mirror of
https://github.com/github/codeql.git
synced 2026-04-30 11:15:13 +02:00
Update style of inline expectation comments
This commit is contained in:
Owen Mansel-Chan
@@ -25,75 +25,75 @@ import jakarta.ws.rs.core.Response;
|
||||
import jakarta.ws.rs.ext.MessageBodyReader;
|
||||
|
||||
@Path("")
|
||||
public class JakartaRs1 { // $RootResourceClass
|
||||
public JakartaRs1() { // $InjectableConstructor
|
||||
public class JakartaRs1 { // $ RootResourceClass
|
||||
public JakartaRs1() { // $ InjectableConstructor
|
||||
}
|
||||
|
||||
@GET
|
||||
int Get() { // $ResourceMethod $ResourceMethodOnResourceClass
|
||||
return 0; // $XssSink
|
||||
int Get() { // $ ResourceMethod ResourceMethodOnResourceClass
|
||||
return 0; // $ XssSink
|
||||
}
|
||||
|
||||
@POST
|
||||
void Post() { // $ResourceMethod $ResourceMethodOnResourceClass
|
||||
void Post() { // $ ResourceMethod ResourceMethodOnResourceClass
|
||||
}
|
||||
|
||||
@Produces("text/plain") // $ProducesAnnotation=text/plain
|
||||
@Produces("text/plain") // $ ProducesAnnotation=text/plain
|
||||
@DELETE
|
||||
double Delete() { // $ResourceMethod=text/plain $ResourceMethodOnResourceClass
|
||||
return 0.0; // $XssSink
|
||||
double Delete() { // $ ResourceMethod=text/plain ResourceMethodOnResourceClass
|
||||
return 0.0; // $ XssSink
|
||||
}
|
||||
|
||||
@Produces(MediaType.TEXT_HTML) // $ProducesAnnotation=text/html
|
||||
@Produces(MediaType.TEXT_HTML) // $ ProducesAnnotation=text/html
|
||||
@PUT
|
||||
void Put() { // $ResourceMethod=text/html $ResourceMethodOnResourceClass
|
||||
void Put() { // $ ResourceMethod=text/html ResourceMethodOnResourceClass
|
||||
}
|
||||
|
||||
@OPTIONS
|
||||
void Options() { // $ResourceMethod $ResourceMethodOnResourceClass
|
||||
void Options() { // $ ResourceMethod ResourceMethodOnResourceClass
|
||||
}
|
||||
|
||||
@HEAD
|
||||
void Head() { // $ResourceMethod $ResourceMethodOnResourceClass
|
||||
void Head() { // $ ResourceMethod ResourceMethodOnResourceClass
|
||||
}
|
||||
|
||||
@Path("")
|
||||
NonRootResourceClassJakarta subResourceLocator() { // $SubResourceLocator
|
||||
NonRootResourceClassJakarta subResourceLocator() { // $ SubResourceLocator
|
||||
return null;
|
||||
}
|
||||
|
||||
public class NonRootResourceClassJakarta { // $NonRootResourceClass
|
||||
public class NonRootResourceClassJakarta { // $ NonRootResourceClass
|
||||
@GET
|
||||
int Get() { // $ResourceMethod $ResourceMethodOnResourceClass
|
||||
return 0; // $XssSink
|
||||
int Get() { // $ ResourceMethod ResourceMethodOnResourceClass
|
||||
return 0; // $ XssSink
|
||||
}
|
||||
|
||||
@Produces("text/html") // $ProducesAnnotation=text/html
|
||||
@Produces("text/html") // $ ProducesAnnotation=text/html
|
||||
@POST
|
||||
boolean Post() { // $ResourceMethod=text/html $ResourceMethodOnResourceClass
|
||||
boolean Post() { // $ ResourceMethod=text/html ResourceMethodOnResourceClass
|
||||
return false;
|
||||
}
|
||||
|
||||
@Produces(MediaType.TEXT_PLAIN) // $ProducesAnnotation=text/plain
|
||||
@Produces(MediaType.TEXT_PLAIN) // $ ProducesAnnotation=text/plain
|
||||
@DELETE
|
||||
double Delete() { // $ResourceMethod=text/plain $ResourceMethodOnResourceClass
|
||||
return 0.0; // $XssSink
|
||||
double Delete() { // $ ResourceMethod=text/plain ResourceMethodOnResourceClass
|
||||
return 0.0; // $ XssSink
|
||||
}
|
||||
|
||||
@Path("")
|
||||
AnotherNonRootResourceClassJakarta subResourceLocator1() { // $SubResourceLocator
|
||||
AnotherNonRootResourceClassJakarta subResourceLocator1() { // $ SubResourceLocator
|
||||
return null;
|
||||
}
|
||||
|
||||
@GET
|
||||
@Path("")
|
||||
NotAResourceClass1Jakarta NotASubResourceLocator1() { // $ResourceMethod $ResourceMethodOnResourceClass
|
||||
return null; // $XssSink
|
||||
NotAResourceClass1Jakarta NotASubResourceLocator1() { // $ ResourceMethod ResourceMethodOnResourceClass
|
||||
return null; // $ XssSink
|
||||
}
|
||||
|
||||
@GET
|
||||
NotAResourceClass2Jakarta NotASubResourceLocator2() { // $ResourceMethod $ResourceMethodOnResourceClass
|
||||
return null; // $XssSink
|
||||
NotAResourceClass2Jakarta NotASubResourceLocator2() { // $ ResourceMethod ResourceMethodOnResourceClass
|
||||
return null; // $ XssSink
|
||||
}
|
||||
|
||||
NotAResourceClass2Jakarta NotASubResourceLocator3() {
|
||||
@@ -102,50 +102,50 @@ public class JakartaRs1 { // $RootResourceClass
|
||||
}
|
||||
}
|
||||
|
||||
class AnotherNonRootResourceClassJakarta { // $NonRootResourceClass
|
||||
class AnotherNonRootResourceClassJakarta { // $ NonRootResourceClass
|
||||
public AnotherNonRootResourceClassJakarta() {
|
||||
}
|
||||
|
||||
public AnotherNonRootResourceClassJakarta(
|
||||
@BeanParam int beanParam, // $InjectionAnnotation
|
||||
@CookieParam("") int cookieParam, // $InjectionAnnotation
|
||||
@FormParam("") int formParam, // $InjectionAnnotation
|
||||
@HeaderParam("") int headerParam, // $InjectionAnnotation
|
||||
@MatrixParam("") int matrixParam, // $InjectionAnnotation
|
||||
@PathParam("") int pathParam, // $InjectionAnnotation
|
||||
@QueryParam("") int queryParam, // $InjectionAnnotation
|
||||
@Context int context) { // $InjectionAnnotation
|
||||
@BeanParam int beanParam, // $ InjectionAnnotation
|
||||
@CookieParam("") int cookieParam, // $ InjectionAnnotation
|
||||
@FormParam("") int formParam, // $ InjectionAnnotation
|
||||
@HeaderParam("") int headerParam, // $ InjectionAnnotation
|
||||
@MatrixParam("") int matrixParam, // $ InjectionAnnotation
|
||||
@PathParam("") int pathParam, // $ InjectionAnnotation
|
||||
@QueryParam("") int queryParam, // $ InjectionAnnotation
|
||||
@Context int context) { // $ InjectionAnnotation
|
||||
}
|
||||
|
||||
@Path("")
|
||||
public void resourceMethodWithBeanParamParameter(@BeanParam FooJakarta FooJakarta) { // $SubResourceLocator $InjectionAnnotation
|
||||
public void resourceMethodWithBeanParamParameter(@BeanParam FooJakarta FooJakarta) { // $ SubResourceLocator InjectionAnnotation
|
||||
}
|
||||
}
|
||||
|
||||
class FooJakarta {
|
||||
FooJakarta() { // $BeanParamConstructor
|
||||
FooJakarta() { // $ BeanParamConstructor
|
||||
}
|
||||
|
||||
public FooJakarta( // $BeanParamConstructor
|
||||
@BeanParam int beanParam, // $InjectionAnnotation
|
||||
@CookieParam("") int cookieParam, // $InjectionAnnotation
|
||||
@FormParam("") int formParam, // $InjectionAnnotation
|
||||
@HeaderParam("") int headerParam, // $InjectionAnnotation
|
||||
@MatrixParam("") int matrixParam, // $InjectionAnnotation
|
||||
@PathParam("") int pathParam, // $InjectionAnnotation
|
||||
@QueryParam("") int queryParam, // $InjectionAnnotation
|
||||
@Context int context) { // $InjectionAnnotation
|
||||
public FooJakarta( // $ BeanParamConstructor
|
||||
@BeanParam int beanParam, // $ InjectionAnnotation
|
||||
@CookieParam("") int cookieParam, // $ InjectionAnnotation
|
||||
@FormParam("") int formParam, // $ InjectionAnnotation
|
||||
@HeaderParam("") int headerParam, // $ InjectionAnnotation
|
||||
@MatrixParam("") int matrixParam, // $ InjectionAnnotation
|
||||
@PathParam("") int pathParam, // $ InjectionAnnotation
|
||||
@QueryParam("") int queryParam, // $ InjectionAnnotation
|
||||
@Context int context) { // $ InjectionAnnotation
|
||||
}
|
||||
|
||||
public FooJakarta(
|
||||
@BeanParam int beanParam, // $InjectionAnnotation
|
||||
@CookieParam("") int cookieParam, // $InjectionAnnotation
|
||||
@FormParam("") int formParam, // $InjectionAnnotation
|
||||
@HeaderParam("") int headerParam, // $InjectionAnnotation
|
||||
@MatrixParam("") int matrixParam, // $InjectionAnnotation
|
||||
@PathParam("") int pathParam, // $InjectionAnnotation
|
||||
@QueryParam("") int queryParam, // $InjectionAnnotation
|
||||
@Context int context, // $InjectionAnnotation
|
||||
@BeanParam int beanParam, // $ InjectionAnnotation
|
||||
@CookieParam("") int cookieParam, // $ InjectionAnnotation
|
||||
@FormParam("") int formParam, // $ InjectionAnnotation
|
||||
@HeaderParam("") int headerParam, // $ InjectionAnnotation
|
||||
@MatrixParam("") int matrixParam, // $ InjectionAnnotation
|
||||
@PathParam("") int pathParam, // $ InjectionAnnotation
|
||||
@QueryParam("") int queryParam, // $ InjectionAnnotation
|
||||
@Context int context, // $ InjectionAnnotation
|
||||
int paramWithoutAnnotation) {
|
||||
}
|
||||
}
|
||||
@@ -158,58 +158,58 @@ class NotAResourceClass2Jakarta {
|
||||
|
||||
class ExtendsJakartaRs1 extends JakartaRs1 {
|
||||
@Override
|
||||
int Get() { // $ResourceMethod
|
||||
int Get() { // $ ResourceMethod
|
||||
return 1;
|
||||
}
|
||||
|
||||
@Override
|
||||
@QueryParam("") // $InjectionAnnotation
|
||||
@QueryParam("") // $ InjectionAnnotation
|
||||
void Post() {
|
||||
}
|
||||
|
||||
@Override
|
||||
double Delete() { // $ResourceMethod=text/plain
|
||||
double Delete() { // $ ResourceMethod=text/plain
|
||||
return 1.0;
|
||||
}
|
||||
|
||||
@Override
|
||||
void Put() { // $ResourceMethod=text/html
|
||||
void Put() { // $ ResourceMethod=text/html
|
||||
}
|
||||
|
||||
@Produces("application/json") // $ProducesAnnotation=application/json
|
||||
@Produces("application/json") // $ ProducesAnnotation=application/json
|
||||
@Override
|
||||
void Options() {
|
||||
}
|
||||
|
||||
@Produces(MediaType.TEXT_XML) // $ProducesAnnotation=text/xml
|
||||
@Produces(MediaType.TEXT_XML) // $ ProducesAnnotation=text/xml
|
||||
@Override
|
||||
void Head() {
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@Produces(MediaType.TEXT_XML) // $ProducesAnnotation=text/xml
|
||||
@Produces(MediaType.TEXT_XML) // $ ProducesAnnotation=text/xml
|
||||
class ExtendsJakartaRs1WithProducesAnnotation extends JakartaRs1 {
|
||||
@Override
|
||||
int Get() { // $ResourceMethod=text/xml
|
||||
int Get() { // $ ResourceMethod=text/xml
|
||||
return 2;
|
||||
}
|
||||
|
||||
@Override
|
||||
@QueryParam("") // $InjectionAnnotation
|
||||
@QueryParam("") // $ InjectionAnnotation
|
||||
void Post() {
|
||||
}
|
||||
|
||||
@Override
|
||||
double Delete() { // $ResourceMethod=text/plain
|
||||
double Delete() { // $ ResourceMethod=text/plain
|
||||
return 2.0;
|
||||
}
|
||||
|
||||
@Override
|
||||
void Put() { // $ResourceMethod=text/html
|
||||
void Put() { // $ ResourceMethod=text/html
|
||||
}
|
||||
|
||||
@Override
|
||||
void Options() { // $ResourceMethod=text/xml
|
||||
void Options() { // $ ResourceMethod=text/xml
|
||||
}
|
||||
}
|
||||
@@ -25,48 +25,48 @@ import jakarta.ws.rs.core.Response;
|
||||
import jakarta.ws.rs.ext.MessageBodyReader;
|
||||
|
||||
@Path("")
|
||||
class JakartaRs2 { // $RootResourceClass
|
||||
class JakartaRs2 { // $ RootResourceClass
|
||||
JakartaRs2() {
|
||||
}
|
||||
|
||||
public JakartaRs2(// $InjectableConstructor
|
||||
@BeanParam int beanParam, // $InjectionAnnotation
|
||||
@CookieParam("") int cookieParam, // $InjectionAnnotation
|
||||
@FormParam("") int formParam, // $InjectionAnnotation
|
||||
@HeaderParam("") int headerParam, // $InjectionAnnotation
|
||||
@MatrixParam("") int matrixParam, // $InjectionAnnotation
|
||||
@PathParam("") int pathParam, // $InjectionAnnotation
|
||||
@QueryParam("") int queryParam, // $InjectionAnnotation
|
||||
@Context int context) { // $InjectionAnnotation
|
||||
public JakartaRs2(// $ InjectableConstructor
|
||||
@BeanParam int beanParam, // $ InjectionAnnotation
|
||||
@CookieParam("") int cookieParam, // $ InjectionAnnotation
|
||||
@FormParam("") int formParam, // $ InjectionAnnotation
|
||||
@HeaderParam("") int headerParam, // $ InjectionAnnotation
|
||||
@MatrixParam("") int matrixParam, // $ InjectionAnnotation
|
||||
@PathParam("") int pathParam, // $ InjectionAnnotation
|
||||
@QueryParam("") int queryParam, // $ InjectionAnnotation
|
||||
@Context int context) { // $ InjectionAnnotation
|
||||
}
|
||||
|
||||
public JakartaRs2(@BeanParam int beanParam, // $InjectionAnnotation
|
||||
@CookieParam("") int cookieParam, // $InjectionAnnotation
|
||||
@FormParam("") int formParam, // $InjectionAnnotation
|
||||
@HeaderParam("") int headerParam, // $InjectionAnnotation
|
||||
@MatrixParam("") int matrixParam, // $InjectionAnnotation
|
||||
@PathParam("") int pathParam, // $InjectionAnnotation
|
||||
@QueryParam("") int queryParam, // $InjectionAnnotation
|
||||
@Context int context, // $InjectionAnnotation
|
||||
public JakartaRs2(@BeanParam int beanParam, // $ InjectionAnnotation
|
||||
@CookieParam("") int cookieParam, // $ InjectionAnnotation
|
||||
@FormParam("") int formParam, // $ InjectionAnnotation
|
||||
@HeaderParam("") int headerParam, // $ InjectionAnnotation
|
||||
@MatrixParam("") int matrixParam, // $ InjectionAnnotation
|
||||
@PathParam("") int pathParam, // $ InjectionAnnotation
|
||||
@QueryParam("") int queryParam, // $ InjectionAnnotation
|
||||
@Context int context, // $ InjectionAnnotation
|
||||
int paramWithoutAnnotation) {
|
||||
}
|
||||
|
||||
@BeanParam // $InjectionAnnotation
|
||||
int beanField; // $InjectableField
|
||||
@CookieParam("") // $InjectionAnnotation
|
||||
int cookieField; // $InjectableField
|
||||
@FormParam("") // $InjectionAnnotation
|
||||
int formField; // $InjectableField
|
||||
@HeaderParam("") // $InjectionAnnotation
|
||||
int headerField; // $InjectableField
|
||||
@MatrixParam("") // $InjectionAnnotation
|
||||
int matrixField; // $InjectableField
|
||||
@PathParam("") // $InjectionAnnotation
|
||||
int pathField; // $InjectableField
|
||||
@QueryParam("") // $InjectionAnnotation
|
||||
int queryField; // $InjectableField
|
||||
@Context // $InjectionAnnotation
|
||||
int context; // $InjectableField
|
||||
@BeanParam // $ InjectionAnnotation
|
||||
int beanField; // $ InjectableField
|
||||
@CookieParam("") // $ InjectionAnnotation
|
||||
int cookieField; // $ InjectableField
