mirror of
https://github.com/github/codeql.git
synced 2026-05-01 19:55:15 +02:00
Merge branch 'main' into feat/JLL/depricated_bintray_usage
This commit is contained in:
Jonathan Leitschuh
@@ -3,7 +3,7 @@ import java.nio.file.*;
|
||||
import java.util.zip.*;
|
||||
|
||||
public class ZipTest {
|
||||
public void m1(ZipEntry entry, File dir) {
|
||||
public void m1(ZipEntry entry, File dir) throws Exception {
|
||||
String name = entry.getName();
|
||||
File file = new File(dir, name);
|
||||
FileOutputStream os = new FileOutputStream(file); // ZipSlip
|
||||
@@ -11,7 +11,7 @@ public class ZipTest {
|
||||
FileWriter fw = new FileWriter(file); // ZipSlip
|
||||
}
|
||||
|
||||
public void m2(ZipEntry entry, File dir) {
|
||||
public void m2(ZipEntry entry, File dir) throws Exception {
|
||||
String name = entry.getName();
|
||||
File file = new File(dir, name);
|
||||
File canFile = file.getCanonicalFile();
|
||||
@@ -21,7 +21,7 @@ public class ZipTest {
|
||||
FileOutputStream os = new FileOutputStream(file); // OK
|
||||
}
|
||||
|
||||
public void m3(ZipEntry entry, File dir) {
|
||||
public void m3(ZipEntry entry, File dir) throws Exception {
|
||||
String name = entry.getName();
|
||||
File file = new File(dir, name);
|
||||
if (!file.toPath().normalize().startsWith(dir.toPath()))
|
||||
@@ -29,20 +29,20 @@ public class ZipTest {
|
||||
FileOutputStream os = new FileOutputStream(file); // OK
|
||||
}
|
||||
|
||||
private void validate(File tgtdir, File file) {
|
||||
private void validate(File tgtdir, File file) throws Exception {
|
||||
File canFile = file.getCanonicalFile();
|
||||
if (!canFile.toPath().startsWith(tgtdir.toPath()))
|
||||
throw new Exception();
|
||||
}
|
||||
|
||||
public void m4(ZipEntry entry, File dir) {
|
||||
public void m4(ZipEntry entry, File dir) throws Exception {
|
||||
String name = entry.getName();
|
||||
File file = new File(dir, name);
|
||||
validate(dir, file);
|
||||
FileOutputStream os = new FileOutputStream(file); // OK
|
||||
}
|
||||
|
||||
public void m5(ZipEntry entry, File dir) {
|
||||
public void m5(ZipEntry entry, File dir) throws Exception {
|
||||
String name = entry.getName();
|
||||
File file = new File(dir, name);
|
||||
Path absfile = file.toPath().toAbsolutePath().normalize();
|
||||
@@ -52,7 +52,7 @@ public class ZipTest {
|
||||
FileOutputStream os = new FileOutputStream(file); // OK
|
||||
}
|
||||
|
||||
public void m6(ZipEntry entry, Path dir) {
|
||||
public void m6(ZipEntry entry, Path dir) throws Exception {
|
||||
String canonicalDest = dir.toFile().getCanonicalPath();
|
||||
Path target = dir.resolve(entry.getName());
|
||||
String canonicalTarget = target.toFile().getCanonicalPath();
|
||||
|
||||
@@ -3,7 +3,7 @@ import java.util.List;
|
||||
import java.util.ArrayList;
|
||||
|
||||
class Test {
|
||||
public static void shellCommand(String arg) {
|
||||
public static void shellCommand(String arg) throws java.io.IOException {
|
||||
ProcessBuilder pb = new ProcessBuilder("/bin/bash -c echo " + arg);
|
||||
pb.start();
|
||||
|
||||
@@ -25,7 +25,7 @@ class Test {
|
||||
pb.start();
|
||||
}
|
||||
|
||||
public static void nonShellCommand(String arg) {
|
||||
public static void nonShellCommand(String arg) throws java.io.IOException {
|
||||
ProcessBuilder pb = new ProcessBuilder("./customTool " + arg);
|
||||
pb.start();
|
||||
|
||||
@@ -46,7 +46,7 @@ class Test {
|
||||
pb.start();
|
||||
}
|
||||
|
||||
public static void relativeCommand() {
|
||||
public static void relativeCommand() throws java.io.IOException {
|
||||
ProcessBuilder pb = new ProcessBuilder("ls");
|
||||
pb.start();
|
||||
|
||||
@@ -54,11 +54,11 @@ class Test {
|
||||
pb.start();
|
||||
}
|
||||
|
||||
public static void main(String[] args) {
|
||||
public static void main(String[] args) throws java.io.IOException {
|
||||
String arg = args.length > 1 ? args[1] : "default";
