Skip to content

Java: Simplify tests using InlineExpectationsTest #5347

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
smowton merged 2 commits into from
Mar 8, 2021
Merged

Java: Simplify tests using InlineExpectationsTest #5347

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
b7353f0
Java: Simplify tests using InlineExpectationsTest
Marcono1234 Mar 5, 2021
6cf15f4
Replace hasTaintFlow=y with hasTaintFlow everywhere
smowton Mar 8, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
10 changes: 5 additions & 5 deletions java/ql/test/library-tests/dataflow/fluent-methods/Test.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -42,31 +42,31 @@ public static void sink(String s) {}
public static void test1() {
Test t = new Test();
t.fluentNoop().fluentSet(source()).fluentNoop();
sink(t.get()); // $hasTaintFlow=y
sink(t.get()); // $hasTaintFlow
}

public static void test2() {
Test t = new Test();
Test.identity(t).fluentNoop().fluentSet(source()).fluentNoop();
sink(t.get()); // $hasTaintFlow=y
sink(t.get()); // $hasTaintFlow
}

public static void test3() {
Test t = new Test();
t.indirectlyFluentNoop().fluentSet(source()).fluentNoop();
sink(t.get()); // $hasTaintFlow=y
sink(t.get()); // $hasTaintFlow
}

public static void testModel1() {
Test t = new Test();
t.indirectlyFluentNoop().modelledFluentMethod().fluentSet(source()).fluentNoop();
sink(t.get()); // $hasTaintFlow=y
sink(t.get()); // $hasTaintFlow
}

public static void testModel2() {
Test t = new Test();
Test.modelledIdentity(t).indirectlyFluentNoop().modelledFluentMethod().fluentSet(source()).fluentNoop();
sink(t.get()); // $hasTaintFlow=y
sink(t.get()); // $hasTaintFlow
}

}
2 changes: 1 addition & 1 deletion java/ql/test/library-tests/dataflow/fluent-methods/flow.ql
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -35,7 +35,7 @@ class HasFlowTest extends InlineExpectationsTest {
exists(DataFlow::Node src, DataFlow::Node sink, Conf conf | conf.hasFlow(src, sink) |
sink.getLocation() = location and
element = sink.toString() and
value = "y"
value = ""
)
}
}
146 changes: 73 additions & 73 deletions java/ql/test/library-tests/frameworks/apache-commons-lang3/StrBuilderTest.java
View file
Open in desktop

Large diffs are not rendered by default.

146 changes: 73 additions & 73 deletions java/ql/test/library-tests/frameworks/apache-commons-lang3/StrBuilderTextTest.java
View file
Open in desktop

Large diffs are not rendered by default.

4 changes: 2 additions & 2 deletions java/ql/test/library-tests/frameworks/apache-commons-lang3/StrLookupTest.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@ void test() throws Exception {
Map<String, String> map = new HashMap<String, String>();
map.put("key", taint());
StrLookup<String> lookup = StrLookup.mapLookup(map);
sink(lookup.lookup("key")); // $hasTaintFlow=y
sink(lookup.lookup("key")); // $hasTaintFlow
}

}
}
98 changes: 49 additions & 49 deletions java/ql/test/library-tests/frameworks/apache-commons-lang3/StrSubstitutorTest.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -17,66 +17,66 @@ void test() throws Exception {
StrLookup<String> taintedLookup = StrLookup.mapLookup(taintedMap);

