{ "$schema": "https://schemastore.azurewebsites.net/schemas/json/sarif-2.1.0-rtm.5.json", "version": "2.1.0", "runs": [ { "results": [ { "ruleIndex": 47, "level": "note", "message": { "text": "The method concept1() in [BackDoors.java](1) throws a generic exception making it harder for callers to do a good job of error handling and recovery.\r\nThe method throws a generic exception making it harder for callers to do a good job of error handling and recovery." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 110 }, "region": { "startLine": 87, "snippet": { "text": " protected Element concept1(WebSession s) throws Exception" } }, "contextRegion": { "startLine": 84, "endLine": 90, "snippet": { "text": " }\n\n\n protected Element concept1(WebSession s) throws Exception\n {\n\tElementContainer ec = new ElementContainer();\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 110 }, "region": { "startLine": 87, "snippet": { "text": " protected Element concept1(WebSession s) throws Exception" } }, "contextRegion": { "startLine": 84, "endLine": 90, "snippet": { "text": " }\n\n\n protected Element concept1(WebSession s) throws Exception\n {\n\tElementContainer ec = new ElementContainer();\n\n" } } }, "message": { "text": "Function: concept1" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 110 }, "region": { "startLine": 87 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function handleRequest() in [Login.java](1) might reveal system data or debugging information by calling printStackTrace() on line [100](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 88 }, "region": { "startLine": 100, "snippet": { "text": "\t\t ue2.printStackTrace();" } }, "contextRegion": { "startLine": 97, "endLine": 103, "snippet": { "text": "\t\tcatch (UnauthorizedException ue2)\n\t\t{\n\t\t System.out.println(\"Internal server error\");\n\t\t ue2.printStackTrace();\n\t\t}\n\t }\n\t else\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 88 }, "region": { "startLine": 100, "snippet": { "text": "\t\t ue2.printStackTrace();" } }, "contextRegion": { "startLine": 97, "endLine": 103, "snippet": { "text": "\t\tcatch (UnauthorizedException ue2)\n\t\t{\n\t\t System.out.println(\"Internal server error\");\n\t\t ue2.printStackTrace();\n\t\t}\n\t }\n\t else\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 88 }, "region": { "startLine": 100 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 17, "message": { "text": "The catch block at [ViewProfile.java](1) line [149](1) handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program.\r\nThe catch block handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 38 }, "region": { "startLine": 149, "endLine": 153, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t s.setMessage(\"Error getting employee profile\");\r\n\t e.printStackTrace();\r\n\t}" } }, "contextRegion": { "startLine": 146, "endLine": 156, "snippet": { "text": "\t\tsqle.printStackTrace();\n\t }\n\t}\n\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error getting employee profile\");\n\t e.printStackTrace();\n\t}\n\n\treturn profile;\n }\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 38 }, "region": { "startLine": 149, "endLine": 153, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t s.setMessage(\"Error getting employee profile\");\r\n\t e.printStackTrace();\r\n\t}" } }, "contextRegion": { "startLine": 146, "endLine": 156, "snippet": { "text": "\t\tsqle.printStackTrace();\n\t }\n\t}\n\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error getting employee profile\");\n\t e.printStackTrace();\n\t}\n\n\treturn profile;\n }\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 38 }, "region": { "startLine": 149, "startColumn": 2, "endLine": 153 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function handleRequest() in [CrossSiteScripting.java](1) might reveal system data or debugging information by calling printStackTrace() on line [373](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 125 }, "region": { "startLine": 373, "snippet": { "text": "\t\tue.printStackTrace();" } }, "contextRegion": { "startLine": 370, "endLine": 376, "snippet": { "text": "\t {\n\t\ts.setMessage(\"Login failed\");\n\t\tSystem.out.println(\"Authentication failure\");\n\t\tue.printStackTrace();\n\t }\n\t catch (UnauthorizedException ue2)\n\t {\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 125 }, "region": { "startLine": 373, "snippet": { "text": "\t\tue.printStackTrace();" } }, "contextRegion": { "startLine": 370, "endLine": 376, "snippet": { "text": "\t {\n\t\ts.setMessage(\"Login failed\");\n\t\tSystem.out.println(\"Authentication failure\");\n\t\tue.printStackTrace();\n\t }\n\t catch (UnauthorizedException ue2)\n\t {\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 125 }, "region": { "startLine": 373 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 108, "level": "error", "message": { "text": "The method getRawParameter() in [ParameterParser.java](1) mishandles confidential information, which can compromise user privacy and is often illegal.\r\nMishandling private information, such as customer passwords or social security numbers, can compromise user privacy and is often illegal." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 631, "snippet": { "text": "\t throw new ParameterNotFoundException(name + \" not found\");" } }, "contextRegion": { "startLine": 628, "endLine": 634, "snippet": { "text": "\n\tif (values == null)\n\t{\n\t throw new ParameterNotFoundException(name + \" not found\");\n\t}\n\telse if (values[0].length() == 0)\n\t{\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 4 }, { "index": 5 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 631, "snippet": { "text": "\t throw new ParameterNotFoundException(name + \" not found\");" } }, "contextRegion": { "startLine": 628, "endLine": 634, "snippet": { "text": "\n\tif (values == null)\n\t{\n\t throw new ParameterNotFoundException(name + \" not found\");\n\t}\n\telse if (values[0].length() == 0)\n\t{\n" } } }, "message": { "text": "ParameterNotFoundException(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 631 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function handleRequest() in [Login.java](1) might reveal system data or debugging information by calling printStackTrace() on line [95](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 88 }, "region": { "startLine": 95, "snippet": { "text": "\t\t ue1.printStackTrace();" } }, "contextRegion": { "startLine": 92, "endLine": 98, "snippet": { "text": "\t\tcatch (UnauthenticatedException ue1)\n\t\t{\n\t\t System.out.println(\"Internal server error\");\n\t\t ue1.printStackTrace();\n\t\t}\n\t\tcatch (UnauthorizedException ue2)\n\t\t{\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 88 }, "region": { "startLine": 95, "snippet": { "text": "\t\t ue1.printStackTrace();" } }, "contextRegion": { "startLine": 92, "endLine": 98, "snippet": { "text": "\t\tcatch (UnauthenticatedException ue1)\n\t\t{\n\t\t System.out.println(\"Internal server error\");\n\t\t ue1.printStackTrace();\n\t\t}\n\t\tcatch (UnauthorizedException ue2)\n\t\t{\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 88 }, "region": { "startLine": 95 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function handleRequest() in [CrossSiteScripting.java](1) might reveal system data or debugging information by calling