hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-16 16:53:25 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #20956 from owen-mc/java/improve-regex-sanitizer

Browse Source 
Java: improve regex sanitizer for `java/ssrf`
This commit is contained in:
Owen Mansel-Chan
2025-12-04 15:32:12 +00:00
committed by GitHub
parent cdd8aa49e1 e710c150de
commit 5c8ab1f6d1
6 changed files with 339 additions and 256 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
java/ql/lib/change-notes/2025-12-02-improve-regex-sanitizer.md Normal file
View File

@@ -0,0 +1,4 @@
---
category: minorAnalysis
---
* A sanitizer has been added to `java/ssrf` to remove alerts when a regular expression check is used to verify that the value is safe.

35
java/ql/lib/semmle/code/java/frameworks/Regex.qll
View File

@@ -4,11 +4,46 @@ module;
import java
/** The class `java.util.regex.Matcher`. */
class TypeRegexMatcher extends Class {
TypeRegexMatcher() { this.hasQualifiedName("java.util.regex", "Matcher") }
}
/**
* The `matches` method of `java.util.regex.Matcher`.
*/
class MatcherMatchesMethod extends Method {
MatcherMatchesMethod() {
this.getDeclaringType() instanceof TypeRegexMatcher and
this.hasName("matches")
}
}
/** The class `java.util.regex.Pattern`. */
class TypeRegexPattern extends Class {
TypeRegexPattern() { this.hasQualifiedName("java.util.regex", "Pattern") }
}
/**
* The `matches` method of `java.util.regex.Pattern`.
*/
class PatternMatchesMethod extends Method {
PatternMatchesMethod() {
this.getDeclaringType() instanceof TypeRegexPattern and
this.hasName("matches")
}
}
/**
* The `matcher` method of `java.util.regex.Pattern`.
*/
class PatternMatcherMethod extends Method {
PatternMatcherMethod() {
this.getDeclaringType() instanceof TypeRegexPattern and
this.hasName("matcher")
}
}
/** The `quote` method of the `java.util.regex.Pattern` class. */
class PatternQuoteMethod extends Method {
PatternQuoteMethod() {

21
java/ql/lib/semmle/code/java/security/RequestForgery.qll
View File

@@ -166,22 +166,7 @@ private class HostComparisonSanitizer extends RequestForgerySanitizer {
}
/**
* A qualifier in a call to a `.matches()` method that is a sanitizer for URL redirects.
*
* Matches any method call where the method is named `matches`.
* A comparison with a regular expression that is a sanitizer for URL redirects.
*/
private predicate isMatchesSanitizer(Guard guard, Expr e, boolean branch) {
guard =
any(MethodCall method |
method.getMethod().getName() = "matches" and
e = method.getQualifier() and
branch = true
)
}
/**
* A qualifier in a call to `.matches()` that is a sanitizer for URL redirects.
*/
private class MatchesSanitizer extends RequestForgerySanitizer {
MatchesSanitizer() { this = DataFlow::BarrierGuard<isMatchesSanitizer/3>::getABarrierNode() }
}
private class RegexpCheckRequestForgerySanitizer extends RequestForgerySanitizer instanceof RegexpCheckBarrier
{ }

43
java/ql/lib/semmle/code/java/security/Sanitizers.qll
View File

@@ -3,7 +3,9 @@ overlay[local?]
module;
import java
private import semmle.code.java.controlflow.Guards
private import semmle.code.java.dataflow.DataFlow
private import semmle.code.java.frameworks.Regex
/**
* A node whose type is a simple type unlikely to carry taint, such as primitives and their boxed counterparts,
@@ -29,3 +31,44 @@ class SimpleTypeSanitizer extends DataFlow::Node {
this.getType() instanceof EnumType
}
}
/**
* Holds if `guard` holds with branch `branch` if `e` matches a regular expression.
*
* This is overapproximate: we do not attempt to reason about the correctness of the regexp.
*
* Use this if you want to define a derived `DataFlow::BarrierGuard` without
* make the type recursive. Otherwise use `RegexpCheckBarrier`.
*/
predicate regexpMatchGuardChecks(Guard guard, Expr e, boolean branch) {
exists(Method method, MethodCall mc |
method = mc.getMethod() and
guard = mc and
branch = true
|
// `String.matches` and other `matches` methods.
method.getName() = "matches" and
e = mc.getQualifier()
or
method instanceof PatternMatchesMethod and
e = mc.getArgument(1)
or
method instanceof MatcherMatchesMethod and
exists(MethodCall matcherCall |
matcherCall.getMethod() instanceof PatternMatcherMethod and
e = matcherCall.getArgument(0) and
DataFlow::localExprFlow(matcherCall, mc.getQualifier())
)
)
}
/**
* A check against a regular expression, considered as a barrier guard.
*
* This is overapproximate: we do not attempt to reason about the correctness of the regexp.
*/
class RegexpCheckBarrier extends DataFlow::Node {
RegexpCheckBarrier() {
this = DataFlow::BarrierGuard<regexpMatchGuardChecks/3>::getABarrierNode()
}
}

474
java/ql/test/query-tests/security/CWE-918/RequestForgery.expected
View File

@@ -228,30 +228,30 @@
| JdbcUrlSSRF.java:88:19:88:25 | jdbcUrl | JdbcUrlSSRF.java:80:26:80:56 | getParameter(...) : String | JdbcUrlSSRF.java:88:19:88:25 | jdbcUrl | Potential server-side request forgery due to a $@. | JdbcUrlSSRF.java:80:26:80:56 | getParameter(...) | user-provided value |
| ReactiveWebClientSSRF.java:16:52:16:54 | url | ReactiveWebClientSSRF.java:15:26:15:52 | getParameter(...) : String | ReactiveWebClientSSRF.java:16:52:16:54 | url | Potential server-side request forgery due to a $@. | ReactiveWebClientSSRF.java:15:26:15:52 | getParameter(...) | user-provided value |
| ReactiveWebClientSSRF.java:35:30:35:32 | url | ReactiveWebClientSSRF.java:32:26:32:52 | getParameter(...) : String | ReactiveWebClientSSRF.java:35:30:35:32 | url | Potential server-side request forgery due to a $@. | ReactiveWebClientSSRF.java:32:26:32:52 | getParameter(...) | user-provided value |
| SanitizationTests.java:22:52:22:54 | uri | SanitizationTests.java:19:31:19:57 | getParameter(...) : String | SanitizationTests.java:22:52:22:54 | uri | Potential server-side request forgery due to a $@. | SanitizationTests.java:19:31:19:57 | getParameter(...) | user-provided value |
| SanitizationTests.java:23:25:23:25 | r | SanitizationTests.java:19:31:19:57 | getParameter(...) : String | SanitizationTests.java:23:25:23:25 | r | Potential server-side request forgery due to a $@. | SanitizationTests.java:19:31:19:57 | getParameter(...) | user-provided value |
| SanitizationTests.java:76:59:76:77 | new URI(...) | SanitizationTests.java:75:33:75:63 | getParameter(...) : String | SanitizationTests.java:76:59:76:77 | new URI(...) | Potential server-side request forgery due to a $@. | SanitizationTests.java:75:33:75:63 | getParameter(...) | user-provided value |
| SanitizationTests.java:77:25:77:32 | unsafer3 | SanitizationTests.java:75:33:75:63 | getParameter(...) : String | SanitizationTests.java:77:25:77:32 | unsafer3 | Potential server-side request forgery due to a $@. | SanitizationTests.java:75:33:75:63 | getParameter(...) | user-provided value |
| SanitizationTests.java:80:59:80:77 | new URI(...) | SanitizationTests.java:79:49:79:79 | getParameter(...) : String | SanitizationTests.java:80:59:80:77 | new URI(...) | Potential server-side request forgery due to a $@. | SanitizationTests.java:79:49:79:79 | getParameter(...) | user-provided value |
| SanitizationTests.java:81:25:81:32 | unsafer4 | SanitizationTests.java:79:49:79:79 | getParameter(...) : String | SanitizationTests.java:81:25:81:32 | unsafer4 | Potential server-side request forgery due to a $@. | SanitizationTests.java:79:49:79:79 | getParameter(...) | user-provided value |
| SanitizationTests.java:85:59:85:88 | new URI(...) | SanitizationTests.java:84:31:84:61 | getParameter(...) : String | SanitizationTests.java:85:59:85:88 | new URI(...) | Potential server-side request forgery due to a $@. | SanitizationTests.java:84:31:84:61 | getParameter(...) | user-provided value |
| SanitizationTests.java:86:25:86:32 | unsafer5 | SanitizationTests.java:84:31:84:61 | getParameter(...) : String | SanitizationTests.java:86:25:86:32 | unsafer5 | Potential server-side request forgery due to a $@. | SanitizationTests.java:84:31:84:61 | getParameter(...) | user-provided value |
| SanitizationTests.java:90:60:90:89 | new URI(...) | SanitizationTests.java:88:58:88:86 | getParameter(...) : String | SanitizationTests.java:90:60:90:89 | new URI(...) | Potential server-side request forgery due to a $@. | SanitizationTests.java:88:58:88:86 | getParameter(...) | user-provided value |
| SanitizationTests.java:91:25:91:33 | unsafer5a | SanitizationTests.java:88:58:88:86 | getParameter(...) : String | SanitizationTests.java:91:25:91:33 | unsafer5a | Potential server-side request forgery due to a $@. | SanitizationTests.java:88:58:88:86 | getParameter(...) | user-provided value |
| SanitizationTests.java:95:60:95:90 | new URI(...) | SanitizationTests.java:93:60:93:88 | getParameter(...) : String | SanitizationTests.java:95:60:95:90 | new URI(...) | Potential server-side request forgery due to a $@. | SanitizationTests.java:93:60:93:88 | getParameter(...) | user-provided value |
| SanitizationTests.java:96:25:96:33 | unsafer5b | SanitizationTests.java:93:60:93:88 | getParameter(...) : String | SanitizationTests.java:96:25:96:33 | unsafer5b | Potential server-side request forgery due to a $@. | SanitizationTests.java:93:60:93:88 | getParameter(...) | user-provided value |
| SanitizationTests.java:100:60:100:90 | new URI(...) | SanitizationTests.java:98:77:98:105 | getParameter(...) : String | SanitizationTests.java:100:60:100:90 | new URI(...) | Potential server-side request forgery due to a $@. | SanitizationTests.java:98:77:98:105 | getParameter(...) | user-provided value |
| SanitizationTests.java:101:25:101:33 | unsafer5c | SanitizationTests.java:98:77:98:105 | getParameter(...) : String | SanitizationTests.java:101:25:101:33 | unsafer5c | Potential server-side request forgery due to a $@. | SanitizationTests.java:98:77:98:105 | getParameter(...) | user-provided value |
