예제 #1
0
 /** Here the read should float to the end, right before the write. */
 public static int testIfRead3Snippet(int a) {
   if (a < 0) {
     container.a = 10;
   }
   int res = container.a;
   container.a = 20;
   return res;
 }
예제 #2
0
 /** Here the read should float after the loop. */
 public static int testLoop9Snippet(int a, int b) {
   container.a = b;
   for (int i = 0; i < a; i++) {
     container.a = i;
   }
   GraalDirectives.controlFlowAnchor();
   return container.a;
 }
예제 #3
0
 /** testing scheduling within a block. */
 public static int testBlockScheduleSnippet() {
   int res = 0;
   container.a = 0x00;
   container.a = 0x10;
   container.a = 0x20;
   container.a = 0x30;
   container.a = 0x40;
   res = container.a;
   container.a = 0x50;
   container.a = 0x60;
   container.a = 0x70;
   return res;
 }
예제 #4
0
 /** In this test the read should be scheduled before the write. */
 public static int testSimpleSnippet() {
   try {
     return container.a;
   } finally {
     container.a = 15;
   }
 }
예제 #5
0
 /** Here the read should not float to the end. */
 public static int testIfRead1Snippet(int a) {
   int res = container.a;
   if (a < 0) {
     container.a = 10;
   }
   return res;
 }
예제 #6
0
 /** Here the read should be just in the if branch (with the write). */
 public static int testIfRead4Snippet(int a) {
   if (a > 0) {
     int res = container.a;
     container.a = 0x20;
     return res;
   } else {
     return 0x10;
   }
 }
예제 #7
0
 /** In this case the read should be scheduled in the first block. */
 public static int testSplit1Snippet(int a) {
   try {
     return container.a;
   } finally {
     if (a < 0) {
       container.a = 15;
     } else {
       container.b = 15;
     }
   }
 }
  /* goodG2B() - use goodsource and badsink */
  private void goodG2B() throws Throwable {
    String data;

    java.util.logging.Logger log_good = java.util.logging.Logger.getLogger("local-logger");

    /* FIX: Use a hardcoded string */
    data = "foo";

    Container data_container = new Container();
    data_container.a = data;
    (new CWE643_Unsafe_Treatment_of_XPath_Input__URLConnection_67b()).goodG2B_sink(data_container);
  }
  public void bad() throws Throwable {
    String data;

    Logger log_bad = Logger.getLogger("local-logger");

    /* get environment variable ADD */
    data = System.getenv("ADD");

    Container data_container = new Container();
    data_container.a = data;
    (new CWE617_Reachable_Assertion__Environment_67b()).bad_sink(data_container);
  }
예제 #10
0
  public void a(EntityHuman entityhuman) {
    super.a(entityhuman);
    if (!this.c.isStatic) {
      for (int i = 0; i < 9; ++i) {
        ItemStack itemstack = this.craftInventory.getItem(i);

        if (itemstack != null) {
          entityhuman.b(itemstack);
        }
      }
    }
  }
예제 #11
0
  /** read should move inside the loop (out of loop is disabled). */
  public static int testBlockSchedule2Snippet(int value) {
    int res = 0;

    container.a = value;
    for (int i = 0; i < 100; i++) {
      if (i == 10) {
        return container.a;
      }
      res += i;
    }
    return res;
  }
  /* goodG2B() - use goodsource and badsink */
  private void goodG2B() throws Throwable {
    String data;

    java.util.logging.Logger log_good = java.util.logging.Logger.getLogger("local-logger");

    /* FIX: Use a hardcoded string */
    data = "foo";

    Container data_container = new Container();
    data_container.a = data;
    (new CWE617_Reachable_Assertion__Environment_67b()).goodG2B_sink(data_container);
  }
예제 #13
0
 /** Here the read should not float to the end. */
 public static int testLoop1Snippet(int a, int b) {
   try {
     return container.a;
   } finally {
     for (int i = 0; i < a; i++) {
       if (b < 0) {
         container.b = 10;
       } else {
         container.a = 15;
       }
     }
   }
 }
  /* goodG2B() - use goodsource and badsink */
  private void goodG2B(HttpServletRequest request, HttpServletResponse response) throws Throwable {
    String data;

    java.util.logging.Logger log_good = java.util.logging.Logger.getLogger("local-logger");

