forked from github/codeql
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathArithmeticTainted.expected
More file actions
106 lines (106 loc) · 14 KB
/
ArithmeticTainted.expected
File metadata and controls
106 lines (106 loc) · 14 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
#select
| ArithmeticTainted.java:32:17:32:25 | ... + ... | ArithmeticTainted.java:17:46:17:54 | System.in : InputStream | ArithmeticTainted.java:32:17:32:20 | data | This arithmetic expression depends on a $@, potentially causing an overflow. | ArithmeticTainted.java:17:46:17:54 | System.in | user-provided value |
| ArithmeticTainted.java:40:17:40:25 | ... - ... | ArithmeticTainted.java:17:46:17:54 | System.in : InputStream | ArithmeticTainted.java:40:17:40:20 | data | This arithmetic expression depends on a $@, potentially causing an underflow. | ArithmeticTainted.java:17:46:17:54 | System.in | user-provided value |
| ArithmeticTainted.java:50:17:50:24 | ... + ... | ArithmeticTainted.java:17:46:17:54 | System.in : InputStream | ArithmeticTainted.java:50:17:50:20 | data | This arithmetic expression depends on a $@, potentially causing an overflow. | ArithmeticTainted.java:17:46:17:54 | System.in | user-provided value |
| ArithmeticTainted.java:71:17:71:27 | ... + ... | ArithmeticTainted.java:17:46:17:54 | System.in : InputStream | ArithmeticTainted.java:71:17:71:23 | herring | This arithmetic expression depends on a $@, potentially causing an overflow. | ArithmeticTainted.java:17:46:17:54 | System.in | user-provided value |
| ArithmeticTainted.java:95:37:95:46 | ... + ... | ArithmeticTainted.java:17:46:17:54 | System.in : InputStream | ArithmeticTainted.java:95:37:95:40 | data | This arithmetic expression depends on a $@, potentially causing an overflow. | ArithmeticTainted.java:17:46:17:54 | System.in | user-provided value |
| ArithmeticTainted.java:129:3:129:8 | ...++ | ArithmeticTainted.java:17:46:17:54 | System.in : InputStream | ArithmeticTainted.java:129:3:129:6 | data | This arithmetic expression depends on a $@, potentially causing an overflow. | ArithmeticTainted.java:17:46:17:54 | System.in | user-provided value |
| ArithmeticTainted.java:133:3:133:8 | ++... | ArithmeticTainted.java:17:46:17:54 | System.in : InputStream | ArithmeticTainted.java:133:5:133:8 | data | This arithmetic expression depends on a $@, potentially causing an overflow. | ArithmeticTainted.java:17:46:17:54 | System.in | user-provided value |
| ArithmeticTainted.java:137:3:137:8 | ...-- | ArithmeticTainted.java:17:46:17:54 | System.in : InputStream | ArithmeticTainted.java:137:3:137:6 | data | This arithmetic expression depends on a $@, potentially causing an underflow. | ArithmeticTainted.java:17:46:17:54 | System.in | user-provided value |
| ArithmeticTainted.java:141:3:141:8 | --... | ArithmeticTainted.java:17:46:17:54 | System.in : InputStream | ArithmeticTainted.java:141:5:141:8 | data | This arithmetic expression depends on a $@, potentially causing an underflow. | ArithmeticTainted.java:17:46:17:54 | System.in | user-provided value |
edges
| ArithmeticTainted.java:17:24:17:64 | new InputStreamReader(...) : InputStreamReader | ArithmeticTainted.java:18:40:18:56 | readerInputStream : InputStreamReader | provenance | |
| ArithmeticTainted.java:17:24:17:64 | new InputStreamReader(...) : InputStreamReader | ArithmeticTainted.java:18:40:18:56 | readerInputStream : InputStreamReader | provenance | |
| ArithmeticTainted.java:17:46:17:54 | System.in : InputStream | ArithmeticTainted.java:17:24:17:64 | new InputStreamReader(...) : InputStreamReader | provenance | MaD:3 |