| SanitizationTests.java:104:59:104:77 | new URI(...) | SanitizationTests.java:103:73:103:103 | getParameter(...) : String | SanitizationTests.java:104:59:104:77 | new URI(...) | Potential server-side request forgery due to a $@. | SanitizationTests.java:103:73:103:103 | getParameter(...) | user-provided value |
| SanitizationTests.java:105:25:105:32 | unsafer6 | SanitizationTests.java:103:73:103:103 | getParameter(...) : String | SanitizationTests.java:105:25:105:32 | unsafer6 | Potential server-side request forgery due to a $@. | SanitizationTests.java:103:73:103:103 | getParameter(...) | user-provided value |
| SanitizationTests.java:108:59:108:77 | new URI(...) | SanitizationTests.java:107:56:107:86 | getParameter(...) : String | SanitizationTests.java:108:59:108:77 | new URI(...) | Potential server-side request forgery due to a $@. | SanitizationTests.java:107:56:107:86 | getParameter(...) | user-provided value |
| SanitizationTests.java:109:25:109:32 | unsafer7 | SanitizationTests.java:107:56:107:86 | getParameter(...) : String | SanitizationTests.java:109:25:109:32 | unsafer7 | Potential server-side request forgery due to a $@. | SanitizationTests.java:107:56:107:86 | getParameter(...) | user-provided value |
| SanitizationTests.java:112:59:112:77 | new URI(...) | SanitizationTests.java:111:55:111:85 | getParameter(...) : String | SanitizationTests.java:112:59:112:77 | new URI(...) | Potential server-side request forgery due to a $@. | SanitizationTests.java:111:55:111:85 | getParameter(...) | user-provided value |
| SanitizationTests.java:113:25:113:32 | unsafer8 | SanitizationTests.java:111:55:111:85 | getParameter(...) : String | SanitizationTests.java:113:25:113:32 | unsafer8 | Potential server-side request forgery due to a $@. | SanitizationTests.java:111:55:111:85 | getParameter(...) | user-provided value |
| SanitizationTests.java:116:59:116:77 | new URI(...) | SanitizationTests.java:115:33:115:63 | getParameter(...) : String | SanitizationTests.java:116:59:116:77 | new URI(...) | Potential server-side request forgery due to a $@. | SanitizationTests.java:115:33:115:63 | getParameter(...) | user-provided value |
| SanitizationTests.java:117:25:117:32 | unsafer9 | SanitizationTests.java:115:33:115:63 | getParameter(...) : String | SanitizationTests.java:117:25:117:32 | unsafer9 | Potential server-side request forgery due to a $@. | SanitizationTests.java:115:33:115:63 | getParameter(...) | user-provided value |
| SanitizationTests.java:120:60:120:79 | new URI(...) | SanitizationTests.java:119:94:119:125 | getParameter(...) : String | SanitizationTests.java:120:60:120:79 | new URI(...) | Potential server-side request forgery due to a $@. | SanitizationTests.java:119:94:119:125 | getParameter(...) | user-provided value |
| SanitizationTests.java:121:25:121:33 | unsafer10 | SanitizationTests.java:119:94:119:125 | getParameter(...) : String | SanitizationTests.java:121:25:121:33 | unsafer10 | Potential server-side request forgery due to a $@. | SanitizationTests.java:119:94:119:125 | getParameter(...) | user-provided value |
| SanitizationTests.java:24:52:24:54 | uri | SanitizationTests.java:21:31:21:57 | getParameter(...) : String | SanitizationTests.java:24:52:24:54 | uri | Potential server-side request forgery due to a $@. | SanitizationTests.java:21:31:21:57 | getParameter(...) | user-provided value |
| SanitizationTests.java:25:25:25:25 | r | SanitizationTests.java:21:31:21:57 | getParameter(...) : String | SanitizationTests.java:25:25:25:25 | r | Potential server-side request forgery due to a $@. | SanitizationTests.java:21:31:21:57 | getParameter(...) | user-provided value |
| SanitizationTests.java:78:59:78:77 | new URI(...) | SanitizationTests.java:77:33:77:63 | getParameter(...) : String | SanitizationTests.java:78:59:78:77 | new URI(...) | Potential server-side request forgery due to a $@. | SanitizationTests.java:77:33:77:63 | getParameter(...) | user-provided value |
| SanitizationTests.java:79:25:79:32 | unsafer3 | SanitizationTests.java:77:33:77:63 | getParameter(...) : String | SanitizationTests.java:79:25:79:32 | unsafer3 | Potential server-side request forgery due to a $@. | SanitizationTests.java:77:33:77:63 | getParameter(...) | user-provided value |
| SanitizationTests.java:82:59:82:77 | new URI(...) | SanitizationTests.java:81:49:81:79 | getParameter(...) : String | SanitizationTests.java:82:59:82:77 | new URI(...) | Potential server-side request forgery due to a $@. | SanitizationTests.java:81:49:81:79 | getParameter(...) | user-provided value |
| SanitizationTests.java:83:25:83:32 | unsafer4 | SanitizationTests.java:81:49:81:79 | getParameter(...) : String | SanitizationTests.java:83:25:83:32 | unsafer4 | Potential server-side request forgery due to a $@. | SanitizationTests.java:81:49:81:79 | getParameter(...) | user-provided value |
| SanitizationTests.java:87:59:87:88 | new URI(...) | SanitizationTests.java:86:31:86:61 | getParameter(...) : String | SanitizationTests.java:87:59:87:88 | new URI(...) | Potential server-side request forgery due to a $@. | SanitizationTests.java:86:31:86:61 | getParameter(...) | user-provided value |
| SanitizationTests.java:88:25:88:32 | unsafer5 | SanitizationTests.java:86:31:86:61 | getParameter(...) : String | SanitizationTests.java:88:25:88:32 | unsafer5 | Potential server-side request forgery due to a $@. | SanitizationTests.java:86:31:86:61 | getParameter(...) | user-provided value |
| SanitizationTests.java:92:60:92:89 | new URI(...) | SanitizationTests.java:90:58:90:86 | getParameter(...) : String | SanitizationTests.java:92:60:92:89 | new URI(...) | Potential server-side request forgery due to a $@. | SanitizationTests.java:90:58:90:86 | getParameter(...) | user-provided value |
| SanitizationTests.java:93:25:93:33 | unsafer5a | SanitizationTests.java:90:58:90:86 | getParameter(...) : String | SanitizationTests.java:93:25:93:33 | unsafer5a | Potential server-side request forgery due to a $@. | SanitizationTests.java:90:58:90:86 | getParameter(...) | user-provided value |
| SanitizationTests.java:97:60:97:90 | new URI(...) | SanitizationTests.java:95:60:95:88 | getParameter(...) : String | SanitizationTests.java:97:60:97:90 | new URI(...) | Potential server-side request forgery due to a $@. | SanitizationTests.java:95:60:95:88 | getParameter(...) | user-provided value |
| SanitizationTests.java:98:25:98:33 | unsafer5b | SanitizationTests.java:95:60:95:88 | getParameter(...) : String | SanitizationTests.java:98:25:98:33 | unsafer5b | Potential server-side request forgery due to a $@. | SanitizationTests.java:95:60:95:88 | getParameter(...) | user-provided value |
| SanitizationTests.java:102:60:102:90 | new URI(...) | SanitizationTests.java:100:77:100:105 | getParameter(...) : String | SanitizationTests.java:102:60:102:90 | new URI(...) | Potential server-side request forgery due to a $@. | SanitizationTests.java:100:77:100:105 | getParameter(...) | user-provided value |
| SanitizationTests.java:103:25:103:33 | unsafer5c | SanitizationTests.java:100:77:100:105 | getParameter(...) : String | SanitizationTests.java:103:25:103:33 | unsafer5c | Potential server-side request forgery due to a $@. | SanitizationTests.java:100:77:100:105 | getParameter(...) | user-provided value |
| SanitizationTests.java:106:59:106:77 | new URI(...) | SanitizationTests.java:105:73:105:103 | getParameter(...) : String | SanitizationTests.java:106:59:106:77 | new URI(...) | Potential server-side request forgery due to a $@. | SanitizationTests.java:105:73:105:103 | getParameter(...) | user-provided value |
| SanitizationTests.java:107:25:107:32 | unsafer6 | SanitizationTests.java:105:73:105:103 | getParameter(...) : String | SanitizationTests.java:107:25:107:32 | unsafer6 | Potential server-side request forgery due to a $@. | SanitizationTests.java:105:73:105:103 | getParameter(...) | user-provided value |
| SanitizationTests.java:110:59:110:77 | new URI(...) | SanitizationTests.java:109:56:109:86 | getParameter(...) : String | SanitizationTests.java:110:59:110:77 | new URI(...) | Potential server-side request forgery due to a $@. | SanitizationTests.java:109:56:109:86 | getParameter(...) | user-provided value |
| SanitizationTests.java:111:25:111:32 | unsafer7 | SanitizationTests.java:109:56:109:86 | getParameter(...) : String | SanitizationTests.java:111:25:111:32 | unsafer7 | Potential server-side request forgery due to a $@. | SanitizationTests.java:109:56:109:86 | getParameter(...) | user-provided value |
| SanitizationTests.java:114:59:114:77 | new URI(...) | SanitizationTests.java:113:55:113:85 | getParameter(...) : String | SanitizationTests.java:114:59:114:77 | new URI(...) | Potential server-side request forgery due to a $@. | SanitizationTests.java:113:55:113:85 | getParameter(...) | user-provided value |
| SanitizationTests.java:115:25:115:32 | unsafer8 | SanitizationTests.java:113:55:113:85 | getParameter(...) : String | SanitizationTests.java:115:25:115:32 | unsafer8 | Potential server-side request forgery due to a $@. | SanitizationTests.java:113:55:113:85 | getParameter(...) | user-provided value |
| SanitizationTests.java:118:59:118:77 | new URI(...) | SanitizationTests.java:117:33:117:63 | getParameter(...) : String | SanitizationTests.java:118:59:118:77 | new URI(...) | Potential server-side request forgery due to a $@. | SanitizationTests.java:117:33:117:63 | getParameter(...) | user-provided value |
| SanitizationTests.java:119:25:119:32 | unsafer9 | SanitizationTests.java:117:33:117:63 | getParameter(...) : String | SanitizationTests.java:119:25:119:32 | unsafer9 | Potential server-side request forgery due to a $@. | SanitizationTests.java:117:33:117:63 | getParameter(...) | user-provided value |