|
||||
@FormParam("") // $ InjectionAnnotation
|
||||
int formField; // $ InjectableField
|
||||
@HeaderParam("") // $ InjectionAnnotation
|
||||
int headerField; // $ InjectableField
|
||||
@MatrixParam("") // $ InjectionAnnotation
|
||||
int matrixField; // $ InjectableField
|
||||
@PathParam("") // $ InjectionAnnotation
|
||||
int pathField; // $ InjectableField
|
||||
@QueryParam("") // $ InjectionAnnotation
|
||||
int queryField; // $ InjectableField
|
||||
@Context // $ InjectionAnnotation
|
||||
int context; // $ InjectableField
|
||||
int fieldWithoutAnnotation;
|
||||
}
|
||||
|
||||
@@ -85,14 +85,14 @@ class CustomUnmarshallerJakarta implements MessageBodyReader {
|
||||
}
|
||||
|
||||
class MiscellaneousJakarta {
|
||||
@Consumes("") // $ConsumesAnnotation
|
||||
@Consumes("") // $ ConsumesAnnotation
|
||||
public static void miscellaneousJakarta() throws IOException {
|
||||
Response.ResponseBuilder responseBuilder = Response.accepted(); // $ResponseBuilderDeclaration
|
||||
Response response = responseBuilder.build(); // $ResponseDeclaration
|
||||
Client client; // $ClientDeclaration
|
||||
MessageBodyReader<String> messageBodyReader = null; // $MessageBodyReaderDeclaration
|
||||
messageBodyReader.readFrom(null, null, null, null, null, null); // $MessageBodyReaderReadFromCall $MessageBodyReaderReadCall
|
||||
Response.ResponseBuilder responseBuilder = Response.accepted(); // $ ResponseBuilderDeclaration
|
||||
Response response = responseBuilder.build(); // $ ResponseDeclaration
|
||||
Client client; // $ ClientDeclaration
|
||||
MessageBodyReader<String> messageBodyReader = null; // $ MessageBodyReaderDeclaration
|
||||
messageBodyReader.readFrom(null, null, null, null, null, null); // $ MessageBodyReaderReadFromCall MessageBodyReaderReadCall
|
||||
CustomUnmarshallerJakarta CustomUnmarshallerJakarta = null;
|
||||
CustomUnmarshallerJakarta.readFrom(null, null, null, null, null, null); // $MessageBodyReaderReadCall
|
||||
CustomUnmarshallerJakarta.readFrom(null, null, null, null, null, null); // $ MessageBodyReaderReadCall
|
||||
}
|
||||
}
|
||||
@@ -71,84 +71,84 @@ public class JakartaRsFlow {
|
||||
void sink(Object o) {}
|
||||
|
||||
void testResponse() {
|
||||
sink(Response.accepted(taint())); // $hasTaintFlow
|
||||
sink(Response.fromResponse(ResponseSource.taint())); // $hasTaintFlow
|
||||
sink(Response.ok(taint())); // $hasTaintFlow
|
||||
sink(Response.ok(taint(), new MediaType())); // $hasTaintFlow
|
||||
sink(Response.ok(taint(), "type")); // $hasTaintFlow
|
||||
sink(Response.ok(taint(), new Variant(new MediaType(), "", ""))); // $hasTaintFlow
|
||||
sink(Response.accepted(taint())); // $ hasTaintFlow
|
||||
sink(Response.fromResponse(ResponseSource.taint())); // $ hasTaintFlow
|
||||
sink(Response.ok(taint())); // $ hasTaintFlow
|
||||
sink(Response.ok(taint(), new MediaType())); // $ hasTaintFlow
|
||||
sink(Response.ok(taint(), "type")); // $ hasTaintFlow
|
||||
sink(Response.ok(taint(), new Variant(new MediaType(), "", ""))); // $ hasTaintFlow
|
||||
}
|
||||
|
||||
void testResponseBuilder(MultivaluedMap<String,Object> multivaluedMap, List<Variant> list) throws Exception {
|
||||
sink(ResponseBuilderSource.taint().build()); // $hasTaintFlow
|
||||
sink(Response.noContent().entity(taint())); // $hasTaintFlow
|
||||
sink(ResponseBuilderSource.taint().allow(new HashSet<String>())); // $hasValueFlow
|
||||
sink(ResponseBuilderSource.taint().cacheControl(new CacheControl())); // $hasValueFlow
|
||||
sink(ResponseBuilderSource.taint().clone()); // $hasTaintFlow
|
||||
sink(ResponseBuilderSource.taint().contentLocation(new URI(""))); // $hasValueFlow
|
||||
sink(ResponseBuilderSource.taint().cookie()); // $hasValueFlow
|
||||
sink(ResponseBuilderSource.taint().encoding("")); // $hasValueFlow
|
||||
sink(ResponseBuilderSource.taint().entity("")); // $hasValueFlow
|
||||
sink(ResponseBuilderSource.taint().expires(new Date())); // $hasValueFlow
|
||||
sink(ResponseBuilderSource.taint().header("", "")); // $hasValueFlow
|
||||
sink(ResponseBuilderSource.taint().language("")); // $hasValueFlow
|
||||
sink(ResponseBuilderSource.taint().lastModified(new Date())); // $hasValueFlow
|
||||
sink(ResponseBuilderSource.taint().link("", "")); // $hasValueFlow
|
||||
sink(ResponseBuilderSource.taint().link(new URI(""), "")); // $hasValueFlow
|
||||
sink(ResponseBuilderSource.taint().links()); // $hasValueFlow
|
||||
sink(ResponseBuilderSource.taint().location(new URI(""))); // $hasValueFlow
|
||||
sink(ResponseBuilderSource.taint().replaceAll(multivaluedMap)); // $hasValueFlow
|
||||
sink(ResponseBuilderSource.taint().status(400)); // $hasValueFlow
|
||||
sink(ResponseBuilderSource.taint().tag(new EntityTag(""))); // $hasValueFlow
|
||||
sink(ResponseBuilderSource.taint().tag("")); // $hasValueFlow
|
||||
sink(ResponseBuilderSource.taint().type("")); // $hasValueFlow
|
||||
sink(ResponseBuilderSource.taint().variant(new Variant(new MediaType(), "", ""))); // $hasValueFlow
|
||||
sink(ResponseBuilderSource.taint().variants(list)); // $hasValueFlow
|
||||
sink(ResponseBuilderSource.taint().variants()); // $hasValueFlow
|
||||
sink(ResponseBuilderSource.taint().build()); // $ hasTaintFlow
|
||||
sink(Response.noContent().entity(taint())); // $ hasTaintFlow
|
||||
sink(ResponseBuilderSource.taint().allow(new HashSet<String>())); // $ hasValueFlow
|
||||
sink(ResponseBuilderSource.taint().cacheControl(new CacheControl())); // $ hasValueFlow
|
||||
sink(ResponseBuilderSource.taint().clone()); // $ hasTaintFlow
|
||||
sink(ResponseBuilderSource.taint().contentLocation(new URI(""))); // $ hasValueFlow
|
||||
sink(ResponseBuilderSource.taint().cookie()); // $ hasValueFlow
|
||||
sink(ResponseBuilderSource.taint().encoding("")); // $ hasValueFlow
|
||||
sink(ResponseBuilderSource.taint().entity("")); // $ hasValueFlow
|
||||
sink(ResponseBuilderSource.taint().expires(new Date())); // $ hasValueFlow
|
||||
sink(ResponseBuilderSource.taint().header("", "")); // $ hasValueFlow
|
||||
sink(ResponseBuilderSource.taint().language("")); // $ hasValueFlow
|
||||
sink(ResponseBuilderSource.taint().lastModified(new Date())); // $ hasValueFlow
|
||||
sink(ResponseBuilderSource.taint().link("", "")); // $ hasValueFlow
|
||||
sink(ResponseBuilderSource.taint().link(new URI(""), "")); // $ hasValueFlow
|
||||
sink(ResponseBuilderSource.taint().links()); // $ hasValueFlow
|
||||
sink(ResponseBuilderSource.taint().location(new URI(""))); // $ hasValueFlow
|
||||
sink(ResponseBuilderSource.taint().replaceAll(multivaluedMap)); // $ hasValueFlow
|
||||
sink(ResponseBuilderSource.taint().status(400)); // $ hasValueFlow
|
||||
sink(ResponseBuilderSource.taint().tag(new EntityTag(""))); // $ hasValueFlow
|
||||
sink(ResponseBuilderSource.taint().tag("")); // $ hasValueFlow
|
||||
sink(ResponseBuilderSource.taint().type("")); // $ hasValueFlow
|
||||
sink(ResponseBuilderSource.taint().variant(new Variant(new MediaType(), "", ""))); // $ hasValueFlow
|
||||
sink(ResponseBuilderSource.taint().variants(list)); // $ hasValueFlow
|
||||
sink(ResponseBuilderSource.taint().variants()); // $ hasValueFlow
|
||||
}
|
||||
|
||||
void testHttpHeaders(HttpHeaders h) {
|
||||
sink(taint(h).getAcceptableLanguages()); // $hasTaintFlow
|
||||
sink(taint(h).getAcceptableMediaTypes()); // $hasTaintFlow
|
||||
sink(taint(h).getCookies()); // $hasTaintFlow
|
||||
sink(taint(h).getHeaderString("")); // $hasTaintFlow
|
||||
sink(taint(h).getLanguage()); // $hasTaintFlow
|
||||
sink(taint(h).getMediaType()); // $hasTaintFlow
|
||||
sink(taint(h).getRequestHeader("")); // $hasTaintFlow
|
||||
sink(taint(h).getRequestHeaders()); // $hasTaintFlow
|
||||
sink(taint(h).getAcceptableLanguages()); // $ hasTaintFlow
|
||||
sink(taint(h).getAcceptableMediaTypes()); // $ hasTaintFlow
|
||||
sink(taint(h).getCookies()); // $ hasTaintFlow
|
||||
sink(taint(h).getHeaderString("")); // $ hasTaintFlow
|
||||
sink(taint(h).getLanguage()); // $ hasTaintFlow
|
||||
sink(taint(h).getMediaType()); // $ hasTaintFlow
|
||||
sink(taint(h).getRequestHeader("")); // $ hasTaintFlow
|
||||
sink(taint(h).getRequestHeaders()); // $ hasTaintFlow
|
||||
}
|
||||
|
||||
void testMultivaluedMapAdd(MultivaluedMap<String, String> mm1, MultivaluedMap<String, String> mm2) {
|
||||
mm1.add(taint(), "value");
|
||||
sink(mm1.keySet().iterator().next()); // $hasValueFlow
|
||||
sink(mm1.keySet().iterator().next()); // $ hasValueFlow
|
||||
mm2.add("key", taint());
|
||||
sink(mm2.get("key").get(0)); // $hasValueFlow
|
||||
sink(mm2.get("key").get(0)); // $ hasValueFlow
|
||||
}
|
||||
|
||||
void testMultivaluedMapAddAll(MultivaluedMap<String, String> mm1, MultivaluedMap<String, String> mm2, MultivaluedMap<String, String> mm3) {
|
||||
mm1.addAll(taint(), "a", "b");
|
||||
sink(mm1.keySet().iterator().next()); // $hasValueFlow
|
||||
sink(mm1.keySet().iterator().next()); // $ hasValueFlow
|
||||
List<String> l = new ArrayList<String>();
|
||||
l.add(taint());
|
||||
mm2.addAll("key", l);
|
||||
sink(mm2.get("key").get(0)); // $hasValueFlow
|
||||
sink(mm2.get("key").get(0)); // $ hasValueFlow
|
||||
mm3.addAll("key", "a", taint());
|
||||
sink(mm3.get("key").get(0)); // $hasValueFlow
|
||||
sink(mm3.get("key").get(0)); // $ hasValueFlow
|
||||
}
|
||||
|
||||
void testMultivaluedMapAddFirst(MultivaluedMap<String, String> mm1, MultivaluedMap<String, String> mm2) {
|
||||
mm1.addFirst(taint(), "value");
|
||||
sink(mm1.keySet().iterator().next()); // $hasValueFlow
|
||||
sink(mm1.keySet().iterator().next()); // $ hasValueFlow
|
||||
mm2.addFirst("key", taint());
|
||||
sink(mm2.get("key").get(0)); // $hasValueFlow
|
||||
sink(mm2.getFirst("key")); // $hasValueFlow
|
||||
sink(mm2.get("key").get(0)); // $ hasValueFlow
|
||||
sink(mm2.getFirst("key")); // $ hasValueFlow
|
||||
}
|
||||
|
||||
void testMultivaluedMapputSingle(MultivaluedMap<String, String> mm1, MultivaluedMap<String, String> mm2) {
|
||||
mm1.putSingle(taint(), "value");
|
||||
sink(mm1.keySet().iterator().next()); // $hasValueFlow
|
||||
sink(mm1.keySet().iterator().next()); // $ hasValueFlow
|
||||
mm2.putSingle("key", taint());
|
||||
sink(mm2.get("key").get(0)); // $hasValueFlow
|
||||
sink(mm2.get("key").get(0)); // $ hasValueFlow
|
||||
}
|
||||
|
||||
class MyAbstractMultivaluedMapJak<K, V> extends AbstractMultivaluedMap<K, V> {
|
||||
@@ -160,248 +160,248 @@ public class JakartaRsFlow {
|
||||
void testAbstractMultivaluedMap(Map<String, List<String>> map1, Map<String, List<String>> map2, List<String> list) {
|
||||
map1.put(taint(), list);
|
||||
AbstractMultivaluedMap<String, String> amm1 = new MyAbstractMultivaluedMapJak<String, String>(map1);
|
||||
sink(amm1.keySet().iterator().next()); // $ MISSING: hasValueFlow
|
||||
sink(amm1.keySet().iterator().next()); // $ MISSING: hasValueFlow
|
||||
|
||||
list.add(taint());
|
||||
map2.put("key", list);
|
||||
AbstractMultivaluedMap<String, String> amm2 = new MyAbstractMultivaluedMapJak<String, String>(map2);
|
||||
sink(amm2.get("key").get(0)); // $ MISSING: hasValueFlow SPURIOUS: hasTaintFlow
|
||||
sink(amm2.get("key").get(0)); // $ MISSING: hasValueFlow SPURIOUS: hasTaintFlow
|
||||
}
|
||||
|
||||
void testMultivaluedHashMap(Map<String, String> map1, Map<String, String> map2,
|
||||
MultivaluedMap<String, String> mm1, MultivaluedMap<String, String> mm2) {
|
||||
map1.put(taint(), "value");
|
||||
MultivaluedHashMap<String, String> mhm1 = new MultivaluedHashMap<String, String>(map1);
|
||||
sink(mhm1.keySet().iterator().next()); // $hasValueFlow
|
||||
sink(mhm1.keySet().iterator().next()); // $ hasValueFlow
|
||||
|
||||
map2.put("key", taint());
|
||||
MultivaluedHashMap<String, String> mhm2 = new MultivaluedHashMap<String, String>(map2);
|
||||
sink(mhm2.get("key").get(0)); // $hasValueFlow
|
||||
sink(mhm2.get("key").get(0)); // $ hasValueFlow
|
||||
|
||||
mm1.add(taint(), "value");
|
||||
MultivaluedHashMap<String, String> mhm3 = new MultivaluedHashMap<String, String>(mm1);
|
||||
sink(mhm3.keySet().iterator().next()); // $hasValueFlow
|
||||
sink(mhm3.keySet().iterator().next()); // $ hasValueFlow
|
||||
|
||||
mm2.add("key", taint());
|
||||
MultivaluedHashMap<String, String> mhm4 = new MultivaluedHashMap<String, String>(mm2);
|
||||
sink(mhm4.get("key").get(0)); // $hasValueFlow
|
||||
sink(mhm4.get("key").get(0)); // $ hasValueFlow
|
||||
}
|
||||
|
||||
void testPathSegment(PathSegment ps1, PathSegment ps2) {
|
||||
sink(taint(ps1).getMatrixParameters()); // $hasTaintFlow
|
||||
sink(taint(ps2).getPath()); // $hasTaintFlow
|
||||
sink(taint(ps1).getMatrixParameters()); // $ hasTaintFlow
|
||||
sink(taint(ps2).getPath()); // $ hasTaintFlow
|
||||
}
|
||||
|
||||
void testUriInfo(UriInfo ui1, UriInfo ui2, UriInfo ui3, UriInfo ui4, UriInfo ui5) {
|
||||
sink(taint(ui1).getPathParameters()); // $hasTaintFlow
|
||||
sink(taint(ui2).getPathSegments()); // $hasTaintFlow
|
||||
sink(taint(ui2).getQueryParameters()); // $hasTaintFlow
|
||||
sink(taint(ui2).getRequestUri()); // $hasTaintFlow
|
||||
sink(taint(ui2).getRequestUriBuilder()); // $hasTaintFlow
|
||||
sink(taint(ui1).getPathParameters()); // $ hasTaintFlow
|
||||
sink(taint(ui2).getPathSegments()); // $ hasTaintFlow
|
||||
sink(taint(ui2).getQueryParameters()); // $ hasTaintFlow
|
||||
sink(taint(ui2).getRequestUri()); // $ hasTaintFlow
|
||||
sink(taint(ui2).getRequestUriBuilder()); // $ hasTaintFlow
|
||||
}
|
||||
|
||||
void testCookie() {
|
||||
sink(new Cookie(taint(), "", "", "", 0)); // $hasTaintFlow
|
||||
sink(new Cookie("", taint(), "", "", 0)); // $hasTaintFlow
|
||||
sink(new Cookie("", "", taint(), "", 0)); // $hasTaintFlow
|
||||
sink(new Cookie("", "", "", taint(), 0)); // $hasTaintFlow
|
||||