    /* FIX: Use a hardcoded string */
    data = "foo";

    Container data_container = new Container();
    data_container.a = data;
    (new CWE113_HTTP_Response_Splitting__URLConnection_sendRedirectServlet_67b())
        .goodG2B_sink(data_container, request, response);
  }
  /* goodG2B() - use goodsource and badsink */
  private void goodG2B(HttpServletRequest request, HttpServletResponse response) throws Throwable {
    String data;

    java.util.logging.Logger log_good = java.util.logging.Logger.getLogger("local-logger");

    /* FIX: Use a hardcoded string */
    data = "foo";

    Container data_container = new Container();
    data_container.a = data;
    (new CWE80_XSS__Servlet_getQueryStringServlet_67b())
        .goodG2B_sink(data_container, request, response);
  }
  /* goodG2B() - use goodsource and badsink */
  private void goodG2B() throws Throwable {
    int data;

    java.util.logging.Logger log_good = java.util.logging.Logger.getLogger("local-logger");

    /* FIX: Use a hardcoded number that won't cause underflow, overflow,
    divide by zero, or loss-of-precision issues */
    data = 2;

    Container data_container = new Container();
    data_container.a = data;
    (new CWE369_Divide_By_Zero__PropertiesFile_divide_67b()).goodG2B_sink(data_container);
  }
  /* goodG2B() - use goodsource and badsink */
  private void goodG2B() throws Throwable {
    int data;

    java.util.logging.Logger log_good = java.util.logging.Logger.getLogger("local-logger");

    /* FIX: Use a hardcoded number that won't cause underflow, overflow,
    divide by zero, or loss-of-precision issues */
    data = 2;

    Container data_container = new Container();
    data_container.a = data;
    (new CWE191_Integer_Underflow__fromFile_multiply_67b()).goodG2B_sink(data_container);
  }
예제 #18
0
 public static void testProxySnippet() {
   while (container.a < container.b) {
     List<Container> list = new ArrayList<>(containerList);
     while (container.c < list.size()) {
       if (container.obj != null) {
         return;
       }
       container.c++;
     }
     container.a = 0;
     container.b--;
   }
   container.b++;
 }
예제 #19
0
 /** Here the read should not float to the end. */
 public static int testLoop8Snippet(int a, int b) {
   int result = container.a;
   for (int i = 0; i < a; i++) {
     if (b < 0) {
       container.b = 10;
       break;
     } else {
       for (int j = 0; j < b; j++) {
         container.a = 0;
       }
     }
   }
   GraalDirectives.controlFlowAnchor();
   return result;
 }
  public void bad() throws Throwable {
    int data;

    Logger log_bad = Logger.getLogger("local-logger");

    /* init data */
    data = -1;

    File f = new File("C:\\name.txt");
    BufferedReader buffread = null;
    FileReader fread = null;
    try {
      /* read string from file into data */
      char[] readIn = new char[(new Long(f.length())).intValue()];
      fread = new FileReader(f);
      buffread = new BufferedReader(fread);

      String s_data =
          buffread.readLine(); // This will be reading the first "line" of the file, which
      // could be very long if there are little or no newlines in the file\
      data = Integer.parseInt(s_data.trim());
    } catch (IOException ioe) {
      log_bad.warning("Error with stream reading");
    } catch (NumberFormatException nfe) {
      log_bad.warning("Error with number parsing");
    } finally {
      /* clean up stream reading objects */
      try {
        if (buffread != null) {
          buffread.close();
        }
      } catch (IOException ioe) {
        log_bad.warning("Error closing buffread");
      } finally {
        try {
          if (fread != null) {
            fread.close();
          }
        } catch (IOException ioe) {
          log_bad.warning("Error closing fread");
        }
      }
    }

