Add generated tests

2026-04-30 11:15:13 +02:00 · 2021-07-01 04:11:37 -07:00
parent b807757863
commit b01e6d49fb
3 changed files with 185 additions and 0 deletions
--- a/java/ql/test/library-tests/frameworks/spring/webmultipart/Test.java
+++ b/java/ql/test/library-tests/frameworks/spring/webmultipart/Test.java
@@ -0,0 +1,121 @@
+package generatedtest;
+
+import java.io.InputStream;
+import java.util.Iterator;
+import java.util.List;
+import java.util.Map;
+import javax.servlet.http.HttpServletRequest;
+import org.springframework.core.io.Resource;
+import org.springframework.http.HttpHeaders;
+import org.springframework.util.MultiValueMap;
+import org.springframework.web.multipart.MultipartFile;
+import org.springframework.web.multipart.MultipartHttpServletRequest;
+import org.springframework.web.multipart.MultipartRequest;
+import org.springframework.web.multipart.MultipartResolver;
+
+// Test case generated by GenerateFlowTestCase.ql
+public class Test {
+
+	Object getElement(Object container) { return null; }
+	Object getMapValue(Object container) { return null; }
+	Object source() { return null; }
+	void sink(Object o) { }
+
+	public void test() {
+
+		{
+			// "org.springframework.web.multipart;MultipartFile;true;getBytes;;;Argument[-1];ReturnValue;taint"
+			byte[] out = null;
+			MultipartFile in = (MultipartFile)source();
+			out = in.getBytes();
+			sink(out); // $hasTaintFlow
+		}
+		{
+			// "org.springframework.web.multipart;MultipartFile;true;getInputStream;;;Argument[-1];ReturnValue;taint"
+			InputStream out = null;
+			MultipartFile in = (MultipartFile)source();
+			out = in.getInputStream();
+			sink(out); // $hasTaintFlow
+		}
+		{
+			// "org.springframework.web.multipart;MultipartFile;true;getName;;;Argument[-1];ReturnValue;taint"
+			String out = null;
+			MultipartFile in = (MultipartFile)source();
+			out = in.getName();
+			sink(out); // $hasTaintFlow
+		}
+		{
+			// "org.springframework.web.multipart;MultipartFile;true;getOriginalFilename;;;Argument[-1];ReturnValue;taint"
+			String out = null;
+			MultipartFile in = (MultipartFile)source();
+			out = in.getOriginalFilename();
+			sink(out); // $hasTaintFlow
+		}
+		{
+			// "org.springframework.web.multipart;MultipartFile;true;getResource;;;Argument[-1];ReturnValue;taint"
+			Resource out = null;
+			MultipartFile in = (MultipartFile)source();
+			out = in.getResource();
+			sink(out); // $hasTaintFlow
+		}
+		{
+			// "org.springframework.web.multipart;MultipartHttpServletRequest;true;getMultipartHeaders;;;Argument[-1];ReturnValue;taint"
+			HttpHeaders out = null;
+			MultipartHttpServletRequest in = (MultipartHttpServletRequest)source();
+			out = in.getMultipartHeaders(null);
+			sink(out); // $hasTaintFlow
+		}
+		{
+			// "org.springframework.web.multipart;MultipartHttpServletRequest;true;getRequestHeaders;;;Argument[-1];ReturnValue;taint"
+			HttpHeaders out = null;
+			MultipartHttpServletRequest in = (MultipartHttpServletRequest)source();
+			out = in.getRequestHeaders();
+			sink(out); // $hasTaintFlow
+		}
+		{
+			// "org.springframework.web.multipart;MultipartRequest;true;getFile;;;Argument[-1];ReturnValue;taint"
+			MultipartFile out = null;
+			MultipartRequest in = (MultipartRequest)source();
+			out = in.getFile(null);
+			sink(out); // $hasTaintFlow
+		}
+		{
+			// "org.springframework.web.multipart;MultipartRequest;true;getFileMap;;;Argument[-1];MapValue of ReturnValue;taint"
+			Map out = null;
+			MultipartRequest in = (MultipartRequest)source();
+			out = in.getFileMap();
+			sink(getMapValue(out)); // $hasTaintFlow
+		}
+		{
