Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit a50ea54

Browse files
aschackmullaschackmull
committed
Java: Fix tests.
1 parent b3e56d5 commit a50ea54

3 files changed

Lines changed: 6 additions & 12 deletions

File tree

java/ql/test/query-tests/security/CWE-190/semmle/tests/ArithmeticTainted.java

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -95,10 +95,10 @@ public void main(String[] args) {
9595
int widenedThenNarrowed = (int) (data + 10L);
9696
}
9797

98-
// The following test case needs to be located after other test cases
99-
// for that use 'data',
100-
// because the return statement causes 'data' to be guarded.
101-
{
98+
// The following test case has an arbitrary guard on hashcode
99+
// because otherwise the return statement causes 'data' to be guarded
100+
// in the subsequent test cases.
101+
if (this.hashCode() > 0) {
102102
// GOOD: guard and return if bad
103103
if (data < Integer.MAX_VALUE) {
104104
System.out.println("I'm guarded");

java/ql/test/query-tests/security/CWE-190/semmle/tests/ArithmeticWithExtremeValues.expected

Lines changed: 0 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -1,13 +1,8 @@
11
edges
22
| Test.java:92:8:92:24 | Integer.MAX_VALUE [Number] | Test.java:95:8:95:8 | i |
33
| Test.java:108:13:108:26 | Long.MIN_VALUE [Number] | Test.java:110:13:110:13 | i |
4-
| Test.java:114:13:114:26 | Long.MAX_VALUE [Number] | Test.java:116:13:116:13 | i |
54
| Test.java:137:9:137:25 | Integer.MAX_VALUE [Number] | Test.java:138:14:138:14 | i |
65
| Test.java:143:12:143:28 | Integer.MAX_VALUE [Number] | Test.java:146:14:146:14 | i |
7-
| Test.java:151:12:151:28 | Integer.MAX_VALUE [Number] | Test.java:155:14:155:14 | i |
8-
| Test.java:160:13:160:26 | Byte.MAX_VALUE [Number] | Test.java:164:12:164:12 | b |
9-
| Test.java:168:14:168:28 | Short.MAX_VALUE [Number] | Test.java:172:12:172:12 | s |
10-
| Test.java:176:12:176:28 | Integer.MAX_VALUE [Number] | Test.java:180:13:180:13 | i |
116
| Test.java:184:13:184:26 | Byte.MAX_VALUE [Number] | Test.java:187:39:187:39 | b |
127
| Test.java:191:14:191:28 | Short.MAX_VALUE [Number] | Test.java:194:41:194:41 | s |
138
| Test.java:198:12:198:28 | Integer.MAX_VALUE [Number] | Test.java:201:37:201:37 | i |
@@ -16,7 +11,6 @@ edges
1611
| Test.java:110:13:110:17 | ... - ... | Test.java:108:13:108:26 | Long.MIN_VALUE [Number] | Test.java:110:13:110:13 | i | Variable i is assigned an extreme value $@, and may cause an underflow. | Test.java:108:13:108:26 | Long.MIN_VALUE | MIN_VALUE |
1712
| Test.java:138:14:138:18 | ... + ... | Test.java:137:9:137:25 | Integer.MAX_VALUE [Number] | Test.java:138:14:138:14 | i | Variable i is assigned an extreme value $@, and may cause an overflow. | Test.java:137:9:137:25 | Integer.MAX_VALUE | MAX_VALUE |
1813
| Test.java:146:14:146:18 | ... + ... | Test.java:143:12:143:28 | Integer.MAX_VALUE [Number] | Test.java:146:14:146:14 | i | Variable i is assigned an extreme value $@, and may cause an overflow. | Test.java:143:12:143:28 | Integer.MAX_VALUE | MAX_VALUE |
19-
| Test.java:155:14:155:18 | ... + ... | Test.java:151:12:151:28 | Integer.MAX_VALUE [Number] | Test.java:155:14:155:14 | i | Variable i is assigned an extreme value $@, and may cause an overflow. | Test.java:151:12:151:28 | Integer.MAX_VALUE | MAX_VALUE |
2014
| Test.java:187:39:187:43 | ... + ... | Test.java:184:13:184:26 | Byte.MAX_VALUE [Number] | Test.java:187:39:187:39 | b | Variable b is assigned an extreme value $@, and may cause an overflow. | Test.java:184:13:184:26 | Byte.MAX_VALUE | MAX_VALUE |
2115
| Test.java:194:41:194:45 | ... + ... | Test.java:191:14:191:28 | Short.MAX_VALUE [Number] | Test.java:194:41:194:41 | s | Variable s is assigned an extreme value $@, and may cause an overflow. | Test.java:191:14:191:28 | Short.MAX_VALUE | MAX_VALUE |
2216
| Test.java:201:37:201:42 | ... + ... | Test.java:198:12:198:28 | Integer.MAX_VALUE [Number] | Test.java:201:37:201:37 | i | Variable i is assigned an extreme value $@, and may cause an overflow. | Test.java:198:12:198:28 | Integer.MAX_VALUE | MAX_VALUE |

java/ql/test/query-tests/security/CWE-190/semmle/tests/Test.java

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -149,8 +149,8 @@ public static void main(String[] args) {
149149

150150
{
151151
int i = Integer.MAX_VALUE;
152-
// FALSE POSITIVE: the query only looks for things that appear to be
153-
// guards, it can't find them if they're hidden inside methods
152+
// GOOD: The query can detect custom guards.
153+
154154
if (properlyBounded(i)) {
155155
long j = i + 1;
156156
}

0 commit comments

Comments
 (0)