mirror of
https://github.com/github/codeql.git
synced 2026-05-02 12:15:17 +02:00
Dataflow: Update more tests.
This commit is contained in:
Anders Schack-Mulligen
@@ -95,6 +95,7 @@ nodes
|
||||
| XsltInjection.java:108:5:108:46 | load(...) | semmle.label | load(...) |
|
||||
| XsltInjection.java:109:5:109:49 | load(...) | semmle.label | load(...) |
|
||||
| XsltInjection.java:110:5:110:50 | load(...) | semmle.label | load(...) |
|
||||
subpaths
|
||||
#select
|
||||
| XsltInjection.java:31:5:31:59 | newTransformer(...) | XsltInjection.java:30:44:30:66 | getInputStream(...) : InputStream | XsltInjection.java:31:5:31:59 | newTransformer(...) | XSLT transformation might include stylesheet from $@. | XsltInjection.java:30:44:30:66 | getInputStream(...) | this user input |
|
||||
| XsltInjection.java:36:5:36:74 | newTransformer(...) | XsltInjection.java:35:66:35:88 | getInputStream(...) : InputStream | XsltInjection.java:36:5:36:74 | newTransformer(...) | XSLT transformation might include stylesheet from $@. | XsltInjection.java:35:66:35:88 | getInputStream(...) | this user input |
|
||||
|
||||
@@ -6,6 +6,7 @@ nodes
|
||||
| JSchOSInjectionTest.java:26:48:26:64 | ... + ... | semmle.label | ... + ... |
|
||||
| JSchOSInjectionTest.java:38:30:38:60 | getParameter(...) : String | semmle.label | getParameter(...) : String |
|
||||
| JSchOSInjectionTest.java:50:32:50:48 | ... + ... | semmle.label | ... + ... |
|
||||
subpaths
|
||||
#select
|
||||
| JSchOSInjectionTest.java:26:48:26:64 | ... + ... | JSchOSInjectionTest.java:14:30:14:60 | getParameter(...) : String | JSchOSInjectionTest.java:26:48:26:64 | ... + ... | $@ flows to here and is used in a command. | JSchOSInjectionTest.java:14:30:14:60 | getParameter(...) | User-provided value |
|
||||
| JSchOSInjectionTest.java:50:32:50:48 | ... + ... | JSchOSInjectionTest.java:38:30:38:60 | getParameter(...) : String | JSchOSInjectionTest.java:50:32:50:48 | ... + ... | $@ flows to here and is used in a command. | JSchOSInjectionTest.java:38:30:38:60 | getParameter(...) | User-provided value |
|
||||
|
||||
@@ -9,6 +9,7 @@ nodes
|
||||
| BeanShellInjection.java:22:20:22:23 | code | semmle.label | code |
|
||||
| BeanShellInjection.java:27:17:27:44 | getParameter(...) : String | semmle.label | getParameter(...) : String |
|
||||
| BeanShellInjection.java:31:22:31:39 | staticScriptSource | semmle.label | staticScriptSource |
|
||||
subpaths
|
||||
#select
|
||||
| BeanShellInjection.java:15:22:15:49 | new StaticScriptSource(...) | BeanShellInjection.java:13:17:13:44 | getParameter(...) : String | BeanShellInjection.java:15:22:15:49 | new StaticScriptSource(...) | BeanShell injection from $@. | BeanShellInjection.java:13:17:13:44 | getParameter(...) | this user input |
|
||||
| BeanShellInjection.java:22:20:22:23 | code | BeanShellInjection.java:20:17:20:44 | getParameter(...) : String | BeanShellInjection.java:22:20:22:23 | code | BeanShell injection from $@. | BeanShellInjection.java:20:17:20:44 | getParameter(...) | this user input |
|
||||
|
||||
@@ -9,6 +9,7 @@ nodes
|
||||
| JShellInjection.java:24:31:24:35 | input | semmle.label | input |
|
||||
| JShellInjection.java:29:18:29:45 | getParameter(...) : String | semmle.label | getParameter(...) : String |
|
||||
| JShellInjection.java:37:16:37:28 | source(...) | semmle.label | source(...) |
|
||||
subpaths
|
||||
#select
|
||||
| JShellInjection.java:15:15:15:19 | input | JShellInjection.java:12:18:12:45 | getParameter(...) : String | JShellInjection.java:15:15:15:19 | input | JShell injection from $@. | JShellInjection.java:12:18:12:45 | getParameter(...) | this user input |
|
||||
| JShellInjection.java:24:31:24:35 | input | JShellInjection.java:20:18:20:45 | getParameter(...) : String | JShellInjection.java:24:31:24:35 | input | JShell injection from $@. | JShellInjection.java:20:18:20:45 | getParameter(...) | this user input |
|
||||
|
||||
@@ -37,6 +37,7 @@ nodes
|
||||
| JakartaExpressionInjection.java:89:13:89:13 | e | semmle.label | e |
|
||||
| JakartaExpressionInjection.java:95:24:95:33 | expression : String | semmle.label | expression : String |
|
||||
| JakartaExpressionInjection.java:99:13:99:13 | e | semmle.label | e |
|
||||
subpaths
