From b49c6dcbd4f0ed053b04530ea345068172c5db98 Mon Sep 17 00:00:00 2001 From: MarkLee131 Date: Sat, 4 Apr 2026 22:04:05 +0800 Subject: [PATCH] Add @Pattern annotation test case and javax-validation-constraints stub Adds a dedicated test verifying that fields annotated with @javax.validation.constraints.Pattern are recognized as sanitized by RegexpCheckBarrier, in addition to the existing String.matches() guard test. --- .../security/CWE-501/TrustBoundaryViolations.java | 8 ++++++++ java/ql/test/query-tests/security/CWE-501/options | 2 +- 2 files changed, 9 insertions(+), 1 deletion(-) diff --git a/java/ql/test/query-tests/security/CWE-501/TrustBoundaryViolations.java b/java/ql/test/query-tests/security/CWE-501/TrustBoundaryViolations.java index f81da8ac8cf..06e9c6cc929 100644 --- a/java/ql/test/query-tests/security/CWE-501/TrustBoundaryViolations.java +++ b/java/ql/test/query-tests/security/CWE-501/TrustBoundaryViolations.java @@ -38,4 +38,12 @@ public class TrustBoundaryViolations extends HttpServlet { request.getSession().setAttribute("input4", input4); } } + + @javax.validation.constraints.Pattern(regexp = "^[a-zA-Z0-9]+$") + String validatedField; + + public void doPost(HttpServletRequest request, HttpServletResponse response) { + // GOOD: The field is constrained by a @Pattern annotation. + request.getSession().setAttribute("validated", validatedField); + } } diff --git a/java/ql/test/query-tests/security/CWE-501/options b/java/ql/test/query-tests/security/CWE-501/options index 37d627da7e8..15ba67d1832 100644 --- a/java/ql/test/query-tests/security/CWE-501/options +++ b/java/ql/test/query-tests/security/CWE-501/options @@ -1 +1 @@ -//semmle-extractor-options: --javac-args -cp ${testdir}/../../../stubs/esapi-2.0.1:${testdir}/../../../stubs/javax-servlet-2.5 +//semmle-extractor-options: --javac-args -cp ${testdir}/../../../stubs/esapi-2.0.1:${testdir}/../../../stubs/javax-servlet-2.5:${testdir}/../../../stubs/javax-validation-constraints