/** Here the read should float to the end, right before the write. */ public static int testIfRead3Snippet(int a) { if (a < 0) { container.a = 10; } int res = container.a; container.a = 20; return res; }
/** Here the read should float after the loop. */ public static int testLoop9Snippet(int a, int b) { container.a = b; for (int i = 0; i < a; i++) { container.a = i; } GraalDirectives.controlFlowAnchor(); return container.a; }
/** testing scheduling within a block. */ public static int testBlockScheduleSnippet() { int res = 0; container.a = 0x00; container.a = 0x10; container.a = 0x20; container.a = 0x30; container.a = 0x40; res = container.a; container.a = 0x50; container.a = 0x60; container.a = 0x70; return res; }
/** In this test the read should be scheduled before the write. */ public static int testSimpleSnippet() { try { return container.a; } finally { container.a = 15; } }
/** Here the read should not float to the end. */ public static int testIfRead1Snippet(int a) { int res = container.a; if (a < 0) { container.a = 10; } return res; }
/** Here the read should be just in the if branch (with the write). */ public static int testIfRead4Snippet(int a) { if (a > 0) { int res = container.a; container.a = 0x20; return res; } else { return 0x10; } }
/** In this case the read should be scheduled in the first block. */ public static int testSplit1Snippet(int a) { try { return container.a; } finally { if (a < 0) { container.a = 15; } else { container.b = 15; } } }
/* goodG2B() - use goodsource and badsink */ private void goodG2B() throws Throwable { String data; java.util.logging.Logger log_good = java.util.logging.Logger.getLogger("local-logger"); /* FIX: Use a hardcoded string */ data = "foo"; Container data_container = new Container(); data_container.a = data; (new CWE643_Unsafe_Treatment_of_XPath_Input__URLConnection_67b()).goodG2B_sink(data_container); }
public void bad() throws Throwable { String data; Logger log_bad = Logger.getLogger("local-logger"); /* get environment variable ADD */ data = System.getenv("ADD"); Container data_container = new Container(); data_container.a = data; (new CWE617_Reachable_Assertion__Environment_67b()).bad_sink(data_container); }
public void a(EntityHuman entityhuman) { super.a(entityhuman); if (!this.c.isStatic) { for (int i = 0; i < 9; ++i) { ItemStack itemstack = this.craftInventory.getItem(i); if (itemstack != null) { entityhuman.b(itemstack); } } } }
/** read should move inside the loop (out of loop is disabled). */ public static int testBlockSchedule2Snippet(int value) { int res = 0; container.a = value; for (int i = 0; i < 100; i++) { if (i == 10) { return container.a; } res += i; } return res; }
/* goodG2B() - use goodsource and badsink */ private void goodG2B() throws Throwable { String data; java.util.logging.Logger log_good = java.util.logging.Logger.getLogger("local-logger"); /* FIX: Use a hardcoded string */ data = "foo"; Container data_container = new Container(); data_container.a = data; (new CWE617_Reachable_Assertion__Environment_67b()).goodG2B_sink(data_container); }
/** Here the read should not float to the end. */ public static int testLoop1Snippet(int a, int b) { try { return container.a; } finally { for (int i = 0; i < a; i++) { if (b < 0) { container.b = 10; } else { container.a = 15; } } } }
/* goodG2B() - use goodsource and badsink */ private void goodG2B(HttpServletRequest request, HttpServletResponse response) throws Throwable { String data; java.util.logging.Logger log_good = java.util.logging.Logger.getLogger("local-logger"); /* FIX: Use a hardcoded string */ data = "foo"; Container data_container = new Container(); data_container.a = data; (new CWE113_HTTP_Response_Splitting__URLConnection_sendRedirectServlet_67b()) .goodG2B_sink(data_container, request, response); }
/* goodG2B() - use goodsource and badsink */ private void goodG2B(HttpServletRequest request, HttpServletResponse response) throws Throwable { String data; java.util.logging.Logger log_good = java.util.logging.Logger.getLogger("local-logger"); /* FIX: Use a hardcoded string */ data = "foo"; Container data_container = new Container(); data_container.a = data; (new CWE80_XSS__Servlet_getQueryStringServlet_67b()) .goodG2B_sink(data_container, request, response); }
/* goodG2B() - use goodsource and badsink */ private void goodG2B() throws Throwable { int data; java.util.logging.Logger log_good = java.util.logging.Logger.getLogger("local-logger"); /* FIX: Use a hardcoded number that won't cause underflow, overflow, divide by zero, or loss-of-precision issues */ data = 2; Container data_container = new Container(); data_container.a = data; (new CWE369_Divide_By_Zero__PropertiesFile_divide_67b()).goodG2B_sink(data_container); }