|
||||
#select
|
||||
| JakartaExpressionInjection.java:34:28:34:37 | expression | JakartaExpressionInjection.java:23:25:23:47 | getInputStream(...) : InputStream | JakartaExpressionInjection.java:34:28:34:37 | expression | Jakarta Expression Language injection from $@. | JakartaExpressionInjection.java:23:25:23:47 | getInputStream(...) | this user input |
|
||||
| JakartaExpressionInjection.java:42:32:42:41 | expression | JakartaExpressionInjection.java:23:25:23:47 | getInputStream(...) : InputStream | JakartaExpressionInjection.java:42:32:42:41 | expression | Jakarta Expression Language injection from $@. | JakartaExpressionInjection.java:23:25:23:47 | getInputStream(...) | this user input |
|
||||
|
||||
@@ -13,6 +13,7 @@ nodes
|
||||
| JythonInjection.java:97:23:97:50 | getParameter(...) : String | semmle.label | getParameter(...) : String |
|
||||
| JythonInjection.java:106:61:106:75 | getBytes(...) | semmle.label | getBytes(...) |
|
||||
| JythonInjection.java:131:40:131:63 | getInputStream(...) | semmle.label | getInputStream(...) |
|
||||
subpaths
|
||||
#select
|
||||
| JythonInjection.java:36:13:36:34 | exec(...) | JythonInjection.java:28:23:28:50 | getParameter(...) : String | JythonInjection.java:36:30:36:33 | code | Jython evaluate $@. | JythonInjection.java:28:23:28:50 | getParameter(...) | user input |
|
||||
| JythonInjection.java:58:27:58:48 | eval(...) | JythonInjection.java:53:23:53:50 | getParameter(...) : String | JythonInjection.java:58:44:58:47 | code | Jython evaluate $@. | JythonInjection.java:53:23:53:50 | getParameter(...) | user input |
|
||||
|
||||
@@ -46,6 +46,7 @@ nodes
|
||||
| ScriptEngineTest.java:96:59:96:62 | code : String | semmle.label | code : String |
|
||||
| ScriptEngineTest.java:97:54:97:57 | code : String | semmle.label | code : String |
|
||||
| ScriptEngineTest.java:98:54:98:57 | code : String | semmle.label | code : String |
|
||||
subpaths
|
||||
#select
|
||||
| RhinoServlet.java:32:29:32:78 | evaluateString(...) | RhinoServlet.java:28:23:28:50 | getParameter(...) : String | RhinoServlet.java:32:55:32:58 | code | Java Script Engine evaluate $@. | RhinoServlet.java:28:23:28:50 | getParameter(...) | user input |
|
||||
| RhinoServlet.java:83:25:83:97 | compileToClassFiles(...) | RhinoServlet.java:81:23:81:50 | getParameter(...) : String | RhinoServlet.java:83:54:83:57 | code | Java Script Engine evaluate $@. | RhinoServlet.java:81:23:81:50 | getParameter(...) | user input |
|
||||
|
||||
@@ -42,6 +42,7 @@ nodes
|
||||
| SpelInjection.java:77:13:77:14 | in : InputStream | semmle.label | in : InputStream |
|
||||
| SpelInjection.java:77:21:77:25 | bytes [post update] : byte[] | semmle.label | bytes [post update] : byte[] |
|
||||
| SpelInjection.java:83:5:83:14 | expression | semmle.label | expression |
|
||||
subpaths
|
||||
#select
|
||||
| SpelInjection.java:23:5:23:14 | expression | SpelInjection.java:15:22:15:44 | getInputStream(...) : InputStream | SpelInjection.java:23:5:23:14 | expression | SpEL injection from $@. | SpelInjection.java:15:22:15:44 | getInputStream(...) | this user input |
|
||||
| SpelInjection.java:34:5:34:14 | expression | SpelInjection.java:27:22:27:44 | getInputStream(...) : InputStream | SpelInjection.java:34:5:34:14 | expression | SpEL injection from $@. | SpelInjection.java:27:22:27:44 | getInputStream(...) | this user input |
|
||||
|
||||
@@ -46,6 +46,7 @@ nodes
|
||||
| SensitiveCookieNotHttpOnly.java:91:16:91:21 | cookie : Cookie | semmle.label | cookie : Cookie |
|
||||
| SensitiveCookieNotHttpOnly.java:110:25:110:64 | createAuthenticationCookie(...) : Cookie | semmle.label | createAuthenticationCookie(...) : Cookie |
|
||||
| SensitiveCookieNotHttpOnly.java:111:28:111:33 | cookie | semmle.label | cookie |
|
||||
subpaths
|
||||
#select
|
||||
| SensitiveCookieNotHttpOnly.java:31:28:31:36 | jwtCookie | SensitiveCookieNotHttpOnly.java:24:33:24:43 | "jwt_token" : String | SensitiveCookieNotHttpOnly.java:31:28:31:36 | jwtCookie | $@ doesn't have the HttpOnly flag set. | SensitiveCookieNotHttpOnly.java:24:33:24:43 | "jwt_token" | This sensitive cookie |
|
||||