| SanitizationTests.java:122:60:122:79 | new URI(...) | SanitizationTests.java:121:94:121:125 | getParameter(...) : String | SanitizationTests.java:122:60:122:79 | new URI(...) | Potential server-side request forgery due to a $@. | SanitizationTests.java:121:94:121:125 | getParameter(...) | user-provided value |
| SanitizationTests.java:123:25:123:33 | unsafer10 | SanitizationTests.java:121:94:121:125 | getParameter(...) : String | SanitizationTests.java:123:25:123:33 | unsafer10 | Potential server-side request forgery due to a $@. | SanitizationTests.java:121:94:121:125 | getParameter(...) | user-provided value |
| SpringSSRF.java:32:39:32:59 | ... + ... | SpringSSRF.java:28:33:28:60 | getParameter(...) : String | SpringSSRF.java:32:39:32:59 | ... + ... | Potential server-side request forgery due to a $@. | SpringSSRF.java:28:33:28:60 | getParameter(...) | user-provided value |
| SpringSSRF.java:33:35:33:48 | fooResourceUrl | SpringSSRF.java:28:33:28:60 | getParameter(...) : String | SpringSSRF.java:33:35:33:48 | fooResourceUrl | Potential server-side request forgery due to a $@. | SpringSSRF.java:28:33:28:60 | getParameter(...) | user-provided value |
| SpringSSRF.java:34:34:34:47 | fooResourceUrl | SpringSSRF.java:28:33:28:60 | getParameter(...) : String | SpringSSRF.java:34:34:34:47 | fooResourceUrl | Potential server-side request forgery due to a $@. | SpringSSRF.java:28:33:28:60 | getParameter(...) | user-provided value |
@@ -665,118 +665,118 @@ edges
| JdbcUrlSSRF.java:80:26:80:56 | getParameter(...) : String | JdbcUrlSSRF.java:88:19:88:25 | jdbcUrl | provenance | Src:MaD:277 Sink:MaD:240 |
| ReactiveWebClientSSRF.java:15:26:15:52 | getParameter(...) : String | ReactiveWebClientSSRF.java:16:52:16:54 | url | provenance | Src:MaD:277 Sink:MaD:274 |
| ReactiveWebClientSSRF.java:32:26:32:52 | getParameter(...) : String | ReactiveWebClientSSRF.java:35:30:35:32 | url | provenance | Src:MaD:277 Sink:MaD:273 |
| SanitizationTests.java:19:23:19:58 | new URI(...) : URI | SanitizationTests.java:22:52:22:54 | uri | provenance | Sink:MaD:6 |
| SanitizationTests.java:19:23:19:58 | new URI(...) : URI | SanitizationTests.java:22:52:22:54 | uri : URI | provenance | |
| SanitizationTests.java:19:31:19:57 | getParameter(...) : String | SanitizationTests.java:19:23:19:58 | new URI(...) : URI | provenance | Src:MaD:277 Config |
| SanitizationTests.java:19:31:19:57 | getParameter(...) : String | SanitizationTests.java:19:23:19:58 | new URI(...) : URI | provenance | Src:MaD:277 MaD:285 |
| SanitizationTests.java:22:29:22:55 | newBuilder(...) : Builder | SanitizationTests.java:22:29:22:63 | build(...) : HttpRequest | provenance | MaD:283 |
| SanitizationTests.java:22:29:22:63 | build(...) : HttpRequest | SanitizationTests.java:23:25:23:25 | r | provenance | Sink:MaD:4 |
| SanitizationTests.java:22:52:22:54 | uri : URI | SanitizationTests.java:22:29:22:55 | newBuilder(...) : Builder | provenance | MaD:284 |
| SanitizationTests.java:75:33:75:63 | getParameter(...) : String | SanitizationTests.java:76:67:76:76 | unsafeUri3 : String | provenance | Src:MaD:277 |
| SanitizationTests.java:76:36:76:78 | newBuilder(...) : Builder | SanitizationTests.java:76:36:76:86 | build(...) : HttpRequest | provenance | MaD:283 |
| SanitizationTests.java:76:36:76:86 | build(...) : HttpRequest | SanitizationTests.java:77:25:77:32 | unsafer3 | provenance | Sink:MaD:4 |
| SanitizationTests.java:76:59:76:77 | new URI(...) : URI | SanitizationTests.java:76:36:76:78 | newBuilder(...) : Builder | provenance | MaD:284 |
| SanitizationTests.java:76:67:76:76 | unsafeUri3 : String | SanitizationTests.java:76:59:76:77 | new URI(...) | provenance | Config Sink:MaD:6 |
| SanitizationTests.java:76:67:76:76 | unsafeUri3 : String | SanitizationTests.java:76:59:76:77 | new URI(...) | provenance | MaD:285 Sink:MaD:6 |
| SanitizationTests.java:76:67:76:76 | unsafeUri3 : String | SanitizationTests.java:76:59:76:77 | new URI(...) : URI | provenance | Config |
| SanitizationTests.java:76:67:76:76 | unsafeUri3 : String | SanitizationTests.java:76:59:76:77 | new URI(...) : URI | provenance | MaD:285 |
| SanitizationTests.java:79:49:79:79 | getParameter(...) : String | SanitizationTests.java:80:67:80:76 | unsafeUri4 : String | provenance | Src:MaD:277 |
| SanitizationTests.java:80:36:80:78 | newBuilder(...) : Builder | SanitizationTests.java:80:36:80:86 | build(...) : HttpRequest | provenance | MaD:283 |
| SanitizationTests.java:80:36:80:86 | build(...) : HttpRequest | SanitizationTests.java:81:25:81:32 | unsafer4 | provenance | Sink:MaD:4 |
| SanitizationTests.java:80:59:80:77 | new URI(...) : URI | SanitizationTests.java:80:36:80:78 | newBuilder(...) : Builder | provenance | MaD:284 |
| SanitizationTests.java:80:67:80:76 | unsafeUri4 : String | SanitizationTests.java:80:59:80:77 | new URI(...) | provenance | Config Sink:MaD:6 |
| SanitizationTests.java:80:67:80:76 | unsafeUri4 : String | SanitizationTests.java:80:59:80:77 | new URI(...) | provenance | MaD:285 Sink:MaD:6 |
| SanitizationTests.java:80:67:80:76 | unsafeUri4 : String | SanitizationTests.java:80:59:80:77 | new URI(...) : URI | provenance | Config |
| SanitizationTests.java:80:67:80:76 | unsafeUri4 : String | SanitizationTests.java:80:59:80:77 | new URI(...) : URI | provenance | MaD:285 |
| SanitizationTests.java:84:13:84:22 | unsafeUri5 [post update] : StringBuilder | SanitizationTests.java:85:67:85:76 | unsafeUri5 : StringBuilder | provenance | |
| SanitizationTests.java:84:31:84:61 | getParameter(...) : String | SanitizationTests.java:84:13:84:22 | unsafeUri5 [post update] : StringBuilder | provenance | Src:MaD:277 MaD:278 |
| SanitizationTests.java:85:36:85:89 | newBuilder(...) : Builder | SanitizationTests.java:85:36:85:97 | build(...) : HttpRequest | provenance | MaD:283 |
| SanitizationTests.java:85:36:85:97 | build(...) : HttpRequest | SanitizationTests.java:86:25:86:32 | unsafer5 | provenance | Sink:MaD:4 |
| SanitizationTests.java:85:59:85:88 | new URI(...) : URI | SanitizationTests.java:85:36:85:89 | newBuilder(...) : Builder | provenance | MaD:284 |
| SanitizationTests.java:85:67:85:76 | unsafeUri5 : StringBuilder | SanitizationTests.java:85:67:85:87 | toString(...) : String | provenance | MaD:280 |
| SanitizationTests.java:85:67:85:87 | toString(...) : String | SanitizationTests.java:85:59:85:88 | new URI(...) | provenance | Config Sink:MaD:6 |
| SanitizationTests.java:85:67:85:87 | toString(...) : String | SanitizationTests.java:85:59:85:88 | new URI(...) | provenance | MaD:285 Sink:MaD:6 |
| SanitizationTests.java:85:67:85:87 | toString(...) : String | SanitizationTests.java:85:59:85:88 | new URI(...) : URI | provenance | Config |
| SanitizationTests.java:85:67:85:87 | toString(...) : String | SanitizationTests.java:85:59:85:88 | new URI(...) : URI | provenance | MaD:285 |
| SanitizationTests.java:88:40:88:87 | new StringBuilder(...) : StringBuilder | SanitizationTests.java:90:68:90:77 | unafeUri5a : StringBuilder | provenance | |
| SanitizationTests.java:88:58:88:86 | getParameter(...) : String | SanitizationTests.java:88:40:88:87 | new StringBuilder(...) : StringBuilder | provenance | Src:MaD:277 MaD:282 |
| SanitizationTests.java:90:37:90:90 | newBuilder(...) : Builder | SanitizationTests.java:90:37:90:98 | build(...) : HttpRequest | provenance | MaD:283 |
| SanitizationTests.java:90:37:90:98 | build(...) : HttpRequest | SanitizationTests.java:91:25:91:33 | unsafer5a | provenance | Sink:MaD:4 |
| SanitizationTests.java:90:60:90:89 | new URI(...) : URI | SanitizationTests.java:90:37:90:90 | newBuilder(...) : Builder | provenance | MaD:284 |
| SanitizationTests.java:90:68:90:77 | unafeUri5a : StringBuilder | SanitizationTests.java:90:68:90:88 | toString(...) : String | provenance | MaD:280 |
| SanitizationTests.java:90:68:90:88 | toString(...) : String | SanitizationTests.java:90:60:90:89 | new URI(...) | provenance | Config Sink:MaD:6 |
| SanitizationTests.java:90:68:90:88 | toString(...) : String | SanitizationTests.java:90:60:90:89 | new URI(...) | provenance | MaD:285 Sink:MaD:6 |
| SanitizationTests.java:90:68:90:88 | toString(...) : String | SanitizationTests.java:90:60:90:89 | new URI(...) : URI | provenance | Config |
| SanitizationTests.java:90:68:90:88 | toString(...) : String | SanitizationTests.java:90:60:90:89 | new URI(...) : URI | provenance | MaD:285 |
| SanitizationTests.java:93:41:93:105 | append(...) : StringBuilder | SanitizationTests.java:95:68:95:78 | unsafeUri5b : StringBuilder | provenance | |
| SanitizationTests.java:93:42:93:89 | new StringBuilder(...) : StringBuilder | SanitizationTests.java:93:41:93:105 | append(...) : StringBuilder | provenance | MaD:279 |
| SanitizationTests.java:93:60:93:88 | getParameter(...) : String | SanitizationTests.java:93:42:93:89 | new StringBuilder(...) : StringBuilder | provenance | Src:MaD:277 MaD:282 |
| SanitizationTests.java:95:37:95:91 | newBuilder(...) : Builder | SanitizationTests.java:95:37:95:99 | build(...) : HttpRequest | provenance | MaD:283 |
| SanitizationTests.java:95:37:95:99 | build(...) : HttpRequest | SanitizationTests.java:96:25:96:33 | unsafer5b | provenance | Sink:MaD:4 |
| SanitizationTests.java:95:60:95:90 | new URI(...) : URI | SanitizationTests.java:95:37:95:91 | newBuilder(...) : Builder | provenance | MaD:284 |
| SanitizationTests.java:95:68:95:78 | unsafeUri5b : StringBuilder | SanitizationTests.java:95:68:95:89 | toString(...) : String | provenance | MaD:280 |
| SanitizationTests.java:95:68:95:89 | toString(...) : String | SanitizationTests.java:95:60:95:90 | new URI(...) | provenance | Config Sink:MaD:6 |
| SanitizationTests.java:95:68:95:89 | toString(...) : String | SanitizationTests.java:95:60:95:90 | new URI(...) | provenance | MaD:285 Sink:MaD:6 |
| SanitizationTests.java:95:68:95:89 | toString(...) : String | SanitizationTests.java:95:60:95:90 | new URI(...) : URI | provenance | Config |