    Container data_container = new Container();
    data_container.a = data;
    (new CWE191_Integer_Underflow__fromFile_multiply_67b()).bad_sink(data_container);
  }
예제 #21
0
  public static int testAntiDependencySnippet(int a) {
    /*
     * This read must not be scheduled after the following write.
     */
    int res = container.a;
    container.a = 10;

    /*
     * Add some more basic blocks.
     */
    if (a < 0) {
      container.b = 20;
    }
    container.c = 30;
    return res;
  }
  public void bad(HttpServletRequest request, HttpServletResponse response) throws Throwable {
    String data;

    Logger log_bad = Logger.getLogger("local-logger");

    data = ""; /* init data */

    URLConnection conn = (new URL("http://www.example.org/")).openConnection();
    BufferedReader buffread = null;
    InputStreamReader instrread = null;
    try {
      /* read input from URLConnection */
      instrread = new InputStreamReader(conn.getInputStream());
      buffread = new BufferedReader(instrread);

      data = buffread.readLine(); // This will be reading the first "line" of the response body,
      // which could be very long if there are no newlines in the HTML
    } catch (IOException ioe) {
      log_bad.warning("Error with stream reading");
    } finally {
      /* clean up stream reading objects */
      try {
        if (buffread != null) {
          buffread.close();
        }
      } catch (IOException ioe) {
        log_bad.warning("Error closing buffread");
      } finally {
        try {
          if (instrread != null) {
            instrread.close();
          }
        } catch (IOException ioe) {
          log_bad.warning("Error closing instrread");
        }
      }
    }

    Container data_container = new Container();
    data_container.a = data;
    (new CWE113_HTTP_Response_Splitting__URLConnection_sendRedirectServlet_67b())
        .bad_sink(data_container, request, response);
  }
  /* goodB2G() - use badsource and goodsink */
  private void goodB2G() throws Throwable {
    String data;

    Logger log_bad = Logger.getLogger("local-logger");

    data = ""; /* init data */

    URLConnection conn = (new URL("http://www.example.org/")).openConnection();
    BufferedReader buffread = null;
    InputStreamReader instrread = null;
    try {
      /* read input from URLConnection */
      instrread = new InputStreamReader(conn.getInputStream());
      buffread = new BufferedReader(instrread);

      data = buffread.readLine(); // This will be reading the first "line" of the response body,
      // which could be very long if there are no newlines in the HTML
    } catch (IOException ioe) {
      log_bad.warning("Error with stream reading");
    } finally {
      /* clean up stream reading objects */
      try {
        if (buffread != null) {
          buffread.close();
        }
      } catch (IOException ioe) {
        log_bad.warning("Error closing buffread");
      } finally {
        try {
          if (instrread != null) {
            instrread.close();
          }
        } catch (IOException ioe) {
          log_bad.warning("Error closing instrread");
        }
      }
    }

    Container data_container = new Container();
    data_container.a = data;
    (new CWE643_Unsafe_Treatment_of_XPath_Input__URLConnection_67b()).goodB2G_sink(data_container);
  }
  /* goodB2G() - use badsource and goodsink */
  private void goodB2G() throws Throwable {
    int data;

    Logger log_bad = Logger.getLogger("local-logger");

    /* init data */
    data = -1;

    /* retrieve the "pid" property */
    Properties props = new Properties();
    FileInputStream finstr = null;
    try {
      finstr = new FileInputStream("../common/config.properties");
      props.load(finstr);

      String s_data = props.getProperty("pid");
      data = Integer.parseInt(s_data.trim());
    } catch (IOException ioe) {
      log_bad.warning("Error with stream reading");
    } catch (NumberFormatException nfe) {
      log_bad.warning("Error with number parsing");
    } finally {
      /* clean up stream reading objects */
      try {
        if (finstr != null) {
          finstr.close();
        }
      } catch (IOException ioe) {
        log_bad.warning("Error closing buffread");
      }
    }

