hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-30 11:15:13 +02:00
Code Issues Packages Projects Releases Wiki Activity

Java: Inline expectation should have space after $

Browse Source 
This was a regex-find-replace from `// \$(?! )` (using a negative lookahead) to `// $ `.
This commit is contained in:
Owen Mansel-Chan
2026-03-03 14:56:35 +00:00
parent 219ea28217
commit ef345a3279
87 changed files with 2744 additions and 2746 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
java/ql/test/library-tests/dataflow/entrypoint-types/EntryPointTypesTest.java
View File

@@ -48,34 +48,34 @@ public class EntryPointTypesTest {
private static void sink(String sink) {}
public static void test(TestObject source) {
sink(source.field1); // $hasTaintFlow
sink(source.getField2()); // $hasTaintFlow
sink(source.getField3().field4); // $hasTaintFlow
sink(source.getField3().getField5()); // $hasTaintFlow
sink(source.field1); // $ hasTaintFlow
sink(source.getField2()); // $ hasTaintFlow
sink(source.getField3().field4); // $ hasTaintFlow
sink(source.getField3().getField5()); // $ hasTaintFlow
}
public static void testParameterized(
ParameterizedTestObject<TestObject, AnotherTestObject> source) {
sink(source.field6); // $hasTaintFlow
sink(source.field7.field1); // $hasTaintFlow
sink(source.field7.getField2()); // $hasTaintFlow
sink(source.getField8().field4); // $hasTaintFlow
sink(source.getField8().getField5()); // $hasTaintFlow
sink(source.field6); // $ hasTaintFlow
sink(source.field7.field1); // $ hasTaintFlow
sink(source.field7.getField2()); // $ hasTaintFlow
sink(source.getField8().field4); // $ hasTaintFlow
sink(source.getField8().getField5()); // $ hasTaintFlow
}
public static void testSubtype(ParameterizedTestObject<?, ?> source) {
ChildObject subtypeSource = (ChildObject) source;
sink(subtypeSource.field6); // $hasTaintFlow
sink(subtypeSource.field7.field1); // $hasTaintFlow
sink(subtypeSource.field7.getField2()); // $hasTaintFlow
sink((String) subtypeSource.getField8()); // $hasTaintFlow
sink((String) subtypeSource.field9); // $hasTaintFlow
sink(subtypeSource.field6); // $ hasTaintFlow
sink(subtypeSource.field7.field1); // $ hasTaintFlow
sink(subtypeSource.field7.getField2()); // $ hasTaintFlow
sink((String) subtypeSource.getField8()); // $ hasTaintFlow
sink((String) subtypeSource.field9); // $ hasTaintFlow
// Ensure that we are not tainting every subclass of Object
UnrelatedObject unrelated = (UnrelatedObject) subtypeSource.getField8();
sink(unrelated.safeField); // Safe
}
public static void testArray(ArrayElemObject[] source) {
sink(source[0].field); // $hasTaintFlow
sink(source[0].field); // $ hasTaintFlow
}
}

10
java/ql/test/library-tests/dataflow/fluent-methods/Test.java
View File

@@ -42,31 +42,31 @@ public class Test {
public static void test1() {
Test t = new Test();
t.fluentNoop().fluentSet(source()).fluentNoop();
sink(t.get()); // $hasValueFlow
sink(t.get()); // $ hasValueFlow
}
public static void test2() {
Test t = new Test();
Test.identity(t).fluentNoop().fluentSet(source()).fluentNoop();
sink(t.get()); // $hasValueFlow
sink(t.get()); // $ hasValueFlow
}
public static void test3() {
Test t = new Test();
t.indirectlyFluentNoop().fluentSet(source()).fluentNoop();
sink(t.get()); // $hasValueFlow
sink(t.get()); // $ hasValueFlow
}
public static void testModel1() {
Test t = new Test();
t.indirectlyFluentNoop().modelledFluentMethod().fluentSet(source()).fluentNoop();
sink(t.get()); // $hasValueFlow
sink(t.get()); // $ hasValueFlow
}
public static void testModel2() {
Test t = new Test();
Test.modelledIdentity(t).indirectlyFluentNoop().modelledFluentMethod().fluentSet(source()).fluentNoop();
sink(t.get()); // $hasValueFlow
sink(t.get()); // $ hasValueFlow
}
}

