mirror of
https://github.com/github/codeql.git
synced 2026-04-30 11:15:13 +02:00
Duplicate tests for Jakarta
This commit is contained in:
Owen Mansel-Chan
196
java/ql/test/library-tests/frameworks/JaxWs/JakartaRs1.java
Normal file
196
java/ql/test/library-tests/frameworks/JaxWs/JakartaRs1.java
Normal file
@@ -0,0 +1,196 @@
|
||||
import java.io.InputStream;
|
||||
import java.io.IOException;
|
||||
import java.lang.annotation.Annotation;
|
||||
import java.lang.reflect.Type;
|
||||
import jakarta.ws.rs.GET;
|
||||
import jakarta.ws.rs.POST;
|
||||
import jakarta.ws.rs.DELETE;
|
||||
import jakarta.ws.rs.PUT;
|
||||
import jakarta.ws.rs.OPTIONS;
|
||||
import jakarta.ws.rs.HEAD;
|
||||
import jakarta.ws.rs.Path;
|
||||
import jakarta.ws.rs.BeanParam;
|
||||
import jakarta.ws.rs.CookieParam;
|
||||
import jakarta.ws.rs.FormParam;
|
||||
import jakarta.ws.rs.HeaderParam;
|
||||
import jakarta.ws.rs.MatrixParam;
|
||||
import jakarta.ws.rs.PathParam;
|
||||
import jakarta.ws.rs.Produces;
|
||||
import jakarta.ws.rs.QueryParam;
|
||||
import jakarta.ws.rs.client.Client;
|
||||
import jakarta.ws.rs.core.Context;
|
||||
import jakarta.ws.rs.core.MediaType;
|
||||
import jakarta.ws.rs.core.MultivaluedMap;
|
||||
import jakarta.ws.rs.core.Response;
|
||||
import jakarta.ws.rs.ext.MessageBodyReader;
|
||||
|
||||
@Path("")
|
||||
public class JakartaRs1 { // $RootResourceClass
|
||||
public JakartaRs1() { // $InjectableConstructor
|
||||
}
|
||||
|
||||
@GET
|
||||
int Get() { // $ResourceMethod $ResourceMethodOnResourceClass
|
||||
return 0; // $XssSink
|
||||
}
|
||||
|
||||
@POST
|
||||
void Post() { // $ResourceMethod $ResourceMethodOnResourceClass
|
||||
}
|
||||
|
||||
@Produces("text/plain") // $ProducesAnnotation=text/plain
|
||||
@DELETE
|
||||
double Delete() { // $ResourceMethod=text/plain $ResourceMethodOnResourceClass
|
||||
return 0.0; // $XssSink
|
||||
}
|
||||
|
||||
@Produces(MediaType.TEXT_HTML) // $ProducesAnnotation=text/html
|
||||
@PUT
|
||||
void Put() { // $ResourceMethod=text/html $ResourceMethodOnResourceClass
|
||||
}
|
||||
|
||||
@OPTIONS
|
||||
void Options() { // $ResourceMethod $ResourceMethodOnResourceClass
|
||||
}
|
||||
|
||||
@HEAD
|
||||
void Head() { // $ResourceMethod $ResourceMethodOnResourceClass
|
||||
}
|
||||
|
||||
@Path("")
|
||||
NonRootResourceClassJakarta subResourceLocator() { // $SubResourceLocator
|
||||
return null;
|
||||
}
|
||||
|
||||
public class NonRootResourceClassJakarta { // $NonRootResourceClass
|
||||
@GET
|
||||
int Get() { // $ResourceMethod $ResourceMethodOnResourceClass
|
||||
return 0; // $XssSink
|
||||
}
|
||||
|
||||
@Produces("text/html") // $ProducesAnnotation=text/html
|
||||
@POST
|
||||
boolean Post() { // $ResourceMethod=text/html $ResourceMethodOnResourceClass
|
||||
return false;
|
||||
}
|
||||
|
||||
@Produces(MediaType.TEXT_PLAIN) // $ProducesAnnotation=text/plain
|
||||
@DELETE
|
||||
double Delete() { // $ResourceMethod=text/plain $ResourceMethodOnResourceClass
|
||||
return 0.0; // $XssSink
|
||||
}
|
||||
|
||||
@Path("")
|
||||
AnotherNonRootResourceClassJakarta subResourceLocator1() { // $SubResourceLocator
|
||||
return null;
|
||||
}
|
||||
|
||||
@GET
|
||||
@Path("")
|
||||
NotAResourceClass1Jakarta NotASubResourceLocator1() { // $ResourceMethod $ResourceMethodOnResourceClass
|
||||
return null; // $XssSink
|
||||
}
|
||||
|
||||
@GET
|
||||
NotAResourceClass2Jakarta NotASubResourceLocator2() { // $ResourceMethod $ResourceMethodOnResourceClass
|
||||
return null; // $XssSink
|
||||
}
|
||||
|
||||
NotAResourceClass2Jakarta NotASubResourceLocator3() {
|
||||
return null;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
class AnotherNonRootResourceClassJakarta { // $NonRootResourceClass
|
||||
public AnotherNonRootResourceClassJakarta() {
|
||||
}
|
||||
|
||||
public AnotherNonRootResourceClassJakarta(@BeanParam int beanParam, @CookieParam("") int cookieParam, @FormParam("") int formParam, // $InjectionAnnotation
|
||||