// Test constructors:
StrSubstitutor ss1 = new StrSubstitutor(); ss1.setVariableResolver(taintedLookup); sink(ss1.replace("input")); // $hasTaintFlow=y
StrSubstitutor ss2 = new StrSubstitutor(taintedMap); sink(ss2.replace("input")); // $hasTaintFlow=y
StrSubstitutor ss3 = new StrSubstitutor(taintedMap, "{", "}"); sink(ss3.replace("input")); // $hasTaintFlow=y
StrSubstitutor ss4 = new StrSubstitutor(taintedMap, "{", "}", ' '); sink(ss4.replace("input")); // $hasTaintFlow=y
StrSubstitutor ss5 = new StrSubstitutor(taintedMap, "{", "}", ' ', ","); sink(ss5.replace("input")); // $hasTaintFlow=y
StrSubstitutor ss6 = new StrSubstitutor(taintedLookup); sink(ss6.replace("input")); // $hasTaintFlow=y
StrSubstitutor ss7 = new StrSubstitutor(taintedLookup, "{", "}", ' '); sink(ss7.replace("input")); // $hasTaintFlow=y
StrSubstitutor ss8 = new StrSubstitutor(taintedLookup, "{", "}", ' ', ","); sink(ss8.replace("input")); // $hasTaintFlow=y
StrSubstitutor ss9 = new StrSubstitutor(taintedLookup, (StrMatcher)null, null, ' '); sink(ss9.replace("input")); // $hasTaintFlow=y
StrSubstitutor ss10 = new StrSubstitutor(taintedLookup, (StrMatcher)null, null, ' ', null); sink(ss10.replace("input")); // $hasTaintFlow=y
StrSubstitutor ss1 = new StrSubstitutor(); ss1.setVariableResolver(taintedLookup); sink(ss1.replace("input")); // $hasTaintFlow
StrSubstitutor ss2 = new StrSubstitutor(taintedMap); sink(ss2.replace("input")); // $hasTaintFlow
StrSubstitutor ss3 = new StrSubstitutor(taintedMap, "{", "}"); sink(ss3.replace("input")); // $hasTaintFlow
StrSubstitutor ss4 = new StrSubstitutor(taintedMap, "{", "}", ' '); sink(ss4.replace("input")); // $hasTaintFlow
StrSubstitutor ss5 = new StrSubstitutor(taintedMap, "{", "}", ' ', ","); sink(ss5.replace("input")); // $hasTaintFlow
StrSubstitutor ss6 = new StrSubstitutor(taintedLookup); sink(ss6.replace("input")); // $hasTaintFlow
StrSubstitutor ss7 = new StrSubstitutor(taintedLookup, "{", "}", ' '); sink(ss7.replace("input")); // $hasTaintFlow
StrSubstitutor ss8 = new StrSubstitutor(taintedLookup, "{", "}", ' ', ","); sink(ss8.replace("input")); // $hasTaintFlow
StrSubstitutor ss9 = new StrSubstitutor(taintedLookup, (StrMatcher)null, null, ' '); sink(ss9.replace("input")); // $hasTaintFlow
StrSubstitutor ss10 = new StrSubstitutor(taintedLookup, (StrMatcher)null, null, ' ', null); sink(ss10.replace("input")); // $hasTaintFlow

// Test replace overloads (tainted substitution map):
StrSubstitutor taintedSubst = ss2;
sink(taintedSubst.replace((Object)"input")); // $hasTaintFlow=y
sink(taintedSubst.replace("input")); // $hasTaintFlow=y
sink(taintedSubst.replace("input", 0, 0)); // $hasTaintFlow=y
sink(taintedSubst.replace("input".toCharArray())); // $hasTaintFlow=y
sink(taintedSubst.replace("input".toCharArray(), 0, 0)); // $hasTaintFlow=y
sink(taintedSubst.replace((CharSequence)"input")); // $hasTaintFlow=y
sink(taintedSubst.replace((CharSequence)"input", 0, 0)); // $hasTaintFlow=y
sink(taintedSubst.replace(new StrBuilder("input"))); // $hasTaintFlow=y
sink(taintedSubst.replace(new StrBuilder("input"), 0, 0)); // $hasTaintFlow=y
sink(taintedSubst.replace(new StringBuilder("input"))); // $hasTaintFlow=y
sink(taintedSubst.replace(new StringBuilder("input"), 0, 0)); // $hasTaintFlow=y
sink(taintedSubst.replace(new StringBuffer("input"))); // $hasTaintFlow=y
sink(taintedSubst.replace(new StringBuffer("input"), 0, 0)); // $hasTaintFlow=y
sink(taintedSubst.replace((Object)"input")); // $hasTaintFlow
sink(taintedSubst.replace("input")); // $hasTaintFlow
sink(taintedSubst.replace("input", 0, 0)); // $hasTaintFlow
sink(taintedSubst.replace("input".toCharArray())); // $hasTaintFlow
sink(taintedSubst.replace("input".toCharArray(), 0, 0)); // $hasTaintFlow
sink(taintedSubst.replace((CharSequence)"input")); // $hasTaintFlow
sink(taintedSubst.replace((CharSequence)"input", 0, 0)); // $hasTaintFlow
sink(taintedSubst.replace(new StrBuilder("input"))); // $hasTaintFlow
sink(taintedSubst.replace(new StrBuilder("input"), 0, 0)); // $hasTaintFlow
sink(taintedSubst.replace(new StringBuilder("input"))); // $hasTaintFlow
sink(taintedSubst.replace(new StringBuilder("input"), 0, 0)); // $hasTaintFlow
sink(taintedSubst.replace(new StringBuffer("input"))); // $hasTaintFlow
sink(taintedSubst.replace(new StringBuffer("input"), 0, 0)); // $hasTaintFlow

