Skip to content

Commit f3ab295

Browse files
joefarebrotherjoefarebrother
committed
Fix up tests
1 parent bbc4d48 commit f3ab295

File tree

2 files changed

+35
-35
lines changed

2 files changed

+35
-35
lines changed

java/ql/src/semmle/code/java/frameworks/spring/SpringHttp.qll

Lines changed: 19 additions & 19 deletions
Original file line numberDiff line numberDiff line change
@@ -62,7 +62,7 @@ private class UrlOpenSink extends SinkModelCsv {
6262
}
6363
}
6464

65-
private class SpringHttpFlowStep extends SinkModelCsv {
65+
private class SpringHttpFlowStep extends SummaryModelCsv {
6666
override predicate row(string row) {
6767
row =
6868
[
@@ -84,26 +84,26 @@ private class SpringHttpFlowStep extends SinkModelCsv {
8484
"org.springframework.http;ResponseEntity;true;ResponseEntity;(Object,MultiValueMap,int);;Argument[0];Argument[-1];taint",
8585
"org.springframework.http;ResponseEntity;true;ResponseEntity;(Object,MultiValueMap,int);;MapKey of Argument[1];Argument[-1];taint",
8686
"org.springframework.http;ResponseEntity;true;ResponseEntity;(Object,MultiValueMap,int);;Element of MapValue of Argument[1];Argument[-1];taint",
87-
"org.springframework.http;ResponseEntity;true;of;(Optional);;Argument[0];ReturnValue;taint",
87+
"org.springframework.http;ResponseEntity;true;of;(Optional);;Element of Argument[0];ReturnValue;taint",
8888
"org.springframework.http;ResponseEntity;true;ok;(Object);;Argument[0];ReturnValue;taint",
8989
"org.springframework.http;ResponseEntity;true;created;(URI);;Argument[0];ReturnValue;taint",
90-
"org.springframework.http;ResponseEntity<>$BodyBuilder;true;contentLength;(long);;Argument[-1];ReturnValue;value",
91-
"org.springframework.http;ResponseEntity<>$BodyBuilder;true;contentType;(MediaType);;Argument[-1];ReturnValue;value",
92-
"org.springframework.http;ResponseEntity<>$BodyBuilder;true;body;(Object);;Argument[-1..0];ReturnValue;taint",
93-
"org.springframework.http;ResponseEntity<>$HeadersBuilder;true;allow;(HttpMethod[]);;Argument[-1];ReturnValue;value",
94-
"org.springframework.http;ResponseEntity<>$HeadersBuilder;true;eTag;(String);;Argument[-1];ReturnValue;value",
95-
"org.springframework.http;ResponseEntity<>$HeadersBuilder;true;eTag;(String);;Argument[0];Argument[-1];taint",
96-
"org.springframework.http;ResponseEntity<>$HeadersBuilder;true;header;(String,String[]);;Argument[-1];ReturnValue;value",
97-
"org.springframework.http;ResponseEntity<>$HeadersBuilder;true;header;(String,String[]);;Argument[0];Argument[-1];taint",
98-
"org.springframework.http;ResponseEntity<>$HeadersBuilder;true;header;(String,String[]);;ArrayElement of Argument[1];Argument[-1];taint",
99-
"org.springframework.http;ResponseEntity<>$HeadersBuilder;true;headers;(Consumer);;Argument[-1];ReturnValue;value",
100-
"org.springframework.http;ResponseEntity<>$HeadersBuilder;true;headers;(HttpHeaders);;Argument[-1];ReturnValue;value",
101-
"org.springframework.http;ResponseEntity<>$HeadersBuilder;true;headers;(HttpHeaders);;Argument[0];Argument[-1];taint",
102-
"org.springframework.http;ResponseEntity<>$HeadersBuilder;true;lastModified;;;Argument[-1];ReturnValue;value",
103-
"org.springframework.http;ResponseEntity<>$HeadersBuilder;true;location;(URI);;Argument[-1];ReturnValue;value",
104-
"org.springframework.http;ResponseEntity<>$HeadersBuilder;true;location;(URI);;Argument[0];Argument[-1];taint",
105-
"org.springframework.http;ResponseEntity<>$HeadersBuilder;true;varyBy;(String[]);;Argument[-1];ReturnValue;value",
106-
"org.springframework.http;ResponseEntity<>$HeadersBuilder;true;build;();;Argument[-1];ReturnValue;taint",
90+
"org.springframework.http;ResponseEntity$BodyBuilder;true;contentLength;(long);;Argument[-1];ReturnValue;value",
91+
"org.springframework.http;ResponseEntity$BodyBuilder;true;contentType;(MediaType);;Argument[-1];ReturnValue;value",
92+
"org.springframework.http;ResponseEntity$BodyBuilder;true;body;(Object);;Argument[-1..0];ReturnValue;taint",
93+
"org.springframework.http;ResponseEntity$HeadersBuilder;true;allow;(HttpMethod[]);;Argument[-1];ReturnValue;value",
94+
"org.springframework.http;ResponseEntity$HeadersBuilder;true;eTag;(String);;Argument[-1];ReturnValue;value",
95+
"org.springframework.http;ResponseEntity$HeadersBuilder;true;eTag;(String);;Argument[0];Argument[-1];taint",
96+
"org.springframework.http;ResponseEntity$HeadersBuilder;true;header;(String,String[]);;Argument[-1];ReturnValue;value",
97+
"org.springframework.http;ResponseEntity$HeadersBuilder;true;header;(String,String[]);;Argument[0];Argument[-1];taint",
98+
"org.springframework.http;ResponseEntity$HeadersBuilder;true;header;(String,String[]);;ArrayElement of Argument[1];Argument[-1];taint",
99+
"org.springframework.http;ResponseEntity$HeadersBuilder;true;headers;(Consumer);;Argument[-1];ReturnValue;value",
100+
"org.springframework.http;ResponseEntity$HeadersBuilder;true;headers;(HttpHeaders);;Argument[-1];ReturnValue;value",
101+
"org.springframework.http;ResponseEntity$HeadersBuilder;true;headers;(HttpHeaders);;Argument[0];Argument[-1];taint",
102+
"org.springframework.http;ResponseEntity$HeadersBuilder;true;lastModified;;;Argument[-1];ReturnValue;value",
103+
"org.springframework.http;ResponseEntity$HeadersBuilder;true;location;(URI);;Argument[-1];ReturnValue;value",
104+
"org.springframework.http;ResponseEntity$HeadersBuilder;true;location;(URI);;Argument[0];Argument[-1];taint",
105+
"org.springframework.http;ResponseEntity$HeadersBuilder;true;varyBy;(String[]);;Argument[-1];ReturnValue;value",
106+
"org.springframework.http;ResponseEntity$HeadersBuilder;true;build;();;Argument[-1];ReturnValue;taint",
107107
"org.springframework.http;RequestEntity;true;getUrl;();;Argument[-1];ReturnValue;taint",
108108
"org.springframework.http;HttpHeaders;true;HttpHeaders;(MultiValueMap);;MapKey of Argument[0];Argument[-1];taint",
109109
"org.springframework.http;HttpHeaders;true;HttpHeaders;(MultiValueMap);;Element of MapValue of Argument[0];Argument[-1];taint",