@HeaderParam("") int headerParam, @MatrixParam("") int matrixParam, @PathParam("") int pathParam, @QueryParam("") int queryParam, // $InjectionAnnotation
|
||||
@Context int context) { // $InjectionAnnotation
|
||||
}
|
||||
|
||||
@Path("")
|
||||
public void resourceMethodWithBeanParamParameter(@BeanParam FooJakarta FooJakarta) { // $SubResourceLocator $InjectionAnnotation
|
||||
}
|
||||
}
|
||||
|
||||
class FooJakarta {
|
||||
FooJakarta() { // $BeanParamConstructor
|
||||
}
|
||||
|
||||
public FooJakarta(@BeanParam int beanParam, @CookieParam("") int cookieParam, @FormParam("") int formParam, // $InjectionAnnotation $BeanParamConstructor
|
||||
@HeaderParam("") int headerParam, @MatrixParam("") int matrixParam, @PathParam("") int pathParam, @QueryParam("") int queryParam, // $InjectionAnnotation
|
||||
@Context int context) { // $InjectionAnnotation
|
||||
}
|
||||
|
||||
public FooJakarta(@BeanParam int beanParam, @CookieParam("") int cookieParam, @FormParam("") int formParam, // $InjectionAnnotation
|
||||
@HeaderParam("") int headerParam, @MatrixParam("") int matrixParam, @PathParam("") int pathParam, @QueryParam("") int queryParam, // $InjectionAnnotation
|
||||
@Context int context, int paramWithoutAnnotation) { // $InjectionAnnotation
|
||||
}
|
||||
}
|
||||
|
||||
class NotAResourceClass1Jakarta {
|
||||
}
|
||||
|
||||
class NotAResourceClass2Jakarta {
|
||||
}
|
||||
|
||||
class ExtendsJakartaRs1 extends JakartaRs1 {
|
||||
@Override
|
||||
int Get() { // $ResourceMethod
|
||||
return 1;
|
||||
}
|
||||
|
||||
@Override
|
||||
@QueryParam("") // $InjectionAnnotation
|
||||
void Post() {
|
||||
}
|
||||
|
||||
@Override
|
||||
double Delete() { // $ResourceMethod=text/plain
|
||||
return 1.0;
|
||||
}
|
||||
|
||||
@Override
|
||||
void Put() { // $ResourceMethod=text/html
|
||||
}
|
||||
|
||||
@Produces("application/json") // $ProducesAnnotation=application/json
|
||||
@Override
|
||||
void Options() {
|
||||
}
|
||||
|
||||
@Produces(MediaType.TEXT_XML) // $ProducesAnnotation=text/xml
|
||||
@Override
|
||||
void Head() {
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@Produces(MediaType.TEXT_XML) // $ProducesAnnotation=text/xml
|
||||
class ExtendsJakartaRs1WithProducesAnnotation extends JakartaRs1 {
|
||||
@Override
|
||||
int Get() { // $ResourceMethod=text/xml
|
||||
return 2;
|
||||
}
|
||||
|
||||
@Override
|
||||
@QueryParam("") // $InjectionAnnotation
|
||||
void Post() {
|
||||
}
|
||||
|
||||
@Override
|
||||
double Delete() { // $ResourceMethod=text/plain
|
||||
return 2.0;
|
||||
}
|
||||
|
||||
@Override
|
||||
void Put() { // $ResourceMethod=text/html
|
||||
}
|
||||
|
||||
@Override
|
||||
void Options() { // $ResourceMethod=text/xml
|
||||
}
|
||||
}
|
||||
86
java/ql/test/library-tests/frameworks/JaxWs/JakartaRs2.java
Normal file
86
java/ql/test/library-tests/frameworks/JaxWs/JakartaRs2.java
Normal file
@@ -0,0 +1,86 @@
|
||||
import java.io.InputStream;
|
||||
import java.io.IOException;
|
||||
import java.lang.annotation.Annotation;
|
||||
import java.lang.reflect.Type;
|
||||
import jakarta.ws.rs.GET;
|
||||
import jakarta.ws.rs.POST;
|
||||
import jakarta.ws.rs.DELETE;
|
||||
import jakarta.ws.rs.PUT;
|
||||
import jakarta.ws.rs.OPTIONS;
|
||||
import jakarta.ws.rs.HEAD;
|
||||
import jakarta.ws.rs.Path;
|
||||
import jakarta.ws.rs.BeanParam;
|
||||
import jakarta.ws.rs.Consumes;
|
||||
import jakarta.ws.rs.CookieParam;
|
||||
import jakarta.ws.rs.FormParam;
|
||||
import jakarta.ws.rs.HeaderParam;
|
||||
import jakarta.ws.rs.MatrixParam;
|
||||
import jakarta.ws.rs.PathParam;
|
||||
import jakarta.ws.rs.QueryParam;
|
||||
import jakarta.ws.rs.client.Client;
|
||||
import jakarta.ws.rs.core.Context;
|
||||
import jakarta.ws.rs.core.MediaType;
|
||||
import jakarta.ws.rs.core.MultivaluedMap;
|
||||
import jakarta.ws.rs.core.Response;
|
||||
import jakarta.ws.rs.ext.MessageBodyReader;
|
||||
|
||||
@Path("")
|
||||
class JakartaRs2 { // $RootResourceClass
|
||||
JakartaRs2() {
|
||||
}
|
||||
|
||||
public JakartaRs2(@BeanParam int beanParam, @CookieParam("") int cookieParam, @FormParam("") int formParam, // $InjectionAnnotation $InjectableConstructor
