Skip to content

Commit c173b89

Browse files
owen-mcowen-mc
committed
Model NewCookie
1 parent ee6019a commit c173b89

File tree

3 files changed

+165
-0
lines changed

3 files changed

+165
-0
lines changed

java/ql/src/semmle/code/java/frameworks/JaxWS.qll

Lines changed: 23 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -539,6 +539,29 @@ private class CookieModel extends SummaryModelCsv {
539539
}
540540
}
541541

542+
/**
543+
* Model NewCookie, a simple tuple type.
544+
*/
545+
private class NewCookieModel extends SummaryModelCsv {
546+
override predicate row(string row) {
547+
row =
548+
[
549+
"javax.ws.rs.core;NewCookie;true;getComment;;;Argument[-1];ReturnValue;taint",
550+
"javax.ws.rs.core;NewCookie;true;getExpiry;;;Argument[-1];ReturnValue;taint",
551+
"javax.ws.rs.core;NewCookie;true;getMaxAge;;;Argument[-1];ReturnValue;taint",
552+
"javax.ws.rs.core;NewCookie;true;toCookie;;;Argument[-1];ReturnValue;taint",
553+
"javax.ws.rs.core;NewCookie;false;NewCookie;;;Argument[0..9];Argument[-1];taint",
554+
"javax.ws.rs.core;NewCookie;false;valueOf;;;Argument[0];ReturnValue;taint",
555+
"jakarta.ws.rs.core;NewCookie;true;getComment;;;Argument[-1];ReturnValue;taint",
556+
"jakarta.ws.rs.core;NewCookie;true;getExpiry;;;Argument[-1];ReturnValue;taint",
557+
"jakarta.ws.rs.core;NewCookie;true;getMaxAge;;;Argument[-1];ReturnValue;taint",
558+
"jakarta.ws.rs.core;NewCookie;true;toCookie;;;Argument[-1];ReturnValue;taint",
559+
"jakarta.ws.rs.core;NewCookie;false;NewCookie;;;Argument[0..9];Argument[-1];taint",
560+
"jakarta.ws.rs.core;NewCookie;false;valueOf;;;Argument[0];ReturnValue;taint"
561+
]
562+
}
563+
}
564+
542565
/**
543566
* Model Form, a simple container type.
544567
*/

java/ql/test/library-tests/frameworks/JaxWs/JakartaRsFlow.java

Lines changed: 71 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -16,6 +16,7 @@
1616
import jakarta.ws.rs.core.Link;
1717
import jakarta.ws.rs.core.MediaType;
1818
import jakarta.ws.rs.core.MultivaluedMap;
19+
import jakarta.ws.rs.core.NewCookie;
1920
import jakarta.ws.rs.core.PathSegment;
2021
import jakarta.ws.rs.core.Response;
2122
import jakarta.ws.rs.core.UriBuilder;
@@ -37,6 +38,14 @@ private static class IntSource {
3738
static int taint() { return 0; }
3839
}
3940

41+
private static class BooleanSource {
42+
static boolean taint() { return false; }
43+
}
44+
45+
private static class DateSource {
46+
static Date taint() { return null; }
47+
}
48+
4049
private static class SetStringSource {
4150
static Set<String> taint() { return new HashSet<String>(); }
4251
}
@@ -174,6 +183,68 @@ void testCookie() {
174183
sink(Cookie.valueOf(taint()).toString()); // $hasTaintFlow
175184
}
176185