java/ql/test/library-tests/frameworks/spring/http/TestHttp.java

Lines changed: 16 additions & 16 deletions
Original file line numberDiff line numberDiff line change
@@ -20,12 +20,12 @@ void test1() {
2020
sink(new HttpEntity(x, m1)); // $hasTaintFlow
2121

2222
m1.add("a", taint());
23-
sink(new HttpEntity("a", m1)); // $ MISSING:hasTaintFlow
24-
sink(new HttpEntity<String>(m1)); // $ MISSING:hasTaintFlow
23+
sink(new HttpEntity("a", m1)); // $hasTaintFlow
24+
sink(new HttpEntity<String>(m1)); // $hasTaintFlow
2525

2626
MultiValueMap<String,String> m2 = new LinkedMultiValueMap();
2727
m2.add(taint(), "a");
28-
sink(new HttpEntity<String>(m2)); // $ MISSING:hasTaintFlow
28+
sink(new HttpEntity<String>(m2)); // $hasTaintFlow
2929

3030
HttpEntity<String> ent = taint();
3131
sink(ent.getBody()); // $hasTaintFlow
@@ -38,7 +38,7 @@ void test1() {
3838
void test2() {
3939
String x = taint();
4040
sink(ResponseEntity.ok(x)); // $hasTaintFlow
41-
sink(ResponseEntity.of(Optional.of(x))); // $ MISSING:hasTaintFlow
41+
sink(ResponseEntity.of(Optional.of(x))); // $hasTaintFlow
4242

