Skip to content

Commit eea79e8

Browse files
asgerfasgerf
committed
Java: convert PolynomialReDoS test to qlref with post-processed inline expectations
1 parent 373747b commit eea79e8

File tree

4 files changed

+123
-56
lines changed

4 files changed

+123
-56
lines changed

java/ql/test/query-tests/security/CWE-730/PolyRedosTest.java

Lines changed: 38 additions & 38 deletions
Original file line numberDiff line numberDiff line change
@@ -5,80 +5,80 @@
55

66
class PolyRedosTest {
77
void test(HttpServletRequest request) {
8-
String tainted = request.getParameter("inp");
8+
String tainted = request.getParameter("inp"); // $ Source[java/polynomial-redos]
99
String reg = "0\\.\\d+E?\\d+!";
1010
Predicate<String> dummyPred = (s -> s.length() % 7 == 0);
11-
12-
tainted.matches(reg); // $ hasPolyRedos
13-
tainted.split(reg); // $ hasPolyRedos
14-
tainted.split(reg, 7); // $ hasPolyRedos
15-
tainted.replaceAll(reg, "a"); // $ hasPolyRedos
16-
tainted.replaceFirst(reg, "a"); // $ hasPolyRedos
17-
Pattern.matches(reg, tainted); // $ hasPolyRedos
18-
Pattern.compile(reg).matcher(tainted).matches(); // $ hasPolyRedos
19-
Pattern.compile(reg).split(tainted); // $ hasPolyRedos
20-
Pattern.compile(reg, Pattern.DOTALL).split(tainted); // $ hasPolyRedos
21-
Pattern.compile(reg).split(tainted, 7); // $ hasPolyRedos
22-
Pattern.compile(reg).splitAsStream(tainted); // $ hasPolyRedos
23-
Pattern.compile(reg).asPredicate().test(tainted); // $ hasPolyRedos
24-
Pattern.compile(reg).asMatchPredicate().negate().and(dummyPred).or(dummyPred).test(tainted); // $ hasPolyRedos
25-
Predicate.not(dummyPred.and(dummyPred.or(Pattern.compile(reg).asPredicate()))).test(tainted); // $ hasPolyRedos
26-
27-
Splitter.on(Pattern.compile(reg)).split(tainted); // $ hasPolyRedos
28-
Splitter.on(reg).split(tainted);
29-
Splitter.onPattern(reg).split(tainted); // $ hasPolyRedos
30-
Splitter.onPattern(reg).splitToList(tainted); // $ hasPolyRedos
31-
Splitter.onPattern(reg).limit(7).omitEmptyStrings().trimResults().split(tainted); // $ hasPolyRedos
32-
Splitter.onPattern(reg).withKeyValueSeparator(" => ").split(tainted); // $ hasPolyRedos
11+
12+
tainted.matches(reg); // $ Alert[java/polynomial-redos]
13+
tainted.split(reg); // $ Alert[java/polynomial-redos]
14+
tainted.split(reg, 7); // $ Alert[java/polynomial-redos]
15+
tainted.replaceAll(reg, "a"); // $ Alert[java/polynomial-redos]
16+
tainted.replaceFirst(reg, "a"); // $ Alert[java/polynomial-redos]
17+
Pattern.matches(reg, tainted); // $ Alert[java/polynomial-redos]
18+
Pattern.compile(reg).matcher(tainted).matches(); // $ Alert[java/polynomial-redos]
19+
Pattern.compile(reg).split(tainted); // $ Alert[java/polynomial-redos]
20+
Pattern.compile(reg, Pattern.DOTALL).split(tainted); // $ Alert[java/polynomial-redos]
21+
Pattern.compile(reg).split(tainted, 7); // $ Alert[java/polynomial-redos]
22+
Pattern.compile(reg).splitAsStream(tainted); // $ Alert[java/polynomial-redos]
23+
Pattern.compile(reg).asPredicate().test(tainted); // $ Alert[java/polynomial-redos]
24+
Pattern.compile(reg).asMatchPredicate().negate().and(dummyPred).or(dummyPred).test(tainted); // $ Alert[java/polynomial-redos]
25+
Predicate.not(dummyPred.and(dummyPred.or(Pattern.compile(reg).asPredicate()))).test(tainted); // $ Alert[java/polynomial-redos]
26+
27+
Splitter.on(Pattern.compile(reg)).split(tainted); // $ Alert[java/polynomial-redos]
28+
Splitter.on(reg).split(tainted);
29+
Splitter.onPattern(reg).split(tainted); // $ Alert[java/polynomial-redos]
30+
Splitter.onPattern(reg).splitToList(tainted); // $ Alert[java/polynomial-redos]
31+
Splitter.onPattern(reg).limit(7).omitEmptyStrings().trimResults().split(tainted); // $ Alert[java/polynomial-redos]
32+
Splitter.onPattern(reg).withKeyValueSeparator(" => ").split(tainted); // $ Alert[java/polynomial-redos]
3333
Splitter.on(";").withKeyValueSeparator(reg).split(tainted);
34-
Splitter.on(";").withKeyValueSeparator(Splitter.onPattern(reg)).split(tainted); // $ hasPolyRedos
34+
Splitter.on(";").withKeyValueSeparator(Splitter.onPattern(reg)).split(tainted); // $ Alert[java/polynomial-redos]
3535

