hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-24 08:07:07 +02:00
Code Issues Packages Projects Releases Wiki Activity

Make ApacheHttpClientExecuteSSRF setup runtime-valid

Browse Source
This commit is contained in:
copilot-swe-agent[bot]
2026-05-22 12:48:56 +00:00
committed by GitHub
parent dc864762c3
commit d7659a01fb
1 changed files with 154 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

156
java/ql/test/query-tests/security/CWE-918/ApacheHttpClientExecuteSSRF.java
View File

@@ -1,11 +1,18 @@
import java.io.IOException;
import java.net.URI;
import org.apache.http.Header;
import org.apache.http.HeaderIterator;
import org.apache.http.HttpHost;
import org.apache.http.HttpRequest;
import org.apache.http.HttpResponse;
import org.apache.http.ProtocolVersion;
import org.apache.http.RequestLine;
import org.apache.http.client.HttpClient;
import org.apache.http.client.ResponseHandler;
import org.apache.http.client.methods.HttpUriRequest;
import org.apache.http.message.BasicHttpRequest;
import org.apache.http.params.HttpParams;
import org.apache.http.protocol.HttpContext;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
@@ -22,9 +29,154 @@ public class ApacheHttpClientExecuteSSRF extends HttpServlet {
HttpHost host = new HttpHost(sink);
HttpRequest req = new BasicHttpRequest("GET", "/");
HttpUriRequest uriReq = (HttpUriRequest) (Object) sink;
HttpUriRequest uriReq = new HttpUriRequest() {
@Override
public String getMethod() {
return "GET";
}
@Override
public URI getURI() {
return URI.create("https://" + sink);
}
@Override
public void abort() throws UnsupportedOperationException {
}
@Override
public boolean isAborted() {
return false;
}
@Override
public RequestLine getRequestLine() {
return null;
}
@Override
public ProtocolVersion getProtocolVersion() {
return null;
}
@Override
public boolean containsHeader(String name) {
return false;
}
@Override
public Header[] getHeaders(String name) {
return null;
}
@Override
public Header getFirstHeader(String name) {
return null;
}
@Override
public Header getLastHeader(String name) {
return null;
}
@Override
public Header[] getAllHeaders() {
return null;
}
@Override
public void addHeader(Header header) {
}
@Override
public void addHeader(String name, String value) {
}
@Override
public void setHeader(Header header) {
}
@Override
public void setHeader(String name, String value) {
}
@Override
public void setHeaders(Header[] headers) {
}
@Override
public void removeHeader(Header header) {
}
@Override
public void removeHeaders(String name) {
}
@Override
public HeaderIterator headerIterator() {
return null;
}
@Override
public HeaderIterator headerIterator(String name) {
return null;
}
@Override
public HttpParams getParams() {
return null;
}
@Override
public void setParams(HttpParams params) {
}
};
HttpContext context = null;
HttpClient client = null;
HttpClient client = new HttpClient() {
@Override
public HttpResponse execute(HttpHost target, HttpRequest request) throws IOException {
return null;
}
@Override
public HttpResponse execute(HttpHost target, HttpRequest request, HttpContext context) throws IOException {
return null;
}
@Override
public <T> T execute(HttpHost target, HttpRequest request, ResponseHandler<? extends T> responseHandler)
throws IOException {
return null;
}
@Override
public <T> T execute(HttpHost target, HttpRequest request, ResponseHandler<? extends T> responseHandler,
HttpContext context) throws IOException {
return null;
}
@Override
public HttpResponse execute(HttpUriRequest request) throws IOException {
return null;
}
@Override
public HttpResponse execute(HttpUriRequest request, HttpContext context) throws IOException {
return null;
}
@Override
public <T> T execute(HttpUriRequest request, ResponseHandler<? extends T> responseHandler)
throws IOException {
return null;
}
@Override
public <T> T execute(HttpUriRequest request, ResponseHandler<? extends T> responseHandler,
HttpContext context) throws IOException {
return null;
}
};
ResponseHandler<Object> handler = null;
client.execute(host, req); // $ Alert