MDS/openide
1
0
Fork 0
mirror of https://gitflic.ru/project/openide/openide.git synced 2025-12-18 00:20:54 +07:00
Code Issues Packages Projects Releases Wiki Activity
Files
243
openide/jvm/jvm-analysis-java-tests/testData/codeInspection/sourceToSinkFlow/context/StaticPropagation.java
Mikhail Pyltsin ee4b8fa0ef [uast-inspections] IDEA-331248 Non-safe string: allow static inter-analysis for taint inference 
- added new inner option to check static methods
- configurations for methods and fields are separated
- clarify some comments

GitOrigin-RevId: 9a4287b3b5045d43c88f8d2fb515056fecbc3768
2023-09-01 17:38:36 +00:00

15 lines
506 B
Java
Raw Permalink Blame History

package com.example.sqlinjection;
import com.example.sqlinjection.utils.Utils;
import org.checkerframework.checker.tainting.qual.Tainted;
import org.checkerframework.checker.tainting.qual.Untainted;
public class StaticPropagation {
public void invokeSink(@Tainted String param) {
sink(<warning descr="Unsafe string is used as safe parameter">param</warning>);
sink(Utils.safe(param));
sink(Utils.encodeForHTML(param));
}
public static void sink(@Untainted String string) {}
}
Reference in New Issue View Git Blame Copy Permalink