sink(new Cookie("", "", "", "", IntSource.taint())); // $hasTaintFlow
|
||||
sink(new Cookie(taint(), "", "", "")); // $hasTaintFlow
|
||||
sink(new Cookie("", taint(), "", "")); // $hasTaintFlow
|
||||
sink(new Cookie("", "", taint(), "")); // $hasTaintFlow
|
||||
sink(new Cookie("", "", "", taint())); // $hasTaintFlow
|
||||
sink(new Cookie(taint(), "")); // $hasTaintFlow
|
||||
sink(new Cookie("", taint())); // $hasTaintFlow
|
||||
sink(Cookie.valueOf(taint())); // $hasTaintFlow
|
||||
sink(Cookie.valueOf(taint()).getDomain()); // $hasTaintFlow
|
||||
sink(Cookie.valueOf(taint()).getName()); // $hasTaintFlow
|
||||
sink(Cookie.valueOf(taint()).getPath()); // $hasTaintFlow
|
||||
sink(Cookie.valueOf(taint()).getValue()); // $hasTaintFlow
|
||||
sink(Cookie.valueOf(taint()).getVersion()); // $hasTaintFlow
|
||||
sink(Cookie.valueOf(taint()).toString()); // $hasTaintFlow
|
||||
sink(new Cookie(taint(), "", "", "", 0)); // $ hasTaintFlow
|
||||
sink(new Cookie("", taint(), "", "", 0)); // $ hasTaintFlow
|
||||
sink(new Cookie("", "", taint(), "", 0)); // $ hasTaintFlow
|
||||
sink(new Cookie("", "", "", taint(), 0)); // $ hasTaintFlow
|
||||
sink(new Cookie("", "", "", "", IntSource.taint())); // $ hasTaintFlow
|
||||
sink(new Cookie(taint(), "", "", "")); // $ hasTaintFlow
|
||||
sink(new Cookie("", taint(), "", "")); // $ hasTaintFlow
|
||||
sink(new Cookie("", "", taint(), "")); // $ hasTaintFlow
|
||||
sink(new Cookie("", "", "", taint())); // $ hasTaintFlow
|
||||
sink(new Cookie(taint(), "")); // $ hasTaintFlow
|
||||
sink(new Cookie("", taint())); // $ hasTaintFlow
|
||||
sink(Cookie.valueOf(taint())); // $ hasTaintFlow
|
||||
sink(Cookie.valueOf(taint()).getDomain()); // $ hasTaintFlow
|
||||
sink(Cookie.valueOf(taint()).getName()); // $ hasTaintFlow
|
||||
sink(Cookie.valueOf(taint()).getPath()); // $ hasTaintFlow
|
||||
sink(Cookie.valueOf(taint()).getValue()); // $ hasTaintFlow
|
||||
sink(Cookie.valueOf(taint()).getVersion()); // $ hasTaintFlow
|
||||
sink(Cookie.valueOf(taint()).toString()); // $ hasTaintFlow
|
||||
}
|
||||
|
||||
void testNewCookie() {
|
||||
sink(new NewCookie(Cookie.valueOf(taint()))); // $hasTaintFlow
|
||||
sink(new NewCookie(Cookie.valueOf(taint()))); // $ hasTaintFlow
|
||||
|
||||
sink(new NewCookie(Cookie.valueOf(taint()), "", 0, true)); // $hasTaintFlow
|
||||
sink(new NewCookie(Cookie.valueOf(""), taint(), 0, false)); // $hasTaintFlow
|
||||
sink(new NewCookie(Cookie.valueOf(""), "", IntSource.taint(), true)); // $hasTaintFlow
|
||||
sink(new NewCookie(Cookie.valueOf(""), "", 0, BooleanSource.taint())); // $hasTaintFlow
|
||||
sink(new NewCookie(Cookie.valueOf(taint()), "", 0, true)); // $ hasTaintFlow
|
||||
sink(new NewCookie(Cookie.valueOf(""), taint(), 0, false)); // $ hasTaintFlow
|
||||
sink(new NewCookie(Cookie.valueOf(""), "", IntSource.taint(), true)); // $ hasTaintFlow
|
||||
sink(new NewCookie(Cookie.valueOf(""), "", 0, BooleanSource.taint())); // $ hasTaintFlow
|
||||
|
||||
sink(new NewCookie(Cookie.valueOf(taint()), "", 0, new Date(), true, true)); // $hasTaintFlow
|
||||
sink(new NewCookie(Cookie.valueOf(""), taint(), 0, new Date(), true, false)); // $hasTaintFlow
|
||||
sink(new NewCookie(Cookie.valueOf(""), "", IntSource.taint(), new Date(), false, true)); // $hasTaintFlow
|
||||
sink(new NewCookie(Cookie.valueOf(""), "", 0, DateSource.taint(), false, false)); // $hasTaintFlow
|
||||
sink(new NewCookie(Cookie.valueOf(""), "", 0, new Date(), BooleanSource.taint(), false)); // $hasTaintFlow
|
||||
sink(new NewCookie(Cookie.valueOf(""), "", 0, new Date(), true, BooleanSource.taint())); // $hasTaintFlow
|
||||
sink(new NewCookie(Cookie.valueOf(taint()), "", 0, new Date(), true, true)); // $ hasTaintFlow
|
||||
sink(new NewCookie(Cookie.valueOf(""), taint(), 0, new Date(), true, false)); // $ hasTaintFlow
|
||||
sink(new NewCookie(Cookie.valueOf(""), "", IntSource.taint(), new Date(), false, true)); // $ hasTaintFlow
|
||||
sink(new NewCookie(Cookie.valueOf(""), "", 0, DateSource.taint(), false, false)); // $ hasTaintFlow
|
||||
sink(new NewCookie(Cookie.valueOf(""), "", 0, new Date(), BooleanSource.taint(), false)); // $ hasTaintFlow
|
||||
sink(new NewCookie(Cookie.valueOf(""), "", 0, new Date(), true, BooleanSource.taint())); // $ hasTaintFlow
|
||||
|
||||
sink(new NewCookie(taint(), "")); // $hasTaintFlow
|
||||
sink(new NewCookie("", taint())); // $hasTaintFlow
|
||||
sink(new NewCookie(taint(), "")); // $ hasTaintFlow
|
||||
sink(new NewCookie("", taint())); // $ hasTaintFlow
|
||||
|
||||
sink(new NewCookie(taint(), "", "", "", 0, "", 0, true)); // $hasTaintFlow
|
||||
sink(new NewCookie("", taint(), "", "", 0, "", 0, false)); // $hasTaintFlow
|
||||
sink(new NewCookie("", "", taint(), "", 0, "", 0, true)); // $hasTaintFlow
|
||||
sink(new NewCookie("", "", "", taint(), 0, "", 0, false)); // $hasTaintFlow
|
||||
sink(new NewCookie("", "", "", "", IntSource.taint(), "", 0, true)); // $hasTaintFlow
|
||||
sink(new NewCookie("", "", "", "", 0, taint(), 0, false)); // $hasTaintFlow
|
||||
sink(new NewCookie("", "", "", "", 0, "", IntSource.taint(), true)); // $hasTaintFlow
|
||||
sink(new NewCookie("", "", "", "", 0, "", 0, BooleanSource.taint())); // $hasTaintFlow
|
||||
sink(new NewCookie(taint(), "", "", "", 0, "", 0, true)); // $ hasTaintFlow
|
||||
sink(new NewCookie("", taint(), "", "", 0, "", 0, false)); // $ hasTaintFlow
|
||||
sink(new NewCookie("", "", taint(), "", 0, "", 0, true)); // $ hasTaintFlow
|
||||
sink(new NewCookie("", "", "", taint(), 0, "", 0, false)); // $ hasTaintFlow
|
||||
sink(new NewCookie("", "", "", "", IntSource.taint(), "", 0, true)); // $ hasTaintFlow
|
||||
sink(new NewCookie("", "", "", "", 0, taint(), 0, false)); // $ hasTaintFlow
|
||||
sink(new NewCookie("", "", "", "", 0, "", IntSource.taint(), true)); // $ hasTaintFlow
|
||||
sink(new NewCookie("", "", "", "", 0, "", 0, BooleanSource.taint())); // $ hasTaintFlow
|
||||
|
||||
sink(new NewCookie(taint(), "", "", "", 0, "", 0, new Date(), true, true)); // $hasTaintFlow
|
||||
sink(new NewCookie("", taint(), "", "", 0, "", 0, new Date(), false, true)); // $hasTaintFlow
|
||||
sink(new NewCookie("", "", taint(), "", 0, "", 0, new Date(), true, false)); // $hasTaintFlow
|
||||
sink(new NewCookie("", "", "", taint(), 0, "", 0, new Date(), false, false)); // $hasTaintFlow
|
||||
sink(new NewCookie("", "", "", "", IntSource.taint(), "", 0, new Date(), true, true)); // $hasTaintFlow
|
||||
sink(new NewCookie("", "", "", "", 0, taint(), 0, new Date(), true, false)); // $hasTaintFlow
|
||||
sink(new NewCookie("", "", "", "", 0, "", IntSource.taint(), new Date(), false, true)); // $hasTaintFlow
|
||||
sink(new NewCookie("", "", "", "", 0, "", 0, DateSource.taint(), false, false)); // $hasTaintFlow
|
||||
sink(new NewCookie("", "", "", "", 0, "", 0, new Date(), BooleanSource.taint(), true)); // $hasTaintFlow
|
||||
sink(new NewCookie("", "", "", "", 0, "", 0, new Date(), false, BooleanSource.taint())); // $hasTaintFlow
|
||||
sink(new NewCookie(taint(), "", "", "", 0, "", 0, new Date(), true, true)); // $ hasTaintFlow
|
||||
sink(new NewCookie("", taint(), "", "", 0, "", 0, new Date(), false, true)); // $ hasTaintFlow
|
||||
sink(new NewCookie("", "", taint(), "", 0, "", 0, new Date(), true, false)); // $ hasTaintFlow
|
||||
sink(new NewCookie("", "", "", taint(), 0, "", 0, new Date(), false, false)); // $ hasTaintFlow
|
||||
sink(new NewCookie("", "", "", "", IntSource.taint(), "", 0, new Date(), true, true)); // $ hasTaintFlow
|
||||
sink(new NewCookie("", "", "", "", 0, taint(), 0, new Date(), true, false)); // $ hasTaintFlow
|
||||
sink(new NewCookie("", "", "", "", 0, "", IntSource.taint(), new Date(), false, true)); // $ hasTaintFlow
|
||||
sink(new NewCookie("", "", "", "", 0, "", 0, DateSource.taint(), false, false)); // $ hasTaintFlow
|
||||
sink(new NewCookie("", "", "", "", 0, "", 0, new Date(), BooleanSource.taint(), true)); // $ hasTaintFlow
|
||||
sink(new NewCookie("", "", "", "", 0, "", 0, new Date(), false, BooleanSource.taint())); // $ hasTaintFlow
|
||||
|
||||
sink(new NewCookie(taint(), "", "", "", "", 0, true)); // $hasTaintFlow
|
||||
sink(new NewCookie("", taint(), "", "", "", 0, false)); // $hasTaintFlow
|
||||
sink(new NewCookie("", "", taint(), "", "", 0, true)); // $hasTaintFlow
|
||||
sink(new NewCookie("", "", "", taint(), "", 0, false)); // $hasTaintFlow
|
||||
sink(new NewCookie("", "", "", "", taint(), 0, false)); // $hasTaintFlow
|
||||
sink(new NewCookie("", "", "", "", "", IntSource.taint(), true)); // $hasTaintFlow
|
||||
sink(new NewCookie("", "", "", "", "", 0, BooleanSource.taint())); // $hasTaintFlow
|
||||
sink(new NewCookie(taint(), "", "", "", "", 0, true)); // $ hasTaintFlow
|
||||
sink(new NewCookie("", taint(), "", "", "", 0, false)); // $ hasTaintFlow
|
||||
sink(new NewCookie("", "", taint(), "", "", 0, true)); // $ hasTaintFlow
|
||||
sink(new NewCookie("", "", "", taint(), "", 0, false)); // $ hasTaintFlow
|
||||
sink(new NewCookie("", "", "", "", taint(), 0, false)); // $ hasTaintFlow
|
||||
sink(new NewCookie("", "", "", "", "", IntSource.taint(), true)); // $ hasTaintFlow
|
||||
sink(new NewCookie("", "", "", "", "", 0, BooleanSource.taint())); // $ hasTaintFlow
|
||||
|
||||
sink(new NewCookie(taint(), "", "", "", "", 0, true, true)); // $hasTaintFlow
|
||||
sink(new NewCookie("", taint(), "", "", "", 0, false, true)); // $hasTaintFlow
|
||||
sink(new NewCookie("", "", taint(), "", "", 0, true, false)); // $hasTaintFlow
|
||||
sink(new NewCookie("", "", "", taint(), "", 0, false, false)); // $hasTaintFlow
|
||||
sink(new NewCookie("", "", "", "", taint(), 0, true, true)); // $hasTaintFlow
|
||||
sink(new NewCookie("", "", "", "", "", IntSource.taint(), false, true)); // $hasTaintFlow
|
||||
sink(new NewCookie("", "", "", "", "", 0, BooleanSource.taint(), false)); // $hasTaintFlow
|
||||
sink(new NewCookie("", "", "", "", "", 0, true, BooleanSource.taint())); // $hasTaintFlow
|
||||
sink(new NewCookie(taint(), "", "", "", "", 0, true, true)); // $ hasTaintFlow
|
||||
sink(new NewCookie("", taint(), "", "", "", 0, false, true)); // $ hasTaintFlow
|
||||
sink(new NewCookie("", "", taint(), "", "", 0, true, false)); // $ hasTaintFlow
|
||||
sink(new NewCookie("", "", "", taint(), "", 0, false, false)); // $ hasTaintFlow
|
||||
sink(new NewCookie("", "", "", "", taint(), 0, true, true)); // $ hasTaintFlow
|
||||
sink(new NewCookie("", "", "", "", "", IntSource.taint(), false, true)); // $ hasTaintFlow
|
||||
sink(new NewCookie("", "", "", "", "", 0, BooleanSource.taint(), false)); // $ hasTaintFlow
|
||||
sink(new NewCookie("", "", "", "", "", 0, true, BooleanSource.taint())); // $ hasTaintFlow
|
||||
|
||||
sink(NewCookie.valueOf(taint()).getComment()); // $hasTaintFlow
|
||||
sink(NewCookie.valueOf(taint()).getExpiry()); // $hasTaintFlow
|
||||
sink(NewCookie.valueOf(taint()).getMaxAge()); // $hasTaintFlow
|
||||
sink(NewCookie.valueOf(taint()).toCookie()); // $hasTaintFlow
|
||||
sink(NewCookie.valueOf(taint())); // $hasTaintFlow
|
||||
sink(NewCookie.valueOf(taint()).getComment()); // $ hasTaintFlow
|
||||
sink(NewCookie.valueOf(taint()).getExpiry()); // $ hasTaintFlow
|
||||
sink(NewCookie.valueOf(taint()).getMaxAge()); // $ hasTaintFlow
|
||||
sink(NewCookie.valueOf(taint()).toCookie()); // $ hasTaintFlow
|
||||
sink(NewCookie.valueOf(taint())); // $ hasTaintFlow
|
||||
}
|
||||
|
||||
void testForm(MultivaluedMap<String, String> mm1, MultivaluedMap<String, String> mm2) {
|
||||
sink(new Form(taint(), "")); // $hasTaintFlow
|
||||
sink(new Form("", taint())); // $hasTaintFlow
|
||||
sink(new Form(taint(), "")); // $ hasTaintFlow
|
||||
sink(new Form("", taint())); // $ hasTaintFlow
|
||||
mm1.add(taint(), "value");
|
||||
sink(new Form(mm1)); // $hasTaintFlow
|
||||
sink(new Form(mm1)); // $ hasTaintFlow
|
||||
mm2.add("key", taint());
|
||||
sink(new Form(mm2)); // $hasTaintFlow
|
||||
sink(new Form(mm2)); // $ hasTaintFlow
|
||||
Form f1 = new Form(taint(), "");
|
||||
sink(f1.asMap()); // $hasTaintFlow
|
||||
sink(f1.asMap()); // $ hasTaintFlow
|
||||
Form f2 = new Form();
|
||||
sink(f2.param(taint(), "b")); // $hasTaintFlow
|
||||
sink(f2.param(taint(), "b")); // $ hasTaintFlow
|
||||
Form f3 = new Form();
|
||||
sink(f3.param("a", taint())); // $hasTaintFlow
|
||||
sink(f3.param("a", taint())); // $ hasTaintFlow
|
||||
Form f4 = new Form(taint(), "");
|
||||
sink(f4.param("a", "b")); // $hasTaintFlow
|
||||
sink(f4.param("a", "b")); // $ hasTaintFlow
|
||||
}
|
||||
|
||||
void testGenericEntity() {
|
||||
Method m = DummyJakarta.class.getMethods()[0];
|
||||
GenericEntity<Set<String>> ge = new GenericEntity<Set<String>>(SetStringSource.taint(), m.getGenericReturnType());
|
||||
sink(ge); // $hasTaintFlow
|
||||
sink(ge.getEntity()); // $hasTaintFlow
|
||||
sink(ge); // $ hasTaintFlow
|
||||
sink(ge.getEntity()); // $ hasTaintFlow
|
||||
}
|
||||
|
||||
void testMediaType(Map<String, String> m) {
|
||||
sink(new MediaType(taint(), "")); // $hasTaintFlow
|
||||
sink(new MediaType("", taint())); // $hasTaintFlow
|
||||
sink(new MediaType(taint(), "", m)); // $hasTaintFlow
|
||||
sink(new MediaType("", taint(), m)); // $hasTaintFlow
|
||||
sink(new MediaType("", "", taint(m))); // $hasTaintFlow
|
||||
sink(new MediaType(taint(), "", "")); // $hasTaintFlow
|
||||
sink(new MediaType("", taint(), "")); // $hasTaintFlow
|
||||
sink(new MediaType("", "", taint())); // $hasTaintFlow
|
||||
sink(MediaType.valueOf(taint()).getParameters()); // $hasTaintFlow
|
||||
sink(MediaType.valueOf(taint()).getSubtype()); // $hasTaintFlow
|
||||
sink(MediaType.valueOf(taint()).getType()); // $hasTaintFlow
|
||||
sink(MediaType.valueOf(taint())); // $hasTaintFlow
|
||||
sink(new MediaType(taint(), "")); // $ hasTaintFlow
