Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit efd5dc9

Browse files
author
Benjamin Muskalla
committed
Convert apache-commons-lang3 to InlineFlowTest 
1 parent eba414e commit efd5dc9

1 file changed

Lines changed: 2 additions & 48 deletions

File tree

  • java/ql/test/library-tests/frameworks/apache-commons-lang3

java/ql/test/library-tests/frameworks/apache-commons-lang3/flow.ql

Lines changed: 2 additions & 48 deletions
Original file line numberDiff line numberDiff line change
@@ -1,50 +1,4 @@
11
import java
2-
import semmle.code.java.dataflow.TaintTracking
3-
import TestUtilities.InlineExpectationsTest
2+
import TestUtilities.InlineFlowTest
43

5-
class TaintFlowConf extends TaintTracking::Configuration {
6-
TaintFlowConf() { this = "qltest:frameworks:apache-commons-lang3-taint-flow" }
7-
8-
override predicate isSource(DataFlow::Node n) {
9-
n.asExpr().(MethodAccess).getMethod().hasName("taint")
10-
}
11-
12-
override predicate isSink(DataFlow::Node n) {
13-
exists(MethodAccess ma | ma.getMethod().hasName("sink") | n.asExpr() = ma.getAnArgument())
14-
}
15-
}
16-
17-
class ValueFlowConf extends DataFlow::Configuration {
18-
ValueFlowConf() { this = "qltest:frameworks:apache-commons-lang3-value-flow" }
19-
20-
override predicate isSource(DataFlow::Node n) {
21-
n.asExpr().(MethodAccess).getMethod().hasName("taint")
22-
}
23-
24-
override predicate isSink(DataFlow::Node n) {
25-
exists(MethodAccess ma | ma.getMethod().hasName("sink") | n.asExpr() = ma.getAnArgument())
26-
}
27-
}
28-
29-
class HasFlowTest extends InlineExpectationsTest {
30-
HasFlowTest() { this = "HasFlowTest" }
31-
32-
override string getARelevantTag() { result = ["hasTaintFlow", "hasValueFlow"] }
33-
34-
override predicate hasActualResult(Location location, string element, string tag, string value) {
35-
tag = "hasTaintFlow" and
36-
exists(DataFlow::Node src, DataFlow::Node sink, TaintFlowConf conf | conf.hasFlow(src, sink) |
37-
not any(ValueFlowConf vconf).hasFlow(src, sink) and
38-
sink.getLocation() = location and
39-
element = sink.toString() and
40-
value = ""
41-
)
42-
or
43-
tag = "hasValueFlow" and
44-
exists(DataFlow::Node src, DataFlow::Node sink, ValueFlowConf conf | conf.hasFlow(src, sink) |
45-
sink.getLocation() = location and
46-
element = sink.toString() and
47-
value = ""
48-
)
49-
}
50-
}
4+
class HasFlowTest extends InlineFlowTest { }

0 commit comments

Comments
 (0)