| SanitizationTests.java:95:68:95:89 | toString(...) : String | SanitizationTests.java:95:60:95:90 | new URI(...) : URI | provenance | MaD:285 |
| SanitizationTests.java:98:41:98:106 | append(...) : StringBuilder | SanitizationTests.java:100:68:100:78 | unsafeUri5c : StringBuilder | provenance | |
| SanitizationTests.java:98:77:98:105 | getParameter(...) : String | SanitizationTests.java:98:41:98:106 | append(...) : StringBuilder | provenance | Src:MaD:277 MaD:278+MaD:279 |
| SanitizationTests.java:100:37:100:91 | newBuilder(...) : Builder | SanitizationTests.java:100:37:100:99 | build(...) : HttpRequest | provenance | MaD:283 |
| SanitizationTests.java:100:37:100:99 | build(...) : HttpRequest | SanitizationTests.java:101:25:101:33 | unsafer5c | provenance | Sink:MaD:4 |
| SanitizationTests.java:100:60:100:90 | new URI(...) : URI | SanitizationTests.java:100:37:100:91 | newBuilder(...) : Builder | provenance | MaD:284 |
| SanitizationTests.java:100:68:100:78 | unsafeUri5c : StringBuilder | SanitizationTests.java:100:68:100:89 | toString(...) : String | provenance | MaD:280 |
| SanitizationTests.java:100:68:100:89 | toString(...) : String | SanitizationTests.java:100:60:100:90 | new URI(...) | provenance | Config Sink:MaD:6 |
| SanitizationTests.java:100:68:100:89 | toString(...) : String | SanitizationTests.java:100:60:100:90 | new URI(...) | provenance | MaD:285 Sink:MaD:6 |
| SanitizationTests.java:100:68:100:89 | toString(...) : String | SanitizationTests.java:100:60:100:90 | new URI(...) : URI | provenance | Config |
| SanitizationTests.java:100:68:100:89 | toString(...) : String | SanitizationTests.java:100:60:100:90 | new URI(...) : URI | provenance | MaD:285 |
| SanitizationTests.java:103:33:103:104 | format(...) : String | SanitizationTests.java:104:67:104:76 | unsafeUri6 : String | provenance | |
| SanitizationTests.java:103:33:103:104 | new ..[] { .. } : Object[] [[]] : String | SanitizationTests.java:103:33:103:104 | format(...) : String | provenance | MaD:281 |
| SanitizationTests.java:103:73:103:103 | getParameter(...) : String | SanitizationTests.java:103:33:103:104 | new ..[] { .. } : Object[] [[]] : String | provenance | Src:MaD:277 |
| SanitizationTests.java:104:36:104:78 | newBuilder(...) : Builder | SanitizationTests.java:104:36:104:86 | build(...) : HttpRequest | provenance | MaD:283 |
| SanitizationTests.java:104:36:104:86 | build(...) : HttpRequest | SanitizationTests.java:105:25:105:32 | unsafer6 | provenance | Sink:MaD:4 |
| SanitizationTests.java:104:59:104:77 | new URI(...) : URI | SanitizationTests.java:104:36:104:78 | newBuilder(...) : Builder | provenance | MaD:284 |
| SanitizationTests.java:104:67:104:76 | unsafeUri6 : String | SanitizationTests.java:104:59:104:77 | new URI(...) | provenance | Config Sink:MaD:6 |
| SanitizationTests.java:104:67:104:76 | unsafeUri6 : String | SanitizationTests.java:104:59:104:77 | new URI(...) | provenance | MaD:285 Sink:MaD:6 |
| SanitizationTests.java:104:67:104:76 | unsafeUri6 : String | SanitizationTests.java:104:59:104:77 | new URI(...) : URI | provenance | Config |
| SanitizationTests.java:104:67:104:76 | unsafeUri6 : String | SanitizationTests.java:104:59:104:77 | new URI(...) : URI | provenance | MaD:285 |
| SanitizationTests.java:107:33:107:110 | format(...) : String | SanitizationTests.java:108:67:108:76 | unsafeUri7 : String | provenance | |
| SanitizationTests.java:107:33:107:110 | new ..[] { .. } : Object[] [[]] : String | SanitizationTests.java:107:33:107:110 | format(...) : String | provenance | MaD:281 |
| SanitizationTests.java:107:56:107:86 | getParameter(...) : String | SanitizationTests.java:107:33:107:110 | new ..[] { .. } : Object[] [[]] : String | provenance | Src:MaD:277 |
| SanitizationTests.java:108:36:108:78 | newBuilder(...) : Builder | SanitizationTests.java:108:36:108:86 | build(...) : HttpRequest | provenance | MaD:283 |
| SanitizationTests.java:108:36:108:86 | build(...) : HttpRequest | SanitizationTests.java:109:25:109:32 | unsafer7 | provenance | Sink:MaD:4 |
| SanitizationTests.java:108:59:108:77 | new URI(...) : URI | SanitizationTests.java:108:36:108:78 | newBuilder(...) : Builder | provenance | MaD:284 |
| SanitizationTests.java:108:67:108:76 | unsafeUri7 : String | SanitizationTests.java:108:59:108:77 | new URI(...) | provenance | Config Sink:MaD:6 |
| SanitizationTests.java:108:67:108:76 | unsafeUri7 : String | SanitizationTests.java:108:59:108:77 | new URI(...) | provenance | MaD:285 Sink:MaD:6 |
| SanitizationTests.java:108:67:108:76 | unsafeUri7 : String | SanitizationTests.java:108:59:108:77 | new URI(...) : URI | provenance | Config |
| SanitizationTests.java:108:67:108:76 | unsafeUri7 : String | SanitizationTests.java:108:59:108:77 | new URI(...) : URI | provenance | MaD:285 |
| SanitizationTests.java:111:33:111:110 | format(...) : String | SanitizationTests.java:112:67:112:76 | unsafeUri8 : String | provenance | |
| SanitizationTests.java:111:33:111:110 | new ..[] { .. } : Object[] [[]] : String | SanitizationTests.java:111:33:111:110 | format(...) : String | provenance | MaD:281 |
| SanitizationTests.java:111:55:111:85 | getParameter(...) : String | SanitizationTests.java:111:33:111:110 | new ..[] { .. } : Object[] [[]] : String | provenance | Src:MaD:277 |
| SanitizationTests.java:112:36:112:78 | newBuilder(...) : Builder | SanitizationTests.java:112:36:112:86 | build(...) : HttpRequest | provenance | MaD:283 |
| SanitizationTests.java:112:36:112:86 | build(...) : HttpRequest | SanitizationTests.java:113:25:113:32 | unsafer8 | provenance | Sink:MaD:4 |
| SanitizationTests.java:112:59:112:77 | new URI(...) : URI | SanitizationTests.java:112:36:112:78 | newBuilder(...) : Builder | provenance | MaD:284 |
| SanitizationTests.java:112:67:112:76 | unsafeUri8 : String | SanitizationTests.java:112:59:112:77 | new URI(...) | provenance | Config Sink:MaD:6 |
| SanitizationTests.java:112:67:112:76 | unsafeUri8 : String | SanitizationTests.java:112:59:112:77 | new URI(...) | provenance | MaD:285 Sink:MaD:6 |
| SanitizationTests.java:112:67:112:76 | unsafeUri8 : String | SanitizationTests.java:112:59:112:77 | new URI(...) : URI | provenance | Config |
| SanitizationTests.java:112:67:112:76 | unsafeUri8 : String | SanitizationTests.java:112:59:112:77 | new URI(...) : URI | provenance | MaD:285 |
| SanitizationTests.java:115:33:115:63 | getParameter(...) : String | SanitizationTests.java:116:67:116:76 | unsafeUri9 : String | provenance | Src:MaD:277 |
| SanitizationTests.java:116:36:116:78 | newBuilder(...) : Builder | SanitizationTests.java:116:36:116:86 | build(...) : HttpRequest | provenance | MaD:283 |
| SanitizationTests.java:116:36:116:86 | build(...) : HttpRequest | SanitizationTests.java:117:25:117:32 | unsafer9 | provenance | Sink:MaD:4 |
| SanitizationTests.java:116:59:116:77 | new URI(...) : URI | SanitizationTests.java:116:36:116:78 | newBuilder(...) : Builder | provenance | MaD:284 |
| SanitizationTests.java:116:67:116:76 | unsafeUri9 : String | SanitizationTests.java:116:59:116:77 | new URI(...) | provenance | Config Sink:MaD:6 |
| SanitizationTests.java:116:67:116:76 | unsafeUri9 : String | SanitizationTests.java:116:59:116:77 | new URI(...) | provenance | MaD:285 Sink:MaD:6 |
| SanitizationTests.java:116:67:116:76 | unsafeUri9 : String | SanitizationTests.java:116:59:116:77 | new URI(...) : URI | provenance | Config |
| SanitizationTests.java:116:67:116:76 | unsafeUri9 : String | SanitizationTests.java:116:59:116:77 | new URI(...) : URI | provenance | MaD:285 |
| SanitizationTests.java:119:34:119:126 | format(...) : String | SanitizationTests.java:120:68:120:78 | unsafeUri10 : String | provenance | |
| SanitizationTests.java:119:34:119:126 | new ..[] { .. } : Object[] [[]] : String | SanitizationTests.java:119:34:119:126 | format(...) : String | provenance | MaD:281 |
| SanitizationTests.java:119:94:119:125 | getParameter(...) : String | SanitizationTests.java:119:34:119:126 | new ..[] { .. } : Object[] [[]] : String | provenance | Src:MaD:277 |
| SanitizationTests.java:120:37:120:80 | newBuilder(...) : Builder | SanitizationTests.java:120:37:120:88 | build(...) : HttpRequest | provenance | MaD:283 |
| SanitizationTests.java:120:37:120:88 | build(...) : HttpRequest | SanitizationTests.java:121:25:121:33 | unsafer10 | provenance | Sink:MaD:4 |
| SanitizationTests.java:120:60:120:79 | new URI(...) : URI | SanitizationTests.java:120:37:120:80 | newBuilder(...) : Builder | provenance | MaD:284 |
| SanitizationTests.java:120:68:120:78 | unsafeUri10 : String | SanitizationTests.java:120:60:120:79 | new URI(...) | provenance | Config Sink:MaD:6 |
| SanitizationTests.java:120:68:120:78 | unsafeUri10 : String | SanitizationTests.java:120:60:120:79 | new URI(...) | provenance | MaD:285 Sink:MaD:6 |
| SanitizationTests.java:120:68:120:78 | unsafeUri10 : String | SanitizationTests.java:120:60:120:79 | new URI(...) : URI | provenance | Config |
| SanitizationTests.java:120:68:120:78 | unsafeUri10 : String | SanitizationTests.java:120:60:120:79 | new URI(...) : URI | provenance | MaD:285 |
| SanitizationTests.java:21:23:21:58 | new URI(...) : URI | SanitizationTests.java:24:52:24:54 | uri | provenance | Sink:MaD:6 |
| SanitizationTests.java:21:23:21:58 | new URI(...) : URI | SanitizationTests.java:24:52:24:54 | uri : URI | provenance | |
| SanitizationTests.java:21:31:21:57 | getParameter(...) : String | SanitizationTests.java:21:23:21:58 | new URI(...) : URI | provenance | Src:MaD:277 Config |
| SanitizationTests.java:21:31:21:57 | getParameter(...) : String | SanitizationTests.java:21:23:21:58 | new URI(...) : URI | provenance | Src:MaD:277 MaD:285 |
| SanitizationTests.java:24:29:24:55 | newBuilder(...) : Builder | SanitizationTests.java:24:29:24:63 | build(...) : HttpRequest | provenance | MaD:283 |