186+
void testNewCookie() {
187+
sink(new NewCookie(Cookie.valueOf(taint()))); // $hasTaintFlow
188+
189+
sink(new NewCookie(Cookie.valueOf(taint()), "", 0, true)); // $hasTaintFlow
190+
sink(new NewCookie(Cookie.valueOf(""), taint(), 0, false)); // $hasTaintFlow
191+
sink(new NewCookie(Cookie.valueOf(""), "", IntSource.taint(), true)); // $hasTaintFlow
192+
sink(new NewCookie(Cookie.valueOf(""), "", 0, BooleanSource.taint())); // $hasTaintFlow
193+
194+
sink(new NewCookie(Cookie.valueOf(taint()), "", 0, new Date(), true, true)); // $hasTaintFlow
195+
sink(new NewCookie(Cookie.valueOf(""), taint(), 0, new Date(), true, false)); // $hasTaintFlow
196+
sink(new NewCookie(Cookie.valueOf(""), "", IntSource.taint(), new Date(), false, true)); // $hasTaintFlow
197+
sink(new NewCookie(Cookie.valueOf(""), "", 0, DateSource.taint(), false, false)); // $hasTaintFlow
198+
sink(new NewCookie(Cookie.valueOf(""), "", 0, new Date(), BooleanSource.taint(), false)); // $hasTaintFlow
199+
sink(new NewCookie(Cookie.valueOf(""), "", 0, new Date(), true, BooleanSource.taint())); // $hasTaintFlow
200+
201+
sink(new NewCookie(taint(), "")); // $hasTaintFlow
202+
sink(new NewCookie("", taint())); // $hasTaintFlow
203+
204+
sink(new NewCookie(taint(), "", "", "", 0, "", 0, true)); // $hasTaintFlow
205+
sink(new NewCookie("", taint(), "", "", 0, "", 0, false)); // $hasTaintFlow
206+
sink(new NewCookie("", "", taint(), "", 0, "", 0, true)); // $hasTaintFlow
207+
sink(new NewCookie("", "", "", taint(), 0, "", 0, false)); // $hasTaintFlow
208+
sink(new NewCookie("", "", "", "", IntSource.taint(), "", 0, true)); // $hasTaintFlow
209+
sink(new NewCookie("", "", "", "", 0, taint(), 0, false)); // $hasTaintFlow
210+
sink(new NewCookie("", "", "", "", 0, "", IntSource.taint(), true)); // $hasTaintFlow
211+
sink(new NewCookie("", "", "", "", 0, "", 0, BooleanSource.taint())); // $hasTaintFlow
212+
213+
sink(new NewCookie(taint(), "", "", "", 0, "", 0, new Date(), true, true)); // $hasTaintFlow
214+
sink(new NewCookie("", taint(), "", "", 0, "", 0, new Date(), false, true)); // $hasTaintFlow
215+
sink(new NewCookie("", "", taint(), "", 0, "", 0, new Date(), true, false)); // $hasTaintFlow
216+
sink(new NewCookie("", "", "", taint(), 0, "", 0, new Date(), false, false)); // $hasTaintFlow
217+
sink(new NewCookie("", "", "", "", IntSource.taint(), "", 0, new Date(), true, true)); // $hasTaintFlow
218+
sink(new NewCookie("", "", "", "", 0, taint(), 0, new Date(), true, false)); // $hasTaintFlow
219+
sink(new NewCookie("", "", "", "", 0, "", IntSource.taint(), new Date(), false, true)); // $hasTaintFlow
220+
sink(new NewCookie("", "", "", "", 0, "", 0, DateSource.taint(), false, false)); // $hasTaintFlow
221+
sink(new NewCookie("", "", "", "", 0, "", 0, new Date(), BooleanSource.taint(), true)); // $hasTaintFlow
222+
sink(new NewCookie("", "", "", "", 0, "", 0, new Date(), false, BooleanSource.taint())); // $hasTaintFlow
223+
224+
sink(new NewCookie(taint(), "", "", "", "", 0, true)); // $hasTaintFlow
225+
sink(new NewCookie("", taint(), "", "", "", 0, false)); // $hasTaintFlow
226+
sink(new NewCookie("", "", taint(), "", "", 0, true)); // $hasTaintFlow
227+
sink(new NewCookie("", "", "", taint(), "", 0, false)); // $hasTaintFlow
228+
sink(new NewCookie("", "", "", "", taint(), 0, false)); // $hasTaintFlow
229+
sink(new NewCookie("", "", "", "", "", IntSource.taint(), true)); // $hasTaintFlow
230+
sink(new NewCookie("", "", "", "", "", 0, BooleanSource.taint())); // $hasTaintFlow
231+
232+
sink(new NewCookie(taint(), "", "", "", "", 0, true, true)); // $hasTaintFlow
233+
sink(new NewCookie("", taint(), "", "", "", 0, false, true)); // $hasTaintFlow
234+
sink(new NewCookie("", "", taint(), "", "", 0, true, false)); // $hasTaintFlow
235+
sink(new NewCookie("", "", "", taint(), "", 0, false, false)); // $hasTaintFlow
236+
sink(new NewCookie("", "", "", "", taint(), 0, true, true)); // $hasTaintFlow
237+
sink(new NewCookie("", "", "", "", "", IntSource.taint(), false, true)); // $hasTaintFlow
238+
sink(new NewCookie("", "", "", "", "", 0, BooleanSource.taint(), false)); // $hasTaintFlow
239+
sink(new NewCookie("", "", "", "", "", 0, true, BooleanSource.taint())); // $hasTaintFlow
240+
241+
sink(NewCookie.valueOf(taint()).getComment()); // $hasTaintFlow
242+
sink(NewCookie.valueOf(taint()).getExpiry()); // $hasTaintFlow
243+
sink(NewCookie.valueOf(taint()).getMaxAge()); // $hasTaintFlow
244+
sink(NewCookie.valueOf(taint()).toCookie()); // $hasTaintFlow
245+
sink(NewCookie.valueOf(taint())); // $hasTaintFlow
246+
}
247+
177248
void testForm(MultivaluedMap<String, String> mm1, MultivaluedMap<String, String> mm2) {
178249
sink(new Form(taint(), "")); // $hasTaintFlow
179250
sink(new Form("", taint())); // $hasTaintFlow