3636
}
3737

3838
void test2(HttpServletRequest request) {
39-
String tainted = request.getParameter("inp");
39+
String tainted = request.getParameter("inp"); // $ Source[java/polynomial-redos]
4040

4141
Pattern p1 = Pattern.compile(".*a");
4242
Pattern p2 = Pattern.compile(".*b");
4343

44-
p1.matcher(tainted).matches();
45-
p2.matcher(tainted).find(); // $ hasPolyRedos
44+
p1.matcher(tainted).matches();
45+
p2.matcher(tainted).find(); // $ Alert[java/polynomial-redos]
4646
}
4747

4848
void test3(HttpServletRequest request) {
49-
String tainted = request.getParameter("inp");
49+
String tainted = request.getParameter("inp"); // $ Source[java/polynomial-redos]
5050

5151
Pattern p1 = Pattern.compile("ab*b*");
5252
Pattern p2 = Pattern.compile("cd*d*");
5353

54-
p1.matcher(tainted).matches(); // $ hasPolyRedos
55-
p2.matcher(tainted).find();
54+
p1.matcher(tainted).matches(); // $ Alert[java/polynomial-redos]
55+
p2.matcher(tainted).find();
5656
}
5757

5858
void test4(HttpServletRequest request) {
59-
String tainted = request.getParameter("inp");
59+
String tainted = request.getParameter("inp"); // $ Source[java/polynomial-redos]
6060

6161
tainted.matches(".*a");
62-
tainted.replaceAll(".*b", "c"); // $ hasPolyRedos
62+
tainted.replaceAll(".*b", "c"); // $ Alert[java/polynomial-redos]
6363
}
6464

6565
static Pattern p3 = Pattern.compile(".*a");
6666
static Pattern p4 = Pattern.compile(".*b");
67-
67+
6868

6969
void test5(HttpServletRequest request) {
70-
String tainted = request.getParameter("inp");
70+
String tainted = request.getParameter("inp"); // $ Source[java/polynomial-redos]
7171

72-
p3.asMatchPredicate().test(tainted);
73-
p4.asPredicate().test(tainted); // $ hasPolyRedos
72+
p3.asMatchPredicate().test(tainted);
73+
p4.asPredicate().test(tainted); // $ Alert[java/polynomial-redos]
7474
}
7575

7676
void test6(HttpServletRequest request) {
7777
Pattern p = Pattern.compile("^a*a*$");
7878

79-
p.matcher(request.getParameter("inp")).matches(); // $ hasPolyRedos
79+
p.matcher(request.getParameter("inp")).matches(); // $ Alert[java/polynomial-redos]
8080
p.matcher(request.getHeader("If-None-Match")).matches();
8181
p.matcher(request.getRequestURI()).matches();
8282
p.matcher(request.getCookies()[0].getName()).matches();
8383
}
84-
}
84+
}

0 commit comments

Comments
 (0)
pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy