Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit 28647b2

Browse files
joefarebrotherjoefarebrother
committed
Java: Add tests
1 parent e196c75 commit 28647b2

7 files changed

Lines changed: 311 additions & 0 deletions

File tree

java/ql/test/library-tests/frameworks/guava/Test.java

Lines changed: 60 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,60 @@
1+
2+
import com.google.common.base.Strings;
3+
import com.google.common.base.Splitter;
4+
import com.google.common.base.Joiner;
5+
6+
import java.util.Map;
7+
import java.util.HashMap;
8+
9+
class Test {
10+
String taint() { return "tainted"; }
11+
12+
void test1() {
13+
String x = taint();
14+
15+
Strings.padStart(x, 10, ' ');
16+
Strings.padEnd(x, 10, ' ');
17+
Strings.repeat(x, 3);
18+
Strings.emptyToNull(Strings.nullToEmpty(x));
19+
Strings.lenientFormat(x, 3);
20+
Strings.commonPrefix(x, "abc");
21+
Strings.commonSuffix(x, "cde");
22+
Strings.lenientFormat("%s = %s", x, 3);
23+
}
24+
25+
void test2() {
26+
String x = taint();
27+
Splitter s = Splitter.on(x).omitEmptyStrings();
28+
29+
s.split("x y z");
30+
s.split(x);
31+
s.splitToList(x);
32+
s.withKeyValueSeparator("=").split("a=b");
33+
s.withKeyValueSeparator("=").split(x);
34+
}
35+
36+
void test3() {
37+
String x = taint();
38+
Joiner j1 = Joiner.on(x);
39+
Joiner j2 = Joiner.on(", ");
40+
41+
StringBuilder sb = new StringBuilder();
42+
j2.appendTo(sb, "a", "b", "c");
43+
sb.toString();
44+
j1.appendTo(sb, "a", "b", "c");
45+
sb.toString();
46+
j2.appendTo(sb, "a", "b", "c");
47+
sb.toString();
48+
49+
sb = new StringBuilder();
50+
j2.appendTo(sb, x, x);
51+
52+
Map<String, String> m = new HashMap<String, String>();
53+
m.put("k", "v");
54+
j2.withKeyValueSeparator("=").join(m);
55+
j2.withKeyValueSeparator(x).join(m);
56+
j1.useForNull("(null)").withKeyValueSeparator("=").join(m);
57+
m.put("k2", x);
58+
j2.withKeyValueSeparator("=").join(m);
59+
}
60+
}