java/ql/test/library-tests/frameworks/JaxWs/JaxRsFlow.java

Lines changed: 71 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -16,6 +16,7 @@
1616
import javax.ws.rs.core.Link;
1717
import javax.ws.rs.core.MediaType;
1818
import javax.ws.rs.core.MultivaluedMap;
19+
import javax.ws.rs.core.NewCookie;
1920
import javax.ws.rs.core.PathSegment;
2021
import javax.ws.rs.core.Response;
2122
import javax.ws.rs.core.UriBuilder;
@@ -37,6 +38,14 @@ private static class IntSource {
3738
static int taint() { return 0; }
3839
}
3940

41+
private static class BooleanSource {
42+
static boolean taint() { return false; }
43+
}
44+
45+
private static class DateSource {
46+
static Date taint() { return null; }
47+
}
48+
4049
private static class SetStringSource {
4150
static Set<String> taint() { return new HashSet<String>(); }
4251
}
@@ -174,6 +183,68 @@ void testCookie() {
174183
sink(Cookie.valueOf(taint()).toString()); // $hasTaintFlow
175184
}
176185

186+
void testNewCookie() {
187+
sink(new NewCookie(Cookie.valueOf(taint()))); // $hasTaintFlow
188+
189+
sink(new NewCookie(Cookie.valueOf(taint()), "", 0, true)); // $hasTaintFlow
190+
sink(new NewCookie(Cookie.valueOf(""), taint(), 0, false)); // $hasTaintFlow
191+
sink(new NewCookie(Cookie.valueOf(""), "", IntSource.taint(), true)); // $hasTaintFlow
192+
sink(new NewCookie(Cookie.valueOf(""), "", 0, BooleanSource.taint())); // $hasTaintFlow
193+
194+
sink(new NewCookie(Cookie.valueOf(taint()), "", 0, new Date(), true, true)); // $hasTaintFlow
195+
sink(new NewCookie(Cookie.valueOf(""), taint(), 0, new Date(), true, false)); // $hasTaintFlow
196+
sink(new NewCookie(Cookie.valueOf(""), "", IntSource.taint(), new Date(), false, true)); // $hasTaintFlow
197+
sink(new NewCookie(Cookie.valueOf(""), "", 0, DateSource.taint(), false, false)); // $hasTaintFlow
198+
sink(new NewCookie(Cookie.valueOf(""), "", 0, new Date(), BooleanSource.taint(), false)); // $hasTaintFlow
199+
sink(new NewCookie(Cookie.valueOf(""), "", 0, new Date(), true, BooleanSource.taint())); // $hasTaintFlow
200+
201+
sink(new NewCookie(taint(), "")); // $hasTaintFlow
202+
sink(new NewCookie("", taint())); // $hasTaintFlow
203+
204+
sink(new NewCookie(taint(), "", "", "", 0, "", 0, true)); // $hasTaintFlow
205+
sink(new NewCookie("", taint(), "", "", 0, "", 0, false)); // $hasTaintFlow
206+
sink(new NewCookie("", "", taint(), "", 0, "", 0, true)); // $hasTaintFlow
207+
sink(new NewCookie("", "", "", taint(), 0, "", 0, false)); // $hasTaintFlow
208+
sink(new NewCookie("", "", "", "", IntSource.taint(), "", 0, true)); // $hasTaintFlow
209+
sink(new NewCookie("", "", "", "", 0, taint(), 0, false)); // $hasTaintFlow
210+
sink(new NewCookie("", "", "", "", 0, "", IntSource.taint(), true)); // $hasTaintFlow
211+
sink(new NewCookie("", "", "", "", 0, "", 0, BooleanSource.taint())); // $hasTaintFlow
212+
213+
