hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-22 03:36:30 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
ebd38eaf3bd0d5f4cb15bf4724fb2bb90ad1f8a6
codeql/java/ql/test/experimental/query-tests/security/CWE-352/JsonpInjectionWithSpringControllerAndServlet/JsonpInjection.expected

91 lines
10 KiB
Plaintext
Raw Blame History

edges
| JsonpController.java:33:32:33:68 | getParameter(...) : String | JsonpController.java:37:16:37:24 | resultStr |
| JsonpController.java:36:21:36:54 | ... + ... : String | JsonpController.java:37:16:37:24 | resultStr |
| JsonpController.java:44:32:44:68 | getParameter(...) : String | JsonpController.java:46:16:46:24 | resultStr |
| JsonpController.java:45:21:45:80 | ... + ... : String | JsonpController.java:46:16:46:24 | resultStr |
| JsonpController.java:53:32:53:68 | getParameter(...) : String | JsonpController.java:56:16:56:24 | resultStr |
| JsonpController.java:55:21:55:55 | ... + ... : String | JsonpController.java:56:16:56:24 | resultStr |
| JsonpController.java:63:32:63:68 | getParameter(...) : String | JsonpController.java:66:16:66:24 | resultStr |
| JsonpController.java:65:21:65:54 | ... + ... : String | JsonpController.java:66:16:66:24 | resultStr |
| JsonpController.java:73:32:73:68 | getParameter(...) : String | JsonpController.java:80:20:80:28 | resultStr |
| JsonpController.java:79:21:79:54 | ... + ... : String | JsonpController.java:80:20:80:28 | resultStr |
| JsonpController.java:87:32:87:68 | getParameter(...) : String | JsonpController.java:94:20:94:28 | resultStr |
| JsonpController.java:93:21:93:54 | ... + ... : String | JsonpController.java:94:20:94:28 | resultStr |
| JsonpController.java:101:32:101:68 | getParameter(...) : String | JsonpController.java:105:16:105:24 | resultStr |
| JsonpController.java:104:21:104:54 | ... + ... : String | JsonpController.java:105:16:105:24 | resultStr |
| JsonpController.java:114:32:114:68 | getParameter(...) : String | JsonpController.java:117:16:117:24 | resultStr |
| JsonpController.java:116:21:116:55 | ... + ... : String | JsonpController.java:117:16:117:24 | resultStr |
| JsonpController.java:127:36:127:72 | getParameter(...) : String | JsonpController.java:130:20:130:28 | resultStr |
| JsonpController.java:129:25:129:59 | ... + ... : String | JsonpController.java:130:20:130:28 | resultStr |
| JsonpController.java:145:32:145:68 | getParameter(...) : String | JsonpController.java:148:16:148:24 | resultStr |
| JsonpController.java:147:21:147:55 | ... + ... : String | JsonpController.java:148:16:148:24 | resultStr |
| JsonpController.java:158:21:158:54 | ... + ... : String | JsonpController.java:159:16:159:24 | resultStr |
| JsonpController.java:173:21:173:54 | ... + ... : String | JsonpController.java:174:16:174:24 | resultStr |
| JsonpInjectionServlet1.java:31:32:31:64 | getParameter(...) : String | JsonpInjectionServlet1.java:45:24:45:32 | resultStr |
| JsonpInjectionServlet1.java:44:25:44:62 | ... + ... : String | JsonpInjectionServlet1.java:45:24:45:32 | resultStr |
| JsonpInjectionServlet2.java:31:32:31:64 | getParameter(...) : String | JsonpInjectionServlet2.java:39:20:39:28 | resultStr |
| JsonpInjectionServlet2.java:38:21:38:54 | ... + ... : String | JsonpInjectionServlet2.java:39:20:39:28 | resultStr |
nodes
| JsonpController.java:33:32:33:68 | getParameter(...) : String | semmle.label | getParameter(...) : String |
| JsonpController.java:36:21:36:54 | ... + ... : String | semmle.label | ... + ... : String |
| JsonpController.java:37:16:37:24 | resultStr | semmle.label | resultStr |
