Add sources for Jax-RS filters

2026-05-05 13:45:19 +02:00 · 2021-08-12 14:52:23 +01:00
parent 0ebbb333ba
commit f1c3a11103
12 changed files with 1187 additions and 20 deletions
--- a/java/ql/test/library-tests/frameworks/JaxWs/JakartaContainerRequestContextSources.java
+++ b/java/ql/test/library-tests/frameworks/JaxWs/JakartaContainerRequestContextSources.java
@@ -0,0 +1,17 @@
+import jakarta.ws.rs.container.ContainerRequestContext;
+
+public class JakartaContainerRequestContextSources {
+  void sink(Object o) {}
+
+  void test(ContainerRequestContext context) throws Exception {
+    sink(context.getAcceptableLanguages()); // $ hasValueFlow
+    sink(context.getAcceptableMediaTypes().get(0).getType()); // $ hasTaintFlow
+    sink(context.getCookies().get("someKey").getValue()); // $ hasTaintFlow
+    byte[] buf = new byte[1024];
+    context.getEntityStream().read(buf);
+    sink(buf); // $ hasTaintFlow
+    sink(context.getHeaders().getFirst("someKey")); // $ hasTaintFlow
+    sink(context.getHeaderString("someKey")); // $ hasValueFlow
+    sink(context.getUriInfo().getPath()); // $ hasTaintFlow
+  }
+}