Dataflow: Update test expected outputs.

2026-04-30 19:26:02 +02:00 · 2021-09-06 14:05:24 +02:00
parent 7ec1fa2ebe
commit f30dad7705
110 changed files with 1557 additions and 0 deletions
--- a/java/ql/test/query-tests/security/CWE-022/semmle/tests/TaintedPath.expected
+++ b/java/ql/test/query-tests/security/CWE-022/semmle/tests/TaintedPath.expected
@@ -20,6 +20,7 @@ nodes
 | Test.java:80:31:80:32 | br : BufferedReader | semmle.label | br : BufferedReader |
 | Test.java:80:31:80:43 | readLine(...) : String | semmle.label | readLine(...) : String |
 | Test.java:82:67:82:81 | ... + ... | semmle.label | ... + ... |
+subpaths
 #select
 | Test.java:24:11:24:24 | new File(...) | Test.java:19:18:19:38 | getHostName(...) : String | Test.java:24:20:24:23 | temp | $@ flows to here and is used in a path. | Test.java:19:18:19:38 | getHostName(...) | User-provided value |
 | Test.java:27:11:27:25 | get(...) | Test.java:19:18:19:38 | getHostName(...) : String | Test.java:27:21:27:24 | temp | $@ flows to here and is used in a path. | Test.java:19:18:19:38 | getHostName(...) | User-provided value |
--- a/java/ql/test/query-tests/security/CWE-022/semmle/tests/ZipSlip.expected
+++ b/java/ql/test/query-tests/security/CWE-022/semmle/tests/ZipSlip.expected
@@ -14,6 +14,7 @@ nodes
 | ZipTest.java:9:48:9:51 | file | semmle.label | file |
 | ZipTest.java:10:49:10:52 | file | semmle.label | file |
 | ZipTest.java:11:36:11:39 | file | semmle.label | file |
+subpaths
 #select
 | ZipTest.java:7:19:7:33 | getName(...) | ZipTest.java:7:19:7:33 | getName(...) : String | ZipTest.java:9:48:9:51 | file | Unsanitized archive entry, which may contain '..', is used in a $@. | ZipTest.java:9:48:9:51 | file | file system operation |
 | ZipTest.java:7:19:7:33 | getName(...) | ZipTest.java:7:19:7:33 | getName(...) : String | ZipTest.java:10:49:10:52 | file | Unsanitized archive entry, which may contain '..', is used in a $@. | ZipTest.java:10:49:10:52 | file | file system operation |
--- a/java/ql/test/query-tests/security/CWE-078/ExecTaintedLocal.expected
+++ b/java/ql/test/query-tests/security/CWE-078/ExecTaintedLocal.expected
@@ -31,6 +31,7 @@ nodes
 | Test.java:57:27:57:39 | args : String[] | semmle.label | args : String[] |
 | Test.java:60:20:60:22 | arg : String | semmle.label | arg : String |
 | Test.java:61:23:61:25 | arg : String | semmle.label | arg : String |
+subpaths
 #select
 | Test.java:7:44:7:69 | ... + ... | Test.java:57:27:57:39 | args : String[] | Test.java:7:44:7:69 | ... + ... | $@ flows to here and is used in a command. | Test.java:57:27:57:39 | args | User-provided value |
 | Test.java:10:29:10:74 | new String[] | Test.java:57:27:57:39 | args : String[] | Test.java:10:29:10:74 | new String[] | $@ flows to here and is used in a command. | Test.java:57:27:57:39 | args | User-provided value |
--- a/java/ql/test/query-tests/security/CWE-089/semmle/examples/SqlTaintedLocal.expected
+++ b/java/ql/test/query-tests/security/CWE-089/semmle/examples/SqlTaintedLocal.expected
@@ -28,6 +28,7 @@ nodes
 | Test.java:213:26:213:38 | args : String[] | semmle.label | args : String[] |
 | Test.java:214:11:214:14 | args : String[] | semmle.label | args : String[] |
 | Test.java:218:14:218:17 | args : String[] | semmle.label | args : String[] |
+subpaths
 #select
 | Mongo.java:17:45:17:67 | parse(...) | Mongo.java:10:29:10:41 | args : String[] | Mongo.java:17:45:17:67 | parse(...) | Query might include code from $@. | Mongo.java:10:29:10:41 | args | this user input |