| ArithmeticTainted.java:17:46:17:54 | System.in : InputStream | ArithmeticTainted.java:17:24:17:64 | new InputStreamReader(...) : InputStreamReader | provenance | MaD:3 |
| ArithmeticTainted.java:18:21:18:57 | new BufferedReader(...) : BufferedReader | ArithmeticTainted.java:19:26:19:39 | readerBuffered : BufferedReader | provenance | |
| ArithmeticTainted.java:18:21:18:57 | new BufferedReader(...) : BufferedReader | ArithmeticTainted.java:19:26:19:39 | readerBuffered : BufferedReader | provenance | |
| ArithmeticTainted.java:18:40:18:56 | readerInputStream : InputStreamReader | ArithmeticTainted.java:18:21:18:57 | new BufferedReader(...) : BufferedReader | provenance | MaD:1 |
| ArithmeticTainted.java:18:40:18:56 | readerInputStream : InputStreamReader | ArithmeticTainted.java:18:21:18:57 | new BufferedReader(...) : BufferedReader | provenance | MaD:1 |
| ArithmeticTainted.java:19:26:19:39 | readerBuffered : BufferedReader | ArithmeticTainted.java:19:26:19:50 | readLine(...) : String | provenance | MaD:2 |
| ArithmeticTainted.java:19:26:19:39 | readerBuffered : BufferedReader | ArithmeticTainted.java:19:26:19:50 | readLine(...) : String | provenance | MaD:2 |
| ArithmeticTainted.java:19:26:19:50 | readLine(...) : String | ArithmeticTainted.java:21:29:21:40 | stringNumber : String | provenance | |
| ArithmeticTainted.java:19:26:19:50 | readLine(...) : String | ArithmeticTainted.java:21:29:21:40 | stringNumber : String | provenance | |
| ArithmeticTainted.java:21:29:21:40 | stringNumber : String | ArithmeticTainted.java:21:29:21:47 | trim(...) : String | provenance | MaD:4 |
| ArithmeticTainted.java:21:29:21:40 | stringNumber : String | ArithmeticTainted.java:21:29:21:47 | trim(...) : String | provenance | MaD:4 |
| ArithmeticTainted.java:21:29:21:47 | trim(...) : String | ArithmeticTainted.java:32:17:32:20 | data | provenance | TaintPreservingCallable |
| ArithmeticTainted.java:21:29:21:47 | trim(...) : String | ArithmeticTainted.java:40:17:40:20 | data | provenance | TaintPreservingCallable |
| ArithmeticTainted.java:21:29:21:47 | trim(...) : String | ArithmeticTainted.java:50:17:50:20 | data | provenance | TaintPreservingCallable |
| ArithmeticTainted.java:21:29:21:47 | trim(...) : String | ArithmeticTainted.java:64:20:64:23 | data : Number | provenance | TaintPreservingCallable |
| ArithmeticTainted.java:21:29:21:47 | trim(...) : String | ArithmeticTainted.java:95:37:95:40 | data | provenance | TaintPreservingCallable |
| ArithmeticTainted.java:21:29:21:47 | trim(...) : String | ArithmeticTainted.java:118:9:118:12 | data : Number | provenance | TaintPreservingCallable |
| ArithmeticTainted.java:21:29:21:47 | trim(...) : String | ArithmeticTainted.java:119:10:119:13 | data : Number | provenance | TaintPreservingCallable |
| ArithmeticTainted.java:21:29:21:47 | trim(...) : String | ArithmeticTainted.java:120:10:120:13 | data : Number | provenance | TaintPreservingCallable |
| ArithmeticTainted.java:21:29:21:47 | trim(...) : String | ArithmeticTainted.java:121:10:121:13 | data : Number | provenance | TaintPreservingCallable |
| ArithmeticTainted.java:64:4:64:10 | tainted [post update] : Holder [dat] : Number | ArithmeticTainted.java:66:18:66:24 | tainted : Holder [dat] : Number | provenance | |
| ArithmeticTainted.java:64:20:64:23 | data : Number | ArithmeticTainted.java:64:4:64:10 | tainted [post update] : Holder [dat] : Number | provenance | |
| ArithmeticTainted.java:64:20:64:23 | data : Number | Holder.java:12:22:12:26 | d : Number | provenance | |
| ArithmeticTainted.java:66:18:66:24 | tainted : Holder [dat] : Number | ArithmeticTainted.java:66:18:66:34 | getData(...) : Number | provenance | |
