Skip to content

Commit e6a2528

Browse files
egregius313egregius313
committed
Refactor XSS and SpringJDBC tests to lib configurations
1 parent 49521f6 commit e6a2528

File tree

2 files changed

+6
-36
lines changed
  • java/ql/test/query-tests/security

2 files changed

+6
-36
lines changed

java/ql/test/query-tests/security/CWE-079/semmle/tests/XSS.ql

Lines changed: 1 addition & 17 deletions
Original file line numberDiff line numberDiff line change
@@ -1,23 +1,7 @@
11
import java
2-
import semmle.code.java.dataflow.TaintTracking
3-
import semmle.code.java.dataflow.FlowSources
4-
import semmle.code.java.security.XSS
2+
import semmle.code.java.security.XssQuery
53
import TestUtilities.InlineExpectationsTest
64

7-
module XssConfig implements DataFlow::ConfigSig {
8-
predicate isSource(DataFlow::Node source) { source instanceof RemoteFlowSource }
9-
10-
predicate isSink(DataFlow::Node sink) { sink instanceof XssSink }
11-
12-
predicate isBarrier(DataFlow::Node node) { node instanceof XssSanitizer }
13-
14-
predicate isAdditionalFlowStep(DataFlow::Node node1, DataFlow::Node node2) {
15-
any(XssAdditionalTaintStep s).step(node1, node2)
16-
}
17-
}
18-
19-
module XssFlow = TaintTracking::Global<XssConfig>;
20-
215
class XssTest extends InlineExpectationsTest {
226
XssTest() { this = "XssTest" }
237

java/ql/test/query-tests/security/CWE-089/semmle/examples/springjdbc.ql

Lines changed: 5 additions & 19 deletions
Original file line numberDiff line numberDiff line change
@@ -1,28 +1,14 @@
11
import java
2-
import semmle.code.java.dataflow.TaintTracking
3-
import semmle.code.java.security.QueryInjection
2+
import semmle.code.java.dataflow.FlowSources
3+
import semmle.code.java.security.SqlInjectionQuery
44
import TestUtilities.InlineExpectationsTest
55

6-
private module QueryInjectionFlowConfig implements DataFlow::ConfigSig {
7-
predicate isSource(DataFlow::Node src) {
8-
src.asExpr() = any(MethodAccess ma | ma.getMethod().hasName("source"))
9-
}
10-
11-
predicate isSink(DataFlow::Node sink) { sink instanceof QueryInjectionSink }
12-
13-
predicate isBarrier(DataFlow::Node node) {
14-
node.getType() instanceof PrimitiveType or
15-
node.getType() instanceof BoxedType or
16-
node.getType() instanceof NumberType
17-
}
6+
private class SourceMethodSource extends RemoteFlowSource {
7+
SourceMethodSource() { this.asExpr().(MethodAccess).getMethod().hasName("source") }
188

19-
predicate isAdditionalFlowStep(DataFlow::Node node1, DataFlow::Node node2) {
20-
any(AdditionalQueryInjectionTaintStep s).step(node1, node2)
21-
}
9+
override string getSourceType() { result = "source" }
2210
}
2311

24-
private module QueryInjectionFlow = TaintTracking::Global<QueryInjectionFlowConfig>;
25-
2612
class HasFlowTest extends InlineExpectationsTest {
2713
HasFlowTest() { this = "HasFlowTest" }
2814

0 commit comments

Comments
 (0)