 | Mongo.java:21:49:21:52 | json | Mongo.java:10:29:10:41 | args : String[] | Mongo.java:21:49:21:52 | json | Query might include code from $@. | Mongo.java:10:29:10:41 | args | this user input |
--- a/java/ql/test/query-tests/security/CWE-090/LdapInjection.expected
+++ b/java/ql/test/query-tests/security/CWE-090/LdapInjection.expected
@@ -170,6 +170,7 @@ nodes
 | LdapInjection.java:338:14:338:14 | s | semmle.label | s |
 | LdapInjection.java:342:30:342:72 | aBadDNSearchRequestGet : String | semmle.label | aBadDNSearchRequestGet : String |
 | LdapInjection.java:346:14:346:24 | getBase(...) | semmle.label | getBase(...) |
+subpaths
 #select
 | LdapInjection.java:47:16:47:35 | ... + ... | LdapInjection.java:45:55:45:81 | jBadDN : String | LdapInjection.java:47:16:47:35 | ... + ... | LDAP query might include code from $@. | LdapInjection.java:45:55:45:81 | jBadDN | this user input |
 | LdapInjection.java:47:38:47:57 | ... + ... | LdapInjection.java:45:28:45:52 | jBad : String | LdapInjection.java:47:38:47:57 | ... + ... | LDAP query might include code from $@. | LdapInjection.java:45:28:45:52 | jBad | this user input |
--- a/java/ql/test/query-tests/security/CWE-094/InsecureBeanValidation.expected
+++ b/java/ql/test/query-tests/security/CWE-094/InsecureBeanValidation.expected
@@ -3,5 +3,6 @@ edges
 nodes
 | InsecureBeanValidation.java:7:28:7:40 | object : String | semmle.label | object : String |
 | InsecureBeanValidation.java:11:64:11:68 | value | semmle.label | value |
+subpaths
 #select
 | InsecureBeanValidation.java:11:64:11:68 | value | InsecureBeanValidation.java:7:28:7:40 | object : String | InsecureBeanValidation.java:11:64:11:68 | value | Custom constraint error message contains unsanitized user data |
--- a/java/ql/test/query-tests/security/CWE-113/semmle/tests/ResponseSplitting.expected
+++ b/java/ql/test/query-tests/security/CWE-113/semmle/tests/ResponseSplitting.expected
@@ -7,6 +7,7 @@ nodes
 | ResponseSplitting.java:23:23:23:28 | cookie | semmle.label | cookie |
 | ResponseSplitting.java:28:38:28:72 | getParameter(...) | semmle.label | getParameter(...) |
 | ResponseSplitting.java:29:38:29:72 | getParameter(...) | semmle.label | getParameter(...) |
+subpaths
 #select
 | ResponseSplitting.java:23:23:23:28 | cookie | ResponseSplitting.java:22:39:22:66 | getParameter(...) : String | ResponseSplitting.java:23:23:23:28 | cookie | Response-splitting vulnerability due to this $@. | ResponseSplitting.java:22:39:22:66 | getParameter(...) | user-provided value |
 | ResponseSplitting.java:28:38:28:72 | getParameter(...) | ResponseSplitting.java:28:38:28:72 | getParameter(...) | ResponseSplitting.java:28:38:28:72 | getParameter(...) | Response-splitting vulnerability due to this $@. | ResponseSplitting.java:28:38:28:72 | getParameter(...) | user-provided value |
--- a/java/ql/test/query-tests/security/CWE-129/semmle/tests/ImproperValidationOfArrayConstructionCodeSpecified.expected
+++ b/java/ql/test/query-tests/security/CWE-129/semmle/tests/ImproperValidationOfArrayConstructionCodeSpecified.expected
@@ -3,5 +3,6 @@ edges
 nodes
 | Test.java:105:16:105:16 | 0 : Number | semmle.label | 0 : Number |
 | Test.java:107:27:107:30 | size | semmle.label | size |
+subpaths
 #select
 | Test.java:110:30:110:30 | 0 | Test.java:105:16:105:16 | 0 : Number | Test.java:107:27:107:30 | size | The $@ is accessed here, but the array is initialized using $@ which may be zero. | Test.java:107:19:107:31 | new int[] | array | Test.java:105:16:105:16 | 0 | literal value 0 |
