DASCA
/
DASCA
2
1
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Intial commit: test cases for dataflow analysis.

This commit is contained in:
Achim D. Brucker 2015-06-08 20:29:37 +02:00
parent 00ca96d41b
commit 5562e5b2e8
24 changed files with 1698 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
src/eu.aniketos.dasca.dataflow.tests/pom.xml Normal file
View File

@ -0,0 +1,14 @@
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<parent>
<groupId>eu.aniketos.dasca</groupId>
<artifactId>eu.aniketos.dasca.parent</artifactId>
<version>0.1</version>
<relativePath>../eu.aniketos.dasca.parent/pom.xml</relativePath>
</parent>
<artifactId>eu.aniketos.dasca.dataflow.tests</artifactId>
<version>0.1</version>
<packaging>jar</packaging>
<name>DASCA - Dataflow Test Cases</name>
</project>

61
src/eu.aniketos.dasca.dataflow.tests/src/main/java/eu/aniketos/dasca/dataflow/tests/Test01.java Normal file
View File

@ -0,0 +1,61 @@
/*
* (C) Copyright 2010-2015 SAP SE.
*
* All rights reserved. This program and the accompanying materials
* are made available under the terms of the Eclipse Public License v1.0
* which accompanies this distribution, and is available at
* http://www.eclipse.org/legal/epl-v10.html
*
*/
package eu.aniketos.dasca.dataflow.tests;
import java.sql.Connection;
import java.sql.SQLException;
import java.sql.Statement;
import eu.aniketos.dasca.dataflow.tests.dummy.IO;
// Test Case 01:
// different types of (apparently) constant values
public class Test01 {
public void bad() {
String userName;
if(true) {
userName = IO.readLine();
} else {
userName = "fix";
}
Connection conn = IO.getDBConnection();
try {
Statement stmt = conn.createStatement();
stmt.execute("SELECT * FROM user WHERE name='" + userName + "';");
} catch(SQLException e) {
e.printStackTrace();
}
}
public void good01() {
String userName;
if(true) {
userName = "fix";
} else {
userName = IO.readLine();
}
Connection conn = IO.getDBConnection();
try {
Statement stmt = conn.createStatement();
stmt.execute("SELECT * FROM user WHERE name='" + userName + "';");
} catch(SQLException e) {
e.printStackTrace();
}
}
public static void main(String[] args) {
Test01 test = new Test01();
test.good01();
test.bad();
}
}

78
src/eu.aniketos.dasca.dataflow.tests/src/main/java/eu/aniketos/dasca/dataflow/tests/Test02.java Normal file
View File

@ -0,0 +1,78 @@
/*
* (C) Copyright 2010-2015 SAP SE.
*
* All rights reserved. This program and the accompanying materials
* are made available under the terms of the Eclipse Public License v1.0
* which accompanies this distribution, and is available at
* http://www.eclipse.org/legal/epl-v10.html
*
*/
package eu.aniketos.dasca.dataflow.tests;
import java.sql.Connection;
import java.sql.SQLException;
import java.sql.Statement;
import eu.aniketos.dasca.dataflow.tests.dummy.IO;
// Test Case 02:
// reachability from bad sink to bad source via global boolean constant
public class Test02 {
private final boolean final_false = false;
public void bad() {
String userName;
if(final_false) {
userName = "fix";
} else {
userName = IO.readLine();
}
Connection conn = IO.getDBConnection();
try {
Statement stmt = conn.createStatement();
stmt.execute("SELECT * FROM user WHERE name='" + userName + "';");
} catch(SQLException e) {
e.printStackTrace();
}
}
public void good01() {
String userName;
if(final_false) {
userName = IO.readLine();
} else {
userName = "fix";
}
Connection conn = IO.getDBConnection();
try {
Statement stmt = conn.createStatement();
stmt.execute("SELECT * FROM user WHERE name='" + userName + "';");
} catch(SQLException e) {
e.printStackTrace();
}
}
public void good02() {
String userName = IO.readLine();
if(final_false) {
Connection conn = IO.getDBConnection();
try {
Statement stmt = conn.createStatement();
stmt.execute("SELECT * FROM user WHERE name='" + userName + "';");
} catch(SQLException e) {
e.printStackTrace();
}
}
}
public static void main(String[] args) {
Test02 test = new Test02();
test.good01();
test.good02();
test.bad();
}
}

63
src/eu.aniketos.dasca.dataflow.tests/src/main/java/eu/aniketos/dasca/dataflow/tests/Test03.java Normal file
View File

@ -0,0 +1,63 @@
/*
* (C) Copyright 2010-2015 SAP SE.
*
* All rights reserved. This program and the accompanying materials
* are made available under the terms of the Eclipse Public License v1.0
* which accompanies this distribution, and is available at
* http://www.eclipse.org/legal/epl-v10.html
*
*/
package eu.aniketos.dasca.dataflow.tests;
import java.sql.Connection;
import java.sql.SQLException;
import java.sql.Statement;
import eu.aniketos.dasca.dataflow.tests.dummy.IO;
// Test Case 03:
//reachability from bad sink to bad source via global boolean variable
public class Test03 {
private boolean public_true = true;
public void bad() {
String userName;
if(public_true) {
userName = "fix";
} else {
userName = IO.readLine();
}
Connection conn = IO.getDBConnection();
try {
Statement stmt = conn.createStatement();
stmt.execute("SELECT * FROM user WHERE name='" + userName + "';");
} catch(SQLException e) {
e.printStackTrace();
}
}
public void good01() {
String userName = IO.readLine();
if(public_true) {
userName = "fix";
} else {
userName = "fix";
}
Connection conn = IO.getDBConnection();
try {
Statement stmt = conn.createStatement();
stmt.execute("SELECT * FROM user WHERE name='" + userName + "';");
} catch(SQLException e) {
e.printStackTrace();
}
}
public static void main(String[] args) {
Test03 test = new Test03();
test.good01();
test.bad();
}
}