+			// "org.springframework.web.multipart;MultipartRequest;true;getFileNames;;;Argument[-1];Element of ReturnValue;taint"
+			Iterator out = null;
+			MultipartRequest in = (MultipartRequest)source();
+			out = in.getFileNames();
+			sink(getElement(out)); // $hasTaintFlow
+		}
+		{
+			// "org.springframework.web.multipart;MultipartRequest;true;getFiles;;;Argument[-1];Element of ReturnValue;taint"
+			List out = null;
+			MultipartRequest in = (MultipartRequest)source();
+			out = in.getFiles(null);
+			sink(getElement(out)); // $hasTaintFlow
+		}
+		{
+			// "org.springframework.web.multipart;MultipartRequest;true;getMultiFileMap;;;Argument[-1];MapValue of ReturnValue;taint"
+			MultiValueMap out = null;
+			MultipartRequest in = (MultipartRequest)source();
+			out = in.getMultiFileMap();
+			sink(getMapValue(out)); // $hasTaintFlow
+		}
+		{
+			// "org.springframework.web.multipart;MultipartResolver;true;resolveMultipart;;;Argument[0];ReturnValue;taint"
+			MultipartHttpServletRequest out = null;
+			HttpServletRequest in = (HttpServletRequest)source();
+			MultipartResolver instance = null;
+			out = instance.resolveMultipart(in);
+			sink(out); // $hasTaintFlow
+		}
+
+	}
+
+}
--- a/java/ql/test/library-tests/frameworks/spring/webmultipart/test.expected
+++ b/java/ql/test/library-tests/frameworks/spring/webmultipart/test.expected
--- a/java/ql/test/library-tests/frameworks/spring/webmultipart/test.ql
+++ b/java/ql/test/library-tests/frameworks/spring/webmultipart/test.ql
@@ -0,0 +1,64 @@
+import java
+import semmle.code.java.dataflow.DataFlow
+import semmle.code.java.dataflow.ExternalFlow
+import semmle.code.java.dataflow.TaintTracking
+import TestUtilities.InlineExpectationsTest
+
+class SummaryModelTest extends SummaryModelCsv {
+  override predicate row(string row) {
+    row =
+      [
+        //"package;type;overrides;name;signature;ext;inputspec;outputspec;kind",
+        "generatedtest;Test;false;getElement;;;Element of Argument[0];ReturnValue;value",
+        "generatedtest;Test;false;getMapValue;;;MapValue of Argument[0];ReturnValue;value"
+      ]
+  }
+}
+
+class ValueFlowConf extends DataFlow::Configuration {
+  ValueFlowConf() { this = "qltest:valueFlowConf" }
+
+  override predicate isSource(DataFlow::Node n) {
+    n.asExpr().(MethodAccess).getMethod().hasName("source")
+  }
+
+  override predicate isSink(DataFlow::Node n) {
+    n.asExpr().(Argument).getCall().getCallee().hasName("sink")
+  }
+}
+
+class TaintFlowConf extends TaintTracking::Configuration {
+  TaintFlowConf() { this = "qltest:taintFlowConf" }
+
+  override predicate isSource(DataFlow::Node n) {
+    n.asExpr().(MethodAccess).getMethod().hasName("source")
+  }
+
+  override predicate isSink(DataFlow::Node n) {
+    n.asExpr().(Argument).getCall().getCallee().hasName("sink")
+  }
+}
+
+class HasFlowTest extends InlineExpectationsTest {
+  HasFlowTest() { this = "HasFlowTest" }
+
+  override string getARelevantTag() { result = ["hasValueFlow", "hasTaintFlow"] }
+
+  override predicate hasActualResult(Location location, string element, string tag, string value) {
+    tag = "hasValueFlow" and
+    exists(DataFlow::Node src, DataFlow::Node sink, ValueFlowConf conf | conf.hasFlow(src, sink) |
+      sink.getLocation() = location and
+      element = sink.toString() and
+      value = ""
+    )
+    or
+    tag = "hasTaintFlow" and
+    exists(DataFlow::Node src, DataFlow::Node sink, TaintFlowConf conf |
+      conf.hasFlow(src, sink) and not any(ValueFlowConf c).hasFlow(src, sink)
+    |
+      sink.getLocation() = location and
+      element = sink.toString() and
+      value = ""
+    )
+  }
+}