hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-04 21:25:44 +02:00
Code Issues Packages Projects Releases Wiki Activity

Java: Improve taint step modeling to use postupdate nodes.

Browse Source
This commit is contained in:
Anders Schack-Mulligen
2020-01-31 15:02:45 +01:00
parent b5f3d776bf
commit ba86dea657
5 changed files with 100 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

48
java/ql/test/library-tests/dataflow/taint/A.java
View File

@@ -24,4 +24,52 @@ public class A {
bInput.read(b2);
sink(b2);
}
void streamWrite(ByteArrayOutputStream baos, byte[] data) {
baos.write(data);
}
void test3(ByteArrayOutputStream baos) {
streamWrite(baos, taint());
sink(baos.toByteArray());
}
static class BaosHolder {
ByteArrayOutputStream baos = new ByteArrayOutputStream();
}
void streamWriteHolder(BaosHolder bh, byte[] data) {
bh.baos.write(data);
}
void test4(BaosHolder bh) {
streamWriteHolder(bh, taint());
sink(bh.baos.toByteArray());
}
static class DataHolder {
byte[] data = new byte[10];
}
void test5_a(DataHolder dh) {
ByteArrayInputStream bais = new ByteArrayInputStream(taint());
bais.read(dh.data);
test5_b(dh);
}
void test5_b(DataHolder dh) {
sink(dh.data);
}
void arrayWrite(byte[] from, byte[] to) {
for (int i = 0; i < 10; i++) {
to[i] = from[i];
}
}
void test6() {
byte[] b = new byte[10];
arrayWrite(taint(), b);
sink(b);
}
}