hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-26 01:05:15 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'main' into atorralba/java/command-injection-mad-sinks

Browse Source
This commit is contained in:
Tony Torralba
2023-06-13 09:27:33 +02:00
committed by GitHub
parent 29d4b6fadc 798f3880c9
commit ffe67689ec
564 changed files with 6268 additions and 8687 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
java/ql/test/TestUtilities/InlineFlowTest.qll
View File

@@ -7,7 +7,7 @@
* import TestUtilities.InlineFlowTest
* ```
*
* To declare expecations, you can use the $hasTaintFlow or $hasValueFlow comments within the test source files.
* To declare expectations, you can use the $hasTaintFlow or $hasValueFlow comments within the test source files.
* Example of the corresponding test file, e.g. Test.java
* ```java
* public class Test {

46
java/ql/test/experimental/query-tests/security/CWE-020/Log4jInjectionTest.expected
View File

@@ -2075,28 +2075,28 @@ edges
| Log4jJndiInjectionTest.java:1085:39:1085:46 | source(...) : String | Log4jJndiInjectionTest.java:1085:25:1085:46 | (...)... |
| Log4jJndiInjectionTest.java:1088:47:1088:54 | source(...) : String | Log4jJndiInjectionTest.java:1088:38:1088:54 | (...)... |
| Log4jJndiInjectionTest.java:1089:53:1089:60 | source(...) : String | Log4jJndiInjectionTest.java:1089:44:1089:60 | (...)... |
| Log4jJndiInjectionTest.java:1091:13:1091:15 | map [post update] : Map [<map.value>] : String | Log4jJndiInjectionTest.java:1092:34:1092:36 | map |
| Log4jJndiInjectionTest.java:1091:28:1091:44 | (...)... : String | Log4jJndiInjectionTest.java:1091:13:1091:15 | map [post update] : Map [<map.value>] : String |
| Log4jJndiInjectionTest.java:1091:13:1091:15 | map [post update] : HashMap [<map.value>] : String | Log4jJndiInjectionTest.java:1092:34:1092:36 | map |
| Log4jJndiInjectionTest.java:1091:28:1091:44 | (...)... : String | Log4jJndiInjectionTest.java:1091:13:1091:15 | map [post update] : HashMap [<map.value>] : String |
| Log4jJndiInjectionTest.java:1091:37:1091:44 | source(...) : String | Log4jJndiInjectionTest.java:1091:28:1091:44 | (...)... : String |
| Log4jJndiInjectionTest.java:1095:31:1095:88 | with(...) : MapMessage | Log4jJndiInjectionTest.java:1096:26:1096:29 | mmsg |
| Log4jJndiInjectionTest.java:1095:71:1095:87 | (...)... : String | Log4jJndiInjectionTest.java:1095:31:1095:88 | with(...) : MapMessage |
| Log4jJndiInjectionTest.java:1095:31:1095:88 | with(...) : StringMapMessage | Log4jJndiInjectionTest.java:1096:26:1096:29 | mmsg |
| Log4jJndiInjectionTest.java:1095:71:1095:87 | (...)... : String | Log4jJndiInjectionTest.java:1095:31:1095:88 | with(...) : StringMapMessage |
| Log4jJndiInjectionTest.java:1095:80:1095:87 | source(...) : String | Log4jJndiInjectionTest.java:1095:71:1095:87 | (...)... : String |
| Log4jJndiInjectionTest.java:1100:13:1100:16 | mmsg [post update] : MapMessage | Log4jJndiInjectionTest.java:1101:26:1101:29 | mmsg |
| Log4jJndiInjectionTest.java:1100:35:1100:51 | (...)... : String | Log4jJndiInjectionTest.java:1100:13:1100:16 | mmsg [post update] : MapMessage |
| Log4jJndiInjectionTest.java:1100:13:1100:16 | mmsg [post update] : StringMapMessage | Log4jJndiInjectionTest.java:1101:26:1101:29 | mmsg |
| Log4jJndiInjectionTest.java:1100:35:1100:51 | (...)... : String | Log4jJndiInjectionTest.java:1100:13:1100:16 | mmsg [post update] : StringMapMessage |
| Log4jJndiInjectionTest.java:1100:44:1100:51 | source(...) : String | Log4jJndiInjectionTest.java:1100:35:1100:51 | (...)... : String |
| Log4jJndiInjectionTest.java:1105:13:1105:16 | mmsg [post update] : MapMessage | Log4jJndiInjectionTest.java:1106:26:1106:29 | mmsg |
| Log4jJndiInjectionTest.java:1105:34:1105:50 | (...)... : String | Log4jJndiInjectionTest.java:1105:13:1105:16 | mmsg [post update] : MapMessage |
| Log4jJndiInjectionTest.java:1105:13:1105:16 | mmsg [post update] : StringMapMessage | Log4jJndiInjectionTest.java:1106:26:1106:29 | mmsg |
| Log4jJndiInjectionTest.java:1105:34:1105:50 | (...)... : String | Log4jJndiInjectionTest.java:1105:13:1105:16 | mmsg [post update] : StringMapMessage |
| Log4jJndiInjectionTest.java:1105:43:1105:50 | source(...) : String | Log4jJndiInjectionTest.java:1105:34:1105:50 | (...)... : String |
| Log4jJndiInjectionTest.java:1111:13:1111:15 | map [post update] : Map [<map.value>] : String | Log4jJndiInjectionTest.java:1112:25:1112:27 | map : Map [<map.value>] : String |
| Log4jJndiInjectionTest.java:1111:33:1111:49 | (...)... : String | Log4jJndiInjectionTest.java:1111:13:1111:15 | map [post update] : Map [<map.value>] : String |
| Log4jJndiInjectionTest.java:1111:13:1111:15 | map [post update] : HashMap [<map.value>] : String | Log4jJndiInjectionTest.java:1112:25:1112:27 | map : HashMap [<map.value>] : String |
| Log4jJndiInjectionTest.java:1111:33:1111:49 | (...)... : String | Log4jJndiInjectionTest.java:1111:13:1111:15 | map [post update] : HashMap [<map.value>] : String |
| Log4jJndiInjectionTest.java:1111:42:1111:49 | source(...) : String | Log4jJndiInjectionTest.java:1111:33:1111:49 | (...)... : String |
| Log4jJndiInjectionTest.java:1112:13:1112:16 | mmsg [post update] : MapMessage | Log4jJndiInjectionTest.java:1113:26:1113:29 | mmsg |
| Log4jJndiInjectionTest.java:1112:25:1112:27 | map : Map [<map.value>] : String | Log4jJndiInjectionTest.java:1112:13:1112:16 | mmsg [post update] : MapMessage |
| Log4jJndiInjectionTest.java:1112:13:1112:16 | mmsg [post update] : StringMapMessage | Log4jJndiInjectionTest.java:1113:26:1113:29 | mmsg |
| Log4jJndiInjectionTest.java:1112:25:1112:27 | map : HashMap [<map.value>] : String | Log4jJndiInjectionTest.java:1112:13:1112:16 | mmsg [post update] : StringMapMessage |
| Log4jJndiInjectionTest.java:1116:61:1116:68 | source(...) : String | Log4jJndiInjectionTest.java:1116:52:1116:68 | (...)... |
| Log4jJndiInjectionTest.java:1117:81:1117:88 | source(...) : String | Log4jJndiInjectionTest.java:1117:72:1117:88 | (...)... |
| Log4jJndiInjectionTest.java:1119:13:1119:15 | map [post update] : Map [<map.value>] : String | Log4jJndiInjectionTest.java:1120:43:1120:45 | map |
| Log4jJndiInjectionTest.java:1119:13:1119:15 | map [post update] : Map [<map.value>] : String | Log4jJndiInjectionTest.java:1121:63:1121:65 | map |
| Log4jJndiInjectionTest.java:1119:33:1119:49 | (...)... : String | Log4jJndiInjectionTest.java:1119:13:1119:15 | map [post update] : Map [<map.value>] : String |
| Log4jJndiInjectionTest.java:1119:13:1119:15 | map [post update] : HashMap [<map.value>] : String | Log4jJndiInjectionTest.java:1120:43:1120:45 | map |
| Log4jJndiInjectionTest.java:1119:13:1119:15 | map [post update] : HashMap [<map.value>] : String | Log4jJndiInjectionTest.java:1121:63:1121:65 | map |
| Log4jJndiInjectionTest.java:1119:33:1119:49 | (...)... : String | Log4jJndiInjectionTest.java:1119:13:1119:15 | map [post update] : HashMap [<map.value>] : String |
| Log4jJndiInjectionTest.java:1119:42:1119:49 | source(...) : String | Log4jJndiInjectionTest.java:1119:33:1119:49 | (...)... : String |
nodes
| Log4jJndiInjectionTest.java:24:16:24:45 | getParameter(...) : String | semmle.label | getParameter(...) : String |
@@ -4168,33 +4168,33 @@ nodes
| Log4jJndiInjectionTest.java:1088:47:1088:54 | source(...) : String | semmle.label | source(...) : String |
| Log4jJndiInjectionTest.java:1089:44:1089:60 | (...)... | semmle.label | (...)... |
| Log4jJndiInjectionTest.java:1089:53:1089:60 | source(...) : String | semmle.label | source(...) : String |
| Log4jJndiInjectionTest.java:1091:13:1091:15 | map [post update] : Map [<map.value>] : String | semmle.label | map [post update] : Map [<map.value>] : String |
| Log4jJndiInjectionTest.java:1091:13:1091:15 | map [post update] : HashMap [<map.value>] : String | semmle.label | map [post update] : HashMap [<map.value>] : String |
| Log4jJndiInjectionTest.java:1091:28:1091:44 | (...)... : String | semmle.label | (...)... : String |
| Log4jJndiInjectionTest.java:1091:37:1091:44 | source(...) : String | semmle.label | source(...) : String |
| Log4jJndiInjectionTest.java:1092:34:1092:36 | map | semmle.label | map |
| Log4jJndiInjectionTest.java:1095:31:1095:88 | with(...) : MapMessage | semmle.label | with(...) : MapMessage |
| Log4jJndiInjectionTest.java:1095:31:1095:88 | with(...) : StringMapMessage | semmle.label | with(...) : StringMapMessage |
| Log4jJndiInjectionTest.java:1095:71:1095:87 | (...)... : String | semmle.label | (...)... : String |
| Log4jJndiInjectionTest.java:1095:80:1095:87 | source(...) : String | semmle.label | source(...) : String |
| Log4jJndiInjectionTest.java:1096:26:1096:29 | mmsg | semmle.label | mmsg |
| Log4jJndiInjectionTest.java:1100:13:1100:16 | mmsg [post update] : MapMessage | semmle.label | mmsg [post update] : MapMessage |
| Log4jJndiInjectionTest.java:1100:13:1100:16 | mmsg [post update] : StringMapMessage | semmle.label | mmsg [post update] : StringMapMessage |
| Log4jJndiInjectionTest.java:1100:35:1100:51 | (...)... : String | semmle.label | (...)... : String |
| Log4jJndiInjectionTest.java:1100:44:1100:51 | source(...) : String | semmle.label | source(...) : String |
| Log4jJndiInjectionTest.java:1101:26:1101:29 | mmsg | semmle.label | mmsg |
| Log4jJndiInjectionTest.java:1105:13:1105:16 | mmsg [post update] : MapMessage | semmle.label | mmsg [post update] : MapMessage |
| Log4jJndiInjectionTest.java:1105:13:1105:16 | mmsg [post update] : StringMapMessage | semmle.label | mmsg [post update] : StringMapMessage |
| Log4jJndiInjectionTest.java:1105:34:1105:50 | (...)... : String | semmle.label | (...)... : String |
| Log4jJndiInjectionTest.java:1105:43:1105:50 | source(...) : String | semmle.label | source(...) : String |
| Log4jJndiInjectionTest.java:1106:26:1106:29 | mmsg | semmle.label | mmsg |
| Log4jJndiInjectionTest.java:1111:13:1111:15 | map [post update] : Map [<map.value>] : String | semmle.label | map [post update] : Map [<map.value>] : String |
| Log4jJndiInjectionTest.java:1111:13:1111:15 | map [post update] : HashMap [<map.value>] : String | semmle.label | map [post update] : HashMap [<map.value>] : String |
| Log4jJndiInjectionTest.java:1111:33:1111:49 | (...)... : String | semmle.label | (...)... : String |
| Log4jJndiInjectionTest.java:1111:42:1111:49 | source(...) : String | semmle.label | source(...) : String |
| Log4jJndiInjectionTest.java:1112:13:1112:16 | mmsg [post update] : MapMessage | semmle.label | mmsg [post update] : MapMessage |
| Log4jJndiInjectionTest.java:1112:25:1112:27 | map : Map [<map.value>] : String | semmle.label | map : Map [<map.value>] : String |
| Log4jJndiInjectionTest.java:1112:13:1112:16 | mmsg [post update] : StringMapMessage | semmle.label | mmsg [post update] : StringMapMessage |
| Log4jJndiInjectionTest.java:1112:25:1112:27 | map : HashMap [<map.value>] : String | semmle.label | map : HashMap [<map.value>] : String |
| Log4jJndiInjectionTest.java:1113:26:1113:29 | mmsg | semmle.label | mmsg |
| Log4jJndiInjectionTest.java:1116:52:1116:68 | (...)... | semmle.label | (...)... |
| Log4jJndiInjectionTest.java:1116:61:1116:68 | source(...) : String | semmle.label | source(...) : String |
| Log4jJndiInjectionTest.java:1117:72:1117:88 | (...)... | semmle.label | (...)... |
| Log4jJndiInjectionTest.java:1117:81:1117:88 | source(...) : String | semmle.label | source(...) : String |
| Log4jJndiInjectionTest.java:1119:13:1119:15 | map [post update] : Map [<map.value>] : String | semmle.label | map [post update] : Map [<map.value>] : String |
| Log4jJndiInjectionTest.java:1119:13:1119:15 | map [post update] : HashMap [<map.value>] : String | semmle.label | map [post update] : HashMap [<map.value>] : String |
| Log4jJndiInjectionTest.java:1119:33:1119:49 | (...)... : String | semmle.label | (...)... : String |
| Log4jJndiInjectionTest.java:1119:42:1119:49 | source(...) : String | semmle.label | source(...) : String |
| Log4jJndiInjectionTest.java:1120:43:1120:45 | map | semmle.label | map |

