/** Here the read should float to the end, right before the write. */
public static int testIfRead3Snippet(int a) {
if (a < 0) {
container.a = 10;
}
int res = container.a;
container.a = 20;
return res;
}
/** Here the read should float after the loop. */
public static int testLoop9Snippet(int a, int b) {
container.a = b;
for (int i = 0; i < a; i++) {
container.a = i;
}
GraalDirectives.controlFlowAnchor();
return container.a;
}
/** testing scheduling within a block. */
public static int testBlockScheduleSnippet() {
int res = 0;
container.a = 0x00;
container.a = 0x10;
container.a = 0x20;
container.a = 0x30;
container.a = 0x40;
res = container.a;
container.a = 0x50;
container.a = 0x60;
container.a = 0x70;
return res;
}
/** In this test the read should be scheduled before the write. */
public static int testSimpleSnippet() {
try {
return container.a;
} finally {
container.a = 15;
}
}
/** Here the read should not float to the end. */
public static int testIfRead1Snippet(int a) {
int res = container.a;
if (a < 0) {
container.a = 10;
}
return res;
}
/** Here the read should be just in the if branch (with the write). */
public static int testIfRead4Snippet(int a) {
if (a > 0) {
int res = container.a;
container.a = 0x20;
return res;
} else {
return 0x10;
}
}
/** In this case the read should be scheduled in the first block. */
public static int testSplit1Snippet(int a) {
try {
return container.a;
} finally {
if (a < 0) {
container.a = 15;
} else {
container.b = 15;
}
}
}
/* goodG2B() - use goodsource and badsink */
private void goodG2B() throws Throwable {
String data;
java.util.logging.Logger log_good = java.util.logging.Logger.getLogger("local-logger");
/* FIX: Use a hardcoded string */
data = "foo";
Container data_container = new Container();
data_container.a = data;
(new CWE643_Unsafe_Treatment_of_XPath_Input__URLConnection_67b()).goodG2B_sink(data_container);
}
public void bad() throws Throwable {
String data;
Logger log_bad = Logger.getLogger("local-logger");
/* get environment variable ADD */
data = System.getenv("ADD");
Container data_container = new Container();
data_container.a = data;
(new CWE617_Reachable_Assertion__Environment_67b()).bad_sink(data_container);
}
public void a(EntityHuman entityhuman) {
super.a(entityhuman);
if (!this.c.isStatic) {
for (int i = 0; i < 9; ++i) {
ItemStack itemstack = this.craftInventory.getItem(i);
if (itemstack != null) {
entityhuman.b(itemstack);
}
}
}
}
/** read should move inside the loop (out of loop is disabled). */
public static int testBlockSchedule2Snippet(int value) {
int res = 0;
container.a = value;
for (int i = 0; i < 100; i++) {
if (i == 10) {
return container.a;
}
res += i;
}
return res;
}
/* goodG2B() - use goodsource and badsink */
private void goodG2B() throws Throwable {
String data;
java.util.logging.Logger log_good = java.util.logging.Logger.getLogger("local-logger");
/* FIX: Use a hardcoded string */
data = "foo";
Container data_container = new Container();
data_container.a = data;
(new CWE617_Reachable_Assertion__Environment_67b()).goodG2B_sink(data_container);
}
/** Here the read should not float to the end. */
public static int testLoop1Snippet(int a, int b) {
try {
return container.a;
} finally {
for (int i = 0; i < a; i++) {
if (b < 0) {
container.b = 10;
} else {
container.a = 15;
}
}
}
}
/* goodG2B() - use goodsource and badsink */
private void goodG2B(HttpServletRequest request, HttpServletResponse response) throws Throwable {
String data;
java.util.logging.Logger log_good = java.util.logging.Logger.getLogger("local-logger");
/* FIX: Use a hardcoded string */
data = "foo";
Container data_container = new Container();
data_container.a = data;
(new CWE113_HTTP_Response_Splitting__URLConnection_sendRedirectServlet_67b())
.goodG2B_sink(data_container, request, response);
}
/* goodG2B() - use goodsource and badsink */
private void goodG2B(HttpServletRequest request, HttpServletResponse response) throws Throwable {
String data;
java.util.logging.Logger log_good = java.util.logging.Logger.getLogger("local-logger");
/* FIX: Use a hardcoded string */
data = "foo";
Container data_container = new Container();
data_container.a = data;
(new CWE80_XSS__Servlet_getQueryStringServlet_67b())
.goodG2B_sink(data_container, request, response);
}
/* goodG2B() - use goodsource and badsink */
private void goodG2B() throws Throwable {
int data;
java.util.logging.Logger log_good = java.util.logging.Logger.getLogger("local-logger");
/* FIX: Use a hardcoded number that won't cause underflow, overflow,
divide by zero, or loss-of-precision issues */
data = 2;
Container data_container = new Container();
data_container.a = data;