|
||||
|
||||
shellCommand(arg);
|
||||
nonShellCommand(arg);
|
||||
relativeCommand();
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -66,7 +66,7 @@ public class UnsafeHostnameVerification {
|
||||
HostnameVerifier verifier = new HostnameVerifier() {
|
||||
@Override
|
||||
public boolean verify(String hostname, SSLSession session) {
|
||||
verify(hostname, session.getPeerCertificates());
|
||||
try { verify(hostname, session.getPeerCertificates()); } catch (Exception e) { throw new RuntimeException(); }
|
||||
return true; // GOOD [but detected as BAD]. The verification of the certificate is done in
|
||||
// another method and
|
||||
// in the case of a mismatch, an `Exception` is thrown so the `return true`
|
||||
|
||||
@@ -3,7 +3,7 @@ import javax.net.ssl.HttpsURLConnection;
|
||||
import java.io.*;
|
||||
|
||||
class Test {
|
||||
public void m1(HttpURLConnection connection) {
|
||||
public void m1(HttpURLConnection connection) throws java.io.IOException {
|
||||
InputStream input;
|
||||
if (connection instanceof HttpsURLConnection) {
|
||||
input = connection.getInputStream(); // OK
|
||||
|
||||
@@ -31,7 +31,7 @@ class Test {
|
||||
return true;
|
||||
}
|
||||
|
||||
public void doConnect(int desiredPort, String username) {
|
||||
public void doConnect(int desiredPort, String username) throws Exception {
|
||||
ServerSocket listenSocket = new ServerSocket(desiredPort);
|
||||
|
||||
if (isAuthenticated(username)) {
|
||||
@@ -56,7 +56,7 @@ class Test {
|
||||
|
||||
}
|
||||
|
||||
public void doConnectChannel(int desiredPort, String username) {
|
||||
public void doConnectChannel(int desiredPort, String username) throws Exception {
|
||||
ServerSocketChannel listenChannel = ServerSocketChannel.open();
|
||||
SocketAddress port = new InetSocketAddress(desiredPort);
|
||||
listenChannel.bind(port);
|
||||
|
||||
@@ -9,32 +9,32 @@ import org.yaml.snakeyaml.constructor.Constructor;
|
||||
import org.yaml.snakeyaml.Yaml;
|
||||
|
||||
public class A {
|
||||
public Object deserialize1(Socket sock) {
|
||||
public Object deserialize1(Socket sock) throws java.io.IOException, ClassNotFoundException {
|
||||
InputStream inputStream = sock.getInputStream();
|
||||
ObjectInputStream in = new ObjectInputStream(inputStream);
|
||||
return in.readObject(); // unsafe
|
||||
}
|
||||
|
||||
public Object deserialize2(Socket sock) {
|
||||
public Object deserialize2(Socket sock) throws java.io.IOException, ClassNotFoundException {
|
||||
InputStream inputStream = sock.getInputStream();
|
||||
ObjectInputStream in = new ObjectInputStream(inputStream);
|
||||
return in.readUnshared(); // unsafe
|
||||
}
|
||||
|
||||
public Object deserialize3(Socket sock) {
|
||||
public Object deserialize3(Socket sock) throws java.io.IOException {
|
||||
InputStream inputStream = sock.getInputStream();
|
||||
XMLDecoder d = new XMLDecoder(inputStream);
|
||||
return d.readObject(); // unsafe
|
||||
}
|
||||
|
||||
public Object deserialize4(Socket sock) {
|
||||
public Object deserialize4(Socket sock) throws java.io.IOException {
|
||||
XStream xs = new XStream();
|
||||
InputStream inputStream = sock.getInputStream();
|
||||
Reader reader = new InputStreamReader(inputStream);
|
||||
return xs.fromXML(reader); // unsafe
|
||||
}
|
||||
|
||||
public void deserialize5(Socket sock) {
|
||||
public void deserialize5(Socket sock) throws java.io.IOException {
|
||||
Kryo kryo = new Kryo();
|
||||
Input input = new Input(sock.getInputStream());
|
||||
A a1 = kryo.readObject(input, A.class); // unsafe
|
||||
@@ -42,20 +42,20 @@ public class A {
|
||||
Object o = kryo.readClassAndObject(input); // unsafe
|
||||
}
|
||||
|
||||
private Kryo getSafeKryo() {
|
||||
private Kryo getSafeKryo() throws java.io.IOException {
|
||||
Kryo kryo = new Kryo();
|
||||
kryo.setRegistrationRequired(true);
|
||||
// ... kryo.register(A.class) ...
