infer_clone/infer/tests/codetoanalyze/java/quandary/Files.java

/*
 * Copyright (c) Facebook, Inc. and its affiliates.
 *
 * This source code is licensed under the MIT license found in the
 * LICENSE file in the root directory of this source tree.
 */

package codetoanalyze.java.quandary;

import com.facebook.infer.builtins.InferTaint;
import java.io.File;
import java.nio.file.FileSystems;
import java.nio.file.Path;
import java.nio.file.Paths;

public class Files {

  public File fileConstructorSinkBad() {
    String taintedString = (String) InferTaint.inferSecretSource();
    return new File(taintedString);
  }

  public Path fileSystemConstructorSinkBad1() {
    String taintedString = (String) InferTaint.inferSecretSource();
    return FileSystems.getDefault().getPath(taintedString);
  }

  // testing varags
  public Path fileSystemConstructorSinkBad2() {
    String taintedString = (String) InferTaint.inferSecretSource();
    return FileSystems.getDefault().getPath("", taintedString);
  }

  public Path pathsSinkBad1() {
    String taintedString = (String) InferTaint.inferSecretSource();
    return Paths.get(taintedString);
  }

  // testing varags
  public Path pathsSinkBad2() {
    String taintedString = (String) InferTaint.inferSecretSource();
    return Paths.get("", taintedString);
  }
}
[quandary] ContentProvider Uri's as sources/files as sinks Reviewed By: mburman Differential Revision: D4917047 fbshipit-source-id: 994891b 8 years ago			`/*`
[copyright] Remove years Reviewed By: jvillard Differential Revision: D15771884 fbshipit-source-id: e2997e3a3 6 years ago			`* Copyright (c) Facebook, Inc. and its affiliates.`
[quandary] ContentProvider Uri's as sources/files as sinks Reviewed By: mburman Differential Revision: D4917047 fbshipit-source-id: 994891b 8 years ago			`*`
Change license to MIT Summary: Change the license of the source code from BSD + PATENTS to MIT. Change `checkCopyright` to reflect the new license and learn some new file types. Generated with: ``` git grep BSD \| xargs -n 1 ./scripts/checkCopyright -i ``` Reviewed By: jeremydubreil, mbouaziz, jberdine Differential Revision: D8071249 fbshipit-source-id: 97ca23a 7 years ago			`* This source code is licensed under the MIT license found in the`
			`* LICENSE file in the root directory of this source tree.`
[quandary] ContentProvider Uri's as sources/files as sinks Reviewed By: mburman Differential Revision: D4917047 fbshipit-source-id: 994891b 8 years ago			`*/`

			`package codetoanalyze.java.quandary;`

			`import com.facebook.infer.builtins.InferTaint;`
			`import java.io.File;`
			`import java.nio.file.FileSystems;`
			`import java.nio.file.Path;`
			`import java.nio.file.Paths;`

			`public class Files {`

			`public File fileConstructorSinkBad() {`
			`String taintedString = (String) InferTaint.inferSecretSource();`
			`return new File(taintedString);`
			`}`

			`public Path fileSystemConstructorSinkBad1() {`
			`String taintedString = (String) InferTaint.inferSecretSource();`
			`return FileSystems.getDefault().getPath(taintedString);`
			`}`

			`// testing varags`
			`public Path fileSystemConstructorSinkBad2() {`
			`String taintedString = (String) InferTaint.inferSecretSource();`
			`return FileSystems.getDefault().getPath("", taintedString);`
			`}`

			`public Path pathsSinkBad1() {`
			`String taintedString = (String) InferTaint.inferSecretSource();`
			`return Paths.get(taintedString);`
			`}`

			`// testing varags`
			`public Path pathsSinkBad2() {`
			`String taintedString = (String) InferTaint.inferSecretSource();`
			`return Paths.get("", taintedString);`
			`}`
			`}`