64
src/eu.aniketos.dasca.dataflow.tests/src/main/java/eu/aniketos/dasca/dataflow/tests/Test04.java Normal file
View File

@ -0,0 +1,64 @@
/*
* (C) Copyright 2010-2015 SAP SE.
*
* All rights reserved. This program and the accompanying materials
* are made available under the terms of the Eclipse Public License v1.0
* which accompanies this distribution, and is available at
* http://www.eclipse.org/legal/epl-v10.html
*
*/
package eu.aniketos.dasca.dataflow.tests;
import java.sql.Connection;
import java.sql.SQLException;
import java.sql.Statement;
import eu.aniketos.dasca.dataflow.tests.dummy.IO;
// Test Case 04:
//reachability from bad sink to bad source via local boolean variable
public class Test04 {
public void bad() {
String userName;
boolean local_false = false;
if(local_false) {
userName = "fix";
} else {
userName = IO.readLine();
}
Connection conn = IO.getDBConnection();
try {
Statement stmt = conn.createStatement();
stmt.execute("SELECT * FROM user WHERE name='" + userName + "';");
} catch(SQLException e) {
e.printStackTrace();
}
}
public void good01() {
String userName = IO.readLine();
boolean local_true = true;
if(local_true) {
userName = "fix";
} else {
userName = "fix";
}
Connection conn = IO.getDBConnection();
try {
Statement stmt = conn.createStatement();
stmt.execute("SELECT * FROM user WHERE name='" + userName + "';");
} catch(SQLException e) {
e.printStackTrace();
}
}
public static void main(String[] args) {
Test04 test = new Test04();
test.good01();
test.bad();
}
}

64
src/eu.aniketos.dasca.dataflow.tests/src/main/java/eu/aniketos/dasca/dataflow/tests/Test05.java Normal file
View File

@ -0,0 +1,64 @@
/*
* (C) Copyright 2010-2015 SAP SE.
*
* All rights reserved. This program and the accompanying materials
* are made available under the terms of the Eclipse Public License v1.0
* which accompanies this distribution, and is available at
* http://www.eclipse.org/legal/epl-v10.html
*
*/
package eu.aniketos.dasca.dataflow.tests;
import java.sql.Connection;
import java.sql.SQLException;
import java.sql.Statement;
import eu.aniketos.dasca.dataflow.tests.dummy.IO;
// Test Case 05:
//reachability from bad sink to bad source via arithmetic expressions
public class Test05 {
public void bad() {
String userName;
int i = 5;
if(i > 10) {
userName = "fix";
} else {
userName = IO.readLine();
}
Connection conn = IO.getDBConnection();
try {
Statement stmt = conn.createStatement();
stmt.execute("SELECT * FROM user WHERE name='" + userName + "';");
} catch(SQLException e) {
e.printStackTrace();
}
}
public void good01() {
String userName = IO.readLine();
int i = 5;
if(i > 10) {
userName = "fix";
} else {
userName = "fix";
}
Connection conn = IO.getDBConnection();
try {
Statement stmt = conn.createStatement();
stmt.execute("SELECT * FROM user WHERE name='" + userName + "';");
} catch(SQLException e) {
e.printStackTrace();
}
}
public static void main(String[] args) {
Test05 test = new Test05();
test.good01();
test.bad();
}
}

84
src/eu.aniketos.dasca.dataflow.tests/src/main/java/eu/aniketos/dasca/dataflow/tests/Test06.java Normal file
View File

@ -0,0 +1,84 @@
/*
* (C) Copyright 2010-2015 SAP SE.
*
* All rights reserved. This program and the accompanying materials
* are made available under the terms of the Eclipse Public License v1.0
* which accompanies this distribution, and is available at
* http://www.eclipse.org/legal/epl-v10.html
*
*/
package eu.aniketos.dasca.dataflow.tests;
import java.sql.Connection;
import java.sql.SQLException;
import java.sql.Statement;
import eu.aniketos.dasca.dataflow.tests.dummy.IO;
// Test Case 06:
//reachability from bad sink to bad source via indirect data flow
public class Test06 {
public void bad() {
String userName;
String fix = "fix";
String input = IO.readLine();
if(false) {
userName = fix;
} else {
userName = input;
}
Connection conn = IO.getDBConnection();
try {
Statement stmt = conn.createStatement();
stmt.execute("SELECT * FROM user WHERE name='" + userName + "';");
} catch(SQLException e) {
e.printStackTrace();
}
}
public void good01() {
String userName;
String fix = "fix";
String input = IO.readLine();
if(true) {
userName = fix;
} else {
userName = IO.readLine(); // TODO: = input;
}
Connection conn = IO.getDBConnection();
try {
Statement stmt = conn.createStatement();
stmt.execute("SELECT * FROM user WHERE name='" + userName + "';");
} catch(SQLException e) {
e.printStackTrace();
}
}
public void good02() {
String userName;
String fix = "fix";
if(true) {
userName = fix + "";
} else {
userName = fix + IO.readLine();
}
Connection conn = IO.getDBConnection();
try {
Statement stmt = conn.createStatement();
stmt.execute("SELECT * FROM user WHERE name='" + userName + "';");
} catch(SQLException e) {
e.printStackTrace();
}
}
public static void main(String[] args) {
Test06 test = new Test06();
test.good01();
test.good02();
test.bad();
}
}