| SanitizationTests.java:24:29:24:63 | build(...) : HttpRequest | SanitizationTests.java:25:25:25:25 | r | provenance | Sink:MaD:4 |
| SanitizationTests.java:24:52:24:54 | uri : URI | SanitizationTests.java:24:29:24:55 | newBuilder(...) : Builder | provenance | MaD:284 |
| SanitizationTests.java:77:33:77:63 | getParameter(...) : String | SanitizationTests.java:78:67:78:76 | unsafeUri3 : String | provenance | Src:MaD:277 |
| SanitizationTests.java:78:36:78:78 | newBuilder(...) : Builder | SanitizationTests.java:78:36:78:86 | build(...) : HttpRequest | provenance | MaD:283 |
| SanitizationTests.java:78:36:78:86 | build(...) : HttpRequest | SanitizationTests.java:79:25:79:32 | unsafer3 | provenance | Sink:MaD:4 |
| SanitizationTests.java:78:59:78:77 | new URI(...) : URI | SanitizationTests.java:78:36:78:78 | newBuilder(...) : Builder | provenance | MaD:284 |
| SanitizationTests.java:78:67:78:76 | unsafeUri3 : String | SanitizationTests.java:78:59:78:77 | new URI(...) | provenance | Config Sink:MaD:6 |
| SanitizationTests.java:78:67:78:76 | unsafeUri3 : String | SanitizationTests.java:78:59:78:77 | new URI(...) | provenance | MaD:285 Sink:MaD:6 |
| SanitizationTests.java:78:67:78:76 | unsafeUri3 : String | SanitizationTests.java:78:59:78:77 | new URI(...) : URI | provenance | Config |
| SanitizationTests.java:78:67:78:76 | unsafeUri3 : String | SanitizationTests.java:78:59:78:77 | new URI(...) : URI | provenance | MaD:285 |
| SanitizationTests.java:81:49:81:79 | getParameter(...) : String | SanitizationTests.java:82:67:82:76 | unsafeUri4 : String | provenance | Src:MaD:277 |
| SanitizationTests.java:82:36:82:78 | newBuilder(...) : Builder | SanitizationTests.java:82:36:82:86 | build(...) : HttpRequest | provenance | MaD:283 |
| SanitizationTests.java:82:36:82:86 | build(...) : HttpRequest | SanitizationTests.java:83:25:83:32 | unsafer4 | provenance | Sink:MaD:4 |
| SanitizationTests.java:82:59:82:77 | new URI(...) : URI | SanitizationTests.java:82:36:82:78 | newBuilder(...) : Builder | provenance | MaD:284 |
| SanitizationTests.java:82:67:82:76 | unsafeUri4 : String | SanitizationTests.java:82:59:82:77 | new URI(...) | provenance | Config Sink:MaD:6 |
| SanitizationTests.java:82:67:82:76 | unsafeUri4 : String | SanitizationTests.java:82:59:82:77 | new URI(...) | provenance | MaD:285 Sink:MaD:6 |
| SanitizationTests.java:82:67:82:76 | unsafeUri4 : String | SanitizationTests.java:82:59:82:77 | new URI(...) : URI | provenance | Config |
| SanitizationTests.java:82:67:82:76 | unsafeUri4 : String | SanitizationTests.java:82:59:82:77 | new URI(...) : URI | provenance | MaD:285 |
| SanitizationTests.java:86:13:86:22 | unsafeUri5 [post update] : StringBuilder | SanitizationTests.java:87:67:87:76 | unsafeUri5 : StringBuilder | provenance | |
| SanitizationTests.java:86:31:86:61 | getParameter(...) : String | SanitizationTests.java:86:13:86:22 | unsafeUri5 [post update] : StringBuilder | provenance | Src:MaD:277 MaD:278 |
| SanitizationTests.java:87:36:87:89 | newBuilder(...) : Builder | SanitizationTests.java:87:36:87:97 | build(...) : HttpRequest | provenance | MaD:283 |
| SanitizationTests.java:87:36:87:97 | build(...) : HttpRequest | SanitizationTests.java:88:25:88:32 | unsafer5 | provenance | Sink:MaD:4 |
| SanitizationTests.java:87:59:87:88 | new URI(...) : URI | SanitizationTests.java:87:36:87:89 | newBuilder(...) : Builder | provenance | MaD:284 |
| SanitizationTests.java:87:67:87:76 | unsafeUri5 : StringBuilder | SanitizationTests.java:87:67:87:87 | toString(...) : String | provenance | MaD:280 |
| SanitizationTests.java:87:67:87:87 | toString(...) : String | SanitizationTests.java:87:59:87:88 | new URI(...) | provenance | Config Sink:MaD:6 |
| SanitizationTests.java:87:67:87:87 | toString(...) : String | SanitizationTests.java:87:59:87:88 | new URI(...) | provenance | MaD:285 Sink:MaD:6 |
| SanitizationTests.java:87:67:87:87 | toString(...) : String | SanitizationTests.java:87:59:87:88 | new URI(...) : URI | provenance | Config |
| SanitizationTests.java:87:67:87:87 | toString(...) : String | SanitizationTests.java:87:59:87:88 | new URI(...) : URI | provenance | MaD:285 |
| SanitizationTests.java:90:40:90:87 | new StringBuilder(...) : StringBuilder | SanitizationTests.java:92:68:92:77 | unafeUri5a : StringBuilder | provenance | |
| SanitizationTests.java:90:58:90:86 | getParameter(...) : String | SanitizationTests.java:90:40:90:87 | new StringBuilder(...) : StringBuilder | provenance | Src:MaD:277 MaD:282 |
| SanitizationTests.java:92:37:92:90 | newBuilder(...) : Builder | SanitizationTests.java:92:37:92:98 | build(...) : HttpRequest | provenance | MaD:283 |
| SanitizationTests.java:92:37:92:98 | build(...) : HttpRequest | SanitizationTests.java:93:25:93:33 | unsafer5a | provenance | Sink:MaD:4 |
| SanitizationTests.java:92:60:92:89 | new URI(...) : URI | SanitizationTests.java:92:37:92:90 | newBuilder(...) : Builder | provenance | MaD:284 |
| SanitizationTests.java:92:68:92:77 | unafeUri5a : StringBuilder | SanitizationTests.java:92:68:92:88 | toString(...) : String | provenance | MaD:280 |
| SanitizationTests.java:92:68:92:88 | toString(...) : String | SanitizationTests.java:92:60:92:89 | new URI(...) | provenance | Config Sink:MaD:6 |
| SanitizationTests.java:92:68:92:88 | toString(...) : String | SanitizationTests.java:92:60:92:89 | new URI(...) | provenance | MaD:285 Sink:MaD:6 |
| SanitizationTests.java:92:68:92:88 | toString(...) : String | SanitizationTests.java:92:60:92:89 | new URI(...) : URI | provenance | Config |
| SanitizationTests.java:92:68:92:88 | toString(...) : String | SanitizationTests.java:92:60:92:89 | new URI(...) : URI | provenance | MaD:285 |
| SanitizationTests.java:95:41:95:105 | append(...) : StringBuilder | SanitizationTests.java:97:68:97:78 | unsafeUri5b : StringBuilder | provenance | |
| SanitizationTests.java:95:42:95:89 | new StringBuilder(...) : StringBuilder | SanitizationTests.java:95:41:95:105 | append(...) : StringBuilder | provenance | MaD:279 |
| SanitizationTests.java:95:60:95:88 | getParameter(...) : String | SanitizationTests.java:95:42:95:89 | new StringBuilder(...) : StringBuilder | provenance | Src:MaD:277 MaD:282 |
| SanitizationTests.java:97:37:97:91 | newBuilder(...) : Builder | SanitizationTests.java:97:37:97:99 | build(...) : HttpRequest | provenance | MaD:283 |
| SanitizationTests.java:97:37:97:99 | build(...) : HttpRequest | SanitizationTests.java:98:25:98:33 | unsafer5b | provenance | Sink:MaD:4 |
| SanitizationTests.java:97:60:97:90 | new URI(...) : URI | SanitizationTests.java:97:37:97:91 | newBuilder(...) : Builder | provenance | MaD:284 |
| SanitizationTests.java:97:68:97:78 | unsafeUri5b : StringBuilder | SanitizationTests.java:97:68:97:89 | toString(...) : String | provenance | MaD:280 |
| SanitizationTests.java:97:68:97:89 | toString(...) : String | SanitizationTests.java:97:60:97:90 | new URI(...) | provenance | Config Sink:MaD:6 |
| SanitizationTests.java:97:68:97:89 | toString(...) : String | SanitizationTests.java:97:60:97:90 | new URI(...) | provenance | MaD:285 Sink:MaD:6 |
| SanitizationTests.java:97:68:97:89 | toString(...) : String | SanitizationTests.java:97:60:97:90 | new URI(...) : URI | provenance | Config |
| SanitizationTests.java:97:68:97:89 | toString(...) : String | SanitizationTests.java:97:60:97:90 | new URI(...) : URI | provenance | MaD:285 |
| SanitizationTests.java:100:41:100:106 | append(...) : StringBuilder | SanitizationTests.java:102:68:102:78 | unsafeUri5c : StringBuilder | provenance | |
| SanitizationTests.java:100:77:100:105 | getParameter(...) : String | SanitizationTests.java:100:41:100:106 | append(...) : StringBuilder | provenance | Src:MaD:277 MaD:278+MaD:279 |
| SanitizationTests.java:102:37:102:91 | newBuilder(...) : Builder | SanitizationTests.java:102:37:102:99 | build(...) : HttpRequest | provenance | MaD:283 |
| SanitizationTests.java:102:37:102:99 | build(...) : HttpRequest | SanitizationTests.java:103:25:103:33 | unsafer5c | provenance | Sink:MaD:4 |
| SanitizationTests.java:102:60:102:90 | new URI(...) : URI | SanitizationTests.java:102:37:102:91 | newBuilder(...) : Builder | provenance | MaD:284 |
| SanitizationTests.java:102:68:102:78 | unsafeUri5c : StringBuilder | SanitizationTests.java:102:68:102:89 | toString(...) : String | provenance | MaD:280 |
| SanitizationTests.java:102:68:102:89 | toString(...) : String | SanitizationTests.java:102:60:102:90 | new URI(...) | provenance | Config Sink:MaD:6 |
| SanitizationTests.java:102:68:102:89 | toString(...) : String | SanitizationTests.java:102:60:102:90 | new URI(...) | provenance | MaD:285 Sink:MaD:6 |
| SanitizationTests.java:102:68:102:89 | toString(...) : String | SanitizationTests.java:102:60:102:90 | new URI(...) : URI | provenance | Config |
| SanitizationTests.java:102:68:102:89 | toString(...) : String | SanitizationTests.java:102:60:102:90 | new URI(...) : URI | provenance | MaD:285 |
| SanitizationTests.java:105:33:105:104 | format(...) : String | SanitizationTests.java:106:67:106:76 | unsafeUri6 : String | provenance | |
| SanitizationTests.java:105:33:105:104 | new ..[] { .. } : Object[] [[]] : String | SanitizationTests.java:105:33:105:104 | format(...) : String | provenance | MaD:281 |
| SanitizationTests.java:105:73:105:103 | getParameter(...) : String | SanitizationTests.java:105:33:105:104 | new ..[] { .. } : Object[] [[]] : String | provenance | Src:MaD:277 |
| SanitizationTests.java:106:36:106:78 | newBuilder(...) : Builder | SanitizationTests.java:106:36:106:86 | build(...) : HttpRequest | provenance | MaD:283 |
| SanitizationTests.java:106:36:106:86 | build(...) : HttpRequest | SanitizationTests.java:107:25:107:32 | unsafer6 | provenance | Sink:MaD:4 |
