public void action(String data) throws Throwable {
String xmlFile = null;
if (System.getProperty("os.name").toLowerCase().indexOf("win") >= 0) {
/* running on Windows */
xmlFile = "\\src\\testcases\\CWE643_Xpath Injection\\CWE643_Xpath_Injection__Helper.xml";
} else {
/* running on non-Windows */
xmlFile = "./src/testcases/CWE643_Xpath Injection/CWE643_Xpath_Injection__Helper.xml";
}
if (data != null) {
/* assume username||password as source */
String[] tokens = data.split("||");
if (tokens.length < 2) {
return;
}
String username = tokens[0];
String password = tokens[1];
/* build xpath */
XPath xPath = XPathFactory.newInstance().newXPath();
InputSource inputXml = new InputSource(xmlFile);
/* INCIDENTAL: CWE180 Incorrect Behavior Order: Validate Before Canonicalize
* The user input should be canonicalized before validation. */
/* POTENTIAL FLAW: user input is used without validate */
String query =
"//users/user[name/text()='"
+ username
+ "' and pass/text()='"
+ password
+ "']"
+ "/secret/text()";
String secret = (String) xPath.evaluate(query, inputXml, XPathConstants.STRING);
}
}
/* goodG2B() - use goodsource and badsink */
private void goodG2B(HttpServletRequest request, HttpServletResponse response) throws Throwable {
String data =
(new CWE643_Unsafe_Treatment_of_XPath_Input__getCookiesServlet_61b())
.goodG2B_source(request, response);
final String xmldoc =
"\\src\\testcases\\CWE643_Unsafe_Treatment_of_XPath_Input\\console_to_evaluate\\CWE643_Unsafe_Treatment_of_XPath_Input__helper.xml";
/* assume username||password as source */
String[] tokens = data.split("||");
if (tokens.length < 2) {
return;
}
String uname = tokens[0];
String pword = tokens[1];
/* build xpath */
XPath xp = XPathFactory.newInstance().newXPath();
InputSource inxml = new InputSource(xmldoc);
/* INCIDENTAL: CWE180 Incorrect Behavior Order: Validate Before Canonicalize
* The user input should be canonicalized before validation.
*/
/* FLAW: user input is used without validate */
String query =
"//users/user[name/text()='"
+ uname
+ "' and pass/text()='"
+ pword
+ "']"
+ "/secret/text()";
String secret = (String) xp.evaluate(query, inxml, XPathConstants.STRING);
}
public void bad_sink(
CWE643_Unsafe_Treatment_of_XPath_Input__fromFile_67a.Container data_container)
throws Throwable {
String data = data_container.a;
final String xmldoc =
"\\src\\testcases\\CWE643_Unsafe_Treatment_of_XPath_Input\\console_to_evaluate\\CWE643_Unsafe_Treatment_of_XPath_Input__helper.xml";
/* assume username||password as source */
String[] tokens = data.split("||");
if (tokens.length < 2) {
return;
}
String uname = tokens[0];
String pword = tokens[1];
/* build xpath */
XPath xp = XPathFactory.newInstance().newXPath();
InputSource inxml = new InputSource(xmldoc);
/* INCIDENTAL: CWE180 Incorrect Behavior Order: Validate Before Canonicalize
* The user input should be canonicalized before validation.
*/
/* FLAW: user input is used without validate */
String query =
"//users/user[name/text()='"
+ uname
+ "' and pass/text()='"
+ pword
+ "']"
+ "/secret/text()";
String secret = (String) xp.evaluate(query, inxml, XPathConstants.STRING);
}
/* goodB2G() - use badsource and goodsink */
private void goodB2G(HttpServletRequest request, HttpServletResponse response) throws Throwable {
String data =
(new CWE643_Unsafe_Treatment_of_XPath_Input__getCookiesServlet_61b())
.goodB2G_source(request, response);
final String xmldoc =
"\\src\\testcases\\CWE643_Unsafe_Treatment_of_XPath_Input\\console_to_evaluate\\CWE643_Unsafe_Treatment_of_XPath_Input__helper.xml";
/* assume username||password as source */
String[] tokens = data.split("||");
if (tokens.length < 2) {
return;
}
/* FIX: validate input using StringEscapeUtils */
String uname = StringEscapeUtils.escapeXml(tokens[0]);
String pword = StringEscapeUtils.escapeXml(tokens[1]);
/* build xpath */
XPath xp = XPathFactory.newInstance().newXPath();
InputSource inxml = new InputSource(xmldoc);
String query =
"//users/user[name/text()='"
+ uname
+ "' and pass/text()='"
+ pword
+ "']"
+ "/secret/text()";
String secret = (String) xp.evaluate(query, inxml, XPathConstants.STRING);
}
/* goodB2G() - use badsource and goodsink */
public void goodB2G_sink(
CWE643_Unsafe_Treatment_of_XPath_Input__fromFile_67a.Container data_container)
throws Throwable {
String data = data_container.a;
final String xmldoc =
