Model replace and putIfAbsent

java/ql/test/query-tests/security/CWE-078/ExecRelative.expected

@@ -1,2 +1,2 @@
-| TaintedEnvironment.java:28:35:28:55 | new String[] | Command with a relative path 'ls' is executed. |
+| TaintedEnvironment.java:39:35:39:55 | new String[] | Command with a relative path 'ls' is executed. |
 | Test.java:50:46:50:49 | "ls" | Command with a relative path 'ls' is executed. |

java/ql/test/query-tests/security/CWE-078/TaintedEnvironment.java

@@ -15,6 +15,17 @@ public class TaintedEnvironment {
 
         pb.environment().put(s, "foo"); // $hasTaintFlow
 
+        Map<String, String> extra = Map.of("USER", s);
+
+        pb.environment().putAll(extra); // $hasTaintFlow
+
+        pb.environment().putIfAbsent("foo", s); // $hasTaintFlow
+        pb.environment().putIfAbsent(s, "foo"); // $hasTaintFlow
+
+        pb.environment().replace("foo", s); // $hasTaintFlow
+        pb.environment().replace(s, "foo"); // $hasTaintFlow
+        pb.environment().replace("foo", "bar", s); // $hasTaintFlow
+
         Map<String, String> env = pb.environment();
 
         env.put("foo", s); // $hasTaintFlow