| JsonpController.java:37:16:37:24 | resultStr | semmle.label | resultStr |
| JsonpController.java:44:32:44:68 | getParameter(...) : String | semmle.label | getParameter(...) : String |
| JsonpController.java:45:21:45:80 | ... + ... : String | semmle.label | ... + ... : String |
| JsonpController.java:46:16:46:24 | resultStr | semmle.label | resultStr |
| JsonpController.java:46:16:46:24 | resultStr | semmle.label | resultStr |
| JsonpController.java:53:32:53:68 | getParameter(...) : String | semmle.label | getParameter(...) : String |
| JsonpController.java:55:21:55:55 | ... + ... : String | semmle.label | ... + ... : String |
| JsonpController.java:56:16:56:24 | resultStr | semmle.label | resultStr |
| JsonpController.java:56:16:56:24 | resultStr | semmle.label | resultStr |
| JsonpController.java:63:32:63:68 | getParameter(...) : String | semmle.label | getParameter(...) : String |
| JsonpController.java:65:21:65:54 | ... + ... : String | semmle.label | ... + ... : String |
| JsonpController.java:66:16:66:24 | resultStr | semmle.label | resultStr |
| JsonpController.java:66:16:66:24 | resultStr | semmle.label | resultStr |
| JsonpController.java:73:32:73:68 | getParameter(...) : String | semmle.label | getParameter(...) : String |
| JsonpController.java:79:21:79:54 | ... + ... : String | semmle.label | ... + ... : String |
| JsonpController.java:80:20:80:28 | resultStr | semmle.label | resultStr |
| JsonpController.java:80:20:80:28 | resultStr | semmle.label | resultStr |
| JsonpController.java:87:32:87:68 | getParameter(...) : String | semmle.label | getParameter(...) : String |
| JsonpController.java:93:21:93:54 | ... + ... : String | semmle.label | ... + ... : String |
| JsonpController.java:94:20:94:28 | resultStr | semmle.label | resultStr |
| JsonpController.java:94:20:94:28 | resultStr | semmle.label | resultStr |
| JsonpController.java:101:32:101:68 | getParameter(...) : String | semmle.label | getParameter(...) : String |
| JsonpController.java:104:21:104:54 | ... + ... : String | semmle.label | ... + ... : String |
| JsonpController.java:105:16:105:24 | resultStr | semmle.label | resultStr |
| JsonpController.java:105:16:105:24 | resultStr | semmle.label | resultStr |
| JsonpController.java:114:32:114:68 | getParameter(...) : String | semmle.label | getParameter(...) : String |
| JsonpController.java:116:21:116:55 | ... + ... : String | semmle.label | ... + ... : String |
| JsonpController.java:117:16:117:24 | resultStr | semmle.label | resultStr |
| JsonpController.java:117:16:117:24 | resultStr | semmle.label | resultStr |
| JsonpController.java:127:36:127:72 | getParameter(...) : String | semmle.label | getParameter(...) : String |
| JsonpController.java:129:25:129:59 | ... + ... : String | semmle.label | ... + ... : String |
| JsonpController.java:130:20:130:28 | resultStr | semmle.label | resultStr |
| JsonpController.java:130:20:130:28 | resultStr | semmle.label | resultStr |
| JsonpController.java:145:32:145:68 | getParameter(...) : String | semmle.label | getParameter(...) : String |
| JsonpController.java:147:21:147:55 | ... + ... : String | semmle.label | ... + ... : String |
| JsonpController.java:148:16:148:24 | resultStr | semmle.label | resultStr |
| JsonpController.java:148:16:148:24 | resultStr | semmle.label | resultStr |
| JsonpController.java:158:21:158:54 | ... + ... : String | semmle.label | ... + ... : String |
| JsonpController.java:159:16:159:24 | resultStr | semmle.label | resultStr |