/* goodG2B() - use goodsource and badsink */ private void goodG2B() throws Throwable { int data; java.util.logging.Logger log_good = java.util.logging.Logger.getLogger("local-logger"); /* FIX: Use a hardcoded number that won't cause underflow, overflow, divide by zero, or loss-of-precision issues */ data = 2; Container data_container = new Container(); data_container.a = data; (new CWE191_Integer_Underflow__fromFile_multiply_67b()).goodG2B_sink(data_container); }
public static void testProxySnippet() { while (container.a < container.b) { List<Container> list = new ArrayList<>(containerList); while (container.c < list.size()) { if (container.obj != null) { return; } container.c++; } container.a = 0; container.b--; } container.b++; }
/** Here the read should not float to the end. */ public static int testLoop8Snippet(int a, int b) { int result = container.a; for (int i = 0; i < a; i++) { if (b < 0) { container.b = 10; break; } else { for (int j = 0; j < b; j++) { container.a = 0; } } } GraalDirectives.controlFlowAnchor(); return result; }
public void bad() throws Throwable { int data; Logger log_bad = Logger.getLogger("local-logger"); /* init data */ data = -1; File f = new File("C:\\name.txt"); BufferedReader buffread = null; FileReader fread = null; try { /* read string from file into data */ char[] readIn = new char[(new Long(f.length())).intValue()]; fread = new FileReader(f); buffread = new BufferedReader(fread); String s_data = buffread.readLine(); // This will be reading the first "line" of the file, which // could be very long if there are little or no newlines in the file\ data = Integer.parseInt(s_data.trim()); } catch (IOException ioe) { log_bad.warning("Error with stream reading"); } catch (NumberFormatException nfe) { log_bad.warning("Error with number parsing"); } finally { /* clean up stream reading objects */ try { if (buffread != null) { buffread.close(); } } catch (IOException ioe) { log_bad.warning("Error closing buffread"); } finally { try { if (fread != null) { fread.close(); } } catch (IOException ioe) { log_bad.warning("Error closing fread"); } } } Container data_container = new Container(); data_container.a = data; (new CWE191_Integer_Underflow__fromFile_multiply_67b()).bad_sink(data_container); }
public static int testAntiDependencySnippet(int a) { /* * This read must not be scheduled after the following write. */ int res = container.a; container.a = 10; /* * Add some more basic blocks. */ if (a < 0) { container.b = 20; } container.c = 30; return res; }
public void bad(HttpServletRequest request, HttpServletResponse response) throws Throwable { String data; Logger log_bad = Logger.getLogger("local-logger"); data = ""; /* init data */ URLConnection conn = (new URL("http://www.example.org/")).openConnection(); BufferedReader buffread = null; InputStreamReader instrread = null; try { /* read input from URLConnection */ instrread = new InputStreamReader(conn.getInputStream()); buffread = new BufferedReader(instrread); data = buffread.readLine(); // This will be reading the first "line" of the response body, // which could be very long if there are no newlines in the HTML } catch (IOException ioe) { log_bad.warning("Error with stream reading"); } finally { /* clean up stream reading objects */ try { if (buffread != null) { buffread.close(); } } catch (IOException ioe) { log_bad.warning("Error closing buffread"); } finally { try { if (instrread != null) { instrread.close(); } } catch (IOException ioe) { log_bad.warning("Error closing instrread"); } } } Container data_container = new Container(); data_container.a = data; (new CWE113_HTTP_Response_Splitting__URLConnection_sendRedirectServlet_67b()) .bad_sink(data_container, request, response); }
/* goodB2G() - use badsource and goodsink */ private void goodB2G() throws Throwable { String data; Logger log_bad = Logger.getLogger("local-logger"); data = ""; /* init data */ URLConnection conn = (new URL("http://www.example.org/")).openConnection(); BufferedReader buffread = null; InputStreamReader instrread = null; try { /* read input from URLConnection */ instrread = new InputStreamReader(conn.getInputStream()); buffread = new BufferedReader(instrread); data = buffread.readLine(); // This will be reading the first "line" of the response body, // which could be very long if there are no newlines in the HTML } catch (IOException ioe) { log_bad.warning("Error with stream reading"); } finally { /* clean up stream reading objects */ try { if (buffread != null) { buffread.close(); } } catch (IOException ioe) { log_bad.warning("Error closing buffread"); } finally { try { if (instrread != null) { instrread.close(); } } catch (IOException ioe) { log_bad.warning("Error closing instrread"); } } } Container data_container = new Container(); data_container.a = data; (new CWE643_Unsafe_Treatment_of_XPath_Input__URLConnection_67b()).goodB2G_sink(data_container); }
