codeql/java/ql/test/query-tests/security/CWE-129/semmle/tests/ImproperValidationOfArrayConstruction.expected

#select
| Test.java:83:34:83:34 | 0 | Test.java:76:27:76:60 | getProperty(...) : String | Test.java:80:31:80:34 | size | This accesses the $@, but the array is initialized using a $@ which may be zero. | Test.java:80:23:80:35 | new int[] | array | Test.java:76:27:76:60 | getProperty(...) | user-provided value |
| Test.java:89:37:89:37 | 0 | Test.java:76:27:76:60 | getProperty(...) : String | Test.java:86:34:86:37 | size | This accesses the $@, but the array is initialized using a $@ which may be zero. | Test.java:86:26:86:38 | new int[] | array | Test.java:76:27:76:60 | getProperty(...) | user-provided value |
edges
| Test.java:76:27:76:60 | getProperty(...) : String | Test.java:78:37:78:48 | userProperty : String | provenance | Src:MaD:1  |
| Test.java:78:37:78:48 | userProperty : String | Test.java:78:37:78:55 | trim(...) : String | provenance | MaD:2 |
| Test.java:78:37:78:55 | trim(...) : String | Test.java:80:31:80:34 | size | provenance | TaintPreservingCallable |
| Test.java:78:37:78:55 | trim(...) : String | Test.java:86:34:86:37 | size | provenance | TaintPreservingCallable |
models
| 1 | Source: java.lang; System; false; getProperty; ; ; ReturnValue; environment; manual |
| 2 | Summary: java.lang; String; false; trim; ; ; Argument[this]; ReturnValue; taint; manual |
nodes
| Test.java:76:27:76:60 | getProperty(...) : String | semmle.label | getProperty(...) : String |
| Test.java:78:37:78:48 | userProperty : String | semmle.label | userProperty : String |
| Test.java:78:37:78:55 | trim(...) : String | semmle.label | trim(...) : String |
| Test.java:80:31:80:34 | size | semmle.label | size |
| Test.java:86:34:86:37 | size | semmle.label | size |
subpaths