Skip to content

Commit 5cf320d

Browse files
author
Sebastian Bauersfeld
committed
Add corresponding taint steps.
1 parent b0fbe36 commit 5cf320d

File tree

2 files changed

+12
-0
lines changed

2 files changed

+12
-0
lines changed

java/ql/lib/semmle/code/java/frameworks/Strings.qll

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -20,10 +20,14 @@ private class StringSummaryCsv extends SummaryModelCsv {
2020
"java.lang;String;false;formatted;(Object[]);;Argument[0].ArrayElement;ReturnValue;taint;manual",
2121
"java.lang;String;false;getChars;;;Argument[-1];Argument[2];taint;manual",
2222
"java.lang;String;false;getBytes;;;Argument[-1];ReturnValue;taint;manual",
23+
"java.lang;String;false;getBytes;;;Argument[-1];Argument[2];taint;manual",
2324
"java.lang;String;false;indent;;;Argument[-1];ReturnValue;taint;manual",
2425
"java.lang;String;false;intern;;;Argument[-1];ReturnValue;taint;manual",
2526
"java.lang;String;false;join;;;Argument[0..1];ReturnValue;taint;manual",
2627
"java.lang;String;false;repeat;(int);;Argument[-1];ReturnValue;taint;manual",
28+
"java.lang;String;false;replace;;;Argument[-1];ReturnValue;taint;manual",
29+
"java.lang;String;false;replaceAll;;;Argument[-1];ReturnValue;taint;manual",
30+
"java.lang;String;false;replaceFirst;;;Argument[-1];ReturnValue;taint;manual",
2731
"java.lang;String;false;split;;;Argument[-1];ReturnValue;taint;manual",
2832
"java.lang;String;false;String;;;Argument[0];Argument[-1];taint;manual",
2933
"java.lang;String;false;strip;;;Argument[-1];ReturnValue;taint;manual",
@@ -55,6 +59,7 @@ private class StringSummaryCsv extends SummaryModelCsv {
5559
"java.lang;StringBuffer;true;StringBuffer;(CharSequence);;Argument[0];Argument[-1];taint;manual",
5660
"java.lang;StringBuffer;true;StringBuffer;(String);;Argument[0];Argument[-1];taint;manual",
5761
"java.lang;StringBuilder;true;StringBuilder;;;Argument[0];Argument[-1];taint;manual",
62+
"java.lang;CharSequence;true;charAt;;;Argument[-1];ReturnValue;taint;manual",
5863
"java.lang;CharSequence;true;subSequence;;;Argument[-1];ReturnValue;taint;manual",
5964
"java.lang;CharSequence;true;toString;;;Argument[-1];ReturnValue;taint;manual"
6065
]

java/ql/test/library-tests/dataflow/taint/test.expected

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -43,6 +43,13 @@
4343
| B.java:15:21:15:27 | taint(...) | B.java:157:10:157:46 | toFile(...) |
4444
| B.java:15:21:15:27 | taint(...) | B.java:160:10:160:46 | getAbsoluteFile(...) |
4545
| B.java:15:21:15:27 | taint(...) | B.java:163:10:163:47 | getCanonicalFile(...) |
46+
| B.java:194:16:194:22 | taint(...) | B.java:197:10:197:21 | replReceiver |
47+
| B.java:194:16:194:22 | taint(...) | B.java:200:10:200:17 | replChar |
48+
| B.java:194:16:194:22 | taint(...) | B.java:203:10:203:25 | replCharReceiver |
49+
| B.java:194:16:194:22 | taint(...) | B.java:208:10:208:15 | charAt |
50+
| B.java:194:16:194:22 | taint(...) | B.java:212:10:212:14 | bytes |
51+
| B.java:194:16:194:22 | taint(...) | B.java:215:10:215:16 | replAll |
52+
| B.java:194:16:194:22 | taint(...) | B.java:218:10:218:18 | replFirst |
4653
| CharSeq.java:7:26:7:32 | taint(...) | CharSeq.java:8:12:8:14 | seq |
4754
| CharSeq.java:7:26:7:32 | taint(...) | CharSeq.java:11:12:11:21 | seqFromSeq |
4855
| CharSeq.java:7:26:7:32 | taint(...) | CharSeq.java:14:12:14:24 | stringFromSeq |

0 commit comments

Comments
 (0)