MDS/openide
1
0
Fork 0
mirror of https://gitflic.ru/project/openide/openide.git synced 2025-12-17 15:50:53 +07:00
Code Issues Packages Projects Releases Wiki Activity
Files
243
openide/jvm/jvm-analysis-java-tests/testData/codeInspection/sourceToSinkFlow/LocalVariable.java
Mikhail Pyltsin 0fde0c0521 [java-inspections] IDEA-271540 general improvements for tainted analysis 
GitOrigin-RevId: b6b84c387f260a3de7615ddff6d8ac1072849bcf
2023-05-09 13:35:42 +00:00

48 lines
1.3 KiB
Java
Raw Permalink Blame History

import org.checkerframework.checker.tainting.qual.Untainted;
import java.util.List;
class LocalCheck {
public void test(@Untainted List<String> clean, @Untainted List<String> cleanList2, @Untainted String t, String dirty) {
sink(t);
sink(clean.get(0));
List<String> list1 = clean;
List<String> list2 = clean;
update(list1); //not highlighted in current realisation, might be changed
list2.add(dirty); //not highlighted in current realisation, might be changed
sink(<warning descr="Unknown string is used as safe parameter">list1.get(0)</warning>); //warn
sink(<warning descr="Unknown string is used as safe parameter">list2.get(0)</warning>); //warn
sink(clean.get(0));
List<String> list3 = cleanList2;
sink(list3.get(0));
sink(<warning descr="Unknown string is used as safe parameter">dirty</warning>); //warn
String clean2 = t;
sink(t);
clean2 = dirty;
sink(<warning descr="Unknown string is used as safe parameter">clean2</warning>); //warn
String toDirty = t;
sink(toDirty);
new Runnable() {
@Override
public void run() {
sink(toDirty);
}
};
Runnable runnable = () -> sink(toDirty);
}
private void update(List<String> list) {
list.add("1");
}
public void sink(@Untainted String clean) {
}
}
Reference in New Issue View Git Blame Copy Permalink