"\\src\\testcases\\CWE643_Unsafe_Treatment_of_XPath_Input\\console_to_evaluate\\CWE643_Unsafe_Treatment_of_XPath_Input__helper.xml";
/* assume username||password as source */
String[] tokens = data.split("||");
if (tokens.length < 2) {
return;
}
/* FIX: validate input using StringEscapeUtils */
String uname = StringEscapeUtils.escapeXml(tokens[0]);
String pword = StringEscapeUtils.escapeXml(tokens[1]);
/* build xpath */
XPath xp = XPathFactory.newInstance().newXPath();
InputSource inxml = new InputSource(xmldoc);
String query =
"//users/user[name/text()='"
+ uname
+ "' and pass/text()='"
+ pword
+ "']"
+ "/secret/text()";
String secret = (String) xp.evaluate(query, inxml, XPathConstants.STRING);
}
/* goodG2B2() - use goodsource and badsink by reversing the blocks in the first switch */
private void goodG2B2() throws Throwable {
String data;
switch (6) {
case 6:
/* FIX: Use a hardcoded string */
data = "foo";
break;
default:
/* INCIDENTAL: CWE 561 Dead Code, the code below will never run
* but ensure data is inititialized before the Sink to avoid compiler errors */
data = null;
break;
}
switch (7) {
case 7:
String xmlFile = null;
if (System.getProperty("os.name").toLowerCase().indexOf("win") >= 0) {
/* running on Windows */
xmlFile = "\\src\\testcases\\CWE643_Xpath Injection\\CWE643_Xpath_Injection__Helper.xml";
} else {
/* running on non-Windows */
xmlFile = "./src/testcases/CWE643_Xpath Injection/CWE643_Xpath_Injection__Helper.xml";
}
if (data != null) {
/* assume username||password as source */
String[] tokens = data.split("||");
if (tokens.length < 2) {
return;
}
String username = tokens[0];
String password = tokens[1];
/* build xpath */
XPath xPath = XPathFactory.newInstance().newXPath();
InputSource inputXml = new InputSource(xmlFile);
/* INCIDENTAL: CWE180 Incorrect Behavior Order: Validate Before Canonicalize
* The user input should be canonicalized before validation. */
/* POTENTIAL FLAW: user input is used without validate */
String query =
"//users/user[name/text()='"
+ username
+ "' and pass/text()='"
+ password
+ "']"
+ "/secret/text()";
String secret = (String) xPath.evaluate(query, inputXml, XPathConstants.STRING);
}
break;
default:
/* INCIDENTAL: CWE 561 Dead Code, the code below will never run */
IO.writeLine("Benign, fixed string");
break;
}
}
public List getUserList() {
List<Map> list = new ArrayList<Map>();
try {
/*
String apiUrl=rallyApiHost+"/user?query="+
"((TeamMemberships%20%3D%20https%3A%2F%2Frally1.rallydev.com%2Fslm%2Fwebservice%2F1.34%2Fproject%2F6169133135)%20or%20"+
"(TeamMemberships%20%3D%20https%3A%2F%2Frally1.rallydev.com%2Fslm%2Fwebservice%2F1.34%2Fproject%2F6083311244))"+
"&fetch=true&order=Name&start=1&pagesize=100";
*/
String apiUrl =
rallyApiHost
+ "/user?query=(Disabled%20=%20false)"
+ "&fetch=true&order=Name&start=1&pagesize=100";
log.info("apiUrl=" + apiUrl);
String responseXML = getRallyXML(apiUrl);
org.jdom.input.SAXBuilder bSAX = new org.jdom.input.SAXBuilder();
org.jdom.Document doc = bSAX.build(new StringReader(responseXML));
Element root = doc.getRootElement();
XPath xpath = XPath.newInstance("//Object");
List xlist = xpath.selectNodes(root);
Iterator iter = xlist.iterator();
while (iter.hasNext()) {
Map map = new HashMap();
Element item = (Element) iter.next();
String userRef = item.getAttribute("ref").getValue();
String userName = item.getAttribute("refObjectName").getValue();
String userObjectId = item.getChildText("ObjectID");
map.put("userRef", userRef);
map.put("userObjectId", userObjectId);
map.put("userName", userName);
list.add(map);
}
} catch (Exception ex) {
log.error("", ex);
}
return list;
}
/* goodB2G1() - use badsource and goodsink by changing second privateReturnsTrue() to privateReturnsFalse() */
private void goodB2G1() throws Throwable {
String data;
if (privateReturnsTrue()) {
/* get system property user.home */
/* POTENTIAL FLAW: Read data from a system property */
data = System.getProperty("user.home");
} else {
/* INCIDENTAL: CWE 561 Dead Code, the code below will never run
* but ensure data is inititialized before the Sink to avoid compiler errors */
data = null;
}
if (privateReturnsFalse()) {
/* INCIDENTAL: CWE 561 Dead Code, the code below will never run */
IO.writeLine("Benign, fixed string");
} else {
String xmlFile = null;
if (System.getProperty("os.name").toLowerCase().indexOf("win") >= 0) {
/* running on Windows */