printStackTrace() on line [379](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 125 }, "region": { "startLine": 379, "snippet": { "text": "\t\tue2.printStackTrace();" } }, "contextRegion": { "startLine": 376, "endLine": 382, "snippet": { "text": "\t {\n\t\ts.setMessage(\"You are not authorized to perform this function\");\n\t\tSystem.out.println(\"Authorization failure\");\n\t\tue2.printStackTrace();\n\t }\n\t catch (Exception e)\n\t {\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 125 }, "region": { "startLine": 379, "snippet": { "text": "\t\tue2.printStackTrace();" } }, "contextRegion": { "startLine": 376, "endLine": 382, "snippet": { "text": "\t {\n\t\ts.setMessage(\"You are not authorized to perform this function\");\n\t\tSystem.out.println(\"Authorization failure\");\n\t\tue2.printStackTrace();\n\t }\n\t catch (Exception e)\n\t {\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 125 }, "region": { "startLine": 379 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function main() in [Encoding.java](1) might reveal system data or debugging information by calling printStackTrace() on line [774](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 774, "snippet": { "text": "\t\t\te.printStackTrace();" } }, "contextRegion": { "startLine": 771, "endLine": 777, "snippet": { "text": "\t\t}\n\t\tcatch ( Exception e )\n\t\t{\n\t\t\te.printStackTrace();\n\t\t}\n\t}\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 774, "snippet": { "text": "\t\t\te.printStackTrace();" } }, "contextRegion": { "startLine": 771, "endLine": 777, "snippet": { "text": "\t\t}\n\t\tcatch ( Exception e )\n\t\t{\n\t\t\te.printStackTrace();\n\t\t}\n\t}\n\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 774 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 108, "level": "error", "message": { "text": "The method getStringParameter() in [ParameterParser.java](1) mishandles confidential information, which can compromise user privacy and is often illegal.\r\nMishandling private information, such as customer passwords or social security numbers, can compromise user privacy and is often illegal." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 695, "snippet": { "text": "\t throw new ParameterNotFoundException(name + \" not found\");" } }, "contextRegion": { "startLine": 692, "endLine": 698, "snippet": { "text": "\n\tif (values == null)\n\t{\n\t throw new ParameterNotFoundException(name + \" not found\");\n\t}\n\telse if (values[0].length() == 0)\n\t{\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 1 }, { "index": 8 }, { "index": 9 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 695, "snippet": { "text": "\t throw new ParameterNotFoundException(name + \" not found\");" } }, "contextRegion": { "startLine": 692, "endLine": 698, "snippet": { "text": "\n\tif (values == null)\n\t{\n\t throw new ParameterNotFoundException(name + \" not found\");\n\t}\n\telse if (values[0].length() == 0)\n\t{\n" } } }, "message": { "text": "ParameterNotFoundException(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 695 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 122, "level": "error", "message": { "text": "The file [redirect.jsp](1) passes unvalidated data to an HTTP redirect function on line [12](1). Allowing unvalidated input to control the URL used in a redirect can aid phishing attacks.\r\nAllowing unvalidated input to control the URL used in a redirect can aid phishing attacks." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 47 }, "region": { "startLine": 12, "snippet": { "text": "\t\t \"&menu=\" + request.getParameter(\"menu\") +" } }, "contextRegion": { "startLine": 9, "endLine": 15, "snippet": { "text": "\n<% response.sendRedirect(\"/WebGoat/attack?\" +\n\t\t \"Screen=\" + request.getParameter(\"Screen\") +\n\t\t \"&menu=\" + request.getParameter(\"menu\") +\n\t\t \"&fromRedirect=yes&language=\" + request.getParameter(\"language\")); \n%>\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 6 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 47 }, "region": { "startLine": 12, "snippet": { "text": "\t\t \"&menu=\" + request.getParameter(\"menu\") +" } }, "contextRegion": { "startLine": 9, "endLine": 15, "snippet": { "text": "\n<% response.sendRedirect(\"/WebGoat/attack?\" +\n\t\t \"Screen=\" + request.getParameter(\"Screen\") +\n\t\t \"&menu=\" + request.getParameter(\"menu\") +\n\t\t \"&fromRedirect=yes&language=\" + request.getParameter(\"language\")); \n%>\n\n" } } }, "message": { "text": "sendRedirect(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 47 }, "region": { "startLine": 12 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function changeEmployeeProfile() in [UpdateProfile.java](1) might reveal system data or debugging information by calling printStackTrace() on line [181](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 101 }, "region": { "startLine": 181, "snippet": { "text": "\t\tsqle.printStackTrace();" } }, "contextRegion": { "startLine": 178, "endLine": 184, "snippet": { "text": "\t catch (SQLException sqle)\n\t {\n\t\ts.setMessage(\"Error updating employee profile\");\n\t\tsqle.printStackTrace();\n\t }\n\n\t}\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 101 }, "region": { "startLine": 181, "snippet": { "text": "\t\tsqle.printStackTrace();" } }, "contextRegion": { "startLine": 178, "endLine": 184, "snippet": { "text": "\t catch (SQLException sqle)\n\t {\n\t\ts.setMessage(\"Error updating employee profile\");\n\t\tsqle.printStackTrace();\n\t }\n\n\t}\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 101 }, "region": { "startLine": 181 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 125, "level": "error", "message": { "text": "The method _jspService() in [ViewProfile.jsp](1) mishandles confidential information, which can compromise user privacy and is often illegal.\r\nMishandling private information, such as customer passwords or social security numbers, can compromise user privacy and is often illegal." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 16 }, "region": { "startLine": 58, "snippet": { "text": "\t\t\t \t\t<%=employee.getSsn()%>" } }, "contextRegion": { "startLine": 55, "endLine": 61, "snippet": { "text": "\t\t\t \t\tSSN: \n\t\t\t \t\n\t\t\t \t\n\t\t\t \t\t<%=employee.getSsn()%>\n\t\t\t\t\t\n\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\tSalary: \n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 13 }, { "index": 14 }, { "index": 15 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 16 }, "region": { "startLine": 58, "snippet": { "text": "\t\t\t \t\t<%=employee.getSsn()%>" } }, "contextRegion": { "startLine": 55, "endLine": 61, "snippet": { "text": "\t\t\t \t\tSSN: \n\t\t\t \t\n\t\t\t \t\n\t\t\t \t\t<%=employee.getSsn()%>\n\t\t\t\t\t\n\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\tSalary: \n" } } }, "message": { "text": "print(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 16 }, "region": { "startLine": 58 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 140, "level": "error", "message": { "text": "The function getResults() in [SoapRequest.java](1) sometimes fails to release a system resource allocated by makeConnection() on line 412.\r\nThe program can potentially fail to release a database connection." