forked from github/codeql
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathStringUtilsTest.java
More file actions
125 lines (73 loc) · 4.66 KB
/
StringUtilsTest.java
File metadata and controls
125 lines (73 loc) · 4.66 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
import org.springframework.util.StringUtils;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Enumeration;
import java.util.Locale;
import java.lang.String;
class StringUtilsTest {
String taint() { return "tainted"; }
String[] taintArray() { return null; }
Locale taintLocale() { return null; }
Collection<String> taintedCollection() { return null; }
Enumeration<String> taintedEnumeration() { return null; }
void sink(Object o) {}
void test() throws Exception {
sink(StringUtils.addStringToArray(null, taint())); // $hasTaintFlow
sink(StringUtils.addStringToArray(taintArray(), "")); // $hasTaintFlow
sink(StringUtils.applyRelativePath("/", taint())); // $hasTaintFlow
sink(StringUtils.applyRelativePath(taint(), "../../test")); // $hasTaintFlow
sink(StringUtils.arrayToCommaDelimitedString(taintArray())); // $hasTaintFlow
sink(StringUtils.arrayToDelimitedString(taintArray(), ":")); // $hasTaintFlow
sink(StringUtils.arrayToDelimitedString(null, taint())); // $hasTaintFlow
sink(StringUtils.capitalize(taint())); // $hasTaintFlow
sink(StringUtils.cleanPath(taint())); // $hasTaintFlow
sink(StringUtils.collectionToCommaDelimitedString(taintedCollection())); // $hasTaintFlow
sink(StringUtils.collectionToDelimitedString(taintedCollection(), ":")); // $hasTaintFlow
sink(StringUtils.collectionToDelimitedString(null, taint())); // $hasTaintFlow
sink(StringUtils.collectionToDelimitedString(taintedCollection(), ":", "", "")); // $hasTaintFlow
sink(StringUtils.collectionToDelimitedString(null, taint(), "", "")); // $hasTaintFlow
sink(StringUtils.collectionToDelimitedString(null, ":", taint(), "")); // $hasTaintFlow
sink(StringUtils.collectionToDelimitedString(null, ":", "", taint())); // $hasTaintFlow
sink(StringUtils.commaDelimitedListToSet(taint())); // $hasTaintFlow
sink(StringUtils.commaDelimitedListToStringArray(taint())); // $hasTaintFlow
sink(StringUtils.concatenateStringArrays(taintArray(), null)); // $hasTaintFlow
sink(StringUtils.concatenateStringArrays(null, taintArray())); // $hasTaintFlow
sink(StringUtils.delete(taint(), "")); // $hasTaintFlow
sink(StringUtils.deleteAny(taint(), "")); // $hasTaintFlow
sink(StringUtils.delimitedListToStringArray(taint(), ":")); // $hasTaintFlow
sink(StringUtils.delimitedListToStringArray(taint(), ":", ".")); // $hasTaintFlow
sink(StringUtils.getFilename(taint())); // $hasTaintFlow
sink(StringUtils.getFilenameExtension(taint())); // $hasTaintFlow
sink(StringUtils.mergeStringArrays(taintArray(), null)); // $hasTaintFlow
sink(StringUtils.mergeStringArrays(null, taintArray())); // $hasTaintFlow
sink(StringUtils.parseLocale(taint()));
sink(StringUtils.parseLocaleString(taint()));
sink(StringUtils.parseTimeZoneString(taint()));
sink(StringUtils.quote(taint())); // $hasTaintFlow
sink(StringUtils.quoteIfString(taint())); // $hasTaintFlow
sink(StringUtils.removeDuplicateStrings(taintArray())); // $hasTaintFlow
sink(StringUtils.replace(taint(), "", "")); // $hasTaintFlow
sink(StringUtils.replace("", "", taint())); // $hasTaintFlow
sink(StringUtils.sortStringArray(taintArray())); // $hasTaintFlow
sink(StringUtils.split(taint(), "")); // $hasTaintFlow
sink(StringUtils.splitArrayElementsIntoProperties(taintArray(), "")); // $hasTaintFlow
sink(StringUtils.splitArrayElementsIntoProperties(taintArray(), "", "")); // $hasTaintFlow
sink(StringUtils.stripFilenameExtension(taint())); // $hasTaintFlow
sink(StringUtils.tokenizeToStringArray(taint(), "")); // $hasTaintFlow
sink(StringUtils.tokenizeToStringArray(taint(), "", true, true)); // $hasTaintFlow
sink(StringUtils.toLanguageTag(taintLocale()));
sink(StringUtils.toStringArray(taintedCollection())); // $hasTaintFlow
sink(StringUtils.toStringArray(taintedEnumeration())); // $hasTaintFlow
sink(StringUtils.trimAllWhitespace(taint())); // $hasTaintFlow
sink(StringUtils.trimArrayElements(taintArray())); // $hasTaintFlow
sink(StringUtils.trimLeadingCharacter(taint(), 'a')); // $hasTaintFlow
sink(StringUtils.trimLeadingWhitespace(taint())); // $hasTaintFlow
sink(StringUtils.trimTrailingCharacter(taint(), 'a')); // $hasTaintFlow
sink(StringUtils.trimTrailingWhitespace(taint())); // $hasTaintFlow
sink(StringUtils.trimWhitespace(taint())); // $hasTaintFlow
sink(StringUtils.uncapitalize(taint())); // $hasTaintFlow
sink(StringUtils.unqualify(taint())); // $hasTaintFlow
sink(StringUtils.unqualify(taint(), '.')); // $hasTaintFlow
sink(StringUtils.uriDecode(taint(), java.nio.charset.StandardCharsets.UTF_8)); // $hasTaintFlow
}
}