hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-01 03:35:13 +02:00
Code Issues Packages Projects Releases Wiki Activity

Java: Make some rudimentary tooling for testing the flow test case generator script.

Browse Source
This commit is contained in:
Michael Nebel
2022-11-25 13:41:41 +01:00
parent 5a0cce2a18
commit abe4d99e12
4 changed files with 162 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
java/ql/test/utils/flowtestcasegenerator/options Normal file
View File

@@ -0,0 +1 @@
//semmle-extractor-options: --javac-args -cp ${testdir}/../../stubs/apache-commons-collections4-4.4:${testdir}/../../stubs/apache-log4j-2.14.1:${testdir}/../../stubs/slf4j-2.0.0

133
java/ql/test/utils/flowtestcasegenerator/pom.xml Normal file
View File

@@ -0,0 +1,133 @@
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0
http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>com.semmle</groupId>
<artifactId>parent</artifactId>
<version>1.0</version>
<repositories>
<repository>
<id>google</id>
<name>Google Maven</name>
<url>https://maven.google.com/</url>
</repository>
</repositories>
<properties>
<android.platform>31</android.platform>
<maven.compiler.source>1.8</maven.compiler.source>
<maven.compiler.target>1.8</maven.compiler.target>
</properties>
<dependencies>
<dependency>
<groupId>org.apache.logging.log4j</groupId>
<artifactId>log4j-api</artifactId>
<version>2.14.1</version>
</dependency>
<dependency>
<groupId>org.apache.logging.log4j</groupId>
<artifactId>log4j-core</artifactId>
<version>2.14.1</version>
</dependency>
<dependency>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-api</artifactId>
<version>2.0.0-alpha5</version>
</dependency>
<dependency>
<groupId>org.jboss.logging</groupId>
<artifactId>jboss-logging</artifactId>
<version>3.4.2.Final</version>
</dependency>
<dependency>
<groupId>org.springframework.ldap</groupId>
<artifactId>spring-ldap</artifactId>
<version>1.3.1.RELEASE</version>
<type>pom</type>
</dependency>
<dependency>
<groupId>org.springframework.ldap</groupId>
<artifactId>spring-ldap-core</artifactId>
<version>2.3.5.RELEASE</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-web</artifactId>
<version>5.3.18</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-context</artifactId>
<version>5.3.18</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-webmvc</artifactId>
<version>5.3.18</version>
</dependency>
<dependency>
<groupId>org.springframework.data</groupId>
<artifactId>spring-data-commons</artifactId>
<version>2.6.3</version>
</dependency>
<dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-core</artifactId>
<version>1.8.0</version>
</dependency>
<dependency>
<groupId>org.apache.directory.api</groupId>
<artifactId>api-ldap-client-all</artifactId>
<version>2.1.0</version>
</dependency>
<dependency>
<groupId>org.owasp.esapi</groupId>
<artifactId>esapi</artifactId>
<version>2.2.3.1</version>
</dependency>
<dependency>
<groupId>com.unboundid</groupId>
<artifactId>unboundid-ldapsdk</artifactId>
<version>6.0.3</version>
</dependency>
<dependency>
<groupId>javax.servlet</groupId>
<artifactId>javax.servlet-api</artifactId>
<version>4.0.1</version>
</dependency>
<dependency>
<groupId>com.squareup.retrofit2</groupId>
<artifactId>retrofit</artifactId>
<version>2.9.0</version>
</dependency>
<dependency>
<groupId>com.squareup.okhttp3</groupId>
<artifactId>okhttp</artifactId>
<version>4.9.3</version>
</dependency>
<dependency>
<groupId>org.freemarker</groupId>
<artifactId>freemarker</artifactId>
<version>2.3.31</version>
</dependency>
<dependency>
<groupId>org.thymeleaf</groupId>
<artifactId>thymeleaf</artifactId>
<version>3.0.15.RELEASE</version>
</dependency>
<dependency>
<groupId>com.hubspot.jinjava</groupId>
<artifactId>jinjava</artifactId>
<version>2.6.0</version>
</dependency>
<dependency>
<groupId>io.pebbletemplates</groupId>
<artifactId>pebble</artifactId>
<version>3.1.5</version>
</dependency>
<dependency>
<groupId>org.apache.velocity</groupId>
<artifactId>velocity-engine-core</artifactId>
<version>2.3</version>
</dependency>
</dependencies>
</project>