// Test replace overloads (tainted input):
StrSubstitutor untaintedSubst = ss1;
sink(untaintedSubst.replace((Object)taint())); // $hasTaintFlow=y
sink(untaintedSubst.replace(taint())); // $hasTaintFlow=y
sink(untaintedSubst.replace(taint(), 0, 0)); // $hasTaintFlow=y
sink(untaintedSubst.replace(taint().toCharArray())); // $hasTaintFlow=y
sink(untaintedSubst.replace(taint().toCharArray(), 0, 0)); // $hasTaintFlow=y
sink(untaintedSubst.replace((CharSequence)taint())); // $hasTaintFlow=y
sink(untaintedSubst.replace((CharSequence)taint(), 0, 0)); // $hasTaintFlow=y
sink(untaintedSubst.replace(new StrBuilder(taint()))); // $hasTaintFlow=y
sink(untaintedSubst.replace(new StrBuilder(taint()), 0, 0)); // $hasTaintFlow=y
sink(untaintedSubst.replace(new StringBuilder(taint()))); // $hasTaintFlow=y
sink(untaintedSubst.replace(new StringBuilder(taint()), 0, 0)); // $hasTaintFlow=y
sink(untaintedSubst.replace(new StringBuffer(taint()))); // $hasTaintFlow=y
sink(untaintedSubst.replace(new StringBuffer(taint()), 0, 0)); // $hasTaintFlow=y
sink(untaintedSubst.replace((Object)taint())); // $hasTaintFlow
sink(untaintedSubst.replace(taint())); // $hasTaintFlow
sink(untaintedSubst.replace(taint(), 0, 0)); // $hasTaintFlow
sink(untaintedSubst.replace(taint().toCharArray())); // $hasTaintFlow
sink(untaintedSubst.replace(taint().toCharArray(), 0, 0)); // $hasTaintFlow
sink(untaintedSubst.replace((CharSequence)taint())); // $hasTaintFlow
sink(untaintedSubst.replace((CharSequence)taint(), 0, 0)); // $hasTaintFlow
sink(untaintedSubst.replace(new StrBuilder(taint()))); // $hasTaintFlow
sink(untaintedSubst.replace(new StrBuilder(taint()), 0, 0)); // $hasTaintFlow
sink(untaintedSubst.replace(new StringBuilder(taint()))); // $hasTaintFlow
sink(untaintedSubst.replace(new StringBuilder(taint()), 0, 0)); // $hasTaintFlow
sink(untaintedSubst.replace(new StringBuffer(taint()))); // $hasTaintFlow
sink(untaintedSubst.replace(new StringBuffer(taint()), 0, 0)); // $hasTaintFlow

// Test static replace methods:
sink(StrSubstitutor.replace(taint(), new HashMap<String, String>())); // $hasTaintFlow=y
sink(StrSubstitutor.replace(taint(), new HashMap<String, String>(), "{", "}")); // $hasTaintFlow=y
sink(StrSubstitutor.replace("input", taintedMap)); // $hasTaintFlow=y
sink(StrSubstitutor.replace("input", taintedMap, "{", "}")); // $hasTaintFlow=y
sink(StrSubstitutor.replace(taint(), new HashMap<String, String>())); // $hasTaintFlow
sink(StrSubstitutor.replace(taint(), new HashMap<String, String>(), "{", "}")); // $hasTaintFlow
sink(StrSubstitutor.replace("input", taintedMap)); // $hasTaintFlow
sink(StrSubstitutor.replace("input", taintedMap, "{", "}")); // $hasTaintFlow
Properties taintedProps = new Properties();
taintedProps.put("key", taint());
sink(StrSubstitutor.replace(taint(), new Properties())); // $hasTaintFlow=y
sink(StrSubstitutor.replace("input", taintedProps)); // $hasTaintFlow=y
sink(StrSubstitutor.replace(taint(), new Properties())); // $hasTaintFlow
sink(StrSubstitutor.replace("input", taintedProps)); // $hasTaintFlow

