Skip to content

Commit 74c0038

Browse files
tamasvajktamasvajk
committed
Update java framework coverage reports
1 parent 3605b9f commit 74c0038

File tree

2 files changed

+52
-47
lines changed

2 files changed

+52
-47
lines changed

java/documentation/library-coverage/flow-model-coverage.csv

Lines changed: 44 additions & 42 deletions
Original file line numberDiff line numberDiff line change
@@ -1,42 +1,44 @@
1-
package,sink,source,summary,sink:bean-validation,sink:create-file,sink:header-splitting,sink:information-leak,sink:ldap,sink:open-url,sink:set-hostname-verifier,sink:url-open-stream,sink:xpath,sink:xss,source:remote,summary:taint,summary:value
2-
android.util,,16,,,,,,,,,,,,16,,
3-
android.webkit,3,2,,,,,,,,,,,3,2,,
4-
com.esotericsoftware.kryo.io,,,1,,,,,,,,,,,,1,
5-
com.esotericsoftware.kryo5.io,,,1,,,,,,,,,,,,1,
6-
com.fasterxml.jackson.databind,,,2,,,,,,,,,,,,2,
7-
com.google.common.base,,,28,,,,,,,,,,,,22,6
8-
com.google.common.io,6,,69,,,,,,,,6,,,,68,1
9-
com.unboundid.ldap.sdk,17,,,,,,,17,,,,,,,,
10-
java.beans,,,1,,,,,,,,,,,,1,
11-
java.io,3,,20,,3,,,,,,,,,,20,
12-
java.lang,,,1,,,,,,,,,,,,1,
13-
java.net,2,3,4,,,,,,2,,,,,3,4,
14-
java.nio,10,,2,,10,,,,,,,,,,2,
15-
java.util,,,13,,,,,,,,,,,,13,
16-
javax.naming.directory,1,,,,,,,1,,,,,,,,
17-
javax.net.ssl,2,,,,,,,,,2,,,,,,
18-
javax.servlet,4,21,2,,,3,1,,,,,,,21,2,
19-
javax.validation,1,1,,1,,,,,,,,,,1,,
20-
javax.ws.rs.core,1,,,,,1,,,,,,,,,,
21-
javax.xml.transform.sax,,,4,,,,,,,,,,,,4,
22-
javax.xml.transform.stream,,,2,,,,,,,,,,,,2,
23-
javax.xml.xpath,3,,,,,,,,,,,3,,,,
24-
org.apache.commons.codec,,,2,,,,,,,,,,,,2,
25-
org.apache.commons.io,,,22,,,,,,,,,,,,22,
26-
org.apache.commons.lang3,,,313,,,,,,,,,,,,299,14
27-
org.apache.commons.text,,,203,,,,,,,,,,,,203,
28-
org.apache.directory.ldap.client.api,1,,,,,,,1,,,,,,,,
29-
org.apache.hc.core5.function,,,1,,,,,,,,,,,,1,
30-
org.apache.hc.core5.http,1,2,39,,,,,,,,,,1,2,39,
31-
org.apache.hc.core5.net,,,2,,,,,,,,,,,,2,
32-
org.apache.hc.core5.util,,,22,,,,,,,,,,,,18,4
33-
org.apache.http,2,3,66,,,,,,,,,,2,3,59,7
34-
org.dom4j,20,,,,,,,,,,,20,,,,
35-
org.springframework.ldap.core,14,,,,,,,14,,,,,,,,
36-
org.springframework.security.web.savedrequest,,6,,,,,,,,,,,,6,,
37-
org.springframework.web.client,,3,,,,,,,,,,,,3,,
38-
org.springframework.web.context.request,,8,,,,,,,,,,,,8,,
39-
org.springframework.web.multipart,,12,,,,,,,,,,,,12,,
40-
org.xml.sax,,,1,,,,,,,,,,,,1,
41-
org.xmlpull.v1,,3,,,,,,,,,,,,3,,
42-
play.mvc,,4,,,,,,,,,,,,4,,
1+
package,sink,source,summary,sink:bean-validation,sink:create-file,sink:header-splitting,sink:information-leak,sink:jexl,sink:ldap,sink:open-url,sink:set-hostname-verifier,sink:url-open-stream,sink:xpath,sink:xss,source:remote,summary:taint,summary:value
2+
android.util,,16,,,,,,,,,,,,,16,,
3+
android.webkit,3,2,,,,,,,,,,,,3,2,,
4+
com.esotericsoftware.kryo.io,,,1,,,,,,,,,,,,,1,
5+
com.esotericsoftware.kryo5.io,,,1,,,,,,,,,,,,,1,
6+
com.fasterxml.jackson.databind,,,3,,,,,,,,,,,,,3,
7+
com.google.common.base,,,34,,,,,,,,,,,,,28,6
8+
com.google.common.io,6,,73,,,,,,,,,6,,,,72,1
9+
com.unboundid.ldap.sdk,17,,,,,,,,17,,,,,,,,
10+
java.beans,,,1,,,,,,,,,,,,,1,
11+
java.io,3,,20,,3,,,,,,,,,,,20,
12+
java.lang,,,3,,,,,,,,,,,,,1,2
13+
java.net,2,3,4,,,,,,,2,,,,,3,4,
14+
java.nio,10,,2,,10,,,,,,,,,,,2,
15+
java.util,,,283,,,,,,,,,,,,,15,268
16+
javax.naming.directory,1,,,,,,,,1,,,,,,,,
17+
javax.net.ssl,2,,,,,,,,,,2,,,,,,
18+
javax.servlet,4,21,2,,,3,1,,,,,,,,21,2,
19+
javax.validation,1,1,,1,,,,,,,,,,,1,,
20+
javax.ws.rs.core,1,,,,,1,,,,,,,,,,,
21+
javax.xml.transform.sax,,,4,,,,,,,,,,,,,4,
22+
javax.xml.transform.stream,,,2,,,,,,,,,,,,,2,
23+
javax.xml.xpath,3,,,,,,,,,,,,3,,,,
24+
org.apache.commons.codec,,,2,,,,,,,,,,,,,2,
25+
org.apache.commons.io,,,22,,,,,,,,,,,,,22,
26+
org.apache.commons.jexl2,15,,,,,,,15,,,,,,,,,
27+
org.apache.commons.jexl3,15,,,,,,,15,,,,,,,,,
28+
org.apache.commons.lang3,,,370,,,,,,,,,,,,,324,46
29+
org.apache.commons.text,,,272,,,,,,,,,,,,,220,52
30+
org.apache.directory.ldap.client.api,1,,,,,,,,1,,,,,,,,
31+
org.apache.hc.core5.function,,,1,,,,,,,,,,,,,1,
32+
org.apache.hc.core5.http,1,2,39,,,,,,,,,,,1,2,39,
33+
org.apache.hc.core5.net,,,2,,,,,,,,,,,,,2,
34+
org.apache.hc.core5.util,,,24,,,,,,,,,,,,,18,6
35+
org.apache.http,2,3,67,,,,,,,,,,,2,3,59,8
36+
org.dom4j,20,,,,,,,,,,,,20,,,,
37+
org.springframework.ldap.core,14,,,,,,,,14,,,,,,,,
38+
org.springframework.security.web.savedrequest,,6,,,,,,,,,,,,,6,,
39+
org.springframework.web.client,,3,,,,,,,,,,,,,3,,
40+
org.springframework.web.context.request,,8,,,,,,,,,,,,,8,,
41+
org.springframework.web.multipart,,12,,,,,,,,,,,,,12,,
42+
org.xml.sax,,,1,,,,,,,,,,,,,1,
43+
org.xmlpull.v1,,3,,,,,,,,,,,,,3,,
44+
play.mvc,,4,,,,,,,,,,,,,4,,

