update test files

am0o0 · am0o0 · commit 484923e70649 · 2024-05-12T18:21:17.000+02:00
diff --git a/java/ql/test/experimental/query-tests/security/CWE-522-DecompressionBombs/src/main/java/com/Bombs/CommonsCompressHandler.java b/java/ql/test/experimental/query-tests/security/CWE-522-DecompressionBombs/src/main/java/com/Bombs/CommonsCompressHandler.java
@@ -42,7 +42,7 @@ public static void commonsCompressorInputStream(InputStream inputStream) throws
         new org.apache.commons.compress.compressors.gzip.GzipCompressorInputStream(in)) {
       File f = new File("tmpfile");
       try (OutputStream o = Files.newOutputStream(f.toPath())) {
-        IOUtils.copy(gzIn2, o);
+        IOUtils.copy(gzIn2, o);  // BAD
       }
     } catch (IOException e) {
       throw new RuntimeException(e);
@@ -63,7 +63,7 @@ static void commonsCompressArchiveInputStream(InputStream inputStream) throws Ar
         }
         File f = new File("tmpfile");
         try (OutputStream o = Files.newOutputStream(f.toPath())) {
-          IOUtils.copy(zipInputStream, o);
+          IOUtils.copy(zipInputStream, o);  // BAD
         }
       }
     } catch (IOException e) {
@@ -83,7 +83,7 @@ static void commonsCompressArchiveInputStream2(InputStream inputStream) {
         File f = new File("tmpfile");
         try (OutputStream outputStream = new FileOutputStream(f)) {
           int readLen;
-          while ((readLen = zipInputStream.read(readBuffer)) != -1) {
+          while ((readLen = zipInputStream.read(readBuffer)) != -1) {  // BAD
             outputStream.write(readBuffer, 0, readLen);
           }
         }
@@ -106,7 +106,7 @@ static void commonsCompressArchiveStreamFactory(InputStream inputStream)
       File f = new File("tmpfile");
       try (OutputStream outputStream = new FileOutputStream(f)) {
         int readLen;
-        while ((readLen = zipInputStream.read(readBuffer)) != -1) {
+        while ((readLen = zipInputStream.read(readBuffer)) != -1) {  // BAD
           outputStream.write(readBuffer, 0, readLen);
         }
       }
@@ -121,7 +121,7 @@ static void commonsCompressCompressorStreamFactory(InputStream inputStream)
     int buffersize = 4096;
     final byte[] buffer = new byte[buffersize];
     int n = 0;
-    while (-1 != (n = in.read(buffer))) {
+    while (-1 != (n = in.read(buffer))) {  // BAD
       out.write(buffer, 0, n);
     }
     out.close();
diff --git a/java/ql/test/experimental/query-tests/security/CWE-522-DecompressionBombs/src/main/java/com/Bombs/HelloServlet.java b/java/ql/test/experimental/query-tests/security/CWE-522-DecompressionBombs/src/main/java/com/Bombs/HelloServlet.java
@@ -2,6 +2,7 @@
 
 import org.apache.commons.compress.archivers.ArchiveException;
 import org.apache.commons.compress.compressors.CompressorException;
+import org.apache.commons.io.IOUtils;
 
 import static com.Bombs.CommonsCompressHandler.*;
 import static com.Bombs.SnappyHandler.*;
@@ -21,57 +22,63 @@
 import javax.servlet.http.Part;
 
 @WebServlet(
-    name = "helloServlet",
-    urlPatterns = {"/hello-servlet"})
+        name = "helloServlet",
+        urlPatterns = {"/hello-servlet"})
 @MultipartConfig()
 public class HelloServlet extends HttpServlet {
 
-  public void init() {}
-
-  public void doPost(HttpServletRequest request, HttpServletResponse response)
-      throws IOException, ServletException {
-    response.setContentType("text/html");
-    Part remoteFile = request.getPart("zipFile");
-    // Zip
-    ZipInputStreamSafe2(remoteFile.getInputStream());
-    ZipInputStreamSafe(request.getPart("zipFile").getInputStream());
-    ZipInputStreamUnsafe(remoteFile.getInputStream());
-    GZipInputStreamUnsafe(request.getPart("zipFile").getInputStream());
-    InflaterInputStreamUnsafe(request.getPart("zipFile").getInputStream());
-    try {
-      InflaterUnsafe(request.getParameter("data").getBytes(StandardCharsets.UTF_8));
-    } catch (DataFormatException e) {
-      throw new RuntimeException(e);
-    }
-    try {
-      ZipFile1(request.getParameter("zipFileName"));
-    } catch (DataFormatException e) {
-      throw new RuntimeException(e);
+    public void init() {
     }
 