// Test replaceIn methods:
StrBuilder strBuilder1 = new StrBuilder(); taintedSubst.replaceIn(strBuilder1); sink(strBuilder1.toString()); // $hasTaintFlow=y
StrBuilder strBuilder2 = new StrBuilder(); taintedSubst.replaceIn(strBuilder2, 0, 0); sink(strBuilder2.toString()); // $hasTaintFlow=y
StringBuilder stringBuilder1 = new StringBuilder(); taintedSubst.replaceIn(stringBuilder1); sink(stringBuilder1.toString()); // $hasTaintFlow=y
StringBuilder stringBuilder2 = new StringBuilder(); taintedSubst.replaceIn(stringBuilder2, 0, 0); sink(stringBuilder2.toString()); // $hasTaintFlow=y
StringBuffer stringBuffer1 = new StringBuffer(); taintedSubst.replaceIn(stringBuffer1); sink(stringBuffer1.toString()); // $hasTaintFlow=y
StringBuffer stringBuffer2 = new StringBuffer(); taintedSubst.replaceIn(stringBuffer2, 0, 0); sink(stringBuffer2.toString()); // $hasTaintFlow=y
StrBuilder strBuilder1 = new StrBuilder(); taintedSubst.replaceIn(strBuilder1); sink(strBuilder1.toString()); // $hasTaintFlow
StrBuilder strBuilder2 = new StrBuilder(); taintedSubst.replaceIn(strBuilder2, 0, 0); sink(strBuilder2.toString()); // $hasTaintFlow
StringBuilder stringBuilder1 = new StringBuilder(); taintedSubst.replaceIn(stringBuilder1); sink(stringBuilder1.toString()); // $hasTaintFlow
StringBuilder stringBuilder2 = new StringBuilder(); taintedSubst.replaceIn(stringBuilder2, 0, 0); sink(stringBuilder2.toString()); // $hasTaintFlow
StringBuffer stringBuffer1 = new StringBuffer(); taintedSubst.replaceIn(stringBuffer1); sink(stringBuffer1.toString()); // $hasTaintFlow
StringBuffer stringBuffer2 = new StringBuffer(); taintedSubst.replaceIn(stringBuffer2, 0, 0); sink(stringBuffer2.toString()); // $hasTaintFlow
}

}
}
54 changes: 27 additions & 27 deletions java/ql/test/library-tests/frameworks/apache-commons-lang3/StrTokenizerTest.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,38 +9,38 @@ void sink(Object o) {}
void test() throws Exception {

