Java: Update expected test output

hvitved · hvitved · commit 6318cc9a7104 · 2019-09-18T13:36:15.000+02:00
diff --git a/java/ql/test/query-tests/security/CWE-113/semmle/tests/ResponseSplitting.expected b/java/ql/test/query-tests/security/CWE-113/semmle/tests/ResponseSplitting.expected
@@ -1,15 +1,11 @@
 edges
 | ResponseSplitting.java:22:39:22:66 | getParameter(...) [ : String] | ResponseSplitting.java:23:23:23:28 | cookie |
-| ResponseSplitting.java:28:38:28:72 | getParameter(...) [ : String] | ResponseSplitting.java:28:38:28:72 | getParameter(...) |
-| ResponseSplitting.java:29:38:29:72 | getParameter(...) [ : String] | ResponseSplitting.java:29:38:29:72 | getParameter(...) |
 nodes
 | ResponseSplitting.java:22:39:22:66 | getParameter(...) [ : String] | semmle.label | getParameter(...) [ : String] |
 | ResponseSplitting.java:23:23:23:28 | cookie | semmle.label | cookie |
 | ResponseSplitting.java:28:38:28:72 | getParameter(...) | semmle.label | getParameter(...) |
-| ResponseSplitting.java:28:38:28:72 | getParameter(...) [ : String] | semmle.label | getParameter(...) [ : String] |
 | ResponseSplitting.java:29:38:29:72 | getParameter(...) | semmle.label | getParameter(...) |
-| ResponseSplitting.java:29:38:29:72 | getParameter(...) [ : String] | semmle.label | getParameter(...) [ : String] |
 #select
 | ResponseSplitting.java:23:23:23:28 | cookie | ResponseSplitting.java:22:39:22:66 | getParameter(...) [ : String] | ResponseSplitting.java:23:23:23:28 | cookie | Response-splitting vulnerability due to this $@. | ResponseSplitting.java:22:39:22:66 | getParameter(...) | user-provided value |
-| ResponseSplitting.java:28:38:28:72 | getParameter(...) | ResponseSplitting.java:28:38:28:72 | getParameter(...) [ : String] | ResponseSplitting.java:28:38:28:72 | getParameter(...) | Response-splitting vulnerability due to this $@. | ResponseSplitting.java:28:38:28:72 | getParameter(...) | user-provided value |
-| ResponseSplitting.java:29:38:29:72 | getParameter(...) | ResponseSplitting.java:29:38:29:72 | getParameter(...) [ : String] | ResponseSplitting.java:29:38:29:72 | getParameter(...) | Response-splitting vulnerability due to this $@. | ResponseSplitting.java:29:38:29:72 | getParameter(...) | user-provided value |
+| ResponseSplitting.java:28:38:28:72 | getParameter(...) | ResponseSplitting.java:28:38:28:72 | getParameter(...) | ResponseSplitting.java:28:38:28:72 | getParameter(...) | Response-splitting vulnerability due to this $@. | ResponseSplitting.java:28:38:28:72 | getParameter(...) | user-provided value |
+| ResponseSplitting.java:29:38:29:72 | getParameter(...) | ResponseSplitting.java:29:38:29:72 | getParameter(...) | ResponseSplitting.java:29:38:29:72 | getParameter(...) | Response-splitting vulnerability due to this $@. | ResponseSplitting.java:29:38:29:72 | getParameter(...) | user-provided value |
diff --git a/java/ql/test/query-tests/security/CWE-129/semmle/tests/ImproperValidationOfArrayIndexCodeSpecified.expected b/java/ql/test/query-tests/security/CWE-129/semmle/tests/ImproperValidationOfArrayIndexCodeSpecified.expected
@@ -2,28 +2,18 @@ edges
 | Test.java:40:17:40:48 | nextInt(...) [ : Number] | Test.java:43:30:43:34 | index |
 | Test.java:40:17:40:48 | nextInt(...) [ : Number] | Test.java:47:32:47:36 | index |
 | Test.java:40:17:40:48 | nextInt(...) [ : Number] | Test.java:51:39:51:43 | index |
-| Test.java:64:34:64:34 | 0 [ : Number] | Test.java:64:34:64:34 | 0 |
-| Test.java:70:37:70:37 | 0 [ : Number] | Test.java:70:37:70:37 | 0 |
-| Test.java:77:39:77:39 | 0 [ : Number] | Test.java:77:39:77:39 | 0 |
-| Test.java:91:30:91:30 | 0 [ : Number] | Test.java:91:30:91:30 | 0 |
 | Test.java:93:17:93:17 | 0 [ : Number] | Test.java:96:32:96:36 | index |
-| Test.java:102:30:102:30 | 0 [ : Number] | Test.java:102:30:102:30 | 0 |
