diff --git a/utbot-framework/src/main/resources/taint/config.yaml b/utbot-framework/src/main/resources/taint/config.yaml index 428fda9d5a..bc708767de 100644 --- a/utbot-framework/src/main/resources/taint/config.yaml +++ b/utbot-framework/src/main/resources/taint/config.yaml @@ -2,10 +2,123 @@ sources: - java.util.Scanner.next: add-to: return marks: user-input + - java.io.BufferedReader.readLine: + add-to: return + marks: user-input + - javax.servlet.http.HttpServletRequest.getParameter: + add-to: return + marks: user-input + - java.util.Properties.getProperty: + add-to: return + marks: user-input + - java.sql.ResultSet.getString: + add-to: return + marks: user-input + - javax.servlet.http.HttpServletRequest.getQueryString: + add-to: return + marks: user-input -sinks: - - java.lang.RuntimeException.: - check: arg1 - marks: [] +cleaners: + - java.lang.String.isEmpty: + remove-from: this + marks: [ ] + conditions: + return: true + +passes: + - java.lang.String.getBytes: + get-from: this + add-to: return + marks: [ ] + conditions: + this: { not: "" } + - java.lang.String.split: + get-from: this + add-to: return + marks: [ ] + conditions: + this: { not: "" } + - java.lang.String.concat: + get-from: this + add-to: return + marks: [ ] + conditions: + this: { not: "" } + - java.lang.String.concat: + get-from: arg1 + add-to: return + marks: [ ] conditions: arg1: { not: "" } + - java.lang.StringBuilder.append: + get-from: arg1 + add-to: this + marks: [ ] + conditions: + arg1: { not: "" } + - java.lang.StringBuilder.toString: + get-from: this + add-to: return + marks: [ ] + + - java.sql.Connection.prepareStatement: + get-from: arg1 + add-to: [ this, return ] + marks: [ ] + - java.sql.PreparedStatement.setString: + get-from: arg2 + add-to: this + marks: [ ] + + - java.sql.Statement.addBatch: + get-from: arg1 + add-to: this + marks: [ ] + + - java.io.ByteArrayOutputStream.writeData: + get-from: arg1 + add-to: this + marks: [ ] + - java.io.ByteArrayOutputStream.toByteArray: + get-from: this + add-to: return + marks: [ ] + - java.io.ByteArrayInputStream.: + get-from: arg1 + add-to: [ this, return ] + marks: [ ] + - java.io.ObjectInputStream.: + get-from: arg1 + add-to: [ this, return ] + marks: [ ] + - java.io.ObjectInputStream.readObject: + get-from: this + add-to: return + marks: [ ] + +sinks: + - java.sql.Statement.execute: + check: arg1 + marks: user-input + - java.sql.Statement.executeUpdate: + check: arg1 + marks: user-input + - java.sql.Statement.executeBatch: + check: this + marks: user-input + - java.sql.Statement.executeQuery: + check: arg1 + marks: user-input + + - java.sql.PreparedStatement.execute: + check: this + marks: user-input + - java.sql.PreparedStatement.executeUpdate: + check: this + marks: user-input + - java.sql.PreparedStatement.executeBatch: + check: this + marks: user-input + - java.sql.PreparedStatement.executeQuery: + check: this + marks: user-input