--- a/java/ql/test/query-tests/security/CWE-129/semmle/tests/ImproperValidationOfArrayConstructionLocal.expected
+++ b/java/ql/test/query-tests/security/CWE-129/semmle/tests/ImproperValidationOfArrayConstructionLocal.expected
@@ -5,6 +5,7 @@ nodes
 | Test.java:76:27:76:60 | getProperty(...) : String | semmle.label | getProperty(...) : String |
 | Test.java:80:31:80:34 | size | semmle.label | size |
 | Test.java:86:34:86:37 | size | semmle.label | size |
+subpaths
 #select
 | Test.java:83:34:83:34 | 0 | Test.java:76:27:76:60 | getProperty(...) : String | Test.java:80:31:80:34 | size | The $@ is accessed here, but the array is initialized using $@ which may be zero. | Test.java:80:23:80:35 | new int[] | array | Test.java:76:27:76:60 | getProperty(...) | User-provided value |
 | Test.java:89:37:89:37 | 0 | Test.java:76:27:76:60 | getProperty(...) : String | Test.java:86:34:86:37 | size | The $@ is accessed here, but the array is initialized using $@ which may be zero. | Test.java:86:26:86:38 | new int[] | array | Test.java:76:27:76:60 | getProperty(...) | User-provided value |
--- a/java/ql/test/query-tests/security/CWE-129/semmle/tests/ImproperValidationOfArrayIndexCodeSpecified.expected
+++ b/java/ql/test/query-tests/security/CWE-129/semmle/tests/ImproperValidationOfArrayIndexCodeSpecified.expected
@@ -24,6 +24,7 @@ nodes
 | Test.java:112:17:112:17 | 0 : Number | semmle.label | 0 : Number |
 | Test.java:115:32:115:36 | index | semmle.label | index |
 | Test.java:121:30:121:30 | 0 | semmle.label | 0 |
+subpaths
 #select
 | Test.java:44:30:44:34 | index | Test.java:41:17:41:48 | nextInt(...) : Number | Test.java:44:30:44:34 | index | $@ flows to the index used in this array access, and may cause the operation to throw an ArrayIndexOutOfBoundsException. | Test.java:41:17:41:48 | nextInt(...) | Random value |
 | Test.java:62:30:62:34 | index | Test.java:59:17:59:42 | nextInt(...) : Number | Test.java:62:30:62:34 | index | $@ flows to the index used in this array access, and may cause the operation to throw an ArrayIndexOutOfBoundsException. | Test.java:59:17:59:42 | nextInt(...) | Random value |
--- a/java/ql/test/query-tests/security/CWE-129/semmle/tests/ImproperValidationOfArrayIndexLocal.expected
+++ b/java/ql/test/query-tests/security/CWE-129/semmle/tests/ImproperValidationOfArrayIndexLocal.expected
@@ -3,5 +3,6 @@ edges
 nodes
 | Test.java:14:27:14:60 | getProperty(...) : String | semmle.label | getProperty(...) : String |
 | Test.java:19:34:19:38 | index | semmle.label | index |
+subpaths
 #select
 | Test.java:19:34:19:38 | index | Test.java:14:27:14:60 | getProperty(...) : String | Test.java:19:34:19:38 | index | $@ flows to here and is used as an index causing an ArrayIndexOutOfBoundsException. | Test.java:14:27:14:60 | getProperty(...) | User-provided value |
--- a/java/ql/test/query-tests/security/CWE-134/semmle/tests/ExternallyControlledFormatString.expected
+++ b/java/ql/test/query-tests/security/CWE-134/semmle/tests/ExternallyControlledFormatString.expected
@@ -7,5 +7,6 @@ nodes
 | Test.java:34:20:34:32 | userParameter : String | semmle.label | userParameter : String |
 | Test.java:37:31:37:43 | format : String | semmle.label | format : String |
 | Test.java:39:25:39:30 | format | semmle.label | format |
+subpaths
 #select
