Skip to content

Java: convert remaining java-code-scanning.qls query tests to .qlref #19842

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 32 commits into
base: main
Choose a base branch
from
Open

Java: convert remaining java-code-scanning.qls query tests to .qlref #19842

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
32 commits
Select commit Hold shift + click to select a range
588efe4
Java: Convert TaintedPath test to .qlref
d10c Jun 23, 2025
e1ddce8
Java: convert PartialPathTraversalFromRemote test to .qlref
d10c Jun 23, 2025
3f9e0fe
Java: convert JndiInjection test to .qlref
d10c Jun 23, 2025
199eabd
Java: convert XsltInjection test to .qlref
d10c Jun 23, 2025
8e53da2
Java: convert XSS test to .qlref
d10c Jun 23, 2025
1cc91e9
Java: convert GroovyInjection test to .qlref
d10c Jun 23, 2025
1b61cb6
Java: convert JexlInjection test to .qlref
d10c Jun 23, 2025
2a837b2
Java: convert MvelInjection test to .qlref
d10c Jun 23, 2025
b8c7bd2
Java: convert SpelInjection test to .qlref
d10c Jun 23, 2025
c77875d
Java: convert TemplateInjection test to .qlref
d10c Jun 23, 2025
b736e37
Java: convert IntentUriPermissionManipulation test to .qlref
d10c Jun 23, 2025
993b261
Java: convert InsecureTrustManager test to .qlref
d10c Jun 23, 2025
288a938
Java: convert InsufficientKeySize test to .qlref
d10c Jun 23, 2025
85c2f72
Java: convert InsecureRandomness test to .qlref
d10c Jun 23, 2025
2869427
Java: convert MissingJWTSignatureCheck test to .qlref
d10c Jun 23, 2025
2b19cbc
Java: convert UnsafeContentUriResolution test to .qlref
d10c Jun 23, 2025
192f45e
Java: convert FragmentInjection test to .qlref
d10c Jun 23, 2025
c4b0955
Java: convert WebviewDebuggingEnabled test to .qlref
d10c Jun 23, 2025
4412335
Java: convert UnsafeDeserialization test to .qlref
d10c Jun 23, 2025
bf1a699
Java: convert CWE-522 tests to .qlref
d10c Jun 23, 2025
7f33f57
Java: convert UrlForward test to .qlref
d10c Jun 23, 2025
162b1c5
Java: convert XXE test to .qlref
d10c Jun 23, 2025
f5c7ef6
Java: convert XPathInjection test to .qlref
d10c Jun 23, 2025
b7e47e2
Java: convert PolynomialReDoS and RegexInjection tests to .qlref
d10c Jun 23, 2025
cadfd0d
Java: convert RsaWithoutOaep test to .qlref
d10c Jun 24, 2025
7f05b72
Java: convert OgnlInjection test to .qlref
d10c Jun 24, 2025
aac4f63
Java: convert RequestForgery test to .qlref
d10c Jun 24, 2025
e0311e2
Java: convert ImproperIntentVerification test to .qlref
d10c Jun 24, 2025
e213e3f
Java: convert ImplicitPendingIntents test to .qlref
d10c Jun 24, 2025
b2cb585
UnsafeDeserialization: add missing `getASelectedSinkLocation` override
d10c Jun 24, 2025
a49999d
PolynomialReDoS: disable diff-informed support
d10c Jun 24, 2025
6904461
Java: add CleartextStorageCookie test
d10c Jun 24, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 4 additions & 0 deletions java/ql/lib/semmle/code/java/security/UnsafeDeserializationQuery.qll
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -323,6 +323,10 @@ private module UnsafeDeserializationConfig implements DataFlow::ConfigSig {
predicate isBarrier(DataFlow::Node node) { isUnsafeDeserializationSanitizer(node) }

predicate observeDiffInformedIncrementalMode() { any() }

Location getASelectedSinkLocation(DataFlow::Node sink) {
result = sink.(UnsafeDeserializationSink).getMethodCall().getLocation()
}
}