xmlFile = "\\src\\testcases\\CWE643_Xpath Injection\\CWE643_Xpath_Injection__Helper.xml";
} else {
/* running on non-Windows */
xmlFile = "./src/testcases/CWE643_Xpath Injection/CWE643_Xpath_Injection__Helper.xml";
}
if (data != null) {
/* assume username||password as source */
String[] tokens = data.split("||");
if (tokens.length < 2) {
return;
}
/* FIX: validate input using StringEscapeUtils */
String username = StringEscapeUtils.escapeXml(tokens[0]);
String password = StringEscapeUtils.escapeXml(tokens[1]);
/* build xpath */
XPath xPath = XPathFactory.newInstance().newXPath();
InputSource inputXml = new InputSource(xmlFile);
String query =
"//users/user[name/text()='"
+ username
+ "' and pass/text()='"
+ password
+ "']"
+ "/secret/text()";
String secret = (String) xPath.evaluate(query, inputXml, XPathConstants.STRING);
}
}
}
public void bad(HttpServletRequest request, HttpServletResponse response) throws Throwable {
String data;
if (PRIVATE_STATIC_FINAL_TRUE) {
/* POTENTIAL FLAW: Read data from a querystring using getParameter */
data = request.getParameter("name");
} else {
/* INCIDENTAL: CWE 561 Dead Code, the code below will never run
* but ensure data is inititialized before the Sink to avoid compiler errors */
data = null;
}
if (PRIVATE_STATIC_FINAL_TRUE) {
String xmlFile = null;
if (System.getProperty("os.name").toLowerCase().indexOf("win") >= 0) {
/* running on Windows */
xmlFile = "\\src\\testcases\\CWE643_Xpath Injection\\CWE643_Xpath_Injection__Helper.xml";
} else {
/* running on non-Windows */
xmlFile = "./src/testcases/CWE643_Xpath Injection/CWE643_Xpath_Injection__Helper.xml";
}
if (data != null) {
/* assume username||password as source */
String[] tokens = data.split("||");
if (tokens.length < 2) {
return;
}
String username = tokens[0];
String password = tokens[1];
/* build xpath */
XPath xPath = XPathFactory.newInstance().newXPath();
InputSource inputXml = new InputSource(xmlFile);
/* INCIDENTAL: CWE180 Incorrect Behavior Order: Validate Before Canonicalize
* The user input should be canonicalized before validation. */
/* POTENTIAL FLAW: user input is used without validate */
String query =
"//users/user[name/text()='"
+ username
+ "' and pass/text()='"
+ password
+ "']"
+ "/secret/text()";
String secret = (String) xPath.evaluate(query, inputXml, XPathConstants.STRING);
}
}
}
public List getProjectList() {
List<Map> list = new ArrayList<Map>();
try {
String apiUrl = rallyApiHost + "/project?" + "fetch=true&order=Name&start=1&pagesize=200";
log.info("rallyApiUrl:" + apiUrl);
String responseXML = getRallyXML(apiUrl);
org.jdom.input.SAXBuilder bSAX = new org.jdom.input.SAXBuilder();
org.jdom.Document doc = bSAX.build(new StringReader(responseXML));
Element root = doc.getRootElement();
XPath xpath = XPath.newInstance("//Object");
List xlist = xpath.selectNodes(root);
Iterator iter = xlist.iterator();
while (iter.hasNext()) {
Map map = new HashMap();
Element item = (Element) iter.next();
String objId = item.getChildText("ObjectID");
String name = item.getChildText("Name");
String state = item.getChildText("State");
map.put("objId", objId);
map.put("name", name);
map.put("state", state);
list.add(map);
}
} catch (Exception ex) {
log.error("ERROR: ", ex);
}
return list;
}
public void bad() throws Throwable {
String data;
if (IO.staticFive == 5) {
data = ""; /* Initialize data */
{
File file = new File("C:\\data.txt");
FileInputStream streamFileInput = null;
InputStreamReader readerInputStream = null;
BufferedReader readerBuffered = null;
try {
/* read string from file into data */
streamFileInput = new FileInputStream(file);
readerInputStream = new InputStreamReader(streamFileInput, "UTF-8");
readerBuffered = new BufferedReader(readerInputStream);
/* POTENTIAL FLAW: Read data from a file */
/* This will be reading the first "line" of the file, which
* could be very long if there are little or no newlines in the file */
data = readerBuffered.readLine();
} catch (IOException exceptIO) {
IO.logger.log(Level.WARNING, "Error with stream reading", exceptIO);
} finally {
/* Close stream reading objects */
try {
if (readerBuffered != null) {
readerBuffered.close();
}
} catch (IOException exceptIO) {
IO.logger.log(Level.WARNING, "Error closing BufferedReader", exceptIO);
}
try {
if (readerInputStream != null) {
readerInputStream.close();
}
} catch (IOException exceptIO) {
IO.logger.log(Level.WARNING, "Error closing InputStreamReader", exceptIO);