 | Test.java:39:25:39:30 | format | Test.java:33:30:33:74 | getParameter(...) : String | Test.java:39:25:39:30 | format | $@ flows to here and is used in a format string. | Test.java:33:30:33:74 | getParameter(...) | User-provided value |
--- a/java/ql/test/query-tests/security/CWE-134/semmle/tests/ExternallyControlledFormatStringLocal.expected
+++ b/java/ql/test/query-tests/security/CWE-134/semmle/tests/ExternallyControlledFormatStringLocal.expected
@@ -11,6 +11,7 @@ nodes
 | Test.java:23:23:23:34 | userProperty | semmle.label | userProperty |
 | Test.java:25:28:25:39 | userProperty | semmle.label | userProperty |
 | Test.java:27:44:27:55 | userProperty | semmle.label | userProperty |
+subpaths
 #select
 | Test.java:19:19:19:30 | userProperty | Test.java:17:27:17:60 | getProperty(...) : String | Test.java:19:19:19:30 | userProperty | $@ flows to here and is used in a format string. | Test.java:17:27:17:60 | getProperty(...) | User-provided value |
 | Test.java:21:23:21:34 | userProperty | Test.java:17:27:17:60 | getProperty(...) : String | Test.java:21:23:21:34 | userProperty | $@ flows to here and is used in a format string. | Test.java:17:27:17:60 | getProperty(...) | User-provided value |
--- a/java/ql/test/query-tests/security/CWE-190/semmle/tests/ArithmeticTaintedLocal.expected
+++ b/java/ql/test/query-tests/security/CWE-190/semmle/tests/ArithmeticTaintedLocal.expected
@@ -20,7 +20,9 @@ edges
 | ArithmeticTainted.java:19:26:19:50 | readLine(...) : String | ArithmeticTainted.java:121:10:121:13 | data : Number |
 | ArithmeticTainted.java:64:4:64:10 | tainted [post update] [dat] : Number | ArithmeticTainted.java:66:18:66:24 | tainted [dat] : Number |
 | ArithmeticTainted.java:64:20:64:23 | data : Number | ArithmeticTainted.java:64:4:64:10 | tainted [post update] [dat] : Number |
+| ArithmeticTainted.java:64:20:64:23 | data : Number | Holder.java:12:22:12:26 | d : Number |
 | ArithmeticTainted.java:66:18:66:24 | tainted [dat] : Number | ArithmeticTainted.java:66:18:66:34 | getData(...) : Number |
+| ArithmeticTainted.java:66:18:66:24 | tainted [dat] : Number | Holder.java:16:13:16:19 | parameter this [dat] : Number |
 | ArithmeticTainted.java:66:18:66:34 | getData(...) : Number | ArithmeticTainted.java:71:17:71:23 | herring |
 | ArithmeticTainted.java:118:9:118:12 | data : Number | ArithmeticTainted.java:125:26:125:33 | data : Number |
 | ArithmeticTainted.java:119:10:119:13 | data : Number | ArithmeticTainted.java:129:27:129:34 | data : Number |
@@ -30,6 +32,10 @@ edges
 | ArithmeticTainted.java:129:27:129:34 | data : Number | ArithmeticTainted.java:131:5:131:8 | data |
 | ArithmeticTainted.java:133:27:133:34 | data : Number | ArithmeticTainted.java:135:3:135:6 | data |
 | ArithmeticTainted.java:137:27:137:34 | data : Number | ArithmeticTainted.java:139:5:139:8 | data |
+| Holder.java:12:22:12:26 | d : Number | Holder.java:13:9:13:9 | d : Number |
+| Holder.java:13:9:13:9 | d : Number | Holder.java:13:3:13:5 | this <.field> [post update] [dat] : Number |
+| Holder.java:16:13:16:19 | parameter this [dat] : Number | Holder.java:17:10:17:12 | this <.field> [dat] : Number |
+| Holder.java:17:10:17:12 | this <.field> [dat] : Number | Holder.java:17:10:17:12 | dat : Number |
 nodes
 | ArithmeticTainted.java:17:24:17:64 | new InputStreamReader(...) : InputStreamReader | semmle.label | new InputStreamReader(...) : InputStreamReader |
 | ArithmeticTainted.java:17:24:17:64 | new InputStreamReader(...) : InputStreamReader | semmle.label | new InputStreamReader(...) : InputStreamReader |
