Fix test

ggolawski · ggolawski · commit 37f4410764ca · 2020-08-30T22:32:57.000+02:00
diff --git a/java/ql/test/experimental/query-tests/security/CWE-074/XsltInjection.expected b/java/ql/test/experimental/query-tests/security/CWE-074/XsltInjection.expected
diff --git a/java/ql/test/experimental/query-tests/security/CWE-074/XsltInjection.java b/java/ql/test/experimental/query-tests/security/CWE-074/XsltInjection.java
@@ -15,6 +15,7 @@
 import javax.xml.transform.stream.StreamResult;
 import javax.xml.transform.stream.StreamSource;
 
+import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RequestParam;
 import org.xml.sax.InputSource;
 
@@ -33,6 +34,7 @@ public void testStreamSourceReader(Socket socket) throws Exception {
     TransformerFactory.newInstance().newTemplates(source).newTransformer().transform(null, null);
   }
 
+  @RequestMapping
   public void testStreamSourceInjectedParam(@RequestParam String param) throws Exception {
     String xslt = "<xsl:stylesheet [...]" + param + "</xsl:stylesheet>";
     StreamSource source = new StreamSource(new StringReader(xslt));
@@ -95,6 +97,7 @@ public void testSaxon(Socket socket) throws Exception {
     compiler.compile(source).load30().callTemplate(null, null);
   }
 
+  @RequestMapping
   public void testSaxonXsltPackage(@RequestParam String param, Socket socket) throws Exception {
     URI uri = new URI(param);
     StreamSource source = new StreamSource(socket.getInputStream());
diff --git a/java/ql/test/experimental/query-tests/security/CWE-074/options b/java/ql/test/experimental/query-tests/security/CWE-074/options
@@ -1 +1 @@
-//semmle-extractor-options: --javac-args -cp ${testdir}/../../../stubs/springframework-5.2.3:${testdir}/../../../stubs/Saxon-HE-9.9.1-7
+//semmle-extractor-options: --javac-args -cp ${testdir}/../../../../stubs/springframework-5.2.3:${testdir}/../../../stubs/Saxon-HE-9.9.1-7
diff --git a/java/ql/test/experimental/stubs/springframework-5.2.3/org/springframework/web/bind/annotation/RequestParam.java b/java/ql/test/experimental/stubs/springframework-5.2.3/org/springframework/web/bind/annotation/RequestParam.java
diff --git a/java/ql/test/stubs/springframework-5.2.3/org/springframework/web/bind/annotation/Mapping.java b/java/ql/test/stubs/springframework-5.2.3/org/springframework/web/bind/annotation/Mapping.java
@@ -0,0 +1,7 @@
+package org.springframework.web.bind.annotation;
+
+import java.lang.annotation.*;
+
+@Target({ElementType.ANNOTATION_TYPE})
+@Retention(RetentionPolicy.RUNTIME)
+public @interface Mapping { }
diff --git a/java/ql/test/stubs/springframework-5.2.3/org/springframework/web/bind/annotation/RequestMapping.java b/java/ql/test/stubs/springframework-5.2.3/org/springframework/web/bind/annotation/RequestMapping.java
@@ -0,0 +1,9 @@
+package org.springframework.web.bind.annotation;
+
+import java.lang.annotation.*;
+
+@Target({ElementType.TYPE, ElementType.METHOD})
+@Retention(RetentionPolicy.RUNTIME)
+@Documented
+@Mapping
+public @interface RequestMapping { }

Original file line number	Diff line number	Diff line change
`@@ -1 +1 @@`
`1`		`-//semmle-extractor-options: --javac-args -cp ${testdir}/../../../stubs/springframework-5.2.3:${testdir}/../../../stubs/Saxon-HE-9.9.1-7`
	`1`	`+//semmle-extractor-options: --javac-args -cp ${testdir}/../../../../stubs/springframework-5.2.3:${testdir}/../../../stubs/Saxon-HE-9.9.1-7`