mirror of
https://github.com/github/codeql.git
synced 2026-04-29 02:35:15 +02:00
Fix up tests
This commit is contained in:
Joe Farebrother
@@ -62,7 +62,7 @@ private class UrlOpenSink extends SinkModelCsv {
|
||||
}
|
||||
}
|
||||
|
||||
private class SpringHttpFlowStep extends SinkModelCsv {
|
||||
private class SpringHttpFlowStep extends SummaryModelCsv {
|
||||
override predicate row(string row) {
|
||||
row =
|
||||
[
|
||||
@@ -84,26 +84,26 @@ private class SpringHttpFlowStep extends SinkModelCsv {
|
||||
"org.springframework.http;ResponseEntity;true;ResponseEntity;(Object,MultiValueMap,int);;Argument[0];Argument[-1];taint",
|
||||
"org.springframework.http;ResponseEntity;true;ResponseEntity;(Object,MultiValueMap,int);;MapKey of Argument[1];Argument[-1];taint",
|
||||
"org.springframework.http;ResponseEntity;true;ResponseEntity;(Object,MultiValueMap,int);;Element of MapValue of Argument[1];Argument[-1];taint",
|
||||
"org.springframework.http;ResponseEntity;true;of;(Optional);;Argument[0];ReturnValue;taint",
|
||||
"org.springframework.http;ResponseEntity;true;of;(Optional);;Element of Argument[0];ReturnValue;taint",
|
||||
"org.springframework.http;ResponseEntity;true;ok;(Object);;Argument[0];ReturnValue;taint",
|
||||
"org.springframework.http;ResponseEntity;true;created;(URI);;Argument[0];ReturnValue;taint",
|
||||
"org.springframework.http;ResponseEntity<>$BodyBuilder;true;contentLength;(long);;Argument[-1];ReturnValue;value",
|
||||
"org.springframework.http;ResponseEntity<>$BodyBuilder;true;contentType;(MediaType);;Argument[-1];ReturnValue;value",
|
||||
"org.springframework.http;ResponseEntity<>$BodyBuilder;true;body;(Object);;Argument[-1..0];ReturnValue;taint",
|
||||
"org.springframework.http;ResponseEntity<>$HeadersBuilder;true;allow;(HttpMethod[]);;Argument[-1];ReturnValue;value",
|
||||
"org.springframework.http;ResponseEntity<>$HeadersBuilder;true;eTag;(String);;Argument[-1];ReturnValue;value",
|
||||
"org.springframework.http;ResponseEntity<>$HeadersBuilder;true;eTag;(String);;Argument[0];Argument[-1];taint",
|
||||
"org.springframework.http;ResponseEntity<>$HeadersBuilder;true;header;(String,String[]);;Argument[-1];ReturnValue;value",
|
||||
"org.springframework.http;ResponseEntity<>$HeadersBuilder;true;header;(String,String[]);;Argument[0];Argument[-1];taint",
|
||||
"org.springframework.http;ResponseEntity<>$HeadersBuilder;true;header;(String,String[]);;ArrayElement of Argument[1];Argument[-1];taint",
|
||||
"org.springframework.http;ResponseEntity<>$HeadersBuilder;true;headers;(Consumer);;Argument[-1];ReturnValue;value",
|
||||
"org.springframework.http;ResponseEntity<>$HeadersBuilder;true;headers;(HttpHeaders);;Argument[-1];ReturnValue;value",
|
||||
"org.springframework.http;ResponseEntity<>$HeadersBuilder;true;headers;(HttpHeaders);;Argument[0];Argument[-1];taint",
|
||||
"org.springframework.http;ResponseEntity<>$HeadersBuilder;true;lastModified;;;Argument[-1];ReturnValue;value",
|
||||
"org.springframework.http;ResponseEntity<>$HeadersBuilder;true;location;(URI);;Argument[-1];ReturnValue;value",
|
||||
"org.springframework.http;ResponseEntity<>$HeadersBuilder;true;location;(URI);;Argument[0];Argument[-1];taint",
|
||||
"org.springframework.http;ResponseEntity<>$HeadersBuilder;true;varyBy;(String[]);;Argument[-1];ReturnValue;value",
