermissionsCheck.expected
View File

@@ -3,5 +3,6 @@ edges
nodes
| TaintedPermissionsCheckTest.java:12:19:12:48 | getParameter(...) : String | semmle.label | getParameter(...) : String |
| TaintedPermissionsCheckTest.java:15:27:15:53 | ... + ... | semmle.label | ... + ... |
subpaths
#select
| TaintedPermissionsCheckTest.java:15:7:15:54 | isPermitted(...) | TaintedPermissionsCheckTest.java:12:19:12:48 | getParameter(...) : String | TaintedPermissionsCheckTest.java:15:27:15:53 | ... + ... | Permissions check uses user-controlled $@. | TaintedPermissionsCheckTest.java:12:19:12:48 | getParameter(...) | data |