|
||||
sink(new MediaType("", taint())); // $ hasTaintFlow
|
||||
sink(new MediaType(taint(), "", m)); // $ hasTaintFlow
|
||||
sink(new MediaType("", taint(), m)); // $ hasTaintFlow
|
||||
sink(new MediaType("", "", taint(m))); // $ hasTaintFlow
|
||||
sink(new MediaType(taint(), "", "")); // $ hasTaintFlow
|
||||
sink(new MediaType("", taint(), "")); // $ hasTaintFlow
|
||||
sink(new MediaType("", "", taint())); // $ hasTaintFlow
|
||||
sink(MediaType.valueOf(taint()).getParameters()); // $ hasTaintFlow
|
||||
sink(MediaType.valueOf(taint()).getSubtype()); // $ hasTaintFlow
|
||||
sink(MediaType.valueOf(taint()).getType()); // $ hasTaintFlow
|
||||
sink(MediaType.valueOf(taint())); // $ hasTaintFlow
|
||||
}
|
||||
|
||||
void testUriBuilder() throws Exception {
|
||||
sink(UriBuilder.fromPath("").build(taint())); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").build("", taint())); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").build(taint(), false)); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").build("", taint(), true)); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).build("")); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).build("", false)); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").build(taint())); // $ hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").build("", taint())); // $ hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").build(taint(), false)); // $ hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").build("", taint(), true)); // $ hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).build("")); // $ hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).build("", false)); // $ hasTaintFlow
|
||||
|
||||
sink(UriBuilder.fromPath("").buildFromEncoded(taint())); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").buildFromEncoded("", taint())); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).buildFromEncoded("")); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").buildFromEncodedMap(taint(new HashMap<String, String>()))); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).buildFromEncodedMap(new HashMap<String, String>())); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").buildFromMap(taint(new HashMap<String, String>()), false)); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).buildFromMap(new HashMap<String, String>(), true)); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").buildFromEncoded(taint())); // $ hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").buildFromEncoded("", taint())); // $ hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).buildFromEncoded("")); // $ hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").buildFromEncodedMap(taint(new HashMap<String, String>()))); // $ hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).buildFromEncodedMap(new HashMap<String, String>())); // $ hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").buildFromMap(taint(new HashMap<String, String>()), false)); // $ hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).buildFromMap(new HashMap<String, String>(), true)); // $ hasTaintFlow
|
||||
|
||||
sink(UriBuilder.fromPath(taint()).clone()); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").fragment(taint())); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).fragment("")); // $hasTaintFlow
|
||||
sink(UriBuilder.fromLink(taint(Link.valueOf("")))); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint())); // $hasTaintFlow
|
||||
sink(UriBuilder.fromUri(taint())); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").host(taint())); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).host("")); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).clone()); // $ hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").fragment(taint())); // $ hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).fragment("")); // $ hasTaintFlow
|
||||
sink(UriBuilder.fromLink(taint(Link.valueOf("")))); // $ hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint())); // $ hasTaintFlow
|
||||
sink(UriBuilder.fromUri(taint())); // $ hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").host(taint())); // $ hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).host("")); // $ hasTaintFlow
|
||||
|
||||
sink(UriBuilder.fromPath("").matrixParam(taint(), "")); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").matrixParam("", "", taint())); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).matrixParam("", "")); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").path(taint(DummyJakarta.class))); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").path(DummyJakarta.class, taint())); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).path(DummyJakarta.class)); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").queryParam(taint(), "")); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").queryParam("", "", taint())); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).queryParam("", "")); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").matrixParam(taint(), "")); // $ hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").matrixParam("", "", taint())); // $ hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).matrixParam("", "")); // $ hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").path(taint(DummyJakarta.class))); // $ hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").path(DummyJakarta.class, taint())); // $ hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).path(DummyJakarta.class)); // $ hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").queryParam(taint(), "")); // $ hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").queryParam("", "", taint())); // $ hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).queryParam("", "")); // $ hasTaintFlow
|
||||
|
||||
sink(UriBuilder.fromPath("").replaceMatrix(taint())); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).replaceMatrix("")); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").replaceMatrixParam(taint(), "")); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").replaceMatrixParam("", "", taint())); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).replaceMatrixParam("", "")); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").replacePath(taint())); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).replacePath("")); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").replaceQuery(taint())); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).replaceQuery("")); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").replaceQueryParam(taint(), "")); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").replaceQueryParam("", "", taint())); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).replaceQueryParam("", "")); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").replaceMatrix(taint())); // $ hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).replaceMatrix("")); // $ hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").replaceMatrixParam(taint(), "")); // $ hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").replaceMatrixParam("", "", taint())); // $ hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).replaceMatrixParam("", "")); // $ hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").replacePath(taint())); // $ hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).replacePath("")); // $ hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").replaceQuery(taint())); // $ hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).replaceQuery("")); // $ hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").replaceQueryParam(taint(), "")); // $ hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").replaceQueryParam("", "", taint())); // $ hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).replaceQueryParam("", "")); // $ hasTaintFlow
|
||||
|
||||
sink(UriBuilder.fromPath("").resolveTemplate(taint(), "")); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").resolveTemplate(taint(), "", false)); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").resolveTemplate("", taint())); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").resolveTemplate("", taint(), true)); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).resolveTemplate("", "")); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).resolveTemplate("", "", false)); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").resolveTemplateFromEncoded(taint(), "")); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").resolveTemplateFromEncoded("", taint())); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).resolveTemplateFromEncoded("", "")); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").resolveTemplate(taint(), "")); // $ hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").resolveTemplate(taint(), "", false)); // $ hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").resolveTemplate("", taint())); // $ hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").resolveTemplate("", taint(), true)); // $ hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).resolveTemplate("", "")); // $ hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).resolveTemplate("", "", false)); // $ hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").resolveTemplateFromEncoded(taint(), "")); // $ hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").resolveTemplateFromEncoded("", taint())); // $ hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).resolveTemplateFromEncoded("", "")); // $ hasTaintFlow
|
||||
|
||||
sink(UriBuilder.fromPath("").resolveTemplates(taint(new HashMap<String, Object>()))); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").resolveTemplates(taint(new HashMap<String, Object>()), true)); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).resolveTemplates(new HashMap<String, Object>())); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).resolveTemplates(new HashMap<String, Object>(), false)); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").resolveTemplatesFromEncoded(taint(new HashMap<String, Object>()))); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).resolveTemplatesFromEncoded(new HashMap<String, Object>())); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").resolveTemplates(taint(new HashMap<String, Object>()))); // $ hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").resolveTemplates(taint(new HashMap<String, Object>()), true)); // $ hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).resolveTemplates(new HashMap<String, Object>())); // $ hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).resolveTemplates(new HashMap<String, Object>(), false)); // $ hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").resolveTemplatesFromEncoded(taint(new HashMap<String, Object>()))); // $ hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).resolveTemplatesFromEncoded(new HashMap<String, Object>())); // $ hasTaintFlow
|
||||
|
||||
sink(UriBuilder.fromPath("").scheme(taint())); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).scheme("")); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").schemeSpecificPart(taint())); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).schemeSpecificPart("")); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").segment(taint(), "")); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").segment("", "", taint())); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).segment("", "")); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).toTemplate()); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").scheme(taint())); // $ hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).scheme("")); // $ hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").schemeSpecificPart(taint())); // $ hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).schemeSpecificPart("")); // $ hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").segment(taint(), "")); // $ hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").segment("", "", taint())); // $ hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).segment("", "")); // $ hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).toTemplate()); // $ hasTaintFlow
|
||||
|
||||
sink(UriBuilder.fromPath("").uri(taint())); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).uri("")); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").uri(UriSource.taint())); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).uri(new URI(""))); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").userInfo(taint())); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).userInfo("")); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").uri(taint())); // $ hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).uri("")); // $ hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").uri(UriSource.taint())); // $ hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).uri(new URI(""))); // $ hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").userInfo(taint())); // $ hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).userInfo("")); // $ hasTaintFlow
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -25,75 +25,75 @@ import javax.ws.rs.core.Response;
|
||||
import javax.ws.rs.ext.MessageBodyReader;
|
||||
|
||||
@Path("")
|
||||
public class JaxRs1 { // $RootResourceClass
|
||||
public JaxRs1() { // $InjectableConstructor
|
||||
public class JaxRs1 { // $ RootResourceClass
|
||||
public JaxRs1() { // $ InjectableConstructor
|
||||
}
|
||||
|
||||
@GET
|
||||
int Get() { // $ResourceMethod $ResourceMethodOnResourceClass
|
||||
return 0; // $XssSink
|
||||
int Get() { // $ ResourceMethod ResourceMethodOnResourceClass