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 130 }, "region": { "startLine": 418 } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 130 }, "region": { "startLine": 412, "snippet": { "text": "\t Connection connection = DatabaseUtilities.makeConnection();" } }, "contextRegion": { "startLine": 409, "endLine": 415, "snippet": { "text": " {\n\ttry\n\t{\n\t Connection connection = DatabaseUtilities.makeConnection();\n\t if (connection == null)\n\t {\n\t\treturn null;\n" } } }, "message": { "text": "connection = makeConnection()" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 130 }, "region": { "startLine": 413, "snippet": { "text": "\t if (connection == null)" } }, "contextRegion": { "startLine": 410, "endLine": 416, "snippet": { "text": "\ttry\n\t{\n\t Connection connection = DatabaseUtilities.makeConnection();\n\t if (connection == null)\n\t {\n\t\treturn null;\n\t }\n" } } }, "message": { "text": "Branch not taken" } }, "kinds": [ "branch", "false" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 130 }, "region": { "startLine": 418, "snippet": { "text": "" } }, "contextRegion": { "startLine": 415, "endLine": 420, "snippet": { "text": "\t\treturn null;\n\t }\n\t PreparedStatement ps = connection\n\t\t .prepareStatement(\"SELECT * FROM user_data WHERE userid = ?\");\n\t ps.setInt(1, id);\n\t try\n" } } }, "message": { "text": "ps = connection.prepareStatement(...)" }, "annotations": [ { "startLine": 417, "startColumn": 6, "message": { "text": "ps refers to a database command" } } ] }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 130 }, "region": { "startLine": 419, "snippet": { "text": "\t ps.setInt(1, id);" } }, "contextRegion": { "startLine": 416, "endLine": 422, "snippet": { "text": "\t }\n\t PreparedStatement ps = connection\n\t\t .prepareStatement(\"SELECT * FROM user_data WHERE userid = ?\");\n\t ps.setInt(1, id);\n\t try\n\t {\n\t\tResultSet results = ps.executeQuery();\n" } } }, "message": { "text": "java.lang.Exception thrown" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 130 }, "region": { "startLine": 419, "snippet": { "text": "\t ps.setInt(1, id);" } }, "contextRegion": { "startLine": 416, "endLine": 422, "snippet": { "text": "\t }\n\t PreparedStatement ps = connection\n\t\t .prepareStatement(\"SELECT * FROM user_data WHERE userid = ?\");\n\t ps.setInt(1, id);\n\t try\n\t {\n\t\tResultSet results = ps.executeQuery();\n" } } }, "message": { "text": "ps no longer refers to a database command" } }, "kinds": [ "exit", "scope" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 130 }, "region": { "startLine": 419, "snippet": { "text": "\t ps.setInt(1, id);" } }, "contextRegion": { "startLine": 416, "endLine": 422, "snippet": { "text": "\t }\n\t PreparedStatement ps = connection\n\t\t .prepareStatement(\"SELECT * FROM user_data WHERE userid = ?\");\n\t ps.setInt(1, id);\n\t try\n\t {\n\t\tResultSet results = ps.executeQuery();\n" } } }, "message": { "text": "connection end scope : Database resource leaked : java.lang.Exception thrown" } }, "kinds": [ "exit", "scope" ] } ] } ] }, { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 130 }, "region": { "startLine": 412, "snippet": { "text": "\t Connection connection = DatabaseUtilities.makeConnection();" } }, "contextRegion": { "startLine": 409, "endLine": 415, "snippet": { "text": " {\n\ttry\n\t{\n\t Connection connection = DatabaseUtilities.makeConnection();\n\t if (connection == null)\n\t {\n\t\treturn null;\n" } } }, "message": { "text": "connection = makeConnection()" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 130 }, "region": { "startLine": 413, "snippet": { "text": "\t if (connection == null)" } }, "contextRegion": { "startLine": 410, "endLine": 416, "snippet": { "text": "\ttry\n\t{\n\t Connection connection = DatabaseUtilities.makeConnection();\n\t if (connection == null)\n\t {\n\t\treturn null;\n\t }\n" } } }, "message": { "text": "Branch not taken" } }, "kinds": [ "branch", "false" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 130 }, "region": { "startLine": 418, "snippet": { "text": "" } }, "contextRegion": { "startLine": 415, "endLine": 420, "snippet": { "text": "\t\treturn null;\n\t }\n\t PreparedStatement ps = connection\n\t\t .prepareStatement(\"SELECT * FROM user_data WHERE userid = ?\");\n\t ps.setInt(1, id);\n\t try\n" } } }, "message": { "text": "ps = connection.prepareStatement(...)" }, "annotations": [ { "startLine": 417, "startColumn": 6, "message": { "text": "ps refers to a database command" } } ] }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 130 }, "region": { "startLine": 422, "snippet": { "text": "\t\tResultSet results = ps.executeQuery();" } }, "contextRegion": { "startLine": 419, "endLine": 425, "snippet": { "text": "\t ps.setInt(1, id);\n\t try\n\t {\n\t\tResultSet results = ps.executeQuery();\n\t\tif ((results != null) && (results.next() == true))\n\t\t{\n\t\t return results.getString(field);\n" } } }, "message": { "text": "java.sql.SQLException thrown" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 130 }, "region": { "startLine": 430, "snippet": { "text": "\t}" } }, "contextRegion": { "startLine": 427, "endLine": 433, "snippet": { "text": "\t }\n\t catch (SQLException sqle)\n\t {}\n\t}\n\tcatch (Exception e)\n\t{}\n\treturn null;\n" } } }, "message": { "text": "ps no longer refers to a database command" } }, "kinds": [ "exit", "scope" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 130 }, "region": { "startLine": 430, "snippet": { "text": "\t}" } }, "contextRegion": { "startLine": 427, "endLine": 433, "snippet": { "text": "\t }\n\t catch (SQLException sqle)\n\t {}\n\t}\n\tcatch (Exception e)\n\t{}\n\treturn null;\n" } } }, "message": { "text": "connection end scope : Database resource leaked" } }, "kinds": [ "exit", "scope" ] } ] } ] }, { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 130 }, "region": { "startLine": 412, "snippet": { "text": "\t Connection connection = DatabaseUtilities.makeConnection();" } }, "contextRegion": { "startLine": 409, "endLine": 415, "snippet": { "text": " {\n\ttry\n\t{\n\t Connection connection = DatabaseUtilities.makeConnection();\n\t if (connection == null)\n\t {\n\t\treturn null;\n" } } }, "message": { "text": "connection = makeConnection()" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 130 }, "region": { "startLine": 413, "snippet": { "text": "\t if (connection == null)" } }, "contextRegion": { "startLine": 410, "endLine": 416, "snippet": { "text": "\ttry\n\t{\n\t Connection connection = DatabaseUtilities.makeConnection();\n\t if (connection == null)\n\t {\n\t\treturn null;\n\t }\n" } } }, "message": { "text": "Branch not taken" } }, "kinds": [ "branch", "false" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 130 }, "region": { "startLine": 418, "snippet": { "text": "" } }, "contextRegion": { "startLine": 415, "endLine": 420, "snippet": { "text": "\t\treturn null;\n\t }\n\t PreparedStatement ps = connection\n\t\t .prepareStatement(\"SELECT * FROM user_data WHERE userid = ?