|
||||
return kryo;
|
||||
}
|
||||
|
||||
public void deserialize6(Socket sock) {
|
||||
public void deserialize6(Socket sock) throws java.io.IOException {
|
||||
Kryo kryo = getSafeKryo();
|
||||
Input input = new Input(sock.getInputStream());
|
||||
Object o = kryo.readClassAndObject(input); // OK
|
||||
}
|
||||
|
||||
public void deserializeSnakeYaml(Socket sock) {
|
||||
public void deserializeSnakeYaml(Socket sock) throws java.io.IOException {
|
||||
Yaml yaml = new Yaml();
|
||||
InputStream input = sock.getInputStream();
|
||||
Object o = yaml.load(input); //unsafe
|
||||
@@ -65,7 +65,7 @@ public class A {
|
||||
A o5 = yaml.loadAs(new InputStreamReader(input), A.class); //unsafe
|
||||
}
|
||||
|
||||
public void deserializeSnakeYaml2(Socket sock) {
|
||||
public void deserializeSnakeYaml2(Socket sock) throws java.io.IOException {
|
||||
Yaml yaml = new Yaml(new Constructor());
|
||||
InputStream input = sock.getInputStream();
|
||||
Object o = yaml.load(input); //unsafe
|
||||
@@ -75,7 +75,7 @@ public class A {
|
||||
A o5 = yaml.loadAs(new InputStreamReader(input), A.class); //unsafe
|
||||
}
|
||||
|
||||
public void deserializeSnakeYaml3(Socket sock) {
|
||||
public void deserializeSnakeYaml3(Socket sock) throws java.io.IOException {
|
||||
Yaml yaml = new Yaml(new SafeConstructor());
|
||||
InputStream input = sock.getInputStream();
|
||||
Object o = yaml.load(input); //OK
|
||||
@@ -85,7 +85,7 @@ public class A {
|
||||
A o5 = yaml.loadAs(new InputStreamReader(input), A.class); //OK
|
||||
}
|
||||
|
||||
public void deserializeSnakeYaml4(Socket sock) {
|
||||
public void deserializeSnakeYaml4(Socket sock) throws java.io.IOException {
|
||||
Yaml yaml = new Yaml(new Constructor(A.class));
|
||||
InputStream input = sock.getInputStream();
|
||||
Object o = yaml.load(input); //OK
|
||||
|
||||
@@ -3,19 +3,19 @@ import java.net.Socket;
|
||||
import com.alibaba.fastjson.JSON;
|
||||
|
||||
public class B {
|
||||
public Object deserializeJson1(Socket sock) {
|
||||
public Object deserializeJson1(Socket sock) throws java.io.IOException {
|
||||
InputStream inputStream = sock.getInputStream();
|
||||
return JSON.parseObject(inputStream, null); // unsafe
|
||||
}
|
||||
|
||||
public Object deserializeJson2(Socket sock) {
|
||||
public Object deserializeJson2(Socket sock) throws java.io.IOException {
|
||||
InputStream inputStream = sock.getInputStream();
|
||||
byte[] bytes = new byte[100];
|
||||
inputStream.read(bytes);
|
||||
return JSON.parse(bytes); // unsafe
|
||||
}
|
||||
|
||||
public Object deserializeJson3(Socket sock) {
|
||||
public Object deserializeJson3(Socket sock) throws java.io.IOException {
|
||||
InputStream inputStream = sock.getInputStream();
|
||||
byte[] bytes = new byte[100];
|
||||
inputStream.read(bytes);
|
||||
@@ -23,7 +23,7 @@ public class B {
|
||||
return JSON.parseObject(s); // unsafe
|
||||
}
|
||||
|
||||
public Object deserializeJson4(Socket sock) {
|
||||
public Object deserializeJson4(Socket sock) throws java.io.IOException {
|
||||
InputStream inputStream = sock.getInputStream();
|
||||
byte[] bytes = new byte[100];
|
||||
inputStream.read(bytes);
|
||||
|
||||
@@ -102,7 +102,7 @@ class DocumentBuilderTests {
|