/* goodB2G() - use badsource and goodsink */ private void goodB2G() throws Throwable { int data; Logger log_bad = Logger.getLogger("local-logger"); /* init data */ data = -1; /* retrieve the "pid" property */ Properties props = new Properties(); FileInputStream finstr = null; try { finstr = new FileInputStream("../common/config.properties"); props.load(finstr); String s_data = props.getProperty("pid"); data = Integer.parseInt(s_data.trim()); } catch (IOException ioe) { log_bad.warning("Error with stream reading"); } catch (NumberFormatException nfe) { log_bad.warning("Error with number parsing"); } finally { /* clean up stream reading objects */ try { if (finstr != null) { finstr.close(); } } catch (IOException ioe) { log_bad.warning("Error closing buffread"); } } Container data_container = new Container(); data_container.a = data; (new CWE369_Divide_By_Zero__PropertiesFile_divide_67b()).goodB2G_sink(data_container); }
public void bad(HttpServletRequest request, HttpServletResponse response) throws Throwable { String data; Logger log_bad = Logger.getLogger("local-logger"); data = ""; /* parse the query string for value of 'id' */ String id_str = null; StringTokenizer st = new StringTokenizer(request.getQueryString(), "&"); while (st.hasMoreTokens()) { String token = st.nextToken(); int i = token.indexOf("="); if ((i > 0) && (i < (token.length() - 1)) && (token.substring(0, i).equals("id"))) { id_str = token.substring(i + 1); break; } } if (id_str != null) { Connection conn = null; PreparedStatement statement = null; ResultSet rs = null; try { int id = Integer.parseInt(id_str); conn = IO.getDBConnection(); statement = conn.prepareStatement("select * from pages where id=?"); /* FLAW: no check to see whether the user has privileges to view the data */ statement.setInt(1, id); rs = statement.executeQuery(); data = rs.toString(); } catch (SQLException se) { log_bad.warning("Error"); } finally { /* clean up database objects */ try { if (rs != null) { rs.close(); } } catch (SQLException se) { log_bad.warning("Error closing rs"); } finally { try { if (statement != null) { statement.close(); } } catch (SQLException se) { log_bad.warning("Error closing statement"); } finally { try { if (conn != null) { conn.close(); } } catch (SQLException se) { log_bad.warning("Error closing conn"); } } } } } Container data_container = new Container(); data_container.a = data; (new CWE80_XSS__Servlet_getQueryStringServlet_67b()) .bad_sink(data_container, request, response); }
public void bad() throws Throwable { String data; Logger log_bad = Logger.getLogger("local-logger"); data = ""; /* init data */ Connection conn = null; PreparedStatement statement = null; ResultSet rs = null; BufferedReader buffread = null; InputStreamReader instrread = null; try { /* setup the connection */ conn = IO.getDBConnection(); /* prepare the query */ statement = conn.prepareStatement("select name from users where id=?"); /* get user input for the userid */ IO.writeLine("Enter a userid to login as (number): "); instrread = new InputStreamReader(System.in); buffread = new BufferedReader(instrread); int num = Integer.parseInt(buffread.readLine()); statement.setInt(1, num); rs = statement.executeQuery(); data = rs.getString(1); } catch (IOException ioe) { log_bad.warning("Error with stream reading"); } finally { /* clean up stream reading objects */ try { if (buffread != null) { buffread.close(); } } catch (IOException ioe) { log_bad.warning("Error closing buffread"); } finally { try { if (instrread != null) { instrread.close(); } } catch (IOException ioe) { log_bad.warning("Error closing instrread"); } } /* clean up database objects */ try { if (rs != null) { rs.close(); } } catch (SQLException se) { log_bad.warning("Error closing rs"); } finally { try { if (statement != null) { statement.close(); } } catch (SQLException se) { log_bad.warning("Error closing statement"); } finally { try { if (conn != null) { conn.close(); } } catch (SQLException se) { log_bad.warning("Error closing conn"); } } } } Container data_container = new Container(); data_container.a = data; (new CWE643_Unsafe_Treatment_of_XPath_Input__fromDB_67b()).bad_sink(data_container); }
/** Here the read should float to the end. */ public static int testIfRead5Snippet(int a) { if (a < 0) { container.a = 10; } return container.a; }