Skip to content

Commit a8aa8e3

Browse files
atorralbaatorralba
committed
Use InlineExpectationsTest directly
1 parent 2df30dc commit a8aa8e3

File tree

2 files changed

+40
-12
lines changed

2 files changed

+40
-12
lines changed

java/ql/test/library-tests/dataflow/taintsources/local.ql

Lines changed: 20 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
import java
22
import semmle.code.java.dataflow.FlowSources
3-
import TestUtilities.InlineFlowTest
3+
import TestUtilities.InlineExpectationsTest
44

55
class LocalSource extends DataFlow::Node {
66
LocalSource() {
@@ -9,28 +9,42 @@ class LocalSource extends DataFlow::Node {
99
}
1010
}
1111

12-
class LocalValueConf extends DefaultValueFlowConf {
12+
predicate isTestSink(DataFlow::Node n) {
13+
exists(MethodAccess ma | ma.getMethod().hasName("sink") | n.asExpr() = ma.getAnArgument())
14+
}
15+
16+
class LocalValueConf extends DataFlow::Configuration {
17+
LocalValueConf() { this = "LocalValueConf" }
18+
1319
override predicate isSource(DataFlow::Node n) { n instanceof LocalSource }
20+
21+
override predicate isSink(DataFlow::Node n) { isTestSink(n) }
1422
}
1523

16-
class LocalTaintConf extends DefaultTaintFlowConf {
24+
class LocalTaintConf extends TaintTracking::Configuration {
25+
LocalTaintConf() { this = "LocalTaintConf" }
26+
1727
override predicate isSource(DataFlow::Node n) { n instanceof LocalSource }
28+
29+
override predicate isSink(DataFlow::Node n) { isTestSink(n) }
1830
}
1931

20-
class LocalFlowTest extends InlineFlowTest {
32+
class LocalFlowTest extends InlineExpectationsTest {
33+
LocalFlowTest() { this = "LocalFlowTest" }
34+
2135
override string getARelevantTag() { result = ["hasLocalValueFlow", "hasLocalTaintFlow"] }
2236

2337
override predicate hasActualResult(Location location, string element, string tag, string value) {
2438
tag = "hasLocalValueFlow" and
25-
exists(DataFlow::Node src, DataFlow::Node sink | getValueFlowConfig().hasFlow(src, sink) |
39+
exists(DataFlow::Node src, DataFlow::Node sink | any(LocalValueConf c).hasFlow(src, sink) |
2640
sink.getLocation() = location and
2741
element = sink.toString() and
2842
value = ""
2943
)
3044
or
3145
tag = "hasLocalTaintFlow" and
3246
exists(DataFlow::Node src, DataFlow::Node sink |
33-
getTaintFlowConfig().hasFlow(src, sink) and not getValueFlowConfig().hasFlow(src, sink)
47+
any(LocalTaintConf c).hasFlow(src, sink) and not any(LocalValueConf c).hasFlow(src, sink)
3448
|
3549
sink.getLocation() = location and
3650
element = sink.toString() and

java/ql/test/library-tests/dataflow/taintsources/remote.ql

Lines changed: 20 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -1,29 +1,43 @@
11
import java
22
import semmle.code.java.dataflow.FlowSources
3-
import TestUtilities.InlineFlowTest
3+
import TestUtilities.InlineExpectationsTest
4+
5+
predicate isTestSink(DataFlow::Node n) {
6+
exists(MethodAccess ma | ma.getMethod().hasName("sink") | n.asExpr() = ma.getAnArgument())
7+
}
8+
9+
class RemoteValueConf extends DataFlow::Configuration {
10+
RemoteValueConf() { this = "RemoteValueConf" }
411

5-
class RemoteValueConf extends DefaultValueFlowConf {
612
override predicate isSource(DataFlow::Node n) { n instanceof RemoteFlowSource }
13+
14+
override predicate isSink(DataFlow::Node n) { isTestSink(n) }
715
}
816

9-
class RemoteTaintConf extends DefaultTaintFlowConf {
17+
class RemoteTaintConf extends TaintTracking::Configuration {
18+
RemoteTaintConf() { this = "RemoteTaintConf" }
19+
1020
override predicate isSource(DataFlow::Node n) { n instanceof RemoteFlowSource }
21+
22+
override predicate isSink(DataFlow::Node n) { isTestSink(n) }
1123
}
1224

13-
class RemoteFlowTest extends InlineFlowTest {
25+
class RemoteFlowTest extends InlineExpectationsTest {
26+
RemoteFlowTest() { this = "RemoteFlowTest" }
27+
1428
override string getARelevantTag() { result = ["hasRemoteValueFlow", "hasRemoteTaintFlow"] }
1529

1630
override predicate hasActualResult(Location location, string element, string tag, string value) {
1731
tag = "hasRemoteValueFlow" and
18-
exists(DataFlow::Node src, DataFlow::Node sink | getValueFlowConfig().hasFlow(src, sink) |
32+
exists(DataFlow::Node src, DataFlow::Node sink | any(RemoteValueConf c).hasFlow(src, sink) |
1933
sink.getLocation() = location and
2034
element = sink.toString() and
2135
value = ""
2236
)
2337
or
2438
tag = "hasRemoteTaintFlow" and
2539
exists(DataFlow::Node src, DataFlow::Node sink |
26-
getTaintFlowConfig().hasFlow(src, sink) and not getValueFlowConfig().hasFlow(src, sink)
40+
any(RemoteTaintConf c).hasFlow(src, sink) and not any(RemoteValueConf c).hasFlow(src, sink)
2741
|
2842
sink.getLocation() = location and
2943
element = sink.toString() and

0 commit comments

Comments
 (0)