@@ -64,6 +70,15 @@ nodes
 | ArithmeticTainted.java:135:3:135:6 | data | semmle.label | data |
 | ArithmeticTainted.java:137:27:137:34 | data : Number | semmle.label | data : Number |
 | ArithmeticTainted.java:139:5:139:8 | data | semmle.label | data |
+| Holder.java:12:22:12:26 | d : Number | semmle.label | d : Number |
+| Holder.java:13:3:13:5 | this <.field> [post update] [dat] : Number | semmle.label | this <.field> [post update] [dat] : Number |
+| Holder.java:13:9:13:9 | d : Number | semmle.label | d : Number |
+| Holder.java:16:13:16:19 | parameter this [dat] : Number | semmle.label | parameter this [dat] : Number |
+| Holder.java:17:10:17:12 | dat : Number | semmle.label | dat : Number |
+| Holder.java:17:10:17:12 | this <.field> [dat] : Number | semmle.label | this <.field> [dat] : Number |
+subpaths
+| ArithmeticTainted.java:64:20:64:23 | data : Number | Holder.java:12:22:12:26 | d : Number | Holder.java:13:3:13:5 | this <.field> [post update] [dat] : Number | ArithmeticTainted.java:64:4:64:10 | tainted [post update] [dat] : Number |
+| ArithmeticTainted.java:66:18:66:24 | tainted [dat] : Number | Holder.java:16:13:16:19 | parameter this [dat] : Number | Holder.java:17:10:17:12 | dat : Number | ArithmeticTainted.java:66:18:66:34 | getData(...) : Number |
 #select
 | ArithmeticTainted.java:32:17:32:25 | ... + ... | ArithmeticTainted.java:17:46:17:54 | System.in : InputStream | ArithmeticTainted.java:32:17:32:20 | data | $@ flows to here and is used in arithmetic, potentially causing an overflow. | ArithmeticTainted.java:17:46:17:54 | System.in | User-provided value |
 | ArithmeticTainted.java:40:17:40:25 | ... - ... | ArithmeticTainted.java:17:46:17:54 | System.in : InputStream | ArithmeticTainted.java:40:17:40:20 | data | $@ flows to here and is used in arithmetic, potentially causing an underflow. | ArithmeticTainted.java:17:46:17:54 | System.in | User-provided value |
--- a/java/ql/test/query-tests/security/CWE-190/semmle/tests/ArithmeticUncontrolled.expected
+++ b/java/ql/test/query-tests/security/CWE-190/semmle/tests/ArithmeticUncontrolled.expected
@@ -10,6 +10,7 @@ nodes
 | Test.java:245:15:245:35 | nextInt(...) : Number | semmle.label | nextInt(...) : Number |
 | Test.java:249:17:249:21 | data2 | semmle.label | data2 |
 | Test.java:280:37:280:41 | data2 | semmle.label | data2 |
+subpaths
 #select
 | Test.java:210:17:210:24 | ... + ... | Test.java:206:14:206:57 | nextInt(...) : Number | Test.java:210:17:210:20 | data | $@ flows to here and is used in arithmetic, potentially causing an overflow. | Test.java:206:14:206:57 | nextInt(...) | Uncontrolled value |
 | Test.java:241:37:241:46 | ... + ... | Test.java:206:14:206:57 | nextInt(...) : Number | Test.java:241:37:241:40 | data | $@ flows to here and is used in arithmetic, potentially causing an overflow. | Test.java:206:14:206:57 | nextInt(...) | Uncontrolled value |
--- a/java/ql/test/query-tests/security/CWE-190/semmle/tests/ArithmeticWithExtremeValues.expected
+++ b/java/ql/test/query-tests/security/CWE-190/semmle/tests/ArithmeticWithExtremeValues.expected
@@ -21,6 +21,7 @@ nodes
 | Test.java:195:41:195:41 | s | semmle.label | s |
 | Test.java:199:12:199:28 | Integer.MAX_VALUE : Number | semmle.label | Integer.MAX_VALUE : Number |
 | Test.java:202:37:202:37 | i | semmle.label | i |
+subpaths
 #select