11
java/ql/test/utils/flowtestcasegenerator/specs.csv Normal file
View File

@@ -0,0 +1,11 @@
org.apache.logging.log4j;Logger;true;traceEntry;(Message);;Argument[0];ReturnValue;taint;manual
org.apache.logging.log4j;Logger;true;traceEntry;(String,Object[]);;Argument[0..1];ReturnValue;taint;manual
org.apache.logging.log4j;Logger;true;traceEntry;(String,Supplier[]);;Argument[0..1];ReturnValue;taint;manual
org.apache.logging.log4j;Logger;true;traceEntry;(Supplier[]);;Argument[0];ReturnValue;taint;manual
org.apache.logging.log4j;Logger;true;traceExit;(EntryMessage,Object);;Argument[1];ReturnValue;value;manual
org.apache.logging.log4j;Logger;true;traceExit;(Message,Object);;Argument[1];ReturnValue;value;manual
org.apache.logging.log4j;Logger;true;traceExit;(Object);;Argument[0];ReturnValue;value;manual
org.apache.logging.log4j;Logger;true;traceExit;(String,Object);;Argument[1];ReturnValue;value;manual
org.apache.commons.collections4;MapUtils;true;predicatedMap;;;Argument[0].MapValue;ReturnValue.MapValue;value;manual
org.apache.commons.collections4;MapUtils;true;toMap;;;Argument[0].MapKey;ReturnValue.MapKey;value;manual
org.apache.commons.collections4;MapUtils;true;toMap;;;Argument[0].MapValue;ReturnValue.MapValue;value;manual
1 org.apache.logging.log4j Logger true traceEntry (Message) Argument[0] ReturnValue taint manual
2 org.apache.logging.log4j Logger true traceEntry (String,Object[]) Argument[0..1] ReturnValue taint manual
3 org.apache.logging.log4j Logger true traceEntry (String,Supplier[]) Argument[0..1] ReturnValue taint manual
4 org.apache.logging.log4j Logger true traceEntry (Supplier[]) Argument[0] ReturnValue taint manual
5 org.apache.logging.log4j Logger true traceExit (EntryMessage,Object) Argument[1] ReturnValue value manual
6 org.apache.logging.log4j Logger true traceExit (Message,Object) Argument[1] ReturnValue value manual
7 org.apache.logging.log4j Logger true traceExit (Object) Argument[0] ReturnValue value manual
8 org.apache.logging.log4j Logger true traceExit (String,Object) Argument[1] ReturnValue value manual
9 org.apache.commons.collections4 MapUtils true predicatedMap Argument[0].MapValue ReturnValue.MapValue value manual
10 org.apache.commons.collections4 MapUtils true toMap Argument[0].MapKey ReturnValue.MapKey value manual
11 org.apache.commons.collections4 MapUtils true toMap Argument[0].MapValue ReturnValue.MapValue value manual

17
java/ql/test/utils/flowtestcasegenerator/test.py Normal file
View File

@@ -0,0 +1,17 @@
# This script is for debugging purposes for the flow test case generator.
# Some dummy tests are created and executed.
# It requites that `--search-path /path/to/semmle-code/ql` is added to `~/.config/codeql/config`
# Usage: python3 test.py
import subprocess
# Generate test cases
print('Generating test cases...')
if subprocess.check_call(["../../../src/utils/flowtestcasegenerator/GenerateFlowTestCase.py", "specs.csv", "pom.xml", "--force", "."]):
print("Failed to generate test cases.")
exit(1)
# Run test cases.
print('Running test cases...')
subprocess.call(["codeql", "test", "run", "test.ql"])