11
java/ql/test/experimental/query-tests/security/CWE-073/FilePathInjection.expected
View File

@@ -2,7 +2,12 @@ edges
| FilePathInjection.java:21:21:21:34 | getPara(...) : String | FilePathInjection.java:26:47:26:59 | finalFilePath |
| FilePathInjection.java:64:21:64:34 | getPara(...) : String | FilePathInjection.java:72:47:72:59 | finalFilePath |
| FilePathInjection.java:87:21:87:34 | getPara(...) : String | FilePathInjection.java:95:47:95:59 | finalFilePath |
| FilePathInjection.java:177:50:177:58 | file : File | FilePathInjection.java:182:30:182:33 | file |
| FilePathInjection.java:205:17:205:44 | getParameter(...) : String | FilePathInjection.java:209:24:209:31 | filePath |
| FilePathInjection.java:205:17:205:44 | getParameter(...) : String | FilePathInjection.java:209:24:209:31 | filePath : String |
| FilePathInjection.java:209:15:209:32 | new File(...) : File | FilePathInjection.java:217:19:217:22 | file : File |
| FilePathInjection.java:209:24:209:31 | filePath : String | FilePathInjection.java:209:15:209:32 | new File(...) : File |
| FilePathInjection.java:217:19:217:22 | file : File | FilePathInjection.java:177:50:177:58 | file : File |
nodes
| FilePathInjection.java:21:21:21:34 | getPara(...) : String | semmle.label | getPara(...) : String |
| FilePathInjection.java:26:47:26:59 | finalFilePath | semmle.label | finalFilePath |
@@ -10,11 +15,17 @@ nodes
| FilePathInjection.java:72:47:72:59 | finalFilePath | semmle.label | finalFilePath |
| FilePathInjection.java:87:21:87:34 | getPara(...) : String | semmle.label | getPara(...) : String |
| FilePathInjection.java:95:47:95:59 | finalFilePath | semmle.label | finalFilePath |
| FilePathInjection.java:177:50:177:58 | file : File | semmle.label | file : File |
| FilePathInjection.java:182:30:182:33 | file | semmle.label | file |
| FilePathInjection.java:205:17:205:44 | getParameter(...) : String | semmle.label | getParameter(...) : String |
| FilePathInjection.java:209:15:209:32 | new File(...) : File | semmle.label | new File(...) : File |
| FilePathInjection.java:209:24:209:31 | filePath | semmle.label | filePath |
| FilePathInjection.java:209:24:209:31 | filePath : String | semmle.label | filePath : String |
| FilePathInjection.java:217:19:217:22 | file : File | semmle.label | file : File |
subpaths
#select
| FilePathInjection.java:26:47:26:59 | finalFilePath | FilePathInjection.java:21:21:21:34 | getPara(...) : String | FilePathInjection.java:26:47:26:59 | finalFilePath | External control of file name or path due to $@. | FilePathInjection.java:21:21:21:34 | getPara(...) | user-provided value |
| FilePathInjection.java:72:47:72:59 | finalFilePath | FilePathInjection.java:64:21:64:34 | getPara(...) : String | FilePathInjection.java:72:47:72:59 | finalFilePath | External control of file name or path due to $@. | FilePathInjection.java:64:21:64:34 | getPara(...) | user-provided value |
| FilePathInjection.java:95:47:95:59 | finalFilePath | FilePathInjection.java:87:21:87:34 | getPara(...) : String | FilePathInjection.java:95:47:95:59 | finalFilePath | External control of file name or path due to $@. | FilePathInjection.java:87:21:87:34 | getPara(...) | user-provided value |
| FilePathInjection.java:182:30:182:33 | file | FilePathInjection.java:205:17:205:44 | getParameter(...) : String | FilePathInjection.java:182:30:182:33 | file | External control of file name or path due to $@. | FilePathInjection.java:205:17:205:44 | getParameter(...) | user-provided value |
| FilePathInjection.java:209:24:209:31 | filePath | FilePathInjection.java:205:17:205:44 | getParameter(...) : String | FilePathInjection.java:209:24:209:31 | filePath | External control of file name or path due to $@. | FilePathInjection.java:205:17:205:44 | getParameter(...) | user-provided value |

246
java/ql/test/experimental/query-tests/security/CWE-200/InsecureWebResourceResponse.expected
View File