}
try {
if (streamFileInput != null) {
streamFileInput.close();
}
} catch (IOException exceptIO) {
IO.logger.log(Level.WARNING, "Error closing FileInputStream", exceptIO);
}
}
}
} else {
/* INCIDENTAL: CWE 561 Dead Code, the code below will never run
* but ensure data is inititialized before the Sink to avoid compiler errors */
data = null;
}
if (IO.staticFive == 5) {
String xmlFile = null;
if (System.getProperty("os.name").toLowerCase().indexOf("win") >= 0) {
/* running on Windows */
xmlFile = "\\src\\testcases\\CWE643_Xpath Injection\\CWE643_Xpath_Injection__Helper.xml";
} else {
/* running on non-Windows */
xmlFile = "./src/testcases/CWE643_Xpath Injection/CWE643_Xpath_Injection__Helper.xml";
}
if (data != null) {
/* assume username||password as source */
String[] tokens = data.split("||");
if (tokens.length < 2) {
return;
}
String username = tokens[0];
String password = tokens[1];
/* build xpath */
XPath xPath = XPathFactory.newInstance().newXPath();
InputSource inputXml = new InputSource(xmlFile);
/* INCIDENTAL: CWE180 Incorrect Behavior Order: Validate Before Canonicalize
* The user input should be canonicalized before validation. */
/* POTENTIAL FLAW: user input is used without validate */
String query =
"//users/user[name/text()='"
+ username
+ "' and pass/text()='"
+ password
+ "']"
+ "/secret/text()";
String secret = (String) xPath.evaluate(query, inputXml, XPathConstants.STRING);
}
}
}
public void bad() throws Throwable {
String data;
switch (6) {
case 6:
data = ""; /* Initialize data */
/* Read data from a database */
{
Connection connection = null;
PreparedStatement preparedStatement = null;
ResultSet resultSet = null;
try {
/* setup the connection */
connection = IO.getDBConnection();
/* prepare and execute a (hardcoded) query */
preparedStatement = connection.prepareStatement("select name from users where id=0");
resultSet = preparedStatement.executeQuery();
/* POTENTIAL FLAW: Read data from a database query resultset */
data = resultSet.getString(1);
} catch (SQLException exceptSql) {
IO.logger.log(Level.WARNING, "Error with SQL statement", exceptSql);
} finally {
/* Close database objects */
try {
if (resultSet != null) {
resultSet.close();
}
} catch (SQLException exceptSql) {
IO.logger.log(Level.WARNING, "Error closing ResultSet", exceptSql);
}
try {
if (preparedStatement != null) {
preparedStatement.close();
}
} catch (SQLException exceptSql) {
IO.logger.log(Level.WARNING, "Error closing PreparedStatement", exceptSql);
}
try {
if (connection != null) {
connection.close();
}
} catch (SQLException exceptSql) {
IO.logger.log(Level.WARNING, "Error closing Connection", exceptSql);
}
}
}
break;
default:
/* INCIDENTAL: CWE 561 Dead Code, the code below will never run
* but ensure data is inititialized before the Sink to avoid compiler errors */
data = null;
break;
}
switch (7) {
case 7:
String xmlFile = null;
if (System.getProperty("os.name").toLowerCase().indexOf("win") >= 0) {
/* running on Windows */
xmlFile = "\\src\\testcases\\CWE643_Xpath Injection\\CWE643_Xpath_Injection__Helper.xml";
} else {
/* running on non-Windows */
xmlFile = "./src/testcases/CWE643_Xpath Injection/CWE643_Xpath_Injection__Helper.xml";
}
if (data != null) {
/* assume username||password as source */
String[] tokens = data.split("||");
if (tokens.length < 2) {
return;
}
String username = tokens[0];
String password = tokens[1];
/* build xpath */
XPath xPath = XPathFactory.newInstance().newXPath();
InputSource inputXml = new InputSource(xmlFile);
/* INCIDENTAL: CWE180 Incorrect Behavior Order: Validate Before Canonicalize
* The user input should be canonicalized before validation. */
/* POTENTIAL FLAW: user input is used without validate */
String query =
"//users/user[name/text()='"
+ username
+ "' and pass/text()='"
+ password
+ "']"
+ "/secret/text()";
String secret = (String) xPath.evaluate(query, inputXml, XPathConstants.STRING);
}
break;
default:
/* INCIDENTAL: CWE 561 Dead Code, the code below will never run */
IO.writeLine("Benign, fixed string");
break;
}
}
// public List getUserStoryList(String sessionId,String iterationId,ServletOutputStream out) {
public List getUserStoryList(String sessionId, String iterationId, PrintWriter out) {
List<Map> list = new ArrayList<Map>();
statusMap.put(sessionId, "0");
try {
String apiURL =
rallyApiHost
+ "/hierarchicalrequirement?"