| SensitiveCookieNotHttpOnly.java:42:42:42:69 | ... + ... | SensitiveCookieNotHttpOnly.java:42:42:42:49 | "token=" : String | SensitiveCookieNotHttpOnly.java:42:42:42:69 | ... + ... | $@ doesn't have the HttpOnly flag set. | SensitiveCookieNotHttpOnly.java:42:42:42:49 | "token=" | This sensitive cookie |
|
||||
|
||||
@@ -9,6 +9,7 @@ nodes
|
||||
| Test.java:31:40:31:48 | signature | semmle.label | signature |
|
||||
| Test.java:47:22:47:46 | doFinal(...) : byte[] | semmle.label | doFinal(...) : byte[] |
|
||||
| Test.java:48:40:48:42 | tag | semmle.label | tag |
|
||||
subpaths
|
||||
#select
|
||||
| Test.java:15:43:15:51 | actualMac | Test.java:14:28:14:44 | doFinal(...) : byte[] | Test.java:15:43:15:51 | actualMac | Possible timing attack against $@ validation. | Test.java:14:28:14:44 | doFinal(...) : byte[] | MAC |
|
||||
| Test.java:31:40:31:48 | signature | Test.java:30:28:30:40 | sign(...) : byte[] | Test.java:31:40:31:48 | signature | Possible timing attack against $@ validation. | Test.java:30:28:30:40 | sign(...) : byte[] | signature |
|
||||
|
||||
@@ -32,6 +32,7 @@ nodes
|
||||
| Test.java:176:44:176:46 | tag | semmle.label | tag |
|
||||
| Test.java:201:34:201:50 | doFinal(...) : byte[] | semmle.label | doFinal(...) : byte[] |
|
||||
| Test.java:204:26:204:36 | computedTag | semmle.label | computedTag |
|
||||
subpaths
|
||||
#select
|
||||
| Test.java:23:47:23:55 | actualMac | Test.java:21:32:21:48 | doFinal(...) : byte[] | Test.java:23:47:23:55 | actualMac | Timing attack against $@ validation. | Test.java:21:32:21:48 | doFinal(...) : byte[] | MAC |
|
||||
| Test.java:36:47:36:55 | actualMac | Test.java:34:25:34:33 | actualMac : byte[] | Test.java:36:47:36:55 | actualMac | Timing attack against $@ validation. | Test.java:34:25:34:33 | actualMac : byte[] | MAC |
|
||||
|
||||
@@ -90,6 +90,7 @@ nodes
|
||||
| InsecureTrustManagerTest.java:414:33:414:81 | {...} [[]] : InsecureTrustManager | semmle.label | {...} [[]] : InsecureTrustManager |
|
||||
| InsecureTrustManagerTest.java:414:54:414:79 | new InsecureTrustManager(...) : InsecureTrustManager | semmle.label | new InsecureTrustManager(...) : InsecureTrustManager |
|
||||
| InsecureTrustManagerTest.java:415:22:415:33 | trustManager | semmle.label | trustManager |
|
||||
subpaths
|
||||
#select
|
||||
| InsecureTrustManagerTest.java:122:22:122:33 | trustManager | InsecureTrustManagerTest.java:121:54:121:79 | new InsecureTrustManager(...) : InsecureTrustManager | InsecureTrustManagerTest.java:122:22:122:33 | trustManager | $@ that is defined $@ and trusts any certificate, is used here. | InsecureTrustManagerTest.java:121:54:121:79 | new InsecureTrustManager(...) : InsecureTrustManager | This trustmanager | InsecureTrustManagerTest.java:35:23:35:42 | InsecureTrustManager | here |
|
||||
| InsecureTrustManagerTest.java:152:23:152:34 | trustManager | InsecureTrustManagerTest.java:151:55:151:80 | new InsecureTrustManager(...) : InsecureTrustManager | InsecureTrustManagerTest.java:152:23:152:34 | trustManager | $@ that is defined $@ and trusts any certificate, is used here. | InsecureTrustManagerTest.java:151:55:151:80 | new InsecureTrustManager(...) : InsecureTrustManager | This trustmanager | InsecureTrustManagerTest.java:35:23:35:42 | InsecureTrustManager | here |
|
||||
|
||||
@@ -13,5 +13,6 @@ nodes
|
||||
| DisabledRevocationChecking.java:25:15:25:22 | parameter this [flag] : Boolean | semmle.label | parameter this [flag] : Boolean |
|
||||
| DisabledRevocationChecking.java:28:33:28:36 | flag | semmle.label | flag |
|
||||
| DisabledRevocationChecking.java:28:33:28:36 | this <.field> [flag] : Boolean | semmle.label | this <.field> [flag] : Boolean |
|
||||
subpaths
|
||||
#select
|
||||
| DisabledRevocationChecking.java:17:12:17:16 | false | DisabledRevocationChecking.java:17:12:17:16 | false : Boolean | DisabledRevocationChecking.java:28:33:28:36 | flag | Revocation checking is disabled $@. | DisabledRevocationChecking.java:17:12:17:16 | false | here |
|
||||
|
||||
@@ -125,6 +125,7 @@ nodes
|
||||
| UnsafeTlsVersion.java:112:21:112:29 | "TLSv1.1" : String | semmle.label | "TLSv1.1" : String |
|
||||
| UnsafeTlsVersion.java:119:43:119:61 | protocols [[]] : String | semmle.label | protocols [[]] : String |
|
||||
| UnsafeTlsVersion.java:121:32:121:40 | protocols | semmle.label | protocols |