\");\n\t ps.setInt(1, id);\n\t try\n" } } }, "message": { "text": "ps = connection.prepareStatement(...)" }, "annotations": [ { "startLine": 417, "startColumn": 6, "message": { "text": "ps refers to a database command" } } ] }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 130 }, "region": { "startLine": 423, "snippet": { "text": "\t\tif ((results != null) && (results.next() == true))" } }, "contextRegion": { "startLine": 420, "endLine": 426, "snippet": { "text": "\t try\n\t {\n\t\tResultSet results = ps.executeQuery();\n\t\tif ((results != null) && (results.next() == true))\n\t\t{\n\t\t return results.getString(field);\n\t\t}\n" } } }, "message": { "text": "Branch taken" } }, "kinds": [ "branch", "true" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 130 }, "region": { "startLine": 423, "snippet": { "text": "\t\tif ((results != null) && (results.next() == true))" } }, "contextRegion": { "startLine": 420, "endLine": 426, "snippet": { "text": "\t try\n\t {\n\t\tResultSet results = ps.executeQuery();\n\t\tif ((results != null) && (results.next() == true))\n\t\t{\n\t\t return results.getString(field);\n\t\t}\n" } } }, "message": { "text": "Branch taken" } }, "kinds": [ "branch", "true" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 130 }, "region": { "startLine": 425, "snippet": { "text": "\t\t return results.getString(field);" } }, "contextRegion": { "startLine": 422, "endLine": 428, "snippet": { "text": "\t\tResultSet results = ps.executeQuery();\n\t\tif ((results != null) && (results.next() == true))\n\t\t{\n\t\t return results.getString(field);\n\t\t}\n\t }\n\t catch (SQLException sqle)\n" } } }, "message": { "text": "return" } }, "kinds": [ "return", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 130 }, "region": { "startLine": 425, "snippet": { "text": "\t\t return results.getString(field);" } }, "contextRegion": { "startLine": 422, "endLine": 428, "snippet": { "text": "\t\tResultSet results = ps.executeQuery();\n\t\tif ((results != null) && (results.next() == true))\n\t\t{\n\t\t return results.getString(field);\n\t\t}\n\t }\n\t catch (SQLException sqle)\n" } } }, "message": { "text": "ps no longer refers to a database command" } }, "kinds": [ "exit", "scope" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 130 }, "region": { "startLine": 425, "snippet": { "text": "\t\t return results.getString(field);" } }, "contextRegion": { "startLine": 422, "endLine": 428, "snippet": { "text": "\t\tResultSet results = ps.executeQuery();\n\t\tif ((results != null) && (results.next() == true))\n\t\t{\n\t\t return results.getString(field);\n\t\t}\n\t }\n\t catch (SQLException sqle)\n" } } }, "message": { "text": "connection end scope : Database resource leaked" } }, "kinds": [ "exit", "scope" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 130 }, "region": { "startLine": 418 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 62, "level": "error", "message": { "text": "The method createContent() in [JavaScriptValidation.java](1) sends unvalidated data to a web browser on line [156](1), which can result in the browser executing malicious code.\r\nSending unvalidated data to a web browser can result in the browser executing malicious code." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 8 }, "region": { "startLine": 156, "snippet": { "text": "\t TextArea input6 = new TextArea(\"field6\", 1, 25).addElement(param6);" } }, "contextRegion": { "startLine": 153, "endLine": 159, "snippet": { "text": "\t TextArea input3 = new TextArea(\"field3\", 1, 25).addElement(param3);\n\t TextArea input4 = new TextArea(\"field4\", 1, 25).addElement(param4);\n\t TextArea input5 = new TextArea(\"field5\", 1, 25).addElement(param5);\n\t TextArea input6 = new TextArea(\"field6\", 1, 25).addElement(param6);\n\t TextArea input7 = new TextArea(\"field7\", 1, 25).addElement(param7);\n\n\t Input b = new Input();\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 0 }, { "index": 2 }, { "index": 3 }, { "index": 7 }, { "index": 10 }, { "index": 11 }, { "index": 12 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 8 }, "region": { "startLine": 156, "snippet": { "text": "\t TextArea input6 = new TextArea(\"field6\", 1, 25).addElement(param6);" } }, "contextRegion": { "startLine": 153, "endLine": 159, "snippet": { "text": "\t TextArea input3 = new TextArea(\"field3\", 1, 25).addElement(param3);\n\t TextArea input4 = new TextArea(\"field4\", 1, 25).addElement(param4);\n\t TextArea input5 = new TextArea(\"field5\", 1, 25).addElement(param5);\n\t TextArea input6 = new TextArea(\"field6\", 1, 25).addElement(param6);\n\t TextArea input7 = new TextArea(\"field7\", 1, 25).addElement(param7);\n\n\t Input b = new Input();\n" } } }, "message": { "text": "addElement(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 8 }, "region": { "startLine": 156, "startColumn": 65 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function handleRequest() in [SilentTransactions.java](1) might reveal system data or debugging information by calling printStackTrace() on line [117](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 10 }, "region": { "startLine": 117, "snippet": { "text": "\t ex.printStackTrace();" } }, "contextRegion": { "startLine": 114, "endLine": 120, "snippet": { "text": "\t}\n\tcatch (Exception ex)\n\t{\n\t ex.printStackTrace();\n\t}\n\n\tForm form = new Form(getFormAction(), Form.POST).setName(\"form\")\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 10 }, "region": { "startLine": 117, "snippet": { "text": "\t ex.printStackTrace();" } }, "contextRegion": { "startLine": 114, "endLine": 120, "snippet": { "text": "\t}\n\tcatch (Exception ex)\n\t{\n\t ex.printStackTrace();\n\t}\n\n\tForm form = new Form(getFormAction(), Form.POST).setName(\"form\")\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 10 }, "region": { "startLine": 117 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 63, "message": { "text": "The method getHints() in [SoapRequest.java](1) ignores the value returned by replaceAll() on line [140](1), which could cause the program to overlook unexpected states and conditions.\r\nIgnoring a method's return value can cause the program to overlook unexpected states and conditions." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 130 }, "region": { "startLine": 140, "snippet": { "text": "\tsoapEnv.replaceAll(\"(?s) \", \" \");" } }, "contextRegion": { "startLine": 137, "endLine": 143, "snippet": { "text": "\t\t+ \"  </SOAP-ENV:Body>
\"\n\t\t+ \"</SOAP-ENV:Envelope>

\"\n\t\t+ \"Intercept the HTTP request and try to create a SOAP request.\";\n\tsoapEnv.replaceAll(\"(?s) \", \" \");\n\thints.add(soapEnv);\n\n\treturn hints;\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 130 }, "region": { "startLine": 140, "snippet": { "text": "\tsoapEnv.replaceAll(\"(?s) \", \" \");" } }, "contextRegion": { "startLine": 137, "endLine": 143, "snippet": { "text": "\t\t+ \"  </SOAP-ENV:Body>
\"\n\t\t+ \"</SOAP-ENV:Envelope>