68
src/eu.aniketos.dasca.dataflow.tests/src/main/java/eu/aniketos/dasca/dataflow/tests/Test07.java Normal file
View File

@ -0,0 +1,68 @@
/*
* (C) Copyright 2010-2015 SAP SE.
*
* All rights reserved. This program and the accompanying materials
* are made available under the terms of the Eclipse Public License v1.0
* which accompanies this distribution, and is available at
* http://www.eclipse.org/legal/epl-v10.html
*
*/
package eu.aniketos.dasca.dataflow.tests;
import java.sql.Connection;
import java.sql.SQLException;
import java.sql.Statement;
import eu.aniketos.dasca.dataflow.tests.dummy.IO;
// Test Case 07:
//reachability from bad sink to bad source via multiple if-statements
public class Test07 {
public void bad() {
String userName = null;
boolean local_true = true;
if(local_true) {
userName = IO.readLine();
}
if(!local_true){
userName = IO.readLineGood();
}
Connection conn = IO.getDBConnection();
try {
Statement stmt = conn.createStatement();
stmt.execute("SELECT * FROM user WHERE name='" + userName + "';");
} catch(SQLException e) {
e.printStackTrace();
}
}
public void good01() {
String userName = null;
boolean local_true = true;
if(!local_true) {
userName = IO.readLine();
}
if(local_true){
userName = IO.readLineGood();
}
Connection conn = IO.getDBConnection();
try {
Statement stmt = conn.createStatement();
stmt.execute("SELECT * FROM user WHERE name='" + userName + "';");
} catch(SQLException e) {
e.printStackTrace();
}
}
public static void main(String[] args) {
Test07 test = new Test07();
test.good01();
test.bad();
}
}

114
src/eu.aniketos.dasca.dataflow.tests/src/main/java/eu/aniketos/dasca/dataflow/tests/Test08.java Normal file
View File

@ -0,0 +1,114 @@
/*
* (C) Copyright 2010-2015 SAP SE.
*
* All rights reserved. This program and the accompanying materials
* are made available under the terms of the Eclipse Public License v1.0
* which accompanies this distribution, and is available at
* http://www.eclipse.org/legal/epl-v10.html
*
*/
package eu.aniketos.dasca.dataflow.tests;
import java.sql.Connection;
import java.sql.SQLException;
import java.sql.Statement;
import eu.aniketos.dasca.dataflow.tests.dummy.IO;
// Test Case 08:
//reachability from bad sink to bad source via multiple if-statements (arithmetic)
public class Test08 {
/*
* bad for i==5
*/
public void bad(int i) {
String userName = null;
if(i > 5) {
userName = IO.readLineGood();
} else{
userName = IO.readLine();
}
if(i < 5){
userName = IO.readLineGood();
}
Connection conn = IO.getDBConnection();
try {
Statement stmt = conn.createStatement();
stmt.execute("SELECT * FROM user WHERE name='" + userName + "';");
} catch(SQLException e) {
e.printStackTrace();
}
}
public void good01(int i) {
String userName = null;
if(i >= 5) {
userName = IO.readLineGood();
} else{
userName = IO.readLine();
}
if(i < 5){
userName = IO.readLineGood();
}
Connection conn = IO.getDBConnection();
try {
Statement stmt = conn.createStatement();
stmt.execute("SELECT * FROM user WHERE name='" + userName + "';");
} catch(SQLException e) {
e.printStackTrace();
}
}
public void good02(int i) {
String userName = IO.readLine();
if(i > 5) {
userName = IO.readLineGood();
}
if(i == 5){
userName = IO.readLineGood();
}
if(i < 5){
userName = IO.readLineGood();
}
Connection conn = IO.getDBConnection();
try {
Statement stmt = conn.createStatement();
stmt.execute("SELECT * FROM user WHERE name='" + userName + "';");
} catch(SQLException e) {
e.printStackTrace();
}
}
public void good03(int i) {
String userName = IO.readLine();
if(i <= 5) {
userName = IO.readLineGood();
}
if(i == 3){
Connection conn = IO.getDBConnection();
try {
Statement stmt = conn.createStatement();
stmt.execute("SELECT * FROM user WHERE name='" + userName + "';");
} catch(SQLException e) {
e.printStackTrace();
}
}
}
public static void main(String[] args) {
Test08 test = new Test08();
test.good01(10);
test.good02(10);
test.good03(10);
test.bad(10);
}
}

103
src/eu.aniketos.dasca.dataflow.tests/src/main/java/eu/aniketos/dasca/dataflow/tests/Test09.java Normal file
View File