@@ -1,152 +1,152 @@
edges
| InsecureWebResourceResponse.java:28:27:28:37 | getIntent(...) : Intent | InsecureWebResourceResponse.java:28:27:28:64 | getStringExtra(...) : Object |
| InsecureWebResourceResponse.java:28:27:28:64 | getStringExtra(...) : Object | InsecureWebResourceResponse.java:30:25:30:32 | inputUrl : Object |
| InsecureWebResourceResponse.java:28:27:28:64 | getStringExtra(...) : Object | InsecureWebResourceResponse.java:32:25:32:32 | inputUrl : Object |
| InsecureWebResourceResponse.java:28:27:28:64 | getStringExtra(...) : Object | InsecureWebResourceResponse.java:34:25:34:32 | inputUrl : Object |
| InsecureWebResourceResponse.java:28:27:28:64 | getStringExtra(...) : Object | InsecureWebResourceResponse.java:36:26:36:33 | inputUrl : Object |
| InsecureWebResourceResponse.java:28:27:28:64 | getStringExtra(...) : Object | InsecureWebResourceResponse.java:38:26:38:33 | inputUrl : Object |
| InsecureWebResourceResponse.java:28:27:28:64 | getStringExtra(...) : Object | InsecureWebResourceResponse.java:40:25:40:32 | inputUrl : Object |
| InsecureWebResourceResponse.java:28:27:28:64 | getStringExtra(...) : Object | InsecureWebResourceResponse.java:42:25:42:32 | inputUrl : Object |
| InsecureWebResourceResponse.java:28:27:28:64 | getStringExtra(...) : Object | InsecureWebResourceResponse.java:44:26:44:33 | inputUrl : Object |
| InsecureWebResourceResponse.java:30:25:30:32 | inputUrl : Object | InsecureWebResourceResponse.java:59:34:59:43 | url : Object |
| InsecureWebResourceResponse.java:32:25:32:32 | inputUrl : Object | InsecureWebResourceResponse.java:80:34:80:43 | url : Object |
| InsecureWebResourceResponse.java:34:25:34:32 | inputUrl : Object | InsecureWebResourceResponse.java:106:34:106:43 | url : Object |
| InsecureWebResourceResponse.java:36:26:36:33 | inputUrl : Object | InsecureWebResourceResponse.java:131:36:131:45 | url : Object |
| InsecureWebResourceResponse.java:38:26:38:33 | inputUrl : Object | InsecureWebResourceResponse.java:156:35:156:44 | url : Object |
| InsecureWebResourceResponse.java:40:25:40:32 | inputUrl : Object | InsecureWebResourceResponse.java:181:34:181:43 | url : Object |
| InsecureWebResourceResponse.java:42:25:42:32 | inputUrl : Object | InsecureWebResourceResponse.java:188:34:188:43 | url : Object |
| InsecureWebResourceResponse.java:44:26:44:33 | inputUrl : Object | InsecureWebResourceResponse.java:217:35:217:44 | url : Object |
| InsecureWebResourceResponse.java:59:34:59:43 | url : Object | InsecureWebResourceResponse.java:75:20:75:22 | url : Object |
| InsecureWebResourceResponse.java:63:77:63:86 | url : Object | InsecureWebResourceResponse.java:65:41:65:43 | url : Object |
| InsecureWebResourceResponse.java:28:27:28:37 | getIntent(...) : Intent | InsecureWebResourceResponse.java:28:27:28:64 | getStringExtra(...) : String |
| InsecureWebResourceResponse.java:28:27:28:64 | getStringExtra(...) : String | InsecureWebResourceResponse.java:30:25:30:32 | inputUrl : String |
| InsecureWebResourceResponse.java:28:27:28:64 | getStringExtra(...) : String | InsecureWebResourceResponse.java:32:25:32:32 | inputUrl : String |
| InsecureWebResourceResponse.java:28:27:28:64 | getStringExtra(...) : String | InsecureWebResourceResponse.java:34:25:34:32 | inputUrl : String |
| InsecureWebResourceResponse.java:28:27:28:64 | getStringExtra(...) : String | InsecureWebResourceResponse.java:36:26:36:33 | inputUrl : String |
| InsecureWebResourceResponse.java:28:27:28:64 | getStringExtra(...) : String | InsecureWebResourceResponse.java:38:26:38:33 | inputUrl : String |
| InsecureWebResourceResponse.java:28:27:28:64 | getStringExtra(...) : String | InsecureWebResourceResponse.java:40:25:40:32 | inputUrl : String |
| InsecureWebResourceResponse.java:28:27:28:64 | getStringExtra(...) : String | InsecureWebResourceResponse.java:42:25:42:32 | inputUrl : String |
| InsecureWebResourceResponse.java:28:27:28:64 | getStringExtra(...) : String | InsecureWebResourceResponse.java:44:26:44:33 | inputUrl : String |
| InsecureWebResourceResponse.java:30:25:30:32 | inputUrl : String | InsecureWebResourceResponse.java:59:34:59:43 | url : String |
| InsecureWebResourceResponse.java:32:25:32:32 | inputUrl : String | InsecureWebResourceResponse.java:80:34:80:43 | url : String |
| InsecureWebResourceResponse.java:34:25:34:32 | inputUrl : String | InsecureWebResourceResponse.java:106:34:106:43 | url : String |
| InsecureWebResourceResponse.java:36:26:36:33 | inputUrl : String | InsecureWebResourceResponse.java:131:36:131:45 | url : String |
| InsecureWebResourceResponse.java:38:26:38:33 | inputUrl : String | InsecureWebResourceResponse.java:156:35:156:44 | url : String |
| InsecureWebResourceResponse.java:40:25:40:32 | inputUrl : String | InsecureWebResourceResponse.java:181:34:181:43 | url : String |
| InsecureWebResourceResponse.java:42:25:42:32 | inputUrl : String | InsecureWebResourceResponse.java:188:34:188:43 | url : String |
| InsecureWebResourceResponse.java:44:26:44:33 | inputUrl : String | InsecureWebResourceResponse.java:217:35:217:44 | url : String |
| InsecureWebResourceResponse.java:59:34:59:43 | url : String | InsecureWebResourceResponse.java:75:20:75:22 | url : String |
| InsecureWebResourceResponse.java:63:77:63:86 | url : String | InsecureWebResourceResponse.java:65:41:65:43 | url : String |
| InsecureWebResourceResponse.java:65:31:65:44 | parse(...) : Uri | InsecureWebResourceResponse.java:66:71:66:73 | uri : Uri |
| InsecureWebResourceResponse.java:65:41:65:43 | url : Object | InsecureWebResourceResponse.java:65:31:65:44 | parse(...) : Uri |
| InsecureWebResourceResponse.java:65:41:65:43 | url : String | InsecureWebResourceResponse.java:65:31:65:44 | parse(...) : Uri |
| InsecureWebResourceResponse.java:66:51:66:84 | new FileInputStream(...) : FileInputStream | InsecureWebResourceResponse.java:68:71:68:81 | inputStream |
| InsecureWebResourceResponse.java:66:71:66:73 | uri : Uri | InsecureWebResourceResponse.java:66:71:66:83 | getPath(...) : String |
| InsecureWebResourceResponse.java:66:71:66:83 | getPath(...) : String | InsecureWebResourceResponse.java:66:51:66:84 | new FileInputStream(...) : FileInputStream |
| InsecureWebResourceResponse.java:75:20:75:22 | url : Object | InsecureWebResourceResponse.java:63:77:63:86 | url : Object |
| InsecureWebResourceResponse.java:75:20:75:22 | url : Object | InsecureWebResourceResponse.java:84:77:84:86 | url : Object |
| InsecureWebResourceResponse.java:75:20:75:22 | url : Object | InsecureWebResourceResponse.java:110:77:110:86 | url : Object |
| InsecureWebResourceResponse.java:75:20:75:22 | url : Object | InsecureWebResourceResponse.java:192:77:192:102 | request : Object |
| InsecureWebResourceResponse.java:75:20:75:22 | url : Object | InsecureWebResourceResponse.java:232:69:232:78 | url : Object |
| InsecureWebResourceResponse.java:80:34:80:43 | url : Object | InsecureWebResourceResponse.java:101:20:101:22 | url : Object |
| InsecureWebResourceResponse.java:84:77:84:86 | url : Object | InsecureWebResourceResponse.java:86:41:86:43 | url : Object |
| InsecureWebResourceResponse.java:75:20:75:22 | url : String | InsecureWebResourceResponse.java:63:77:63:86 | url : String |
| InsecureWebResourceResponse.java:75:20:75:22 | url : String | InsecureWebResourceResponse.java:84:77:84:86 | url : String |
| InsecureWebResourceResponse.java:75:20:75:22 | url : String | InsecureWebResourceResponse.java:110:77:110:86 | url : String |
| InsecureWebResourceResponse.java:75:20:75:22 | url : String | InsecureWebResourceResponse.java:192:77:192:102 | request : WebResourceRequest |
| InsecureWebResourceResponse.java:75:20:75:22 | url : String | InsecureWebResourceResponse.java:232:69:232:78 | url : String |
| InsecureWebResourceResponse.java:80:34:80:43 | url : String | InsecureWebResourceResponse.java:101:20:101:22 | url : String |
| InsecureWebResourceResponse.java:84:77:84:86 | url : String | InsecureWebResourceResponse.java:86:41:86:43 | url : String |
| InsecureWebResourceResponse.java:86:31:86:44 | parse(...) : Uri | InsecureWebResourceResponse.java:88:66:88:68 | uri : Uri |
| InsecureWebResourceResponse.java:86:41:86:43 | url : Object | InsecureWebResourceResponse.java:86:31:86:44 | parse(...) : Uri |
| InsecureWebResourceResponse.java:86:41:86:43 | url : String | InsecureWebResourceResponse.java:86:31:86:44 | parse(...) : Uri |
| InsecureWebResourceResponse.java:88:42:88:90 | new File(...) : File | InsecureWebResourceResponse.java:89:75:89:83 | cacheFile : File |
| InsecureWebResourceResponse.java:88:66:88:68 | uri : Uri | InsecureWebResourceResponse.java:88:66:88:89 | getLastPathSegment(...) : String |
| InsecureWebResourceResponse.java:88:66:88:89 | getLastPathSegment(...) : String | InsecureWebResourceResponse.java:88:42:88:90 | new File(...) : File |
| InsecureWebResourceResponse.java:89:55:89:84 | new FileInputStream(...) : FileInputStream | InsecureWebResourceResponse.java:91:75:91:85 | inputStream |
| InsecureWebResourceResponse.java:89:75:89:83 | cacheFile : File | InsecureWebResourceResponse.java:89:55:89:84 | new FileInputStream(...) : FileInputStream |
| InsecureWebResourceResponse.java:101:20:101:22 | url : Object | InsecureWebResourceResponse.java:63:77:63:86 | url : Object |
| InsecureWebResourceResponse.java:101:20:101:22 | url : Object | InsecureWebResourceResponse.java:84:77:84:86 | url : Object |
| InsecureWebResourceResponse.java:101:20:101:22 | url : Object | InsecureWebResourceResponse.java:110:77:110:86 | url : Object |
| InsecureWebResourceResponse.java:101:20:101:22 | url : Object | InsecureWebResourceResponse.java:192:77:192:102 | request : Object |
| InsecureWebResourceResponse.java:101:20:101:22 | url : Object | InsecureWebResourceResponse.java:232:69:232:78 | url : Object |
| InsecureWebResourceResponse.java:106:34:106:43 | url : Object | InsecureWebResourceResponse.java:127:20:127:22 | url : Object |
| InsecureWebResourceResponse.java:110:77:110:86 | url : Object | InsecureWebResourceResponse.java:112:41:112:43 | url : Object |
| InsecureWebResourceResponse.java:101:20:101:22 | url : String | InsecureWebResourceResponse.java:63:77:63:86 | url : String |
| InsecureWebResourceResponse.java:101:20:101:22 | url : String | InsecureWebResourceResponse.java:84:77:84:86 | url : String |
| InsecureWebResourceResponse.java:101:20:101:22 | url : String | InsecureWebResourceResponse.java:110:77:110:86 | url : String |
| InsecureWebResourceResponse.java:101:20:101:22 | url : String | InsecureWebResourceResponse.java:192:77:192:102 | request : WebResourceRequest |
| InsecureWebResourceResponse.java:101:20:101:22 | url : String | InsecureWebResourceResponse.java:232:69:232:78 | url : String |
| InsecureWebResourceResponse.java:106:34:106:43 | url : String | InsecureWebResourceResponse.java:127:20:127:22 | url : String |
| InsecureWebResourceResponse.java:110:77:110:86 | url : String | InsecureWebResourceResponse.java:112:41:112:43 | url : String |
| InsecureWebResourceResponse.java:112:31:112:44 | parse(...) : Uri | InsecureWebResourceResponse.java:113:35:113:37 | uri : Uri |
| InsecureWebResourceResponse.java:112:41:112:43 | url : Object | InsecureWebResourceResponse.java:112:31:112:44 | parse(...) : Uri |
| InsecureWebResourceResponse.java:112:41:112:43 | url : String | InsecureWebResourceResponse.java:112:31:112:44 | parse(...) : Uri |
| InsecureWebResourceResponse.java:113:35:113:37 | uri : Uri | InsecureWebResourceResponse.java:113:35:113:47 | getPath(...) : String |
| InsecureWebResourceResponse.java:113:35:113:47 | getPath(...) : String | InsecureWebResourceResponse.java:113:35:113:60 | substring(...) : String |
| InsecureWebResourceResponse.java:113:35:113:60 | substring(...) : String | InsecureWebResourceResponse.java:115:75:115:78 | path : String |
| InsecureWebResourceResponse.java:115:55:115:108 | new FileInputStream(...) : FileInputStream | InsecureWebResourceResponse.java:117:75:117:85 | inputStream |
| InsecureWebResourceResponse.java:115:75:115:78 | path : String | InsecureWebResourceResponse.java:115:75:115:107 | substring(...) : String |
| InsecureWebResourceResponse.java:115:75:115:107 | substring(...) : String | InsecureWebResourceResponse.java:115:55:115:108 | new FileInputStream(...) : FileInputStream |
| InsecureWebResourceResponse.java:127:20:127:22 | url : Object | InsecureWebResourceResponse.java:63:77:63:86 | url : Object |
| InsecureWebResourceResponse.java:127:20:127:22 | url : Object | InsecureWebResourceResponse.java:84:77:84:86 | url : Object |
| InsecureWebResourceResponse.java:127:20:127:22 | url : Object | InsecureWebResourceResponse.java:110:77:110:86 | url : Object |
| InsecureWebResourceResponse.java:127:20:127:22 | url : Object | InsecureWebResourceResponse.java:192:77:192:102 | request : Object |
| InsecureWebResourceResponse.java:127:20:127:22 | url : Object | InsecureWebResourceResponse.java:232:69:232:78 | url : Object |
| InsecureWebResourceResponse.java:131:36:131:45 | url : Object | InsecureWebResourceResponse.java:152:20:152:22 | url : Object |
| InsecureWebResourceResponse.java:152:20:152:22 | url : Object | InsecureWebResourceResponse.java:63:77:63:86 | url : Object |
| InsecureWebResourceResponse.java:152:20:152:22 | url : Object | InsecureWebResourceResponse.java:84:77:84:86 | url : Object |
| InsecureWebResourceResponse.java:152:20:152:22 | url : Object | InsecureWebResourceResponse.java:110:77:110:86 | url : Object |
| InsecureWebResourceResponse.java:152:20:152:22 | url : Object | InsecureWebResourceResponse.java:192:77:192:102 | request : Object |
| InsecureWebResourceResponse.java:152:20:152:22 | url : Object | InsecureWebResourceResponse.java:232:69:232:78 | url : Object |
| InsecureWebResourceResponse.java:156:35:156:44 | url : Object | InsecureWebResourceResponse.java:177:20:177:22 | url : Object |
| InsecureWebResourceResponse.java:177:20:177:22 | url : Object | InsecureWebResourceResponse.java:63:77:63:86 | url : Object |
| InsecureWebResourceResponse.java:177:20:177:22 | url : Object | InsecureWebResourceResponse.java:84:77:84:86 | url : Object |
| InsecureWebResourceResponse.java:177:20:177:22 | url : Object | InsecureWebResourceResponse.java:110:77:110:86 | url : Object |
| InsecureWebResourceResponse.java:177:20:177:22 | url : Object | InsecureWebResourceResponse.java:192:77:192:102 | request : Object |
| InsecureWebResourceResponse.java:177:20:177:22 | url : Object | InsecureWebResourceResponse.java:232:69:232:78 | url : Object |
| InsecureWebResourceResponse.java:181:34:181:43 | url : Object | InsecureWebResourceResponse.java:184:20:184:22 | url : Object |
| InsecureWebResourceResponse.java:184:20:184:22 | url : Object | InsecureWebResourceResponse.java:63:77:63:86 | url : Object |
| InsecureWebResourceResponse.java:184:20:184:22 | url : Object | InsecureWebResourceResponse.java:84:77:84:86 | url : Object |
| InsecureWebResourceResponse.java:184:20:184:22 | url : Object | InsecureWebResourceResponse.java:110:77:110:86 | url : Object |
| InsecureWebResourceResponse.java:184:20:184:22 | url : Object | InsecureWebResourceResponse.java:192:77:192:102 | request : Object |
| InsecureWebResourceResponse.java:184:20:184:22 | url : Object | InsecureWebResourceResponse.java:232:69:232:78 | url : Object |
| InsecureWebResourceResponse.java:188:34:188:43 | url : Object | InsecureWebResourceResponse.java:209:20:209:22 | url : Object |
| InsecureWebResourceResponse.java:192:77:192:102 | request : Object | InsecureWebResourceResponse.java:194:31:194:37 | request : Object |
| InsecureWebResourceResponse.java:194:31:194:37 | request : Object | InsecureWebResourceResponse.java:194:31:194:46 | getUrl(...) : Uri |
| InsecureWebResourceResponse.java:127:20:127:22 | url : String | InsecureWebResourceResponse.java:63:77:63:86 | url : String |
| InsecureWebResourceResponse.java:127:20:127:22 | url : String | InsecureWebResourceResponse.java:84:77:84:86 | url : String |
| InsecureWebResourceResponse.java:127:20:127:22 | url : String | InsecureWebResourceResponse.java:110:77:110:86 | url : String |
| InsecureWebResourceResponse.java:127:20:127:22 | url : String | InsecureWebResourceResponse.java:192:77:192:102 | request : WebResourceRequest |
| InsecureWebResourceResponse.java:127:20:127:22 | url : String | InsecureWebResourceResponse.java:232:69:232:78 | url : String |
| InsecureWebResourceResponse.java:131:36:131:45 | url : String | InsecureWebResourceResponse.java:152:20:152:22 | url : String |
| InsecureWebResourceResponse.java:152:20:152:22 | url : String | InsecureWebResourceResponse.java:63:77:63:86 | url : String |
| InsecureWebResourceResponse.java:152:20:152:22 | url : String | InsecureWebResourceResponse.java:84:77:84:86 | url : String |
| InsecureWebResourceResponse.java:152:20:152:22 | url : String | InsecureWebResourceResponse.java:110:77:110:86 | url : String |
| InsecureWebResourceResponse.java:152:20:152:22 | url : String | InsecureWebResourceResponse.java:192:77:192:102 | request : WebResourceRequest |
| InsecureWebResourceResponse.java:152:20:152:22 | url : String | InsecureWebResourceResponse.java:232:69:232:78 | url : String |
| InsecureWebResourceResponse.java:156:35:156:44 | url : String | InsecureWebResourceResponse.java:177:20:177:22 | url : String |
| InsecureWebResourceResponse.java:177:20:177:22 | url : String | InsecureWebResourceResponse.java:63:77:63:86 | url : String |
| InsecureWebResourceResponse.java:177:20:177:22 | url : String | InsecureWebResourceResponse.java:84:77:84:86 | url : String |
| InsecureWebResourceResponse.java:177:20:177:22 | url : String | InsecureWebResourceResponse.java:110:77:110:86 | url : String |
| InsecureWebResourceResponse.java:177:20:177:22 | url : String | InsecureWebResourceResponse.java:192:77:192:102 | request : WebResourceRequest |
| InsecureWebResourceResponse.java:177:20:177:22 | url : String | InsecureWebResourceResponse.java:232:69:232:78 | url : String |
| InsecureWebResourceResponse.java:181:34:181:43 | url : String | InsecureWebResourceResponse.java:184:20:184:22 | url : String |
| InsecureWebResourceResponse.java:184:20:184:22 | url : String | InsecureWebResourceResponse.java:63:77:63:86 | url : String |
| InsecureWebResourceResponse.java:184:20:184:22 | url : String | InsecureWebResourceResponse.java:84:77:84:86 | url : String |
| InsecureWebResourceResponse.java:184:20:184:22 | url : String | InsecureWebResourceResponse.java:110:77:110:86 | url : String |
| InsecureWebResourceResponse.java:184:20:184:22 | url : String | InsecureWebResourceResponse.java:192:77:192:102 | request : WebResourceRequest |
| InsecureWebResourceResponse.java:184:20:184:22 | url : String | InsecureWebResourceResponse.java:232:69:232:78 | url : String |
| InsecureWebResourceResponse.java:188:34:188:43 | url : String | InsecureWebResourceResponse.java:209:20:209:22 | url : String |
| InsecureWebResourceResponse.java:192:77:192:102 | request : WebResourceRequest | InsecureWebResourceResponse.java:194:31:194:37 | request : WebResourceRequest |
| InsecureWebResourceResponse.java:194:31:194:37 | request : WebResourceRequest | InsecureWebResourceResponse.java:194:31:194:46 | getUrl(...) : Uri |
| InsecureWebResourceResponse.java:194:31:194:46 | getUrl(...) : Uri | InsecureWebResourceResponse.java:196:66:196:68 | uri : Uri |