|
||||
@HeaderParam("") int headerParam, @MatrixParam("") int matrixParam, @PathParam("") int pathParam, @QueryParam("") int queryParam, // $InjectionAnnotation
|
||||
@Context int context) { // $InjectionAnnotation
|
||||
}
|
||||
|
||||
public JakartaRs2(@BeanParam int beanParam, @CookieParam("") int cookieParam, @FormParam("") int formParam, // $InjectionAnnotation
|
||||
@HeaderParam("") int headerParam, @MatrixParam("") int matrixParam, @PathParam("") int pathParam, @QueryParam("") int queryParam, // $InjectionAnnotation
|
||||
@Context int context, int paramWithoutAnnotation) { // $InjectionAnnotation
|
||||
}
|
||||
|
||||
@BeanParam // $InjectionAnnotation
|
||||
int beanField; // $InjectableField
|
||||
@CookieParam("") // $InjectionAnnotation
|
||||
int cookieField; // $InjectableField
|
||||
@FormParam("") // $InjectionAnnotation
|
||||
int formField; // $InjectableField
|
||||
@HeaderParam("") // $InjectionAnnotation
|
||||
int headerField; // $InjectableField
|
||||
@MatrixParam("") // $InjectionAnnotation
|
||||
int matrixField; // $InjectableField
|
||||
@PathParam("") // $InjectionAnnotation
|
||||
int pathField; // $InjectableField
|
||||
@QueryParam("") // $InjectionAnnotation
|
||||
int queryField; // $InjectableField
|
||||
@Context // $InjectionAnnotation
|
||||
int context; // $InjectableField
|
||||
int fieldWithoutAnnotation;
|
||||
}
|
||||
|
||||
class CustomUnmarshallerJakarta implements MessageBodyReader {
|
||||
|
||||
@Override
|
||||
public boolean isReadable(Class aClass, Type type, Annotation[] annotations, MediaType mediaType) {
|
||||
return true;
|
||||
}
|
||||
|
||||
|
||||
@Override
|
||||
public Object readFrom(Class aClass, Type type, Annotation[] annotations, MediaType mediaType, MultivaluedMap multivaluedMap, InputStream inputStream) {
|
||||
return null;
|
||||
}
|
||||
}
|
||||
|
||||
class MiscellaneousJakarta {
|
||||
@Consumes("") // $ConsumesAnnotation
|
||||
public static void miscellaneousJakarta() throws IOException {
|
||||
Response.ResponseBuilder responseBuilder = Response.accepted(); // $ResponseBuilderDeclaration
|
||||
Response response = responseBuilder.build(); // $ResponseDeclaration
|
||||
Client client; // $ClientDeclaration
|
||||
MessageBodyReader<String> messageBodyReader = null; // $MessageBodyReaderDeclaration
|
||||
messageBodyReader.readFrom(null, null, null, null, null, null); // $MessageBodyReaderReadFromCall $MessageBodyReaderReadCall
|
||||
CustomUnmarshallerJakarta CustomUnmarshallerJakarta = null;
|
||||
CustomUnmarshallerJakarta.readFrom(null, null, null, null, null, null); // $MessageBodyReaderReadCall
|
||||
}
|
||||
}
|
||||
301
java/ql/test/library-tests/frameworks/JaxWs/JakartaRsFlow.java
Normal file
301
java/ql/test/library-tests/frameworks/JaxWs/JakartaRsFlow.java
Normal file
@@ -0,0 +1,301 @@
|
||||
import java.lang.reflect.Method;
|
||||
import java.net.URI;
|
||||
import java.util.ArrayList;
|
||||
import java.util.Date;
|
||||
import java.util.HashMap;
|
||||
import java.util.HashSet;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
import java.util.Set;
|
||||
import jakarta.ws.rs.core.CacheControl;
|
||||
import jakarta.ws.rs.core.Cookie;
|
||||
import jakarta.ws.rs.core.EntityTag;
|
||||
import jakarta.ws.rs.core.Form;
|
||||
import jakarta.ws.rs.core.GenericEntity;
|
||||
import jakarta.ws.rs.core.HttpHeaders;
|
||||
import jakarta.ws.rs.core.Link;
|
||||
import jakarta.ws.rs.core.MediaType;
|
||||
import jakarta.ws.rs.core.MultivaluedMap;
|
||||
import jakarta.ws.rs.core.PathSegment;
|
||||
import jakarta.ws.rs.core.Response;
|
||||
import jakarta.ws.rs.core.UriBuilder;
|
||||
import jakarta.ws.rs.core.UriInfo;
|
||||
import jakarta.ws.rs.core.Variant;
|
||||
|
||||
public class JakartaRsFlow {
|
||||
String taint() { return "tainted"; }
|
||||
|
||||
private static class ResponseSource {
|
||||
static Response taint() { return null; }
|
||||
}
|
||||
|
||||
private static class ResponseBuilderSource {
|
||||
