hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-26 17:25:19 +02:00
Code Issues Packages Projects Releases Wiki Activity

C#/Java: Add test for missing neutral summary generation.

Browse Source
This commit is contained in:
Michael Nebel
2024-07-18 16:29:04 +02:00
parent bf69c76829
commit c9832df3c0
4 changed files with 18 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
csharp/ql/test/utils/modelgenerator/dataflow/CaptureNeutralModels.ext.yml
View File

@@ -4,3 +4,5 @@ extensions:
extensible: neutralModel
data:
- [ "Models", "ManuallyModelled", "HasNeutralSummaryNoFlow", "(System.Object)", "summary", "manual"]
- [ "Sinks", "NewSinks", "NoSink", "(System.Object)", "summary", "df-generated"]
- [ "Sinks", "NewSinks", "NoSink", "(System.Object)", "sink", "manual"]

4
csharp/ql/test/utils/modelgenerator/dataflow/Sinks.cs
View File

@@ -20,6 +20,10 @@ public class NewSinks
// neutral=Sinks;NewSinks;Sink2;(System.Object);summary;df-generated
public static void Sink2(object o) => throw null;
// Defined as sink neutral in the file next to the neutral summary test.
// MISSING NEUTRAL
public static void NoSink(object o) => throw null;
// New sink
// sink=Sinks;NewSinks;false;WrapResponseWrite;(System.Object);;Argument[0];html-injection;df-generated
// neutral=Sinks;NewSinks;WrapResponseWrite;(System.Object);summary;df-generated

7
java/ql/test/utils/modelgenerator/dataflow/CaptureNeutralModels.ext.yml Normal file
View File

@@ -0,0 +1,7 @@
extensions:
- addsTo:
pack: codeql/java-all
extensible: neutralModel
data:
- [ "p", "Sinks", "nosink", "(Object)", "sink", "manual"]
- [ "p", "Sinks", "nosink", "(Object)", "summary", "df-generated"]

5
java/ql/test/utils/modelgenerator/dataflow/p/Sinks.java
View File

@@ -21,6 +21,11 @@ public class Sinks {
// neutral=p;Sinks;sink2;(Object);summary;df-generated
public void sink2(Object o) {}
// Defined as sink neutral file in the model file next to the
// neutral test.
// MISSING NEUTRAL.
public void nosink(Object o) {}
// sink=p;Sinks;true;copyFileToDirectory;(Path,Path,CopyOption[]);;Argument[0];path-injection;df-generated
// sink=p;Sinks;true;copyFileToDirectory;(Path,Path,CopyOption[]);;Argument[1];path-injection;df-generated
// neutral=p;Sinks;copyFileToDirectory;(Path,Path,CopyOption[]);summary;df-generated