java/ql/test/library-tests/frameworks/guava/flow.expected

Lines changed: 75 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,75 @@
1+
| Test.java:13:20:13:26 | taint(...) | ../../../stubs/guava-29.0/com/google/common/base/Strings.java:18:36:18:48 | string |
2+
| Test.java:13:20:13:26 | taint(...) | ../../../stubs/guava-29.0/com/google/common/base/Strings.java:22:36:22:48 | string |
3+
| Test.java:13:20:13:26 | taint(...) | ../../../stubs/guava-29.0/com/google/common/base/Strings.java:30:33:30:45 | string |
4+
| Test.java:13:20:13:26 | taint(...) | ../../../stubs/guava-29.0/com/google/common/base/Strings.java:34:31:34:43 | string |
5+
| Test.java:13:20:13:26 | taint(...) | ../../../stubs/guava-29.0/com/google/common/base/Strings.java:38:31:38:43 | string |
6+
| Test.java:13:20:13:26 | taint(...) | ../../../stubs/guava-29.0/com/google/common/base/Strings.java:42:37:42:50 | a |
7+
| Test.java:13:20:13:26 | taint(...) | ../../../stubs/guava-29.0/com/google/common/base/Strings.java:46:37:46:50 | a |
8+
| Test.java:13:20:13:26 | taint(...) | ../../../stubs/guava-29.0/com/google/common/base/Strings.java:50:38:50:52 | template |
9+
| Test.java:13:20:13:26 | taint(...) | ../../../stubs/guava-29.0/com/google/common/base/Strings.java:50:55:50:69 | args |
10+
| Test.java:13:20:13:26 | taint(...) | Test.java:13:20:13:26 | taint(...) |
11+
| Test.java:13:20:13:26 | taint(...) | Test.java:15:9:15:36 | padStart(...) |
12+
| Test.java:13:20:13:26 | taint(...) | Test.java:15:26:15:26 | x |
13+
| Test.java:13:20:13:26 | taint(...) | Test.java:16:9:16:34 | padEnd(...) |
14+
| Test.java:13:20:13:26 | taint(...) | Test.java:16:24:16:24 | x |
15+
| Test.java:13:20:13:26 | taint(...) | Test.java:17:9:17:28 | repeat(...) |
16+
| Test.java:13:20:13:26 | taint(...) | Test.java:17:24:17:24 | x |
17+
| Test.java:13:20:13:26 | taint(...) | Test.java:18:9:18:51 | emptyToNull(...) |
18+
| Test.java:13:20:13:26 | taint(...) | Test.java:18:29:18:50 | nullToEmpty(...) |
19+
| Test.java:13:20:13:26 | taint(...) | Test.java:18:49:18:49 | x |
20+
| Test.java:13:20:13:26 | taint(...) | Test.java:19:9:19:35 | lenientFormat(...) |
21+
| Test.java:13:20:13:26 | taint(...) | Test.java:19:31:19:31 | x |
22+
| Test.java:13:20:13:26 | taint(...) | Test.java:20:30:20:30 | x |
23+
| Test.java:13:20:13:26 | taint(...) | Test.java:21:30:21:30 | x |
24+
| Test.java:13:20:13:26 | taint(...) | Test.java:22:9:22:46 | lenientFormat(...) |
25+
| Test.java:13:20:13:26 | taint(...) | Test.java:22:9:22:46 | new ..[] { .. } |
26+
| Test.java:13:20:13:26 | taint(...) | Test.java:22:42:22:42 | x |
27+
| Test.java:26:20:26:26 | taint(...) | ../../../stubs/guava-29.0/com/google/common/base/Splitter.java:23:29:23:50 | separator |
28+
| Test.java:26:20:26:26 | taint(...) | ../../../stubs/guava-29.0/com/google/common/base/Splitter.java:31:33:31:59 | sequence |
29+
| Test.java:26:20:26:26 | taint(...) | ../../../stubs/guava-29.0/com/google/common/base/Splitter.java:35:35:35:55 | sequence |
30+
| Test.java:26:20:26:26 | taint(...) | ../../../stubs/guava-29.0/com/google/common/base/Splitter.java:44:38:44:58 | sequence |
31+
| Test.java:26:20:26:26 | taint(...) | Test.java:26:20:26:26 | taint(...) |
32+
| Test.java:26:20:26:26 | taint(...) | Test.java:27:34:27:34 | x |
33+
| Test.java:26:20:26:26 | taint(...) | Test.java:30:9:30:18 | split(...) |
34+
| Test.java:26:20:26:26 | taint(...) | Test.java:30:17:30:17 | x |
35+
| Test.java:26:20:26:26 | taint(...) | Test.java:31:9:31:24 | splitToList(...) |
36+
| Test.java:26:20:26:26 | taint(...) | Test.java:31:23:31:23 | x |
37+