static Response.ResponseBuilder taint() { return Response.noContent(); }
|
||||
}
|
||||
|
||||
private static class IntSource {
|
||||
static int taint() { return 0; }
|
||||
}
|
||||
|
||||
private static class SetStringSource {
|
||||
static Set<String> taint() { return new HashSet<String>(); }
|
||||
}
|
||||
|
||||
static HttpHeaders taint(HttpHeaders h) { return h; }
|
||||
|
||||
static PathSegment taint(PathSegment ps) { return ps; }
|
||||
|
||||
static UriInfo taint(UriInfo ui) { return ui; }
|
||||
|
||||
static Map taint(Map m) { return m; }
|
||||
|
||||
static Link taint(Link l) { return l; }
|
||||
|
||||
static Class taint(Class c) { return c; }
|
||||
|
||||
private static class UriSource {
|
||||
static URI taint() throws Exception { return new URI(""); }
|
||||
}
|
||||
|
||||
void sink(Object o) {}
|
||||
|
||||
void testResponse() {
|
||||
sink(Response.accepted(taint())); // $hasTaintFlow
|
||||
sink(Response.fromResponse(ResponseSource.taint())); // $hasTaintFlow
|
||||
sink(Response.ok(taint())); // $hasTaintFlow
|
||||
sink(Response.ok(taint(), new MediaType())); // $hasTaintFlow
|
||||
sink(Response.ok(taint(), "type")); // $hasTaintFlow
|
||||
sink(Response.ok(taint(), new Variant(new MediaType(), "", ""))); // $hasTaintFlow
|
||||
}
|
||||
|
||||
void testResponseBuilder(MultivaluedMap<String,Object> multivaluedMap, List<Variant> list) throws Exception {
|
||||
sink(ResponseBuilderSource.taint().build()); // $hasTaintFlow
|
||||
sink(Response.noContent().entity(taint())); // $hasTaintFlow
|
||||
sink(ResponseBuilderSource.taint().allow(new HashSet<String>())); // $hasValueFlow
|
||||
sink(ResponseBuilderSource.taint().cacheControl(new CacheControl())); // $hasValueFlow
|
||||
sink(ResponseBuilderSource.taint().clone()); // $hasTaintFlow
|
||||
sink(ResponseBuilderSource.taint().contentLocation(new URI(""))); // $hasValueFlow
|
||||
sink(ResponseBuilderSource.taint().cookie()); // $hasValueFlow
|
||||
sink(ResponseBuilderSource.taint().encoding("")); // $hasValueFlow
|
||||
sink(ResponseBuilderSource.taint().entity("")); // $hasValueFlow
|
||||
sink(ResponseBuilderSource.taint().expires(new Date())); // $hasValueFlow
|
||||
sink(ResponseBuilderSource.taint().header("", "")); // $hasValueFlow
|
||||
sink(ResponseBuilderSource.taint().language("")); // $hasValueFlow
|
||||
sink(ResponseBuilderSource.taint().lastModified(new Date())); // $hasValueFlow
|
||||
sink(ResponseBuilderSource.taint().link("", "")); // $hasValueFlow
|
||||
sink(ResponseBuilderSource.taint().link(new URI(""), "")); // $hasValueFlow
|
||||
sink(ResponseBuilderSource.taint().links()); // $hasValueFlow
|
||||
sink(ResponseBuilderSource.taint().location(new URI(""))); // $hasValueFlow
|
||||
sink(ResponseBuilderSource.taint().replaceAll(multivaluedMap)); // $hasValueFlow
|
||||
sink(ResponseBuilderSource.taint().status(400)); // $hasValueFlow
|
||||
sink(ResponseBuilderSource.taint().tag(new EntityTag(""))); // $hasValueFlow
|
||||
sink(ResponseBuilderSource.taint().tag("")); // $hasValueFlow
|
||||
sink(ResponseBuilderSource.taint().type("")); // $hasValueFlow
|
||||
sink(ResponseBuilderSource.taint().variant(new Variant(new MediaType(), "", ""))); // $hasValueFlow
|
||||
sink(ResponseBuilderSource.taint().variants(list)); // $hasValueFlow
|
||||
sink(ResponseBuilderSource.taint().variants()); // $hasValueFlow
|
||||
}
|
||||
|
||||
void testHttpHeaders(HttpHeaders h) {
|
||||
sink(taint(h).getAcceptableLanguages()); // $hasTaintFlow
|
||||
sink(taint(h).getAcceptableMediaTypes()); // $hasTaintFlow
|
||||
sink(taint(h).getCookies()); // $hasTaintFlow
|
||||
sink(taint(h).getHeaderString("")); // $hasTaintFlow
|
||||
sink(taint(h).getLanguage()); // $hasTaintFlow
|
||||
sink(taint(h).getMediaType()); // $hasTaintFlow
|
||||
sink(taint(h).getRequestHeader("")); // $hasTaintFlow
|
||||
sink(taint(h).getRequestHeaders()); // $hasTaintFlow
|
||||
}
|
||||
|
||||
void testMultivaluedMapAdd(MultivaluedMap<String, String> mm1, MultivaluedMap<String, String> mm2) {
|
||||
mm1.add(taint(), "value");
|
||||