| InsecureWebResourceResponse.java:196:42:196:90 | new File(...) : File | InsecureWebResourceResponse.java:197:75:197:83 | cacheFile : File |
| InsecureWebResourceResponse.java:196:66:196:68 | uri : Uri | InsecureWebResourceResponse.java:196:66:196:89 | getLastPathSegment(...) : String |
| InsecureWebResourceResponse.java:196:66:196:89 | getLastPathSegment(...) : String | InsecureWebResourceResponse.java:196:42:196:90 | new File(...) : File |
| InsecureWebResourceResponse.java:197:55:197:84 | new FileInputStream(...) : FileInputStream | InsecureWebResourceResponse.java:199:75:199:85 | inputStream |
| InsecureWebResourceResponse.java:197:75:197:83 | cacheFile : File | InsecureWebResourceResponse.java:197:55:197:84 | new FileInputStream(...) : FileInputStream |
| InsecureWebResourceResponse.java:209:20:209:22 | url : Object | InsecureWebResourceResponse.java:63:77:63:86 | url : Object |
| InsecureWebResourceResponse.java:209:20:209:22 | url : Object | InsecureWebResourceResponse.java:84:77:84:86 | url : Object |
| InsecureWebResourceResponse.java:209:20:209:22 | url : Object | InsecureWebResourceResponse.java:110:77:110:86 | url : Object |
| InsecureWebResourceResponse.java:209:20:209:22 | url : Object | InsecureWebResourceResponse.java:192:77:192:102 | request : Object |
| InsecureWebResourceResponse.java:209:20:209:22 | url : Object | InsecureWebResourceResponse.java:232:69:232:78 | url : Object |
| InsecureWebResourceResponse.java:217:35:217:44 | url : Object | InsecureWebResourceResponse.java:226:20:226:22 | url : Object |
| InsecureWebResourceResponse.java:226:20:226:22 | url : Object | InsecureWebResourceResponse.java:63:77:63:86 | url : Object |
| InsecureWebResourceResponse.java:226:20:226:22 | url : Object | InsecureWebResourceResponse.java:84:77:84:86 | url : Object |
| InsecureWebResourceResponse.java:226:20:226:22 | url : Object | InsecureWebResourceResponse.java:110:77:110:86 | url : Object |
| InsecureWebResourceResponse.java:226:20:226:22 | url : Object | InsecureWebResourceResponse.java:192:77:192:102 | request : Object |
| InsecureWebResourceResponse.java:226:20:226:22 | url : Object | InsecureWebResourceResponse.java:232:69:232:78 | url : Object |
| InsecureWebResourceResponse.java:232:69:232:78 | url : Object | InsecureWebResourceResponse.java:234:33:234:35 | url : Object |
| InsecureWebResourceResponse.java:209:20:209:22 | url : String | InsecureWebResourceResponse.java:63:77:63:86 | url : String |
| InsecureWebResourceResponse.java:209:20:209:22 | url : String | InsecureWebResourceResponse.java:84:77:84:86 | url : String |
| InsecureWebResourceResponse.java:209:20:209:22 | url : String | InsecureWebResourceResponse.java:110:77:110:86 | url : String |
| InsecureWebResourceResponse.java:209:20:209:22 | url : String | InsecureWebResourceResponse.java:192:77:192:102 | request : WebResourceRequest |
| InsecureWebResourceResponse.java:209:20:209:22 | url : String | InsecureWebResourceResponse.java:232:69:232:78 | url : String |
| InsecureWebResourceResponse.java:217:35:217:44 | url : String | InsecureWebResourceResponse.java:226:20:226:22 | url : String |
| InsecureWebResourceResponse.java:226:20:226:22 | url : String | InsecureWebResourceResponse.java:63:77:63:86 | url : String |
| InsecureWebResourceResponse.java:226:20:226:22 | url : String | InsecureWebResourceResponse.java:84:77:84:86 | url : String |
| InsecureWebResourceResponse.java:226:20:226:22 | url : String | InsecureWebResourceResponse.java:110:77:110:86 | url : String |
| InsecureWebResourceResponse.java:226:20:226:22 | url : String | InsecureWebResourceResponse.java:192:77:192:102 | request : WebResourceRequest |
| InsecureWebResourceResponse.java:226:20:226:22 | url : String | InsecureWebResourceResponse.java:232:69:232:78 | url : String |
| InsecureWebResourceResponse.java:232:69:232:78 | url : String | InsecureWebResourceResponse.java:234:33:234:35 | url : String |
| InsecureWebResourceResponse.java:234:23:234:36 | parse(...) : Uri | InsecureWebResourceResponse.java:235:63:235:65 | uri : Uri |
| InsecureWebResourceResponse.java:234:33:234:35 | url : Object | InsecureWebResourceResponse.java:234:23:234:36 | parse(...) : Uri |
| InsecureWebResourceResponse.java:234:33:234:35 | url : String | InsecureWebResourceResponse.java:234:23:234:36 | parse(...) : Uri |
| InsecureWebResourceResponse.java:235:43:235:76 | new FileInputStream(...) : FileInputStream | InsecureWebResourceResponse.java:237:63:237:73 | inputStream |
| InsecureWebResourceResponse.java:235:63:235:65 | uri : Uri | InsecureWebResourceResponse.java:235:63:235:75 | getPath(...) : String |
| InsecureWebResourceResponse.java:235:63:235:75 | getPath(...) : String | InsecureWebResourceResponse.java:235:43:235:76 | new FileInputStream(...) : FileInputStream |
| InsecureWebViewActivity.java:27:27:27:37 | getIntent(...) : Intent | InsecureWebViewActivity.java:27:27:27:64 | getStringExtra(...) : Object |
| InsecureWebViewActivity.java:27:27:27:64 | getStringExtra(...) : Object | InsecureWebViewActivity.java:28:20:28:27 | inputUrl : Object |
| InsecureWebViewActivity.java:28:20:28:27 | inputUrl : Object | InsecureWebViewActivity.java:42:28:42:37 | url : Object |
| InsecureWebViewActivity.java:42:28:42:37 | url : Object | InsecureWebViewActivity.java:43:25:43:27 | url : Object |
| InsecureWebViewActivity.java:43:25:43:27 | url : Object | InsecureWebViewActivity.java:53:77:53:86 | url : Object |
| InsecureWebViewActivity.java:53:77:53:86 | url : Object | InsecureWebViewActivity.java:55:41:55:43 | url : Object |
| InsecureWebViewActivity.java:27:27:27:37 | getIntent(...) : Intent | InsecureWebViewActivity.java:27:27:27:64 | getStringExtra(...) : String |
| InsecureWebViewActivity.java:27:27:27:64 | getStringExtra(...) : String | InsecureWebViewActivity.java:28:20:28:27 | inputUrl : String |
| InsecureWebViewActivity.java:28:20:28:27 | inputUrl : String | InsecureWebViewActivity.java:42:28:42:37 | url : String |
| InsecureWebViewActivity.java:42:28:42:37 | url : String | InsecureWebViewActivity.java:43:25:43:27 | url : String |
| InsecureWebViewActivity.java:43:25:43:27 | url : String | InsecureWebViewActivity.java:53:77:53:86 | url : String |
| InsecureWebViewActivity.java:53:77:53:86 | url : String | InsecureWebViewActivity.java:55:41:55:43 | url : String |
| InsecureWebViewActivity.java:55:31:55:44 | parse(...) : Uri | InsecureWebViewActivity.java:56:71:56:73 | uri : Uri |
| InsecureWebViewActivity.java:55:41:55:43 | url : Object | InsecureWebViewActivity.java:55:31:55:44 | parse(...) : Uri |
| InsecureWebViewActivity.java:55:41:55:43 | url : String | InsecureWebViewActivity.java:55:31:55:44 | parse(...) : Uri |
| InsecureWebViewActivity.java:56:51:56:84 | new FileInputStream(...) : FileInputStream | InsecureWebViewActivity.java:58:71:58:81 | inputStream |
| InsecureWebViewActivity.java:56:71:56:73 | uri : Uri | InsecureWebViewActivity.java:56:71:56:83 | getPath(...) : String |
| InsecureWebViewActivity.java:56:71:56:83 | getPath(...) : String | InsecureWebViewActivity.java:56:51:56:84 | new FileInputStream(...) : FileInputStream |
nodes
| InsecureWebResourceResponse.java:28:27:28:37 | getIntent(...) : Intent | semmle.label | getIntent(...) : Intent |
| InsecureWebResourceResponse.java:28:27:28:64 | getStringExtra(...) : Object | semmle.label | getStringExtra(...) : Object |
| InsecureWebResourceResponse.java:30:25:30:32 | inputUrl : Object | semmle.label | inputUrl : Object |
| InsecureWebResourceResponse.java:32:25:32:32 | inputUrl : Object | semmle.label | inputUrl : Object |
| InsecureWebResourceResponse.java:34:25:34:32 | inputUrl : Object | semmle.label | inputUrl : Object |
| InsecureWebResourceResponse.java:36:26:36:33 | inputUrl : Object | semmle.label | inputUrl : Object |
| InsecureWebResourceResponse.java:38:26:38:33 | inputUrl : Object | semmle.label | inputUrl : Object |
| InsecureWebResourceResponse.java:40:25:40:32 | inputUrl : Object | semmle.label | inputUrl : Object |
| InsecureWebResourceResponse.java:42:25:42:32 | inputUrl : Object | semmle.label | inputUrl : Object |
| InsecureWebResourceResponse.java:44:26:44:33 | inputUrl : Object | semmle.label | inputUrl : Object |
| InsecureWebResourceResponse.java:59:34:59:43 | url : Object | semmle.label | url : Object |
| InsecureWebResourceResponse.java:63:77:63:86 | url : Object | semmle.label | url : Object |
| InsecureWebResourceResponse.java:28:27:28:64 | getStringExtra(...) : String | semmle.label | getStringExtra(...) : String |
| InsecureWebResourceResponse.java:30:25:30:32 | inputUrl : String | semmle.label | inputUrl : String |
| InsecureWebResourceResponse.java:32:25:32:32 | inputUrl : String | semmle.label | inputUrl : String |
| InsecureWebResourceResponse.java:34:25:34:32 | inputUrl : String | semmle.label | inputUrl : String |
| InsecureWebResourceResponse.java:36:26:36:33 | inputUrl : String | semmle.label | inputUrl : String |
| InsecureWebResourceResponse.java:38:26:38:33 | inputUrl : String | semmle.label | inputUrl : String |
| InsecureWebResourceResponse.java:40:25:40:32 | inputUrl : String | semmle.label | inputUrl : String |
| InsecureWebResourceResponse.java:42:25:42:32 | inputUrl : String | semmle.label | inputUrl : String |
| InsecureWebResourceResponse.java:44:26:44:33 | inputUrl : String | semmle.label | inputUrl : String |
| InsecureWebResourceResponse.java:59:34:59:43 | url : String | semmle.label | url : String |
| InsecureWebResourceResponse.java:63:77:63:86 | url : String | semmle.label | url : String |
| InsecureWebResourceResponse.java:65:31:65:44 | parse(...) : Uri | semmle.label | parse(...) : Uri |
| InsecureWebResourceResponse.java:65:41:65:43 | url : Object | semmle.label | url : Object |
| InsecureWebResourceResponse.java:65:41:65:43 | url : String | semmle.label | url : String |
| InsecureWebResourceResponse.java:66:51:66:84 | new FileInputStream(...) : FileInputStream | semmle.label | new FileInputStream(...) : FileInputStream |
| InsecureWebResourceResponse.java:66:71:66:73 | uri : Uri | semmle.label | uri : Uri |
| InsecureWebResourceResponse.java:66:71:66:83 | getPath(...) : String | semmle.label | getPath(...) : String |
| InsecureWebResourceResponse.java:68:71:68:81 | inputStream | semmle.label | inputStream |
| InsecureWebResourceResponse.java:75:20:75:22 | url : Object | semmle.label | url : Object |
| InsecureWebResourceResponse.java:80:34:80:43 | url : Object | semmle.label | url : Object |
| InsecureWebResourceResponse.java:84:77:84:86 | url : Object | semmle.label | url : Object |
| InsecureWebResourceResponse.java:75:20:75:22 | url : String | semmle.label | url : String |
| InsecureWebResourceResponse.java:80:34:80:43 | url : String | semmle.label | url : String |
| InsecureWebResourceResponse.java:84:77:84:86 | url : String | semmle.label | url : String |
| InsecureWebResourceResponse.java:86:31:86:44 | parse(...) : Uri | semmle.label | parse(...) : Uri |
| InsecureWebResourceResponse.java:86:41:86:43 | url : Object | semmle.label | url : Object |
| InsecureWebResourceResponse.java:86:41:86:43 | url : String | semmle.label | url : String |
| InsecureWebResourceResponse.java:88:42:88:90 | new File(...) : File | semmle.label | new File(...) : File |
| InsecureWebResourceResponse.java:88:66:88:68 | uri : Uri | semmle.label | uri : Uri |
| InsecureWebResourceResponse.java:88:66:88:89 | getLastPathSegment(...) : String | semmle.label | getLastPathSegment(...) : String |
| InsecureWebResourceResponse.java:89:55:89:84 | new FileInputStream(...) : FileInputStream | semmle.label | new FileInputStream(...) : FileInputStream |
| InsecureWebResourceResponse.java:89:75:89:83 | cacheFile : File | semmle.label | cacheFile : File |
| InsecureWebResourceResponse.java:91:75:91:85 | inputStream | semmle.label | inputStream |
| InsecureWebResourceResponse.java:101:20:101:22 | url : Object | semmle.label | url : Object |
| InsecureWebResourceResponse.java:106:34:106:43 | url : Object | semmle.label | url : Object |
| InsecureWebResourceResponse.java:110:77:110:86 | url : Object | semmle.label | url : Object |
| InsecureWebResourceResponse.java:101:20:101:22 | url : String | semmle.label | url : String |
| InsecureWebResourceResponse.java:106:34:106:43 | url : String | semmle.label | url : String |
| InsecureWebResourceResponse.java:110:77:110:86 | url : String | semmle.label | url : String |
| InsecureWebResourceResponse.java:112:31:112:44 | parse(...) : Uri | semmle.label | parse(...) : Uri |
| InsecureWebResourceResponse.java:112:41:112:43 | url : Object | semmle.label | url : Object |
| InsecureWebResourceResponse.java:112:41:112:43 | url : String | semmle.label | url : String |
| InsecureWebResourceResponse.java:113:35:113:37 | uri : Uri | semmle.label | uri : Uri |
| InsecureWebResourceResponse.java:113:35:113:47 | getPath(...) : String | semmle.label | getPath(...) : String |
| InsecureWebResourceResponse.java:113:35:113:60 | substring(...) : String | semmle.label | substring(...) : String |
@@ -154,16 +154,16 @@ nodes
| InsecureWebResourceResponse.java:115:75:115:78 | path : String | semmle.label | path : String |
| InsecureWebResourceResponse.java:115:75:115:107 | substring(...) : String | semmle.label | substring(...) : String |
| InsecureWebResourceResponse.java:117:75:117:85 | inputStream | semmle.label | inputStream |
| InsecureWebResourceResponse.java:127:20:127:22 | url : Object | semmle.label | url : Object |
| InsecureWebResourceResponse.java:131:36:131:45 | url : Object | semmle.label | url : Object |
| InsecureWebResourceResponse.java:152:20:152:22 | url : Object | semmle.label | url : Object |
| InsecureWebResourceResponse.java:156:35:156:44 | url : Object | semmle.label | url : Object |
| InsecureWebResourceResponse.java:177:20:177:22 | url : Object | semmle.label | url : Object |
| InsecureWebResourceResponse.java:181:34:181:43 | url : Object | semmle.label | url : Object |
| InsecureWebResourceResponse.java:184:20:184:22 | url : Object | semmle.label | url : Object |
| InsecureWebResourceResponse.java:188:34:188:43 | url : Object | semmle.label | url : Object |
| InsecureWebResourceResponse.java:192:77:192:102 | request : Object | semmle.label | request : Object |
| InsecureWebResourceResponse.java:194:31:194:37 | request : Object | semmle.label | request : Object |
| InsecureWebResourceResponse.java:127:20:127:22 | url : String | semmle.label | url : String |
| InsecureWebResourceResponse.java:131:36:131:45 | url : String | semmle.label | url : String |
| InsecureWebResourceResponse.java:152:20:152:22 | url : String | semmle.label | url : String |
| InsecureWebResourceResponse.java:156:35:156:44 | url : String | semmle.label | url : String |
| InsecureWebResourceResponse.java:177:20:177:22 | url : String | semmle.label | url : String |
| InsecureWebResourceResponse.java:181:34:181:43 | url : String | semmle.label | url : String |
| InsecureWebResourceResponse.java:184:20:184:22 | url : String | semmle.label | url : String |
| InsecureWebResourceResponse.java:188:34:188:43 | url : String | semmle.label | url : String |
| InsecureWebResourceResponse.java:192:77:192:102 | request : WebResourceRequest | semmle.label | request : WebResourceRequest |
| InsecureWebResourceResponse.java:194:31:194:37 | request : WebResourceRequest | semmle.label | request : WebResourceRequest |
| InsecureWebResourceResponse.java:194:31:194:46 | getUrl(...) : Uri | semmle.label | getUrl(...) : Uri |
| InsecureWebResourceResponse.java:196:42:196:90 | new File(...) : File | semmle.label | new File(...) : File |
| InsecureWebResourceResponse.java:196:66:196:68 | uri : Uri | semmle.label | uri : Uri |
@@ -171,24 +171,24 @@ nodes
| InsecureWebResourceResponse.java:197:55:197:84 | new FileInputStream(...) : FileInputStream | semmle.label | new FileInputStream(...) : FileInputStream |
| InsecureWebResourceResponse.java:197:75:197:83 | cacheFile : File | semmle.label | cacheFile : File |
| InsecureWebResourceResponse.java:199:75:199:85 | inputStream | semmle.label | inputStream |
| InsecureWebResourceResponse.java:209:20:209:22 | url : Object | semmle.label | url : Object |
| InsecureWebResourceResponse.java:217:35:217:44 | url : Object | semmle.label | url : Object |
| InsecureWebResourceResponse.java:226:20:226:22 | url : Object | semmle.label | url : Object |
| InsecureWebResourceResponse.java:232:69:232:78 | url : Object | semmle.label | url : Object |
| InsecureWebResourceResponse.java:209:20:209:22 | url : String | semmle.label | url : String |
| InsecureWebResourceResponse.java:217:35:217:44 | url : String | semmle.label | url : String |
| InsecureWebResourceResponse.java:226:20:226:22 | url : String | semmle.label | url : String |
| InsecureWebResourceResponse.java:232:69:232:78 | url : String | semmle.label | url : String |
| InsecureWebResourceResponse.java:234:23:234:36 | parse(...) : Uri | semmle.label | parse(...) : Uri |
| InsecureWebResourceResponse.java:234:33:234:35 | url : Object | semmle.label | url : Object |
| InsecureWebResourceResponse.java:234:33:234:35 | url : String | semmle.label | url : String |
| InsecureWebResourceResponse.java:235:43:235:76 | new FileInputStream(...) : FileInputStream | semmle.label | new FileInputStream(...) : FileInputStream |
| InsecureWebResourceResponse.java:235:63:235:65 | uri : Uri | semmle.label | uri : Uri |
| InsecureWebResourceResponse.java:235:63:235:75 | getPath(...) : String | semmle.label | getPath(...) : String |
| InsecureWebResourceResponse.java:237:63:237:73 | inputStream | semmle.label | inputStream |
| InsecureWebViewActivity.java:27:27:27:37 | getIntent(...) : Intent | semmle.label | getIntent(...) : Intent |
| InsecureWebViewActivity.java:27:27:27:64 | getStringExtra(...) : Object | semmle.label | getStringExtra(...) : Object |
| InsecureWebViewActivity.java:28:20:28:27 | inputUrl : Object | semmle.label | inputUrl : Object |
| InsecureWebViewActivity.java:42:28:42:37 | url : Object | semmle.label | url : Object |
| InsecureWebViewActivity.java:43:25:43:27 | url : Object | semmle.label | url : Object |
| InsecureWebViewActivity.java:53:77:53:86 | url : Object | semmle.label | url : Object |
| InsecureWebViewActivity.java:27:27:27:64 | getStringExtra(...) : String | semmle.label | getStringExtra(...) : String |
| InsecureWebViewActivity.java:28:20:28:27 | inputUrl : String | semmle.label | inputUrl : String |
| InsecureWebViewActivity.java:42:28:42:37 | url : String | semmle.label | url : String |
| InsecureWebViewActivity.java:43:25:43:27 | url : String | semmle.label | url : String |
| InsecureWebViewActivity.java:53:77:53:86 | url : String | semmle.label | url : String |
| InsecureWebViewActivity.java:55:31:55:44 | parse(...) : Uri | semmle.label | parse(...) : Uri |
| InsecureWebViewActivity.java:55:41:55:43 | url : Object | semmle.label | url : Object |
| InsecureWebViewActivity.java:55:41:55:43 | url : String | semmle.label | url : String |
| InsecureWebViewActivity.java:56:51:56:84 | new FileInputStream(...) : FileInputStream | semmle.label | new FileInputStream(...) : FileInputStream |
| InsecureWebViewActivity.java:56:71:56:73 | uri : Uri | semmle.label | uri : Uri |
| InsecureWebViewActivity.java:56:71:56:83 | getPath(...) : String | semmle.label | getPath(...) : String |