| ArithmeticTainted.java:66:18:66:24 | tainted : Holder [dat] : Number | Holder.java:16:13:16:19 | parameter this : Holder [dat] : Number | provenance | |
| ArithmeticTainted.java:66:18:66:34 | getData(...) : Number | ArithmeticTainted.java:71:17:71:23 | herring | provenance | |
| ArithmeticTainted.java:118:9:118:12 | data : Number | ArithmeticTainted.java:127:26:127:33 | data : Number | provenance | |
| ArithmeticTainted.java:119:10:119:13 | data : Number | ArithmeticTainted.java:131:27:131:34 | data : Number | provenance | |
| ArithmeticTainted.java:120:10:120:13 | data : Number | ArithmeticTainted.java:135:27:135:34 | data : Number | provenance | |
| ArithmeticTainted.java:121:10:121:13 | data : Number | ArithmeticTainted.java:139:27:139:34 | data : Number | provenance | |
| ArithmeticTainted.java:127:26:127:33 | data : Number | ArithmeticTainted.java:129:3:129:6 | data | provenance | |
| ArithmeticTainted.java:131:27:131:34 | data : Number | ArithmeticTainted.java:133:5:133:8 | data | provenance | |
| ArithmeticTainted.java:135:27:135:34 | data : Number | ArithmeticTainted.java:137:3:137:6 | data | provenance | |
| ArithmeticTainted.java:139:27:139:34 | data : Number | ArithmeticTainted.java:141:5:141:8 | data | provenance | |
| Holder.java:12:22:12:26 | d : Number | Holder.java:13:9:13:9 | d : Number | provenance | |
| Holder.java:13:3:13:5 | this <.field> [post update] : Holder [dat] : Number | Holder.java:12:14:12:20 | parameter this [Return] : Holder [dat] : Number | provenance | |
| Holder.java:13:9:13:9 | d : Number | Holder.java:13:3:13:5 | this <.field> [post update] : Holder [dat] : Number | provenance | |
| Holder.java:16:13:16:19 | parameter this : Holder [dat] : Number | Holder.java:17:10:17:12 | this <.field> : Holder [dat] : Number | provenance | |
| Holder.java:17:10:17:12 | this <.field> : Holder [dat] : Number | Holder.java:17:10:17:12 | dat : Number | provenance | |
models
| 1 | Summary: java.io; BufferedReader; false; BufferedReader; ; ; Argument[0]; Argument[this]; taint; manual |
| 2 | Summary: java.io; BufferedReader; true; readLine; ; ; Argument[this]; ReturnValue; taint; manual |
| 3 | Summary: java.io; InputStreamReader; false; InputStreamReader; ; ; Argument[0]; Argument[this]; taint; manual |
| 4 | Summary: java.lang; String; false; trim; ; ; Argument[this]; ReturnValue; taint; manual |
nodes
| ArithmeticTainted.java:17:24:17:64 | new InputStreamReader(...) : InputStreamReader | semmle.label | new InputStreamReader(...) : InputStreamReader |
| ArithmeticTainted.java:17:24:17:64 | new InputStreamReader(...) : InputStreamReader | semmle.label | new InputStreamReader(...) : InputStreamReader |
| ArithmeticTainted.java:17:46:17:54 | System.in : InputStream | semmle.label | System.in : InputStream |
| ArithmeticTainted.java:17:46:17:54 | System.in : InputStream | semmle.label | System.in : InputStream |
| ArithmeticTainted.java:18:21:18:57 | new BufferedReader(...) : BufferedReader | semmle.label | new BufferedReader(...) : BufferedReader |
| ArithmeticTainted.java:18:21:18:57 | new BufferedReader(...) : BufferedReader | semmle.label | new BufferedReader(...) : BufferedReader |
| ArithmeticTainted.java:18:40:18:56 | readerInputStream : InputStreamReader | semmle.label | readerInputStream : InputStreamReader |
| ArithmeticTainted.java:18:40:18:56 | readerInputStream : InputStreamReader | semmle.label | readerInputStream : InputStreamReader |
| ArithmeticTainted.java:19:26:19:39 | readerBuffered : BufferedReader | semmle.label | readerBuffered : BufferedReader |
| ArithmeticTainted.java:19:26:19:39 | readerBuffered : BufferedReader | semmle.label | readerBuffered : BufferedReader |