| JsonpController.java:173:21:173:54 | ... + ... : String | semmle.label | ... + ... : String |
| JsonpController.java:174:16:174:24 | resultStr | semmle.label | resultStr |
| JsonpInjectionServlet1.java:31:32:31:64 | getParameter(...) : String | semmle.label | getParameter(...) : String |
| JsonpInjectionServlet1.java:44:25:44:62 | ... + ... : String | semmle.label | ... + ... : String |
| JsonpInjectionServlet1.java:45:24:45:32 | resultStr | semmle.label | resultStr |
| JsonpInjectionServlet1.java:45:24:45:32 | resultStr | semmle.label | resultStr |
| JsonpInjectionServlet2.java:31:32:31:64 | getParameter(...) : String | semmle.label | getParameter(...) : String |
| JsonpInjectionServlet2.java:38:21:38:54 | ... + ... : String | semmle.label | ... + ... : String |
| JsonpInjectionServlet2.java:39:20:39:28 | resultStr | semmle.label | resultStr |
| JsonpInjectionServlet2.java:39:20:39:28 | resultStr | semmle.label | resultStr |
#select
| JsonpController.java:37:16:37:24 | resultStr | JsonpController.java:33:32:33:68 | getParameter(...) : String | JsonpController.java:37:16:37:24 | resultStr | Jsonp response might include code from $@. | JsonpController.java:33:32:33:68 | getParameter(...) | this user input |
| JsonpController.java:46:16:46:24 | resultStr | JsonpController.java:44:32:44:68 | getParameter(...) : String | JsonpController.java:46:16:46:24 | resultStr | Jsonp response might include code from $@. | JsonpController.java:44:32:44:68 | getParameter(...) | this user input |
| JsonpController.java:56:16:56:24 | resultStr | JsonpController.java:53:32:53:68 | getParameter(...) : String | JsonpController.java:56:16:56:24 | resultStr | Jsonp response might include code from $@. | JsonpController.java:53:32:53:68 | getParameter(...) | this user input |
| JsonpController.java:66:16:66:24 | resultStr | JsonpController.java:63:32:63:68 | getParameter(...) : String | JsonpController.java:66:16:66:24 | resultStr | Jsonp response might include code from $@. | JsonpController.java:63:32:63:68 | getParameter(...) | this user input |
| JsonpController.java:80:20:80:28 | resultStr | JsonpController.java:73:32:73:68 | getParameter(...) : String | JsonpController.java:80:20:80:28 | resultStr | Jsonp response might include code from $@. | JsonpController.java:73:32:73:68 | getParameter(...) | this user input |
| JsonpController.java:94:20:94:28 | resultStr | JsonpController.java:87:32:87:68 | getParameter(...) : String | JsonpController.java:94:20:94:28 | resultStr | Jsonp response might include code from $@. | JsonpController.java:87:32:87:68 | getParameter(...) | this user input |
| JsonpController.java:105:16:105:24 | resultStr | JsonpController.java:101:32:101:68 | getParameter(...) : String | JsonpController.java:105:16:105:24 | resultStr | Jsonp response might include code from $@. | JsonpController.java:101:32:101:68 | getParameter(...) | this user input |
| JsonpController.java:117:16:117:24 | resultStr | JsonpController.java:114:32:114:68 | getParameter(...) : String | JsonpController.java:117:16:117:24 | resultStr | Jsonp response might include code from $@. | JsonpController.java:114:32:114:68 | getParameter(...) | this user input |
| JsonpInjectionServlet2.java:39:20:39:28 | resultStr | JsonpInjectionServlet2.java:31:32:31:64 | getParameter(...) : String | JsonpInjectionServlet2.java:39:20:39:28 | resultStr | Jsonp response might include code from $@. | JsonpInjectionServlet2.java:31:32:31:64 | getParameter(...) | this user input |
Reference in New Issue View Git Blame Copy Permalink