sink(new NewCookie(taint(), "", "", "", 0, "", 0, new Date(), true, true)); // $hasTaintFlow
214+
sink(new NewCookie("", taint(), "", "", 0, "", 0, new Date(), false, true)); // $hasTaintFlow
215+
sink(new NewCookie("", "", taint(), "", 0, "", 0, new Date(), true, false)); // $hasTaintFlow
216+
sink(new NewCookie("", "", "", taint(), 0, "", 0, new Date(), false, false)); // $hasTaintFlow
217+
sink(new NewCookie("", "", "", "", IntSource.taint(), "", 0, new Date(), true, true)); // $hasTaintFlow
218+
sink(new NewCookie("", "", "", "", 0, taint(), 0, new Date(), true, false)); // $hasTaintFlow
219+
sink(new NewCookie("", "", "", "", 0, "", IntSource.taint(), new Date(), false, true)); // $hasTaintFlow
220+
sink(new NewCookie("", "", "", "", 0, "", 0, DateSource.taint(), false, false)); // $hasTaintFlow
221+
sink(new NewCookie("", "", "", "", 0, "", 0, new Date(), BooleanSource.taint(), true)); // $hasTaintFlow
222+
sink(new NewCookie("", "", "", "", 0, "", 0, new Date(), false, BooleanSource.taint())); // $hasTaintFlow
223+
224+
sink(new NewCookie(taint(), "", "", "", "", 0, true)); // $hasTaintFlow
225+
sink(new NewCookie("", taint(), "", "", "", 0, false)); // $hasTaintFlow
226+
sink(new NewCookie("", "", taint(), "", "", 0, true)); // $hasTaintFlow
227+
sink(new NewCookie("", "", "", taint(), "", 0, false)); // $hasTaintFlow
228+
sink(new NewCookie("", "", "", "", taint(), 0, false)); // $hasTaintFlow
229+
sink(new NewCookie("", "", "", "", "", IntSource.taint(), true)); // $hasTaintFlow
230+
sink(new NewCookie("", "", "", "", "", 0, BooleanSource.taint())); // $hasTaintFlow
231+
232+
sink(new NewCookie(taint(), "", "", "", "", 0, true, true)); // $hasTaintFlow
233+
sink(new NewCookie("", taint(), "", "", "", 0, false, true)); // $hasTaintFlow
234+
sink(new NewCookie("", "", taint(), "", "", 0, true, false)); // $hasTaintFlow
235+
sink(new NewCookie("", "", "", taint(), "", 0, false, false)); // $hasTaintFlow
236+
sink(new NewCookie("", "", "", "", taint(), 0, true, true)); // $hasTaintFlow
237+
sink(new NewCookie("", "", "", "", "", IntSource.taint(), false, true)); // $hasTaintFlow
238+
sink(new NewCookie("", "", "", "", "", 0, BooleanSource.taint(), false)); // $hasTaintFlow
239+
sink(new NewCookie("", "", "", "", "", 0, true, BooleanSource.taint())); // $hasTaintFlow
240+
241+
sink(NewCookie.valueOf(taint()).getComment()); // $hasTaintFlow
242+
sink(NewCookie.valueOf(taint()).getExpiry()); // $hasTaintFlow
243+
sink(NewCookie.valueOf(taint()).getMaxAge()); // $hasTaintFlow
244+
sink(NewCookie.valueOf(taint()).toCookie()); // $hasTaintFlow
245+
sink(NewCookie.valueOf(taint())); // $hasTaintFlow
246+
}
247+
177248
void testForm(MultivaluedMap<String, String> mm1, MultivaluedMap<String, String> mm2) {
178249
sink(new Form(taint(), "")); // $hasTaintFlow
179250
sink(new Form("", taint())); // $hasTaintFlow

0 commit comments

Comments
 (0)