| ArithmeticTainted.java:19:26:19:50 | readLine(...) : String | semmle.label | readLine(...) : String |
| ArithmeticTainted.java:19:26:19:50 | readLine(...) : String | semmle.label | readLine(...) : String |
| ArithmeticTainted.java:21:29:21:40 | stringNumber : String | semmle.label | stringNumber : String |
| ArithmeticTainted.java:21:29:21:40 | stringNumber : String | semmle.label | stringNumber : String |
| ArithmeticTainted.java:21:29:21:47 | trim(...) : String | semmle.label | trim(...) : String |
| ArithmeticTainted.java:21:29:21:47 | trim(...) : String | semmle.label | trim(...) : String |
| ArithmeticTainted.java:32:17:32:20 | data | semmle.label | data |
| ArithmeticTainted.java:40:17:40:20 | data | semmle.label | data |
| ArithmeticTainted.java:50:17:50:20 | data | semmle.label | data |
| ArithmeticTainted.java:64:4:64:10 | tainted [post update] : Holder [dat] : Number | semmle.label | tainted [post update] : Holder [dat] : Number |
| ArithmeticTainted.java:64:20:64:23 | data : Number | semmle.label | data : Number |
| ArithmeticTainted.java:66:18:66:24 | tainted : Holder [dat] : Number | semmle.label | tainted : Holder [dat] : Number |
| ArithmeticTainted.java:66:18:66:34 | getData(...) : Number | semmle.label | getData(...) : Number |
| ArithmeticTainted.java:71:17:71:23 | herring | semmle.label | herring |
| ArithmeticTainted.java:95:37:95:40 | data | semmle.label | data |
| ArithmeticTainted.java:118:9:118:12 | data : Number | semmle.label | data : Number |
| ArithmeticTainted.java:119:10:119:13 | data : Number | semmle.label | data : Number |
| ArithmeticTainted.java:120:10:120:13 | data : Number | semmle.label | data : Number |
| ArithmeticTainted.java:121:10:121:13 | data : Number | semmle.label | data : Number |
| ArithmeticTainted.java:127:26:127:33 | data : Number | semmle.label | data : Number |
| ArithmeticTainted.java:129:3:129:6 | data | semmle.label | data |
| ArithmeticTainted.java:131:27:131:34 | data : Number | semmle.label | data : Number |
| ArithmeticTainted.java:133:5:133:8 | data | semmle.label | data |
| ArithmeticTainted.java:135:27:135:34 | data : Number | semmle.label | data : Number |
| ArithmeticTainted.java:137:3:137:6 | data | semmle.label | data |
| ArithmeticTainted.java:139:27:139:34 | data : Number | semmle.label | data : Number |
| ArithmeticTainted.java:141:5:141:8 | data | semmle.label | data |
| Holder.java:12:14:12:20 | parameter this [Return] : Holder [dat] : Number | semmle.label | parameter this [Return] : Holder [dat] : Number |
| Holder.java:12:22:12:26 | d : Number | semmle.label | d : Number |
| Holder.java:13:3:13:5 | this <.field> [post update] : Holder [dat] : Number | semmle.label | this <.field> [post update] : Holder [dat] : Number |
| Holder.java:13:9:13:9 | d : Number | semmle.label | d : Number |
| Holder.java:16:13:16:19 | parameter this : Holder [dat] : Number | semmle.label | parameter this : Holder [dat] : Number |
| Holder.java:17:10:17:12 | dat : Number | semmle.label | dat : Number |
| Holder.java:17:10:17:12 | this <.field> : Holder [dat] : Number | semmle.label | this <.field> : Holder [dat] : Number |
subpaths
| ArithmeticTainted.java:64:20:64:23 | data : Number | Holder.java:12:22:12:26 | d : Number | Holder.java:12:14:12:20 | parameter this [Return] : Holder [dat] : Number | ArithmeticTainted.java:64:4:64:10 | tainted [post update] : Holder [dat] : Number |
| ArithmeticTainted.java:66:18:66:24 | tainted : Holder [dat] : Number | Holder.java:16:13:16:19 | parameter this : Holder [dat] : Number | Holder.java:17:10:17:12 | dat : Number | ArithmeticTainted.java:66:18:66:34 | getData(...) : Number |