+ "query=(Iteration%20=%20"
+ rallyApiHost
+ "/iteration/"
+ iterationId
+ ")&fetch=true&start=1&pagesize=100";
log.info("getUserStoryList apiURL=" + apiURL);
String responseXML = getRallyXML(apiURL);
org.jdom.input.SAXBuilder bSAX = new org.jdom.input.SAXBuilder();
org.jdom.Document doc = bSAX.build(new StringReader(responseXML));
Element root = doc.getRootElement();
XPath xpath = XPath.newInstance("//Object");
List xlist = xpath.selectNodes(root);
int totalSteps = xlist.size() + 1;
int currentStep = 0;
List taskRefLink = new ArrayList();
Iterator iter = xlist.iterator();
while (iter.hasNext()) {
double totalTimeSpent = 0.0D;
Map map = new HashMap();
Element item = (Element) iter.next();
String objId = item.getChildText("ObjectID");
String name = item.getChildText("Name");
String planEstimate = item.getChildText("PlanEstimate");
String formattedId = item.getChildText("FormattedID");
String taskActualTotal = item.getChildText("TaskActualTotal");
String taskEstimateTotal = item.getChildText("TaskEstimateTotal");
String taskRemainingTotal = item.getChildText("TaskRemainingTotal");
String scheduleState = item.getChildText("ScheduleState");
Element ownerElement = item.getChild("Owner");
String owner = "";
String ownerRef = "";
if (ownerElement != null) {
owner = ownerElement.getAttributeValue("refObjectName");
}
Element taskElements = item.getChild("Tasks");
// List taskElementList=taskElements.getContent();
List taskElementList = taskElements.getChildren();
List taskList = new ArrayList();
log.info("taskElements.getChildren=" + taskElements);
log.info("taskList=" + taskElementList);
for (int i = 0; i < taskElementList.size(); i++) {
Element taskElement = (Element) taskElementList.get(i);
String taskRef = taskElement.getAttributeValue("ref");
String[] objectIdArr = taskRef.split("/");
String objectId = objectIdArr[objectIdArr.length - 1];
log.info("objectId=" + objectId);
// Map taskMap=getTaskMap(taskRef);
Map taskMap = getTaskMapBatch(objectId);
double taskTimeSpentTotal =
Double.parseDouble((String) taskMap.get("taskTimeSpentTotal"));
totalTimeSpent += taskTimeSpentTotal;
taskList.add(taskMap);
}
map.put("type", "userstory");
map.put("formattedId", formattedId);
map.put("name", name);
map.put("taskStatus", scheduleState);
map.put("owner", owner);
map.put("planEstimate", planEstimate);
map.put("taskEstimateTotal", taskEstimateTotal);
map.put("taskRemainingTotal", taskRemainingTotal);
map.put("taskTimeSpentTotal", "" + totalTimeSpent);
list.add(map);
list.addAll(taskList);
++currentStep;
double percentage = 100.0D * currentStep / totalSteps;
String status = "" + Math.round(percentage);
statusMap.put(sessionId, status);
out.println("<script>parent.updateProcessStatus('" + status + "%')</script>" + status);
out.flush();
log.info("out.flush..." + status);
// log.info("status="+status+" sessionId="+sessionId);
// log.info("L1 statusMap="+statusMap+" "+statusMap.hashCode());
}
double planEstimate = 0.0D;
double taskEstimateTotal = 0.0D;
double taskRemainingTotal = 0.0D;
double taskTimeSpentTotal = 0.0D;
Map iterationMap = new HashMap();
for (Map map : list) {
String type = (String) map.get("type");
String planEstimateStr = (String) map.get("planEstimate");
log.info("planEstimateStr=" + planEstimateStr);
if ("userstory".equals(type)) {
if (planEstimateStr != null) {
planEstimate += Double.parseDouble(planEstimateStr);
}
taskEstimateTotal += Double.parseDouble((String) map.get("taskEstimateTotal"));
taskRemainingTotal += Double.parseDouble((String) map.get("taskRemainingTotal"));
taskTimeSpentTotal += Double.parseDouble((String) map.get("taskTimeSpentTotal"));
}
}
apiURL = rallyApiHost + "/iteration/" + iterationId + "?fetch=true";
log.info("iteration apiURL=" + apiURL);
responseXML = getRallyXML(apiURL);
bSAX = new org.jdom.input.SAXBuilder();
doc = bSAX.build(new StringReader(responseXML));
root = doc.getRootElement();
xpath = XPath.newInstance("//Iteration");
xlist = xpath.selectNodes(root);
String projName = "";
String iterName = "";
String iterState = "";
iter = xlist.iterator();
while (iter.hasNext()) {
Element item = (Element) iter.next();
iterName = item.getChildText("Name");
iterState = item.getChildText("State");
Element projElement = item.getChild("Project");
projName = projElement.getAttributeValue("refObjectName");
}
iterationMap.put("type", "iteration");
iterationMap.put("formattedId", "");
iterationMap.put("name", projName + " - " + iterName);
iterationMap.put("taskStatus", iterState);
iterationMap.put("owner", "");
iterationMap.put("planEstimate", "" + planEstimate);
iterationMap.put("taskEstimateTotal", "" + taskEstimateTotal);
iterationMap.put("taskRemainingTotal", "" + taskRemainingTotal);
iterationMap.put("taskTimeSpentTotal", "" + taskTimeSpentTotal);
list.add(0, iterationMap);
statusMap.put(sessionId, "100");
log.info("L2 statusMap=" + statusMap);
log.info("L2 verify=" + getProcessStatus(sessionId));
log.info("-----------");
// String jsonData=JsonUtil.encodeObj(list);
String jsonData = JSONValue.toJSONString(list);
out.println("<script>parent.tableResult=" + jsonData + "</script>");
out.println("<script>parent.showTableResult()</script>");
} catch (Exception ex) {
log.error("ERROR: ", ex);
}
return list;
}
public List getIterationList(String projectId) {
List<Map> list = new ArrayList<Map>();
try {
String apiUrl =
rallyApiHost
+ "/iteration?"