// Test constructors:
sink((new StrTokenizer(taint().toCharArray())).toString()); // $hasTaintFlow=y
sink((new StrTokenizer(taint().toCharArray(), ',')).toString()); // $hasTaintFlow=y
sink((new StrTokenizer(taint().toCharArray(), ',', '"')).toString()); // $hasTaintFlow=y
sink((new StrTokenizer(taint().toCharArray(), ",")).toString()); // $hasTaintFlow=y
sink((new StrTokenizer(taint().toCharArray(), (StrMatcher)null)).toString()); // $hasTaintFlow=y
sink((new StrTokenizer(taint().toCharArray(), (StrMatcher)null, (StrMatcher)null)).toString()); // $hasTaintFlow=y
sink((new StrTokenizer(taint())).toString()); // $hasTaintFlow=y
sink((new StrTokenizer(taint(), ',')).toString()); // $hasTaintFlow=y
sink((new StrTokenizer(taint(), ',', '"')).toString()); // $hasTaintFlow=y
sink((new StrTokenizer(taint(), ",")).toString()); // $hasTaintFlow=y
sink((new StrTokenizer(taint(), (StrMatcher)null)).toString()); // $hasTaintFlow=y
sink((new StrTokenizer(taint(), (StrMatcher)null, (StrMatcher)null)).toString()); // $hasTaintFlow=y
sink((new StrTokenizer(taint().toCharArray())).toString()); // $hasTaintFlow
sink((new StrTokenizer(taint().toCharArray(), ',')).toString()); // $hasTaintFlow
sink((new StrTokenizer(taint().toCharArray(), ',', '"')).toString()); // $hasTaintFlow
sink((new StrTokenizer(taint().toCharArray(), ",")).toString()); // $hasTaintFlow
sink((new StrTokenizer(taint().toCharArray(), (StrMatcher)null)).toString()); // $hasTaintFlow
sink((new StrTokenizer(taint().toCharArray(), (StrMatcher)null, (StrMatcher)null)).toString()); // $hasTaintFlow
sink((new StrTokenizer(taint())).toString()); // $hasTaintFlow
sink((new StrTokenizer(taint(), ',')).toString()); // $hasTaintFlow
sink((new StrTokenizer(taint(), ',', '"')).toString()); // $hasTaintFlow
sink((new StrTokenizer(taint(), ",")).toString()); // $hasTaintFlow
sink((new StrTokenizer(taint(), (StrMatcher)null)).toString()); // $hasTaintFlow
sink((new StrTokenizer(taint(), (StrMatcher)null, (StrMatcher)null)).toString()); // $hasTaintFlow

// Test constructing static methods:
sink(StrTokenizer.getCSVInstance(taint().toCharArray()).toString()); // $hasTaintFlow=y
sink(StrTokenizer.getCSVInstance(taint()).toString()); // $hasTaintFlow=y
sink(StrTokenizer.getTSVInstance(taint().toCharArray()).toString()); // $hasTaintFlow=y
sink(StrTokenizer.getTSVInstance(taint()).toString()); // $hasTaintFlow=y
sink(StrTokenizer.getCSVInstance(taint().toCharArray()).toString()); // $hasTaintFlow
sink(StrTokenizer.getCSVInstance(taint()).toString()); // $hasTaintFlow
sink(StrTokenizer.getTSVInstance(taint().toCharArray()).toString()); // $hasTaintFlow
sink(StrTokenizer.getTSVInstance(taint()).toString()); // $hasTaintFlow

// Test accessors:
sink((new StrTokenizer(taint())).clone()); // $hasTaintFlow=y
sink((new StrTokenizer(taint())).getContent()); // $hasTaintFlow=y
sink((new StrTokenizer(taint())).getTokenArray()); // $hasTaintFlow=y
sink((new StrTokenizer(taint())).getTokenList()); // $hasTaintFlow=y
sink((new StrTokenizer(taint())).next()); // $hasTaintFlow=y
sink((new StrTokenizer(taint())).nextToken()); // $hasTaintFlow=y
sink((new StrTokenizer(taint())).previous()); // $hasTaintFlow=y
sink((new StrTokenizer(taint())).previousToken()); // $hasTaintFlow=y
sink((new StrTokenizer(taint())).clone()); // $hasTaintFlow
sink((new StrTokenizer(taint())).getContent()); // $hasTaintFlow
sink((new StrTokenizer(taint())).getTokenArray()); // $hasTaintFlow
sink((new StrTokenizer(taint())).getTokenList()); // $hasTaintFlow
sink((new StrTokenizer(taint())).next()); // $hasTaintFlow
sink((new StrTokenizer(taint())).nextToken()); // $hasTaintFlow
sink((new StrTokenizer(taint())).previous()); // $hasTaintFlow
sink((new StrTokenizer(taint())).previousToken()); // $hasTaintFlow

// Test mutators:
sink((new StrTokenizer()).reset(taint().toCharArray()).toString()); // $hasTaintFlow=y
sink((new StrTokenizer()).reset(taint()).toString()); // $hasTaintFlow=y
sink((new StrTokenizer()).reset(taint().toCharArray()).toString()); // $hasTaintFlow
sink((new StrTokenizer()).reset(taint()).toString()); // $hasTaintFlow

}
}
}
Loading