4343
sink(ResponseEntity.status(200).contentLength(2048).body(x)); // $hasTaintFlow
4444
sink(ResponseEntity.created(taint()).contentType(null).body("a")); // $hasTaintFlow
@@ -61,15 +61,15 @@ void test3() {
6161
sink(new ResponseEntity(x, m1, 200)); // $hasTaintFlow
6262

6363
m1.add("a", taint());
64-
sink(new ResponseEntity("a", m1, HttpStatus.ACCEPTED)); // $ MISSING:hasTaintFlow
65-
sink(new ResponseEntity<String>(m1, HttpStatus.ACCEPTED)); // $ MISSING:hasTaintFlow
66-
sink(new ResponseEntity("a", m1, 200)); // $ MISSING:hasTaintFlow
64+
sink(new ResponseEntity("a", m1, HttpStatus.ACCEPTED)); // $hasTaintFlow
65+
sink(new ResponseEntity<String>(m1, HttpStatus.ACCEPTED)); // $hasTaintFlow
66+
sink(new ResponseEntity("a", m1, 200)); // $hasTaintFlow
6767

6868
MultiValueMap<String,String> m2 = new LinkedMultiValueMap();
6969
m2.add(taint(), "a");
70-
sink(new ResponseEntity("a", m2, HttpStatus.ACCEPTED)); // $ MISSING:hasTaintFlow
71-
sink(new ResponseEntity<String>(m2, HttpStatus.ACCEPTED)); // $ MISSING:hasTaintFlow
72-
sink(new ResponseEntity("a", m2, 200)); // $ MISSING:hasTaintFlow
70+
sink(new ResponseEntity("a", m2, HttpStatus.ACCEPTED)); // $hasTaintFlow
71+
sink(new ResponseEntity<String>(m2, HttpStatus.ACCEPTED)); // $hasTaintFlow
72+
sink(new ResponseEntity("a", m2, 200)); // $hasTaintFlow
7373

7474
ResponseEntity<String> ent = taint();
7575
sink(ent.getBody()); // $hasTaintFlow
@@ -79,11 +79,11 @@ void test3() {
7979
void test4() {
8080
MultiValueMap<String,String> m1 = new LinkedMultiValueMap();
8181
m1.add("a", taint());
82-
sink(new HttpHeaders(m1)); // $ MISSING:hasTaintFlow
82+
sink(new HttpHeaders(m1)); // $hasTaintFlow
8383

8484
MultiValueMap<String,String> m2 = new LinkedMultiValueMap();
8585
m2.add(taint(), "a");
86-
sink(new HttpHeaders(m2)); // $ MISSING:hasTaintFlow
86+
sink(new HttpHeaders(m2)); // $hasTaintFlow
8787

8888
HttpHeaders h1 = new HttpHeaders();
8989
h1.add(taint(), "a");
@@ -95,11 +95,11 @@ void test4() {
9595

9696
HttpHeaders h3 = new HttpHeaders();
9797
h3.addAll(m1);
98-
sink(h3); // $ MISSING:hasTaintFlow
98+
sink(h3); // $hasTaintFlow
9999

100100
HttpHeaders h4 = new HttpHeaders();
101101
h4.addAll(m2);
102-
sink(h4); // $ MISSING:hasTaintFlow
102+
sink(h4); // $hasTaintFlow
103103

104104
HttpHeaders h5 = new HttpHeaders();
105105
h5.addAll(taint(), List.of());
@@ -109,8 +109,8 @@ void test4() {
109109
h6.addAll("a", List.of(taint()));
110110
sink(h6); // $hasTaintFlow
111111

112-
sink(HttpHeaders.formatHeaders(m1)); // $ MISSING:hasTaintFlow
113-
sink(HttpHeaders.formatHeaders(m2)); // $ MISSING:hasTaintFlow
112+
sink(HttpHeaders.formatHeaders(m1)); // $hasTaintFlow
113+
sink(HttpHeaders.formatHeaders(m2)); // $hasTaintFlow
114114

115115
sink(HttpHeaders.encodeBasicAuth(taint(), "a", null)); // $hasTaintFlow
116116
sink(HttpHeaders.encodeBasicAuth("a", taint(), null)); // $hasTaintFlow

0 commit comments

Comments
 (0)