\"\n\t\t+ \"Intercept the HTTP request and try to create a SOAP request.\";\n\tsoapEnv.replaceAll(\"(?s) \", \" \");\n\thints.add(soapEnv);\n\n\treturn hints;\n" } } }, "message": { "text": "replaceAll()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 130 }, "region": { "startLine": 140 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 17, "message": { "text": "The catch block at [UncheckedEmail.java](1) line [193](1) handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program.\r\nThe catch block handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 91 }, "region": { "startLine": 193, "endLine": 197, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\r\n\t e.printStackTrace();\r\n\t}" } }, "contextRegion": { "startLine": 190, "endLine": 200, "snippet": { "text": "\t\tmakeSuccess(s);\n\t }\n\t}\n\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\n\t e.printStackTrace();\n\t}\n\treturn (ec);\n }\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 91 }, "region": { "startLine": 193, "endLine": 197, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\r\n\t e.printStackTrace();\r\n\t}" } }, "contextRegion": { "startLine": 190, "endLine": 200, "snippet": { "text": "\t\tmakeSuccess(s);\n\t }\n\t}\n\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\n\t e.printStackTrace();\n\t}\n\treturn (ec);\n }\n\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 91 }, "region": { "startLine": 193, "startColumn": 2, "endLine": 197 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 142, "message": { "text": "The call to equals() on line [102](1) causes portability problems because it has different locales which may lead to unexpected output. This may also circumvent custom validation routines.\r\nUnexpected portability problems can be found when the locale is not specified." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 102, "snippet": { "text": "\t\t\t\t.toLowerCase().equals(\"netstat -a #\")" } }, "contextRegion": { "startLine": 99, "endLine": 105, "snippet": { "text": "\t\t\t.substring(index, helpFileLen).trim().toLowerCase()\n\t\t\t.equals(\"ipconfig\")))\n\t\t\t|| (helpFile.substring(index, helpFileLen).trim()\n\t\t\t\t.toLowerCase().equals(\"netstat -a #\")\n\t\t\t\t|| helpFile.substring(index, helpFileLen)\n\t\t\t\t\t.trim().toLowerCase().equals(\"dir #\")\n\t\t\t\t|| helpFile.substring(index, helpFileLen)\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 77, "snippet": { "text": "\t if (s.isDefuseOSCommands()" } }, "contextRegion": { "startLine": 74, "endLine": 80, "snippet": { "text": "\t String helpFile = s.getParser().getRawParameter(HELP_FILE,\n\t\t \"BasicAuthentication.help\");\n\t String safeDirName;\n\t if (s.isDefuseOSCommands()\n\t\t && (helpFile.indexOf('&') != -1 || helpFile.indexOf(';') != -1))\n\t {\n\t\tint index = helpFile.indexOf('&');\n" } } }, "message": { "text": "Branch taken" } }, "kinds": [ "branch", "true" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 78, "snippet": { "text": "\t\t && (helpFile.indexOf('&') != -1 || helpFile.indexOf(';') != -1))" } }, "contextRegion": { "startLine": 75, "endLine": 81, "snippet": { "text": "\t\t \"BasicAuthentication.help\");\n\t String safeDirName;\n\t if (s.isDefuseOSCommands()\n\t\t && (helpFile.indexOf('&') != -1 || helpFile.indexOf(';') != -1))\n\t {\n\t\tint index = helpFile.indexOf('&');\n\t\tif (index == -1)\n" } } }, "message": { "text": "Branch taken" } }, "kinds": [ "branch", "true" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 90, "snippet": { "text": "\t\tif ((osName.indexOf(\"Windows\") != -1 && (helpFile.substring(" } }, "contextRegion": { "startLine": 87, "endLine": 93, "snippet": { "text": "\t\tSystem.out.println(\"Command = [\"\n\t\t\t+ helpFile.substring(index, helpFileLen).trim()\n\t\t\t\t.toLowerCase() + \"]\");\n\t\tif ((osName.indexOf(\"Windows\") != -1 && (helpFile.substring(\n\t\t\tindex, helpFileLen).trim().toLowerCase().equals(\n\t\t\t\"netstat -a\")\n\t\t\t|| helpFile.substring(index, helpFileLen).trim()\n" } } }, "message": { "text": "Branch not taken" } }, "kinds": [ "branch", "false" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 102, "snippet": { "text": "\t\t\t\t.toLowerCase().equals(\"netstat -a #\")" } }, "contextRegion": { "startLine": 99, "endLine": 105, "snippet": { "text": "\t\t\t.substring(index, helpFileLen).trim().toLowerCase()\n\t\t\t.equals(\"ipconfig\")))\n\t\t\t|| (helpFile.substring(index, helpFileLen).trim()\n\t\t\t\t.toLowerCase().equals(\"netstat -a #\")\n\t\t\t\t|| helpFile.substring(index, helpFileLen)\n\t\t\t\t\t.trim().toLowerCase().equals(\"dir #\")\n\t\t\t\t|| helpFile.substring(index, helpFileLen)\n" } } }, "message": { "text": "toLowerCase() : Case changed using default locale" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 102, "snippet": { "text": "\t\t\t\t.toLowerCase().equals(\"netstat -a #\")" } }, "contextRegion": { "startLine": 99, "endLine": 105, "snippet": { "text": "\t\t\t.substring(index, helpFileLen).trim().toLowerCase()\n\t\t\t.equals(\"ipconfig\")))\n\t\t\t|| (helpFile.substring(index, helpFileLen).trim()\n\t\t\t\t.toLowerCase().equals(\"netstat -a #\")\n\t\t\t\t|| helpFile.substring(index, helpFileLen)\n\t\t\t\t\t.trim().toLowerCase().equals(\"dir #\")\n\t\t\t\t|| helpFile.substring(index, helpFileLen)\n" } } }, "message": { "text": "helpFile.substring(index, helpFileLen).trim().toLowerCase().equals(...) : Comparison without checking locale" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 102 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 49, "level": "note", "message": { "text": "The function main() in [Exec.java](1) might reveal system data or debugging information by calling println() on line [513](1). The information revealed by println() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 74 }, "region": { "startLine": 513, "snippet": { "text": "\tSystem.out.println(results);" } }, "contextRegion": { "startLine": 510, "endLine": 516, "snippet": { "text": "\tSystem.out.println(\"-------------------------------------------\" + sep\n\t\t+ \"TEST 2: execSimple (with search)\");\n\tresults = Exec.execSimple(\"netstat -r\");\n\tSystem.out.println(results);\n\n\tif (results.outputContains(\"localhost:1031\"))\n\t{\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 21 }, { "index": 22 }, { "index": 24 }, { "index": 25 }, { "index": 26 }, { "index": 29 }, { "index": 30 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 74 }, "region": { "startLine": 513, "snippet": { "text": "\tSystem.out.println(results);" } }, "contextRegion": { "startLine": 510, "endLine": 516, "snippet": { "text": "\tSystem.out.println(\"-------------------------------------------\" + sep\n\t\t+ \"TEST 2: execSimple (with search)\");\n\tresults = Exec.execSimple(\"netstat -r\");\n\tSystem.out.println(results);\n\n\tif (results.outputContains(\"localhost:1031\"))\n\t{\n" } } }, "message": { "text": "println(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 74 }, "region": { "startLine": 513, "startColumn": 21 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 49, "level": "note", "message": { "text": "The function main() in [Exec.java](1) might reveal system data or debugging information by calling println() on line [524](1). The information revealed by println() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 74 }, "region": { "startLine": 524, "snippet": { "text": "\tSystem.out.println(results);" } }, "contextRegion": { "startLine": 521, "endLine": 527, "snippet": { "text": "\t\t+ \"TEST 3: execInput\");\n\tresults = Exec.execInput(\"find \\\"cde\\\"\",\n\t\t\"abcdefg1\\nhijklmnop\\nqrstuv\\nabcdefg2\");\n\tSystem.out.println(results);\n\tSystem.out.println(\"-------------------------------------------\" + sep\n\t\t+ \"TEST 4:execTimeout\");\n\tresults = Exec.execTimeout(\"ping -t 127.0.0.1\", 5 * 1000);\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 21 }, { "index": 22 }, { "index": 24 }, { "index": 31 }, { "index": 32 }, { "index": 33 }, { "index": 34 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 74 }, "region": { "startLine": 524, "snippet": { "text": "\tSystem.out.println(results);" } }, "contextRegion": { "startLine": 521, "endLine": 527, "snippet": { "text": "\t\t+ \"TEST 3: execInput\");\n\tresults = Exec.execInput(\"find \\\"cde\\\"\",\n\t\t\"abcdefg1\\nhijklmnop\\nqrstuv\\nabcdefg2\");\n\tSystem.out.println(results);\n\tSystem.out.println(\"-------------------------------------------\" + sep\n\t\t+ \"TEST 4:execTimeout\");\n\tresults = Exec.execTimeout(\"ping -t 127.0.0.1\", 5 * 1000);\n" } } }, "message": { "text": "println(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 74 }, "region": { "startLine": 524, "startColumn": 21 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 49, "level": "note", "message": { "text": "The function main() in [Exec.java](1) might reveal system data or debugging information by calling println() on line [528](1). The information revealed by println() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 74 }, "region": { "startLine": 528, "snippet": { "text": "\tSystem.out.println(results);" } }, "contextRegion": { "startLine": 525, "endLine": 531, "snippet": { "text": "\tSystem.out.println(\"-------------------------------------------\" + sep\n\t\t+ \"TEST 4:execTimeout\");\n\tresults = Exec.execTimeout(\"ping -t 127.0.0.1\", 5 * 1000);\n\tSystem.out.println(results);\n\tSystem.out.println(\"-------------------------------------------\" + sep\n\t\t+ \"TEST 5:execLazy\");\n\tresults = Exec.execLazy(\"ping -t 127.0.0.1\");\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 21 }, { "index": 22 }, { "index": 24 }, { "index": 35 }, { "index": 36 }, { "index": 37 }, { "index": 38 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 74 }, "region": { "startLine": 528, "snippet": { "text": "\tSystem.out.println(results);" } }, "contextRegion": { "startLine": 525, "endLine": 531, "snippet": { "text": "\tSystem.out.println(\"-------------------------------------------\" + sep\n\t\t+ \"TEST 4:execTimeout\");\n\tresults = Exec.execTimeout(\"ping -t 127.0.0.1\", 5 * 1000);\n\tSystem.out.println(results);\n\tSystem.out.println(\"-------------------------------------------\" + sep\n\t\t+ \"TEST 5:execLazy\");\n\tresults = Exec.execLazy(\"ping -t 127.0.0.1\");\n" } } }, "message": { "text": "println(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 74 }, "region": { "startLine": 528, "startColumn": 21 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 49, "level": "note", "message": { "text": "The function main() in [Exec.java](1) might reveal system data or debugging information by calling println() on line [532](1). The information revealed by println() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 74 }, "region": { "startLine": 532, "snippet": { "text": "\tSystem.out.println(results);" } }, "contextRegion": { "startLine": 529, "endLine": 535, "snippet": { "text": "\tSystem.out.println(\"-------------------------------------------\" + sep\n\t\t+ \"TEST 5:execLazy\");\n\tresults = Exec.execLazy(\"ping -t 127.0.0.1\");\n\tSystem.out.println(results);\n\tSystem.out.println(\"-------------------------------------------\" + sep\n\t\t+ \"TEST 6:ExecTimeout process never outputs\");\n\tresults = Exec.execTimeout(\"c:/swarm-2.1.1/bin/sleep.exe 20\", 5 * 1000);\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 21 }, { "index": 22 }, { "index": 24 }, { "index": 39 }, { "index": 40 }, { "index": 41 }, { "index": 42 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 74 }, "region": { "startLine": 532, "snippet": { "text": "\tSystem.out.println(results);" } }, "contextRegion": { "startLine": 529, "endLine": 535, "snippet": { "text": "\tSystem.out.println(\"-------------------------------------------\" + sep\n\t\t+ \"TEST 5:execLazy\");\n\tresults = Exec.execLazy(\"ping -t 127.0.0.1\");\n\tSystem.out.println(results);\n\tSystem.out.println(\"-------------------------------------------\" + sep\n\t\t+ \"TEST 6:ExecTimeout process never outputs\");\n\tresults = Exec.execTimeout(\"c:/swarm-2.1.1/bin/sleep.exe 20\", 5 * 1000);\n" } } }, "message": { "text": "println(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 74 }, "region": { "startLine": 532, "startColumn": 21 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 49, "level": "note", "message": { "text": "The function main() in [Exec.java](1) might reveal system data or debugging information by calling println() on line [536](1). The information revealed by println() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 74 }, "region": { "startLine": 536, "snippet": { "text": "\tSystem.out.println(results);" } }, "contextRegion": { "startLine": 533, "endLine": 539, "snippet": { "text": "\tSystem.out.println(\"-------------------------------------------\" + sep\n\t\t+ \"TEST 6:ExecTimeout process never outputs\");\n\tresults = Exec.execTimeout(\"c:/swarm-2.1.1/bin/sleep.exe 20\", 5 * 1000);\n\tSystem.out.println(results);\n\tSystem.out.println(\"-------------------------------------------\" + sep\n\t\t+ \"TEST 7:ExecTimeout process waits for input\");\n\tresults = Exec.execTimeout(\"c:/swarm-2.1.1/bin/cat\", 5 * 1000);\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 21 }, { "index": 22 }, { "index": 24 }, { "index": 35 }, { "index": 36 }, { "index": 43 }, { "index": 46 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 74 }, "region": { "startLine": 536, "snippet": { "text": "\tSystem.out.println(results);" } }, "contextRegion": { "startLine": 533, "endLine": 539, "snippet": { "text": "\tSystem.out.println(\"-------------------------------------------\" + sep\n\t\t+ \"TEST 6:ExecTimeout process never outputs\");\n\tresults = Exec.execTimeout(\"c:/swarm-2.1.1/bin/sleep.exe 20\", 5 * 1000);\n\tSystem.out.println(results);\n\tSystem.out.println(\"-------------------------------------------\" + sep\n\t\t+ \"TEST 7:ExecTimeout process waits for input\");\n\tresults = Exec.execTimeout(\"c:/swarm-2.1.1/bin/cat\", 5 * 1000);\n" } } }, "message": { "text": "println(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 74 }, "region": { "startLine": 536, "startColumn": 21 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 49, "level": "note", "message": { "text": "The function main() in [Exec.java](1) might reveal system data or debugging information by calling println() on line [540](1). The information revealed by println() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 74 }, "region": { "startLine": 540, "snippet": { "text": "\tSystem.out.println(results);" } }, "contextRegion": { "startLine": 537, "endLine": 543, "snippet": { "text": "\tSystem.out.println(\"-------------------------------------------\" + sep\n\t\t+ \"TEST 7:ExecTimeout process waits for input\");\n\tresults = Exec.execTimeout(\"c:/swarm-2.1.1/bin/cat\", 5 * 1000);\n\tSystem.out.println(results);\n }\n}\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 21 }, { "index": 22 }, { "index": 24 }, { "index": 35 }, { "index": 36 }, { "index": 44 }, { "index": 45 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 74 }, "region": { "startLine": 540, "snippet": { "text": "\tSystem.out.println(results);" } }, "contextRegion": { "startLine": 537, "endLine": 543, "snippet": { "text": "\tSystem.out.println(\"-------------------------------------------\" + sep\n\t\t+ \"TEST 7:ExecTimeout process waits for input\");\n\tresults = Exec.execTimeout(\"c:/swarm-2.1.1/bin/cat\", 5 * 1000);\n\tSystem.out.println(results);\n }\n}\n" } } }, "message": { "text": "println(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 74 }, "region": { "startLine": 540, "startColumn": 21 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 17, "message": { "text": "The catch block at [HttpSplitting.java](1) line [134](1) handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program.