|
||||
return 0; // $ XssSink
|
||||
}
|
||||
|
||||
@POST
|
||||
void Post() { // $ResourceMethod $ResourceMethodOnResourceClass
|
||||
void Post() { // $ ResourceMethod ResourceMethodOnResourceClass
|
||||
}
|
||||
|
||||
@Produces("text/plain") // $ProducesAnnotation=text/plain
|
||||
@Produces("text/plain") // $ ProducesAnnotation=text/plain
|
||||
@DELETE
|
||||
double Delete() { // $ResourceMethod=text/plain $ResourceMethodOnResourceClass
|
||||
return 0.0; // $XssSink
|
||||
double Delete() { // $ ResourceMethod=text/plain ResourceMethodOnResourceClass
|
||||
return 0.0; // $ XssSink
|
||||
}
|
||||
|
||||
@Produces(MediaType.TEXT_HTML) // $ProducesAnnotation=text/html
|
||||
@Produces(MediaType.TEXT_HTML) // $ ProducesAnnotation=text/html
|
||||
@PUT
|
||||
void Put() { // $ResourceMethod=text/html $ResourceMethodOnResourceClass
|
||||
void Put() { // $ ResourceMethod=text/html ResourceMethodOnResourceClass
|
||||
}
|
||||
|
||||
@OPTIONS
|
||||
void Options() { // $ResourceMethod $ResourceMethodOnResourceClass
|
||||
void Options() { // $ ResourceMethod ResourceMethodOnResourceClass
|
||||
}
|
||||
|
||||
@HEAD
|
||||
void Head() { // $ResourceMethod $ResourceMethodOnResourceClass
|
||||
void Head() { // $ ResourceMethod ResourceMethodOnResourceClass
|
||||
}
|
||||
|
||||
@Path("")
|
||||
NonRootResourceClass subResourceLocator() { // $SubResourceLocator
|
||||
NonRootResourceClass subResourceLocator() { // $ SubResourceLocator
|
||||
return null;
|
||||
}
|
||||
|
||||
public class NonRootResourceClass { // $NonRootResourceClass
|
||||
public class NonRootResourceClass { // $ NonRootResourceClass
|
||||
@GET
|
||||
int Get() { // $ResourceMethod $ResourceMethodOnResourceClass
|
||||
return 0; // $XssSink
|
||||
int Get() { // $ ResourceMethod ResourceMethodOnResourceClass
|
||||
return 0; // $ XssSink
|
||||
}
|
||||
|
||||
@Produces("text/html") // $ProducesAnnotation=text/html
|
||||
@Produces("text/html") // $ ProducesAnnotation=text/html
|
||||
@POST
|
||||
boolean Post() { // $ResourceMethod=text/html $ResourceMethodOnResourceClass
|
||||
boolean Post() { // $ ResourceMethod=text/html ResourceMethodOnResourceClass
|
||||
return false;
|
||||
}
|
||||
|
||||
@Produces(MediaType.TEXT_PLAIN) // $ProducesAnnotation=text/plain
|
||||
@Produces(MediaType.TEXT_PLAIN) // $ ProducesAnnotation=text/plain
|
||||
@DELETE
|
||||
double Delete() { // $ResourceMethod=text/plain $ResourceMethodOnResourceClass
|
||||
return 0.0; // $XssSink
|
||||
double Delete() { // $ ResourceMethod=text/plain ResourceMethodOnResourceClass
|
||||
return 0.0; // $ XssSink
|
||||
}
|
||||
|
||||
@Path("")
|
||||
AnotherNonRootResourceClass subResourceLocator1() { // $SubResourceLocator
|
||||
AnotherNonRootResourceClass subResourceLocator1() { // $ SubResourceLocator
|
||||
return null;
|
||||
}
|
||||
|
||||
@GET
|
||||
@Path("")
|
||||
NotAResourceClass1 NotASubResourceLocator1() { // $ResourceMethod $ResourceMethodOnResourceClass
|
||||
return null; // $XssSink
|
||||
NotAResourceClass1 NotASubResourceLocator1() { // $ ResourceMethod ResourceMethodOnResourceClass
|
||||
return null; // $ XssSink
|
||||
}
|
||||
|
||||
@GET
|
||||
NotAResourceClass2 NotASubResourceLocator2() { // $ResourceMethod $ResourceMethodOnResourceClass
|
||||
return null; // $XssSink
|
||||
NotAResourceClass2 NotASubResourceLocator2() { // $ ResourceMethod ResourceMethodOnResourceClass
|
||||
return null; // $ XssSink
|
||||
}
|
||||
|
||||
NotAResourceClass2 NotASubResourceLocator3() {
|
||||
@@ -102,50 +102,50 @@ public class JaxRs1 { // $RootResourceClass
|
||||
}
|
||||
}
|
||||
|
||||
class AnotherNonRootResourceClass { // $NonRootResourceClass
|
||||
class AnotherNonRootResourceClass { // $ NonRootResourceClass
|
||||
public AnotherNonRootResourceClass() {
|
||||
}
|
||||
|
||||
public AnotherNonRootResourceClass(
|
||||
@BeanParam int beanParam, // $InjectionAnnotation
|
||||
@CookieParam("") int cookieParam, // $InjectionAnnotation
|
||||
@FormParam("") int formParam, // $InjectionAnnotation
|
||||
@HeaderParam("") int headerParam, // $InjectionAnnotation
|
||||
@MatrixParam("") int matrixParam, // $InjectionAnnotation
|
||||
@PathParam("") int pathParam, // $InjectionAnnotation
|
||||
@QueryParam("") int queryParam, // $InjectionAnnotation
|
||||
@Context int context) { // $InjectionAnnotation
|
||||
@BeanParam int beanParam, // $ InjectionAnnotation
|
||||
@CookieParam("") int cookieParam, // $ InjectionAnnotation
|
||||
@FormParam("") int formParam, // $ InjectionAnnotation
|
||||
@HeaderParam("") int headerParam, // $ InjectionAnnotation
|
||||
@MatrixParam("") int matrixParam, // $ InjectionAnnotation
|
||||
@PathParam("") int pathParam, // $ InjectionAnnotation
|
||||
@QueryParam("") int queryParam, // $ InjectionAnnotation
|
||||
@Context int context) { // $ InjectionAnnotation
|
||||
}
|
||||
|
||||
@Path("")
|
||||
public void resourceMethodWithBeanParamParameter(@BeanParam Foo foo) { // $SubResourceLocator $InjectionAnnotation
|
||||
public void resourceMethodWithBeanParamParameter(@BeanParam Foo foo) { // $ SubResourceLocator InjectionAnnotation
|
||||
}
|
||||
}
|
||||
|
||||
class Foo {
|
||||
Foo() { // $BeanParamConstructor
|
||||
Foo() { // $ BeanParamConstructor
|
||||
}
|
||||
|
||||
public Foo( // $BeanParamConstructor
|
||||
@BeanParam int beanParam, // $InjectionAnnotation
|
||||
@CookieParam("") int cookieParam, // $InjectionAnnotation
|
||||
@FormParam("") int formParam, // $InjectionAnnotation
|
||||
@HeaderParam("") int headerParam, // $InjectionAnnotation
|
||||
@MatrixParam("") int matrixParam, // $InjectionAnnotation
|
||||
@PathParam("") int pathParam, // $InjectionAnnotation
|
||||
@QueryParam("") int queryParam, // $InjectionAnnotation
|
||||
@Context int context) { // $InjectionAnnotation
|
||||
public Foo( // $ BeanParamConstructor
|
||||
@BeanParam int beanParam, // $ InjectionAnnotation
|
||||
@CookieParam("") int cookieParam, // $ InjectionAnnotation
|
||||
@FormParam("") int formParam, // $ InjectionAnnotation
|
||||
@HeaderParam("") int headerParam, // $ InjectionAnnotation
|
||||
@MatrixParam("") int matrixParam, // $ InjectionAnnotation
|
||||
@PathParam("") int pathParam, // $ InjectionAnnotation
|
||||
@QueryParam("") int queryParam, // $ InjectionAnnotation
|
||||
@Context int context) { // $ InjectionAnnotation
|
||||
}
|
||||
|
||||
public Foo(
|
||||
@BeanParam int beanParam, // $InjectionAnnotation
|
||||
@CookieParam("") int cookieParam, // $InjectionAnnotation
|
||||
@FormParam("") int formParam, // $InjectionAnnotation
|
||||
@HeaderParam("") int headerParam, // $InjectionAnnotation
|
||||
@MatrixParam("") int matrixParam, // $InjectionAnnotation
|
||||
@PathParam("") int pathParam, // $InjectionAnnotation
|
||||
@QueryParam("") int queryParam, // $InjectionAnnotation
|
||||
@Context int context, // $InjectionAnnotation
|
||||
@BeanParam int beanParam, // $ InjectionAnnotation
|
||||
@CookieParam("") int cookieParam, // $ InjectionAnnotation
|
||||
@FormParam("") int formParam, // $ InjectionAnnotation
|
||||
@HeaderParam("") int headerParam, // $ InjectionAnnotation
|
||||
@MatrixParam("") int matrixParam, // $ InjectionAnnotation
|
||||
@PathParam("") int pathParam, // $ InjectionAnnotation
|
||||
@QueryParam("") int queryParam, // $ InjectionAnnotation
|
||||
@Context int context, // $ InjectionAnnotation
|
||||
int paramWithoutAnnotation) {
|
||||
}
|
||||
}
|
||||
@@ -158,58 +158,58 @@ class NotAResourceClass2 {
|
||||
|
||||
class ExtendsJaxRs1 extends JaxRs1 {
|
||||
@Override
|
||||
int Get() { // $ResourceMethod
|
||||
int Get() { // $ ResourceMethod
|
||||
return 1;
|
||||
}
|
||||
|
||||
@Override
|
||||
@QueryParam("") // $InjectionAnnotation
|
||||
@QueryParam("") // $ InjectionAnnotation
|
||||
void Post() {
|
||||
}
|
||||
|
||||
@Override
|
||||
double Delete() { // $ResourceMethod=text/plain
|
||||
double Delete() { // $ ResourceMethod=text/plain
|
||||
return 1.0;
|
||||
}
|
||||
|
||||
@Override
|
||||
void Put() { // $ResourceMethod=text/html
|
||||
void Put() { // $ ResourceMethod=text/html
|
||||
}
|
||||
|
||||
@Produces("application/json") // $ProducesAnnotation=application/json
|
||||
@Produces("application/json") // $ ProducesAnnotation=application/json
|
||||
@Override
|
||||
void Options() {
|
||||
}
|
||||
|
||||
@Produces(MediaType.TEXT_XML) // $ProducesAnnotation=text/xml
|
||||
@Produces(MediaType.TEXT_XML) // $ ProducesAnnotation=text/xml
|
||||
@Override
|
||||
void Head() {
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@Produces(MediaType.TEXT_XML) // $ProducesAnnotation=text/xml
|
||||
@Produces(MediaType.TEXT_XML) // $ ProducesAnnotation=text/xml
|
||||
class ExtendsJaxRs1WithProducesAnnotation extends JaxRs1 {
|
||||
@Override
|
||||
int Get() { // $ResourceMethod=text/xml
|
||||
int Get() { // $ ResourceMethod=text/xml
|
||||
return 2;
|
||||
}
|
||||
|
||||
@Override
|
||||
@QueryParam("") // $InjectionAnnotation
|
||||
@QueryParam("") // $ InjectionAnnotation
|
||||
void Post() {
|
||||
}
|
||||
|
||||
@Override
|
||||
double Delete() { // $ResourceMethod=text/plain
|
||||
double Delete() { // $ ResourceMethod=text/plain
|
||||
return 2.0;
|
||||
}
|
||||
|
||||
@Override
|
||||
void Put() { // $ResourceMethod=text/html
|
||||
void Put() { // $ ResourceMethod=text/html
|
||||
}
|
||||
|
||||
@Override
|
||||
void Options() { // $ResourceMethod=text/xml
|
||||
void Options() { // $ ResourceMethod=text/xml
|
||||
}
|
||||
}
|
||||
@@ -25,49 +25,49 @@ import javax.ws.rs.core.Response;
|
||||
import javax.ws.rs.ext.MessageBodyReader;
|
||||
|
||||
@Path("")
|
||||
class JaxRs2 { // $RootResourceClass
|
||||
class JaxRs2 { // $ RootResourceClass
|
||||
JaxRs2() {
|
||||
}
|
||||
|
||||
public JaxRs2(// $InjectableConstructor
|
||||
@BeanParam int beanParam, // $InjectionAnnotation
|
||||
@CookieParam("") int cookieParam, // $InjectionAnnotation
|
||||
@FormParam("") int formParam, // $InjectionAnnotation
|
||||
@HeaderParam("") int headerParam, // $InjectionAnnotation
|
||||
@MatrixParam("") int matrixParam, // $InjectionAnnotation
|
||||
@PathParam("") int pathParam, // $InjectionAnnotation
|
||||
@QueryParam("") int queryParam, // $InjectionAnnotation
|
||||
@Context int context) { // $InjectionAnnotation
|
||||
public JaxRs2(// $ InjectableConstructor
|
||||
@BeanParam int beanParam, // $ InjectionAnnotation
|
||||
@CookieParam("") int cookieParam, // $ InjectionAnnotation
|
||||
@FormParam("") int formParam, // $ InjectionAnnotation
|
||||
@HeaderParam("") int headerParam, // $ InjectionAnnotation
|
||||
@MatrixParam("") int matrixParam, // $ InjectionAnnotation
|
||||
@PathParam("") int pathParam, // $ InjectionAnnotation
|
||||
@QueryParam("") int queryParam, // $ InjectionAnnotation
|
||||
@Context int context) { // $ InjectionAnnotation
|
||||
}
|
||||
|
||||
public JaxRs2(
|
||||
@BeanParam int beanParam, // $InjectionAnnotation
|
||||
@CookieParam("") int cookieParam, // $InjectionAnnotation
|
||||
@FormParam("") int formParam, // $InjectionAnnotation
|
||||
@HeaderParam("") int headerParam, // $InjectionAnnotation
|
||||
@MatrixParam("") int matrixParam, // $InjectionAnnotation
|
||||
@PathParam("") int pathParam, // $InjectionAnnotation
|
||||
@QueryParam("") int queryParam, // $InjectionAnnotation
|
||||
@Context int context, // $InjectionAnnotation
|
||||
@BeanParam int beanParam, // $ InjectionAnnotation
|
||||
@CookieParam("") int cookieParam, // $ InjectionAnnotation
|
||||
@FormParam("") int formParam, // $ InjectionAnnotation
|
||||
@HeaderParam("") int headerParam, // $ InjectionAnnotation
|
||||
@MatrixParam("") int matrixParam, // $ InjectionAnnotation
|
||||
@PathParam("") int pathParam, // $ InjectionAnnotation
|
||||
@QueryParam("") int queryParam, // $ InjectionAnnotation
|
||||
@Context int context, // $ InjectionAnnotation
|
||||
int paramWithoutAnnotation) {
|
||||
}
|
||||
|
||||
@BeanParam // $InjectionAnnotation
|
||||
int beanField; // $InjectableField
|
||||
@CookieParam("") // $InjectionAnnotation
|
||||
int cookieField; // $InjectableField
|
||||
@FormParam("") // $InjectionAnnotation
|
||||
int formField; // $InjectableField
|
||||
@HeaderParam("") // $InjectionAnnotation
|
||||
int headerField; // $InjectableField
|
||||
@MatrixParam("") // $InjectionAnnotation
|
||||
int matrixField; // $InjectableField
|
||||
@PathParam("") // $InjectionAnnotation
|
||||
int pathField; // $InjectableField
|
||||
@QueryParam("") // $InjectionAnnotation
|
||||
int queryField; // $InjectableField
|
||||
@Context // $InjectionAnnotation
|
||||
int context; // $InjectableField
|
||||
@BeanParam // $ InjectionAnnotation
|
||||
int beanField; // $ InjectableField
|
||||
@CookieParam("") // $ InjectionAnnotation
|
||||
int cookieField; // $ InjectableField
|
||||
@FormParam("") // $ InjectionAnnotation
|
||||
int formField; // $ InjectableField
|
||||
@HeaderParam("") // $ InjectionAnnotation
|
||||
int headerField; // $ InjectableField
|
||||
@MatrixParam("") // $ InjectionAnnotation
|
||||
int matrixField; // $ InjectableField
|
||||
@PathParam("") // $ InjectionAnnotation
|
||||
int pathField; // $ InjectableField
|
||||
@QueryParam("") // $ InjectionAnnotation
|
||||
int queryField; // $ InjectableField
|
||||
@Context // $ InjectionAnnotation
|
||||
int context; // $ InjectableField
|
||||
int fieldWithoutAnnotation;
|
||||
}
|
||||
|
||||
@@ -86,14 +86,14 @@ class CustomUnmarshaller implements MessageBodyReader {
|
||||
}
|
||||
|
||||
class Miscellaneous {
|
||||
@Consumes("") // $ConsumesAnnotation
|
||||
@Consumes("") // $ ConsumesAnnotation
|
||||
public static void miscellaneous() throws IOException {
|
||||
Response.ResponseBuilder responseBuilder = Response.accepted(); // $ResponseBuilderDeclaration