| SanitizationTests.java:106:59:106:77 | new URI(...) : URI | SanitizationTests.java:106:36:106:78 | newBuilder(...) : Builder | provenance | MaD:284 |
| SanitizationTests.java:106:67:106:76 | unsafeUri6 : String | SanitizationTests.java:106:59:106:77 | new URI(...) | provenance | Config Sink:MaD:6 |
| SanitizationTests.java:106:67:106:76 | unsafeUri6 : String | SanitizationTests.java:106:59:106:77 | new URI(...) | provenance | MaD:285 Sink:MaD:6 |
| SanitizationTests.java:106:67:106:76 | unsafeUri6 : String | SanitizationTests.java:106:59:106:77 | new URI(...) : URI | provenance | Config |
| SanitizationTests.java:106:67:106:76 | unsafeUri6 : String | SanitizationTests.java:106:59:106:77 | new URI(...) : URI | provenance | MaD:285 |
| SanitizationTests.java:109:33:109:110 | format(...) : String | SanitizationTests.java:110:67:110:76 | unsafeUri7 : String | provenance | |
| SanitizationTests.java:109:33:109:110 | new ..[] { .. } : Object[] [[]] : String | SanitizationTests.java:109:33:109:110 | format(...) : String | provenance | MaD:281 |
| SanitizationTests.java:109:56:109:86 | getParameter(...) : String | SanitizationTests.java:109:33:109:110 | new ..[] { .. } : Object[] [[]] : String | provenance | Src:MaD:277 |
| SanitizationTests.java:110:36:110:78 | newBuilder(...) : Builder | SanitizationTests.java:110:36:110:86 | build(...) : HttpRequest | provenance | MaD:283 |
| SanitizationTests.java:110:36:110:86 | build(...) : HttpRequest | SanitizationTests.java:111:25:111:32 | unsafer7 | provenance | Sink:MaD:4 |
| SanitizationTests.java:110:59:110:77 | new URI(...) : URI | SanitizationTests.java:110:36:110:78 | newBuilder(...) : Builder | provenance | MaD:284 |
| SanitizationTests.java:110:67:110:76 | unsafeUri7 : String | SanitizationTests.java:110:59:110:77 | new URI(...) | provenance | Config Sink:MaD:6 |
| SanitizationTests.java:110:67:110:76 | unsafeUri7 : String | SanitizationTests.java:110:59:110:77 | new URI(...) | provenance | MaD:285 Sink:MaD:6 |
| SanitizationTests.java:110:67:110:76 | unsafeUri7 : String | SanitizationTests.java:110:59:110:77 | new URI(...) : URI | provenance | Config |
| SanitizationTests.java:110:67:110:76 | unsafeUri7 : String | SanitizationTests.java:110:59:110:77 | new URI(...) : URI | provenance | MaD:285 |
| SanitizationTests.java:113:33:113:110 | format(...) : String | SanitizationTests.java:114:67:114:76 | unsafeUri8 : String | provenance | |
| SanitizationTests.java:113:33:113:110 | new ..[] { .. } : Object[] [[]] : String | SanitizationTests.java:113:33:113:110 | format(...) : String | provenance | MaD:281 |
| SanitizationTests.java:113:55:113:85 | getParameter(...) : String | SanitizationTests.java:113:33:113:110 | new ..[] { .. } : Object[] [[]] : String | provenance | Src:MaD:277 |
| SanitizationTests.java:114:36:114:78 | newBuilder(...) : Builder | SanitizationTests.java:114:36:114:86 | build(...) : HttpRequest | provenance | MaD:283 |
| SanitizationTests.java:114:36:114:86 | build(...) : HttpRequest | SanitizationTests.java:115:25:115:32 | unsafer8 | provenance | Sink:MaD:4 |
| SanitizationTests.java:114:59:114:77 | new URI(...) : URI | SanitizationTests.java:114:36:114:78 | newBuilder(...) : Builder | provenance | MaD:284 |
| SanitizationTests.java:114:67:114:76 | unsafeUri8 : String | SanitizationTests.java:114:59:114:77 | new URI(...) | provenance | Config Sink:MaD:6 |
| SanitizationTests.java:114:67:114:76 | unsafeUri8 : String | SanitizationTests.java:114:59:114:77 | new URI(...) | provenance | MaD:285 Sink:MaD:6 |
| SanitizationTests.java:114:67:114:76 | unsafeUri8 : String | SanitizationTests.java:114:59:114:77 | new URI(...) : URI | provenance | Config |
| SanitizationTests.java:114:67:114:76 | unsafeUri8 : String | SanitizationTests.java:114:59:114:77 | new URI(...) : URI | provenance | MaD:285 |
| SanitizationTests.java:117:33:117:63 | getParameter(...) : String | SanitizationTests.java:118:67:118:76 | unsafeUri9 : String | provenance | Src:MaD:277 |
| SanitizationTests.java:118:36:118:78 | newBuilder(...) : Builder | SanitizationTests.java:118:36:118:86 | build(...) : HttpRequest | provenance | MaD:283 |
| SanitizationTests.java:118:36:118:86 | build(...) : HttpRequest | SanitizationTests.java:119:25:119:32 | unsafer9 | provenance | Sink:MaD:4 |
| SanitizationTests.java:118:59:118:77 | new URI(...) : URI | SanitizationTests.java:118:36:118:78 | newBuilder(...) : Builder | provenance | MaD:284 |
| SanitizationTests.java:118:67:118:76 | unsafeUri9 : String | SanitizationTests.java:118:59:118:77 | new URI(...) | provenance | Config Sink:MaD:6 |
| SanitizationTests.java:118:67:118:76 | unsafeUri9 : String | SanitizationTests.java:118:59:118:77 | new URI(...) | provenance | MaD:285 Sink:MaD:6 |
| SanitizationTests.java:118:67:118:76 | unsafeUri9 : String | SanitizationTests.java:118:59:118:77 | new URI(...) : URI | provenance | Config |
| SanitizationTests.java:118:67:118:76 | unsafeUri9 : String | SanitizationTests.java:118:59:118:77 | new URI(...) : URI | provenance | MaD:285 |
| SanitizationTests.java:121:34:121:126 | format(...) : String | SanitizationTests.java:122:68:122:78 | unsafeUri10 : String | provenance | |
| SanitizationTests.java:121:34:121:126 | new ..[] { .. } : Object[] [[]] : String | SanitizationTests.java:121:34:121:126 | format(...) : String | provenance | MaD:281 |
| SanitizationTests.java:121:94:121:125 | getParameter(...) : String | SanitizationTests.java:121:34:121:126 | new ..[] { .. } : Object[] [[]] : String | provenance | Src:MaD:277 |
| SanitizationTests.java:122:37:122:80 | newBuilder(...) : Builder | SanitizationTests.java:122:37:122:88 | build(...) : HttpRequest | provenance | MaD:283 |
| SanitizationTests.java:122:37:122:88 | build(...) : HttpRequest | SanitizationTests.java:123:25:123:33 | unsafer10 | provenance | Sink:MaD:4 |
| SanitizationTests.java:122:60:122:79 | new URI(...) : URI | SanitizationTests.java:122:37:122:80 | newBuilder(...) : Builder | provenance | MaD:284 |
| SanitizationTests.java:122:68:122:78 | unsafeUri10 : String | SanitizationTests.java:122:60:122:79 | new URI(...) | provenance | Config Sink:MaD:6 |
| SanitizationTests.java:122:68:122:78 | unsafeUri10 : String | SanitizationTests.java:122:60:122:79 | new URI(...) | provenance | MaD:285 Sink:MaD:6 |
| SanitizationTests.java:122:68:122:78 | unsafeUri10 : String | SanitizationTests.java:122:60:122:79 | new URI(...) : URI | provenance | Config |
| SanitizationTests.java:122:68:122:78 | unsafeUri10 : String | SanitizationTests.java:122:60:122:79 | new URI(...) : URI | provenance | MaD:285 |
| SpringSSRF.java:28:33:28:60 | getParameter(...) : String | SpringSSRF.java:32:39:32:59 | ... + ... | provenance | Src:MaD:277 Sink:MaD:264 |
| SpringSSRF.java:28:33:28:60 | getParameter(...) : String | SpringSSRF.java:33:35:33:48 | fooResourceUrl | provenance | Src:MaD:277 Sink:MaD:262 |
| SpringSSRF.java:28:33:28:60 | getParameter(...) : String | SpringSSRF.java:34:34:34:47 | fooResourceUrl | provenance | Src:MaD:277 Sink:MaD:263 |
@@ -1580,107 +1580,107 @@ nodes
| ReactiveWebClientSSRF.java:16:52:16:54 | url | semmle.label | url |
| ReactiveWebClientSSRF.java:32:26:32:52 | getParameter(...) : String | semmle.label | getParameter(...) : String |
| ReactiveWebClientSSRF.java:35:30:35:32 | url | semmle.label | url |
| SanitizationTests.java:19:23:19:58 | new URI(...) : URI | semmle.label | new URI(...) : URI |
| SanitizationTests.java:19:31:19:57 | getParameter(...) : String | semmle.label | getParameter(...) : String |
| SanitizationTests.java:22:29:22:55 | newBuilder(...) : Builder | semmle.label | newBuilder(...) : Builder |
| SanitizationTests.java:22:29:22:63 | build(...) : HttpRequest | semmle.label | build(...) : HttpRequest |
| SanitizationTests.java:22:52:22:54 | uri | semmle.label | uri |
| SanitizationTests.java:22:52:22:54 | uri : URI | semmle.label | uri : URI |
| SanitizationTests.java:23:25:23:25 | r | semmle.label | r |
| SanitizationTests.java:75:33:75:63 | getParameter(...) : String | semmle.label | getParameter(...) : String |
| SanitizationTests.java:76:36:76:78 | newBuilder(...) : Builder | semmle.label | newBuilder(...) : Builder |
| SanitizationTests.java:76:36:76:86 | build(...) : HttpRequest | semmle.label | build(...) : HttpRequest |
| SanitizationTests.java:76:59:76:77 | new URI(...) | semmle.label | new URI(...) |
| SanitizationTests.java:76:59:76:77 | new URI(...) : URI | semmle.label | new URI(...) : URI |
| SanitizationTests.java:76:67:76:76 | unsafeUri3 : String | semmle.label | unsafeUri3 : String |
| SanitizationTests.java:77:25:77:32 | unsafer3 | semmle.label | unsafer3 |
| SanitizationTests.java:79:49:79:79 | getParameter(...) : String | semmle.label | getParameter(...) : String |
| SanitizationTests.java:80:36:80:78 | newBuilder(...) : Builder | semmle.label | newBuilder(...) : Builder |
| SanitizationTests.java:80:36:80:86 | build(...) : HttpRequest | semmle.label | build(...) : HttpRequest |
| SanitizationTests.java:80:59:80:77 | new URI(...) | semmle.label | new URI(...) |
| SanitizationTests.java:80:59:80:77 | new URI(...) : URI | semmle.label | new URI(...) : URI |
| SanitizationTests.java:80:67:80:76 | unsafeUri4 : String | semmle.label | unsafeUri4 : String |
| SanitizationTests.java:81:25:81:32 | unsafer4 | semmle.label | unsafer4 |
| SanitizationTests.java:84:13:84:22 | unsafeUri5 [post update] : StringBuilder | semmle.label | unsafeUri5 [post update] : StringBuilder |
| SanitizationTests.java:84:31:84:61 | getParameter(...) : String | semmle.label | getParameter(...) : String |
| SanitizationTests.java:85:36:85:89 | newBuilder(...) : Builder | semmle.label | newBuilder(...) : Builder |
| SanitizationTests.java:85:36:85:97 | build(...) : HttpRequest | semmle.label | build(...) : HttpRequest |
| SanitizationTests.java:85:59:85:88 | new URI(...) | semmle.label | new URI(...) |
