Add java.lang.String taint tests.

Sebastian Bauersfeld · Sebastian Bauersfeld · commit b0fbe3658dc9 · 2022-08-19T17:33:35.000+07:00
diff --git a/java/ql/test/library-tests/dataflow/taint/B.java b/java/ql/test/library-tests/dataflow/taint/B.java
@@ -189,4 +189,32 @@ public StringWrapper(String s) {
   public static boolean safe() {
     return true;
   }
+
+  public static void extendedTests(){
+    String s = taint()[0];
+
+    String replReceiver = s.replace("irrelevant", "irrelevant");
+    sink(replReceiver);
+
+    String replChar = "a".replace('a', s.charAt(0));
+    sink(replChar);
+
+    String replCharReceiver = s.replace('a', 'b');
+    sink(replCharReceiver);
+
+    String charAt = "";
+    for(int i = 0; i < 10; i++)
+        charAt = charAt + s.charAt(i);
+    sink(charAt);
+
+    byte[] bytes = new byte[10];
+    s.getBytes(0, 1, bytes, 0);
+    sink(bytes);
+
+    String replAll = s.replaceAll("irrelevant", "irrelevant");
+    sink(replAll);
+
+    String replFirst = s.replaceFirst("irrelevant", "irrelevant");
+    sink(replFirst);
+  }
 }