(new CWE369_Divide_By_Zero__PropertiesFile_divide_67b()).goodG2B_sink(data_container);
}
/* goodG2B() - use goodsource and badsink */
private void goodG2B() throws Throwable {
int data;
java.util.logging.Logger log_good = java.util.logging.Logger.getLogger("local-logger");
/* FIX: Use a hardcoded number that won't cause underflow, overflow,
divide by zero, or loss-of-precision issues */
data = 2;
Container data_container = new Container();
data_container.a = data;
(new CWE191_Integer_Underflow__fromFile_multiply_67b()).goodG2B_sink(data_container);
}
public static void testProxySnippet() {
while (container.a < container.b) {
List<Container> list = new ArrayList<>(containerList);
while (container.c < list.size()) {
if (container.obj != null) {
return;
}
container.c++;
}
container.a = 0;
container.b--;
}
container.b++;
}
/** Here the read should not float to the end. */
public static int testLoop8Snippet(int a, int b) {
int result = container.a;
for (int i = 0; i < a; i++) {
if (b < 0) {
container.b = 10;
break;
} else {
for (int j = 0; j < b; j++) {
container.a = 0;
}
}
}
GraalDirectives.controlFlowAnchor();
return result;
}
public void bad() throws Throwable {
int data;
Logger log_bad = Logger.getLogger("local-logger");
/* init data */
data = -1;
File f = new File("C:\\name.txt");
BufferedReader buffread = null;
FileReader fread = null;
try {
/* read string from file into data */
char[] readIn = new char[(new Long(f.length())).intValue()];
fread = new FileReader(f);
buffread = new BufferedReader(fread);
String s_data =
buffread.readLine(); // This will be reading the first "line" of the file, which
// could be very long if there are little or no newlines in the file\
data = Integer.parseInt(s_data.trim());
} catch (IOException ioe) {
log_bad.warning("Error with stream reading");
} catch (NumberFormatException nfe) {
log_bad.warning("Error with number parsing");
} finally {
/* clean up stream reading objects */
try {
if (buffread != null) {
buffread.close();
}
} catch (IOException ioe) {
log_bad.warning("Error closing buffread");
} finally {
try {
if (fread != null) {
fread.close();
}
} catch (IOException ioe) {
log_bad.warning("Error closing fread");
}
}
}
Container data_container = new Container();
data_container.a = data;
(new CWE191_Integer_Underflow__fromFile_multiply_67b()).bad_sink(data_container);
}
public static int testAntiDependencySnippet(int a) {
/*
* This read must not be scheduled after the following write.
*/
int res = container.a;
container.a = 10;
/*
* Add some more basic blocks.
*/
if (a < 0) {
container.b = 20;
}
container.c = 30;
return res;
}
public void bad(HttpServletRequest request, HttpServletResponse response) throws Throwable {
String data;
Logger log_bad = Logger.getLogger("local-logger");
data = ""; /* init data */
URLConnection conn = (new URL("http://www.example.org/")).openConnection();
BufferedReader buffread = null;
InputStreamReader instrread = null;
try {
/* read input from URLConnection */
instrread = new InputStreamReader(conn.getInputStream());
buffread = new BufferedReader(instrread);
data = buffread.readLine(); // This will be reading the first "line" of the response body,
// which could be very long if there are no newlines in the HTML
} catch (IOException ioe) {
log_bad.warning("Error with stream reading");
} finally {
/* clean up stream reading objects */
try {
if (buffread != null) {
buffread.close();
}
} catch (IOException ioe) {
log_bad.warning("Error closing buffread");
} finally {
try {
if (instrread != null) {
instrread.close();
}
} catch (IOException ioe) {
log_bad.warning("Error closing instrread");
}
}
}
Container data_container = new Container();
data_container.a = data;
(new CWE113_HTTP_Response_Splitting__URLConnection_sendRedirectServlet_67b())
.bad_sink(data_container, request, response);
}
/* goodB2G() - use badsource and goodsink */
private void goodB2G() throws Throwable {
String data;
Logger log_bad = Logger.getLogger("local-logger");
data = ""; /* init data */
URLConnection conn = (new URL("http://www.example.org/")).openConnection();
BufferedReader buffread = null;
InputStreamReader instrread = null;
try {
/* read input from URLConnection */
instrread = new InputStreamReader(conn.getInputStream());
buffread = new BufferedReader(instrread);
data = buffread.readLine(); // This will be reading the first "line" of the response body,
// which could be very long if there are no newlines in the HTML
} catch (IOException ioe) {
log_bad.warning("Error with stream reading");
} finally {
/* clean up stream reading objects */
try {
if (buffread != null) {
buffread.close();
}
} catch (IOException ioe) {
log_bad.warning("Error closing buffread");