| SanitizationTests.java:85:59:85:88 | new URI(...) : URI | semmle.label | new URI(...) : URI |
| SanitizationTests.java:85:67:85:76 | unsafeUri5 : StringBuilder | semmle.label | unsafeUri5 : StringBuilder |
| SanitizationTests.java:85:67:85:87 | toString(...) : String | semmle.label | toString(...) : String |
| SanitizationTests.java:86:25:86:32 | unsafer5 | semmle.label | unsafer5 |
| SanitizationTests.java:88:40:88:87 | new StringBuilder(...) : StringBuilder | semmle.label | new StringBuilder(...) : StringBuilder |
| SanitizationTests.java:88:58:88:86 | getParameter(...) : String | semmle.label | getParameter(...) : String |
| SanitizationTests.java:90:37:90:90 | newBuilder(...) : Builder | semmle.label | newBuilder(...) : Builder |
| SanitizationTests.java:90:37:90:98 | build(...) : HttpRequest | semmle.label | build(...) : HttpRequest |
| SanitizationTests.java:90:60:90:89 | new URI(...) | semmle.label | new URI(...) |
| SanitizationTests.java:90:60:90:89 | new URI(...) : URI | semmle.label | new URI(...) : URI |
| SanitizationTests.java:90:68:90:77 | unafeUri5a : StringBuilder | semmle.label | unafeUri5a : StringBuilder |
| SanitizationTests.java:90:68:90:88 | toString(...) : String | semmle.label | toString(...) : String |
| SanitizationTests.java:91:25:91:33 | unsafer5a | semmle.label | unsafer5a |
| SanitizationTests.java:93:41:93:105 | append(...) : StringBuilder | semmle.label | append(...) : StringBuilder |
| SanitizationTests.java:93:42:93:89 | new StringBuilder(...) : StringBuilder | semmle.label | new StringBuilder(...) : StringBuilder |
| SanitizationTests.java:93:60:93:88 | getParameter(...) : String | semmle.label | getParameter(...) : String |
| SanitizationTests.java:95:37:95:91 | newBuilder(...) : Builder | semmle.label | newBuilder(...) : Builder |
| SanitizationTests.java:95:37:95:99 | build(...) : HttpRequest | semmle.label | build(...) : HttpRequest |
| SanitizationTests.java:95:60:95:90 | new URI(...) | semmle.label | new URI(...) |
| SanitizationTests.java:95:60:95:90 | new URI(...) : URI | semmle.label | new URI(...) : URI |
| SanitizationTests.java:95:68:95:78 | unsafeUri5b : StringBuilder | semmle.label | unsafeUri5b : StringBuilder |
| SanitizationTests.java:95:68:95:89 | toString(...) : String | semmle.label | toString(...) : String |
| SanitizationTests.java:96:25:96:33 | unsafer5b | semmle.label | unsafer5b |
| SanitizationTests.java:98:41:98:106 | append(...) : StringBuilder | semmle.label | append(...) : StringBuilder |
| SanitizationTests.java:98:77:98:105 | getParameter(...) : String | semmle.label | getParameter(...) : String |
| SanitizationTests.java:100:37:100:91 | newBuilder(...) : Builder | semmle.label | newBuilder(...) : Builder |
| SanitizationTests.java:100:37:100:99 | build(...) : HttpRequest | semmle.label | build(...) : HttpRequest |
| SanitizationTests.java:100:60:100:90 | new URI(...) | semmle.label | new URI(...) |
| SanitizationTests.java:100:60:100:90 | new URI(...) : URI | semmle.label | new URI(...) : URI |
| SanitizationTests.java:100:68:100:78 | unsafeUri5c : StringBuilder | semmle.label | unsafeUri5c : StringBuilder |
| SanitizationTests.java:100:68:100:89 | toString(...) : String | semmle.label | toString(...) : String |
| SanitizationTests.java:101:25:101:33 | unsafer5c | semmle.label | unsafer5c |
| SanitizationTests.java:103:33:103:104 | format(...) : String | semmle.label | format(...) : String |
| SanitizationTests.java:103:33:103:104 | new ..[] { .. } : Object[] [[]] : String | semmle.label | new ..[] { .. } : Object[] [[]] : String |
| SanitizationTests.java:103:73:103:103 | getParameter(...) : String | semmle.label | getParameter(...) : String |
| SanitizationTests.java:104:36:104:78 | newBuilder(...) : Builder | semmle.label | newBuilder(...) : Builder |
| SanitizationTests.java:104:36:104:86 | build(...) : HttpRequest | semmle.label | build(...) : HttpRequest |
| SanitizationTests.java:104:59:104:77 | new URI(...) | semmle.label | new URI(...) |
| SanitizationTests.java:104:59:104:77 | new URI(...) : URI | semmle.label | new URI(...) : URI |
| SanitizationTests.java:104:67:104:76 | unsafeUri6 : String | semmle.label | unsafeUri6 : String |
| SanitizationTests.java:105:25:105:32 | unsafer6 | semmle.label | unsafer6 |
| SanitizationTests.java:107:33:107:110 | format(...) : String | semmle.label | format(...) : String |
| SanitizationTests.java:107:33:107:110 | new ..[] { .. } : Object[] [[]] : String | semmle.label | new ..[] { .. } : Object[] [[]] : String |
| SanitizationTests.java:107:56:107:86 | getParameter(...) : String | semmle.label | getParameter(...) : String |
| SanitizationTests.java:108:36:108:78 | newBuilder(...) : Builder | semmle.label | newBuilder(...) : Builder |
| SanitizationTests.java:108:36:108:86 | build(...) : HttpRequest | semmle.label | build(...) : HttpRequest |
| SanitizationTests.java:108:59:108:77 | new URI(...) | semmle.label | new URI(...) |
| SanitizationTests.java:108:59:108:77 | new URI(...) : URI | semmle.label | new URI(...) : URI |
| SanitizationTests.java:108:67:108:76 | unsafeUri7 : String | semmle.label | unsafeUri7 : String |
| SanitizationTests.java:109:25:109:32 | unsafer7 | semmle.label | unsafer7 |
| SanitizationTests.java:111:33:111:110 | format(...) : String | semmle.label | format(...) : String |
| SanitizationTests.java:111:33:111:110 | new ..[] { .. } : Object[] [[]] : String | semmle.label | new ..[] { .. } : Object[] [[]] : String |
| SanitizationTests.java:111:55:111:85 | getParameter(...) : String | semmle.label | getParameter(...) : String |
| SanitizationTests.java:112:36:112:78 | newBuilder(...) : Builder | semmle.label | newBuilder(...) : Builder |
| SanitizationTests.java:112:36:112:86 | build(...) : HttpRequest | semmle.label | build(...) : HttpRequest |
| SanitizationTests.java:112:59:112:77 | new URI(...) | semmle.label | new URI(...) |
| SanitizationTests.java:112:59:112:77 | new URI(...) : URI | semmle.label | new URI(...) : URI |
| SanitizationTests.java:112:67:112:76 | unsafeUri8 : String | semmle.label | unsafeUri8 : String |
| SanitizationTests.java:113:25:113:32 | unsafer8 | semmle.label | unsafer8 |
| SanitizationTests.java:115:33:115:63 | getParameter(...) : String | semmle.label | getParameter(...) : String |
| SanitizationTests.java:116:36:116:78 | newBuilder(...) : Builder | semmle.label | newBuilder(...) : Builder |
| SanitizationTests.java:116:36:116:86 | build(...) : HttpRequest | semmle.label | build(...) : HttpRequest |
| SanitizationTests.java:116:59:116:77 | new URI(...) | semmle.label | new URI(...) |
| SanitizationTests.java:116:59:116:77 | new URI(...) : URI | semmle.label | new URI(...) : URI |
| SanitizationTests.java:116:67:116:76 | unsafeUri9 : String | semmle.label | unsafeUri9 : String |
| SanitizationTests.java:117:25:117:32 | unsafer9 | semmle.label | unsafer9 |
| SanitizationTests.java:119:34:119:126 | format(...) : String | semmle.label | format(...) : String |
| SanitizationTests.java:119:34:119:126 | new ..[] { .. } : Object[] [[]] : String | semmle.label | new ..[] { .. } : Object[] [[]] : String |
| SanitizationTests.java:119:94:119:125 | getParameter(...) : String | semmle.label | getParameter(...) : String |
| SanitizationTests.java:120:37:120:80 | newBuilder(...) : Builder | semmle.label | newBuilder(...) : Builder |
| SanitizationTests.java:120:37:120:88 | build(...) : HttpRequest | semmle.label | build(...) : HttpRequest |
| SanitizationTests.java:120:60:120:79 | new URI(...) | semmle.label | new URI(...) |
| SanitizationTests.java:120:60:120:79 | new URI(...) : URI | semmle.label | new URI(...) : URI |
| SanitizationTests.java:120:68:120:78 | unsafeUri10 : String | semmle.label | unsafeUri10 : String |
| SanitizationTests.java:121:25:121:33 | unsafer10 | semmle.label | unsafer10 |
| SanitizationTests.java:21:23:21:58 | new URI(...) : URI | semmle.label | new URI(...) : URI |
| SanitizationTests.java:21:31:21:57 | getParameter(...) : String | semmle.label | getParameter(...) : String |
| SanitizationTests.java:24:29:24:55 | newBuilder(...) : Builder | semmle.label | newBuilder(...) : Builder |
| SanitizationTests.java:24:29:24:63 | build(...) : HttpRequest | semmle.label | build(...) : HttpRequest |
| SanitizationTests.java:24:52:24:54 | uri | semmle.label | uri |
| SanitizationTests.java:24:52:24:54 | uri : URI | semmle.label | uri : URI |
| SanitizationTests.java:25:25:25:25 | r | semmle.label | r |
| SanitizationTests.java:77:33:77:63 | getParameter(...) : String | semmle.label | getParameter(...) : String |
| SanitizationTests.java:78:36:78:78 | newBuilder(...) : Builder | semmle.label | newBuilder(...) : Builder |
| SanitizationTests.java:78:36:78:86 | build(...) : HttpRequest | semmle.label | build(...) : HttpRequest |
| SanitizationTests.java:78:59:78:77 | new URI(...) | semmle.label | new URI(...) |
| SanitizationTests.java:78:59:78:77 | new URI(...) : URI | semmle.label | new URI(...) : URI |
| SanitizationTests.java:78:67:78:76 | unsafeUri3 : String | semmle.label | unsafeUri3 : String |
| SanitizationTests.java:79:25:79:32 | unsafer3 | semmle.label | unsafer3 |
| SanitizationTests.java:81:49:81:79 | getParameter(...) : String | semmle.label | getParameter(...) : String |
| SanitizationTests.java:82:36:82:78 | newBuilder(...) : Builder | semmle.label | newBuilder(...) : Builder |
| SanitizationTests.java:82:36:82:86 | build(...) : HttpRequest | semmle.label | build(...) : HttpRequest |
| SanitizationTests.java:82:59:82:77 | new URI(...) | semmle.label | new URI(...) |
| SanitizationTests.java:82:59:82:77 | new URI(...) : URI | semmle.label | new URI(...) : URI |
| SanitizationTests.java:82:67:82:76 | unsafeUri4 : String | semmle.label | unsafeUri4 : String |
| SanitizationTests.java:83:25:83:32 | unsafer4 | semmle.label | unsafer4 |