\r\nThe catch block handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 135 }, "region": { "startLine": 134, "endLine": 138, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\r\n\t e.printStackTrace();\r\n\t}" } }, "contextRegion": { "startLine": 131, "endLine": 141, "snippet": { "text": "\t\t}\n\t }\n\t}\n\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\n\t e.printStackTrace();\n\t}\n\treturn (ec);\n }\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 135 }, "region": { "startLine": 134, "endLine": 138, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\r\n\t e.printStackTrace();\r\n\t}" } }, "contextRegion": { "startLine": 131, "endLine": 141, "snippet": { "text": "\t\t}\n\t }\n\t}\n\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\n\t e.printStackTrace();\n\t}\n\treturn (ec);\n }\n\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 135 }, "region": { "startLine": 134, "startColumn": 2, "endLine": 138 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 108, "level": "error", "message": { "text": "The method getStringParameter() in [ParameterParser.java](1) mishandles confidential information, which can compromise user privacy and is often illegal.\r\nMishandling private information, such as customer passwords or social security numbers, can compromise user privacy and is often illegal." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 699, "snippet": { "text": "\t throw new ParameterNotFoundException(name + \" was empty\");" } }, "contextRegion": { "startLine": 696, "endLine": 702, "snippet": { "text": "\t}\n\telse if (values[0].length() == 0)\n\t{\n\t throw new ParameterNotFoundException(name + \" was empty\");\n\t}\n\telse\n\t{\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 60 }, { "index": 61 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 699, "snippet": { "text": "\t throw new ParameterNotFoundException(name + \" was empty\");" } }, "contextRegion": { "startLine": 696, "endLine": 702, "snippet": { "text": "\t}\n\telse if (values[0].length() == 0)\n\t{\n\t throw new ParameterNotFoundException(name + \" was empty\");\n\t}\n\telse\n\t{\n" } } }, "message": { "text": "ParameterNotFoundException(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 699 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 64, "message": { "text": "Hardcoded passwords may compromise system security in a way that cannot be easily remedied." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 108, "snippet": { "text": " protected final static String PASSWORD = \"Password\";" } }, "contextRegion": { "startLine": 105, "endLine": 111, "snippet": { "text": " /**\n * Description of the Field\n */\n protected final static String PASSWORD = \"Password\";\n\n /**\n * Description of the Field\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 108, "snippet": { "text": " protected final static String PASSWORD = \"Password\";" } }, "contextRegion": { "startLine": 105, "endLine": 111, "snippet": { "text": " /**\n * Description of the Field\n */\n protected final static String PASSWORD = \"Password\";\n\n /**\n * Description of the Field\n" } } }, "message": { "text": "FieldAccess: PASSWORD" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 108, "snippet": { "text": " protected final static String PASSWORD = \"Password\";" } }, "contextRegion": { "startLine": 105, "endLine": 111, "snippet": { "text": " /**\n * Description of the Field\n */\n protected final static String PASSWORD = \"Password\";\n\n /**\n * Description of the Field\n" } } }, "message": { "text": "Field: PASSWORD" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 108 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 8, "message": { "text": "The method foundEmployee() in [FindProfile.java](1) never uses the value it assigns to the variable id on line [114](1).\r\nThe variable's value is assigned but never used, making it a dead store." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 93 }, "region": { "startLine": 114, "snippet": { "text": "\t int id = getIntRequestAttribute(s, getLessonName() + \".\"" } }, "contextRegion": { "startLine": 111, "endLine": 117, "snippet": { "text": "\tboolean found = false;\n\ttry\n\t{\n\t int id = getIntRequestAttribute(s, getLessonName() + \".\"\n\t\t + RoleBasedAccessControl.EMPLOYEE_ID);\n\t found = true;\n\t}\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 93 }, "region": { "startLine": 114, "snippet": { "text": "\t int id = getIntRequestAttribute(s, getLessonName() + \".\"" } }, "contextRegion": { "startLine": 111, "endLine": 117, "snippet": { "text": "\tboolean found = false;\n\ttry\n\t{\n\t int id = getIntRequestAttribute(s, getLessonName() + \".\"\n\t\t + RoleBasedAccessControl.EMPLOYEE_ID);\n\t found = true;\n\t}\n" } } }, "message": { "text": "VariableAccess: id" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 93 }, "region": { "startLine": 114, "snippet": { "text": "\t int id = getIntRequestAttribute(s, getLessonName() + \".\"" } }, "contextRegion": { "startLine": 111, "endLine": 117, "snippet": { "text": "\tboolean found = false;\n\ttry\n\t{\n\t int id = getIntRequestAttribute(s, getLessonName() + \".\"\n\t\t + RoleBasedAccessControl.EMPLOYEE_ID);\n\t found = true;\n\t}\n" } } }, "message": { "text": "Variable: id" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 93 }, "region": { "startLine": 114, "startColumn": 6 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 49, "level": "note", "message": { "text": "The function main() in [Exec.java](1) might reveal system data or debugging information by calling println() on line [509](1). The information revealed by println() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 74 }, "region": { "startLine": 509, "snippet": { "text": "\tSystem.out.println(results);" } }, "contextRegion": { "startLine": 506, "endLine": 512, "snippet": { "text": "\tSystem.out.println(\"-------------------------------------------\" + sep\n\t\t+ \"TEST 1: execSimple\");\n\tresults = Exec.execSimple(\"c:/swarm-2.1.1/bin/whoami.exe\");\n\tSystem.out.println(results);\n\tSystem.out.println(\"-------------------------------------------\" + sep\n\t\t+ \"TEST 2: execSimple (with search)\");\n\tresults = Exec.execSimple(\"netstat -r\");\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 21 }, { "index": 22 }, { "index": 24 }, { "index": 25 }, { "index": 26 }, { "index": 27 }, { "index": 28 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 74 }, "region": { "startLine": 509, "snippet": { "text": "\tSystem.out.println(results);" } }, "contextRegion": { "startLine": 506, "endLine": 512, "snippet": { "text": "\tSystem.out.println(\"-------------------------------------------\" + sep\n\t\t+ \"TEST 1: execSimple\");\n\tresults = Exec.execSimple(\"c:/swarm-2.1.1/bin/whoami.exe\");\n\tSystem.out.println(results);\n\tSystem.out.println(\"-------------------------------------------\" + sep\n\t\t+ \"TEST 2: execSimple (with search)\");\n\tresults = Exec.execSimple(\"netstat -r\");\n" } } }, "message": { "text": "println(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 74 }, "region": { "startLine": 