32
java/ql/test/library-tests/dataflow/taintsources/A.java
View File

@@ -18,40 +18,40 @@ public class A {
private static void sink(Object o) {}
public static void main(String[] args) {
sink(args); // $hasLocalValueFlow
sink(args[0]); // $hasLocalTaintFlow
sink(args); // $ hasLocalValueFlow
sink(args[0]); // $ hasLocalTaintFlow
}
public static void userInput() throws SQLException, IOException, MalformedURLException {
sink(System.getenv("test")); // $hasLocalValueFlow
sink(System.getenv("test")); // $ hasLocalValueFlow
class TestServlet extends HttpServlet {
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp)
throws ServletException, IOException {
sink(req.getParameter("test")); // $hasRemoteValueFlow
sink(req.getHeader("test")); // $hasRemoteValueFlow
sink(req.getQueryString()); // $hasRemoteValueFlow
sink(req.getCookies()[0].getValue()); // $hasRemoteValueFlow
sink(req.getParameter("test")); // $ hasRemoteValueFlow
sink(req.getHeader("test")); // $ hasRemoteValueFlow
sink(req.getQueryString()); // $ hasRemoteValueFlow
sink(req.getCookies()[0].getValue()); // $ hasRemoteValueFlow
}
}
sink(new Properties().getProperty("test")); // $hasLocalValueFlow
sink(System.getProperty("test")); // $hasLocalValueFlow
sink(new Properties().getProperty("test")); // $ hasLocalValueFlow
sink(System.getProperty("test")); // $ hasLocalValueFlow
new Object() {
public void test(ResultSet rs) throws SQLException {
sink(rs.getString(0)); // $hasLocalValueFlow
sink(rs.getString(0)); // $ hasLocalValueFlow
}
};
sink(new URL("test").openConnection().getInputStream()); // $hasRemoteValueFlow
sink(new Socket("test", 1234).getInputStream()); // $hasRemoteValueFlow
sink(InetAddress.getByName("test").getHostName()); // $hasReverseDnsValueFlow
sink(new URL("test").openConnection().getInputStream()); // $ hasRemoteValueFlow
sink(new Socket("test", 1234).getInputStream()); // $ hasRemoteValueFlow
sink(InetAddress.getByName("test").getHostName()); // $ hasReverseDnsValueFlow
sink(InetAddress.getLocalHost().getHostName());
sink(InetAddress.getLoopbackAddress().getHostName());
sink(InetAddress.getByName("test").getCanonicalHostName()); // $hasReverseDnsValueFlow
sink(InetAddress.getByName("test").getCanonicalHostName()); // $ hasReverseDnsValueFlow
sink(InetAddress.getLocalHost().getCanonicalHostName());
sink(InetAddress.getLoopbackAddress().getCanonicalHostName());
sink(System.in); // $hasLocalValueFlow
sink(new FileInputStream("test")); // $hasLocalValueFlow
sink(System.in); // $ hasLocalValueFlow
sink(new FileInputStream("test")); // $ hasLocalValueFlow
}
}

2
java/ql/test/library-tests/dataflow/taintsources/AndroidExposedObject.java
View File

@@ -6,6 +6,6 @@ public class AndroidExposedObject {
@JavascriptInterface
public void test(String arg) {
sink(arg); // $hasRemoteValueFlow
sink(arg); // $ hasRemoteValueFlow
}
}

12
java/ql/test/library-tests/dataflow/taintsources/Hudson.java
View File

@@ -6,11 +6,11 @@ public class Hudson {
public static void test() throws Exception {
FilePath fp = null;
sink(FilePath.newInputStreamDenyingSymlinkAsNeeded(null, null, null)); // $hasLocalValueFlow
sink(FilePath.openInputStream(null, null)); // $hasLocalValueFlow
sink(fp.read()); // $hasLocalValueFlow
sink(fp.read(null)); // $hasLocalValueFlow
sink(fp.readFromOffset(-1)); // $hasLocalValueFlow
sink(fp.readToString()); // $hasLocalValueFlow
sink(FilePath.newInputStreamDenyingSymlinkAsNeeded(null, null, null)); // $ hasLocalValueFlow
sink(FilePath.openInputStream(null, null)); // $ hasLocalValueFlow
sink(fp.read()); // $ hasLocalValueFlow
sink(fp.read(null)); // $ hasLocalValueFlow
sink(fp.readFromOffset(-1)); // $ hasLocalValueFlow
sink(fp.readToString()); // $ hasLocalValueFlow
}
}

8
java/ql/test/library-tests/dataflow/taintsources/IntentSourcesActivity.java
View File

@@ -9,21 +9,21 @@ public class IntentSourcesActivity extends Activity {
public void test() throws java.io.IOException {
String trouble = this.getIntent().getStringExtra("key");
sink(trouble); // $hasRemoteTaintFlow
sink(trouble); // $ hasRemoteTaintFlow
}
public void test2() throws java.io.IOException {
String trouble = getIntent().getStringExtra("key");
sink(trouble); // $hasRemoteTaintFlow
sink(trouble); // $ hasRemoteTaintFlow
}
public void test3() throws java.io.IOException {
String trouble = getIntent().getExtras().getString("key");
sink(trouble); // $hasRemoteTaintFlow
sink(trouble); // $ hasRemoteTaintFlow
}
}
@@ -34,7 +34,7 @@ class OtherClass {
public void test(IntentSourcesActivity is) throws java.io.IOException {
String trouble = is.getIntent().getStringExtra("key");
sink(trouble); // $hasRemoteTaintFlow
sink(trouble); // $ hasRemoteTaintFlow
}
}

