hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-18 18:10:39 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
codeql-cli-2.20.1
codeql/java/ql/test/library-tests/dataflow/taintsources/SpringSavedRequest.java
Tony Torralba 2df30dc107 Use InlineFlowTest for local and remote flow tests
2021-10-08 11:48:35 +02:00

29 lines
972 B
Java
Raw Permalink Blame History

import org.springframework.security.web.savedrequest.SavedRequest;
import org.springframework.security.web.savedrequest.SimpleSavedRequest;
public class SpringSavedRequest {
SavedRequest sr;
private static void sink(Object o) {}
public void test() {
sink(sr.getRedirectUrl()); // $hasRemoteValueFlow
sink(sr.getCookies()); // $hasRemoteValueFlow
sink(sr.getHeaderValues("name")); // $hasRemoteValueFlow
sink(sr.getHeaderNames()); // $hasRemoteValueFlow
sink(sr.getParameterValues("name")); // $hasRemoteValueFlow
sink(sr.getParameterMap()); // $hasRemoteValueFlow
}
SimpleSavedRequest ssr;
public void test2() {
sink(ssr.getRedirectUrl()); // $hasRemoteValueFlow
sink(ssr.getCookies()); // $hasRemoteValueFlow
sink(ssr.getHeaderValues("name")); // $hasRemoteValueFlow
sink(ssr.getHeaderNames()); // $hasRemoteValueFlow
sink(ssr.getParameterValues("name")); // $hasRemoteValueFlow
sink(ssr.getParameterMap()); // $hasRemoteValueFlow
}
}
Reference in New Issue View Git Blame Copy Permalink