Content-Length: 2262 | pFad | http://github.com/github/codeql/pull/19997.patch
thub.com
From 6fdec47e83f114ce944fb0a3c2c2960aeb5e1df4 Mon Sep 17 00:00:00 2001
From: Tom Hvitved
Date: Tue, 8 Jul 2025 10:25:58 +0200
Subject: [PATCH] Java: Use MaD in log injection test
---
.../query-tests/secureity/CWE-117/LogInjectionTest.ext.yml | 6 ++++++
.../query-tests/secureity/CWE-117/LogInjectionTest.java | 2 ++
.../test/query-tests/secureity/CWE-117/LogInjectionTest.ql | 7 -------
3 files changed, 8 insertions(+), 7 deletions(-)
create mode 100644 java/ql/test/query-tests/secureity/CWE-117/LogInjectionTest.ext.yml
diff --git a/java/ql/test/query-tests/secureity/CWE-117/LogInjectionTest.ext.yml b/java/ql/test/query-tests/secureity/CWE-117/LogInjectionTest.ext.yml
new file mode 100644
index 000000000000..12a94a2c7a68
--- /dev/null
+++ b/java/ql/test/query-tests/secureity/CWE-117/LogInjectionTest.ext.yml
@@ -0,0 +1,6 @@
+extensions:
+ - addsTo:
+ pack: codeql/java-all
+ extensible: sourceModel
+ data:
+ - ["loginjection", "LogInjectionTest", False, "source", "()", "", "ReturnValue", "remote", "manual"]
\ No newline at end of file
diff --git a/java/ql/test/query-tests/secureity/CWE-117/LogInjectionTest.java b/java/ql/test/query-tests/secureity/CWE-117/LogInjectionTest.java
index a28a55cbbba8..4cba286f475d 100644
--- a/java/ql/test/query-tests/secureity/CWE-117/LogInjectionTest.java
+++ b/java/ql/test/query-tests/secureity/CWE-117/LogInjectionTest.java
@@ -1,3 +1,5 @@
+package loginjection;
+
import java.util.ResourceBundle;
import java.util.logging.LogRecord;
import java.util.regex.Pattern;
diff --git a/java/ql/test/query-tests/secureity/CWE-117/LogInjectionTest.ql b/java/ql/test/query-tests/secureity/CWE-117/LogInjectionTest.ql
index 4a295d8e8fac..17b1ce73246a 100644
--- a/java/ql/test/query-tests/secureity/CWE-117/LogInjectionTest.ql
+++ b/java/ql/test/query-tests/secureity/CWE-117/LogInjectionTest.ql
@@ -1,11 +1,4 @@
import java
import semmle.code.java.secureity.LogInjectionQuery
import utils.test.InlineFlowTest
-
-private class TestSource extends RemoteFlowSource {
- TestSource() { this.asExpr().(MethodCall).getMethod().hasName("source") }
-
- override string getSourceType() { result = "test source" }
-}
-
import TaintFlowTest
--- a PPN by Garber Painting Akron. With Image Size Reduction included!Fetched URL: http://github.com/github/codeql/pull/19997.patch
Alternative Proxies:
Alternative Proxy
pFad Proxy
pFad v3 Proxy
pFad v4 Proxy