-    // Zip4j
-    zip4jZipInputStream(remoteFile.getInputStream());
-    zip4jZipInputStreamSafe(remoteFile.getInputStream());
-    // SnappyZip
-    SnappyZipInputStream(remoteFile.getInputStream());
-    // apache Commons
-    commonsCompressArchiveInputStream2(remoteFile.getInputStream());
-    commonsCompressorInputStream(remoteFile.getInputStream());
-    try {
-      commonsCompressArchiveInputStream(remoteFile.getInputStream());
-      commonsCompressArchiveStreamFactory(remoteFile.getInputStream());
-    } catch (ArchiveException e) {
-      throw new RuntimeException(e);
-    }
-    try {
-      commonsCompressCompressorStreamFactory(remoteFile.getInputStream());
-    } catch (CompressorException e) {
-      throw new RuntimeException(e);
-    }
+    public void doPost(HttpServletRequest request, HttpServletResponse response)
+            throws IOException, ServletException {
+        response.setContentType("text/html");
+        Part remoteFile = request.getPart("zipFile");
+        // Zip
+        ZipInputStreamSafe2(remoteFile.getInputStream());
+        ZipInputStreamSafe(request.getPart("zipFile").getInputStream());
+        ZipInputStreamUnsafe(remoteFile.getInputStream());
+        GZipInputStreamUnsafe(request.getPart("zipFile").getInputStream());
+        InflaterInputStreamUnsafe(request.getPart("zipFile").getInputStream());
+        try {
+            InflaterUnsafe(request.getParameter("data").getBytes(StandardCharsets.UTF_8));
+        } catch (DataFormatException e) {
+            throw new RuntimeException(e);
+        }
+        try {
+            ZipFile1(request.getParameter("zipFileName"));
+        } catch (DataFormatException e) {
+            throw new RuntimeException(e);
+        }
 
-    PrintWriter out = response.getWriter();
-    out.println("<html><body>end</body></html>");
-  }
+        // Zip4j
+        zip4jZipInputStream(remoteFile.getInputStream());
+        zip4jZipInputStreamSafe(remoteFile.getInputStream());
+        // SnappyZip
+        SnappyZipInputStream(remoteFile.getInputStream());
+        // apache Commons
+        commonsCompressArchiveInputStream2(remoteFile.getInputStream());
+        commonsCompressorInputStream(remoteFile.getInputStream());
+        try {
+            commonsCompressArchiveInputStream(remoteFile.getInputStream());
+            commonsCompressArchiveStreamFactory(remoteFile.getInputStream());
+        } catch (ArchiveException e) {
+            throw new RuntimeException(e);
+        }
+        try {
+            commonsCompressCompressorStreamFactory(remoteFile.getInputStream());
+        } catch (CompressorException e) {
+            throw new RuntimeException(e);
+        }
 
-  public void destroy() {}
+        // FP
+        String xmlResult = IOUtils.toString(request.getInputStream(), request.getCharacterEncoding());
+        byte[] inputStreamResult = request.getInputStream().readAllBytes();
+
+        PrintWriter out = response.getWriter();
+        out.println("<html><body>end</body></html>");
+    }
+
+    public void destroy() {
+    }
 }
diff --git a/java/ql/test/experimental/query-tests/security/CWE-522-DecompressionBombs/src/main/java/com/Bombs/ZipHandler.java b/java/ql/test/experimental/query-tests/security/CWE-522-DecompressionBombs/src/main/java/com/Bombs/ZipHandler.java
@@ -162,10 +162,10 @@ public static void ZipFile1(String zipFilePath) throws DataFormatException, IOEx
 
           try (InputStream inputStream = zipFile.getInputStream(entry);
               FileOutputStream outputStream = new FileOutputStream(destPath); ) {
-            int data = inputStream.read();
+            int data = inputStream.read();  // BAD
             while (data != -1) {
               outputStream.write(data);
-              data = inputStream.read();
+              data = inputStream.read(); // BAD
             }
           }
           System.out.println("file : " + entry.getName() + " => " + destPath);

Original file line number	Diff line number	Diff line change
`@@ -42,7 +42,7 @@ public static void commonsCompressorInputStream(InputStream inputStream) throws`
`42`	`42`	`new org.apache.commons.compress.compressors.gzip.GzipCompressorInputStream(in)) {`
`43`	`43`	`File f = new File("tmpfile");`
`44`	`44`	`try (OutputStream o = Files.newOutputStream(f.toPath())) {`
`45`		`- IOUtils.copy(gzIn2, o);`
	`45`	`+ IOUtils.copy(gzIn2, o); // BAD`
`46`	`46`	`}`
`47`	`47`	`} catch (IOException e) {`
`48`	`48`	`throw new RuntimeException(e);`
`@@ -63,7 +63,7 @@ static void commonsCompressArchiveInputStream(InputStream inputStream) throws Ar`
`63`	`63`	`}`
`64`	`64`	`File f = new File("tmpfile");`
`65`	`65`	`try (OutputStream o = Files.newOutputStream(f.toPath())) {`
`66`		`- IOUtils.copy(zipInputStream, o);`
	`66`	`+ IOUtils.copy(zipInputStream, o); // BAD`
`67`	`67`	`}`
`68`	`68`	`}`
`69`	`69`	`} catch (IOException e) {`
`@@ -83,7 +83,7 @@ static void commonsCompressArchiveInputStream2(InputStream inputStream) {`
`83`	`83`	`File f = new File("tmpfile");`
`84`	`84`	`try (OutputStream outputStream = new FileOutputStream(f)) {`
`85`	`85`	`int readLen;`
`86`		`- while ((readLen = zipInputStream.read(readBuffer)) != -1) {`
	`86`	`+ while ((readLen = zipInputStream.read(readBuffer)) != -1) { // BAD`
`87`	`87`	`outputStream.write(readBuffer, 0, readLen);`
`88`	`88`	`}`
`89`	`89`	`}`
`@@ -106,7 +106,7 @@ static void commonsCompressArchiveStreamFactory(InputStream inputStream)`
`106`	`106`	`File f = new File("tmpfile");`
`107`	`107`	`try (OutputStream outputStream = new FileOutputStream(f)) {`
`108`	`108`	`int readLen;`
`109`		`- while ((readLen = zipInputStream.read(readBuffer)) != -1) {`
	`109`	`+ while ((readLen = zipInputStream.read(readBuffer)) != -1) { // BAD`
`110`	`110`	`outputStream.write(readBuffer, 0, readLen);`
`111`	`111`	`}`
`112`	`112`	`}`
`@@ -121,7 +121,7 @@ static void commonsCompressCompressorStreamFactory(InputStream inputStream)`
`121`	`121`	`int buffersize = 4096;`
`122`	`122`	`final byte[] buffer = new byte[buffersize];`
`123`	`123`	`int n = 0;`
`124`		`- while (-1 != (n = in.read(buffer))) {`
	`124`	`+ while (-1 != (n = in.read(buffer))) { // BAD`
`125`	`125`	`out.write(buffer, 0, n);`
`126`	`126`	`}`
`127`	`127`	`out.close();`
Original file line number	Diff line number	Diff line change
`@@ -162,10 +162,10 @@ public static void ZipFile1(String zipFilePath) throws DataFormatException, IOEx`
`162`	`162`
`163`	`163`	`try (InputStream inputStream = zipFile.getInputStream(entry);`
`164`	`164`	`FileOutputStream outputStream = new FileOutputStream(destPath); ) {`
`165`		`- int data = inputStream.read();`
	`165`	`+ int data = inputStream.read(); // BAD`
`166`	`166`	`while (data != -1) {`
`167`	`167`	`outputStream.write(data);`
`168`		`- data = inputStream.read();`
	`168`	`+ data = inputStream.read(); // BAD`
`169`	`169`	`}`
`170`	`170`	`}`
`171`	`171`	`System.out.println("file : " + entry.getName() + " => " + destPath);`