48
java/ql/test/experimental/query-tests/security/CWE-200/SensitiveAndroidFileLeak.expected
View File

@@ -1,47 +1,47 @@
edges
| FileService.java:20:31:20:43 | intent : Intent | FileService.java:21:28:21:33 | intent : Intent |
| FileService.java:21:28:21:33 | intent : Intent | FileService.java:21:28:21:64 | getStringExtra(...) : Object |
| FileService.java:21:28:21:64 | getStringExtra(...) : Object | FileService.java:25:42:25:50 | localPath : Object |
| FileService.java:21:28:21:33 | intent : Intent | FileService.java:21:28:21:64 | getStringExtra(...) : String |
| FileService.java:21:28:21:64 | getStringExtra(...) : String | FileService.java:25:42:25:50 | localPath : String |
| FileService.java:25:13:25:51 | makeParamsToExecute(...) : Object[] | FileService.java:40:41:40:55 | params : Object[] |
| FileService.java:25:13:25:51 | makeParamsToExecute(...) : Object[] [[]] : Object | FileService.java:25:13:25:51 | makeParamsToExecute(...) : Object[] |
| FileService.java:25:42:25:50 | localPath : Object | FileService.java:25:13:25:51 | makeParamsToExecute(...) : Object[] [[]] : Object |
| FileService.java:25:42:25:50 | localPath : Object | FileService.java:32:13:32:28 | sourceUri : Object |
| FileService.java:32:13:32:28 | sourceUri : Object | FileService.java:35:17:35:25 | sourceUri : Object |
| FileService.java:34:20:36:13 | {...} : Object[] [[]] : Object | FileService.java:34:20:36:13 | new Object[] : Object[] [[]] : Object |
| FileService.java:35:17:35:25 | sourceUri : Object | FileService.java:34:20:36:13 | {...} : Object[] [[]] : Object |
| FileService.java:40:41:40:55 | params : Object[] | FileService.java:44:33:44:52 | (...)... : Object |
| FileService.java:44:33:44:52 | (...)... : Object | FileService.java:45:53:45:59 | ...[...] |
| FileService.java:25:13:25:51 | makeParamsToExecute(...) : Object[] [[]] : String | FileService.java:25:13:25:51 | makeParamsToExecute(...) : Object[] |
| FileService.java:25:42:25:50 | localPath : String | FileService.java:25:13:25:51 | makeParamsToExecute(...) : Object[] [[]] : String |
| FileService.java:25:42:25:50 | localPath : String | FileService.java:32:13:32:28 | sourceUri : String |
| FileService.java:32:13:32:28 | sourceUri : String | FileService.java:35:17:35:25 | sourceUri : String |
| FileService.java:34:20:36:13 | {...} : Object[] [[]] : String | FileService.java:34:20:36:13 | new Object[] : Object[] [[]] : String |
| FileService.java:35:17:35:25 | sourceUri : String | FileService.java:34:20:36:13 | {...} : Object[] [[]] : String |
| FileService.java:40:41:40:55 | params : Object[] | FileService.java:44:33:44:52 | (...)... : String[] |
| FileService.java:44:33:44:52 | (...)... : String[] | FileService.java:45:53:45:59 | ...[...] |
| LeakFileActivity2.java:15:13:15:18 | intent : Intent | LeakFileActivity2.java:16:26:16:31 | intent : Intent |
| LeakFileActivity2.java:16:26:16:31 | intent : Intent | FileService.java:20:31:20:43 | intent : Intent |
| LeakFileActivity.java:14:35:14:38 | data : Intent | LeakFileActivity.java:18:40:18:59 | contentIntent : Intent |
| LeakFileActivity.java:18:40:18:59 | contentIntent : Intent | LeakFileActivity.java:19:31:19:43 | contentIntent : Intent |
| LeakFileActivity.java:19:31:19:43 | contentIntent : Intent | LeakFileActivity.java:19:31:19:53 | getData(...) : Object |
| LeakFileActivity.java:19:31:19:53 | getData(...) : Object | LeakFileActivity.java:21:58:21:72 | streamsToUpload : Object |
| LeakFileActivity.java:21:58:21:72 | streamsToUpload : Object | LeakFileActivity.java:21:58:21:82 | getPath(...) |
| LeakFileActivity.java:19:31:19:43 | contentIntent : Intent | LeakFileActivity.java:19:31:19:53 | getData(...) : Uri |
| LeakFileActivity.java:19:31:19:53 | getData(...) : Uri | LeakFileActivity.java:21:58:21:72 | streamsToUpload : Uri |
| LeakFileActivity.java:21:58:21:72 | streamsToUpload : Uri | LeakFileActivity.java:21:58:21:82 | getPath(...) |
nodes
| FileService.java:20:31:20:43 | intent : Intent | semmle.label | intent : Intent |
| FileService.java:21:28:21:33 | intent : Intent | semmle.label | intent : Intent |
| FileService.java:21:28:21:64 | getStringExtra(...) : Object | semmle.label | getStringExtra(...) : Object |
| FileService.java:21:28:21:64 | getStringExtra(...) : String | semmle.label | getStringExtra(...) : String |
| FileService.java:25:13:25:51 | makeParamsToExecute(...) : Object[] | semmle.label | makeParamsToExecute(...) : Object[] |
| FileService.java:25:13:25:51 | makeParamsToExecute(...) : Object[] [[]] : Object | semmle.label | makeParamsToExecute(...) : Object[] [[]] : Object |
| FileService.java:25:42:25:50 | localPath : Object | semmle.label | localPath : Object |
| FileService.java:32:13:32:28 | sourceUri : Object | semmle.label | sourceUri : Object |
| FileService.java:34:20:36:13 | new Object[] : Object[] [[]] : Object | semmle.label | new Object[] : Object[] [[]] : Object |
| FileService.java:34:20:36:13 | {...} : Object[] [[]] : Object | semmle.label | {...} : Object[] [[]] : Object |
| FileService.java:35:17:35:25 | sourceUri : Object | semmle.label | sourceUri : Object |
| FileService.java:25:13:25:51 | makeParamsToExecute(...) : Object[] [[]] : String | semmle.label | makeParamsToExecute(...) : Object[] [[]] : String |
| FileService.java:25:42:25:50 | localPath : String | semmle.label | localPath : String |
| FileService.java:32:13:32:28 | sourceUri : String | semmle.label | sourceUri : String |
| FileService.java:34:20:36:13 | new Object[] : Object[] [[]] : String | semmle.label | new Object[] : Object[] [[]] : String |
| FileService.java:34:20:36:13 | {...} : Object[] [[]] : String | semmle.label | {...} : Object[] [[]] : String |
| FileService.java:35:17:35:25 | sourceUri : String | semmle.label | sourceUri : String |
| FileService.java:40:41:40:55 | params : Object[] | semmle.label | params : Object[] |
| FileService.java:44:33:44:52 | (...)... : Object | semmle.label | (...)... : Object |
| FileService.java:44:33:44:52 | (...)... : String[] | semmle.label | (...)... : String[] |
| FileService.java:45:53:45:59 | ...[...] | semmle.label | ...[...] |
| LeakFileActivity2.java:15:13:15:18 | intent : Intent | semmle.label | intent : Intent |
| LeakFileActivity2.java:16:26:16:31 | intent : Intent | semmle.label | intent : Intent |
| LeakFileActivity.java:14:35:14:38 | data : Intent | semmle.label | data : Intent |
| LeakFileActivity.java:18:40:18:59 | contentIntent : Intent | semmle.label | contentIntent : Intent |
| LeakFileActivity.java:19:31:19:43 | contentIntent : Intent | semmle.label | contentIntent : Intent |
| LeakFileActivity.java:19:31:19:53 | getData(...) : Object | semmle.label | getData(...) : Object |
| LeakFileActivity.java:21:58:21:72 | streamsToUpload : Object | semmle.label | streamsToUpload : Object |
| LeakFileActivity.java:19:31:19:53 | getData(...) : Uri | semmle.label | getData(...) : Uri |
| LeakFileActivity.java:21:58:21:72 | streamsToUpload : Uri | semmle.label | streamsToUpload : Uri |
| LeakFileActivity.java:21:58:21:82 | getPath(...) | semmle.label | getPath(...) |
subpaths
| FileService.java:25:42:25:50 | localPath : Object | FileService.java:32:13:32:28 | sourceUri : Object | FileService.java:34:20:36:13 | new Object[] : Object[] [[]] : Object | FileService.java:25:13:25:51 | makeParamsToExecute(...) : Object[] [[]] : Object |
| FileService.java:25:42:25:50 | localPath : String | FileService.java:32:13:32:28 | sourceUri : String | FileService.java:34:20:36:13 | new Object[] : Object[] [[]] : String | FileService.java:25:13:25:51 | makeParamsToExecute(...) : Object[] [[]] : String |
#select
| FileService.java:45:53:45:59 | ...[...] | LeakFileActivity2.java:15:13:15:18 | intent : Intent | FileService.java:45:53:45:59 | ...[...] | Leaking arbitrary Android file from $@. | LeakFileActivity2.java:15:13:15:18 | intent | this user input |
| FileService.java:45:53:45:59 | ...[...] | LeakFileActivity2.java:16:26:16:31 | intent : Intent | FileService.java:45:53:45:59 | ...[...] | Leaking arbitrary Android file from $@. | LeakFileActivity2.java:16:26:16:31 | intent | this user input |

