hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-30 11:15:13 +02:00
Code Issues Packages Projects Releases Wiki Activity

Java: Improve tests

Browse Source
This commit is contained in:
Joe
2020-09-29 16:36:34 +01:00
parent efc3a25237
commit be07d27a4c
2 changed files with 39 additions and 24 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
java/ql/test/library-tests/dataflow/taint-format/A.java
View File

@@ -1,5 +1,7 @@
import java.util.Formatter;
import java.lang.StringBuilder;
import java.lang.System;
import java.io.Console;
class A {
public static String taint() { return "tainted"; }
@@ -11,6 +13,7 @@ class A {
bad.formatted(good);
good.formatted("a", bad, "b", good);
String.format("%s%s", bad, good);
String.format("%s", good);
}
public static void test2() {
@@ -31,4 +34,12 @@ class A {
f.format("%s", bad);
sb.toString();
}
public static void test4() {
String bad = taint();
Console c = System.console();
c.format(bad);
c.readLine("Enter something: %s", bad);
}
}

52
java/ql/test/library-tests/dataflow/taint-format/test.expected
View File

@@ -1,24 +1,28 @@
| A.java:8:22:8:28 | taint(...) | A.java:8:22:8:28 | taint(...) |
| A.java:8:22:8:28 | taint(...) | A.java:11:9:11:11 | bad |
| A.java:8:22:8:28 | taint(...) | A.java:11:9:11:27 | formatted(...) |
| A.java:8:22:8:28 | taint(...) | A.java:12:9:12:43 | formatted(...) |
| A.java:8:22:8:28 | taint(...) | A.java:12:9:12:43 | new ..[] { .. } |
| A.java:8:22:8:28 | taint(...) | A.java:12:29:12:31 | bad |
| A.java:8:22:8:28 | taint(...) | A.java:13:9:13:40 | format(...) |
| A.java:8:22:8:28 | taint(...) | A.java:13:9:13:40 | new ..[] { .. } |
| A.java:8:22:8:28 | taint(...) | A.java:13:31:13:33 | bad |
| A.java:17:22:17:28 | taint(...) | A.java:17:22:17:28 | taint(...) |
| A.java:17:22:17:28 | taint(...) | A.java:21:9:21:9 | f [post update] |
| A.java:17:22:17:28 | taint(...) | A.java:21:9:21:27 | format(...) |
| A.java:17:22:17:28 | taint(...) | A.java:21:9:21:27 | new ..[] { .. } |
| A.java:17:22:17:28 | taint(...) | A.java:21:24:21:26 | bad |
| A.java:17:22:17:28 | taint(...) | A.java:22:9:22:9 | f |
| A.java:26:22:26:28 | taint(...) | A.java:26:22:26:28 | taint(...) |
| A.java:26:22:26:28 | taint(...) | A.java:30:9:30:10 | sb |
| A.java:26:22:26:28 | taint(...) | A.java:30:9:30:21 | toString(...) |
| A.java:26:22:26:28 | taint(...) | A.java:31:9:31:9 | f [post update] |
| A.java:26:22:26:28 | taint(...) | A.java:31:9:31:27 | format(...) |
| A.java:26:22:26:28 | taint(...) | A.java:31:9:31:27 | new ..[] { .. } |
| A.java:26:22:26:28 | taint(...) | A.java:31:24:31:26 | bad |
| A.java:26:22:26:28 | taint(...) | A.java:32:9:32:10 | sb |
| A.java:26:22:26:28 | taint(...) | A.java:32:9:32:21 | toString(...) |
| A.java:10:22:10:28 | taint(...) | A.java:10:22:10:28 | taint(...) |
| A.java:10:22:10:28 | taint(...) | A.java:13:9:13:11 | bad |
| A.java:10:22:10:28 | taint(...) | A.java:13:9:13:27 | formatted(...) |
| A.java:10:22:10:28 | taint(...) | A.java:14:9:14:43 | formatted(...) |
| A.java:10:22:10:28 | taint(...) | A.java:14:9:14:43 | new ..[] { .. } |
| A.java:10:22:10:28 | taint(...) | A.java:14:29:14:31 | bad |
| A.java:10:22:10:28 | taint(...) | A.java:15:9:15:40 | format(...) |
| A.java:10:22:10:28 | taint(...) | A.java:15:9:15:40 | new ..[] { .. } |
| A.java:10:22:10:28 | taint(...) | A.java:15:31:15:33 | bad |
| A.java:20:22:20:28 | taint(...) | A.java:20:22:20:28 | taint(...) |
| A.java:20:22:20:28 | taint(...) | A.java:24:9:24:9 | f [post update] |
| A.java:20:22:20:28 | taint(...) | A.java:24:9:24:27 | format(...) |
| A.java:20:22:20:28 | taint(...) | A.java:24:9:24:27 | new ..[] { .. } |
| A.java:20:22:20:28 | taint(...) | A.java:24:24:24:26 | bad |
| A.java:20:22:20:28 | taint(...) | A.java:25:9:25:9 | f |
| A.java:29:22:29:28 | taint(...) | A.java:29:22:29:28 | taint(...) |
| A.java:29:22:29:28 | taint(...) | A.java:33:9:33:10 | sb |
| A.java:29:22:29:28 | taint(...) | A.java:33:9:33:21 | toString(...) |
| A.java:29:22:29:28 | taint(...) | A.java:34:9:34:9 | f [post update] |
| A.java:29:22:29:28 | taint(...) | A.java:34:9:34:27 | format(...) |
| A.java:29:22:29:28 | taint(...) | A.java:34:9:34:27 | new ..[] { .. } |
| A.java:29:22:29:28 | taint(...) | A.java:34:24:34:26 | bad |
| A.java:29:22:29:28 | taint(...) | A.java:35:9:35:10 | sb |
| A.java:29:22:29:28 | taint(...) | A.java:35:9:35:21 | toString(...) |
| A.java:39:22:39:28 | taint(...) | A.java:39:22:39:28 | taint(...) |
| A.java:39:22:39:28 | taint(...) | A.java:42:18:42:20 | bad |
| A.java:39:22:39:28 | taint(...) | A.java:43:9:43:46 | new ..[] { .. } |
| A.java:39:22:39:28 | taint(...) | A.java:43:43:43:45 | bad |