@ -0,0 +1,103 @@
/*
* (C) Copyright 2010-2015 SAP SE.
*
* All rights reserved. This program and the accompanying materials
* are made available under the terms of the Eclipse Public License v1.0
* which accompanies this distribution, and is available at
* http://www.eclipse.org/legal/epl-v10.html
*
*/
package eu.aniketos.dasca.dataflow.tests;
import java.sql.Connection;
import java.sql.SQLException;
import java.sql.Statement;
import eu.aniketos.dasca.dataflow.tests.dummy.IO;
// Test Case 09:
//reachability from bad sink to bad source via mutually exclusive source and sink
public class Test09 {
public void bad() {
String userName = null;
boolean local_true = true;
if(local_true) {
userName = IO.readLine();
}
if(local_true) {
Connection conn = IO.getDBConnection();
try {
Statement stmt = conn.createStatement();
stmt.execute("SELECT * FROM user WHERE name='" + userName + "';");
} catch(SQLException e) {
e.printStackTrace();
}
}
}
public void good01() {
String userName = null;
boolean local_true = true;
if(local_true) {
userName = IO.readLine();
}
if(!local_true) {
Connection conn = IO.getDBConnection();
try {
Statement stmt = conn.createStatement();
stmt.execute("SELECT * FROM user WHERE name='" + userName + "';");
} catch(SQLException e) {
e.printStackTrace();
}
}
}
public void good02() {
String userName = null;
int i = 1;
if(i > 5) {
userName = IO.readLine();
}
if(i < 3 ) {
Connection conn = IO.getDBConnection();
try {
Statement stmt = conn.createStatement();
stmt.execute("SELECT * FROM user WHERE name='" + userName + "';");
} catch(SQLException e) {
e.printStackTrace();
}
}
}
public void good03(int i) {
String userName = null;
if(i > 3) {
userName = IO.readLine();
}
if(i < 3 ) {
Connection conn = IO.getDBConnection();
try {
Statement stmt = conn.createStatement();
stmt.execute("SELECT * FROM user WHERE name='" + userName + "';");
} catch(SQLException e) {
e.printStackTrace();
}
}
}
public static void main(String[] args) {
Test09 test = new Test09();
test.good01();
test.good02();
test.good03(5);
test.bad();
}
}

110
src/eu.aniketos.dasca.dataflow.tests/src/main/java/eu/aniketos/dasca/dataflow/tests/Test10.java Normal file
View File

@ -0,0 +1,110 @@
/*
* (C) Copyright 2010-2015 SAP SE.
*
* All rights reserved. This program and the accompanying materials
* are made available under the terms of the Eclipse Public License v1.0
* which accompanies this distribution, and is available at
* http://www.eclipse.org/legal/epl-v10.html
*
*/
package eu.aniketos.dasca.dataflow.tests;
import java.sql.Connection;
import java.sql.SQLException;
import java.sql.Statement;
import eu.aniketos.dasca.dataflow.tests.dummy.IO;
// Test Case 10:
//reachability from bad sink to bad source via mutually exclusive source and sink (changing variables)
public class Test10 {
/*
* bad for i==3
*/
public void bad(int i) {
String userName = null;
if(i > 2) {
userName = IO.readLine();
}
i = i - 2;
if(i < 2) {
Connection conn = IO.getDBConnection();
try {
Statement stmt = conn.createStatement();
stmt.execute("SELECT * FROM user WHERE name='" + userName + "';");
} catch(SQLException e) {
e.printStackTrace();
}
}
}
public void good01(int i) {
String userName = null;
if(i > 2) {
userName = IO.readLine();
}
i = i - 2;
if(i < 0) {
Connection conn = IO.getDBConnection();
try {
Statement stmt = conn.createStatement();
stmt.execute("SELECT * FROM user WHERE name='" + userName + "';");
} catch(SQLException e) {
e.printStackTrace();
}
}
}
public void good02(int i) {
String userName = null;
if(i > 2) {
userName = IO.readLine();
}
i = i * -1;
if(i > 2) {
Connection conn = IO.getDBConnection();
try {
Statement stmt = conn.createStatement();
stmt.execute("SELECT * FROM user WHERE name='" + userName + "';");
} catch(SQLException e) {
e.printStackTrace();
}
}
}
public void good03(boolean bool) {
String userName = null;
if(bool) {
userName = IO.readLine();
}
bool = !bool;
if(bool) {
Connection conn = IO.getDBConnection();
try {
Statement stmt = conn.createStatement();
stmt.execute("SELECT * FROM user WHERE name='" + userName + "';");
} catch(SQLException e) {
e.printStackTrace();
}
}
}
public static void main(String[] args) {
Test10 test = new Test10();
test.good01(10);
test.good02(10);
test.good03(true);
test.bad(10);
}
}

162
src/eu.aniketos.dasca.dataflow.tests/src/main/java/eu/aniketos/dasca/dataflow/tests/Test11.java Normal file
View File