sink(mm1.keySet().iterator().next()); // $hasValueFlow
|
||||
mm2.add("key", taint());
|
||||
sink(mm2.get("key").get(0)); // $hasValueFlow
|
||||
}
|
||||
|
||||
void testMultivaluedMapAddAll(MultivaluedMap<String, String> mm1, MultivaluedMap<String, String> mm2, MultivaluedMap<String, String> mm3) {
|
||||
mm1.addAll(taint(), "a", "b");
|
||||
sink(mm1.keySet().iterator().next()); // $hasValueFlow
|
||||
List<String> l = new ArrayList<String>();
|
||||
l.add(taint());
|
||||
mm2.addAll("key", l);
|
||||
sink(mm2.get("key").get(0)); // $hasValueFlow
|
||||
mm3.addAll("key", "a", taint());
|
||||
sink(mm3.get("key").get(0)); // $hasValueFlow
|
||||
}
|
||||
|
||||
void testMultivaluedMapAddFirst(MultivaluedMap<String, String> mm1, MultivaluedMap<String, String> mm2) {
|
||||
mm1.addFirst(taint(), "value");
|
||||
sink(mm1.keySet().iterator().next()); // $hasValueFlow
|
||||
mm2.addFirst("key", taint());
|
||||
sink(mm2.get("key").get(0)); // $hasValueFlow
|
||||
sink(mm2.getFirst("key")); // $hasValueFlow
|
||||
}
|
||||
|
||||
void testMultivaluedMapputSingle(MultivaluedMap<String, String> mm1, MultivaluedMap<String, String> mm2) {
|
||||
mm1.putSingle(taint(), "value");
|
||||
sink(mm1.keySet().iterator().next()); // $hasValueFlow
|
||||
mm2.putSingle("key", taint());
|
||||
sink(mm2.get("key").get(0)); // $hasValueFlow
|
||||
}
|
||||
|
||||
void testPathSegment(PathSegment ps1, PathSegment ps2) {
|
||||
sink(taint(ps1).getMatrixParameters()); // $hasTaintFlow
|
||||
sink(taint(ps2).getPath()); // $hasTaintFlow
|
||||
}
|
||||
|
||||
void testUriInfo(UriInfo ui1, UriInfo ui2, UriInfo ui3, UriInfo ui4, UriInfo ui5) {
|
||||
sink(taint(ui1).getPathParameters()); // $hasTaintFlow
|
||||
sink(taint(ui2).getPathSegments()); // $hasTaintFlow
|
||||
sink(taint(ui2).getQueryParameters()); // $hasTaintFlow
|
||||
sink(taint(ui2).getRequestUri()); // $hasTaintFlow
|
||||
sink(taint(ui2).getRequestUriBuilder()); // $hasTaintFlow
|
||||
}
|
||||
|
||||
void testCookie() {
|
||||
sink(new Cookie(taint(), "", "", "", 0)); // $hasTaintFlow
|
||||
sink(new Cookie("", taint(), "", "", 0)); // $hasTaintFlow
|
||||
sink(new Cookie("", "", taint(), "", 0)); // $hasTaintFlow
|
||||
sink(new Cookie("", "", "", taint(), 0)); // $hasTaintFlow
|
||||
sink(new Cookie("", "", "", "", IntSource.taint())); // $hasTaintFlow
|
||||
sink(new Cookie(taint(), "", "", "")); // $hasTaintFlow
|
||||
sink(new Cookie("", taint(), "", "")); // $hasTaintFlow
|
||||
sink(new Cookie("", "", taint(), "")); // $hasTaintFlow
|
||||
sink(new Cookie("", "", "", taint())); // $hasTaintFlow
|
||||
sink(new Cookie(taint(), "")); // $hasTaintFlow
|
||||
sink(new Cookie("", taint())); // $hasTaintFlow
|
||||
sink(Cookie.valueOf(taint())); // $hasTaintFlow
|
||||
sink(Cookie.valueOf(taint()).getDomain()); // $hasTaintFlow
|
||||
sink(Cookie.valueOf(taint()).getName()); // $hasTaintFlow
|
||||
sink(Cookie.valueOf(taint()).getPath()); // $hasTaintFlow
|
||||
sink(Cookie.valueOf(taint()).getValue()); // $hasTaintFlow
|
||||
sink(Cookie.valueOf(taint()).getVersion()); // $hasTaintFlow
|
||||
sink(Cookie.valueOf(taint()).toString()); // $hasTaintFlow
|
||||
}
|
||||
|
||||
void testForm(MultivaluedMap<String, String> mm1, MultivaluedMap<String, String> mm2) {
|
||||
sink(new Form(taint(), "")); // $hasTaintFlow
|
||||
sink(new Form("", taint())); // $hasTaintFlow
|
||||
mm1.add(taint(), "value");
|
||||
sink(new Form(mm1)); // $hasTaintFlow
|
||||
mm2.add("key", taint());
|
||||
sink(new Form(mm2)); // $hasTaintFlow
|
||||
Form f1 = new Form(taint(), "");
|
||||
sink(f1.asMap()); // $hasTaintFlow
|
||||
Form f2 = new Form();
|
||||
sink(f2.param(taint(), "b")); // $hasTaintFlow
|
||||
Form f3 = new Form();
|
||||
sink(f3.param("a", taint())); // $hasTaintFlow
|
||||
Form f4 = new Form(taint(), "");
|
||||
sink(f4.param("a", "b")); // $hasTaintFlow
|
||||
}
|
||||
|
||||
void testGenericEntity() {
|
||||
Method m = DummyJakarta.class.getMethods()[0];
|
||||
GenericEntity<Set<String>> ge = new GenericEntity<Set<String>>(SetStringSource.taint(), m.getGenericReturnType());