2
java/ql/test/library-tests/dataflow/taintsources/RmiFlowImpl.java
View File

@@ -6,7 +6,7 @@ public class RmiFlowImpl implements RmiFlow {
public String listDirectory(String path) throws java.io.IOException {
String command = "ls " + path;
sink(command); // $hasRemoteTaintFlow
sink(command); // $ hasRemoteTaintFlow
return "pretend there are some results here";
}

24
java/ql/test/library-tests/dataflow/taintsources/SpringMultiPart.java
View File

@@ -7,21 +7,21 @@ public class SpringMultiPart {
private static void sink(Object o) {}
public void test() throws Exception {
sink(file.getBytes()); // $hasRemoteValueFlow
sink(file.getBytes()); // $ hasRemoteValueFlow
sink(file.isEmpty()); // Safe
sink(file.getInputStream()); // $hasRemoteValueFlow
sink(file.getResource()); // $hasRemoteValueFlow
sink(file.getName()); // $hasRemoteValueFlow
sink(file.getContentType()); // $hasRemoteValueFlow
sink(file.getOriginalFilename()); // $hasRemoteValueFlow
sink(file.getInputStream()); // $ hasRemoteValueFlow
sink(file.getResource()); // $ hasRemoteValueFlow
sink(file.getName()); // $ hasRemoteValueFlow
sink(file.getContentType()); // $ hasRemoteValueFlow
sink(file.getOriginalFilename()); // $ hasRemoteValueFlow
}
public void test(MultipartRequest request) {
sink(request.getFile("name"));// $hasRemoteValueFlow
sink(request.getFileMap());// $hasRemoteValueFlow
sink(request.getFileNames());// $hasRemoteValueFlow
sink(request.getFiles("name"));// $hasRemoteValueFlow
sink(request.getMultiFileMap());// $hasRemoteValueFlow
sink(request.getMultipartContentType("name")); // $hasRemoteValueFlow
sink(request.getFile("name"));// $ hasRemoteValueFlow
sink(request.getFileMap());// $ hasRemoteValueFlow
sink(request.getFileNames());// $ hasRemoteValueFlow
sink(request.getFiles("name"));// $ hasRemoteValueFlow
sink(request.getMultiFileMap());// $ hasRemoteValueFlow
sink(request.getMultipartContentType("name")); // $ hasRemoteValueFlow
}
}

24
java/ql/test/library-tests/dataflow/taintsources/SpringSavedRequest.java
View File

@@ -7,22 +7,22 @@ public class SpringSavedRequest {
private static void sink(Object o) {}
public void test() {
sink(sr.getRedirectUrl()); // $hasRemoteValueFlow
sink(sr.getCookies()); // $hasRemoteValueFlow
sink(sr.getHeaderValues("name")); // $hasRemoteValueFlow
sink(sr.getHeaderNames()); // $hasRemoteValueFlow
sink(sr.getParameterValues("name")); // $hasRemoteValueFlow
sink(sr.getParameterMap()); // $hasRemoteValueFlow
sink(sr.getRedirectUrl()); // $ hasRemoteValueFlow
sink(sr.getCookies()); // $ hasRemoteValueFlow
sink(sr.getHeaderValues("name")); // $ hasRemoteValueFlow
sink(sr.getHeaderNames()); // $ hasRemoteValueFlow
sink(sr.getParameterValues("name")); // $ hasRemoteValueFlow
sink(sr.getParameterMap()); // $ hasRemoteValueFlow
}
SimpleSavedRequest ssr;
public void test2() {
sink(ssr.getRedirectUrl()); // $hasRemoteValueFlow
sink(ssr.getCookies()); // $hasRemoteValueFlow
sink(ssr.getHeaderValues("name")); // $hasRemoteValueFlow
sink(ssr.getHeaderNames()); // $hasRemoteValueFlow
sink(ssr.getParameterValues("name")); // $hasRemoteValueFlow
sink(ssr.getParameterMap()); // $hasRemoteValueFlow
sink(ssr.getRedirectUrl()); // $ hasRemoteValueFlow
sink(ssr.getCookies()); // $ hasRemoteValueFlow
sink(ssr.getHeaderValues("name")); // $ hasRemoteValueFlow
sink(ssr.getHeaderNames()); // $ hasRemoteValueFlow
sink(ssr.getParameterValues("name")); // $ hasRemoteValueFlow
sink(ssr.getParameterMap()); // $ hasRemoteValueFlow
}
}