| Test.java:26:20:26:26 | taint(...) | Test.java:33:9:33:45 | split(...) |
38+
| Test.java:26:20:26:26 | taint(...) | Test.java:33:44:33:44 | x |
39+
| Test.java:37:20:37:26 | taint(...) | ../../../stubs/guava-29.0/com/google/common/base/Joiner.java:21:27:21:42 | separator |
40+
| Test.java:37:20:37:26 | taint(...) | ../../../stubs/guava-29.0/com/google/common/base/Joiner.java:25:30:25:37 | parameter this |
41+
| Test.java:37:20:37:26 | taint(...) | ../../../stubs/guava-29.0/com/google/common/base/Joiner.java:25:39:25:59 | builder |
42+
| Test.java:37:20:37:26 | taint(...) | ../../../stubs/guava-29.0/com/google/common/base/Joiner.java:25:62:25:73 | first |
43+
| Test.java:37:20:37:26 | taint(...) | ../../../stubs/guava-29.0/com/google/common/base/Joiner.java:25:76:25:88 | second |
44+
| Test.java:37:20:37:26 | taint(...) | ../../../stubs/guava-29.0/com/google/common/base/Joiner.java:33:17:33:26 | parameter this |
45+
| Test.java:37:20:37:26 | taint(...) | ../../../stubs/guava-29.0/com/google/common/base/Joiner.java:41:20:41:40 | parameter this |
46+
| Test.java:37:20:37:26 | taint(...) | ../../../stubs/guava-29.0/com/google/common/base/Joiner.java:41:42:41:65 | keyValueSeparator |
47+
| Test.java:37:20:37:26 | taint(...) | ../../../stubs/guava-29.0/com/google/common/base/Joiner.java:50:19:50:22 | parameter this |
48+
| Test.java:37:20:37:26 | taint(...) | ../../../stubs/guava-29.0/com/google/common/base/Joiner.java:50:24:50:36 | map |
49+
| Test.java:37:20:37:26 | taint(...) | Test.java:37:20:37:26 | taint(...) |
50+
| Test.java:37:20:37:26 | taint(...) | Test.java:38:21:38:32 | on(...) |
51+
| Test.java:37:20:37:26 | taint(...) | Test.java:38:31:38:31 | x |
52+
| Test.java:37:20:37:26 | taint(...) | Test.java:44:9:44:10 | j1 |
53+
| Test.java:37:20:37:26 | taint(...) | Test.java:44:9:44:38 | appendTo(...) |
54+
| Test.java:37:20:37:26 | taint(...) | Test.java:44:21:44:22 | sb [post update] |
55+
| Test.java:37:20:37:26 | taint(...) | Test.java:45:9:45:10 | sb |
56+
| Test.java:37:20:37:26 | taint(...) | Test.java:45:9:45:21 | toString(...) |
57+
| Test.java:37:20:37:26 | taint(...) | Test.java:46:9:46:38 | appendTo(...) |
58+
| Test.java:37:20:37:26 | taint(...) | Test.java:46:21:46:22 | sb |
59+
| Test.java:37:20:37:26 | taint(...) | Test.java:47:9:47:10 | sb |
60+
| Test.java:37:20:37:26 | taint(...) | Test.java:47:9:47:21 | toString(...) |
61+
| Test.java:37:20:37:26 | taint(...) | Test.java:50:9:50:29 | appendTo(...) |
62+
| Test.java:37:20:37:26 | taint(...) | Test.java:50:21:50:22 | sb [post update] |
63+
| Test.java:37:20:37:26 | taint(...) | Test.java:50:25:50:25 | x |
64+
| Test.java:37:20:37:26 | taint(...) | Test.java:50:28:50:28 | x |
65+
| Test.java:37:20:37:26 | taint(...) | Test.java:55:9:55:35 | withKeyValueSeparator(...) |
66+
| Test.java:37:20:37:26 | taint(...) | Test.java:55:9:55:43 | join(...) |
67+
| Test.java:37:20:37:26 | taint(...) | Test.java:55:34:55:34 | x |
68+
| Test.java:37:20:37:26 | taint(...) | Test.java:56:9:56:10 | j1 |
69+
| Test.java:37:20:37:26 | taint(...) | Test.java:56:9:56:31 | useForNull(...) |
70+
| Test.java:37:20:37:26 | taint(...) | Test.java:56:9:56:58 | withKeyValueSeparator(...) |
71+
| Test.java:37:20:37:26 | taint(...) | Test.java:56:9:56:66 | join(...) |
72+
| Test.java:37:20:37:26 | taint(...) | Test.java:57:9:57:9 | m [post update] |
73+
| Test.java:37:20:37:26 | taint(...) | Test.java:57:21:57:21 | x |
74+
| Test.java:37:20:37:26 | taint(...) | Test.java:58:9:58:45 | join(...) |
75+
| Test.java:37:20:37:26 | taint(...) | Test.java:58:44:58:44 | m |