14
java/ql/test/experimental/query-tests/security/CWE-470/UnsafeReflection.expected
View File

@@ -6,17 +6,17 @@ edges
| UnsafeReflection.java:34:33:34:70 | getParameter(...) : String | UnsafeReflection.java:39:58:39:71 | parameterValue |
| UnsafeReflection.java:46:24:46:82 | beanIdOrClassName : String | UnsafeReflection.java:53:30:53:46 | beanIdOrClassName : String |
| UnsafeReflection.java:46:132:46:168 | body : Map | UnsafeReflection.java:49:37:49:40 | body : Map |
| UnsafeReflection.java:49:23:49:59 | (...)... : Object | UnsafeReflection.java:53:67:53:73 | rawData : Object |
| UnsafeReflection.java:49:23:49:59 | (...)... : List | UnsafeReflection.java:53:67:53:73 | rawData : List |
| UnsafeReflection.java:49:37:49:40 | body : Map | UnsafeReflection.java:49:37:49:59 | get(...) : Object |
| UnsafeReflection.java:49:37:49:59 | get(...) : Object | UnsafeReflection.java:49:23:49:59 | (...)... : Object |
| UnsafeReflection.java:49:37:49:59 | get(...) : Object | UnsafeReflection.java:49:23:49:59 | (...)... : List |
| UnsafeReflection.java:53:30:53:46 | beanIdOrClassName : String | UnsafeReflection.java:104:34:104:57 | beanIdOrClassName : String |
| UnsafeReflection.java:53:67:53:73 | rawData : Object | UnsafeReflection.java:104:102:104:118 | data : Object |
| UnsafeReflection.java:53:67:53:73 | rawData : List | UnsafeReflection.java:104:102:104:118 | data : List |
| UnsafeReflection.java:62:33:62:70 | getParameter(...) : String | UnsafeReflection.java:68:76:68:89 | parameterValue |
| UnsafeReflection.java:77:33:77:70 | getParameter(...) : String | UnsafeReflection.java:83:76:83:89 | parameterValue |
| UnsafeReflection.java:92:33:92:70 | getParameter(...) : String | UnsafeReflection.java:98:76:98:89 | parameterValue |
| UnsafeReflection.java:104:34:104:57 | beanIdOrClassName : String | UnsafeReflection.java:119:21:119:26 | method |
| UnsafeReflection.java:104:34:104:57 | beanIdOrClassName : String | UnsafeReflection.java:119:35:119:38 | bean |
| UnsafeReflection.java:104:102:104:118 | data : Object | UnsafeReflection.java:119:41:119:44 | data |
| UnsafeReflection.java:104:102:104:118 | data : List | UnsafeReflection.java:119:41:119:44 | data |
nodes
| UnsafeReflection.java:21:28:21:60 | getParameter(...) : String | semmle.label | getParameter(...) : String |
| UnsafeReflection.java:22:33:22:70 | getParameter(...) : String | semmle.label | getParameter(...) : String |
@@ -29,11 +29,11 @@ nodes
| UnsafeReflection.java:39:58:39:71 | parameterValue | semmle.label | parameterValue |
| UnsafeReflection.java:46:24:46:82 | beanIdOrClassName : String | semmle.label | beanIdOrClassName : String |
| UnsafeReflection.java:46:132:46:168 | body : Map | semmle.label | body : Map |
| UnsafeReflection.java:49:23:49:59 | (...)... : Object | semmle.label | (...)... : Object |
| UnsafeReflection.java:49:23:49:59 | (...)... : List | semmle.label | (...)... : List |
| UnsafeReflection.java:49:37:49:40 | body : Map | semmle.label | body : Map |
| UnsafeReflection.java:49:37:49:59 | get(...) : Object | semmle.label | get(...) : Object |
| UnsafeReflection.java:53:30:53:46 | beanIdOrClassName : String | semmle.label | beanIdOrClassName : String |
| UnsafeReflection.java:53:67:53:73 | rawData : Object | semmle.label | rawData : Object |
| UnsafeReflection.java:53:67:53:73 | rawData : List | semmle.label | rawData : List |
| UnsafeReflection.java:62:33:62:70 | getParameter(...) : String | semmle.label | getParameter(...) : String |
| UnsafeReflection.java:68:76:68:89 | parameterValue | semmle.label | parameterValue |
| UnsafeReflection.java:77:33:77:70 | getParameter(...) : String | semmle.label | getParameter(...) : String |
@@ -41,7 +41,7 @@ nodes
| UnsafeReflection.java:92:33:92:70 | getParameter(...) : String | semmle.label | getParameter(...) : String |
| UnsafeReflection.java:98:76:98:89 | parameterValue | semmle.label | parameterValue |
| UnsafeReflection.java:104:34:104:57 | beanIdOrClassName : String | semmle.label | beanIdOrClassName : String |
| UnsafeReflection.java:104:102:104:118 | data : Object | semmle.label | data : Object |
| UnsafeReflection.java:104:102:104:118 | data : List | semmle.label | data : List |
| UnsafeReflection.java:119:21:119:26 | method | semmle.label | method |
| UnsafeReflection.java:119:35:119:38 | bean | semmle.label | bean |
| UnsafeReflection.java:119:41:119:44 | data | semmle.label | data |

16
java/ql/test/experimental/query-tests/security/CWE-552/UnsafeUrlForward.expected
View File

@@ -3,13 +3,14 @@ edges
| UnsafeLoadSpringResource.java:31:27:31:57 | new ClassPathResource(...) : ClassPathResource | UnsafeLoadSpringResource.java:35:31:35:33 | clr |
| UnsafeLoadSpringResource.java:31:49:31:56 | fileName : String | UnsafeLoadSpringResource.java:31:27:31:57 | new ClassPathResource(...) : ClassPathResource |
| UnsafeLoadSpringResource.java:68:32:68:77 | fileName : String | UnsafeLoadSpringResource.java:76:38:76:45 | fileName |
| UnsafeLoadSpringResource.java:108:32:108:77 | fileName : String | UnsafeLoadSpringResource.java:116:51:116:58 | fileName |
| UnsafeRequestPath.java:20:17:20:63 | getServletPath(...) : String | UnsafeRequestPath.java:23:33:23:36 | path |
| UnsafeResourceGet2.java:16:32:16:79 | getRequestParameterMap(...) : Map | UnsafeResourceGet2.java:17:20:17:25 | params : Map |
| UnsafeResourceGet2.java:17:20:17:25 | params : Map | UnsafeResourceGet2.java:17:20:17:40 | get(...) : Object |
| UnsafeResourceGet2.java:17:20:17:40 | get(...) : Object | UnsafeResourceGet2.java:19:93:19:99 | loadUrl |
| UnsafeResourceGet2.java:17:20:17:25 | params : Map | UnsafeResourceGet2.java:17:20:17:40 | get(...) : String |
| UnsafeResourceGet2.java:17:20:17:40 | get(...) : String | UnsafeResourceGet2.java:19:93:19:99 | loadUrl |
| UnsafeResourceGet2.java:32:32:32:79 | getRequestParameterMap(...) : Map | UnsafeResourceGet2.java:33:20:33:25 | params : Map |
| UnsafeResourceGet2.java:33:20:33:25 | params : Map | UnsafeResourceGet2.java:33:20:33:40 | get(...) : Object |
| UnsafeResourceGet2.java:33:20:33:40 | get(...) : Object | UnsafeResourceGet2.java:37:20:37:22 | url |
| UnsafeResourceGet2.java:33:20:33:25 | params : Map | UnsafeResourceGet2.java:33:20:33:40 | get(...) : String |
| UnsafeResourceGet2.java:33:20:33:40 | get(...) : String | UnsafeResourceGet2.java:37:20:37:22 | url |
| UnsafeResourceGet.java:32:23:32:56 | getParameter(...) : String | UnsafeResourceGet.java:41:20:41:22 | url |
| UnsafeResourceGet.java:111:24:111:58 | getParameter(...) : String | UnsafeResourceGet.java:115:68:115:78 | requestPath |
| UnsafeResourceGet.java:143:23:143:56 | getParameter(...) : String | UnsafeResourceGet.java:150:20:150:22 | url |
@@ -35,15 +36,17 @@ nodes
| UnsafeLoadSpringResource.java:35:31:35:33 | clr | semmle.label | clr |
| UnsafeLoadSpringResource.java:68:32:68:77 | fileName : String | semmle.label | fileName : String |
| UnsafeLoadSpringResource.java:76:38:76:45 | fileName | semmle.label | fileName |
| UnsafeLoadSpringResource.java:108:32:108:77 | fileName : String | semmle.label | fileName : String |
| UnsafeLoadSpringResource.java:116:51:116:58 | fileName | semmle.label | fileName |
| UnsafeRequestPath.java:20:17:20:63 | getServletPath(...) : String | semmle.label | getServletPath(...) : String |
| UnsafeRequestPath.java:23:33:23:36 | path | semmle.label | path |
| UnsafeResourceGet2.java:16:32:16:79 | getRequestParameterMap(...) : Map | semmle.label | getRequestParameterMap(...) : Map |
| UnsafeResourceGet2.java:17:20:17:25 | params : Map | semmle.label | params : Map |
| UnsafeResourceGet2.java:17:20:17:40 | get(...) : Object | semmle.label | get(...) : Object |
| UnsafeResourceGet2.java:17:20:17:40 | get(...) : String | semmle.label | get(...) : String |
| UnsafeResourceGet2.java:19:93:19:99 | loadUrl | semmle.label | loadUrl |
| UnsafeResourceGet2.java:32:32:32:79 | getRequestParameterMap(...) : Map | semmle.label | getRequestParameterMap(...) : Map |
| UnsafeResourceGet2.java:33:20:33:25 | params : Map | semmle.label | params : Map |
| UnsafeResourceGet2.java:33:20:33:40 | get(...) : Object | semmle.label | get(...) : Object |
| UnsafeResourceGet2.java:33:20:33:40 | get(...) : String | semmle.label | get(...) : String |
| UnsafeResourceGet2.java:37:20:37:22 | url | semmle.label | url |
| UnsafeResourceGet.java:32:23:32:56 | getParameter(...) : String | semmle.label | getParameter(...) : String |
| UnsafeResourceGet.java:41:20:41:22 | url | semmle.label | url |
@@ -83,6 +86,7 @@ subpaths
#select
| UnsafeLoadSpringResource.java:35:31:35:33 | clr | UnsafeLoadSpringResource.java:27:32:27:77 | fileName : String | UnsafeLoadSpringResource.java:35:31:35:33 | clr | Potentially untrusted URL forward due to $@. | UnsafeLoadSpringResource.java:27:32:27:77 | fileName | user-provided value |
| UnsafeLoadSpringResource.java:76:38:76:45 | fileName | UnsafeLoadSpringResource.java:68:32:68:77 | fileName : String | UnsafeLoadSpringResource.java:76:38:76:45 | fileName | Potentially untrusted URL forward due to $@. | UnsafeLoadSpringResource.java:68:32:68:77 | fileName | user-provided value |
| UnsafeLoadSpringResource.java:116:51:116:58 | fileName | UnsafeLoadSpringResource.java:108:32:108:77 | fileName : String | UnsafeLoadSpringResource.java:116:51:116:58 | fileName | Potentially untrusted URL forward due to $@. | UnsafeLoadSpringResource.java:108:32:108:77 | fileName | user-provided value |
| UnsafeRequestPath.java:23:33:23:36 | path | UnsafeRequestPath.java:20:17:20:63 | getServletPath(...) : String | UnsafeRequestPath.java:23:33:23:36 | path | Potentially untrusted URL forward due to $@. | UnsafeRequestPath.java:20:17:20:63 | getServletPath(...) | user-provided value |
| UnsafeResourceGet2.java:19:93:19:99 | loadUrl | UnsafeResourceGet2.java:16:32:16:79 | getRequestParameterMap(...) : Map | UnsafeResourceGet2.java:19:93:19:99 | loadUrl | Potentially untrusted URL forward due to $@. | UnsafeResourceGet2.java:16:32:16:79 | getRequestParameterMap(...) | user-provided value |
| UnsafeResourceGet2.java:37:20:37:22 | url | UnsafeResourceGet2.java:32:32:32:79 | getRequestParameterMap(...) : Map | UnsafeResourceGet2.java:37:20:37:22 | url | Potentially untrusted URL forward due to $@. | UnsafeResourceGet2.java:32:32:32:79 | getRequestParameterMap(...) | user-provided value |

