Skip to content

Commit 0439eb6

Browse files
atorralbaatorralba
committed
Add tests
1 parent 4e7dbbf commit 0439eb6

File tree

5 files changed

+41
-1
lines changed

5 files changed

+41
-1
lines changed

java/ql/lib/ext/org.apache.hadoop.hive.metastore.model.yml

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -4,4 +4,5 @@ extensions:
44
extensible: sinkModel
55
data:
66
- ["org.apache.hadoop.hive.metastore", "ObjectStore", True, "updatePartitionColumnStatistics", "(ColumnStatistics,List,String,long)", "", "Argument[0]", "sql", "ai-generated"]
7+
- ["org.apache.hadoop.hive.metastore", "ObjectStore", True, "updatePartitionColumnStatistics", "(ColumnStatistics,List)", "", "Argument[0]", "sql", "ai-generated"]
78

java/ql/test/query-tests/security/CWE-022/semmle/tests/TaintedPath.expected

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -14,6 +14,7 @@ edges
1414
| Test.java:95:14:95:34 | getHostName(...) : String | Test.java:99:12:99:33 | new URI(...) |
1515
| Test.java:95:14:95:34 | getHostName(...) : String | Test.java:100:12:100:45 | new URI(...) |
1616
| Test.java:95:14:95:34 | getHostName(...) : String | Test.java:101:12:101:54 | new URI(...) |
17+
| Test.java:105:14:105:34 | getHostName(...) : String | Test.java:107:46:107:46 | t |
1718
nodes
1819
| Test.java:19:18:19:38 | getHostName(...) : String | semmle.label | getHostName(...) : String |
1920
| Test.java:24:20:24:23 | temp | semmle.label | temp |
@@ -34,6 +35,8 @@ nodes
3435
| Test.java:99:12:99:33 | new URI(...) | semmle.label | new URI(...) |
3536
| Test.java:100:12:100:45 | new URI(...) | semmle.label | new URI(...) |
3637
| Test.java:101:12:101:54 | new URI(...) | semmle.label | new URI(...) |
38+
| Test.java:105:14:105:34 | getHostName(...) : String | semmle.label | getHostName(...) : String |
39+
| Test.java:107:46:107:46 | t | semmle.label | t |
3740
subpaths
3841
#select
3942
| Test.java:24:11:24:24 | new File(...) | Test.java:19:18:19:38 | getHostName(...) : String | Test.java:24:20:24:23 | temp | This path depends on a $@. | Test.java:19:18:19:38 | getHostName(...) | user-provided value |
@@ -47,3 +50,4 @@ subpaths
4750
| Test.java:99:3:99:34 | new File(...) | Test.java:95:14:95:34 | getHostName(...) : String | Test.java:99:12:99:33 | new URI(...) | This path depends on a $@. | Test.java:95:14:95:34 | getHostName(...) | user-provided value |
4851
| Test.java:100:3:100:46 | new File(...) | Test.java:95:14:95:34 | getHostName(...) : String | Test.java:100:12:100:45 | new URI(...) | This path depends on a $@. | Test.java:95:14:95:34 | getHostName(...) | user-provided value |
4952
| Test.java:101:3:101:55 | new File(...) | Test.java:95:14:95:34 | getHostName(...) : String | Test.java:101:12:101:54 | new URI(...) | This path depends on a $@. | Test.java:95:14:95:34 | getHostName(...) | user-provided value |
53+
| Test.java:107:46:107:46 | t | Test.java:105:14:105:34 | getHostName(...) : String | Test.java:107:46:107:46 | t | This path depends on a $@. | Test.java:105:14:105:34 | getHostName(...) | user-provided value |

java/ql/test/query-tests/security/CWE-022/semmle/tests/Test.java

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -100,4 +100,10 @@ void doGet5(InetAddress address)
100100
new File(new URI(null, null, t, null, null));
101101
new File(new URI(null, null, null, 0, t, null, null));
102102
}
103+
104+
void doGet6(InetAddress address) throws IOException {
105+
String t = address.getHostName();
106+
// BAD: accessing local resource with user input
107+
getClass().getModule().getResourceAsStream(t);
108+
}
103109
}

java/ql/test/query-tests/security/CWE-089/semmle/examples/Hive.java

Lines changed: 29 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,29 @@
1+
import org.apache.hadoop.hive.metastore.api.ColumnStatistics;
2+
import org.apache.hadoop.hive.metastore.api.DefaultConstraintsRequest;
3+
import org.apache.hadoop.hive.metastore.ObjectStore;
4+
import org.apache.hive.hcatalog.templeton.ColumnDesc;
5+
import org.apache.hive.hcatalog.templeton.HcatDelegator;
6+
import java.util.List;
7+
8+
public class Hive {
9+
10+
public static Object source() {
11+
return null;
12+
}
13+
14+
public void test(ObjectStore objStore, HcatDelegator hcatDel) throws Exception {
15+
{
16+
String taint = (String) source();
17+
new DefaultConstraintsRequest("", taint, ""); // $ sqlInjection
18+
}
19+
{
20+
ColumnStatistics taint = (ColumnStatistics) source();
21+
//objStore.updatePartitionColumnStatistics(taint, (List<String>) null, (String) null, 0L); // $ sqlInjection
22+
objStore.updatePartitionColumnStatistics(taint, (List<String>) null); // $ sqlInjection
23+
}
24+
{
25+
ColumnDesc taint = (ColumnDesc) source();
26+
hcatDel.addOneColumn(null, null, null, taint); // $ sqlInjection
27+
}
28+
}
29+
}

java/ql/test/query-tests/security/CWE-089/semmle/examples/options

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1 +1 @@
1-
//semmle-extractor-options: --javac-args -cp ${testdir}/../../../../../stubs/mongodbClient:${testdir}/../../../../../stubs/springframework-5.3.8
1+
//semmle-extractor-options: --javac-args -cp ${testdir}/../../../../../stubs/mongodbClient:${testdir}/../../../../../stubs/springframework-5.3.8:${testdir}/../../../../../stubs/apache-hive

0 commit comments

Comments
 (0)