Java: Add tests and test stubs.

intrigus · intrigus · commit b30872806dc6 · 2021-01-12T14:49:12.000+01:00
diff --git a/java/ql/test/experimental/query-tests/security/CWE-295/JXBrowserWithoutCertValidation.expected b/java/ql/test/experimental/query-tests/security/CWE-295/JXBrowserWithoutCertValidation.expected
@@ -0,0 +1 @@
+| JXBrowserWithoutCertValidation.java:17:27:17:39 | new Browser(...) | This JXBrowser instance allows man-in-the-middle attacks. |
diff --git a/java/ql/test/experimental/query-tests/security/CWE-295/JXBrowserWithoutCertValidation.java b/java/ql/test/experimental/query-tests/security/CWE-295/JXBrowserWithoutCertValidation.java
@@ -0,0 +1,36 @@
+import com.teamdev.jxbrowser.chromium.Browser;
+import com.teamdev.jxbrowser.chromium.LoadHandler;
+import com.teamdev.jxbrowser.chromium.LoadParams;
+import com.teamdev.jxbrowser.chromium.CertificateErrorParams;
+
+public class JXBrowserWithoutCertValidation {
+
+    public static void main(String[] args) {
+
+        badUsage();
+
+        goodUsage();
+
+    }
+
+    private static void badUsage() {
+        Browser browser = new Browser();
+        browser.loadURL("https://example.com");
+        // no further calls
+        // BAD: The browser ignores any certificate error by default!
+    }
+
+    private static void goodUsage() {
+        Browser browser = new Browser();
+        browser.setLoadHandler(new LoadHandler() {
+            public boolean onLoad(LoadParams params) {
+                return true;
+            }
+
+            public boolean onCertificateError(CertificateErrorParams params) {
+                return true; // GOOD: This means that loading will be cancelled on certificate errors
+            }
+        }); // GOOD: A secure `LoadHandler` is used.
+        browser.loadURL("https://example.com");
+    }
+}
diff --git a/java/ql/test/experimental/query-tests/security/CWE-295/JXBrowserWithoutCertValidation.qlref b/java/ql/test/experimental/query-tests/security/CWE-295/JXBrowserWithoutCertValidation.qlref
@@ -0,0 +1 @@
+experimental/Security/CWE/CWE-295/JXBrowserWithoutCertValidation.ql
diff --git a/java/ql/test/experimental/query-tests/security/CWE-295/options b/java/ql/test/experimental/query-tests/security/CWE-295/options
@@ -0,0 +1 @@
+ //semmle-extractor-options: --javac-args -cp ${testdir}/../../../stubs/jxbrowser-6.23.1
diff --git a/java/ql/test/experimental/stubs/jxbrowser-6.23.1/com/teamdev/jxbrowser/chromium/Browser.java b/java/ql/test/experimental/stubs/jxbrowser-6.23.1/com/teamdev/jxbrowser/chromium/Browser.java
@@ -0,0 +1,9 @@
+package com.teamdev.jxbrowser.chromium;
+
+public class Browser extends java.lang.Object {
+    public void setLoadHandler(LoadHandler handler) {
+    }
+
+    public void loadURL(String url) {
+    }
+}
diff --git a/java/ql/test/experimental/stubs/jxbrowser-6.23.1/com/teamdev/jxbrowser/chromium/CertificateErrorParams.java b/java/ql/test/experimental/stubs/jxbrowser-6.23.1/com/teamdev/jxbrowser/chromium/CertificateErrorParams.java
@@ -0,0 +1,5 @@
+package com.teamdev.jxbrowser.chromium;
+
+public final class CertificateErrorParams extends Object {
+
+}
diff --git a/java/ql/test/experimental/stubs/jxbrowser-6.23.1/com/teamdev/jxbrowser/chromium/LoadHandler.java b/java/ql/test/experimental/stubs/jxbrowser-6.23.1/com/teamdev/jxbrowser/chromium/LoadHandler.java
@@ -0,0 +1,7 @@
+package com.teamdev.jxbrowser.chromium;
+
+public interface LoadHandler {
+    boolean onCertificateError(CertificateErrorParams params);
+
+    boolean onLoad(LoadParams params);
+}
diff --git a/java/ql/test/experimental/stubs/jxbrowser-6.23.1/com/teamdev/jxbrowser/chromium/LoadParams.java b/java/ql/test/experimental/stubs/jxbrowser-6.23.1/com/teamdev/jxbrowser/chromium/LoadParams.java
@@ -0,0 +1,5 @@
+package com.teamdev.jxbrowser.chromium;
+
+public final class LoadParams extends Object {
+
+}

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1 @@`
	`1`	`+\| JXBrowserWithoutCertValidation.java:17:27:17:39 \| new Browser(...) \| This JXBrowser instance allows man-in-the-middle attacks. \|`
Original file line number	Diff line number	Diff line change
`@@ -0,0 +1 @@`
	`1`	`+experimental/Security/CWE/CWE-295/JXBrowserWithoutCertValidation.ql`
Original file line number	Diff line number	Diff line change
`@@ -0,0 +1 @@`
	`1`	`+ //semmle-extractor-options: --javac-args -cp ${testdir}/../../../stubs/jxbrowser-6.23.1`
-Original file line number
+Diff line change
@@ @@ -0,0 +1,5 @@ @@
 +package com.teamdev.jxbrowser.chromium;
++
 +public final class CertificateErrorParams extends Object {
++
 +}