Add tests for CompilationUnit's subtypes

atorralba · atorralba · commit 87dfc92aba66 · 2021-06-16T13:01:40.000+02:00
diff --git a/java/ql/test/query-tests/security/CWE-094/GroovyCompilationUnitTest.java b/java/ql/test/query-tests/security/CWE-094/GroovyCompilationUnitTest.java
@@ -81,5 +81,15 @@ public void doGet(HttpServletRequest request, HttpServletResponse response)
             cu.addSource(su);
             cu.compile(); // Safe
         }
+        {
+            JavaAwareCompilationUnit cu = new JavaAwareCompilationUnit();
+            cu.addSource("test", request.getParameter("source"));
+            cu.compile(); // $hasGroovyInjection
+        }
+        {
+            JavaStubCompilationUnit cu = new JavaStubCompilationUnit(null, null);
+            cu.addSource("test", request.getParameter("source"));
+            cu.compile(); // Safe - JavaStubCompilationUnit only creates stubs
+        }
     }
 }
diff --git a/java/ql/test/stubs/groovy-all-3.0.7/org/codehaus/groovy/tools/javac/JavaAwareCompilationUnit.java b/java/ql/test/stubs/groovy-all-3.0.7/org/codehaus/groovy/tools/javac/JavaAwareCompilationUnit.java
@@ -0,0 +1,39 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more contributor license
+ * agreements. See the NOTICE file distributed with this work for additional information regarding
+ * copyright ownership. The ASF licenses this file to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance with the License. You may obtain a
+ * copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software distributed under the License
+ * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the License for the specific language governing permissions and limitations under
+ * the License.
+ */
+package org.codehaus.groovy.tools.javac;
+
+import groovy.lang.GroovyClassLoader;
+import org.codehaus.groovy.control.CompilationUnit;
+import org.codehaus.groovy.control.CompilerConfiguration;
+import java.io.File;
+
+public class JavaAwareCompilationUnit extends CompilationUnit {
+  public JavaAwareCompilationUnit() {}
+
+  public JavaAwareCompilationUnit(final CompilerConfiguration configuration) {}
+
+  public JavaAwareCompilationUnit(final CompilerConfiguration configuration,
+      final GroovyClassLoader groovyClassLoader) {}
+
+  public JavaAwareCompilationUnit(final CompilerConfiguration configuration,
+      final GroovyClassLoader groovyClassLoader, final GroovyClassLoader transformClassLoader) {}
+
+  @Override
+  public void addSources(final String[] paths) {}
+
+  @Override
+  public void addSources(final File[] files) {}
+
+}
diff --git a/java/ql/test/stubs/groovy-all-3.0.7/org/codehaus/groovy/tools/javac/JavaStubCompilationUnit.java b/java/ql/test/stubs/groovy-all-3.0.7/org/codehaus/groovy/tools/javac/JavaStubCompilationUnit.java
@@ -0,0 +1,48 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more contributor license
+ * agreements. See the NOTICE file distributed with this work for additional information regarding
+ * copyright ownership. The ASF licenses this file to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance with the License. You may obtain a
+ * copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software distributed under the License
+ * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the License for the specific language governing permissions and limitations under
+ * the License.
+ */
+package org.codehaus.groovy.tools.javac;
+
+import groovy.lang.GroovyClassLoader;
+import org.codehaus.groovy.control.CompilationFailedException;
+import org.codehaus.groovy.control.CompilationUnit;
+import org.codehaus.groovy.control.CompilerConfiguration;
+import org.codehaus.groovy.control.SourceUnit;
+import java.io.File;
+import java.net.URL;
+
+public class JavaStubCompilationUnit extends CompilationUnit {
+  public JavaStubCompilationUnit(final CompilerConfiguration config, final GroovyClassLoader gcl,
+      File destDir) {}
+
+  public JavaStubCompilationUnit(final CompilerConfiguration config, final GroovyClassLoader gcl) {}
+
+  public int getStubCount() {
+    return 0;
+  }
+
+  @Override
+  public void compile() throws CompilationFailedException {}
+
+  @Override
+  public SourceUnit addSource(final File file) {
+    return null;
+  }
+
+  @Override
+  public SourceUnit addSource(URL url) {
+    return null;
+  }
+
+}

Original file line number	Diff line number	Diff line change
`@@ -81,5 +81,15 @@ public void doGet(HttpServletRequest request, HttpServletResponse response)`
`81`	`81`	`cu.addSource(su);`
`82`	`82`	`cu.compile(); // Safe`
`83`	`83`	`}`
	`84`	`+ {`
	`85`	`+ JavaAwareCompilationUnit cu = new JavaAwareCompilationUnit();`
	`86`	`+ cu.addSource("test", request.getParameter("source"));`
	`87`	`+ cu.compile(); // $hasGroovyInjection`
	`88`	`+ }`
	`89`	`+ {`
	`90`	`+ JavaStubCompilationUnit cu = new JavaStubCompilationUnit(null, null);`
	`91`	`+ cu.addSource("test", request.getParameter("source"));`
	`92`	`+ cu.compile(); // Safe - JavaStubCompilationUnit only creates stubs`
	`93`	`+ }`
`84`	`94`	`}`
`85`	`95`	`}`