java/documentation/library-coverage/flow-model-coverage.rst

Lines changed: 8 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -8,12 +8,15 @@ Java framework & library support
88

99
Framework / library,Package,Remote flow sources,Taint & value steps,Sinks (total),`CWE‑022` :sub:`Path injection`,`CWE‑036` :sub:`Path traversal`,`CWE‑079` :sub:`Cross-site scripting`,`CWE‑089` :sub:`SQL injection`,`CWE‑090` :sub:`LDAP injection`,`CWE‑094` :sub:`Code injection`,`CWE‑319` :sub:`Cleartext transmission`
1010
Android,``android.*``,18,,3,,,3,,,,
11-
Apache,``org.apache.*``,5,648,4,,,3,,1,,
1211
`Apache Commons IO <https://commons.apache.org/proper/commons-io/>`_,``org.apache.commons.io``,,22,,,,,,,,
13-
Google,``com.google.common.*``,,97,6,,6,,,,,
14-
Java Standard Library,``java.*``,3,41,15,13,,,,,,2
12+
`Apache Commons Lang <https://commons.apache.org/proper/commons-lang/>`_,``org.apache.commons.lang3``,,370,,,,,,,,
13+
`Apache Commons Text <https://commons.apache.org/proper/commons-text/>`_,``org.apache.commons.text``,,272,,,,,,,,
14+
`Apache HttpComponents <https://hc.apache.org/>`_,``org.apache.hc.core5.*``,2,66,1,,,1,,,,
15+
`Apache HttpComponents <https://hc.apache.org/>`_,``org.apache.http``,3,67,2,,,2,,,,
16+
`Google Guava <https://guava.dev/>`_,``com.google.common.*``,,107,6,,6,,,,,
17+
Java Standard Library,``java.*``,3,313,15,13,,,,,,2
1518
Java extensions,``javax.*``,22,8,12,,,,,1,1,
1619
`Spring <https://spring.io/>`_,``org.springframework.*``,29,,14,,,,,14,,
17-
Others,"``com.esotericsoftware.kryo.io``, ``com.esotericsoftware.kryo5.io``, ``com.fasterxml.jackson.databind``, ``com.unboundid.ldap.sdk``, ``org.dom4j``, ``org.xml.sax``, ``org.xmlpull.v1``, ``play.mvc``",7,5,37,,,,,17,,
18-
Totals,,84,821,91,13,6,6,,33,1,2
20+
Others,"``com.esotericsoftware.kryo.io``, ``com.esotericsoftware.kryo5.io``, ``com.fasterxml.jackson.databind``, ``com.unboundid.ldap.sdk``, ``org.apache.commons.codec``, ``org.apache.commons.jexl2``, ``org.apache.commons.jexl3``, ``org.apache.directory.ldap.client.api``, ``org.dom4j``, ``org.xml.sax``, ``org.xmlpull.v1``, ``play.mvc``",7,8,68,,,,,18,,
21+
Totals,,84,1233,121,13,6,6,,33,1,2
1922

0 commit comments

Comments
 (0)