|
252 | 252 | | SanitizationTests.java:119:25:119:32 | unsafer9 | SanitizationTests.java:117:33:117:63 | getParameter(...) : String | SanitizationTests.java:119:25:119:32 | unsafer9 | Potential server-side request forgery due to a $@. | SanitizationTests.java:117:33:117:63 | getParameter(...) | user-provided value | |
253 | 253 | | SanitizationTests.java:122:60:122:79 | new URI(...) | SanitizationTests.java:121:94:121:125 | getParameter(...) : String | SanitizationTests.java:122:60:122:79 | new URI(...) | Potential server-side request forgery due to a $@. | SanitizationTests.java:121:94:121:125 | getParameter(...) | user-provided value | |
254 | 254 | | SanitizationTests.java:123:25:123:33 | unsafer10 | SanitizationTests.java:121:94:121:125 | getParameter(...) : String | SanitizationTests.java:123:25:123:33 | unsafer10 | Potential server-side request forgery due to a $@. | SanitizationTests.java:121:94:121:125 | getParameter(...) | user-provided value | |
| 255 | +| SanitizationTests.java:153:54:153:69 | new URI(...) | SanitizationTests.java:152:55:152:83 | getParameter(...) : String | SanitizationTests.java:153:54:153:69 | new URI(...) | Potential server-side request forgery due to a $@. | SanitizationTests.java:152:55:152:83 | getParameter(...) | user-provided value | |
| 256 | +| SanitizationTests.java:154:25:154:27 | r14 | SanitizationTests.java:152:55:152:83 | getParameter(...) : String | SanitizationTests.java:154:25:154:27 | r14 | Potential server-side request forgery due to a $@. | SanitizationTests.java:152:55:152:83 | getParameter(...) | user-provided value | |
255 | 257 | | SpringSSRF.java:32:39:32:59 | ... + ... | SpringSSRF.java:28:33:28:60 | getParameter(...) : String | SpringSSRF.java:32:39:32:59 | ... + ... | Potential server-side request forgery due to a $@. | SpringSSRF.java:28:33:28:60 | getParameter(...) | user-provided value | |
256 | 258 | | SpringSSRF.java:33:69:33:82 | fooResourceUrl | SpringSSRF.java:28:33:28:60 | getParameter(...) : String | SpringSSRF.java:33:69:33:82 | fooResourceUrl | Potential server-side request forgery due to a $@. | SpringSSRF.java:28:33:28:60 | getParameter(...) | user-provided value | |
257 | 259 | | SpringSSRF.java:34:73:34:86 | fooResourceUrl | SpringSSRF.java:28:33:28:60 | getParameter(...) : String | SpringSSRF.java:34:73:34:86 | fooResourceUrl | Potential server-side request forgery due to a $@. | SpringSSRF.java:28:33:28:60 | getParameter(...) | user-provided value | |
@@ -833,6 +835,20 @@ edges |
833 | 835 | | SanitizationTests.java:122:68:122:78 | unsafeUri10 : String | SanitizationTests.java:122:60:122:79 | new URI(...) | provenance | MaD:285 Sink:MaD:6 | |
834 | 836 | | SanitizationTests.java:122:68:122:78 | unsafeUri10 : String | SanitizationTests.java:122:60:122:79 | new URI(...) : URI | provenance | Config | |
835 | 837 | | SanitizationTests.java:122:68:122:78 | unsafeUri10 : String | SanitizationTests.java:122:60:122:79 | new URI(...) : URI | provenance | MaD:285 | |
| 838 | +| SanitizationTests.java:152:35:152:84 | new AnnotatedObject(...) : AnnotatedObject [uri] : String | SanitizationTests.java:153:62:153:64 | obj : AnnotatedObject [uri] : String | provenance | | |
| 839 | +| SanitizationTests.java:152:55:152:83 | getParameter(...) : String | SanitizationTests.java:152:35:152:84 | new AnnotatedObject(...) : AnnotatedObject [uri] : String | provenance | Src:MaD:277 | |
| 840 | +| SanitizationTests.java:152:55:152:83 | getParameter(...) : String | SanitizationTests.java:170:32:170:41 | uri : String | provenance | Src:MaD:277 | |
| 841 | +| SanitizationTests.java:153:31:153:70 | newBuilder(...) : Builder | SanitizationTests.java:153:31:153:78 | build(...) : HttpRequest | provenance | MaD:283 | |
| 842 | +| SanitizationTests.java:153:31:153:78 | build(...) : HttpRequest | SanitizationTests.java:154:25:154:27 | r14 | provenance | Sink:MaD:4 | |
| 843 | +| SanitizationTests.java:153:54:153:69 | new URI(...) : URI | SanitizationTests.java:153:31:153:70 | newBuilder(...) : Builder | provenance | MaD:284 | |
| 844 | +| SanitizationTests.java:153:62:153:64 | obj : AnnotatedObject [uri] : String | SanitizationTests.java:153:62:153:68 | obj.uri : String | provenance | | |
| 845 | +| SanitizationTests.java:153:62:153:68 | obj.uri : String | SanitizationTests.java:153:54:153:69 | new URI(...) | provenance | Config Sink:MaD:6 | |