|
||||
subpaths
|
||||
#select
|
||||
| UnsafeTlsVersion.java:16:28:16:32 | "SSL" | UnsafeTlsVersion.java:16:28:16:32 | "SSL" | UnsafeTlsVersion.java:16:28:16:32 | "SSL" | $@ is unsafe | UnsafeTlsVersion.java:16:28:16:32 | "SSL" | SSL |
|
||||
| UnsafeTlsVersion.java:17:28:17:34 | "SSLv2" | UnsafeTlsVersion.java:17:28:17:34 | "SSLv2" | UnsafeTlsVersion.java:17:28:17:34 | "SSLv2" | $@ is unsafe | UnsafeTlsVersion.java:17:28:17:34 | "SSLv2" | SSLv2 |
|
||||
|
||||
@@ -3,5 +3,6 @@ edges
|
||||
nodes
|
||||
| UnvalidatedCors.java:21:22:21:48 | getHeader(...) : String | semmle.label | getHeader(...) : String |
|
||||
| UnvalidatedCors.java:27:67:27:69 | url | semmle.label | url |
|
||||
subpaths
|
||||
#select
|
||||
| UnvalidatedCors.java:27:67:27:69 | url | UnvalidatedCors.java:21:22:21:48 | getHeader(...) : String | UnvalidatedCors.java:27:67:27:69 | url | CORS header is being set using user controlled value $@. | UnvalidatedCors.java:21:22:21:48 | getHeader(...) | user-provided value |
|
||||
|
||||
@@ -14,6 +14,7 @@ nodes
|
||||
| ClientSuppliedIpUsedInSecurityCheck.java:43:27:43:62 | getHeader(...) : String | semmle.label | getHeader(...) : String |
|
||||
| ClientSuppliedIpUsedInSecurityCheck.java:47:16:47:34 | split(...) : String[] | semmle.label | split(...) : String[] |
|
||||
| ClientSuppliedIpUsedInSecurityCheck.java:47:16:47:37 | ...[...] : String | semmle.label | ...[...] : String |
|
||||
subpaths
|
||||
#select
|
||||
| ClientSuppliedIpUsedInSecurityCheck.java:17:37:17:38 | ip | ClientSuppliedIpUsedInSecurityCheck.java:43:27:43:62 | getHeader(...) : String | ClientSuppliedIpUsedInSecurityCheck.java:17:37:17:38 | ip | IP address spoofing might include code from $@. | ClientSuppliedIpUsedInSecurityCheck.java:43:27:43:62 | getHeader(...) | this user input |
|
||||
| ClientSuppliedIpUsedInSecurityCheck.java:25:33:25:34 | ip | ClientSuppliedIpUsedInSecurityCheck.java:43:27:43:62 | getHeader(...) : String | ClientSuppliedIpUsedInSecurityCheck.java:25:33:25:34 | ip | IP address spoofing might include code from $@. | ClientSuppliedIpUsedInSecurityCheck.java:43:27:43:62 | getHeader(...) | this user input |
|
||||
|
||||
@@ -48,6 +48,7 @@ nodes
|
||||
| JsonpController.java:116:16:116:24 | resultStr | semmle.label | resultStr |
|
||||
| JsonpController.java:130:21:130:54 | ... + ... : String | semmle.label | ... + ... : String |
|
||||
| JsonpController.java:131:16:131:24 | resultStr | semmle.label | resultStr |
|
||||
subpaths
|
||||
#select
|
||||
| JsonpController.java:37:16:37:24 | resultStr | JsonpController.java:33:32:33:68 | getParameter(...) : String | JsonpController.java:37:16:37:24 | resultStr | Jsonp response might include code from $@. | JsonpController.java:33:32:33:68 | getParameter(...) | this user input |
|
||||
| JsonpController.java:46:16:46:24 | resultStr | JsonpController.java:44:32:44:68 | getParameter(...) : String | JsonpController.java:46:16:46:24 | resultStr | Jsonp response might include code from $@. | JsonpController.java:44:32:44:68 | getParameter(...) | this user input |
|
||||
|
||||
@@ -51,6 +51,7 @@ nodes
|
||||
| UnsafeReflection.java:119:21:119:26 | method | semmle.label | method |
|
||||
| UnsafeReflection.java:119:35:119:38 | bean | semmle.label | bean |
|
||||
| UnsafeReflection.java:119:41:119:44 | data | semmle.label | data |
|
||||
subpaths
|
||||
#select
|
||||
| UnsafeReflection.java:25:29:25:62 | ...[...] | UnsafeReflection.java:21:28:21:60 | getParameter(...) : String | UnsafeReflection.java:25:29:25:62 | ...[...] | Unsafe reflection of $@. | UnsafeReflection.java:21:28:21:60 | getParameter(...) | user input |
|
||||
| UnsafeReflection.java:39:13:39:41 | ...[...] | UnsafeReflection.java:33:28:33:60 | getParameter(...) : String | UnsafeReflection.java:39:13:39:41 | ...[...] | Unsafe reflection of $@. | UnsafeReflection.java:33:28:33:60 | getParameter(...) | user input |
|
||||
|
||||
@@ -7,6 +7,7 @@ nodes
|
||||
| UnsafeDeserializationRmi.java:17:68:17:95 | new UnsafeRemoteObjectImpl(...) : UnsafeRemoteObjectImpl | semmle.label | new UnsafeRemoteObjectImpl(...) : UnsafeRemoteObjectImpl |
|
||||
