hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 02:44:30 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
z80coder/ATM-feature-optimisation
codeql/java/ql/test/library-tests/dataflow/taint-jackson/Test.java
Tony Torralba a33e0bce9d Fix tests affected by Jackson stubs changes
2021-08-03 13:15:45 +02:00

113 lines
3.5 KiB
Java
Raw Permalink Blame History

import java.io.File;
import java.io.FileOutputStream;
import java.io.OutputStream;
import java.io.StringWriter;
import java.io.Writer;
import java.util.Iterator;
import java.util.HashMap;
import java.util.Map;
import com.fasterxml.jackson.core.JsonFactory;
import com.fasterxml.jackson.core.JsonGenerator;
import com.fasterxml.jackson.databind.JsonNode;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.fasterxml.jackson.databind.ObjectWriter;
import com.fasterxml.jackson.databind.ObjectReader;
class Test {
public static class Potato {
private String name;
private String getName() {
return name;
}
}
public static String taint() {
return "tainted";
}
public static void sink(Object any) {}
public static void jacksonObjectMapper() throws Exception {
String s = taint();
ObjectMapper om = new ObjectMapper();
File file = new File("testFile");
om.writeValue(file, s);
sink(file); //$hasTaintFlow
OutputStream out = new FileOutputStream(file);
om.writeValue(out, s);
sink(file); //$hasTaintFlow
Writer writer = new StringWriter();
om.writeValue(writer, s);
sink(writer); //$hasTaintFlow
JsonGenerator generator = new JsonFactory().createGenerator(new StringWriter());
om.writeValue(generator, s);
sink(generator); //$hasTaintFlow
String t = om.writeValueAsString(s);
sink(t); //$hasTaintFlow
byte[] bs = om.writeValueAsBytes(s);
String reconstructed = new String(bs, "utf-8");
sink(bs); //$hasTaintFlow
sink(reconstructed); //$hasTaintFlow
}
public static void jacksonObjectWriter() throws Exception {
String s = taint();
ObjectWriter ow = new ObjectWriter();
File file = new File("testFile");
ow.writeValue(file, s);
sink(file); //$hasTaintFlow
OutputStream out = new FileOutputStream(file);
ow.writeValue(out, s);
sink(out); //$hasTaintFlow
Writer writer = new StringWriter();
ow.writeValue(writer, s);
sink(writer); //$hasTaintFlow
JsonGenerator generator = new JsonFactory().createGenerator(new StringWriter());
ow.writeValue(generator, s);
sink(generator); //$hasTaintFlow
String t = ow.writeValueAsString(s);
sink(t); //$hasTaintFlow
byte[] bs = ow.writeValueAsBytes(s);
String reconstructed = new String(bs, "utf-8");
sink(bs); //$hasTaintFlow
sink(reconstructed); //$hasTaintFlow
}
public static void jacksonObjectReader() throws java.io.IOException {
String s = taint();
ObjectMapper om = new ObjectMapper();
ObjectReader reader = om.readerFor(Potato.class);
sink(reader.readValue(s)); //$hasTaintFlow
sink(reader.readValue(s, Potato.class).name); //$hasTaintFlow
sink(reader.readValue(s, Potato.class).getName()); //$hasTaintFlow
}
public static void jacksonObjectReaderIterable() throws java.io.IOException {
String s = taint();
ObjectMapper om = new ObjectMapper();
ObjectReader reader = om.readerFor(Potato.class);
sink(reader.readValues(s)); //$hasTaintFlow
Iterator<Potato> pIterator = reader.readValues(s);
while(pIterator.hasNext()) {
Potato p = pIterator.next();
sink(p); //$hasTaintFlow
sink(p.name); //$hasTaintFlow
sink(p.getName()); //$hasTaintFlow
}
}
public static void jacksonTwoStepDeserialization() throws java.io.IOException {
String s = taint();
Map<String, Object> taintedParams = new HashMap<>();
taintedParams.put("name", s);
ObjectMapper om = new ObjectMapper();
JsonNode jn = om.valueToTree(taintedParams);
sink(jn); //$hasTaintFlow
Potato p = om.convertValue(jn, Potato.class);
sink(p); //$hasTaintFlow
sink(p.getName()); //$hasTaintFlow
}
}
Reference in New Issue View Git Blame Copy Permalink