+ "project="
+ rallyApiHost
+ "/project/"
+ projectId
+ "&fetch=true&order=Name%20desc&start=1&pagesize=100";
String checkProjectRef = rallyApiHost + "/project/" + projectId;
log.info("rallyApiUrl:" + apiUrl);
log.info("checkProjectRef:" + checkProjectRef);
String responseXML = getRallyXML(apiUrl);
SimpleDateFormat ISO8601FORMAT = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss.SSS'Z'");
Date currentDate = new Date();
org.jdom.input.SAXBuilder bSAX = new org.jdom.input.SAXBuilder();
org.jdom.Document doc = bSAX.build(new StringReader(responseXML));
Element root = doc.getRootElement();
XPath xpath = XPath.newInstance("//Object");
List xlist = xpath.selectNodes(root);
Iterator iter = xlist.iterator();
while (iter.hasNext()) {
Map map = new HashMap();
Element item = (Element) iter.next();
String objId = item.getChildText("ObjectID");
String name = item.getChildText("Name");
String state = item.getChildText("State");
String startDateStr = item.getChildText("StartDate");
String endDateStr = item.getChildText("EndDate");
Date startDate = ISO8601FORMAT.parse(startDateStr);
Date endDate = ISO8601FORMAT.parse(endDateStr);
boolean isCurrent = false;
int startCheck = startDate.compareTo(currentDate);
int endCheck = endDate.compareTo(currentDate);
if (startCheck < 0 && endCheck > 0) {
isCurrent = true;
}
log.info("name=" + name + " isCurrent=" + isCurrent);
String releaseRef = item.getAttribute("ref").getValue();
// In child project, parent object have to be filiered
Element projectElement = item.getChild("Project");
String projectRef = projectElement.getAttributeValue("ref");
if (projectRef.equals(checkProjectRef)) {
map.put("objId", objId);
map.put("rallyRef", releaseRef);
map.put("name", name);
map.put("state", state);
map.put("isCurrent", "" + isCurrent);
list.add(map);
}
}
log.info("-----------");
} catch (Exception ex) {
log.error("ERROR: ", ex);
}
return list;
}
public List getUserTimeSpentByDate(String userObjectId, String startDate, String endDate) {
List list = new ArrayList();
log.info("userObjectId=" + userObjectId);
log.info("startDate=" + startDate);
log.info("endDate=" + endDate);
try {
String apiUrl =
rallyApiHost
+ "/timeentryvalue?query=((TimeEntryItem.User.ObjectId%20=%20"
+ userObjectId
+ ")"
+ "%20and%20((DateVal%20%3E=%20"
+ startDate
+ ")%20and%20(DateVal%20%3C=%20"
+ endDate
+ ")))"
+ "&start=1&pagesize=100&fetch=true";
log.info("apiUrl=" + apiUrl);
String responseXML = getRallyXML(apiUrl);
log.info("responseXML=" + responseXML);
org.jdom.input.SAXBuilder bSAX = new org.jdom.input.SAXBuilder();
org.jdom.Document doc = bSAX.build(new StringReader(responseXML));
Element root = doc.getRootElement();
XPath xpath = XPath.newInstance("//Object");
List xlist = xpath.selectNodes(root);
Iterator iter = xlist.iterator();
while (iter.hasNext()) {
// Map map=new HashMap();
Element item = (Element) iter.next();
String hours = item.getChildText("Hours");
Element timeEntryItemElement = item.getChild("TimeEntryItem");
String timeEntryItemRef = timeEntryItemElement.getAttributeValue("ref");
Map map = getUserStoryTaskMap(timeEntryItemRef);
String checkTaskId = (String) map.get("taskFormattedId");
boolean isExist = false;
for (int i = 0; i < list.size(); i++) {
Map existMap = (Map) list.get(i);
log.info("existMap=" + existMap);
String existTaskId = (String) existMap.get("taskFormattedId");
log.info("existTaskId=" + existTaskId);
log.info("checkTaskId=" + checkTaskId);
if (existTaskId != null && existTaskId.equals(checkTaskId)) {
isExist = true;
String existHours = (String) existMap.get("hours");
double eHour = 0.0D;
if (!"".equals(existHours)) {
eHour = Double.parseDouble(existHours);
}
double nHour = 0.0D;
if (!"".equals(hours)) {
nHour = Double.parseDouble(hours);
}
log.info("nHour=" + nHour);