 nodes
 | Test.java:40:17:40:48 | nextInt(...) [ : Number] | semmle.label | nextInt(...) [ : Number] |
 | Test.java:43:30:43:34 | index | semmle.label | index |
 | Test.java:47:32:47:36 | index | semmle.label | index |
 | Test.java:51:39:51:43 | index | semmle.label | index |
 | Test.java:64:34:64:34 | 0 | semmle.label | 0 |
-| Test.java:64:34:64:34 | 0 [ : Number] | semmle.label | 0 [ : Number] |
 | Test.java:70:37:70:37 | 0 | semmle.label | 0 |
-| Test.java:70:37:70:37 | 0 [ : Number] | semmle.label | 0 [ : Number] |
 | Test.java:77:39:77:39 | 0 | semmle.label | 0 |
-| Test.java:77:39:77:39 | 0 [ : Number] | semmle.label | 0 [ : Number] |
 | Test.java:91:30:91:30 | 0 | semmle.label | 0 |
-| Test.java:91:30:91:30 | 0 [ : Number] | semmle.label | 0 [ : Number] |
 | Test.java:93:17:93:17 | 0 [ : Number] | semmle.label | 0 [ : Number] |
 | Test.java:96:32:96:36 | index | semmle.label | index |
 | Test.java:102:30:102:30 | 0 | semmle.label | 0 |
-| Test.java:102:30:102:30 | 0 [ : Number] | semmle.label | 0 [ : Number] |
 #select
 | Test.java:43:30:43:34 | index | Test.java:40:17:40:48 | nextInt(...) [ : Number] | Test.java:43:30:43:34 | index | $@ flows to the index used in this array access, and may cause the operation to throw an ArrayIndexOutOfBoundsException. | Test.java:40:17:40:48 | nextInt(...) | Random value |
diff --git a/java/ql/test/query-tests/security/CWE-327/semmle/tests/BrokenCryptoAlgorithm.expected b/java/ql/test/query-tests/security/CWE-327/semmle/tests/BrokenCryptoAlgorithm.expected
@@ -1,11 +1,7 @@
 edges
-| Test.java:19:45:19:49 | "DES" [ : String] | Test.java:19:45:19:49 | "DES" |
-| Test.java:42:33:42:37 | "RC2" [ : String] | Test.java:42:33:42:37 | "RC2" |
 nodes
 | Test.java:19:45:19:49 | "DES" | semmle.label | "DES" |
-| Test.java:19:45:19:49 | "DES" [ : String] | semmle.label | "DES" [ : String] |
 | Test.java:42:33:42:37 | "RC2" | semmle.label | "RC2" |
-| Test.java:42:33:42:37 | "RC2" [ : String] | semmle.label | "RC2" [ : String] |
 #select
-| Test.java:19:20:19:50 | getInstance(...) | Test.java:19:45:19:49 | "DES" [ : String] | Test.java:19:45:19:49 | "DES" | Cryptographic algorithm $@ is weak and should not be used. | Test.java:19:45:19:49 | "DES" | "DES" |
-| Test.java:42:14:42:38 | getInstance(...) | Test.java:42:33:42:37 | "RC2" [ : String] | Test.java:42:33:42:37 | "RC2" | Cryptographic algorithm $@ is weak and should not be used. | Test.java:42:33:42:37 | "RC2" | "RC2" |
+| Test.java:19:20:19:50 | getInstance(...) | Test.java:19:45:19:49 | "DES" | Test.java:19:45:19:49 | "DES" | Cryptographic algorithm $@ is weak and should not be used. | Test.java:19:45:19:49 | "DES" | "DES" |
+| Test.java:42:14:42:38 | getInstance(...) | Test.java:42:33:42:37 | "RC2" | Test.java:42:33:42:37 | "RC2" | Cryptographic algorithm $@ is weak and should not be used. | Test.java:42:33:42:37 | "RC2" | "RC2" |
diff --git a/java/ql/test/query-tests/security/CWE-327/semmle/tests/MaybeBrokenCryptoAlgorithm.expected b/java/ql/test/query-tests/security/CWE-327/semmle/tests/MaybeBrokenCryptoAlgorithm.expected
@@ -1,7 +1,5 @@
 edges
-| Test.java:34:48:34:52 | "foo" [ : String] | Test.java:34:48:34:52 | "foo" |
 nodes
 | Test.java:34:48:34:52 | "foo" | semmle.label | "foo" |
-| Test.java:34:48:34:52 | "foo" [ : String] | semmle.label | "foo" [ : String] |
 #select
-| Test.java:34:21:34:53 | new SecretKeySpec(...) | Test.java:34:48:34:52 | "foo" [ : String] | Test.java:34:48:34:52 | "foo" | Cryptographic algorithm $@ may not be secure, consider using a different algorithm. | Test.java:34:48:34:52 | "foo" | "foo" |
+| Test.java:34:21:34:53 | new SecretKeySpec(...) | Test.java:34:48:34:52 | "foo" | Test.java:34:48:34:52 | "foo" | Cryptographic algorithm $@ may not be secure, consider using a different algorithm. | Test.java:34:48:34:52 | "foo" | "foo" |