| UnsafeDeserializationRmi.java:29:31:29:58 | new UnsafeRemoteObjectImpl(...) | semmle.label | new UnsafeRemoteObjectImpl(...) |
|
||||
| UnsafeDeserializationRmi.java:30:33:30:60 | new UnsafeRemoteObjectImpl(...) | semmle.label | new UnsafeRemoteObjectImpl(...) |
|
||||
subpaths
|
||||
#select
|
||||
| UnsafeDeserializationRmi.java:15:33:15:60 | new UnsafeRemoteObjectImpl(...) | UnsafeDeserializationRmi.java:15:33:15:60 | new UnsafeRemoteObjectImpl(...) | UnsafeDeserializationRmi.java:15:33:15:60 | new UnsafeRemoteObjectImpl(...) | Unsafe deserialization in a remote object. |
|
||||
| UnsafeDeserializationRmi.java:16:35:16:62 | new UnsafeRemoteObjectImpl(...) | UnsafeDeserializationRmi.java:16:35:16:62 | new UnsafeRemoteObjectImpl(...) | UnsafeDeserializationRmi.java:16:35:16:62 | new UnsafeRemoteObjectImpl(...) | Unsafe deserialization in a remote object. |
|
||||
|
||||
@@ -50,6 +50,7 @@ nodes
|
||||
| InsecureBasicAuth.java:145:21:145:28 | protocol : String | semmle.label | protocol : String |
|
||||
| InsecureBasicAuth.java:146:28:146:67 | (...)... : URLConnection | semmle.label | (...)... : URLConnection |
|
||||
| InsecureBasicAuth.java:149:3:149:6 | conn | semmle.label | conn |
|
||||
subpaths
|
||||
#select
|
||||
| InsecureBasicAuth.java:28:3:28:6 | post | InsecureBasicAuth.java:20:39:20:52 | ... + ... : String | InsecureBasicAuth.java:28:3:28:6 | post | Insecure basic authentication from $@. | InsecureBasicAuth.java:20:39:20:52 | ... + ... | HTTP url |
|
||||
| InsecureBasicAuth.java:38:3:38:5 | get | InsecureBasicAuth.java:35:19:35:64 | "http://www.example.com:8000/payment/retrieve" : String | InsecureBasicAuth.java:38:3:38:5 | get | Insecure basic authentication from $@. | InsecureBasicAuth.java:35:19:35:64 | "http://www.example.com:8000/payment/retrieve" | HTTP url |
|
||||
|
||||
@@ -102,6 +102,7 @@ nodes
|
||||
| InsecureLdapAuth.java:152:16:152:26 | environment [post update] : Hashtable | semmle.label | environment [post update] : Hashtable |
|
||||
| InsecureLdapAuth.java:153:50:153:60 | environment | semmle.label | environment |
|
||||
| InsecureLdapAuth.java:153:50:153:60 | environment | semmle.label | environment |
|
||||
subpaths
|
||||
#select
|
||||
| InsecureLdapAuth.java:20:49:20:59 | environment | InsecureLdapAuth.java:11:20:11:50 | "ldap://ad.your-server.com:389" : String | InsecureLdapAuth.java:20:49:20:59 | environment | Insecure LDAP authentication from $@. | InsecureLdapAuth.java:11:20:11:50 | "ldap://ad.your-server.com:389" | LDAP connection string |
|
||||
| InsecureLdapAuth.java:34:49:34:59 | environment | InsecureLdapAuth.java:25:20:25:39 | ... + ... : String | InsecureLdapAuth.java:34:49:34:59 | environment | Insecure LDAP authentication from $@. | InsecureLdapAuth.java:25:20:25:39 | ... + ... | LDAP connection string |
|
||||
|
||||
@@ -34,6 +34,7 @@ nodes
|
||||
| SensitiveGetQuery.java:14:29:14:36 | password : String | semmle.label | password : String |
|
||||
| SensitiveGetQuery.java:17:40:17:54 | password : String | semmle.label | password : String |
|
||||
| SensitiveGetQuery.java:18:61:18:68 | password | semmle.label | password |
|
||||
subpaths
|
||||
#select
|
||||
| SensitiveGetQuery2.java:15:29:15:36 | password | SensitiveGetQuery2.java:12:13:12:37 | getParameterMap(...) : Map | SensitiveGetQuery2.java:15:29:15:36 | password | $@ uses the GET request method to transmit sensitive information. | SensitiveGetQuery2.java:12:13:12:37 | getParameterMap(...) | This request |
|
||||
| SensitiveGetQuery2.java:19:61:19:68 | password | SensitiveGetQuery2.java:12:13:12:37 | getParameterMap(...) : Map | SensitiveGetQuery2.java:19:61:19:68 | password | $@ uses the GET request method to transmit sensitive information. | SensitiveGetQuery2.java:12:13:12:37 | getParameterMap(...) | This request |
|
||||
|
||||
@@ -12,6 +12,7 @@ nodes
|
||||
| UncaughtServletException.java:55:45:55:46 | ip | semmle.label | ip |
|
||||
| UncaughtServletException.java:75:21:75:43 | getRemoteUser(...) : String | semmle.label | getRemoteUser(...) : String |
|
||||
| UncaughtServletException.java:76:22:76:27 | userId | semmle.label | userId |
|
||||
subpaths
|
||||
#select
|
||||