|
||||
sink(ge); // $hasTaintFlow
|
||||
sink(ge.getEntity()); // $hasTaintFlow
|
||||
}
|
||||
|
||||
void testMediaType(Map<String, String> m) {
|
||||
sink(new MediaType(taint(), "")); // $hasTaintFlow
|
||||
sink(new MediaType("", taint())); // $hasTaintFlow
|
||||
sink(new MediaType(taint(), "", m)); // $hasTaintFlow
|
||||
sink(new MediaType("", taint(), m)); // $hasTaintFlow
|
||||
sink(new MediaType("", "", taint(m))); // $hasTaintFlow
|
||||
sink(new MediaType(taint(), "", "")); // $hasTaintFlow
|
||||
sink(new MediaType("", taint(), "")); // $hasTaintFlow
|
||||
sink(new MediaType("", "", taint())); // $hasTaintFlow
|
||||
sink(MediaType.valueOf(taint()).getParameters()); // $hasTaintFlow
|
||||
sink(MediaType.valueOf(taint()).getSubtype()); // $hasTaintFlow
|
||||
sink(MediaType.valueOf(taint()).getType()); // $hasTaintFlow
|
||||
sink(MediaType.valueOf(taint())); // $hasTaintFlow
|
||||
}
|
||||
|
||||
void testUriBuilder() throws Exception {
|
||||
sink(UriBuilder.fromPath("").build(taint())); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").build("", taint())); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").build(taint(), false)); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").build("", taint(), true)); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).build("")); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).build("", false)); // $hasTaintFlow
|
||||
|
||||
sink(UriBuilder.fromPath("").buildFromEncoded(taint())); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").buildFromEncoded("", taint())); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).buildFromEncoded("")); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").buildFromEncodedMap(taint(new HashMap<String, String>()))); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).buildFromEncodedMap(new HashMap<String, String>())); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").buildFromMap(taint(new HashMap<String, String>()), false)); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).buildFromMap(new HashMap<String, String>(), true)); // $hasTaintFlow
|
||||
|
||||
sink(UriBuilder.fromPath(taint()).clone()); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").fragment(taint())); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).fragment("")); // $hasTaintFlow
|
||||
sink(UriBuilder.fromLink(taint(Link.valueOf("")))); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint())); // $hasTaintFlow
|
||||
sink(UriBuilder.fromUri(taint())); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").host(taint())); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).host("")); // $hasTaintFlow
|
||||
|
||||
sink(UriBuilder.fromPath("").matrixParam(taint(), "")); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").matrixParam("", "", taint())); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).matrixParam("", "")); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").path(taint(DummyJakarta.class))); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").path(DummyJakarta.class, taint())); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).path(DummyJakarta.class)); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").queryParam(taint(), "")); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").queryParam("", "", taint())); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).queryParam("", "")); // $hasTaintFlow
|
||||
|
||||
sink(UriBuilder.fromPath("").replaceMatrix(taint())); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).replaceMatrix("")); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").replaceMatrixParam(taint(), "")); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").replaceMatrixParam("", "", taint())); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).replaceMatrixParam("", "")); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").replacePath(taint())); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).replacePath("")); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").replaceQuery(taint())); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).replaceQuery("")); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").replaceQueryParam(taint(), "")); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").replaceQueryParam("", "", taint())); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).replaceQueryParam("", "")); // $hasTaintFlow