diff --git a/java/ql/test/query-tests/security/CWE-601/semmle/tests/UrlRedirect.expected b/java/ql/test/query-tests/security/CWE-601/semmle/tests/UrlRedirect.expected
@@ -1,19 +1,13 @@
 edges
-| UrlRedirect.java:23:25:23:54 | getParameter(...) [ : String] | UrlRedirect.java:23:25:23:54 | getParameter(...) |
 | UrlRedirect.java:36:58:36:89 | getParameter(...) [ : String] | UrlRedirect.java:36:25:36:89 | ... + ... |
-| UrlRedirect.java:39:34:39:63 | getParameter(...) [ : String] | UrlRedirect.java:39:34:39:63 | getParameter(...) |
-| UrlRedirect.java:42:43:42:72 | getParameter(...) [ : String] | UrlRedirect.java:42:43:42:72 | getParameter(...) |
 nodes
 | UrlRedirect.java:23:25:23:54 | getParameter(...) | semmle.label | getParameter(...) |
-| UrlRedirect.java:23:25:23:54 | getParameter(...) [ : String] | semmle.label | getParameter(...) [ : String] |
 | UrlRedirect.java:36:25:36:89 | ... + ... | semmle.label | ... + ... |
 | UrlRedirect.java:36:58:36:89 | getParameter(...) [ : String] | semmle.label | getParameter(...) [ : String] |
 | UrlRedirect.java:39:34:39:63 | getParameter(...) | semmle.label | getParameter(...) |
-| UrlRedirect.java:39:34:39:63 | getParameter(...) [ : String] | semmle.label | getParameter(...) [ : String] |
 | UrlRedirect.java:42:43:42:72 | getParameter(...) | semmle.label | getParameter(...) |
-| UrlRedirect.java:42:43:42:72 | getParameter(...) [ : String] | semmle.label | getParameter(...) [ : String] |
 #select
-| UrlRedirect.java:23:25:23:54 | getParameter(...) | UrlRedirect.java:23:25:23:54 | getParameter(...) [ : String] | UrlRedirect.java:23:25:23:54 | getParameter(...) | Potentially untrusted URL redirection due to $@. | UrlRedirect.java:23:25:23:54 | getParameter(...) | user-provided value |
+| UrlRedirect.java:23:25:23:54 | getParameter(...) | UrlRedirect.java:23:25:23:54 | getParameter(...) | UrlRedirect.java:23:25:23:54 | getParameter(...) | Potentially untrusted URL redirection due to $@. | UrlRedirect.java:23:25:23:54 | getParameter(...) | user-provided value |
 | UrlRedirect.java:36:25:36:89 | ... + ... | UrlRedirect.java:36:58:36:89 | getParameter(...) [ : String] | UrlRedirect.java:36:25:36:89 | ... + ... | Potentially untrusted URL redirection due to $@. | UrlRedirect.java:36:58:36:89 | getParameter(...) | user-provided value |
-| UrlRedirect.java:39:34:39:63 | getParameter(...) | UrlRedirect.java:39:34:39:63 | getParameter(...) [ : String] | UrlRedirect.java:39:34:39:63 | getParameter(...) | Potentially untrusted URL redirection due to $@. | UrlRedirect.java:39:34:39:63 | getParameter(...) | user-provided value |
-| UrlRedirect.java:42:43:42:72 | getParameter(...) | UrlRedirect.java:42:43:42:72 | getParameter(...) [ : String] | UrlRedirect.java:42:43:42:72 | getParameter(...) | Potentially untrusted URL redirection due to $@. | UrlRedirect.java:42:43:42:72 | getParameter(...) | user-provided value |
+| UrlRedirect.java:39:34:39:63 | getParameter(...) | UrlRedirect.java:39:34:39:63 | getParameter(...) | UrlRedirect.java:39:34:39:63 | getParameter(...) | Potentially untrusted URL redirection due to $@. | UrlRedirect.java:39:34:39:63 | getParameter(...) | user-provided value |
+| UrlRedirect.java:42:43:42:72 | getParameter(...) | UrlRedirect.java:42:43:42:72 | getParameter(...) | UrlRedirect.java:42:43:42:72 | getParameter(...) | Potentially untrusted URL redirection due to $@. | UrlRedirect.java:42:43:42:72 | getParameter(...) | user-provided value |
diff --git a/java/ql/test/query-tests/security/CWE-611/XXE.expected b/java/ql/test/query-tests/security/CWE-611/XXE.expected
diff --git a/java/ql/test/query-tests/security/CWE-798/semmle/tests/HardcodedCredentialsApiCall.expected b/java/ql/test/query-tests/security/CWE-798/semmle/tests/HardcodedCredentialsApiCall.expected