|
||||
Response response = responseBuilder.build(); // $ResponseDeclaration
|
||||
Client client; // $ClientDeclaration
|
||||
MessageBodyReader<String> messageBodyReader = null; // $MessageBodyReaderDeclaration
|
||||
messageBodyReader.readFrom(null, null, null, null, null, null); // $MessageBodyReaderReadFromCall $MessageBodyReaderReadCall
|
||||
Response.ResponseBuilder responseBuilder = Response.accepted(); // $ ResponseBuilderDeclaration
|
||||
Response response = responseBuilder.build(); // $ ResponseDeclaration
|
||||
Client client; // $ ClientDeclaration
|
||||
MessageBodyReader<String> messageBodyReader = null; // $ MessageBodyReaderDeclaration
|
||||
messageBodyReader.readFrom(null, null, null, null, null, null); // $ MessageBodyReaderReadFromCall MessageBodyReaderReadCall
|
||||
CustomUnmarshaller customUnmarshaller = null;
|
||||
customUnmarshaller.readFrom(null, null, null, null, null, null); // $MessageBodyReaderReadCall
|
||||
customUnmarshaller.readFrom(null, null, null, null, null, null); // $ MessageBodyReaderReadCall
|
||||
}
|
||||
}
|
||||
@@ -71,84 +71,84 @@ public class JaxRsFlow {
|
||||
void sink(Object o) {}
|
||||
|
||||
void testResponse() {
|
||||
sink(Response.accepted(taint())); // $hasTaintFlow
|
||||
sink(Response.fromResponse(ResponseSource.taint())); // $hasTaintFlow
|
||||
sink(Response.ok(taint())); // $hasTaintFlow
|
||||
sink(Response.ok(taint(), new MediaType())); // $hasTaintFlow
|
||||
sink(Response.ok(taint(), "type")); // $hasTaintFlow
|
||||
sink(Response.ok(taint(), new Variant(new MediaType(), "", ""))); // $hasTaintFlow
|
||||
sink(Response.accepted(taint())); // $ hasTaintFlow
|
||||
sink(Response.fromResponse(ResponseSource.taint())); // $ hasTaintFlow
|
||||
sink(Response.ok(taint())); // $ hasTaintFlow
|
||||
sink(Response.ok(taint(), new MediaType())); // $ hasTaintFlow
|
||||
sink(Response.ok(taint(), "type")); // $ hasTaintFlow
|
||||
sink(Response.ok(taint(), new Variant(new MediaType(), "", ""))); // $ hasTaintFlow
|
||||
}
|
||||
|
||||
void testResponseBuilder(MultivaluedMap<String,Object> multivaluedMap, List<Variant> list) throws Exception {
|
||||
sink(ResponseBuilderSource.taint().build()); // $hasTaintFlow
|
||||
sink(Response.noContent().entity(taint())); // $hasTaintFlow
|
||||
sink(ResponseBuilderSource.taint().allow(new HashSet<String>())); // $hasValueFlow
|
||||
sink(ResponseBuilderSource.taint().cacheControl(new CacheControl())); // $hasValueFlow
|
||||
sink(ResponseBuilderSource.taint().clone()); // $hasTaintFlow
|
||||
sink(ResponseBuilderSource.taint().contentLocation(new URI(""))); // $hasValueFlow
|
||||
sink(ResponseBuilderSource.taint().cookie()); // $hasValueFlow
|
||||
sink(ResponseBuilderSource.taint().encoding("")); // $hasValueFlow
|
||||
sink(ResponseBuilderSource.taint().entity("")); // $hasValueFlow
|
||||
sink(ResponseBuilderSource.taint().expires(new Date())); // $hasValueFlow
|
||||
sink(ResponseBuilderSource.taint().header("", "")); // $hasValueFlow
|
||||
sink(ResponseBuilderSource.taint().language("")); // $hasValueFlow
|
||||
sink(ResponseBuilderSource.taint().lastModified(new Date())); // $hasValueFlow
|
||||
sink(ResponseBuilderSource.taint().link("", "")); // $hasValueFlow
|
||||
sink(ResponseBuilderSource.taint().link(new URI(""), "")); // $hasValueFlow
|
||||
sink(ResponseBuilderSource.taint().links()); // $hasValueFlow
|
||||
sink(ResponseBuilderSource.taint().location(new URI(""))); // $hasValueFlow
|
||||
sink(ResponseBuilderSource.taint().replaceAll(multivaluedMap)); // $hasValueFlow
|
||||
sink(ResponseBuilderSource.taint().status(400)); // $hasValueFlow
|
||||
sink(ResponseBuilderSource.taint().tag(new EntityTag(""))); // $hasValueFlow
|
||||
sink(ResponseBuilderSource.taint().tag("")); // $hasValueFlow
|
||||
sink(ResponseBuilderSource.taint().type("")); // $hasValueFlow
|
||||
sink(ResponseBuilderSource.taint().variant(new Variant(new MediaType(), "", ""))); // $hasValueFlow
|
||||
sink(ResponseBuilderSource.taint().variants(list)); // $hasValueFlow
|
||||
sink(ResponseBuilderSource.taint().variants()); // $hasValueFlow
|
||||
sink(ResponseBuilderSource.taint().build()); // $ hasTaintFlow
|
||||
sink(Response.noContent().entity(taint())); // $ hasTaintFlow
|
||||
sink(ResponseBuilderSource.taint().allow(new HashSet<String>())); // $ hasValueFlow
|
||||
sink(ResponseBuilderSource.taint().cacheControl(new CacheControl())); // $ hasValueFlow
|
||||
sink(ResponseBuilderSource.taint().clone()); // $ hasTaintFlow
|
||||
sink(ResponseBuilderSource.taint().contentLocation(new URI(""))); // $ hasValueFlow
|
||||
sink(ResponseBuilderSource.taint().cookie()); // $ hasValueFlow
|
||||
sink(ResponseBuilderSource.taint().encoding("")); // $ hasValueFlow
|
||||
sink(ResponseBuilderSource.taint().entity("")); // $ hasValueFlow
|
||||
sink(ResponseBuilderSource.taint().expires(new Date())); // $ hasValueFlow
|
||||
sink(ResponseBuilderSource.taint().header("", "")); // $ hasValueFlow
|
||||
sink(ResponseBuilderSource.taint().language("")); // $ hasValueFlow
|
||||
sink(ResponseBuilderSource.taint().lastModified(new Date())); // $ hasValueFlow
|
||||
sink(ResponseBuilderSource.taint().link("", "")); // $ hasValueFlow
|
||||
sink(ResponseBuilderSource.taint().link(new URI(""), "")); // $ hasValueFlow
|
||||
sink(ResponseBuilderSource.taint().links()); // $ hasValueFlow
|
||||
sink(ResponseBuilderSource.taint().location(new URI(""))); // $ hasValueFlow
|
||||
sink(ResponseBuilderSource.taint().replaceAll(multivaluedMap)); // $ hasValueFlow
|
||||
sink(ResponseBuilderSource.taint().status(400)); // $ hasValueFlow
|
||||
sink(ResponseBuilderSource.taint().tag(new EntityTag(""))); // $ hasValueFlow
|
||||
sink(ResponseBuilderSource.taint().tag("")); // $ hasValueFlow
|
||||
sink(ResponseBuilderSource.taint().type("")); // $ hasValueFlow
|
||||
sink(ResponseBuilderSource.taint().variant(new Variant(new MediaType(), "", ""))); // $ hasValueFlow
|
||||
sink(ResponseBuilderSource.taint().variants(list)); // $ hasValueFlow
|
||||
sink(ResponseBuilderSource.taint().variants()); // $ hasValueFlow
|
||||
}
|
||||
|
||||
void testHttpHeaders(HttpHeaders h) {
|
||||
sink(taint(h).getAcceptableLanguages()); // $hasTaintFlow
|
||||
sink(taint(h).getAcceptableMediaTypes()); // $hasTaintFlow
|
||||
sink(taint(h).getCookies()); // $hasTaintFlow
|
||||
sink(taint(h).getHeaderString("")); // $hasTaintFlow
|
||||
sink(taint(h).getLanguage()); // $hasTaintFlow
|
||||
sink(taint(h).getMediaType()); // $hasTaintFlow
|
||||
sink(taint(h).getRequestHeader("")); // $hasTaintFlow
|
||||
sink(taint(h).getRequestHeaders()); // $hasTaintFlow
|
||||
sink(taint(h).getAcceptableLanguages()); // $ hasTaintFlow
|
||||
sink(taint(h).getAcceptableMediaTypes()); // $ hasTaintFlow
|
||||
sink(taint(h).getCookies()); // $ hasTaintFlow
|
||||
sink(taint(h).getHeaderString("")); // $ hasTaintFlow
|
||||
sink(taint(h).getLanguage()); // $ hasTaintFlow
|
||||
sink(taint(h).getMediaType()); // $ hasTaintFlow
|
||||
sink(taint(h).getRequestHeader("")); // $ hasTaintFlow
|
||||
sink(taint(h).getRequestHeaders()); // $ hasTaintFlow
|
||||
}
|
||||
|
||||
void testMultivaluedMapAdd(MultivaluedMap<String, String> mm1, MultivaluedMap<String, String> mm2) {
|
||||
mm1.add(taint(), "value");
|
||||
sink(mm1.keySet().iterator().next()); // $hasValueFlow
|
||||
sink(mm1.keySet().iterator().next()); // $ hasValueFlow
|
||||
mm2.add("key", taint());
|
||||
sink(mm2.get("key").get(0)); // $hasValueFlow
|
||||
sink(mm2.get("key").get(0)); // $ hasValueFlow
|
||||
}
|
||||
|
||||
void testMultivaluedMapAddAll(MultivaluedMap<String, String> mm1, MultivaluedMap<String, String> mm2, MultivaluedMap<String, String> mm3) {
|
||||
mm1.addAll(taint(), "a", "b");
|
||||
sink(mm1.keySet().iterator().next()); // $hasValueFlow
|
||||
sink(mm1.keySet().iterator().next()); // $ hasValueFlow
|
||||
List<String> l = new ArrayList<String>();
|
||||
l.add(taint());
|
||||
mm2.addAll("key", l);
|
||||
sink(mm2.get("key").get(0)); // $hasValueFlow
|
||||
sink(mm2.get("key").get(0)); // $ hasValueFlow
|
||||
mm3.addAll("key", "a", taint());
|
||||
sink(mm3.get("key").get(0)); // $hasValueFlow
|
||||
sink(mm3.get("key").get(0)); // $ hasValueFlow
|
||||
}
|
||||
|
||||
void testMultivaluedMapAddFirst(MultivaluedMap<String, String> mm1, MultivaluedMap<String, String> mm2) {
|
||||
mm1.addFirst(taint(), "value");
|
||||
sink(mm1.keySet().iterator().next()); // $hasValueFlow
|
||||
sink(mm1.keySet().iterator().next()); // $ hasValueFlow
|
||||
mm2.addFirst("key", taint());
|
||||
sink(mm2.get("key").get(0)); // $hasValueFlow
|
||||
sink(mm2.getFirst("key")); // $hasValueFlow
|
||||
sink(mm2.get("key").get(0)); // $ hasValueFlow
|
||||
sink(mm2.getFirst("key")); // $ hasValueFlow
|
||||
}
|
||||
|
||||
void testMultivaluedMapputSingle(MultivaluedMap<String, String> mm1, MultivaluedMap<String, String> mm2) {
|
||||
mm1.putSingle(taint(), "value");
|
||||
sink(mm1.keySet().iterator().next()); // $hasValueFlow
|
||||
sink(mm1.keySet().iterator().next()); // $ hasValueFlow
|
||||
mm2.putSingle("key", taint());
|
||||
sink(mm2.get("key").get(0)); // $hasValueFlow
|
||||
sink(mm2.get("key").get(0)); // $ hasValueFlow
|
||||
}
|
||||
|
||||
class MyAbstractMultivaluedMap<K, V> extends AbstractMultivaluedMap<K, V> {
|
||||
@@ -160,248 +160,248 @@ public class JaxRsFlow {
|
||||
void testAbstractMultivaluedMap(Map<String, List<String>> map1, Map<String, List<String>> map2, List<String> list) {
|
||||
map1.put(taint(), list);
|
||||
AbstractMultivaluedMap<String, String> amm1 = new MyAbstractMultivaluedMap<String, String>(map1);
|
||||
sink(amm1.keySet().iterator().next()); // $ MISSING: hasValueFlow
|
||||
sink(amm1.keySet().iterator().next()); // $ MISSING: hasValueFlow
|
||||
|
||||
list.add(taint());
|
||||
map2.put("key", list);
|
||||
AbstractMultivaluedMap<String, String> amm2 = new MyAbstractMultivaluedMap<String, String>(map2);
|
||||
sink(amm2.get("key").get(0)); // $ MISSING: hasValueFlow SPURIOUS: hasTaintFlow
|
||||
sink(amm2.get("key").get(0)); // $ MISSING: hasValueFlow SPURIOUS: hasTaintFlow
|
||||
}
|
||||
|
||||
void testMultivaluedHashMap(Map<String, String> map1, Map<String, String> map2,
|
||||
MultivaluedMap<String, String> mm1, MultivaluedMap<String, String> mm2) {
|
||||
map1.put(taint(), "value");
|
||||
MultivaluedHashMap<String, String> mhm1 = new MultivaluedHashMap<String, String>(map1);
|
||||
sink(mhm1.keySet().iterator().next()); // $hasValueFlow
|
||||
sink(mhm1.keySet().iterator().next()); // $ hasValueFlow
|
||||
|
||||
map2.put("key", taint());
|
||||
MultivaluedHashMap<String, String> mhm2 = new MultivaluedHashMap<String, String>(map2);
|
||||
sink(mhm2.get("key").get(0)); // $hasValueFlow
|
||||
sink(mhm2.get("key").get(0)); // $ hasValueFlow
|
||||
|
||||
mm1.add(taint(), "value");
|
||||
MultivaluedHashMap<String, String> mhm3 = new MultivaluedHashMap<String, String>(mm1);
|
||||
sink(mhm3.keySet().iterator().next()); // $hasValueFlow
|
||||
sink(mhm3.keySet().iterator().next()); // $ hasValueFlow
|
||||
|
||||
mm2.add("key", taint());
|
||||
MultivaluedHashMap<String, String> mhm4 = new MultivaluedHashMap<String, String>(mm2);
|
||||
sink(mhm4.get("key").get(0)); // $hasValueFlow
|
||||
sink(mhm4.get("key").get(0)); // $ hasValueFlow
|
||||
}
|
||||
|
||||
void testPathSegment(PathSegment ps1, PathSegment ps2) {
|
||||
sink(taint(ps1).getMatrixParameters()); // $hasTaintFlow
|
||||
sink(taint(ps2).getPath()); // $hasTaintFlow
|
||||
sink(taint(ps1).getMatrixParameters()); // $ hasTaintFlow
|
||||
sink(taint(ps2).getPath()); // $ hasTaintFlow
|
||||
}
|
||||
|
||||
void testUriInfo(UriInfo ui1, UriInfo ui2, UriInfo ui3, UriInfo ui4, UriInfo ui5) {
|
||||
sink(taint(ui1).getPathParameters()); // $hasTaintFlow
|
||||
sink(taint(ui2).getPathSegments()); // $hasTaintFlow
|
||||
sink(taint(ui2).getQueryParameters()); // $hasTaintFlow
|
||||
sink(taint(ui2).getRequestUri()); // $hasTaintFlow
|
||||
sink(taint(ui2).getRequestUriBuilder()); // $hasTaintFlow
|
||||
sink(taint(ui1).getPathParameters()); // $ hasTaintFlow
|
||||
sink(taint(ui2).getPathSegments()); // $ hasTaintFlow
|
||||
sink(taint(ui2).getQueryParameters()); // $ hasTaintFlow
|
||||
sink(taint(ui2).getRequestUri()); // $ hasTaintFlow
|
||||
sink(taint(ui2).getRequestUriBuilder()); // $ hasTaintFlow
|
||||
}
|
||||
|
||||
void testCookie() {
|
||||
sink(new Cookie(taint(), "", "", "", 0)); // $hasTaintFlow
|
||||
sink(new Cookie("", taint(), "", "", 0)); // $hasTaintFlow
|
||||
sink(new Cookie("", "", taint(), "", 0)); // $hasTaintFlow
|
||||
sink(new Cookie("", "", "", taint(), 0)); // $hasTaintFlow
|
||||
sink(new Cookie("", "", "", "", IntSource.taint())); // $hasTaintFlow
|
||||
sink(new Cookie(taint(), "", "", "")); // $hasTaintFlow
|
||||
sink(new Cookie("", taint(), "", "")); // $hasTaintFlow
|
||||
sink(new Cookie("", "", taint(), "")); // $hasTaintFlow
|
||||
sink(new Cookie("", "", "", taint())); // $hasTaintFlow
|
||||
sink(new Cookie(taint(), "")); // $hasTaintFlow
|
||||
sink(new Cookie("", taint())); // $hasTaintFlow
|
||||
sink(Cookie.valueOf(taint())); // $hasTaintFlow
|
||||
sink(Cookie.valueOf(taint()).getDomain()); // $hasTaintFlow
|
||||
sink(Cookie.valueOf(taint()).getName()); // $hasTaintFlow
|
||||
sink(Cookie.valueOf(taint()).getPath()); // $hasTaintFlow
|
||||
sink(Cookie.valueOf(taint()).getValue()); // $hasTaintFlow
|
||||
sink(Cookie.valueOf(taint()).getVersion()); // $hasTaintFlow
|
||||
sink(Cookie.valueOf(taint()).toString()); // $hasTaintFlow
|
||||
sink(new Cookie(taint(), "", "", "", 0)); // $ hasTaintFlow
|
||||
sink(new Cookie("", taint(), "", "", 0)); // $ hasTaintFlow
|
||||