| UncaughtServletException.java:14:44:14:45 | ip | UncaughtServletException.java:13:15:13:43 | getParameter(...) : String | UncaughtServletException.java:14:44:14:45 | ip | $@ flows to here and can throw uncaught exception. | UncaughtServletException.java:13:15:13:43 | getParameter(...) | User-provided value |
|
||||
| UncaughtServletException.java:17:20:17:25 | userId | UncaughtServletException.java:16:19:16:41 | getRemoteUser(...) : String | UncaughtServletException.java:17:20:17:25 | userId | $@ flows to here and can throw uncaught exception. | UncaughtServletException.java:16:19:16:41 | getRemoteUser(...) | User-provided value |
|
||||
|
||||
@@ -73,6 +73,7 @@ nodes
|
||||
| SpringUrlRedirect.java:130:33:130:55 | create(...) : URI | semmle.label | create(...) : URI |
|
||||
| SpringUrlRedirect.java:130:44:130:54 | redirectUrl : String | semmle.label | redirectUrl : String |
|
||||
| SpringUrlRedirect.java:132:49:132:59 | httpHeaders | semmle.label | httpHeaders |
|
||||
subpaths
|
||||
#select
|
||||
| SpringUrlRedirect.java:19:19:19:29 | redirectUrl | SpringUrlRedirect.java:17:30:17:47 | redirectUrl : String | SpringUrlRedirect.java:19:19:19:29 | redirectUrl | Potentially untrusted URL redirection due to $@. | SpringUrlRedirect.java:17:30:17:47 | redirectUrl | user-provided value |
|
||||
| SpringUrlRedirect.java:25:36:25:46 | redirectUrl | SpringUrlRedirect.java:24:24:24:41 | redirectUrl : String | SpringUrlRedirect.java:25:36:25:46 | redirectUrl | Potentially untrusted URL redirection due to $@. | SpringUrlRedirect.java:24:24:24:41 | redirectUrl | user-provided value |
|
||||
|
||||
@@ -48,6 +48,7 @@ nodes
|
||||
| XQueryInjection.java:158:48:158:72 | new InputStreamReader(...) : InputStreamReader | semmle.label | new InputStreamReader(...) : InputStreamReader |
|
||||
| XQueryInjection.java:158:70:158:71 | is : ServletInputStream | semmle.label | is : ServletInputStream |
|
||||
| XQueryInjection.java:159:29:159:30 | br | semmle.label | br |
|
||||
subpaths
|
||||
#select
|
||||
| XQueryInjection.java:51:35:51:38 | xqpe | XQueryInjection.java:45:23:45:50 | getParameter(...) : String | XQueryInjection.java:51:35:51:38 | xqpe | XQuery query might include code from $@. | XQueryInjection.java:45:23:45:50 | getParameter(...) | this user input |
|
||||
| XQueryInjection.java:65:53:65:57 | query | XQueryInjection.java:59:23:59:50 | getParameter(...) : String | XQueryInjection.java:65:53:65:57 | query | XQuery query might include code from $@. | XQueryInjection.java:59:23:59:50 | getParameter(...) | this user input |
|
||||
|
||||
@@ -9,6 +9,8 @@ edges
|
||||
| RegexInjection.java:65:22:65:52 | getParameter(...) : String | RegexInjection.java:68:36:68:42 | pattern : String |
|
||||
| RegexInjection.java:68:32:68:43 | foo(...) : String | RegexInjection.java:68:26:68:52 | ... + ... |
|
||||
| RegexInjection.java:68:36:68:42 | pattern : String | RegexInjection.java:68:32:68:43 | foo(...) : String |
|
||||
| RegexInjection.java:68:36:68:42 | pattern : String | RegexInjection.java:71:14:71:23 | str : String |
|
||||
| RegexInjection.java:71:14:71:23 | str : String | RegexInjection.java:72:12:72:14 | str : String |
|
||||
| RegexInjection.java:84:22:84:52 | getParameter(...) : String | RegexInjection.java:90:26:90:47 | ... + ... |
|
||||
| RegexInjection.java:100:22:100:52 | getParameter(...) : String | RegexInjection.java:103:40:103:46 | pattern |
|
||||
| RegexInjection.java:107:22:107:52 | getParameter(...) : String | RegexInjection.java:110:42:110:48 | pattern |
|
||||
@@ -35,6 +37,8 @@ nodes
|
||||
| RegexInjection.java:68:26:68:52 | ... + ... | semmle.label | ... + ... |
|
||||
| RegexInjection.java:68:32:68:43 | foo(...) : String | semmle.label | foo(...) : String |
|
||||
| RegexInjection.java:68:36:68:42 | pattern : String | semmle.label | pattern : String |
|
||||
| RegexInjection.java:71:14:71:23 | str : String | semmle.label | str : String |
|
||||
| RegexInjection.java:72:12:72:14 | str : String | semmle.label | str : String |
|
||||
| RegexInjection.java:84:22:84:52 | getParameter(...) : String | semmle.label | getParameter(...) : String |
|
||||
| RegexInjection.java:90:26:90:47 | ... + ... | semmle.label | ... + ... |
|
||||
| RegexInjection.java:100:22:100:52 | getParameter(...) : String | semmle.label | getParameter(...) : String |