||||
builder.parse(source.getInputStream()); //unsafe
|
||||
}
|
||||
|
||||
private static DocumentBuilderFactory getDocumentBuilderFactory() {
|
||||
private static DocumentBuilderFactory getDocumentBuilderFactory() throws Exception {
|
||||
DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance();
|
||||
String feature = "";
|
||||
feature = "http://xml.org/sax/features/external-parameter-entities";
|
||||
@@ -115,8 +115,8 @@ class DocumentBuilderTests {
|
||||
private static final ThreadLocal<DocumentBuilder> XML_DOCUMENT_BUILDER = new ThreadLocal<DocumentBuilder>() {
|
||||
@Override
|
||||
protected DocumentBuilder initialValue() {
|
||||
DocumentBuilderFactory factory = getDocumentBuilderFactory();
|
||||
try {
|
||||
DocumentBuilderFactory factory = getDocumentBuilderFactory();
|
||||
return factory.newDocumentBuilder();
|
||||
} catch (Exception ex) {
|
||||
throw new RuntimeException(ex);
|
||||
|
||||
@@ -31,11 +31,11 @@ class Test {
|
||||
new FileInputStream(f2);
|
||||
}
|
||||
|
||||
public static void readFile(File f) {
|
||||
public static void readFile(File f) throws java.io.FileNotFoundException {
|
||||
new FileReader(f);
|
||||
}
|
||||
|
||||
public static void setWorldWritable(File f) {
|
||||
f.setWritable(true, false);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
| MethodAccessLockOrder.java:29:4:29:40 | transferFrom(...) | Synchronization here and $@ may be performed in reverse order starting $@ and result in deadlock. | MethodAccessLockOrder.java:8:21:8:41 | subtract(...) | here | MethodAccessLockOrder.java:31:4:31:40 | transferFrom(...) | here |
|
||||
| MethodAccessLockOrder.java:29:11:29:47 | transferFrom(...) | Synchronization here and $@ may be performed in reverse order starting $@ and result in deadlock. | MethodAccessLockOrder.java:8:21:8:41 | subtract(...) | here | MethodAccessLockOrder.java:31:11:31:47 | transferFrom(...) | here |
|
||||
| ReentrantLockOrder.java:11:4:11:21 | lock(...) | Synchronization here and $@ may be performed in reverse order starting $@ and result in deadlock. | ReentrantLockOrder.java:12:4:12:21 | lock(...) | here | ReentrantLockOrder.java:28:4:28:21 | lock(...) | here |
|
||||
| ReentrantLockOrder.java:28:4:28:21 | lock(...) | Synchronization here and $@ may be performed in reverse order starting $@ and result in deadlock. | ReentrantLockOrder.java:29:4:29:21 | lock(...) | here | ReentrantLockOrder.java:11:4:11:21 | lock(...) | here |
|
||||
| SynchronizedStmtLockOrder.java:8:16:8:26 | primaryLock | Synchronization here and $@ may be performed in reverse order starting $@ and result in deadlock. | SynchronizedStmtLockOrder.java:9:17:9:27 | savingsLock | here | SynchronizedStmtLockOrder.java:22:16:22:26 | savingsLock | here |
|
||||
|
||||
@@ -26,9 +26,9 @@ class MethodAccessLockOrder {
|
||||
public boolean initiateTransfer(boolean fromSavings, int amount) {
|
||||
// AVOID: inconsistent lock order
|
||||
if (fromSavings) {
|
||||
primary.transferFrom(savings, amount);
|
||||
return primary.transferFrom(savings, amount);
|
||||
} else {
|
||||
savings.transferFrom(primary, amount);
|
||||
return savings.transferFrom(primary, amount);
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user