16
java/ql/test/experimental/query-tests/security/CWE-598/SensitiveGetQuery.expected
View File

@@ -1,11 +1,11 @@
edges
| SensitiveGetQuery2.java:12:13:12:37 | getParameterMap(...) : Map | SensitiveGetQuery2.java:14:30:14:32 | map : Map |
| SensitiveGetQuery2.java:14:21:14:48 | (...)... : Object | SensitiveGetQuery2.java:15:29:15:36 | password |
| SensitiveGetQuery2.java:14:21:14:48 | (...)... : Object | SensitiveGetQuery2.java:15:29:15:36 | password : Object |
| SensitiveGetQuery2.java:14:21:14:48 | (...)... : String | SensitiveGetQuery2.java:15:29:15:36 | password |
| SensitiveGetQuery2.java:14:21:14:48 | (...)... : String | SensitiveGetQuery2.java:15:29:15:36 | password : String |
| SensitiveGetQuery2.java:14:30:14:32 | map : Map | SensitiveGetQuery2.java:14:30:14:48 | get(...) : Object |
| SensitiveGetQuery2.java:14:30:14:48 | get(...) : Object | SensitiveGetQuery2.java:14:21:14:48 | (...)... : Object |
| SensitiveGetQuery2.java:15:29:15:36 | password : Object | SensitiveGetQuery2.java:18:40:18:54 | password : Object |
| SensitiveGetQuery2.java:18:40:18:54 | password : Object | SensitiveGetQuery2.java:19:61:19:68 | password |
| SensitiveGetQuery2.java:14:30:14:48 | get(...) : Object | SensitiveGetQuery2.java:14:21:14:48 | (...)... : String |
| SensitiveGetQuery2.java:15:29:15:36 | password : String | SensitiveGetQuery2.java:18:40:18:54 | password : String |
| SensitiveGetQuery2.java:18:40:18:54 | password : String | SensitiveGetQuery2.java:19:61:19:68 | password |
| SensitiveGetQuery3.java:12:21:12:60 | getRequestParameter(...) : String | SensitiveGetQuery3.java:13:57:13:64 | password |
| SensitiveGetQuery3.java:17:10:17:40 | getParameter(...) : String | SensitiveGetQuery3.java:12:21:12:60 | getRequestParameter(...) : String |
| SensitiveGetQuery4.java:14:24:14:66 | getRequestParameter(...) : String | SensitiveGetQuery4.java:16:37:16:47 | accessToken |
@@ -16,12 +16,12 @@ edges
| SensitiveGetQuery.java:17:40:17:54 | password : String | SensitiveGetQuery.java:18:61:18:68 | password |
nodes
| SensitiveGetQuery2.java:12:13:12:37 | getParameterMap(...) : Map | semmle.label | getParameterMap(...) : Map |
| SensitiveGetQuery2.java:14:21:14:48 | (...)... : Object | semmle.label | (...)... : Object |
| SensitiveGetQuery2.java:14:21:14:48 | (...)... : String | semmle.label | (...)... : String |
| SensitiveGetQuery2.java:14:30:14:32 | map : Map | semmle.label | map : Map |
| SensitiveGetQuery2.java:14:30:14:48 | get(...) : Object | semmle.label | get(...) : Object |
| SensitiveGetQuery2.java:15:29:15:36 | password | semmle.label | password |
| SensitiveGetQuery2.java:15:29:15:36 | password : Object | semmle.label | password : Object |
| SensitiveGetQuery2.java:18:40:18:54 | password : Object | semmle.label | password : Object |
| SensitiveGetQuery2.java:15:29:15:36 | password : String | semmle.label | password : String |
| SensitiveGetQuery2.java:18:40:18:54 | password : String | semmle.label | password : String |
| SensitiveGetQuery2.java:19:61:19:68 | password | semmle.label | password |
| SensitiveGetQuery3.java:12:21:12:60 | getRequestParameter(...) : String | semmle.label | getRequestParameter(...) : String |
| SensitiveGetQuery3.java:13:57:13:64 | password | semmle.label | password |

26
java/ql/test/experimental/query-tests/security/CWE-755/NFEAndroidDoS.expected
View File

@@ -1,25 +1,25 @@
edges
| NFEAndroidDoS.java:13:24:13:34 | getIntent(...) : Intent | NFEAndroidDoS.java:13:24:13:61 | getStringExtra(...) : Object |
| NFEAndroidDoS.java:13:24:13:61 | getStringExtra(...) : Object | NFEAndroidDoS.java:14:21:14:51 | parseDouble(...) |
| NFEAndroidDoS.java:22:21:22:31 | getIntent(...) : Intent | NFEAndroidDoS.java:22:21:22:55 | getStringExtra(...) : Object |
| NFEAndroidDoS.java:22:21:22:55 | getStringExtra(...) : Object | NFEAndroidDoS.java:23:15:23:40 | parseInt(...) |
| NFEAndroidDoS.java:25:22:25:32 | getIntent(...) : Intent | NFEAndroidDoS.java:25:22:25:57 | getStringExtra(...) : Object |
| NFEAndroidDoS.java:25:22:25:57 | getStringExtra(...) : Object | NFEAndroidDoS.java:26:16:26:42 | parseInt(...) |
| NFEAndroidDoS.java:43:24:43:34 | getIntent(...) : Intent | NFEAndroidDoS.java:43:24:43:61 | getStringExtra(...) : Object |
| NFEAndroidDoS.java:43:24:43:61 | getStringExtra(...) : Object | NFEAndroidDoS.java:44:21:44:43 | new Double(...) |
| NFEAndroidDoS.java:43:24:43:61 | getStringExtra(...) : Object | NFEAndroidDoS.java:47:21:47:47 | valueOf(...) |
| NFEAndroidDoS.java:13:24:13:34 | getIntent(...) : Intent | NFEAndroidDoS.java:13:24:13:61 | getStringExtra(...) : String |
| NFEAndroidDoS.java:13:24:13:61 | getStringExtra(...) : String | NFEAndroidDoS.java:14:21:14:51 | parseDouble(...) |
| NFEAndroidDoS.java:22:21:22:31 | getIntent(...) : Intent | NFEAndroidDoS.java:22:21:22:55 | getStringExtra(...) : String |
| NFEAndroidDoS.java:22:21:22:55 | getStringExtra(...) : String | NFEAndroidDoS.java:23:15:23:40 | parseInt(...) |
| NFEAndroidDoS.java:25:22:25:32 | getIntent(...) : Intent | NFEAndroidDoS.java:25:22:25:57 | getStringExtra(...) : String |
| NFEAndroidDoS.java:25:22:25:57 | getStringExtra(...) : String | NFEAndroidDoS.java:26:16:26:42 | parseInt(...) |
| NFEAndroidDoS.java:43:24:43:34 | getIntent(...) : Intent | NFEAndroidDoS.java:43:24:43:61 | getStringExtra(...) : String |
| NFEAndroidDoS.java:43:24:43:61 | getStringExtra(...) : String | NFEAndroidDoS.java:44:21:44:43 | new Double(...) |
| NFEAndroidDoS.java:43:24:43:61 | getStringExtra(...) : String | NFEAndroidDoS.java:47:21:47:47 | valueOf(...) |
nodes
| NFEAndroidDoS.java:13:24:13:34 | getIntent(...) : Intent | semmle.label | getIntent(...) : Intent |
| NFEAndroidDoS.java:13:24:13:61 | getStringExtra(...) : Object | semmle.label | getStringExtra(...) : Object |
| NFEAndroidDoS.java:13:24:13:61 | getStringExtra(...) : String | semmle.label | getStringExtra(...) : String |
| NFEAndroidDoS.java:14:21:14:51 | parseDouble(...) | semmle.label | parseDouble(...) |
| NFEAndroidDoS.java:22:21:22:31 | getIntent(...) : Intent | semmle.label | getIntent(...) : Intent |
| NFEAndroidDoS.java:22:21:22:55 | getStringExtra(...) : Object | semmle.label | getStringExtra(...) : Object |
| NFEAndroidDoS.java:22:21:22:55 | getStringExtra(...) : String | semmle.label | getStringExtra(...) : String |
| NFEAndroidDoS.java:23:15:23:40 | parseInt(...) | semmle.label | parseInt(...) |
| NFEAndroidDoS.java:25:22:25:32 | getIntent(...) : Intent | semmle.label | getIntent(...) : Intent |
| NFEAndroidDoS.java:25:22:25:57 | getStringExtra(...) : Object | semmle.label | getStringExtra(...) : Object |
| NFEAndroidDoS.java:25:22:25:57 | getStringExtra(...) : String | semmle.label | getStringExtra(...) : String |
| NFEAndroidDoS.java:26:16:26:42 | parseInt(...) | semmle.label | parseInt(...) |
| NFEAndroidDoS.java:43:24:43:34 | getIntent(...) : Intent | semmle.label | getIntent(...) : Intent |
| NFEAndroidDoS.java:43:24:43:61 | getStringExtra(...) : Object | semmle.label | getStringExtra(...) : Object |
| NFEAndroidDoS.java:43:24:43:61 | getStringExtra(...) : String | semmle.label | getStringExtra(...) : String |
| NFEAndroidDoS.java:44:21:44:43 | new Double(...) | semmle.label | new Double(...) |
| NFEAndroidDoS.java:47:21:47:47 | valueOf(...) | semmle.label | valueOf(...) |
subpaths

2
java/ql/test/ext/TestModels/Test.java
View File

@@ -82,7 +82,7 @@ public class Test {
Connection con = DriverManager.getConnection("");
PreparedStatement ps1 = con.prepareStatement("UPDATE EMPLOYEES SET NAME = ? WHERE ID = ?");
ps1.setString(1, (String)source());
sink(ps1); // $hasValueFlow
sink(ps1); // safe
// java.util.concurrent.atomic
AtomicReference ar = new AtomicReference(source());

11
java/ql/test/kotlin/library-tests/dataflow/summaries/use.kt Normal file
View File

@@ -0,0 +1,11 @@
import java.io.Closeable
class UseFlowTest {
fun <T> taint(t: T) = t
fun sink(s: Closeable) { }
fun test(input: Closeable) {
taint(input).use { it -> sink(it) } // $ hasValueFlow
sink(taint(input).use { it }) // $ hasValueFlow
}
}

9
java/ql/test/kotlin/library-tests/dataflow/summaries/with.kt Normal file
View File

@@ -0,0 +1,9 @@
class WithFlowTest {
fun <T> taint(t: T) = t
fun sink(s: String) { }
fun test(input: String) {
with(taint(input)) { sink(this) } // $ hasValueFlow
sink(with(taint(input)) { this }) // $ hasValueFlow
}
}

31
java/ql/test/library-tests/dispatch/CallableViaSummary.java Normal file
View File

@@ -0,0 +1,31 @@
import java.util.*;
public class CallableViaSummary {
public interface Element {
public void handle(String message);
}
public void main(String[] args) {
List<Element> elements = new ArrayList<>();
List<Element> elements2 = new ArrayList<>();
elements.add(new Element() {
@Override
public void handle(String message) {
System.out.println(message);
}
});
elements.add(message -> System.out.println(message));
// This dispatches to the two added elements because
// the summary of ArrayList causes flow via type tracking.
elements.get(0).handle("Hello, world!");
// This does not dispatch to anything, showing that the
// open-world assumption does not apply
// (and hence that type tracking is necessary above).
elements2.get(0).handle("Hello, world!");
}
}

2
java/ql/test/library-tests/dispatch/viaSummary.expected Normal file
View File

@@ -0,0 +1,2 @@
| CallableViaSummary.java:24:9:24:47 | handle(...) | CallableViaSummary.java:15:25:15:30 | handle |
| CallableViaSummary.java:24:9:24:47 | handle(...) | CallableViaSummary.java:20:22:20:59 | handle |

9
java/ql/test/library-tests/dispatch/viaSummary.ql Normal file
View File

@@ -0,0 +1,9 @@
import java
import semmle.code.java.dispatch.VirtualDispatch
from MethodAccess ma, Method m
where
m = viableImpl(ma) and
m.fromSource() and
ma.getFile().toString() = "CallableViaSummary"
select ma, m

6
java/ql/test/library-tests/frameworks/apache-collections/Test.java
View File

@@ -721,14 +721,14 @@ public class Test {
{
// "org.apache.commons.collections4;MapUtils;true;getMap;;;MapValue of Argument[0];ReturnValue;value;manual"
Map out = null;
Map in = newTreeMapWithMapValue((String)source());
Map in = newTreeMapWithMapValue((Map)source());
out = MapUtils.getMap(in, null, null);
sink(out); // $ hasValueFlow
}
{
// "org.apache.commons.collections4;MapUtils;true;getMap;;;MapValue of Argument[0];ReturnValue;value;manual"
Map out = null;
Map in = newTreeMapWithMapValue((String)source());
Map in = newTreeMapWithMapValue((Map)source());
out = MapUtils.getMap(in, null);
sink(out); // $ hasValueFlow
}
@@ -7257,4 +7257,4 @@ public class Test {
}
}
}
}