module UnsafeDeserializationFlow = TaintTracking::Global<UnsafeDeserializationConfig>;
Expand Down
12 changes: 0 additions & 12 deletions java/ql/lib/semmle/code/java/security/regexp/PolynomialReDoSQuery.qll
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -47,18 +47,6 @@ module PolynomialRedosConfig implements DataFlow::ConfigSig {
node instanceof SimpleTypeSanitizer or
node.asExpr().(MethodCall).getMethod() instanceof LengthRestrictedMethod
}

predicate observeDiffInformedIncrementalMode() { any() }

Location getASelectedSinkLocation(DataFlow::Node sink) {
exists(SuperlinearBackTracking::PolynomialBackTrackingTerm regexp |
regexp.getRootTerm() = sink.(PolynomialRedosSink).getRegExp()
|
result = sink.getLocation()
or
result = regexp.getLocation()
)
}
}

module PolynomialRedosFlow = TaintTracking::Global<PolynomialRedosConfig>;
474 changes: 474 additions & 0 deletions java/ql/test/query-tests/security/CWE-022/semmle/tests/TaintedPath.expected
View file
Open in desktop

Large diffs are not rendered by default.

4 changes: 2 additions & 2 deletions java/ql/test/query-tests/security/CWE-022/semmle/tests/TaintedPath.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,10 +10,10 @@
public class TaintedPath {
public void sendUserFile(Socket sock, String user) throws IOException {
BufferedReader filenameReader =
new BufferedReader(new InputStreamReader(sock.getInputStream(), "UTF-8"));
new BufferedReader(new InputStreamReader(sock.getInputStream(), "UTF-8")); // $ Source
String filename = filenameReader.readLine();
// BAD: read from a file without checking its path
BufferedReader fileReader = new BufferedReader(new FileReader(filename)); // $ hasTaintFlow
BufferedReader fileReader = new BufferedReader(new FileReader(filename)); // $ Alert
String fileLine = fileReader.readLine();
while (fileLine != null) {
sock.getOutputStream().write(fileLine.getBytes());
Expand Down
4 changes: 0 additions & 4 deletions java/ql/test/query-tests/security/CWE-022/semmle/tests/TaintedPath.ql
View file
Open in desktop

This file was deleted.

4 changes: 4 additions & 0 deletions java/ql/test/query-tests/security/CWE-022/semmle/tests/TaintedPath.qlref
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
query: Security/CWE/CWE-022/TaintedPath.ql
postprocess:
- utils/test/PrettyPrintModels.ql
- utils/test/InlineExpectationsTestQuery.ql
156 changes: 78 additions & 78 deletions java/ql/test/query-tests/security/CWE-022/semmle/tests/Test.java
View file
Open in desktop

Large diffs are not rendered by default.