java/ql/test/library-tests/frameworks/guava/flow.ql

Lines changed: 16 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,16 @@
1+
import java
2+
import semmle.code.java.dataflow.TaintTracking
3+
4+
class Conf extends TaintTracking::Configuration {
5+
Conf() { this = "qltest:frameworks:guava" }
6+
7+
override predicate isSource(DataFlow::Node n) {
8+
n.asExpr().(MethodAccess).getMethod().hasName("taint")
9+
}
10+
11+
override predicate isSink(DataFlow::Node n) { any() }
12+
}
13+
14+
from DataFlow::Node src, DataFlow::Node sink, Conf conf
15+
where conf.hasFlow(src, sink)
16+
select src, sink

java/ql/test/library-tests/frameworks/guava/options

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1 @@
1+
//semmle-extractor-options: --javac-args -cp ${testdir}/../../../stubs/guava-29.0

java/ql/test/stubs/guava-29.0/com/google/common/base/Joiner.java

Lines changed: 58 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,58 @@
1+
/*
2+
* Copyright (C) 2008 The Guava Authors
3+
*
4+
* Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except
5+
* in compliance with the License. You may obtain a copy of the License at
6+
*
7+
* http://www.apache.org/licenses/LICENSE-2.0
8+
*
9+
* Unless required by applicable law or agreed to in writing, software distributed under the License
10+
* is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
11+
* or implied. See the License for the specific language governing permissions and limitations under
12+
* the License.
13+
*/
14+
15+
package com.google.common.base;
16+
17+
import java.util.Iterator;
18+
import java.util.Map;
19+
20+
public class Joiner {
21+
public static Joiner on(String separator) {
22+
return null;
23+
}
24+
25+
public final StringBuilder appendTo(StringBuilder builder, Object first, Object second, Object... rest) {
26+
return null;
27+
}
28+
29+
public final String join(Object first, Object second, Object... rest) {
30+
return null;
31+
}
32+
33+
public Joiner useForNull(final String nullText) {
34+
return null;
35+
}
36+
37+
public Joiner skipNulls() {
38+
return null;
39+
}
40+
41+
public MapJoiner withKeyValueSeparator(String keyValueSeparator) {
42+
return null;
43+
}
44+
45+
public static final class MapJoiner {
46+
public StringBuilder appendTo(StringBuilder builder, Map<?, ?> map) {
47+
return null;
48+
}
49+
50+
public String join(Map<?, ?> map) {
51+
return null;
52+
}
53+
54+
public MapJoiner useForNull(String nullText) {
55+
return null;
56+
}
57+
}
58+
}

java/ql/test/stubs/guava-29.0/com/google/common/base/Splitter.java

Lines changed: 48 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,48 @@
1+
/*
2+
* Copyright (C) 2009 The Guava Authors
3+
*
4+
* Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except
5+
* in compliance with the License. You may obtain a copy of the License at
6+
*
7+
* http://www.apache.org/licenses/LICENSE-2.0
8+
*
9+
* Unless required by applicable law or agreed to in writing, software distributed under the License
10+
* is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
11+
* or implied. See the License for the specific language governing permissions and limitations under
12+
* the License.
13+
*/
14+
15+
package com.google.common.base;
16+
17+
import java.util.Iterator;
18+
import java.util.List;
19+
import java.util.Map;
20+
21+
public final class Splitter {
22+
23+
public static Splitter on(final String separator) {
24+
return null;
25+
}
26+
27+
public Splitter omitEmptyStrings() {
28+
return null;;
29+
}
30+
31+
public Iterable<String> split(final CharSequence sequence) {
32+
return null;
33+
}
34+
35+
public List<String> splitToList(CharSequence sequence) {
36+
return null;
37+
}
38+
39+
public MapSplitter withKeyValueSeparator(String separator) {
40+
return null;
41+
}
42+
43+
public static final class MapSplitter {
44+
public Map<String, String> split(CharSequence sequence) {
45+
return null;
46+
}
47+
}
48+
}

java/ql/test/stubs/guava-29.0/com/google/common/base/Strings.java

Lines changed: 53 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,53 @@
1+
/*
2+
* Copyright (C) 2010 The Guava Authors
3+
*
4+
* Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except
5+
* in compliance with the License. You may obtain a copy of the License at
6+
*
7+
* http://www.apache.org/licenses/LICENSE-2.0
8+
*
9+
* Unless required by applicable law or agreed to in writing, software distributed under the License
10+
* is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
11+
* or implied. See the License for the specific language governing permissions and limitations under
12+
* the License.
13+
*/
14+
15+
package com.google.common.base;
16+
17+
public final class Strings {
18+
public static String nullToEmpty(String string) {
19+
return null;
20+
}
21+
22+
public static String emptyToNull(String string) {
23+
return null;
24+
}
25+
26+
public static boolean isNullOrEmpty(String string) {
27+
return true;
28+
}
29+
30+
public static String padStart(String string, int minLength, char padChar) {
31+
return null;
32+
}
33+
34+
public static String padEnd(String string, int minLength, char padChar) {
35+
return null;
36+
}
37+
38+
public static String repeat(String string, int count) {
39+
return null;
40+
}
41+
42+
public static String commonPrefix(CharSequence a, CharSequence b) {
43+
return null;
44+
}
45+
46+
public static String commonSuffix(CharSequence a, CharSequence b) {
47+
return null;
48+
}
49+
50+
public static String lenientFormat(String template, Object ... args) {
51+
return null;
52+
}
53+
}

0 commit comments

Comments
 (0)