|
||||
@@ -49,6 +53,8 @@ nodes
|
||||
| RegexInjection.java:131:43:131:49 | pattern | semmle.label | pattern |
|
||||
| RegexInjection.java:143:22:143:52 | getParameter(...) : String | semmle.label | getParameter(...) : String |
|
||||
| RegexInjection.java:146:45:146:51 | pattern | semmle.label | pattern |
|
||||
subpaths
|
||||
| RegexInjection.java:68:36:68:42 | pattern : String | RegexInjection.java:71:14:71:23 | str : String | RegexInjection.java:72:12:72:14 | str : String | RegexInjection.java:68:32:68:43 | foo(...) : String |
|
||||
#select
|
||||
| RegexInjection.java:16:26:16:47 | ... + ... | RegexInjection.java:13:22:13:52 | getParameter(...) : String | RegexInjection.java:16:26:16:47 | ... + ... | $@ is user controlled. | RegexInjection.java:13:22:13:52 | getParameter(...) | This regular expression pattern |
|
||||
| RegexInjection.java:23:24:23:30 | pattern | RegexInjection.java:20:22:20:52 | getParameter(...) : String | RegexInjection.java:23:24:23:30 | pattern | $@ is user controlled. | RegexInjection.java:20:22:20:52 | getParameter(...) | This regular expression pattern |
|
||||
|
||||
@@ -14,6 +14,7 @@ nodes
|
||||
| NFEAndroidDoS.java:43:24:43:34 | getIntent(...) : Intent | semmle.label | getIntent(...) : Intent |
|
||||
| NFEAndroidDoS.java:44:21:44:43 | new Double(...) | semmle.label | new Double(...) |
|
||||
| NFEAndroidDoS.java:47:21:47:47 | valueOf(...) | semmle.label | valueOf(...) |
|
||||
subpaths
|
||||
#select
|
||||
| NFEAndroidDoS.java:14:21:14:51 | parseDouble(...) | NFEAndroidDoS.java:13:24:13:34 | getIntent(...) : Intent | NFEAndroidDoS.java:14:21:14:51 | parseDouble(...) | Uncaught NumberFormatException in an exported Android component due to $@. | NFEAndroidDoS.java:13:24:13:34 | getIntent(...) | user-provided value |
|
||||
| NFEAndroidDoS.java:23:15:23:40 | parseInt(...) | NFEAndroidDoS.java:22:21:22:31 | getIntent(...) : Intent | NFEAndroidDoS.java:23:15:23:40 | parseInt(...) | Uncaught NumberFormatException in an exported Android component due to $@. | NFEAndroidDoS.java:22:21:22:31 | getIntent(...) | user-provided value |
|
||||
|
||||
@@ -12,6 +12,7 @@ nodes
|
||||
| HashWithoutSalt.java:94:17:94:25 | passBytes | semmle.label | passBytes |
|
||||
| HashWithoutSalt.java:111:22:111:29 | password : String | semmle.label | password : String |
|
||||
| HashWithoutSalt.java:112:18:112:26 | passBytes | semmle.label | passBytes |
|
||||
subpaths
|
||||
#select
|
||||
| HashWithoutSalt.java:10:36:10:54 | getBytes(...) | HashWithoutSalt.java:10:36:10:43 | password : String | HashWithoutSalt.java:10:36:10:54 | getBytes(...) | $@ is hashed without a salt. | HashWithoutSalt.java:10:36:10:43 | password : String | The password |
|
||||
| HashWithoutSalt.java:25:13:25:31 | getBytes(...) | HashWithoutSalt.java:25:13:25:20 | password : String | HashWithoutSalt.java:25:13:25:31 | getBytes(...) | $@ is hashed without a salt. | HashWithoutSalt.java:25:13:25:20 | password : String | The password |
|
||||
|
||||
@@ -25,6 +25,7 @@ nodes
|
||||
| SensitiveBroadcast.java:111:54:111:59 | intent | semmle.label | intent |
|
||||
| SensitiveBroadcast.java:136:33:136:38 | passwd : String | semmle.label | passwd : String |
|
||||
| SensitiveBroadcast.java:140:54:140:59 | intent | semmle.label | intent |
|
||||
subpaths
|
||||
#select
|
||||
| SensitiveBroadcast.java:14:31:14:36 | intent | SensitiveBroadcast.java:12:34:12:38 | token : String | SensitiveBroadcast.java:14:31:14:36 | intent | Sending $@ to broadcast. | SensitiveBroadcast.java:12:34:12:38 | token | sensitive information |
|
||||
| SensitiveBroadcast.java:14:31:14:36 | intent | SensitiveBroadcast.java:13:41:13:52 | refreshToken : String | SensitiveBroadcast.java:14:31:14:36 | intent | Sending $@ to broadcast. | SensitiveBroadcast.java:13:41:13:52 | refreshToken | sensitive information |
|
||||
|
||||
@@ -1,6 +1,8 @@
|
||||
edges
|
||||
| A2.java:15:15:15:28 | new Integer(...) : Number | A2.java:27:27:27:34 | o : Number |
|
||||
| A2.java:27:27:27:34 | o : Number | A2.java:29:9:29:9 | o |
|
||||
| A.java:6:28:6:35 | o : Number | A.java:8:11:8:11 | o : Number |
|
||||
| A.java:6:28:6:35 | o : Number | A.java:8:11:8:11 | o : Number |
|
||||
