Skip to content

Commit be07d27

Browse files
joefarebrotherjoefarebrother
committed
Java: Improve tests
1 parent efc3a25 commit be07d27

File tree

2 files changed

+39
-24
lines changed

2 files changed

+39
-24
lines changed

java/ql/test/library-tests/dataflow/taint-format/A.java

Lines changed: 11 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,7 @@
11
import java.util.Formatter;
22
import java.lang.StringBuilder;
3+
import java.lang.System;
4+
import java.io.Console;
35

46
class A {
57
public static String taint() { return "tainted"; }
@@ -11,6 +13,7 @@ public static void test1() {
1113
bad.formatted(good);
1214
good.formatted("a", bad, "b", good);
1315
String.format("%s%s", bad, good);
16+
String.format("%s", good);
1417
}
1518

1619
public static void test2() {
@@ -31,4 +34,12 @@ public static void test3() {
3134
f.format("%s", bad);
3235
sb.toString();
3336
}
37+
38+
public static void test4() {
39+
String bad = taint();
40+
Console c = System.console();
41+
42+
c.format(bad);
43+
c.readLine("Enter something: %s", bad);
44+
}
3445
}

java/ql/test/library-tests/dataflow/taint-format/test.expected

Lines changed: 28 additions & 24 deletions
Original file line numberDiff line numberDiff line change
@@ -1,24 +1,28 @@
1-
| A.java:8:22:8:28 | taint(...) | A.java:8:22:8:28 | taint(...) |
2-
| A.java:8:22:8:28 | taint(...) | A.java:11:9:11:11 | bad |
3-
| A.java:8:22:8:28 | taint(...) | A.java:11:9:11:27 | formatted(...) |
4-
| A.java:8:22:8:28 | taint(...) | A.java:12:9:12:43 | formatted(...) |
5-
| A.java:8:22:8:28 | taint(...) | A.java:12:9:12:43 | new ..[] { .. } |
6-
| A.java:8:22:8:28 | taint(...) | A.java:12:29:12:31 | bad |
7-
| A.java:8:22:8:28 | taint(...) | A.java:13:9:13:40 | format(...) |
8-
| A.java:8:22:8:28 | taint(...) | A.java:13:9:13:40 | new ..[] { .. } |
9-
| A.java:8:22:8:28 | taint(...) | A.java:13:31:13:33 | bad |
10-
| A.java:17:22:17:28 | taint(...) | A.java:17:22:17:28 | taint(...) |
11-
| A.java:17:22:17:28 | taint(...) | A.java:21:9:21:9 | f [post update] |
12-
| A.java:17:22:17:28 | taint(...) | A.java:21:9:21:27 | format(...) |
13-
| A.java:17:22:17:28 | taint(...) | A.java:21:9:21:27 | new ..[] { .. } |
14-
| A.java:17:22:17:28 | taint(...) | A.java:21:24:21:26 | bad |
15-
| A.java:17:22:17:28 | taint(...) | A.java:22:9:22:9 | f |
16-
| A.java:26:22:26:28 | taint(...) | A.java:26:22:26:28 | taint(...) |
17-
| A.java:26:22:26:28 | taint(...) | A.java:30:9:30:10 | sb |
18-
| A.java:26:22:26:28 | taint(...) | A.java:30:9:30:21 | toString(...) |
19-
| A.java:26:22:26:28 | taint(...) | A.java:31:9:31:9 | f [post update] |
20-
| A.java:26:22:26:28 | taint(...) | A.java:31:9:31:27 | format(...) |
21-
| A.java:26:22:26:28 | taint(...) | A.java:31:9:31:27 | new ..[] { .. } |
22-
| A.java:26:22:26:28 | taint(...) | A.java:31:24:31:26 | bad |
23-
| A.java:26:22:26:28 | taint(...) | A.java:32:9:32:10 | sb |
24-
| A.java:26:22:26:28 | taint(...) | A.java:32:9:32:21 | toString(...) |
1+
| A.java:10:22:10:28 | taint(...) | A.java:10:22:10:28 | taint(...) |
2+
| A.java:10:22:10:28 | taint(...) | A.java:13:9:13:11 | bad |
3+
| A.java:10:22:10:28 | taint(...) | A.java:13:9:13:27 | formatted(...) |
4+
| A.java:10:22:10:28 | taint(...) | A.java:14:9:14:43 | formatted(...) |
5+
| A.java:10:22:10:28 | taint(...) | A.java:14:9:14:43 | new ..[] { .. } |
6+
| A.java:10:22:10:28 | taint(...) | A.java:14:29:14:31 | bad |
7+
| A.java:10:22:10:28 | taint(...) | A.java:15:9:15:40 | format(...) |
8+
| A.java:10:22:10:28 | taint(...) | A.java:15:9:15:40 | new ..[] { .. } |
9+
| A.java:10:22:10:28 | taint(...) | A.java:15:31:15:33 | bad |
10+
| A.java:20:22:20:28 | taint(...) | A.java:20:22:20:28 | taint(...) |
11+
| A.java:20:22:20:28 | taint(...) | A.java:24:9:24:9 | f [post update] |
12+
| A.java:20:22:20:28 | taint(...) | A.java:24:9:24:27 | format(...) |
13+
| A.java:20:22:20:28 | taint(...) | A.java:24:9:24:27 | new ..[] { .. } |
14+
| A.java:20:22:20:28 | taint(...) | A.java:24:24:24:26 | bad |
15+
| A.java:20:22:20:28 | taint(...) | A.java:25:9:25:9 | f |
16+
| A.java:29:22:29:28 | taint(...) | A.java:29:22:29:28 | taint(...) |
17+
| A.java:29:22:29:28 | taint(...) | A.java:33:9:33:10 | sb |
18+
| A.java:29:22:29:28 | taint(...) | A.java:33:9:33:21 | toString(...) |
19+
| A.java:29:22:29:28 | taint(...) | A.java:34:9:34:9 | f [post update] |
20+
| A.java:29:22:29:28 | taint(...) | A.java:34:9:34:27 | format(...) |
21+
| A.java:29:22:29:28 | taint(...) | A.java:34:9:34:27 | new ..[] { .. } |
22+
| A.java:29:22:29:28 | taint(...) | A.java:34:24:34:26 | bad |
23+
| A.java:29:22:29:28 | taint(...) | A.java:35:9:35:10 | sb |
24+
| A.java:29:22:29:28 | taint(...) | A.java:35:9:35:21 | toString(...) |
25+
| A.java:39:22:39:28 | taint(...) | A.java:39:22:39:28 | taint(...) |
26+
| A.java:39:22:39:28 | taint(...) | A.java:42:18:42:20 | bad |
27+
| A.java:39:22:39:28 | taint(...) | A.java:43:9:43:46 | new ..[] { .. } |
28+
| A.java:39:22:39:28 | taint(...) | A.java:43:43:43:45 | bad |

0 commit comments

Comments
 (0)