32 changes: 16 additions & 16 deletions java/ql/test/query-tests/security/CWE-023/semmle/tests/PartialPathTraversal.expected
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,16 +1,16 @@
| PartialPathTraversalTest.java:10:14:10:73 | startsWith(...) | Partial Path Traversal Vulnerability due to insufficient guard against path traversal. |
| PartialPathTraversalTest.java:17:9:17:72 | startsWith(...) | Partial Path Traversal Vulnerability due to insufficient guard against path traversal. |
| PartialPathTraversalTest.java:29:14:29:58 | startsWith(...) | Partial Path Traversal Vulnerability due to insufficient guard against path traversal. |
| PartialPathTraversalTest.java:35:14:35:63 | startsWith(...) | Partial Path Traversal Vulnerability due to insufficient guard against path traversal. |
| PartialPathTraversalTest.java:42:14:42:64 | startsWith(...) | Partial Path Traversal Vulnerability due to insufficient guard against path traversal. |
| PartialPathTraversalTest.java:49:14:49:64 | startsWith(...) | Partial Path Traversal Vulnerability due to insufficient guard against path traversal. |
| PartialPathTraversalTest.java:53:14:53:65 | startsWith(...) | Partial Path Traversal Vulnerability due to insufficient guard against path traversal. |
| PartialPathTraversalTest.java:61:14:61:64 | startsWith(...) | Partial Path Traversal Vulnerability due to insufficient guard against path traversal. |
| PartialPathTraversalTest.java:64:14:64:65 | startsWith(...) | Partial Path Traversal Vulnerability due to insufficient guard against path traversal. |
| PartialPathTraversalTest.java:75:14:75:64 | startsWith(...) | Partial Path Traversal Vulnerability due to insufficient guard against path traversal. |
| PartialPathTraversalTest.java:94:14:94:63 | startsWith(...) | Partial Path Traversal Vulnerability due to insufficient guard against path traversal. |
| PartialPathTraversalTest.java:102:14:102:63 | startsWith(...) | Partial Path Traversal Vulnerability due to insufficient guard against path traversal. |
| PartialPathTraversalTest.java:105:14:105:64 | startsWith(...) | Partial Path Traversal Vulnerability due to insufficient guard against path traversal. |
| PartialPathTraversalTest.java:173:14:173:63 | startsWith(...) | Partial Path Traversal Vulnerability due to insufficient guard against path traversal. |
| PartialPathTraversalTest.java:191:18:191:87 | startsWith(...) | Partial Path Traversal Vulnerability due to insufficient guard against path traversal. |
| PartialPathTraversalTest.java:209:14:209:64 | startsWith(...) | Partial Path Traversal Vulnerability due to insufficient guard against path traversal. |
| PartialPathTraversalTest.java:13:14:13:75 | startsWith(...) | Partial Path Traversal Vulnerability due to insufficient guard against path traversal. |
| PartialPathTraversalTest.java:20:9:20:74 | startsWith(...) | Partial Path Traversal Vulnerability due to insufficient guard against path traversal. |
| PartialPathTraversalTest.java:32:14:32:60 | startsWith(...) | Partial Path Traversal Vulnerability due to insufficient guard against path traversal. |
| PartialPathTraversalTest.java:38:14:38:65 | startsWith(...) | Partial Path Traversal Vulnerability due to insufficient guard against path traversal. |
| PartialPathTraversalTest.java:45:14:45:64 | startsWith(...) | Partial Path Traversal Vulnerability due to insufficient guard against path traversal. |
| PartialPathTraversalTest.java:52:14:52:64 | startsWith(...) | Partial Path Traversal Vulnerability due to insufficient guard against path traversal. |
| PartialPathTraversalTest.java:56:14:56:65 | startsWith(...) | Partial Path Traversal Vulnerability due to insufficient guard against path traversal. |
| PartialPathTraversalTest.java:64:14:64:64 | startsWith(...) | Partial Path Traversal Vulnerability due to insufficient guard against path traversal. |
| PartialPathTraversalTest.java:67:14:67:65 | startsWith(...) | Partial Path Traversal Vulnerability due to insufficient guard against path traversal. |
| PartialPathTraversalTest.java:78:14:78:64 | startsWith(...) | Partial Path Traversal Vulnerability due to insufficient guard against path traversal. |
| PartialPathTraversalTest.java:97:14:97:65 | startsWith(...) | Partial Path Traversal Vulnerability due to insufficient guard against path traversal. |
| PartialPathTraversalTest.java:105:14:105:65 | startsWith(...) | Partial Path Traversal Vulnerability due to insufficient guard against path traversal. |
| PartialPathTraversalTest.java:108:14:108:66 | startsWith(...) | Partial Path Traversal Vulnerability due to insufficient guard against path traversal. |
| PartialPathTraversalTest.java:176:14:176:65 | startsWith(...) | Partial Path Traversal Vulnerability due to insufficient guard against path traversal. |
| PartialPathTraversalTest.java:194:18:194:87 | startsWith(...) | Partial Path Traversal Vulnerability due to insufficient guard against path traversal. |
| PartialPathTraversalTest.java:212:14:212:64 | startsWith(...) | Partial Path Traversal Vulnerability due to insufficient guard against path traversal. |
Loading