 | Test.java:96:8:96:12 | ... + ... | Test.java:93:8:93:24 | Integer.MAX_VALUE : Number | Test.java:96:8:96:8 | i | Variable i is assigned an extreme value $@, and may cause an overflow. | Test.java:93:8:93:24 | Integer.MAX_VALUE | MAX_VALUE |
 | Test.java:111:13:111:17 | ... - ... | Test.java:109:13:109:26 | Long.MIN_VALUE : Number | Test.java:111:13:111:13 | i | Variable i is assigned an extreme value $@, and may cause an underflow. | Test.java:109:13:109:26 | Long.MIN_VALUE | MIN_VALUE |
--- a/java/ql/test/query-tests/security/CWE-297/UnsafeHostnameVerification.expected
+++ b/java/ql/test/query-tests/security/CWE-297/UnsafeHostnameVerification.expected
@@ -13,6 +13,7 @@ nodes
 | UnsafeHostnameVerification.java:88:37:93:9 | new (...) : new HostnameVerifier(...) { ... } | semmle.label | new (...) : new HostnameVerifier(...) { ... } |
 | UnsafeHostnameVerification.java:94:55:94:62 | verifier | semmle.label | verifier |
 | UnsafeHostnameVerification.java:97:72:102:5 | new (...) : new HostnameVerifier(...) { ... } | semmle.label | new (...) : new HostnameVerifier(...) { ... } |
+subpaths
 #select
 | UnsafeHostnameVerification.java:14:55:19:9 | new (...) | UnsafeHostnameVerification.java:14:55:19:9 | new (...) | UnsafeHostnameVerification.java:14:55:19:9 | new (...) | $@ that is defined $@ and accepts any certificate as valid, is used here. | UnsafeHostnameVerification.java:14:55:19:9 | new (...) | This hostname verifier | UnsafeHostnameVerification.java:14:59:14:74 | new HostnameVerifier(...) { ... } | here |
 | UnsafeHostnameVerification.java:26:55:26:71 | ...->... | UnsafeHostnameVerification.java:26:55:26:71 | ...->... | UnsafeHostnameVerification.java:26:55:26:71 | ...->... | $@ that is defined $@ and accepts any certificate as valid, is used here. | UnsafeHostnameVerification.java:26:55:26:71 | ...->... | This hostname verifier | UnsafeHostnameVerification.java:26:55:26:71 | new HostnameVerifier(...) { ... } | here |
--- a/java/ql/test/query-tests/security/CWE-311/CWE-319/HttpsUrls.expected
+++ b/java/ql/test/query-tests/security/CWE-311/CWE-319/HttpsUrls.expected
@@ -17,6 +17,7 @@ nodes
 | HttpsUrlsTest.java:55:50:55:50 | u | semmle.label | u |
 | HttpsUrlsTest.java:87:23:87:28 | "http" : String | semmle.label | "http" : String |
 | HttpsUrlsTest.java:92:50:92:50 | u | semmle.label | u |
+subpaths
 #select
 | HttpsUrlsTest.java:28:50:28:67 | openConnection(...) | HttpsUrlsTest.java:23:23:23:31 | "http://" : String | HttpsUrlsTest.java:28:50:28:50 | u | URL may have been constructed with HTTP protocol, using $@. | HttpsUrlsTest.java:23:23:23:31 | "http://" | this source |
 | HttpsUrlsTest.java:41:50:41:67 | openConnection(...) | HttpsUrlsTest.java:36:23:36:28 | "http" : String | HttpsUrlsTest.java:41:50:41:50 | u | URL may have been constructed with HTTP protocol, using $@. | HttpsUrlsTest.java:36:23:36:28 | "http" | this source |
--- a/java/ql/test/query-tests/security/CWE-327/semmle/tests/BrokenCryptoAlgorithm.expected
+++ b/java/ql/test/query-tests/security/CWE-327/semmle/tests/BrokenCryptoAlgorithm.expected
@@ -2,6 +2,7 @@ edges
 nodes
 | Test.java:19:45:19:49 | "DES" | semmle.label | "DES" |
 | Test.java:42:33:42:37 | "RC2" | semmle.label | "RC2" |
+subpaths
 #select
 | Test.java:19:20:19:50 | getInstance(...) | Test.java:19:45:19:49 | "DES" | Test.java:19:45:19:49 | "DES" | Cryptographic algorithm $@ is weak and should not be used. | Test.java:19:45:19:49 | "DES" | "DES" |