|
||||
"org.springframework.http;ResponseEntity<>$HeadersBuilder;true;build;();;Argument[-1];ReturnValue;taint",
|
||||
"org.springframework.http;ResponseEntity$BodyBuilder;true;contentLength;(long);;Argument[-1];ReturnValue;value",
|
||||
"org.springframework.http;ResponseEntity$BodyBuilder;true;contentType;(MediaType);;Argument[-1];ReturnValue;value",
|
||||
"org.springframework.http;ResponseEntity$BodyBuilder;true;body;(Object);;Argument[-1..0];ReturnValue;taint",
|
||||
"org.springframework.http;ResponseEntity$HeadersBuilder;true;allow;(HttpMethod[]);;Argument[-1];ReturnValue;value",
|
||||
"org.springframework.http;ResponseEntity$HeadersBuilder;true;eTag;(String);;Argument[-1];ReturnValue;value",
|
||||
"org.springframework.http;ResponseEntity$HeadersBuilder;true;eTag;(String);;Argument[0];Argument[-1];taint",
|
||||
"org.springframework.http;ResponseEntity$HeadersBuilder;true;header;(String,String[]);;Argument[-1];ReturnValue;value",
|
||||
"org.springframework.http;ResponseEntity$HeadersBuilder;true;header;(String,String[]);;Argument[0];Argument[-1];taint",
|
||||
"org.springframework.http;ResponseEntity$HeadersBuilder;true;header;(String,String[]);;ArrayElement of Argument[1];Argument[-1];taint",
|
||||
"org.springframework.http;ResponseEntity$HeadersBuilder;true;headers;(Consumer);;Argument[-1];ReturnValue;value",
|
||||
"org.springframework.http;ResponseEntity$HeadersBuilder;true;headers;(HttpHeaders);;Argument[-1];ReturnValue;value",
|
||||
"org.springframework.http;ResponseEntity$HeadersBuilder;true;headers;(HttpHeaders);;Argument[0];Argument[-1];taint",
|
||||
"org.springframework.http;ResponseEntity$HeadersBuilder;true;lastModified;;;Argument[-1];ReturnValue;value",
|
||||
"org.springframework.http;ResponseEntity$HeadersBuilder;true;location;(URI);;Argument[-1];ReturnValue;value",
|
||||
"org.springframework.http;ResponseEntity$HeadersBuilder;true;location;(URI);;Argument[0];Argument[-1];taint",
|
||||
"org.springframework.http;ResponseEntity$HeadersBuilder;true;varyBy;(String[]);;Argument[-1];ReturnValue;value",
|
||||
"org.springframework.http;ResponseEntity$HeadersBuilder;true;build;();;Argument[-1];ReturnValue;taint",
|
||||
"org.springframework.http;RequestEntity;true;getUrl;();;Argument[-1];ReturnValue;taint",
|
||||
"org.springframework.http;HttpHeaders;true;HttpHeaders;(MultiValueMap);;MapKey of Argument[0];Argument[-1];taint",
|
||||
"org.springframework.http;HttpHeaders;true;HttpHeaders;(MultiValueMap);;Element of MapValue of Argument[0];Argument[-1];taint",
|
||||
|
||||
@@ -20,12 +20,12 @@ class TestHttp {
|
||||
sink(new HttpEntity(x, m1)); // $hasTaintFlow
|
||||
|
||||
m1.add("a", taint());
|
||||
sink(new HttpEntity("a", m1)); // $ MISSING:hasTaintFlow
|
||||
sink(new HttpEntity<String>(m1)); // $ MISSING:hasTaintFlow
|
||||
sink(new HttpEntity("a", m1)); // $hasTaintFlow
|
||||
sink(new HttpEntity<String>(m1)); // $hasTaintFlow
|
||||
|
||||
MultiValueMap<String,String> m2 = new LinkedMultiValueMap();
|
||||
m2.add(taint(), "a");
|
||||
sink(new HttpEntity<String>(m2)); // $ MISSING:hasTaintFlow
|
||||
sink(new HttpEntity<String>(m2)); // $hasTaintFlow
|
||||
|
||||
HttpEntity<String> ent = taint();
|
||||
sink(ent.getBody()); // $hasTaintFlow
|
||||
@@ -38,7 +38,7 @@ class TestHttp {
|
||||
void test2() {