log.info("eHour=" + eHour);
nHour += eHour;
log.info("2 nHour=" + nHour);
existMap.put("hours", "" + nHour);
break;
}
}
if (!isExist) {
map.put("hours", hours);
list.add(map);
}
log.info("hours=" + hours);
log.info("timeEntryItemRef=" + timeEntryItemRef);
// list.add(map);
}
Collections.sort(
list,
new Comparator<Map<String, String>>() {
public int compare(Map<String, String> m1, Map<String, String> m2) {
if (m1.get("projectName") == null || m2.get("projectName") == null) return -1;
return m1.get("projectName").compareTo(m2.get("projectName"));
}
});
// Sum up the total time
double totalTaskEstimate = 0.0D;
double totalTaskRemaining = 0.0D;
double totalHours = 0.0D;
for (int i = 0; i < list.size(); i++) {
Map map = (Map) list.get(i);
log.info("taskEstimate=" + (String) map.get("taskEstimate"));
log.info("taskRemaining=" + (String) map.get("taskRemaining"));
log.info("hours=" + (String) map.get("hours"));
log.info("map==" + map);
try {
double taskEstimate = Double.parseDouble((String) map.get("taskEstimate"));
double taskRemaining = Double.parseDouble((String) map.get("taskRemaining"));
double hours = Double.parseDouble((String) map.get("hours"));
totalTaskEstimate += taskEstimate;
totalTaskRemaining += taskRemaining;
totalHours += hours;
} catch (Exception e) {
log.info("ERROR in parsing number" + e);
}
}
Map firstMap = new HashMap();
firstMap.put("taskFormattedId", "");
firstMap.put("taskName", "");
firstMap.put("taskState", "");
firstMap.put("owner", "");
firstMap.put("taskEstimate", "" + totalTaskEstimate);
firstMap.put("taskRemaining", "" + totalTaskRemaining);
firstMap.put("hours", "" + totalHours);
firstMap.put("projectName", "");
firstMap.put("iterationName", "");
list.add(0, firstMap);
} catch (Exception ex) {
log.error("", ex);
}
return list;
}
/* goodB2G2() - use badsource and goodsink by reversing the blocks in the second switch */
private void goodB2G2(HttpServletRequest request, HttpServletResponse response) throws Throwable {
String data;
switch (6) {
case 6:
{
Logger log_bad = Logger.getLogger("local-logger");
/* read parameter from request */
data = request.getParameter("name");
}
break;
default:
/* INCIDENTAL: CWE 561 Dead Code, the code below will never run */
{
java.util.logging.Logger log_good = java.util.logging.Logger.getLogger("local-logger");
/* FIX: Use a hardcoded string */
data = "foo";
}
break;
}
switch (7) {
case 7:
{
final String xmldoc =
"\\src\\testcases\\CWE643_Unsafe_Treatment_of_XPath_Input\\console_to_evaluate\\CWE643_Unsafe_Treatment_of_XPath_Input__helper.xml";
/* assume username||password as source */
String[] tokens = data.split("||");
if (tokens.length < 2) {
return;
}
/* FIX: validate input using StringEscapeUtils */
String uname = StringEscapeUtils.escapeXml(tokens[0]);
String pword = StringEscapeUtils.escapeXml(tokens[1]);
/* build xpath */
XPath xp = XPathFactory.newInstance().newXPath();
InputSource inxml = new InputSource(xmldoc);
String query =
"//users/user[name/text()='"
+ uname
+ "' and pass/text()='"
+ pword
+ "']"
+ "/secret/text()";
String secret = (String) xp.evaluate(query, inxml, XPathConstants.STRING);
}
break;
default:
/* INCIDENTAL: CWE 561 Dead Code, the code below will never run */
{
final String xmldoc =
"\\src\\testcases\\CWE643_Unsafe_Treatment_of_XPath_Input\\console_to_evaluate\\CWE643_Unsafe_Treatment_of_XPath_Input__helper.xml";
/* assume username||password as source */
String[] tokens = data.split("||");
if (tokens.length < 2) {
return;
}
String uname = tokens[0];
String pword = tokens[1];
/* build xpath */
XPath xp = XPathFactory.newInstance().newXPath();
InputSource inxml = new InputSource(xmldoc);
/* INCIDENTAL: CWE180 Incorrect Behavior Order: Validate Before Canonicalize
* The user input should be canonicalized before validation.