 | Test.java:42:14:42:38 | getInstance(...) | Test.java:42:33:42:37 | "RC2" | Test.java:42:33:42:37 | "RC2" | Cryptographic algorithm $@ is weak and should not be used. | Test.java:42:33:42:37 | "RC2" | "RC2" |
--- a/java/ql/test/query-tests/security/CWE-327/semmle/tests/MaybeBrokenCryptoAlgorithm.expected
+++ b/java/ql/test/query-tests/security/CWE-327/semmle/tests/MaybeBrokenCryptoAlgorithm.expected
@@ -1,5 +1,6 @@
 edges
 nodes
 | Test.java:34:48:34:52 | "foo" | semmle.label | "foo" |
+subpaths
 #select
 | Test.java:34:21:34:53 | new SecretKeySpec(...) | Test.java:34:48:34:52 | "foo" | Test.java:34:48:34:52 | "foo" | Cryptographic algorithm $@ may not be secure, consider using a different algorithm. | Test.java:34:48:34:52 | "foo" | "foo" |
--- a/java/ql/test/query-tests/security/CWE-601/semmle/tests/UrlRedirect.expected
+++ b/java/ql/test/query-tests/security/CWE-601/semmle/tests/UrlRedirect.expected
@@ -6,6 +6,7 @@ nodes
 | UrlRedirect.java:36:58:36:89 | getParameter(...) : String | semmle.label | getParameter(...) : String |
 | UrlRedirect.java:39:34:39:63 | getParameter(...) | semmle.label | getParameter(...) |
 | UrlRedirect.java:42:43:42:72 | getParameter(...) | semmle.label | getParameter(...) |
+subpaths
 #select
 | UrlRedirect.java:23:25:23:54 | getParameter(...) | UrlRedirect.java:23:25:23:54 | getParameter(...) | UrlRedirect.java:23:25:23:54 | getParameter(...) | Potentially untrusted URL redirection due to $@. | UrlRedirect.java:23:25:23:54 | getParameter(...) | user-provided value |
 | UrlRedirect.java:36:25:36:89 | ... + ... | UrlRedirect.java:36:58:36:89 | getParameter(...) : String | UrlRedirect.java:36:25:36:89 | ... + ... | Potentially untrusted URL redirection due to $@. | UrlRedirect.java:36:58:36:89 | getParameter(...) | user-provided value |
--- a/java/ql/test/query-tests/security/CWE-611/XXE.expected
+++ b/java/ql/test/query-tests/security/CWE-611/XXE.expected
@@ -231,6 +231,7 @@ nodes
 | XmlInputFactoryTests.java:48:34:48:54 | getInputStream(...) | semmle.label | getInputStream(...) |
 | XmlInputFactoryTests.java:55:35:55:55 | getInputStream(...) | semmle.label | getInputStream(...) |
 | XmlInputFactoryTests.java:56:34:56:54 | getInputStream(...) | semmle.label | getInputStream(...) |
+subpaths
 #select
 | DocumentBuilderTests.java:14:19:14:39 | getInputStream(...) | DocumentBuilderTests.java:14:19:14:39 | getInputStream(...) | DocumentBuilderTests.java:14:19:14:39 | getInputStream(...) | Unsafe parsing of XML file from $@. | DocumentBuilderTests.java:14:19:14:39 | getInputStream(...) | user input |
 | DocumentBuilderTests.java:42:19:42:39 | getInputStream(...) | DocumentBuilderTests.java:42:19:42:39 | getInputStream(...) | DocumentBuilderTests.java:42:19:42:39 | getInputStream(...) | Unsafe parsing of XML file from $@. | DocumentBuilderTests.java:42:19:42:39 | getInputStream(...) | user input |
--- a/java/ql/test/query-tests/security/CWE-681/semmle/tests/NumericCastTaintedLocal.expected
+++ b/java/ql/test/query-tests/security/CWE-681/semmle/tests/NumericCastTaintedLocal.expected
@@ -11,5 +11,6 @@ nodes
 | Test.java:12:26:12:39 | readerBuffered : BufferedReader | semmle.label | readerBuffered : BufferedReader |
 | Test.java:12:26:12:50 | readLine(...) : String | semmle.label | readLine(...) : String |
 | Test.java:21:22:21:25 | data | semmle.label | data |
+subpaths
 #select
 | Test.java:21:17:21:25 | (...)... | Test.java:11:28:11:36 | System.in : InputStream | Test.java:21:22:21:25 | data | $@ flows to here and is cast to a narrower type, potentially causing truncation. | Test.java:11:28:11:36 | System.in | User-provided value |