|
||||
String x = taint();
|
||||
sink(ResponseEntity.ok(x)); // $hasTaintFlow
|
||||
sink(ResponseEntity.of(Optional.of(x))); // $ MISSING:hasTaintFlow
|
||||
sink(ResponseEntity.of(Optional.of(x))); // $hasTaintFlow
|
||||
|
||||
sink(ResponseEntity.status(200).contentLength(2048).body(x)); // $hasTaintFlow
|
||||
sink(ResponseEntity.created(taint()).contentType(null).body("a")); // $hasTaintFlow
|
||||
@@ -61,15 +61,15 @@ class TestHttp {
|
||||
sink(new ResponseEntity(x, m1, 200)); // $hasTaintFlow
|
||||
|
||||
m1.add("a", taint());
|
||||
sink(new ResponseEntity("a", m1, HttpStatus.ACCEPTED)); // $ MISSING:hasTaintFlow
|
||||
sink(new ResponseEntity<String>(m1, HttpStatus.ACCEPTED)); // $ MISSING:hasTaintFlow
|
||||
sink(new ResponseEntity("a", m1, 200)); // $ MISSING:hasTaintFlow
|
||||
sink(new ResponseEntity("a", m1, HttpStatus.ACCEPTED)); // $hasTaintFlow
|
||||
sink(new ResponseEntity<String>(m1, HttpStatus.ACCEPTED)); // $hasTaintFlow
|
||||
sink(new ResponseEntity("a", m1, 200)); // $hasTaintFlow
|
||||
|
||||
MultiValueMap<String,String> m2 = new LinkedMultiValueMap();
|
||||
m2.add(taint(), "a");
|
||||
sink(new ResponseEntity("a", m2, HttpStatus.ACCEPTED)); // $ MISSING:hasTaintFlow
|
||||
sink(new ResponseEntity<String>(m2, HttpStatus.ACCEPTED)); // $ MISSING:hasTaintFlow
|
||||
sink(new ResponseEntity("a", m2, 200)); // $ MISSING:hasTaintFlow
|
||||
sink(new ResponseEntity("a", m2, HttpStatus.ACCEPTED)); // $hasTaintFlow
|
||||
sink(new ResponseEntity<String>(m2, HttpStatus.ACCEPTED)); // $hasTaintFlow
|
||||
sink(new ResponseEntity("a", m2, 200)); // $hasTaintFlow
|
||||
|
||||
ResponseEntity<String> ent = taint();
|
||||
sink(ent.getBody()); // $hasTaintFlow
|
||||
@@ -79,11 +79,11 @@ class TestHttp {
|
||||
void test4() {
|
||||
MultiValueMap<String,String> m1 = new LinkedMultiValueMap();
|
||||
m1.add("a", taint());
|
||||
sink(new HttpHeaders(m1)); // $ MISSING:hasTaintFlow
|
||||
sink(new HttpHeaders(m1)); // $hasTaintFlow
|
||||
|
||||
MultiValueMap<String,String> m2 = new LinkedMultiValueMap();
|
||||
m2.add(taint(), "a");
|
||||
sink(new HttpHeaders(m2)); // $ MISSING:hasTaintFlow
|
||||
sink(new HttpHeaders(m2)); // $hasTaintFlow
|
||||
|
||||
HttpHeaders h1 = new HttpHeaders();
|
||||
h1.add(taint(), "a");
|
||||
@@ -95,11 +95,11 @@ class TestHttp {
|
||||
|
||||
HttpHeaders h3 = new HttpHeaders();
|
||||
h3.addAll(m1);
|
||||
sink(h3); // $ MISSING:hasTaintFlow
|
||||
sink(h3); // $hasTaintFlow
|
||||
|
||||
HttpHeaders h4 = new HttpHeaders();
|
||||
h4.addAll(m2);
|
||||
sink(h4); // $ MISSING:hasTaintFlow
|
||||
sink(h4); // $hasTaintFlow
|
||||
|
||||
HttpHeaders h5 = new HttpHeaders();
|
||||
h5.addAll(taint(), List.of());
|
||||
@@ -109,8 +109,8 @@ class TestHttp {
|
||||
h6.addAll("a", List.of(taint()));
|
||||
sink(h6); // $hasTaintFlow
|
||||
|
||||
sink(HttpHeaders.formatHeaders(m1)); // $ MISSING:hasTaintFlow
|
||||
sink(HttpHeaders.formatHeaders(m2)); // $ MISSING:hasTaintFlow
|
||||
sink(HttpHeaders.formatHeaders(m1)); // $hasTaintFlow
|
||||
sink(HttpHeaders.formatHeaders(m2)); // $hasTaintFlow
|
||||
|
||||
sink(HttpHeaders.encodeBasicAuth(taint(), "a", null)); // $hasTaintFlow
|
||||
sink(HttpHeaders.encodeBasicAuth("a", taint(), null)); // $hasTaintFlow
|
||||
|
||||
Reference in New Issue
Block a user