|
||||
|
||||
sink(UriBuilder.fromPath("").resolveTemplate(taint(), "")); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").resolveTemplate(taint(), "", false)); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").resolveTemplate("", taint())); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").resolveTemplate("", taint(), true)); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).resolveTemplate("", "")); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).resolveTemplate("", "", false)); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").resolveTemplateFromEncoded(taint(), "")); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").resolveTemplateFromEncoded("", taint())); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).resolveTemplateFromEncoded("", "")); // $hasTaintFlow
|
||||
|
||||
sink(UriBuilder.fromPath("").resolveTemplates(taint(new HashMap<String, Object>()))); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").resolveTemplates(taint(new HashMap<String, Object>()), true)); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).resolveTemplates(new HashMap<String, Object>())); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).resolveTemplates(new HashMap<String, Object>(), false)); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").resolveTemplatesFromEncoded(taint(new HashMap<String, Object>()))); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).resolveTemplatesFromEncoded(new HashMap<String, Object>())); // $hasTaintFlow
|
||||
|
||||
sink(UriBuilder.fromPath("").scheme(taint())); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).scheme("")); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").schemeSpecificPart(taint())); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).schemeSpecificPart("")); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").segment(taint(), "")); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").segment("", "", taint())); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).segment("", "")); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).toTemplate()); // $hasTaintFlow
|
||||
|
||||
sink(UriBuilder.fromPath("").uri(taint())); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).uri("")); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").uri(UriSource.taint())); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).uri(new URI(""))); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath("").userInfo(taint())); // $hasTaintFlow
|
||||
sink(UriBuilder.fromPath(taint()).userInfo("")); // $hasTaintFlow
|
||||
}
|
||||
}
|
||||
|
||||
class DummyJakarta {
|
||||
private static Set<String> foo() { return null; }
|
||||
}
|
||||
@@ -1,11 +1,19 @@
|
||||
edges
|
||||
| UrlRedirect.java:10:32:10:61 | getParameter(...) : String | UrlRedirect.java:10:24:10:62 | new URI(...) |
|
||||
| UrlRedirect.java:13:41:13:70 | getParameter(...) : String | UrlRedirect.java:13:33:13:71 | new URI(...) |
|
||||
| UrlRedirectJakarta.java:10:32:10:61 | getParameter(...) : String | UrlRedirectJakarta.java:10:24:10:62 | new URI(...) |
|
||||
| UrlRedirectJakarta.java:13:41:13:70 | getParameter(...) : String | UrlRedirectJakarta.java:13:33:13:71 | new URI(...) |
|
||||
| UrlRedirectJax.java:10:32:10:61 | getParameter(...) : String | UrlRedirectJax.java:10:24:10:62 | new URI(...) |
|
||||
| UrlRedirectJax.java:13:41:13:70 | getParameter(...) : String | UrlRedirectJax.java:13:33:13:71 | new URI(...) |
|
||||
nodes
|
||||
| UrlRedirect.java:10:24:10:62 | new URI(...) | semmle.label | new URI(...) |
|
||||
| UrlRedirect.java:10:32:10:61 | getParameter(...) : String | semmle.label | getParameter(...) : String |
|
||||