--- a/java/ql/test/query-tests/security/CWE-798/semmle/tests/HardcodedCredentialsApiCall.expected
+++ b/java/ql/test/query-tests/security/CWE-798/semmle/tests/HardcodedCredentialsApiCall.expected
@@ -63,6 +63,7 @@ nodes
 | Test.java:29:51:29:65 | password : String | semmle.label | password : String |
 | Test.java:30:36:30:39 | user | semmle.label | user |
 | Test.java:30:42:30:49 | password | semmle.label | password |
+subpaths
 #select
 | CredentialsTest.java:7:34:7:41 | "123456" | CredentialsTest.java:7:34:7:41 | "123456" : String | CredentialsTest.java:13:39:13:39 | p | Hard-coded value flows to $@. | CredentialsTest.java:13:39:13:39 | p | sensitive API call |
 | CredentialsTest.java:7:34:7:41 | "123456" | CredentialsTest.java:7:34:7:41 | "123456" : String | CredentialsTest.java:18:39:18:39 | q | Hard-coded value flows to $@. | CredentialsTest.java:18:39:18:39 | q | sensitive API call |
--- a/java/ql/test/query-tests/security/CWE-798/semmle/tests/HardcodedCredentialsSourceCall.expected
+++ b/java/ql/test/query-tests/security/CWE-798/semmle/tests/HardcodedCredentialsSourceCall.expected
@@ -6,6 +6,7 @@ nodes
 | Test.java:26:17:26:20 | pass | semmle.label | pass |
 | User.java:2:43:2:50 | "123456" : String | semmle.label | "123456" : String |
 | User.java:5:15:5:24 | DEFAULT_PW | semmle.label | DEFAULT_PW |
+subpaths
 #select
 | Test.java:10:17:10:24 | "123456" | Test.java:10:17:10:24 | "123456" : String | Test.java:26:17:26:20 | pass | Hard-coded value flows to $@. | Test.java:26:17:26:20 | pass | sensitive call |
 | User.java:2:43:2:50 | "123456" | User.java:2:43:2:50 | "123456" : String | User.java:5:15:5:24 | DEFAULT_PW | Hard-coded value flows to $@. | User.java:5:15:5:24 | DEFAULT_PW | sensitive call |
--- a/java/ql/test/query-tests/security/CWE-807/semmle/tests/ConditionalBypass.expected
+++ b/java/ql/test/query-tests/security/CWE-807/semmle/tests/ConditionalBypass.expected
@@ -15,6 +15,7 @@ nodes
 | Test.java:81:6:81:36 | ... == ... | semmle.label | ... == ... |
 | Test.java:91:6:91:27 | getValue(...) : String | semmle.label | getValue(...) : String |
 | Test.java:91:6:91:36 | ... == ... | semmle.label | ... == ... |
+subpaths
 #select
 | Test.java:26:4:26:24 | login(...) | Test.java:17:26:17:38 | args : String[] | Test.java:25:6:25:21 | ... == ... | Sensitive method may not be executed depending on $@, which flows from $@. | Test.java:25:6:25:21 | ... == ... | this condition | Test.java:17:26:17:38 | args | user input |
 | Test.java:32:4:32:24 | login(...) | Test.java:31:6:31:27 | getValue(...) : String | Test.java:31:6:31:43 | equals(...) | Sensitive method may not be executed depending on $@, which flows from $@. | Test.java:31:6:31:43 | equals(...) | this condition | Test.java:31:6:31:27 | getValue(...) | user input |
--- a/java/ql/test/query-tests/security/CWE-807/semmle/tests/TaintedPermissionsCheck.expected
+++ b/java/ql/test/query-tests/security/CWE-807/semmle/tests/TaintedPermissionsCheck.expected
@@ -3,5 +3,6 @@ edges
 nodes
 | Test.java:17:26:17:38 | args : String[] | semmle.label | args : String[] |
 | Test.java:50:26:50:64 | ... + ... | semmle.label | ... + ... |
+subpaths
 #select
 | Test.java:50:6:50:65 | isPermitted(...) | Test.java:17:26:17:38 | args : String[] | Test.java:50:26:50:64 | ... + ... | Permissions check uses user-controlled $@. | Test.java:17:26:17:38 | args | data |