    Container data_container = new Container();
    data_container.a = data;
    (new CWE369_Divide_By_Zero__PropertiesFile_divide_67b()).goodB2G_sink(data_container);
  }
  public void bad(HttpServletRequest request, HttpServletResponse response) throws Throwable {
    String data;

    Logger log_bad = Logger.getLogger("local-logger");
    data = "";

    /* parse the query string for value of 'id' */
    String id_str = null;
    StringTokenizer st = new StringTokenizer(request.getQueryString(), "&");
    while (st.hasMoreTokens()) {
      String token = st.nextToken();
      int i = token.indexOf("=");
      if ((i > 0) && (i < (token.length() - 1)) && (token.substring(0, i).equals("id"))) {
        id_str = token.substring(i + 1);
        break;
      }
    }

    if (id_str != null) {
      Connection conn = null;
      PreparedStatement statement = null;
      ResultSet rs = null;
      try {
        int id = Integer.parseInt(id_str);
        conn = IO.getDBConnection();
        statement = conn.prepareStatement("select * from pages where id=?");
        /* FLAW: no check to see whether the user has privileges to view the data */
        statement.setInt(1, id);
        rs = statement.executeQuery();
        data = rs.toString();
      } catch (SQLException se) {
        log_bad.warning("Error");
      } finally {
        /* clean up database objects */
        try {
          if (rs != null) {
            rs.close();
          }
        } catch (SQLException se) {
          log_bad.warning("Error closing rs");
        } finally {
          try {
            if (statement != null) {
              statement.close();
            }
          } catch (SQLException se) {
            log_bad.warning("Error closing statement");
          } finally {
            try {
              if (conn != null) {
                conn.close();
              }
            } catch (SQLException se) {
              log_bad.warning("Error closing conn");
            }
          }
        }
      }
    }

    Container data_container = new Container();
    data_container.a = data;
    (new CWE80_XSS__Servlet_getQueryStringServlet_67b())
        .bad_sink(data_container, request, response);
  }
  public void bad() throws Throwable {
    String data;

    Logger log_bad = Logger.getLogger("local-logger");

    data = ""; /* init data */

    Connection conn = null;
    PreparedStatement statement = null;
    ResultSet rs = null;
    BufferedReader buffread = null;
    InputStreamReader instrread = null;
    try {
      /* setup the connection */
      conn = IO.getDBConnection();

      /* prepare the query */
      statement = conn.prepareStatement("select name from users where id=?");

      /* get user input for the userid */
      IO.writeLine("Enter a userid to login as (number): ");
      instrread = new InputStreamReader(System.in);
      buffread = new BufferedReader(instrread);
      int num = Integer.parseInt(buffread.readLine());
      statement.setInt(1, num);
      rs = statement.executeQuery();

      data = rs.getString(1);
    } catch (IOException ioe) {
      log_bad.warning("Error with stream reading");
    } finally {
      /* clean up stream reading objects */
      try {
        if (buffread != null) {
          buffread.close();
        }
      } catch (IOException ioe) {
        log_bad.warning("Error closing buffread");
      } finally {
        try {
          if (instrread != null) {
            instrread.close();
          }
        } catch (IOException ioe) {
          log_bad.warning("Error closing instrread");
        }
      }

      /* clean up database objects */
      try {
        if (rs != null) {
          rs.close();
        }
      } catch (SQLException se) {
        log_bad.warning("Error closing rs");
      } finally {
        try {
          if (statement != null) {
            statement.close();
          }
        } catch (SQLException se) {
          log_bad.warning("Error closing statement");
        } finally {
          try {
            if (conn != null) {
              conn.close();
            }
          } catch (SQLException se) {
            log_bad.warning("Error closing conn");
          }
        }
      }
    }

    Container data_container = new Container();
    data_container.a = data;
    (new CWE643_Unsafe_Treatment_of_XPath_Input__fromDB_67b()).bad_sink(data_container);
  }
예제 #27
0
 /** Here the read should float to the end. */
 public static int testIfRead5Snippet(int a) {
   if (a < 0) {
     container.a = 10;
   }
   return container.a;
 }