Add tests for lastaflute framework

java/ql/test/library-tests/frameworks/lastaflute/Test.java

@@ -0,0 +1,27 @@
+import java.io.IOException;
+
+import org.lastaflute.web.Execute;
+import org.lastaflute.web.ruts.multipart.MultipartFormFile;
+
+public class Test {
+
+    void sink(Object o) {
+    }
+
+    public class TestForm {
+        public MultipartFormFile file;
+    }
+
+    @Execute
+    public String index(TestForm form) throws IOException {
+        MultipartFormFile file = form.file;
+
+        sink(file.getFileData()); // $hasTaintFlow
+        sink(file.getInputStream()); // $hasTaintFlow
+
+        return "index.jsp";
+    }
+
+}
+
+    

java/ql/test/library-tests/frameworks/lastaflute/options

@@ -0,0 +1 @@
+//semmle-extractor-options: --javac-args -cp ${testdir}/../../../stubs/lastaflute

java/ql/test/library-tests/frameworks/lastaflute/test.ql

@@ -0,0 +1,11 @@
+import java
+import semmle.code.java.dataflow.FlowSources
+import TestUtilities.InlineFlowTest
+
+module Config implements DataFlow::ConfigSig {
+  predicate isSource(DataFlow::Node n) { n instanceof RemoteFlowSource }
+
+  predicate isSink(DataFlow::Node n) { DefaultFlowConfig::isSink(n) }
+}
+
+import TaintFlowTest<Config>

java/ql/test/stubs/lastaflute/org/lastaflute/web/Execute.java

@@ -0,0 +1,5 @@
+package org.lastaflute.web;
+
+public @interface Execute {
+
+}

java/ql/test/stubs/lastaflute/org/lastaflute/web/ruts/multipart/MultipartFormFile.java

@@ -0,0 +1,14 @@
+package org.lastaflute.web.ruts.multipart;
+
+import java.io.InputStream;
+import java.io.IOException;
+
+public interface MultipartFormFile {
+    byte[] getFileData() throws IOException;
+
+    InputStream getInputStream() throws IOException;
+
+    String getFileName();
+
+    String getContentType();
+}