sink(new Cookie("", "", taint(), "", 0)); // $ hasTaintFlow
|
||||
sink(new Cookie("", "", "", taint(), 0)); // $ hasTaintFlow
|
||||
sink(new Cookie("", "", "", "", IntSource.taint())); // $ hasTaintFlow
|
||||
sink(new Cookie(taint(), "", "", "")); // $ hasTaintFlow
|
||||
sink(new Cookie("", taint(), "", "")); // $ hasTaintFlow
|
||||
sink(new Cookie("", "", taint(), "")); // $ hasTaintFlow
|
||||
sink(new Cookie("", "", "", taint())); // $ hasTaintFlow
|
||||
sink(new Cookie(taint(), "")); // $ hasTaintFlow
|
||||
sink(new Cookie("", taint())); // $ hasTaintFlow
|
||||
sink(Cookie.valueOf(taint())); // $ hasTaintFlow
|
||||
sink(Cookie.valueOf(taint()).getDomain()); // $ hasTaintFlow
|
||||
sink(Cookie.valueOf(taint()).getName()); // $ hasTaintFlow
|
||||
sink(Cookie.valueOf(taint()).getPath()); // $ hasTaintFlow
|
||||
sink(Cookie.valueOf(taint()).getValue()); // $ hasTaintFlow
|
||||
sink(Cookie.valueOf(taint()).getVersion()); // $ hasTaintFlow
|
||||
sink(Cookie.valueOf(taint()).toString()); // $ hasTaintFlow
|
||||
}
|
||||
|
||||
void testNewCookie() {
|
||||
sink(new NewCookie(Cookie.valueOf(taint()))); // $hasTaintFlow
|
||||
sink(new NewCookie(Cookie.valueOf(taint()))); // $ hasTaintFlow
|
||||
|
||||
sink(new NewCookie(Cookie.valueOf(taint()), "", 0, true)); // $hasTaintFlow
|
||||
sink(new NewCookie(Cookie.valueOf(""), taint(), 0, false)); // $hasTaintFlow
|
||||
sink(new NewCookie(Cookie.valueOf(""), "", IntSource.taint(), true)); // $hasTaintFlow
|
||||
sink(new NewCookie(Cookie.valueOf(""), "", 0, BooleanSource.taint())); // $hasTaintFlow
|
||||
sink(new NewCookie(Cookie.valueOf(taint()), "", 0, true)); // $ hasTaintFlow
|
||||
sink(new NewCookie(Cookie.valueOf(""), taint(), 0, false)); // $ hasTaintFlow
|
||||
sink(new NewCookie(Cookie.valueOf(""), "", IntSource.taint(), true)); // $ hasTaintFlow
|
||||
sink(new NewCookie(Cookie.valueOf(""), "", 0, BooleanSource.taint())); // $ hasTaintFlow
|
||||
|
||||
sink(new NewCookie(Cookie.valueOf(taint()), "", 0, new Date(), true, true)); // $hasTaintFlow
|
||||
sink(new NewCookie(Cookie.valueOf(""), taint(), 0, new Date(), true, false)); // $hasTaintFlow
|
||||
sink(new NewCookie(Cookie.valueOf(""), "", IntSource.taint(), new Date(), false, true)); // $hasTaintFlow
|
||||
sink(new NewCookie(Cookie.valueOf(""), "", 0, DateSource.taint(), false, false)); // $hasTaintFlow
|
||||
sink(new NewCookie(Cookie.valueOf(""), "", 0, new Date(), BooleanSource.taint(), false)); // $hasTaintFlow
|
||||
sink(new NewCookie(Cookie.valueOf(""), "", 0, new Date(), true, BooleanSource.taint())); // $hasTaintFlow
|
||||
sink(new NewCookie(Cookie.valueOf(taint()), "", 0, new Date(), true, true)); // $ hasTaintFlow
|
||||
sink(new NewCookie(Cookie.valueOf(""), taint(), 0, new Date(), true, false)); // $ hasTaintFlow
|
||||
sink(new NewCookie(Cookie.valueOf(""), "", IntSource.taint(), new Date(), false, true)); // $ hasTaintFlow
|
||||
sink(new NewCookie(Cookie.valueOf(""), "", 0, DateSource.taint(), false, false)); // $ hasTaintFlow
|
||||
sink(new NewCookie(Cookie.valueOf(""), "", 0, new Date(), BooleanSource.taint(), false)); // $ hasTaintFlow
|
||||
sink(new NewCookie(Cookie.valueOf(""), "", 0, new Date(), true, BooleanSource.taint())); // $ hasTaintFlow
|
||||
|
||||
sink(new NewCookie(taint(), "")); // $hasTaintFlow
|
||||
sink(new NewCookie("", taint())); // $hasTaintFlow
|
||||
sink(new NewCookie(taint(), "")); // $ hasTaintFlow
|
||||
sink(new NewCookie("", taint())); // $ hasTaintFlow
|
||||
|
||||
sink(new NewCookie(taint(), "", "", "", 0, "", 0, true)); // $hasTaintFlow
|
||||
sink(new NewCookie("", taint(), "", "", 0, "", 0, false)); // $hasTaintFlow
|
||||
sink(new NewCookie("", "", taint(), "", 0, "", 0, true)); // $hasTaintFlow
|
||||
sink(new NewCookie("", "", "", taint(), 0, "", 0, false)); // $hasTaintFlow
|
||||
sink(new NewCookie("", "", "", "", IntSource.taint(), "", 0, true)); // $hasTaintFlow
|
||||
sink(new NewCookie("", "", "", "", 0, taint(), 0, false)); // $hasTaintFlow
|
||||
sink(new NewCookie("", "", "", "", 0, "", IntSource.taint(), true)); // $hasTaintFlow
|
||||
sink(new NewCookie("", "", "", "", 0, "", 0, BooleanSource.taint())); // $hasTaintFlow
|
||||
sink(new NewCookie(taint(), "", "", "", 0, "", 0, true)); // $ hasTaintFlow
|
||||
sink(new NewCookie("", taint(), "", "", 0, "", 0, false)); // $ hasTaintFlow
|
||||
sink(new NewCookie("", "", taint(), "", 0, "", 0, true)); // $ hasTaintFlow
|
||||
sink(new NewCookie("", "", "", taint(), 0, "", 0, false)); // $ hasTaintFlow
|
||||
sink(new NewCookie("", "", "", "", IntSource.taint(), "", 0, true)); // $ hasTaintFlow
|
||||
sink(new NewCookie("", "", "", "", 0, taint(), 0, false)); // $ hasTaintFlow
|
||||
sink(new NewCookie("", "", "", "", 0, "", IntSource.taint(), true)); // $ hasTaintFlow
|
||||
sink(new NewCookie("", "", "", "", 0, "", 0, BooleanSource.taint())); // $ hasTaintFlow
|
||||
|
||||
sink(new NewCookie(taint(), "", "", "", 0, "", 0, new Date(), true, true)); // $hasTaintFlow
|
||||
sink(new NewCookie("", taint(), "", "", 0, "", 0, new Date(), false, true)); // $hasTaintFlow
|
||||
sink(new NewCookie("", "", taint(), "", 0, "", 0, new Date(), true, false)); // $hasTaintFlow
|
||||
sink(new NewCookie("", "", "", taint(), 0, "", 0, new Date(), false, false)); // $hasTaintFlow
|
||||
sink(new NewCookie("", "", "", "", IntSource.taint(), "", 0, new Date(), true, true)); // $hasTaintFlow
|
||||
sink(new NewCookie("", "", "", "", 0, taint(), 0, new Date(), true, false)); // $hasTaintFlow
|
||||
sink(new NewCookie("", "", "", "", 0, "", IntSource.taint(), new Date(), false, true)); // $hasTaintFlow
|
||||
sink(new NewCookie("", "", "", "", 0, "", 0, DateSource.taint(), false, false)); // $hasTaintFlow
|
||||
sink(new NewCookie("", "", "", "", 0, "", 0, new Date(), BooleanSource.taint(), true)); // $hasTaintFlow
|
||||
sink(new NewCookie("", "", "", "", 0, "", 0, new Date(), false, BooleanSource.taint())); // $hasTaintFlow
|
||||
sink(new NewCookie(taint(), "", "", "", 0, "", 0, new Date(), true, true)); // $ hasTaintFlow
|
||||
sink(new NewCookie("", taint(), "", "", 0, "", 0, new Date(), false, true)); // $ hasTaintFlow
|
||||
sink(new NewCookie("", "", taint(), "", 0, "", 0, new Date(), true, false)); // $ hasTaintFlow
|
||||
sink(new NewCookie("", "", "", taint(), 0, "", 0, new Date(), false, false)); // $ hasTaintFlow
|
||||
sink(new NewCookie("", "", "", "", IntSource.taint(), "", 0, new Date(), true, true)); // $ hasTaintFlow
|
||||
sink(new NewCookie("", "", "", "", 0, taint(), 0, new Date(), true, false)); // $ hasTaintFlow
|
||||
sink(new NewCookie("", "", "", "", 0, "", IntSource.taint(), new Date(), false, true)); // $ hasTaintFlow
|
||||
sink(new NewCookie("", "", "", "", 0, "", 0, DateSource.taint(), false, false)); // $ hasTaintFlow
|
||||
sink(new NewCookie("", "", "", "", 0, "", 0, new Date(), BooleanSource.taint(), true)); // $ hasTaintFlow
|
||||
sink(new NewCookie("", "", "", "", 0, "", 0, new Date(), false, BooleanSource.taint())); // $ hasTaintFlow
|
||||
|
||||
sink(new NewCookie(taint(), "", "", "", "", 0, true)); // $hasTaintFlow
|
||||
sink(new NewCookie("", taint(), "", "", "", 0, false)); // $hasTaintFlow
|
||||
sink(new NewCookie("", "", taint(), "", "", 0, true)); // $hasTaintFlow
|
||||
sink(new NewCookie("", "", "", taint(), "", 0, false)); // $hasTaintFlow
|
||||
sink(new NewCookie("", "", "", "", taint(), 0, false)); // $hasTaintFlow
|
||||
sink(new NewCookie("", "", "", "", "", IntSource.taint(), true)); // $hasTaintFlow
|
||||
sink(new NewCookie("", "", "", "", "", 0, BooleanSource.taint())); // $hasTaintFlow
|
||||
sink(new NewCookie(taint(), "", "", "", "", 0, true)); // $ hasTaintFlow
|
||||
sink(new NewCookie("", taint(), "", "", "", 0, false)); // $ hasTaintFlow
|
||||
sink(new NewCookie("", "", taint(), "", "", 0, true)); // $ hasTaintFlow
|
||||
sink(new NewCookie("", "", "", taint(), "", 0, false)); // $ hasTaintFlow
|
||||
sink(new NewCookie("", "", "", "", taint(), 0, false)); // $ hasTaintFlow
|
||||
sink(new NewCookie("", "", "", "", "", IntSource.taint(), true)); // $ hasTaintFlow
|
||||
sink(new NewCookie("", "", "", "", "", 0, BooleanSource.taint())); // $ hasTaintFlow
|
||||
|
||||
sink(new NewCookie(taint(), "", "", "", "", 0, true, true)); // $hasTaintFlow
|
||||
sink(new NewCookie("", taint(), "", "", "", 0, false, true)); // $hasTaintFlow
|
||||
sink(new NewCookie("", "", taint(), "", "", 0, true, false)); // $hasTaintFlow
|
||||
sink(new NewCookie("", "", "", taint(), "", 0, false, false)); // $hasTaintFlow
|
||||
sink(new NewCookie("", "", "", "", taint(), 0, true, true)); // $hasTaintFlow
|
||||
sink(new NewCookie("", "", "", "", "", IntSource.taint(), false, true)); // $hasTaintFlow
|
||||
sink(new NewCookie("", "", "", "", "", 0, BooleanSource.taint(), false)); // $hasTaintFlow
|
||||
sink(new NewCookie("", "", "", "", "", 0, true, BooleanSource.taint())); // $hasTaintFlow
|
||||
sink(new NewCookie(taint(), "", "", "", "", 0, true, true)); // $ hasTaintFlow
|
||||
sink(new NewCookie("", taint(), "", "", "", 0, false, true)); // $ hasTaintFlow
|
||||
sink(new NewCookie("", "", taint(), "", "", 0, true, false)); // $ hasTaintFlow
|
||||
sink(new NewCookie("", "", "", taint(), "", 0, false, false)); // $ hasTaintFlow
|
||||
sink(new NewCookie("", "", "", "", taint(), 0, true, true)); // $ hasTaintFlow
|
||||
sink(new NewCookie("", "", "", "", "", IntSource.taint(), false, true)); // $ hasTaintFlow
|
||||
sink(new NewCookie("", "", "", "", "", 0, BooleanSource.taint(), false)); // $ hasTaintFlow
|
||||
sink(new NewCookie("", "", "", "", "", 0, true, BooleanSource.taint())); // $ hasTaintFlow
|
||||
|
||||
sink(NewCookie.valueOf(taint()).getComment()); // $hasTaintFlow
|
||||
sink(NewCookie.valueOf(taint()).getExpiry()); // $hasTaintFlow
|
||||
sink(NewCookie.valueOf(taint()).getMaxAge()); // $hasTaintFlow
|
||||
sink(NewCookie.valueOf(taint()).toCookie()); // $hasTaintFlow
|
||||
sink(NewCookie.valueOf(taint())); // $hasTaintFlow
|
||||
sink(NewCookie.valueOf(taint()).getComment()); // $ hasTaintFlow
|
||||
sink(NewCookie.valueOf(taint()).getExpiry()); // $ hasTaintFlow
|
||||
sink(NewCookie.valueOf(taint()).getMaxAge()); // $ hasTaintFlow
|
||||
sink(NewCookie.valueOf(taint()).toCookie()); // $ hasTaintFlow
|
||||
sink(NewCookie.valueOf(taint())); // $ hasTaintFlow
|
||||
}
|
||||
|
||||
void testForm(MultivaluedMap<String, String> mm1, MultivaluedMap<String, String> mm2) {
|
||||
sink(new Form(taint(), "")); // $hasTaintFlow
|
||||
sink(new Form("", taint())); // $hasTaintFlow
|
||||
sink(new Form(taint(), "")); // $ hasTaintFlow
|
||||
sink(new Form("", taint())); // $ hasTaintFlow
|
||||
mm1.add(taint(), "value");
|
||||
sink(new Form(mm1)); // $hasTaintFlow
|
||||
sink(new Form(mm1)); // $ hasTaintFlow
|
||||
mm2.add("key", taint());
|
||||
sink(new Form(mm2)); // $hasTaintFlow
|
||||
sink(new Form(mm2)); // $ hasTaintFlow
|
||||
Form f1 = new Form(taint(), "");
|
||||
sink(f1.asMap()); // $hasTaintFlow
|
||||
sink(f1.asMap()); // $ hasTaintFlow
|
||||
Form f2 = new Form();
|
||||
sink(f2.param(taint(), "b")); // $hasTaintFlow
|
||||
sink(f2.param(taint(), "b")); // $ hasTaintFlow
|
||||
Form f3 = new Form();
|
||||
sink(f3.param("a", taint())); // $hasTaintFlow
|
||||
sink(f3.param("a", taint())); // $ hasTaintFlow
|
||||
Form f4 = new Form(taint(), "");
|
||||
sink(f4.param("a", "b")); // $hasTaintFlow
|
||||
sink(f4.param("a", "b")); // $ hasTaintFlow
|
||||
}
|
||||
|
||||
void testGenericEntity() {
|
||||
Method m = Dummy.class.getMethods()[0];
|
||||
GenericEntity<Set<String>> ge = new GenericEntity<Set<String>>(SetStringSource.taint(), m.getGenericReturnType());
|
||||
sink(ge); // $hasTaintFlow
|
||||
sink(ge.getEntity()); // $hasTaintFlow
|
||||
sink(ge); // $ hasTaintFlow
|
||||
sink(ge.getEntity()); // $ hasTaintFlow
|
||||
}
|
||||
|
||||
void testMediaType(Map<String, String> m) {
|
||||
sink(new MediaType(taint(), "")); // $hasTaintFlow
|
||||
sink(new MediaType("", taint())); // $hasTaintFlow
|
||||
sink(new MediaType(taint(), "", m)); // $hasTaintFlow
|
||||
sink(new MediaType("", taint(), m)); // $hasTaintFlow
|
||||
sink(new MediaType("", "", taint(m))); // $hasTaintFlow
|
||||
sink(new MediaType(taint(), "", "")); // $hasTaintFlow
|
||||
sink(new MediaType("", taint(), "")); // $hasTaintFlow
|
||||
sink(new MediaType("", "", taint())); // $hasTaintFlow
|
||||
sink(MediaType.valueOf(taint()).getParameters()); // $hasTaintFlow
|
||||
sink(MediaType.valueOf(taint()).getSubtype()); // $hasTaintFlow
|
||||
sink(MediaType.valueOf(taint()).getType()); // $hasTaintFlow
|
||||
sink(MediaType.valueOf(taint())); // $hasTaintFlow
|
||||
sink(new MediaType(taint(), "")); // $ hasTaintFlow
|
||||
sink(new MediaType("", taint())); // $ hasTaintFlow
|
||||
sink(new MediaType(taint(), "", m)); // $ hasTaintFlow
|
||||
sink(new MediaType("", taint(), m)); // $ hasTaintFlow
|
||||
sink(new MediaType("", "", taint(m))); // $ hasTaintFlow
|
||||
sink(new MediaType(taint(), "", "")); // $ hasTaintFlow
|
||||
sink(new MediaType("", taint(), "")); // $ hasTaintFlow
|
||||
sink(new MediaType("", "", taint())); // $ hasTaintFlow
|
||||
sink(MediaType.valueOf(taint()).getParameters()); // $ hasTaintFlow
|
||||
sink(MediaType.valueOf(taint()).getSubtype()); // $ hasTaintFlow
|
||||
sink(MediaType.valueOf(taint()).getType()); // $ hasTaintFlow
|
||||
sink(MediaType.valueOf(taint())); // $ hasTaintFlow
|
||||
}
|
||||
|
||||
void testUriBuilder() throws Exception {
|
||||