} finally {
try {
if (instrread != null) {
instrread.close();
}
} catch (IOException ioe) {
log_bad.warning("Error closing instrread");
}
}
}
Container data_container = new Container();
data_container.a = data;
(new CWE643_Unsafe_Treatment_of_XPath_Input__URLConnection_67b()).goodB2G_sink(data_container);
}
/* goodB2G() - use badsource and goodsink */
private void goodB2G() throws Throwable {
int data;
Logger log_bad = Logger.getLogger("local-logger");
/* init data */
data = -1;
/* retrieve the "pid" property */
Properties props = new Properties();
FileInputStream finstr = null;
try {
finstr = new FileInputStream("../common/config.properties");
props.load(finstr);
String s_data = props.getProperty("pid");
data = Integer.parseInt(s_data.trim());
} catch (IOException ioe) {
log_bad.warning("Error with stream reading");
} catch (NumberFormatException nfe) {
log_bad.warning("Error with number parsing");
} finally {
/* clean up stream reading objects */
try {
if (finstr != null) {
finstr.close();
}
} catch (IOException ioe) {
log_bad.warning("Error closing buffread");
}
}
Container data_container = new Container();
data_container.a = data;
(new CWE369_Divide_By_Zero__PropertiesFile_divide_67b()).goodB2G_sink(data_container);
}
public void bad(HttpServletRequest request, HttpServletResponse response) throws Throwable {
String data;
Logger log_bad = Logger.getLogger("local-logger");
data = "";
/* parse the query string for value of 'id' */
String id_str = null;
StringTokenizer st = new StringTokenizer(request.getQueryString(), "&");
while (st.hasMoreTokens()) {
String token = st.nextToken();
int i = token.indexOf("=");
if ((i > 0) && (i < (token.length() - 1)) && (token.substring(0, i).equals("id"))) {
id_str = token.substring(i + 1);
break;
}
}
if (id_str != null) {
Connection conn = null;
PreparedStatement statement = null;
ResultSet rs = null;
try {
int id = Integer.parseInt(id_str);
conn = IO.getDBConnection();
statement = conn.prepareStatement("select * from pages where id=?");
/* FLAW: no check to see whether the user has privileges to view the data */
statement.setInt(1, id);
rs = statement.executeQuery();
data = rs.toString();
} catch (SQLException se) {
log_bad.warning("Error");
} finally {
/* clean up database objects */
try {
if (rs != null) {
rs.close();
}
} catch (SQLException se) {
log_bad.warning("Error closing rs");
} finally {
try {
if (statement != null) {
statement.close();
}
} catch (SQLException se) {
log_bad.warning("Error closing statement");
} finally {
try {
if (conn != null) {
conn.close();
}
} catch (SQLException se) {
log_bad.warning("Error closing conn");
}
}
}
}
}
Container data_container = new Container();
data_container.a = data;
(new CWE80_XSS__Servlet_getQueryStringServlet_67b())
.bad_sink(data_container, request, response);
}
public void bad() throws Throwable {
String data;
Logger log_bad = Logger.getLogger("local-logger");
data = ""; /* init data */
Connection conn = null;
PreparedStatement statement = null;
ResultSet rs = null;
BufferedReader buffread = null;
InputStreamReader instrread = null;
try {
/* setup the connection */
conn = IO.getDBConnection();
/* prepare the query */
statement = conn.prepareStatement("select name from users where id=?");
/* get user input for the userid */
IO.writeLine("Enter a userid to login as (number): ");
instrread = new InputStreamReader(System.in);
buffread = new BufferedReader(instrread);
int num = Integer.parseInt(buffread.readLine());
statement.setInt(1, num);
rs = statement.executeQuery();
data = rs.getString(1);
} catch (IOException ioe) {
log_bad.warning("Error with stream reading");
} finally {
/* clean up stream reading objects */
try {
if (buffread != null) {
buffread.close();
}
} catch (IOException ioe) {
log_bad.warning("Error closing buffread");
} finally {
try {
if (instrread != null) {
instrread.close();
}
} catch (IOException ioe) {
log_bad.warning("Error closing instrread");
}
}
/* clean up database objects */
try {
if (rs != null) {
rs.close();
}
} catch (SQLException se) {
log_bad.warning("Error closing rs");
} finally {
try {
if (statement != null) {
statement.close();
}
} catch (SQLException se) {
log_bad.warning("Error closing statement");
} finally {
try {
if (conn != null) {
conn.close();
}
} catch (SQLException se) {
log_bad.warning("Error closing conn");
}
}
}
}
Container data_container = new Container();
data_container.a = data;
(new CWE643_Unsafe_Treatment_of_XPath_Input__fromDB_67b()).bad_sink(data_container);
}
/** Here the read should float to the end. */
public static int testIfRead5Snippet(int a) {
if (a < 0) {
container.a = 10;
}
return container.a;
}