hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-05 13:45:19 +02:00
Code Issues Packages Projects Releases Wiki Activity

Add additional test

Browse Source
This commit is contained in:
Kevin Stubbings
2025-12-29 07:09:31 +00:00
parent f22429de2d
commit f73f1a7aa9
2 changed files with 15 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
java/ql/test/library-tests/dataflow/taintsources/FileUpload.java
View File

@@ -2,7 +2,7 @@ import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.fileupload.FileItem;
import org.apache.commons.fileupload.FileItemStream;
import org.apache.commons.fileupload.servlet.ServletFileUpload;
public class FileUpload {
@@ -12,6 +12,7 @@ public class FileUpload {
private FileItem fileItem;
private FileItemStream fileItemStream;
private jakarta.servlet.http.Part jakartaPart;
private ServletFileUpload servletFileUpload;
private static void sink(Object o) {}
@@ -45,5 +46,7 @@ public class FileUpload {
sink(jakartaPart.getName()); // $ hasRemoteValueFlow
sink(jakartaPart.getSubmittedFileName()); // $ hasRemoteValueFlow
FileItem item = servletFileUpload.parseRequest(request).get(0);
sink(item.getName()); // $ hasRemoteValueFlow
}
}