sink(UriBuilder.fromPath("").build(taint())); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").build("", taint())); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").build(taint(), false)); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").build("", taint(), true)); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).build("")); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).build("", false)); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").build(taint())); // $ hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").build("", taint())); // $ hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").build(taint(), false)); // $ hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").build("", taint(), true)); // $ hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).build("")); // $ hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).build("", false)); // $ hasTaintFlow
|
||||
|
||||
sink(UriBuilder.fromPath("").buildFromEncoded(taint())); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").buildFromEncoded("", taint())); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).buildFromEncoded("")); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").buildFromEncodedMap(taint(new HashMap<String, String>()))); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).buildFromEncodedMap(new HashMap<String, String>())); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").buildFromMap(taint(new HashMap<String, String>()), false)); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).buildFromMap(new HashMap<String, String>(), true)); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").buildFromEncoded(taint())); // $ hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").buildFromEncoded("", taint())); // $ hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).buildFromEncoded("")); // $ hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").buildFromEncodedMap(taint(new HashMap<String, String>()))); // $ hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).buildFromEncodedMap(new HashMap<String, String>())); // $ hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").buildFromMap(taint(new HashMap<String, String>()), false)); // $ hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).buildFromMap(new HashMap<String, String>(), true)); // $ hasTaintFlow
|
||||
|
||||
sink(UriBuilder.fromPath(taint()).clone()); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").fragment(taint())); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).fragment("")); // $hasTaintFlow
|
||||
sink(UriBuilder.fromLink(taint(Link.valueOf("")))); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint())); // $hasTaintFlow
|
||||
sink(UriBuilder.fromUri(taint())); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").host(taint())); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).host("")); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).clone()); // $ hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").fragment(taint())); // $ hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).fragment("")); // $ hasTaintFlow
|
||||
sink(UriBuilder.fromLink(taint(Link.valueOf("")))); // $ hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint())); // $ hasTaintFlow
|
||||
sink(UriBuilder.fromUri(taint())); // $ hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").host(taint())); // $ hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).host("")); // $ hasTaintFlow
|
||||
|
||||
sink(UriBuilder.fromPath("").matrixParam(taint(), "")); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").matrixParam("", "", taint())); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).matrixParam("", "")); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").path(taint(Dummy.class))); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").path(Dummy.class, taint())); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).path(Dummy.class)); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").queryParam(taint(), "")); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").queryParam("", "", taint())); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).queryParam("", "")); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").matrixParam(taint(), "")); // $ hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").matrixParam("", "", taint())); // $ hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).matrixParam("", "")); // $ hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").path(taint(Dummy.class))); // $ hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").path(Dummy.class, taint())); // $ hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).path(Dummy.class)); // $ hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").queryParam(taint(), "")); // $ hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").queryParam("", "", taint())); // $ hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).queryParam("", "")); // $ hasTaintFlow
|
||||
|
||||
sink(UriBuilder.fromPath("").replaceMatrix(taint())); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).replaceMatrix("")); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").replaceMatrixParam(taint(), "")); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").replaceMatrixParam("", "", taint())); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).replaceMatrixParam("", "")); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").replacePath(taint())); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).replacePath("")); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").replaceQuery(taint())); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).replaceQuery("")); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").replaceQueryParam(taint(), "")); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").replaceQueryParam("", "", taint())); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).replaceQueryParam("", "")); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").replaceMatrix(taint())); // $ hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).replaceMatrix("")); // $ hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").replaceMatrixParam(taint(), "")); // $ hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").replaceMatrixParam("", "", taint())); // $ hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).replaceMatrixParam("", "")); // $ hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").replacePath(taint())); // $ hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).replacePath("")); // $ hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").replaceQuery(taint())); // $ hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).replaceQuery("")); // $ hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").replaceQueryParam(taint(), "")); // $ hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").replaceQueryParam("", "", taint())); // $ hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).replaceQueryParam("", "")); // $ hasTaintFlow
|
||||
|
||||
sink(UriBuilder.fromPath("").resolveTemplate(taint(), "")); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").resolveTemplate(taint(), "", false)); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").resolveTemplate("", taint())); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").resolveTemplate("", taint(), true)); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).resolveTemplate("", "")); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).resolveTemplate("", "", false)); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").resolveTemplateFromEncoded(taint(), "")); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").resolveTemplateFromEncoded("", taint())); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).resolveTemplateFromEncoded("", "")); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").resolveTemplate(taint(), "")); // $ hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").resolveTemplate(taint(), "", false)); // $ hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").resolveTemplate("", taint())); // $ hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").resolveTemplate("", taint(), true)); // $ hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).resolveTemplate("", "")); // $ hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).resolveTemplate("", "", false)); // $ hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").resolveTemplateFromEncoded(taint(), "")); // $ hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").resolveTemplateFromEncoded("", taint())); // $ hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).resolveTemplateFromEncoded("", "")); // $ hasTaintFlow
|
||||
|
||||
sink(UriBuilder.fromPath("").resolveTemplates(taint(new HashMap<String, Object>()))); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").resolveTemplates(taint(new HashMap<String, Object>()), true)); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).resolveTemplates(new HashMap<String, Object>())); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).resolveTemplates(new HashMap<String, Object>(), false)); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").resolveTemplatesFromEncoded(taint(new HashMap<String, Object>()))); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).resolveTemplatesFromEncoded(new HashMap<String, Object>())); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").resolveTemplates(taint(new HashMap<String, Object>()))); // $ hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").resolveTemplates(taint(new HashMap<String, Object>()), true)); // $ hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).resolveTemplates(new HashMap<String, Object>())); // $ hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).resolveTemplates(new HashMap<String, Object>(), false)); // $ hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").resolveTemplatesFromEncoded(taint(new HashMap<String, Object>()))); // $ hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).resolveTemplatesFromEncoded(new HashMap<String, Object>())); // $ hasTaintFlow
|
||||
|
||||
sink(UriBuilder.fromPath("").scheme(taint())); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).scheme("")); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").schemeSpecificPart(taint())); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).schemeSpecificPart("")); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").segment(taint(), "")); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").segment("", "", taint())); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).segment("", "")); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).toTemplate()); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").scheme(taint())); // $ hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).scheme("")); // $ hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").schemeSpecificPart(taint())); // $ hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).schemeSpecificPart("")); // $ hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").segment(taint(), "")); // $ hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").segment("", "", taint())); // $ hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).segment("", "")); // $ hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).toTemplate()); // $ hasTaintFlow
|
||||
|
||||
sink(UriBuilder.fromPath("").uri(taint())); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).uri("")); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").uri(UriSource.taint())); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).uri(new URI(""))); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").userInfo(taint())); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).userInfo("")); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").uri(taint())); // $ hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).uri("")); // $ hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").uri(UriSource.taint())); // $ hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).uri(new URI(""))); // $ hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").userInfo(taint())); // $ hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).userInfo("")); // $ hasTaintFlow
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -5,40 +5,40 @@ import javax.xml.ws.WebServiceClient;
|
||||
import javax.xml.ws.WebServiceProvider;
|
||||
|
||||
@WebService
|
||||
class WebServiceClass { // $JaxWsEndpoint
|
||||
class WebServiceClass { // $ JaxWsEndpoint
|
||||
|
||||
@WebMethod
|
||||
void WebMethodMethod() { // $JaxWsEndpointRemoteMethod
|
||||
void WebMethodMethod() { // $ JaxWsEndpointRemoteMethod
|
||||
}
|
||||
|
||||
@WebEndpoint
|
||||
void WebEndpointMethod() { // $JaxWsEndpointRemoteMethod
|
||||
void WebEndpointMethod() { // $ JaxWsEndpointRemoteMethod
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@WebServiceProvider
|
||||
class WebServiceProviderClass { // $JaxWsEndpoint
|
||||
class WebServiceProviderClass { // $ JaxWsEndpoint
|
||||
|
||||
@WebMethod
|
||||
void WebMethodMethod() { // $JaxWsEndpointRemoteMethod
|
||||
void WebMethodMethod() { // $ JaxWsEndpointRemoteMethod
|
||||
}
|
||||
|
||||
@WebEndpoint
|
||||
void WebEndpointMethod() { // $JaxWsEndpointRemoteMethod
|
||||
void WebEndpointMethod() { // $ JaxWsEndpointRemoteMethod
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@WebServiceClient
|
||||
class WebServiceClientClass { // $JaxWsEndpoint
|
||||
class WebServiceClientClass { // $ JaxWsEndpoint
|
||||
|
||||
@WebMethod
|
||||
void WebMethodMethod() { // $JaxWsEndpointRemoteMethod
|
||||
void WebMethodMethod() { // $ JaxWsEndpointRemoteMethod
|
||||
}
|
||||
|
||||
@WebEndpoint
|
||||
void WebEndpointMethod() { // $JaxWsEndpointRemoteMethod
|
||||
void WebEndpointMethod() { // $ JaxWsEndpointRemoteMethod
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user