@ -0,0 +1,162 @@
/*
* (C) Copyright 2010-2015 SAP SE.
*
* All rights reserved. This program and the accompanying materials
* are made available under the terms of the Eclipse Public License v1.0
* which accompanies this distribution, and is available at
* http://www.eclipse.org/legal/epl-v10.html
*
*/
package eu.aniketos.dasca.dataflow.tests;
import java.sql.Connection;
import java.sql.SQLException;
import java.sql.Statement;
import eu.aniketos.dasca.dataflow.tests.dummy.IO;
// Test Case 11:
//reachability from bad sink to bad source via multiple if-statements and multiple variables
public class Test11 {
/*
* bad for !x and !y
*/
public void bad(boolean x, boolean y) {
String userName = null;
if(x | y) {
userName = IO.readLineGood();
}else{
userName = IO.readLine();
}
if(x){
userName = IO.readLineGood();
}
Connection conn = IO.getDBConnection();
try {
Statement stmt = conn.createStatement();
stmt.execute("SELECT * FROM user WHERE name='" + userName + "';");
} catch(SQLException e) {
e.printStackTrace();
}
}
public void good01(boolean x, boolean y) {
String userName = null;
if(x | y) {
userName = IO.readLineGood();
}else{
userName = IO.readLine();
}
if(!(x | y)){
userName = IO.readLineGood();
}
Connection conn = IO.getDBConnection();
try {
Statement stmt = conn.createStatement();
stmt.execute("SELECT * FROM user WHERE name='" + userName + "';");
} catch(SQLException e) {
e.printStackTrace();
}
}
public void good02(boolean x, boolean y) {
String userName = null;
if(x | y) {
userName = IO.readLine();
}else{
userName = IO.readLineGood();
}
if(x){
userName = IO.readLineGood();
}
if(y){
userName = IO.readLineGood();
}
Connection conn = IO.getDBConnection();
try {
Statement stmt = conn.createStatement();
stmt.execute("SELECT * FROM user WHERE name='" + userName + "';");
} catch(SQLException e) {
e.printStackTrace();
}
}
public void good03(boolean x, boolean y) {
String userName = null;
if(x & y) {
userName = IO.readLine();
}else{
userName = IO.readLineGood();
}
if(x){
userName = IO.readLineGood();
}
Connection conn = IO.getDBConnection();
try {
Statement stmt = conn.createStatement();
stmt.execute("SELECT * FROM user WHERE name='" + userName + "';");
} catch(SQLException e) {
e.printStackTrace();
}
}
public void good04(boolean x, boolean y) {
String userName = null;
if(x | y) {
userName = IO.readLineGood();
}else{
userName = IO.readLine();
}
if(!x & !y){
userName = IO.readLineGood();
}
Connection conn = IO.getDBConnection();
try {
Statement stmt = conn.createStatement();
stmt.execute("SELECT * FROM user WHERE name='" + userName + "';");
} catch(SQLException e) {
e.printStackTrace();
}
}
public void good05(boolean x) {
String userName = null;
if(x) {
userName = IO.readLineGood();
}else{
userName = IO.readLine();
}
boolean y = !x;
if(y){
userName = IO.readLineGood();
}
Connection conn = IO.getDBConnection();
try {
Statement stmt = conn.createStatement();
stmt.execute("SELECT * FROM user WHERE name='" + userName + "';");
} catch(SQLException e) {
e.printStackTrace();
}
}
public static void main(String[] args) {
Test11 test = new Test11();
test.good01(true, false);
test.good02(true, false);
test.good03(true, false);
test.good04(true, false);
test.good05(true);
test.bad(true, false);
}
}

72
src/eu.aniketos.dasca.dataflow.tests/src/main/java/eu/aniketos/dasca/dataflow/tests/Test12.java Normal file
View File

@ -0,0 +1,72 @@
/*
* (C) Copyright 2010-2015 SAP SE.
*
* All rights reserved. This program and the accompanying materials
* are made available under the terms of the Eclipse Public License v1.0
* which accompanies this distribution, and is available at
* http://www.eclipse.org/legal/epl-v10.html
*
*/
package eu.aniketos.dasca.dataflow.tests;
import java.sql.Connection;
import java.sql.SQLException;
import java.sql.Statement;
import eu.aniketos.dasca.dataflow.tests.dummy.IO;
// Test Case 12:
//reachability from bad sink to bad source via multiple if-statements and boolean expressions combined with arithmetics
public class Test12 {
/*
* bad for i==3 and !x
*/
public void bad(boolean x, int i) {
String userName = null;
if(x | i > 3) {
userName = IO.readLineGood();
}else{
userName = IO.readLine();
}
if( i < 3 ){
userName = IO.readLineGood();
}
Connection conn = IO.getDBConnection();
try {
Statement stmt = conn.createStatement();
stmt.execute("SELECT * FROM user WHERE name='" + userName + "';");
} catch(SQLException e) {
e.printStackTrace();
}
}
public void good01(boolean x, int i) {
String userName = null;
if(x | i > 3) {
userName = IO.readLineGood();
}else{
userName = IO.readLine();
}
if(!x & i <= 3 ){
userName = IO.readLineGood();
}
Connection conn = IO.getDBConnection();
try {
Statement stmt = conn.createStatement();
stmt.execute("SELECT * FROM user WHERE name='" + userName + "';");
} catch(SQLException e) {
e.printStackTrace();
}
}
public static void main(String[] args) {
Test12 test = new Test12();
test.good01(true, 5);
test.bad(true, 5);
}
}

93
src/eu.aniketos.dasca.dataflow.tests/src/main/java/eu/aniketos/dasca/dataflow/tests/Test13.java Normal file
View File