| A.java:14:29:14:36 | o : Number | A.java:16:9:16:9 | o |
|
||||
| A.java:20:30:20:37 | o : Number | A.java:22:9:22:9 | o |
|
||||
| A.java:26:31:26:38 | o : Number | A.java:28:9:28:9 | o |
|
||||
@@ -15,12 +17,14 @@ edges
|
||||
| A.java:66:25:66:38 | new Integer(...) : Number | A.java:43:36:43:43 | o : Number |
|
||||
| A.java:67:25:67:38 | new Integer(...) : Number | A.java:43:36:43:43 | o : Number |
|
||||
| A.java:68:25:68:38 | new Integer(...) : Number | A.java:43:36:43:43 | o : Number |
|
||||
| A.java:69:20:69:33 | new Integer(...) : Number | A.java:6:28:6:35 | o : Number |
|
||||
| A.java:69:20:69:33 | new Integer(...) : Number | A.java:69:8:69:40 | flowThrough(...) |
|
||||
| A.java:71:25:71:38 | new Integer(...) : Number | A.java:43:36:43:43 | o : Number |
|
||||
| A.java:84:18:84:31 | new Integer(...) : Number | A.java:14:29:14:36 | o : Number |
|
||||
| A.java:85:19:85:32 | new Integer(...) : Number | A.java:20:30:20:37 | o : Number |
|
||||
| A.java:86:20:86:33 | new Integer(...) : Number | A.java:26:31:26:38 | o : Number |
|
||||
| A.java:87:24:87:37 | new Integer(...) : Number | A.java:32:35:32:42 | o : Number |
|
||||
| A.java:88:20:88:33 | new Integer(...) : Number | A.java:6:28:6:35 | o : Number |
|
||||
| A.java:88:20:88:33 | new Integer(...) : Number | A.java:88:8:88:37 | flowThrough(...) |
|
||||
| A.java:99:20:99:33 | new Integer(...) : Number | A.java:106:30:106:37 | o : Number |
|
||||
| A.java:100:21:100:34 | new Integer(...) : Number | A.java:113:31:113:38 | o : Number |
|
||||
@@ -32,6 +36,10 @@ nodes
|
||||
| A2.java:15:15:15:28 | new Integer(...) : Number | semmle.label | new Integer(...) : Number |
|
||||
| A2.java:27:27:27:34 | o : Number | semmle.label | o : Number |
|
||||
| A2.java:29:9:29:9 | o | semmle.label | o |
|
||||
| A.java:6:28:6:35 | o : Number | semmle.label | o : Number |
|
||||
| A.java:6:28:6:35 | o : Number | semmle.label | o : Number |
|
||||
| A.java:8:11:8:11 | o : Number | semmle.label | o : Number |
|
||||
| A.java:8:11:8:11 | o : Number | semmle.label | o : Number |
|
||||
| A.java:14:29:14:36 | o : Number | semmle.label | o : Number |
|
||||
| A.java:16:9:16:9 | o | semmle.label | o |
|
||||
| A.java:20:30:20:37 | o : Number | semmle.label | o : Number |
|
||||
@@ -69,6 +77,9 @@ nodes
|
||||
| A.java:115:10:115:10 | o | semmle.label | o |
|
||||
| A.java:120:36:120:43 | o : Number | semmle.label | o : Number |
|
||||
| A.java:128:9:128:10 | o3 | semmle.label | o3 |
|
||||
subpaths
|
||||
| A.java:69:20:69:33 | new Integer(...) : Number | A.java:6:28:6:35 | o : Number | A.java:8:11:8:11 | o : Number | A.java:69:8:69:40 | flowThrough(...) : Number |
|
||||
| A.java:88:20:88:33 | new Integer(...) : Number | A.java:6:28:6:35 | o : Number | A.java:8:11:8:11 | o : Number | A.java:88:8:88:37 | flowThrough(...) : Number |
|
||||
#select
|
||||
| A2.java:15:15:15:28 | new Integer(...) : Number | A2.java:15:15:15:28 | new Integer(...) : Number | A2.java:29:9:29:9 | o | $@ | A2.java:29:9:29:9 | o | o |
|
||||
| A.java:62:18:62:31 | new Integer(...) : Number | A.java:62:18:62:31 | new Integer(...) : Number | A.java:16:9:16:9 | o | $@ | A.java:16:9:16:9 | o | o |
|
||||
|
||||
@@ -12,6 +12,7 @@ nodes
|
||||
| UrlRedirectJax.java:10:32:10:61 | getParameter(...) : String | semmle.label | getParameter(...) : String |
|
||||
| UrlRedirectJax.java:13:33:13:71 | new URI(...) | semmle.label | new URI(...) |
|
||||
| UrlRedirectJax.java:13:41:13:70 | getParameter(...) : String | semmle.label | getParameter(...) : String |
|
||||
subpaths
|
||||
#select
|
||||
| UrlRedirectJakarta.java:10:24:10:62 | new URI(...) | UrlRedirectJakarta.java:10:32:10:61 | getParameter(...) : String | UrlRedirectJakarta.java:10:24:10:62 | new URI(...) | Potentially untrusted URL redirection due to $@. | UrlRedirectJakarta.java:10:32:10:61 | getParameter(...) | user-provided value |
|
||||
| UrlRedirectJakarta.java:13:33:13:71 | new URI(...) | UrlRedirectJakarta.java:13:41:13:70 | getParameter(...) : String | UrlRedirectJakarta.java:13:33:13:71 | new URI(...) | Potentially untrusted URL redirection due to $@. | UrlRedirectJakarta.java:13:41:13:70 | getParameter(...) | user-provided value |
|
||||
|
||||
Reference in New Issue
Block a user