| SanitizationTests.java:86:13:86:22 | unsafeUri5 [post update] : StringBuilder | semmle.label | unsafeUri5 [post update] : StringBuilder |
| SanitizationTests.java:86:31:86:61 | getParameter(...) : String | semmle.label | getParameter(...) : String |
| SanitizationTests.java:87:36:87:89 | newBuilder(...) : Builder | semmle.label | newBuilder(...) : Builder |
| SanitizationTests.java:87:36:87:97 | build(...) : HttpRequest | semmle.label | build(...) : HttpRequest |
| SanitizationTests.java:87:59:87:88 | new URI(...) | semmle.label | new URI(...) |
| SanitizationTests.java:87:59:87:88 | new URI(...) : URI | semmle.label | new URI(...) : URI |
| SanitizationTests.java:87:67:87:76 | unsafeUri5 : StringBuilder | semmle.label | unsafeUri5 : StringBuilder |
| SanitizationTests.java:87:67:87:87 | toString(...) : String | semmle.label | toString(...) : String |
| SanitizationTests.java:88:25:88:32 | unsafer5 | semmle.label | unsafer5 |
| SanitizationTests.java:90:40:90:87 | new StringBuilder(...) : StringBuilder | semmle.label | new StringBuilder(...) : StringBuilder |
| SanitizationTests.java:90:58:90:86 | getParameter(...) : String | semmle.label | getParameter(...) : String |
| SanitizationTests.java:92:37:92:90 | newBuilder(...) : Builder | semmle.label | newBuilder(...) : Builder |
| SanitizationTests.java:92:37:92:98 | build(...) : HttpRequest | semmle.label | build(...) : HttpRequest |
| SanitizationTests.java:92:60:92:89 | new URI(...) | semmle.label | new URI(...) |
| SanitizationTests.java:92:60:92:89 | new URI(...) : URI | semmle.label | new URI(...) : URI |
| SanitizationTests.java:92:68:92:77 | unafeUri5a : StringBuilder | semmle.label | unafeUri5a : StringBuilder |
| SanitizationTests.java:92:68:92:88 | toString(...) : String | semmle.label | toString(...) : String |
| SanitizationTests.java:93:25:93:33 | unsafer5a | semmle.label | unsafer5a |
| SanitizationTests.java:95:41:95:105 | append(...) : StringBuilder | semmle.label | append(...) : StringBuilder |
| SanitizationTests.java:95:42:95:89 | new StringBuilder(...) : StringBuilder | semmle.label | new StringBuilder(...) : StringBuilder |
| SanitizationTests.java:95:60:95:88 | getParameter(...) : String | semmle.label | getParameter(...) : String |
| SanitizationTests.java:97:37:97:91 | newBuilder(...) : Builder | semmle.label | newBuilder(...) : Builder |
| SanitizationTests.java:97:37:97:99 | build(...) : HttpRequest | semmle.label | build(...) : HttpRequest |
| SanitizationTests.java:97:60:97:90 | new URI(...) | semmle.label | new URI(...) |
| SanitizationTests.java:97:60:97:90 | new URI(...) : URI | semmle.label | new URI(...) : URI |
| SanitizationTests.java:97:68:97:78 | unsafeUri5b : StringBuilder | semmle.label | unsafeUri5b : StringBuilder |
| SanitizationTests.java:97:68:97:89 | toString(...) : String | semmle.label | toString(...) : String |
| SanitizationTests.java:98:25:98:33 | unsafer5b | semmle.label | unsafer5b |
| SanitizationTests.java:100:41:100:106 | append(...) : StringBuilder | semmle.label | append(...) : StringBuilder |
| SanitizationTests.java:100:77:100:105 | getParameter(...) : String | semmle.label | getParameter(...) : String |
| SanitizationTests.java:102:37:102:91 | newBuilder(...) : Builder | semmle.label | newBuilder(...) : Builder |
| SanitizationTests.java:102:37:102:99 | build(...) : HttpRequest | semmle.label | build(...) : HttpRequest |
| SanitizationTests.java:102:60:102:90 | new URI(...) | semmle.label | new URI(...) |
| SanitizationTests.java:102:60:102:90 | new URI(...) : URI | semmle.label | new URI(...) : URI |
| SanitizationTests.java:102:68:102:78 | unsafeUri5c : StringBuilder | semmle.label | unsafeUri5c : StringBuilder |
| SanitizationTests.java:102:68:102:89 | toString(...) : String | semmle.label | toString(...) : String |
| SanitizationTests.java:103:25:103:33 | unsafer5c | semmle.label | unsafer5c |
| SanitizationTests.java:105:33:105:104 | format(...) : String | semmle.label | format(...) : String |
| SanitizationTests.java:105:33:105:104 | new ..[] { .. } : Object[] [[]] : String | semmle.label | new ..[] { .. } : Object[] [[]] : String |
| SanitizationTests.java:105:73:105:103 | getParameter(...) : String | semmle.label | getParameter(...) : String |
| SanitizationTests.java:106:36:106:78 | newBuilder(...) : Builder | semmle.label | newBuilder(...) : Builder |
| SanitizationTests.java:106:36:106:86 | build(...) : HttpRequest | semmle.label | build(...) : HttpRequest |
| SanitizationTests.java:106:59:106:77 | new URI(...) | semmle.label | new URI(...) |
| SanitizationTests.java:106:59:106:77 | new URI(...) : URI | semmle.label | new URI(...) : URI |
| SanitizationTests.java:106:67:106:76 | unsafeUri6 : String | semmle.label | unsafeUri6 : String |
| SanitizationTests.java:107:25:107:32 | unsafer6 | semmle.label | unsafer6 |
| SanitizationTests.java:109:33:109:110 | format(...) : String | semmle.label | format(...) : String |
| SanitizationTests.java:109:33:109:110 | new ..[] { .. } : Object[] [[]] : String | semmle.label | new ..[] { .. } : Object[] [[]] : String |
| SanitizationTests.java:109:56:109:86 | getParameter(...) : String | semmle.label | getParameter(...) : String |
| SanitizationTests.java:110:36:110:78 | newBuilder(...) : Builder | semmle.label | newBuilder(...) : Builder |
| SanitizationTests.java:110:36:110:86 | build(...) : HttpRequest | semmle.label | build(...) : HttpRequest |
| SanitizationTests.java:110:59:110:77 | new URI(...) | semmle.label | new URI(...) |
| SanitizationTests.java:110:59:110:77 | new URI(...) : URI | semmle.label | new URI(...) : URI |
| SanitizationTests.java:110:67:110:76 | unsafeUri7 : String | semmle.label | unsafeUri7 : String |
| SanitizationTests.java:111:25:111:32 | unsafer7 | semmle.label | unsafer7 |
| SanitizationTests.java:113:33:113:110 | format(...) : String | semmle.label | format(...) : String |
| SanitizationTests.java:113:33:113:110 | new ..[] { .. } : Object[] [[]] : String | semmle.label | new ..[] { .. } : Object[] [[]] : String |
| SanitizationTests.java:113:55:113:85 | getParameter(...) : String | semmle.label | getParameter(...) : String |
| SanitizationTests.java:114:36:114:78 | newBuilder(...) : Builder | semmle.label | newBuilder(...) : Builder |
| SanitizationTests.java:114:36:114:86 | build(...) : HttpRequest | semmle.label | build(...) : HttpRequest |
| SanitizationTests.java:114:59:114:77 | new URI(...) | semmle.label | new URI(...) |
| SanitizationTests.java:114:59:114:77 | new URI(...) : URI | semmle.label | new URI(...) : URI |
| SanitizationTests.java:114:67:114:76 | unsafeUri8 : String | semmle.label | unsafeUri8 : String |
| SanitizationTests.java:115:25:115:32 | unsafer8 | semmle.label | unsafer8 |
| SanitizationTests.java:117:33:117:63 | getParameter(...) : String | semmle.label | getParameter(...) : String |
| SanitizationTests.java:118:36:118:78 | newBuilder(...) : Builder | semmle.label | newBuilder(...) : Builder |
| SanitizationTests.java:118:36:118:86 | build(...) : HttpRequest | semmle.label | build(...) : HttpRequest |
| SanitizationTests.java:118:59:118:77 | new URI(...) | semmle.label | new URI(...) |
| SanitizationTests.java:118:59:118:77 | new URI(...) : URI | semmle.label | new URI(...) : URI |
| SanitizationTests.java:118:67:118:76 | unsafeUri9 : String | semmle.label | unsafeUri9 : String |
| SanitizationTests.java:119:25:119:32 | unsafer9 | semmle.label | unsafer9 |
| SanitizationTests.java:121:34:121:126 | format(...) : String | semmle.label | format(...) : String |
| SanitizationTests.java:121:34:121:126 | new ..[] { .. } : Object[] [[]] : String | semmle.label | new ..[] { .. } : Object[] [[]] : String |
| SanitizationTests.java:121:94:121:125 | getParameter(...) : String | semmle.label | getParameter(...) : String |
| SanitizationTests.java:122:37:122:80 | newBuilder(...) : Builder | semmle.label | newBuilder(...) : Builder |
| SanitizationTests.java:122:37:122:88 | build(...) : HttpRequest | semmle.label | build(...) : HttpRequest |
| SanitizationTests.java:122:60:122:79 | new URI(...) | semmle.label | new URI(...) |
| SanitizationTests.java:122:60:122:79 | new URI(...) : URI | semmle.label | new URI(...) : URI |
| SanitizationTests.java:122:68:122:78 | unsafeUri10 : String | semmle.label | unsafeUri10 : String |
| SanitizationTests.java:123:25:123:33 | unsafer10 | semmle.label | unsafer10 |
| SpringSSRF.java:28:33:28:60 | getParameter(...) : String | semmle.label | getParameter(...) : String |
| SpringSSRF.java:32:39:32:59 | ... + ... | semmle.label | ... + ... |
| SpringSSRF.java:33:35:33:48 | fooResourceUrl | semmle.label | fooResourceUrl |

18
java/ql/test/query-tests/security/CWE-918/SanitizationTests.java
View File

@@ -2,6 +2,8 @@ import java.io.IOException;
import java.net.URI;
import java.net.http.HttpClient;
import java.net.http.HttpRequest;
import java.util.regex.Pattern;
import java.util.regex.Matcher;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
@@ -126,11 +128,25 @@ public class SanitizationTests extends HttpServlet {
HttpRequest r10 = HttpRequest.newBuilder(new URI(param10)).build();
client.send(r10, null);
}
String param11 = request.getParameter("uri11");
validate(param11);
HttpRequest r11 = HttpRequest.newBuilder(new URI(param11)).build();
client.send(r11, null);
String param12 = request.getParameter("uri12");
if (Pattern.matches("[a-zA-Z0-9_-]+", param12)) {
HttpRequest r12 = HttpRequest.newBuilder(new URI(param12)).build();
client.send(r12, null);
}
Pattern pattern = Pattern.compile("[a-zA-Z0-9_-]+");
String param13 = request.getParameter("uri13");
Matcher matcher = pattern.matcher(param13);
if (matcher.matches()) {
HttpRequest r13 = HttpRequest.newBuilder(new URI(param13)).build();
client.send(r13, null);
}
} catch (Exception e) {
// TODO: handle exception
}