@ -0,0 +1,93 @@
/*
* (C) Copyright 2010-2015 SAP SE.
*
* All rights reserved. This program and the accompanying materials
* are made available under the terms of the Eclipse Public License v1.0
* which accompanies this distribution, and is available at
* http://www.eclipse.org/legal/epl-v10.html
*
*/
package eu.aniketos.dasca.dataflow.tests;
import java.sql.Connection;
import java.sql.SQLException;
import java.sql.Statement;
import eu.aniketos.dasca.dataflow.tests.dummy.IO;
// Test Case 13:
//reachability from bad sink to bad source via multiple if-statements with multiple arithmetics
public class Test13 {
/*
* bad for i==3 and j>5
*/
public void bad(int i, int j) {
String userName = null;
if(j <= 5 | i > 3) {
userName = IO.readLineGood();
}else{
userName = IO.readLine();
}
if( i < 3 ){
userName = IO.readLineGood();
}
Connection conn = IO.getDBConnection();
try {
Statement stmt = conn.createStatement();
stmt.execute("SELECT * FROM user WHERE name='" + userName + "';");
} catch(SQLException e) {
e.printStackTrace();
}
}
public void good01(int i, int j) {
String userName = null;
if(j <= 5 | i > 3) {
userName = IO.readLineGood();
}else{
userName = IO.readLine();
}
if( j > 5 & i <= 3 ){
userName = IO.readLineGood();
}
Connection conn = IO.getDBConnection();
try {
Statement stmt = conn.createStatement();
stmt.execute("SELECT * FROM user WHERE name='" + userName + "';");
} catch(SQLException e) {
e.printStackTrace();
}
}
public void good02(int i, int j) {
String userName = null;
if(j > 0 & i > 0) {
userName = IO.readLine();
if(i + j > 0){
userName = IO.readLineGood();
}
}else{
userName = IO.readLineGood();
}
Connection conn = IO.getDBConnection();
try {
Statement stmt = conn.createStatement();
stmt.execute("SELECT * FROM user WHERE name='" + userName + "';");
} catch(SQLException e) {
e.printStackTrace();
}
}
public static void main(String[] args) {
Test13 test = new Test13();
test.good01(5, 10);
test.good02(5, 10);
test.bad(5, 10);
}
}

90
src/eu.aniketos.dasca.dataflow.tests/src/main/java/eu/aniketos/dasca/dataflow/tests/Test14.java Normal file
View File

@ -0,0 +1,90 @@
/*
* (C) Copyright 2010-2015 SAP SE.
*
* All rights reserved. This program and the accompanying materials
* are made available under the terms of the Eclipse Public License v1.0
* which accompanies this distribution, and is available at
* http://www.eclipse.org/legal/epl-v10.html
*
*/
package eu.aniketos.dasca.dataflow.tests;
import java.sql.Connection;
import java.sql.SQLException;
import java.sql.Statement;
import eu.aniketos.dasca.dataflow.tests.dummy.IO;
// Test Case 14:
//reachability from bad sink to bad source via if-statement and loops
public class Test14 {
/*
* bad for i==0
*/
public void bad(int i) {
String userName = IO.readLine();
if(i < 0) {
userName = IO.readLineGood();
}
for (int j = 0; j < i; j++) {
userName = IO.readLineGood();
}
Connection conn = IO.getDBConnection();
try {
Statement stmt = conn.createStatement();
stmt.execute("SELECT * FROM user WHERE name='" + userName + "';");
} catch(SQLException e) {
e.printStackTrace();
}
}
public void good01() {
String userName = IO.readLineGood();
for (int j = 0; j < 0; j++) {
userName = IO.readLine();
}
Connection conn = IO.getDBConnection();
try {
Statement stmt = conn.createStatement();
stmt.execute("SELECT * FROM user WHERE name='" + userName + "';");
} catch(SQLException e) {
e.printStackTrace();
}
}
public void good02(int i) {
String userName = IO.readLine();
if(i <= 0) {
userName = IO.readLineGood();
}
for (int j = 0; j < i; j++) {
userName = IO.readLineGood();
}
Connection conn = IO.getDBConnection();
try {
Statement stmt = conn.createStatement();
stmt.execute("SELECT * FROM user WHERE name='" + userName + "';");
} catch(SQLException e) {
e.printStackTrace();
}
}
public static void main(String[] args) {
Test14 test = new Test14();
test.good01();
test.good02(5);
test.bad(5);
}
}

106
src/eu.aniketos.dasca.dataflow.tests/src/main/java/eu/aniketos/dasca/dataflow/tests/Test15.java Normal file
View File

