hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-24 02:43:40 +01:00
Code Issues Packages Projects Releases Wiki Activity

Expand log injection sanitizers to annotation regex matches

Browse Source
This commit is contained in:
Owen Mansel-Chan
2026-02-14 08:26:26 +00:00
parent 924bb92d91
commit 9fc95f5171
2 changed files with 15 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
java/ql/test/query-tests/security/CWE-117/LogInjectionTest.expected
View File

@@ -46,8 +46,6 @@
| LogInjectionTest.java:183:26:183:31 | source | LogInjectionTest.java:75:34:75:41 | source(...) : Object | LogInjectionTest.java:183:26:183:31 | source | This log entry depends on a $@. | LogInjectionTest.java:75:34:75:41 | source(...) | user-provided value |
| LogInjectionTest.java:187:26:187:31 | source | LogInjectionTest.java:75:34:75:41 | source(...) : Object | LogInjectionTest.java:187:26:187:31 | source | This log entry depends on a $@. | LogInjectionTest.java:75:34:75:41 | source(...) | user-provided value |
| LogInjectionTest.java:193:26:193:31 | source | LogInjectionTest.java:75:34:75:41 | source(...) : Object | LogInjectionTest.java:193:26:193:31 | source | This log entry depends on a $@. | LogInjectionTest.java:75:34:75:41 | source(...) | user-provided value |
| LogInjectionTest.java:198:22:198:40 | validatedInputField | LogInjectionTest.java:198:22:198:40 | validatedInputField | LogInjectionTest.java:198:22:198:40 | validatedInputField | This log entry depends on a $@. | LogInjectionTest.java:198:22:198:40 | validatedInputField | user-provided value |
| LogInjectionTest.java:199:22:199:37 | validatedInput(...) | LogInjectionTest.java:199:22:199:37 | validatedInput(...) | LogInjectionTest.java:199:22:199:37 | validatedInput(...) | This log entry depends on a $@. | LogInjectionTest.java:199:22:199:37 | validatedInput(...) | user-provided value |
| LogInjectionTest.java:205:39:205:55 | (...)... | LogInjectionTest.java:205:48:205:55 | source(...) : Object | LogInjectionTest.java:205:39:205:55 | (...)... | This log entry depends on a $@. | LogInjectionTest.java:205:48:205:55 | source(...) | user-provided value |
| LogInjectionTest.java:206:28:206:35 | source(...) | LogInjectionTest.java:206:28:206:35 | source(...) | LogInjectionTest.java:206:28:206:35 | source(...) | This log entry depends on a $@. | LogInjectionTest.java:206:28:206:35 | source(...) | user-provided value |
| LogInjectionTest.java:207:28:207:35 | source(...) | LogInjectionTest.java:207:28:207:35 | source(...) | LogInjectionTest.java:207:28:207:35 | source(...) | This log entry depends on a $@. | LogInjectionTest.java:207:28:207:35 | source(...) | user-provided value |
@@ -4517,8 +4515,6 @@ nodes
| LogInjectionTest.java:183:26:183:31 | source | semmle.label | source |
| LogInjectionTest.java:187:26:187:31 | source | semmle.label | source |
| LogInjectionTest.java:193:26:193:31 | source | semmle.label | source |
| LogInjectionTest.java:198:22:198:40 | validatedInputField | semmle.label | validatedInputField |
| LogInjectionTest.java:199:22:199:37 | validatedInput(...) | semmle.label | validatedInput(...) |
| LogInjectionTest.java:205:39:205:55 | (...)... | semmle.label | (...)... |
| LogInjectionTest.java:205:48:205:55 | source(...) : Object | semmle.label | source(...) : Object |
| LogInjectionTest.java:206:28:206:35 | source(...) | semmle.label | source(...) |
@@ -8133,3 +8129,6 @@ nodes
| LogInjectionTest.java:2151:38:2151:54 | (...)... | semmle.label | (...)... |
| LogInjectionTest.java:2151:47:2151:54 | source(...) : Object | semmle.label | source(...) : Object |
subpaths
testFailures
| LogInjectionTest.java:198:44:198:63 | // $ SPURIOUS: Alert | Fixed spurious result: Alert |
| LogInjectionTest.java:199:41:199:60 | // $ SPURIOUS: Alert | Fixed spurious result: Alert |