Add test for "tokenizer"

owen-mc · owen-mc · commit bdff0fdcc5a1 · 2024-07-30T15:37:46.000+01:00
diff --git a/java/ql/test/query-tests/security/CWE-532/Test.java b/java/ql/test/query-tests/security/CWE-532/Test.java
@@ -1,12 +1,13 @@
 import org.apache.logging.log4j.Logger;
 
 class Test {
-    void test(String password, String authToken, String username, String nullToken) {
+    void test(String password, String authToken, String username, String nullToken, String stringTokenizer) {
         Logger logger = null;
 
         logger.info("User's password is: " + password); // $ hasTaintFlow
         logger.error("Auth failed for: " + authToken); // $ hasTaintFlow
         logger.error("Auth failed for: " + username); // Safe
         logger.error("Auth failed for: " + nullToken); // Safe
+        logger.error("Auth failed for: " + stringTokenizer); // $ hasTaintFlow
     }
 }

Original file line number	Diff line number	Diff line change
`@@ -1,12 +1,13 @@`
`1`	`1`	`import org.apache.logging.log4j.Logger;`
`2`	`2`
`3`	`3`	`class Test {`
`4`		`- void test(String password, String authToken, String username, String nullToken) {`
	`4`	`+ void test(String password, String authToken, String username, String nullToken, String stringTokenizer) {`
`5`	`5`	`Logger logger = null;`
`6`	`6`
`7`	`7`	`logger.info("User's password is: " + password); // $ hasTaintFlow`
`8`	`8`	`logger.error("Auth failed for: " + authToken); // $ hasTaintFlow`
`9`	`9`	`logger.error("Auth failed for: " + username); // Safe`
`10`	`10`	`logger.error("Auth failed for: " + nullToken); // Safe`
	`11`	`+ logger.error("Auth failed for: " + stringTokenizer); // $ hasTaintFlow`
`11`	`12`	`}`
`12`	`13`	`}`