47
java/ql/test/library-tests/frameworks/gson/Test.java
View File

@@ -25,7 +25,7 @@ public class Test {
<K> K getMapKeyDefault(Map.Entry<K,?> container) { return container.getKey(); }
JsonElement getMapValueDefault(JsonObject container) { return container.get(null); }
<V> V getMapValueDefault(Map.Entry<?,V> container) { return container.getValue(); }
JsonArray newWithElementDefault(String element) { JsonArray a = new JsonArray(); a.add(element); return a; }
JsonArray newWithElementDefault(JsonElement element) { JsonArray a = new JsonArray(); a.add(element); return a; }
JsonObject newWithMapKeyDefault(String key) { JsonObject o = new JsonObject(); o.add(key, (JsonElement) null); return o; }
JsonObject newWithMapValueDefault(JsonElement element) { JsonObject o = new JsonObject(); o.add(null, element); return o; }
Object source() { return null; }
@@ -232,51 +232,58 @@ public class Test {
sink(out); // $ hasTaintFlow
}
{
// "com.google.gson;JsonArray;true;add;;;Argument[0];Argument[this].Element;value;manual"
// "com.google.gson;JsonArray;true;add;(Boolean);;Argument[0];Argument[this].Element;taint;manual"
JsonArray out = null;
Boolean in = (Boolean)source();
out.add(in);
sink(getElement(out)); // $ hasValueFlow
sink(getElement(out)); // $ hasTaintFlow
}
{
// "com.google.gson;JsonArray;true;add;;;Argument[0];Argument[this].Element;value;manual"
// "com.google.gson;JsonArray;true;add;(Character);;Argument[0];Argument[this].Element;taint;manual"
JsonArray out = null;
Character in = (Character)source();
out.add(in);
sink(getElement(out)); // $ hasValueFlow
sink(getElement(out)); // $ hasTaintFlow
}
{
// "com.google.gson;JsonArray;true;add;;;Argument[0];Argument[this].Element;value;manual"
// "com.google.gson;JsonArray;true;add;(JsonElement);;Argument[0];Argument[this].Element;value;manual"
JsonArray out = null;
JsonElement in = (JsonElement)source();
out.add(in);
sink(getElement(out)); // $ hasValueFlow
}
{
// "com.google.gson;JsonArray;true;add;;;Argument[0];Argument[this].Element;value;manual"
// "com.google.gson;JsonArray;true;add;(Number);;Argument[0];Argument[this].Element;taint;manual"
JsonArray out = null;
Number in = (Number)source();
out.add(in);
sink(getElement(out)); // $ hasValueFlow
sink(getElement(out)); // $ hasTaintFlow
}
{
// "com.google.gson;JsonArray;true;add;;;Argument[0];Argument[this].Element;value;manual"
// "com.google.gson;JsonArray;true;add;(String);;Argument[0];Argument[this].Element;taint;manual"
JsonArray out = null;
String in = (String)source();
out.add(in);
sink(getElement(out)); // $ hasTaintFlow
}
{
// "com.google.gson;JsonArray;true;addAll;(JsonArray);;Argument[0].Element;Argument[this].Element;value;manual"
JsonArray out = null;
JsonArray in = newWithElementDefault((JsonElement) source());
out.addAll(in);
sink(getElement(out)); // $ hasValueFlow
}
{
// "com.google.gson;JsonArray;true;asList;;;Argument[this].Element;ReturnValue.Element;value;manual"
List out = null;
JsonArray in = (JsonArray)newWithElementDefault((String) source());
JsonArray in = newWithElementDefault((JsonElement) source());
out = in.asList();
sink(getElement(out)); // $ hasValueFlow
}
{
// "com.google.gson;JsonArray;true;get;;;Argument[this].Element;ReturnValue;value;manual"
JsonElement out = null;
JsonArray in = (JsonArray)newWithElementDefault((String) source());
JsonArray in = newWithElementDefault((JsonElement) source());
out = in.get(0);
sink(out); // $ hasValueFlow
}
@@ -400,51 +407,51 @@ public class Test {
sink(getMapKeyDefault(out)); // $ hasValueFlow
}
{
// "com.google.gson;JsonObject;true;addProperty;(String,String);;Argument[1];Argument[this].MapValue;value;manual"
// "com.google.gson;JsonObject;true;addProperty;(String,String);;Argument[1];Argument[this].MapValue;taint;manual"
JsonObject out = null;
String in = (String)source();
out.addProperty((String)null, in);
sink(getMapValueDefault(out)); // $ hasValueFlow
sink(getMapValueDefault(out)); // $ hasTaintFlow
}
{
// "com.google.gson;JsonObject;true;asMap;;;Argument[this].MapKey;ReturnValue.MapKey;value;manual"
Map out = null;
JsonObject in = (JsonObject)newWithMapKeyDefault((String) source());
JsonObject in = newWithMapKeyDefault((String) source());
out = in.asMap();
sink(getMapKey(out)); // $ hasValueFlow
}
{
// "com.google.gson;JsonObject;true;asMap;;;Argument[this].MapValue;ReturnValue.MapValue;value;manual"
Map out = null;
JsonObject in = (JsonObject)newWithMapValueDefault((JsonElement) source());
JsonObject in = newWithMapValueDefault((JsonElement) source());
out = in.asMap();
sink(getMapValue(out)); // $ hasValueFlow
}
{
// "com.google.gson;JsonObject;true;entrySet;;;Argument[this].MapKey;ReturnValue.Element.MapKey;value;manual"
Set<Map.Entry<String,JsonElement>> out = null;
JsonObject in = (JsonObject)newWithMapKeyDefault((String) source());
JsonObject in = newWithMapKeyDefault((String) source());
out = in.entrySet();
sink(getMapKeyDefault(getElement(out))); // $ hasValueFlow
}
{
// "com.google.gson;JsonObject;true;entrySet;;;Argument[this].MapKey;ReturnValue.Element.MapValue;value;manual"
// "com.google.gson;JsonObject;true;entrySet;;;Argument[this].MapValue;ReturnValue.Element.MapValue;value;manual"
Set<Map.Entry<String,JsonElement>> out = null;
JsonObject in = (JsonObject) newWithMapKeyDefault((String) source());
JsonObject in = newWithMapValueDefault((JsonElement) source());
out = in.entrySet();
sink(getMapValueDefault(getElement(out))); // $ hasValueFlow
}
{
// "com.google.gson;JsonObject;true;get;;;Argument[this].MapValue;ReturnValue;value;manual"
JsonElement out = null;
JsonObject in = (JsonObject)newWithMapValueDefault((JsonElement) source());
JsonObject in = newWithMapValueDefault((JsonElement) source());
out = in.get(null);
sink(out); // $ hasValueFlow
}
{
// "com.google.gson;JsonObject;true;keySet;;;Argument[this].MapKey;ReturnValue.Element;value;manual"
Set out = null;
JsonObject in = (JsonObject)newWithMapKeyDefault((String) source());
JsonObject in = newWithMapKeyDefault((String) source());
out = in.keySet();
sink(getElement(out)); // $ hasValueFlow
}

14
java/ql/test/query-tests/ExposeRepresentation/ExposeRepresentation.expected
View File

@@ -1,7 +1,7 @@
| ExposesRep.java:11:19:11:28 | getStrings | getStrings exposes the internal representation stored in field strings. The value may be modified $@. | User.java:5:5:5:19 | User.java:5:5:5:19 | after this call to getStrings |
| ExposesRep.java:11:19:11:28 | getStrings | getStrings exposes the internal representation stored in field strings. The value may be modified $@. | User.java:13:12:13:26 | User.java:13:12:13:26 | after this call to getStrings |
| ExposesRep.java:11:19:11:28 | getStrings | getStrings exposes the internal representation stored in field strings. The value may be modified $@. | User.java:38:12:38:26 | User.java:38:12:38:26 | after this call to getStrings |
| ExposesRep.java:13:30:13:41 | getStringMap | getStringMap exposes the internal representation stored in field stringMap. The value may be modified $@. | User.java:9:5:9:21 | User.java:9:5:9:21 | after this call to getStringMap |
| ExposesRep.java:17:15:17:24 | setStrings | setStrings exposes the internal representation stored in field strings. The value may be modified $@. | User.java:22:5:22:6 | User.java:22:5:22:6 | through the variable ss |
| ExposesRep.java:21:15:21:26 | setStringMap | setStringMap exposes the internal representation stored in field stringMap. The value may be modified $@. | User.java:27:5:27:5 | User.java:27:5:27:5 | through the variable m |
| ExposesRep.java:29:14:29:21 | getArray | getArray exposes the internal representation stored in field array. The value may be modified $@. | User.java:31:5:31:18 | User.java:31:5:31:18 | after this call to getArray |
| ExposesRep.java:11:19:11:28 | getStrings | getStrings exposes the internal representation stored in field strings. The value may be modified $@. | User.java:5:5:5:19 | getStrings(...) | after this call to getStrings |
| ExposesRep.java:11:19:11:28 | getStrings | getStrings exposes the internal representation stored in field strings. The value may be modified $@. | User.java:13:12:13:26 | getStrings(...) | after this call to getStrings |
| ExposesRep.java:11:19:11:28 | getStrings | getStrings exposes the internal representation stored in field strings. The value may be modified $@. | User.java:38:12:38:26 | getStrings(...) | after this call to getStrings |
| ExposesRep.java:13:30:13:41 | getStringMap | getStringMap exposes the internal representation stored in field stringMap. The value may be modified $@. | User.java:9:5:9:21 | getStringMap(...) | after this call to getStringMap |
| ExposesRep.java:17:15:17:24 | setStrings | setStrings exposes the internal representation stored in field strings. The value may be modified $@. | User.java:22:5:22:6 | ss | through the variable ss |
| ExposesRep.java:21:15:21:26 | setStringMap | setStringMap exposes the internal representation stored in field stringMap. The value may be modified $@. | User.java:27:5:27:5 | m | through the variable m |
| ExposesRep.java:29:14:29:21 | getArray | getArray exposes the internal representation stored in field array. The value may be modified $@. | User.java:31:5:31:18 | getArray(...) | after this call to getArray |

2
java/ql/test/query-tests/Metrics/GeneratedVsManualCoverage/TopJdkApisTest/TopJdkApisTest.expected
View File

@@ -8,7 +8,7 @@
| java.nio | 0 | 0 | 2 | 3 | 5 | 0.4 | 0.0 | 0.4 | 0.0 | NaN | 0.6 |
| java.nio.charset | 0 | 0 | 0 | 1 | 1 | 0.0 | 0.0 | 0.0 | NaN | NaN | 1.0 |
| java.nio.file | 0 | 0 | 7 | 1 | 8 | 0.875 | 0.0 | 0.875 | 0.0 | NaN | 0.125 |
| java.sql | 0 | 0 | 2 | 14 | 16 | 0.125 | 0.0 | 0.125 | 0.0 | NaN | 0.875 |
| java.sql | 0 | 0 | 1 | 15 | 16 | 0.0625 | 0.0 | 0.0625 | 0.0 | NaN | 0.9375 |
| java.text | 0 | 0 | 0 | 5 | 5 | 0.0 | 0.0 | 0.0 | NaN | NaN | 1.0 |
| java.time | 0 | 0 | 0 | 17 | 17 | 0.0 | 0.0 | 0.0 | NaN | NaN | 1.0 |
| java.time.chrono | 0 | 0 | 0 | 1 | 1 | 0.0 | 0.0 | 0.0 | NaN | NaN | 1.0 |

1
java/ql/test/query-tests/Telemetry/SupportedExternalSinks/SupportedExternalSinks.expected
View File

@@ -1,2 +1,3 @@
| java.io.File#File(String) | 1 |
| java.io.FileWriter#FileWriter(File) | 1 |
| java.net.URL#openStream() | 1 |

6
java/ql/test/query-tests/security/CWE-078/ExecTaintedLocal.expected
View File

@@ -7,8 +7,8 @@ edges
| Test.java:7:44:7:69 | ... + ... : String | Test.java:7:25:7:70 | new ..[] { .. } : String[] [[]] : String |
| Test.java:10:29:10:74 | {...} : String[] [[]] : String | Test.java:10:29:10:74 | new String[] |
| Test.java:10:61:10:73 | ... + ... : String | Test.java:10:29:10:74 | {...} : String[] [[]] : String |
| Test.java:16:5:16:7 | cmd [post update] : List [<element>] : String | Test.java:18:29:18:31 | cmd |
| Test.java:16:13:16:25 | ... + ... : String | Test.java:16:5:16:7 | cmd [post update] : List [<element>] : String |
| Test.java:16:5:16:7 | cmd [post update] : ArrayList [<element>] : String | Test.java:18:29:18:31 | cmd |
| Test.java:16:13:16:25 | ... + ... : String | Test.java:16:5:16:7 | cmd [post update] : ArrayList [<element>] : String |
| Test.java:22:5:22:8 | cmd1 [post update] : String[] [[]] : String | Test.java:24:29:24:32 | cmd1 |
| Test.java:22:15:22:27 | ... + ... : String | Test.java:22:5:22:8 | cmd1 [post update] : String[] [[]] : String |
| Test.java:28:38:28:47 | arg : String | Test.java:29:44:29:64 | ... + ... : String |
@@ -26,7 +26,7 @@ nodes
| Test.java:10:29:10:74 | new String[] | semmle.label | new String[] |
| Test.java:10:29:10:74 | {...} : String[] [[]] : String | semmle.label | {...} : String[] [[]] : String |
| Test.java:10:61:10:73 | ... + ... : String | semmle.label | ... + ... : String |
| Test.java:16:5:16:7 | cmd [post update] : List [<element>] : String | semmle.label | cmd [post update] : List [<element>] : String |
| Test.java:16:5:16:7 | cmd [post update] : ArrayList [<element>] : String | semmle.label | cmd [post update] : ArrayList [<element>] : String |
| Test.java:16:13:16:25 | ... + ... : String | semmle.label | ... + ... : String |
| Test.java:18:29:18:31 | cmd | semmle.label | cmd |
| Test.java:22:5:22:8 | cmd1 [post update] : String[] [[]] : String | semmle.label | cmd1 [post update] : String[] [[]] : String |