@ -0,0 +1,106 @@
/*
* (C) Copyright 2010-2015 SAP SE.
*
* All rights reserved. This program and the accompanying materials
* are made available under the terms of the Eclipse Public License v1.0
* which accompanies this distribution, and is available at
* http://www.eclipse.org/legal/epl-v10.html
*
*/
package eu.aniketos.dasca.dataflow.tests;
import java.sql.Connection;
import java.sql.SQLException;
import java.sql.Statement;
import eu.aniketos.dasca.dataflow.tests.dummy.IO;
// Test Case 15:
//reachability from bad sink to bad source with guaranteed sanitizing
public class Test15 {
public void bad(int i) {
String userName = IO.readLine();
if(i < 0) {
userName = IO.sanitize(userName);
}
Connection conn = IO.getDBConnection();
try {
Statement stmt = conn.createStatement();
stmt.execute("SELECT * FROM user WHERE name='" + userName + "';");
} catch(SQLException e) {
e.printStackTrace();
}
}
public void good01(int i) {
String userName = IO.readLine();
if(i < 0) {
userName = IO.sanitize(userName);
}else{
userName = IO.sanitize(userName);
}
Connection conn = IO.getDBConnection();
try {
Statement stmt = conn.createStatement();
stmt.execute("SELECT * FROM user WHERE name='" + userName + "';");
} catch(SQLException e) {
e.printStackTrace();
}
}
public void good02(int i) {
String userName = IO.readLine();
if(i < 0) {
userName = IO.sanitize(userName);
}
if(i >= 0){
userName = IO.sanitize(userName);
}
Connection conn = IO.getDBConnection();
try {
Statement stmt = conn.createStatement();
stmt.execute("SELECT * FROM user WHERE name='" + userName + "';");
} catch(SQLException e) {
e.printStackTrace();
}
}
public void good03(int i) {
String userName = IO.readLine();
if(i < 0) {
userName = IO.sanitize(userName);
}
if(i == 0) {
userName = IO.readLineGood();
}
if(i > 0){
userName = IO.sanitize(userName);
}
Connection conn = IO.getDBConnection();
try {
Statement stmt = conn.createStatement();
stmt.execute("SELECT * FROM user WHERE name='" + userName + "';");
} catch(SQLException e) {
e.printStackTrace();
}
}
public static void main(String[] args) {
Test15 test = new Test15();
test.good01(5);
test.good02(5);
test.good03(5);
test.bad(5);
}
}

51
src/eu.aniketos.dasca.dataflow.tests/src/main/java/eu/aniketos/dasca/dataflow/tests/Test16.java Normal file
View File

@ -0,0 +1,51 @@
/*
* (C) Copyright 2010-2015 SAP SE.
*
* All rights reserved. This program and the accompanying materials
* are made available under the terms of the Eclipse Public License v1.0
* which accompanies this distribution, and is available at
* http://www.eclipse.org/legal/epl-v10.html
*
*/
package eu.aniketos.dasca.dataflow.tests;
import java.sql.Connection;
import java.sql.SQLException;
import java.sql.Statement;
import eu.aniketos.dasca.dataflow.tests.dummy.IO;
// Test Case 16:
//reachability from multiple identical bad sinks to one bad source with one vulnerability
public class Test16 {
/*
* 1 findings
*/
public void bad(int i) {
String userName = IO.readLine();
if(i < 0) {
userName = IO.readLine();
}
if(i < 0) {
userName = IO.sanitize(userName);
}
Connection conn = IO.getDBConnection();
try {
Statement stmt = conn.createStatement();
stmt.execute("SELECT * FROM user WHERE name='" + userName + "';");
} catch(SQLException e) {
e.printStackTrace();
}
}
public static void main(String[] args) {
Test16 test = new Test16();
test.bad(5);
}
}

49
src/eu.aniketos.dasca.dataflow.tests/src/main/java/eu/aniketos/dasca/dataflow/tests/Test17.java Normal file
View File

@ -0,0 +1,49 @@
/*
* (C) Copyright 2010-2015 SAP SE.
*
* All rights reserved. This program and the accompanying materials
* are made available under the terms of the Eclipse Public License v1.0
* which accompanies this distribution, and is available at
* http://www.eclipse.org/legal/epl-v10.html
*
*/
package eu.aniketos.dasca.dataflow.tests;
import java.sql.Connection;
import java.sql.SQLException;
import java.sql.Statement;
import eu.aniketos.dasca.dataflow.tests.dummy.IO;
// Test Case 17:
//reachability from multiple identical bad sinks to one bad source with multiple vulnerabilities
public class Test17 {
/*
* 2 findings
*/
public void bad(int i) {
String userName = "";
if(i < 0) {
userName = IO.readLine();
} else{
userName = IO.readLine();
}
Connection conn = IO.getDBConnection();
try {
Statement stmt = conn.createStatement();
stmt.execute("SELECT * FROM user WHERE name='" + userName + "';");
} catch(SQLException e) {
e.printStackTrace();
}
}
public static void main(String[] args) {
Test17 test = new Test17();
test.bad(5);
}
}

49
src/eu.aniketos.dasca.dataflow.tests/src/main/java/eu/aniketos/dasca/dataflow/tests/Test18.java Normal file
View File

@ -0,0 +1,49 @@
/*
* (C) Copyright 2010-2015 SAP SE.
*
* All rights reserved. This program and the accompanying materials
* are made available under the terms of the Eclipse Public License v1.0
* which accompanies this distribution, and is available at
* http://www.eclipse.org/legal/epl-v10.html
*
*/
package eu.aniketos.dasca.dataflow.tests;
import java.sql.Connection;
import java.sql.SQLException;
import java.sql.Statement;
import eu.aniketos.dasca.dataflow.tests.dummy.IO;
// Test Case 18:
//reachability from multiple differing bad sinks to one bad source with one vulnerability
public class Test18 {
/*
* 1 findings
*/
public void bad() {
String userName;
if(true) {
userName = IO.readLine();
} else{
userName = IO.readLine2();
}
Connection conn = IO.getDBConnection();
try {
Statement stmt = conn.createStatement();
stmt.execute("SELECT * FROM user WHERE name='" + userName + "';");
} catch(SQLException e) {
e.printStackTrace();
}
}
public static void main(String[] args) {
Test18 test = new Test18();
test.bad();
}
}