| UrlRedirect.java:13:33:13:71 | new URI(...) | semmle.label | new URI(...) |
|
||||
| UrlRedirect.java:13:41:13:70 | getParameter(...) : String | semmle.label | getParameter(...) : String |
|
||||
| UrlRedirectJakarta.java:10:24:10:62 | new URI(...) | semmle.label | new URI(...) |
|
||||
| UrlRedirectJakarta.java:10:32:10:61 | getParameter(...) : String | semmle.label | getParameter(...) : String |
|
||||
| UrlRedirectJakarta.java:13:33:13:71 | new URI(...) | semmle.label | new URI(...) |
|
||||
| UrlRedirectJakarta.java:13:41:13:70 | getParameter(...) : String | semmle.label | getParameter(...) : String |
|
||||
| UrlRedirectJax.java:10:24:10:62 | new URI(...) | semmle.label | new URI(...) |
|
||||
| UrlRedirectJax.java:10:32:10:61 | getParameter(...) : String | semmle.label | getParameter(...) : String |
|
||||
| UrlRedirectJax.java:13:33:13:71 | new URI(...) | semmle.label | new URI(...) |
|
||||
| UrlRedirectJax.java:13:41:13:70 | getParameter(...) : String | semmle.label | getParameter(...) : String |
|
||||
#select
|
||||
| UrlRedirect.java:10:24:10:62 | new URI(...) | UrlRedirect.java:10:32:10:61 | getParameter(...) : String | UrlRedirect.java:10:24:10:62 | new URI(...) | Potentially untrusted URL redirection due to $@. | UrlRedirect.java:10:32:10:61 | getParameter(...) | user-provided value |
|
||||
| UrlRedirect.java:13:33:13:71 | new URI(...) | UrlRedirect.java:13:41:13:70 | getParameter(...) : String | UrlRedirect.java:13:33:13:71 | new URI(...) | Potentially untrusted URL redirection due to $@. | UrlRedirect.java:13:41:13:70 | getParameter(...) | user-provided value |
|
||||
| UrlRedirectJakarta.java:10:24:10:62 | new URI(...) | UrlRedirectJakarta.java:10:32:10:61 | getParameter(...) : String | UrlRedirectJakarta.java:10:24:10:62 | new URI(...) | Potentially untrusted URL redirection due to $@. | UrlRedirectJakarta.java:10:32:10:61 | getParameter(...) | user-provided value |
|
||||
| UrlRedirectJakarta.java:13:33:13:71 | new URI(...) | UrlRedirectJakarta.java:13:41:13:70 | getParameter(...) : String | UrlRedirectJakarta.java:13:33:13:71 | new URI(...) | Potentially untrusted URL redirection due to $@. | UrlRedirectJakarta.java:13:41:13:70 | getParameter(...) | user-provided value |
|
||||
| UrlRedirectJax.java:10:24:10:62 | new URI(...) | UrlRedirectJax.java:10:32:10:61 | getParameter(...) : String | UrlRedirectJax.java:10:24:10:62 | new URI(...) | Potentially untrusted URL redirection due to $@. | UrlRedirectJax.java:10:32:10:61 | getParameter(...) | user-provided value |
|
||||
| UrlRedirectJax.java:13:33:13:71 | new URI(...) | UrlRedirectJax.java:13:41:13:70 | getParameter(...) : String | UrlRedirectJax.java:13:33:13:71 | new URI(...) | Potentially untrusted URL redirection due to $@. | UrlRedirectJax.java:13:41:13:70 | getParameter(...) | user-provided value |
|
||||
|
||||
@@ -0,0 +1,15 @@
|
||||
import java.io.IOException;
|
||||
import java.net.URI;
|
||||
import javax.servlet.http.HttpServlet;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import jakarta.ws.rs.core.Response;
|
||||
|
||||
public class UrlRedirectJakarta extends HttpServlet {
|
||||
protected void doGetJax(HttpServletRequest request, Response jaxResponse) throws Exception {
|
||||
// BAD
|
||||
jaxResponse.seeOther(new URI(request.getParameter("target")));
|
||||
|
||||
// BAD
|
||||
jaxResponse.temporaryRedirect(new URI(request.getParameter("target")));
|
||||
}
|
||||
}
|
||||
@@ -1 +1 @@
|
||||
//semmle-extractor-options: --javac-args -cp ${testdir}/../../../stubs/javax-ws-rs-api-2.1.1:${testdir}/../../../stubs/jsr311-api-1.1.1:${testdir}/../../../stubs/jsr181-api:${testdir}/../../../stubs/jaxws-api-2.0:${testdir}/../../../stubs/servlet-api-2.4
|
||||
//semmle-extractor-options: --javac-args -cp ${testdir}/../../../stubs/javax-ws-rs-api-2.1.1:${testdir}/../../../stubs/javax-ws-rs-api-3.0.0:${testdir}/../../../stubs/jsr311-api-1.1.1:${testdir}/../../../stubs/jsr181-api:${testdir}/../../../stubs/jaxws-api-2.0:${testdir}/../../../stubs/servlet-api-2.4
|
||||
|
||||
Reference in New Issue
Block a user