| 846 | +| SanitizationTests.java:153:62:153:68 | obj.uri : String | SanitizationTests.java:153:54:153:69 | new URI(...) | provenance | MaD:285 Sink:MaD:6 | |
| 847 | +| SanitizationTests.java:153:62:153:68 | obj.uri : String | SanitizationTests.java:153:54:153:69 | new URI(...) : URI | provenance | Config | |
| 848 | +| SanitizationTests.java:153:62:153:68 | obj.uri : String | SanitizationTests.java:153:54:153:69 | new URI(...) : URI | provenance | MaD:285 | |
| 849 | +| SanitizationTests.java:170:32:170:41 | uri : String | SanitizationTests.java:171:24:171:26 | uri : String | provenance | | |
| 850 | +| SanitizationTests.java:171:13:171:16 | this [post update] : AnnotatedObject [uri] : String | SanitizationTests.java:170:16:170:30 | parameter this [Return] : AnnotatedObject [uri] : String | provenance | | |
| 851 | +| SanitizationTests.java:171:24:171:26 | uri : String | SanitizationTests.java:171:13:171:16 | this [post update] : AnnotatedObject [uri] : String | provenance | | |
836 | 852 | | SpringSSRF.java:28:33:28:60 | getParameter(...) : String | SpringSSRF.java:32:39:32:59 | ... + ... | provenance | Src:MaD:277 Sink:MaD:264 | |
837 | 853 | | SpringSSRF.java:28:33:28:60 | getParameter(...) : String | SpringSSRF.java:33:69:33:82 | fooResourceUrl | provenance | Src:MaD:277 | |
838 | 854 | | SpringSSRF.java:28:33:28:60 | getParameter(...) : String | SpringSSRF.java:34:73:34:86 | fooResourceUrl | provenance | Src:MaD:277 | |
@@ -1815,6 +1831,19 @@ nodes |
1815 | 1831 | | SanitizationTests.java:122:60:122:79 | new URI(...) : URI | semmle.label | new URI(...) : URI | |
1816 | 1832 | | SanitizationTests.java:122:68:122:78 | unsafeUri10 : String | semmle.label | unsafeUri10 : String | |
1817 | 1833 | | SanitizationTests.java:123:25:123:33 | unsafer10 | semmle.label | unsafer10 | |
| 1834 | +| SanitizationTests.java:152:35:152:84 | new AnnotatedObject(...) : AnnotatedObject [uri] : String | semmle.label | new AnnotatedObject(...) : AnnotatedObject [uri] : String | |
| 1835 | +| SanitizationTests.java:152:55:152:83 | getParameter(...) : String | semmle.label | getParameter(...) : String | |
| 1836 | +| SanitizationTests.java:153:31:153:70 | newBuilder(...) : Builder | semmle.label | newBuilder(...) : Builder | |
| 1837 | +| SanitizationTests.java:153:31:153:78 | build(...) : HttpRequest | semmle.label | build(...) : HttpRequest | |
| 1838 | +| SanitizationTests.java:153:54:153:69 | new URI(...) | semmle.label | new URI(...) | |
| 1839 | +| SanitizationTests.java:153:54:153:69 | new URI(...) : URI | semmle.label | new URI(...) : URI | |
| 1840 | +| SanitizationTests.java:153:62:153:64 | obj : AnnotatedObject [uri] : String | semmle.label | obj : AnnotatedObject [uri] : String | |
| 1841 | +| SanitizationTests.java:153:62:153:68 | obj.uri : String | semmle.label | obj.uri : String | |
| 1842 | +| SanitizationTests.java:154:25:154:27 | r14 | semmle.label | r14 | |
| 1843 | +| SanitizationTests.java:170:16:170:30 | parameter this [Return] : AnnotatedObject [uri] : String | semmle.label | parameter this [Return] : AnnotatedObject [uri] : String | |
| 1844 | +| SanitizationTests.java:170:32:170:41 | uri : String | semmle.label | uri : String | |
| 1845 | +| SanitizationTests.java:171:13:171:16 | this [post update] : AnnotatedObject [uri] : String | semmle.label | this [post update] : AnnotatedObject [uri] : String | |
| 1846 | +| SanitizationTests.java:171:24:171:26 | uri : String | semmle.label | uri : String | |
1818 | 1847 | | SpringSSRF.java:28:33:28:60 | getParameter(...) : String | semmle.label | getParameter(...) : String | |
1819 | 1848 | | SpringSSRF.java:32:39:32:59 | ... + ... | semmle.label | ... + ... | |
1820 | 1849 | | SpringSSRF.java:33:69:33:82 | fooResourceUrl | semmle.label | fooResourceUrl | |
@@ -2035,3 +2064,4 @@ nodes |
2035 | 2064 | | mad/Test.java:112:15:112:31 | (...)... | semmle.label | (...)... | |
2036 | 2065 | | mad/Test.java:112:24:112:31 | source(...) : String | semmle.label | source(...) : String | |
2037 | 2066 | subpaths |
| 2067 | +| SanitizationTests.java:152:55:152:83 | getParameter(...) : String | SanitizationTests.java:170:32:170:41 | uri : String | SanitizationTests.java:170:16:170:30 | parameter this [Return] : AnnotatedObject [uri] : String | SanitizationTests.java:152:35:152:84 | new AnnotatedObject(...) : AnnotatedObject [uri] : String | |
0 commit comments