47
src/eu.aniketos.dasca.dataflow.tests/src/main/java/eu/aniketos/dasca/dataflow/tests/Test19.java Normal file
View File

@ -0,0 +1,47 @@
/*
* (C) Copyright 2010-2015 SAP SE.
*
* All rights reserved. This program and the accompanying materials
* are made available under the terms of the Eclipse Public License v1.0
* which accompanies this distribution, and is available at
* http://www.eclipse.org/legal/epl-v10.html
*
*/
package eu.aniketos.dasca.dataflow.tests;
import java.sql.Connection;
import java.sql.SQLException;
import java.sql.Statement;
import eu.aniketos.dasca.dataflow.tests.dummy.IO;
// Test Case 19:
//reachability from multiple differing bad sinks to one bad source with multiple vulnerabilities
public class Test19 {
/*
* 2 findings
*/
public void bad(int i) {
String userName = IO.readLine();
if(i < 10) {
userName = IO.readLine2();
}
Connection conn = IO.getDBConnection();
try {
Statement stmt = conn.createStatement();
stmt.execute("SELECT * FROM user WHERE name='" + userName + "';");
} catch(SQLException e) {
e.printStackTrace();
}
}
public static void main(String[] args) {
Test19 test = new Test19();
test.bad(5);
}
}

87
src/eu.aniketos.dasca.dataflow.tests/src/main/java/eu/aniketos/dasca/dataflow/tests/dummy/IO.java Normal file
View File

@ -0,0 +1,87 @@
/*
* (C) Copyright 2010-2015 SAP SE.
*
* All rights reserved. This program and the accompanying materials
* are made available under the terms of the Eclipse Public License v1.0
* which accompanies this distribution, and is available at
* http://www.eclipse.org/legal/epl-v10.html
*
*/
package eu.aniketos.dasca.dataflow.tests.dummy;
import java.io.BufferedReader;
import java.io.InputStreamReader;
import java.sql.Connection;
public class IO {
public static Connection getDBConnection() {
// TODO Auto-generated method stub
return null;
}
public static void writeString(String string) {
// TODO Auto-generated method stub
}
public static String readLine(){
/*/ // add/remove '*' to switch
String s = "";
try {
InputStreamReader converter = new InputStreamReader(System.in);
BufferedReader in = new BufferedReader(converter);
s = in.readLine();
} catch (Exception e) {
System.out.println("Error! Exception: "+e);
}
return s;
/*/
return "";
/**/
}
public static String readLine2(){
/*/ // add/remove '*' to switch
String s = "";
try {
InputStreamReader converter = new InputStreamReader(System.in);
BufferedReader in = new BufferedReader(converter);
s = in.readLine();
} catch (Exception e) {
System.out.println("Error! Exception: "+e);
}
return s;
/*/
return "";
/**/
}
public static String readLineGood(){
return "";
}
public static String sanitize(String s){
return "";
}
public static boolean testCondition(int i) throws IllegalArgumentException{
if(i<0){
throw new IllegalArgumentException("number must be positive");
}
return true;
}
public static void a() {
}
public static InputStreamReader getInputStreamReader(){
return null;
}
public static BufferedReader getBufferedReader(){
return null;
}
}

22
src/eu.aniketos.dasca.dataflow.tests/src/main/java/eu/aniketos/dasca/dataflow/tests/dummy/Logger.java Normal file
View File

@ -0,0 +1,22 @@
/*
* (C) Copyright 2010-2015 SAP SE.
*
* All rights reserved. This program and the accompanying materials
* are made available under the terms of the Eclipse Public License v1.0
* which accompanies this distribution, and is available at
* http://www.eclipse.org/legal/epl-v10.html
*
*/
package eu.aniketos.dasca.dataflow.tests.dummy;
public class Logger {
public static Logger getLogger(String name){
return null;
}
public void warning(String msg){
}
}

1
src/eu.aniketos.dasca.dataflow.tests/target/.gitignore vendored Normal file
View File

@ -0,0 +1 @@
/classes/

46
src/eu.aniketos.dasca.parent/pom.xml Normal file
View File

@ -0,0 +1,46 @@
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>eu.aniketos.dasca</groupId>
<artifactId>eu.aniketos.dasca.parent</artifactId>
<version>0.1</version>
<packaging>pom</packaging>
<name>DASCA - Parent project</name>
<properties>
<tycho-version>0.12.0</tycho-version>
</properties>
<modules>
<module>../eu.aniketos.dasca.dataflow.tests</module>
</modules>
<build>
<plugins>
<plugin>
<groupId>org.eclipse.tycho</groupId>
<artifactId>tycho-maven-plugin</artifactId>
<version>${tycho-version}</version>
<extensions>true</extensions>
</plugin>
<plugin>
<groupId>org.eclipse.tycho</groupId>
<artifactId>target-platform-configuration</artifactId>
<version>${tycho-version}</version>
<configuration>
<resolver>p2</resolver>
</configuration>
</plugin>
</plugins>
</build>
<dependencies>
<dependency>
<groupId>junit</groupId>
<artifactId>junit</artifactId>
<version>[4.8,)</version>
<scope>test</scope>
</dependency>
<dependency>
<groupId>log4j</groupId>
<artifactId>log4j</artifactId>
<version>[1.2,)</version>
</dependency>
</dependencies>
</project>