*/
/* FLAW: user input is used without validate */
String query =
"//users/user[name/text()='"
+ uname
+ "' and pass/text()='"
+ pword
+ "']"
+ "/secret/text()";
String secret = (String) xp.evaluate(query, inxml, XPathConstants.STRING);
}
break;
}
}
/* goodB2G2() - use badsource and goodsink by reversing statements in second if */
private void goodB2G2() throws Throwable {
String data;
if (IO.static_returns_t()) {
Logger log_bad = Logger.getLogger("local-logger");
data = ""; /* init data */
Connection conn = null;
PreparedStatement statement = null;
ResultSet rs = null;
BufferedReader buffread = null;
InputStreamReader instrread = null;
try {
/* setup the connection */
conn = IO.getDBConnection();
/* prepare the query */
statement = conn.prepareStatement("select name from users where id=?");
/* get user input for the userid */
IO.writeLine("Enter a userid to login as (number): ");
instrread = new InputStreamReader(System.in);
buffread = new BufferedReader(instrread);
int num = Integer.parseInt(buffread.readLine());
statement.setInt(1, num);
rs = statement.executeQuery();
data = rs.getString(1);
} catch (IOException ioe) {
log_bad.warning("Error with stream reading");
} finally {
/* clean up stream reading objects */
try {
if (buffread != null) {
buffread.close();
}
} catch (IOException ioe) {
log_bad.warning("Error closing buffread");
} finally {
try {
if (instrread != null) {
instrread.close();
}
} catch (IOException ioe) {
log_bad.warning("Error closing instrread");
}
}
/* clean up database objects */
try {
if (rs != null) {
rs.close();
}
} catch (SQLException se) {
log_bad.warning("Error closing rs");
} finally {
try {
if (statement != null) {
statement.close();
}
} catch (SQLException se) {
log_bad.warning("Error closing statement");
} finally {
try {
if (conn != null) {
conn.close();
}
} catch (SQLException se) {
log_bad.warning("Error closing conn");
}
}
}
}
} else {
/* INCIDENTAL: CWE 561 Dead Code, the code below will never run */
java.util.logging.Logger log_good = java.util.logging.Logger.getLogger("local-logger");
/* FIX: Use a hardcoded string */
data = "foo";
}
if (IO.static_returns_t()) {
final String xmldoc =
"\\src\\testcases\\CWE643_Unsafe_Treatment_of_XPath_Input\\console_to_evaluate\\CWE643_Unsafe_Treatment_of_XPath_Input__helper.xml";
/* assume username||password as source */
String[] tokens = data.split("||");
if (tokens.length < 2) {
return;
}
/* FIX: validate input using StringEscapeUtils */
String uname = StringEscapeUtils.escapeXml(tokens[0]);
String pword = StringEscapeUtils.escapeXml(tokens[1]);
/* build xpath */
XPath xp = XPathFactory.newInstance().newXPath();
InputSource inxml = new InputSource(xmldoc);
String query =
"//users/user[name/text()='"
+ uname
+ "' and pass/text()='"
+ pword
+ "']"
+ "/secret/text()";
String secret = (String) xp.evaluate(query, inxml, XPathConstants.STRING);
} else {
/* INCIDENTAL: CWE 561 Dead Code, the code below will never run */
final String xmldoc =
"\\src\\testcases\\CWE643_Unsafe_Treatment_of_XPath_Input\\console_to_evaluate\\CWE643_Unsafe_Treatment_of_XPath_Input__helper.xml";
/* assume username||password as source */
String[] tokens = data.split("||");
if (tokens.length < 2) {
return;
}
String uname = tokens[0];
String pword = tokens[1];
/* build xpath */
XPath xp = XPathFactory.newInstance().newXPath();
InputSource inxml = new InputSource(xmldoc);
/* INCIDENTAL: CWE180 Incorrect Behavior Order: Validate Before Canonicalize
* The user input should be canonicalized before validation.
*/
/* FLAW: user input is used without validate */
String query =
"//users/user[name/text()='"
+ uname
+ "' and pass/text()='"
+ pword
+ "']"
+ "/secret/text()";
String secret = (String) xp.evaluate(query, inxml, XPathConstants.STRING);
}
}
public void bad() throws Throwable {
String data;
/* INCIDENTAL: CWE 571 Statement is Always True */
if (private_returns_t()) {
Logger log_bad = Logger.getLogger("local-logger");
/* get environment variable ADD */
data = System.getenv("ADD");
} else {
/* INCIDENTAL: CWE 561 Dead Code, the code below will never run */
java.util.logging.Logger log_good = java.util.logging.Logger.getLogger("local-logger");
/* FIX: Use a hardcoded string */
data = "foo";
}
/* INCIDENTAL: CWE 571 Statement is Always True */
if (private_returns_t()) {
final String xmldoc =
"\\src\\testcases\\CWE643_Unsafe_Treatment_of_XPath_Input\\console_to_evaluate\\CWE643_Unsafe_Treatment_of_XPath_Input__helper.xml";
/* assume username||password as source */
String[] tokens = data.split("||");
if (tokens.length < 2) {
return;
}
String uname = tokens[0];
String pword = tokens[1];
/* build xpath */
XPath xp = XPathFactory.newInstance().newXPath();
InputSource inxml = new InputSource(xmldoc);
/* INCIDENTAL: CWE180 Incorrect Behavior Order: Validate Before Canonicalize
* The user input should be canonicalized before validation.
*/
/* FLAW: user input is used without validate */
String query =
"//users/user[name/text()='"
+ uname
+ "' and pass/text()='"
+ pword
+ "']"
+ "/secret/text()";
String secret = (String) xp.evaluate(query, inxml, XPathConstants.STRING);
} else {
/* INCIDENTAL: CWE 561 Dead Code, the code below will never run */
final String xmldoc =
"\\src\\testcases\\CWE643_Unsafe_Treatment_of_XPath_Input\\console_to_evaluate\\CWE643_Unsafe_Treatment_of_XPath_Input__helper.xml";
/* assume username||password as source */
String[] tokens = data.split("||");
if (tokens.length < 2) {
return;
}
/* FIX: validate input using StringEscapeUtils */
String uname = StringEscapeUtils.escapeXml(tokens[0]);
String pword = StringEscapeUtils.escapeXml(tokens[1]);
/* build xpath */
XPath xp = XPathFactory.newInstance().newXPath();
InputSource inxml = new InputSource(xmldoc);
String query =
"//users/user[name/text()='"
+ uname
+ "' and pass/text()='"
+ pword
+ "']"
+ "/secret/text()";
String secret = (String) xp.evaluate(query, inxml, XPathConstants.STRING);
}
}