509, "startColumn": 21 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function getAllEmployees() in [ListStaff.java](1) might reveal system data or debugging information by calling printStackTrace() on line [115](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 108 }, "region": { "startLine": 115, "snippet": { "text": "\t\tsqle.printStackTrace();" } }, "contextRegion": { "startLine": 112, "endLine": 118, "snippet": { "text": "\t catch (SQLException sqle)\n\t {\n\t\ts.setMessage(\"Error getting employees\");\n\t\tsqle.printStackTrace();\n\t }\n\t}\n\tcatch (Exception e)\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 108 }, "region": { "startLine": 115, "snippet": { "text": "\t\tsqle.printStackTrace();" } }, "contextRegion": { "startLine": 112, "endLine": 118, "snippet": { "text": "\t catch (SQLException sqle)\n\t {\n\t\ts.setMessage(\"Error getting employees\");\n\t\tsqle.printStackTrace();\n\t }\n\t}\n\tcatch (Exception e)\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 108 }, "region": { "startLine": 115 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 23, "level": "error", "message": { "text": "Without proper access control, the method getEmployeeProfile() in [EditProfile.java](1) can execute a SQL statement on line [96](1) that contains an attacker-controlled primary key, thereby allowing the attacker to access unauthorized records.\r\nWithout proper access control, executing a SQL statement that contains a user-controlled primary key can allow an attacker to view unauthorized records." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 138 }, "region": { "startLine": 96, "snippet": { "text": "\t\tanswer_statement.setInt(1, subjectUserId);" } }, "contextRegion": { "startLine": 93, "endLine": 99, "snippet": { "text": "\t\t\t.getConnection(s).prepareStatement(query,\n\t\t\t\tResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tanswer_statement.setInt(1, subjectUserId);\n\t\tResultSet answer_results = answer_statement.executeQuery();\n\t\tif (answer_results.next())\n\t\t{\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 67 }, { "index": 68 }, { "index": 69 }, { "index": 70 }, { "index": 76 }, { "index": 77 }, { "index": 78 }, { "index": 79 }, { "index": 80 }, { "index": 81 }, { "index": 82 }, { "index": 83 }, { "index": 84 }, { "index": 85 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 138 }, "region": { "startLine": 96, "snippet": { "text": "\t\tanswer_statement.setInt(1, subjectUserId);" } }, "contextRegion": { "startLine": 93, "endLine": 99, "snippet": { "text": "\t\t\t.getConnection(s).prepareStatement(query,\n\t\t\t\tResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tanswer_statement.setInt(1, subjectUserId);\n\t\tResultSet answer_results = answer_statement.executeQuery();\n\t\tif (answer_results.next())\n\t\t{\n" } } }, "message": { "text": "setInt(1)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 138 }, "region": { "startLine": 96, "startColumn": 30 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 18, "level": "error", "message": { "text": "The method _jspService() in [main.jsp](1) sends unvalidated data to a web browser on line [163](1), which can result in the browser executing malicious code.\r\nSending unvalidated data to a web browser can result in the browser executing malicious code." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 84 }, "region": { "startLine": 163, "snippet": { "text": "\t\t\t \t
\">Restart this Lesson
" } }, "contextRegion": { "startLine": 160, "endLine": 166, "snippet": { "text": "\t\t\t if (currentLesson != null)\n\t\t\t {\n\t\t\t \t%>\n\t\t\t \t
\">Restart this Lesson
\n\t \t\t\t<%\n\t \t\t\t}\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 47 }, { "index": 48 }, { "index": 49 }, { "index": 50 }, { "index": 58 }, { "index": 59 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 84 }, "region": { "startLine": 163, "snippet": { "text": "\t\t\t \t
\">Restart this Lesson
" } }, "contextRegion": { "startLine": 160, "endLine": 166, "snippet": { "text": "\t\t\t if (currentLesson != null)\n\t\t\t {\n\t\t\t \t%>\n\t\t\t \t
\">Restart this Lesson
\n\t \t\t\t<%\n\t \t\t\t}\n\n" } } }, "message": { "text": "print(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 84 }, "region": { "startLine": 163 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 49, "level": "note", "message": { "text": "The function makeConnection() in [DatabaseUtilities.java](1) might reveal system data or debugging information by calling println() on line [95](1). The information revealed by println() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 17 }, "region": { "startLine": 95, "snippet": { "text": "\t\tSystem.out.println(\"DBName: \" + dbName);" } }, "contextRegion": { "startLine": 92, "endLine": 98, "snippet": { "text": "\t if (os.toLowerCase().indexOf(\"window\") != -1)\n\t {\n\t\tdbName = dbName.concat(\"webgoat.mdb\");\n\t\tSystem.out.println(\"DBName: \" + dbName);\n\t\tClass.forName(\"sun.jdbc.odbc.JdbcOdbcDriver\");\n\t\treturn DriverManager\n\t\t\t.getConnection(\"jdbc:odbc:;DRIVER=Microsoft Access Driver (*.mdb);DBQ=\"\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 98 }, { "index": 99 }, { "index": 100 }, { "index": 101 }, { "index": 102 }, { "index": 103 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 17 }, "region": { "startLine": 95, "snippet": { "text": "\t\tSystem.out.println(\"DBName: \" + dbName);" } }, "contextRegion": { "startLine": 92, "endLine": 98, "snippet": { "text": "\t if (os.toLowerCase().indexOf(\"window\") != -1)\n\t {\n\t\tdbName = dbName.concat(\"webgoat.mdb\");\n\t\tSystem.out.println(\"DBName: \" + dbName);\n\t\tClass.forName(\"sun.jdbc.odbc.JdbcOdbcDriver\");\n\t\treturn DriverManager\n\t\t\t.getConnection(\"jdbc:odbc:;DRIVER=Microsoft Access Driver (*.mdb);DBQ=\"\n" } } }, "message": { "text": "println(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 17 }, "region": { "startLine": 95 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 42, "message": { "text": "The method setSessionAttribute() in [DefaultLessonAction.java](1) commingles trusted and untrusted data in the same data structure, which encourages programmers to mistakenly trust unvalidated data.\r\nCommingling trusted and untrusted data in the same data structure encourages programmers to mistakenly trust unvalidated data." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 106 }, "region": { "startLine": 89, "snippet": { "text": "\t\ts.getRequest().getSession().setAttribute(name, value);" } }, "contextRegion": { "startLine": 86, "endLine": 92, "snippet": { "text": "\t\n\tpublic void setSessionAttribute(WebSession s, String name, Object value)\n\t{\n\t\ts.getRequest().getSession().setAttribute(name, value);\n\t}\n\t\n\tpublic void setRequestAttribute(WebSession s, String name, Object value)\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 104 }, { "index": 105 }, { "index": 106 }, { "index": 107 }, { "index": 108 }, { "index": 110 }, { "index": 111 }, { "index": 112 }, { "index": 113 }, { "index": 114 }, { "index": 115 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 106 }, "region": { "startLine": 89, "snippet": { "text": "\t\ts.getRequest().getSession().setAttribute(name, value);" } }, "contextRegion": { "startLine": 86, "endLine": 92, "snippet": { "text": "\t\n\tpublic void setSessionAttribute(WebSession s, String name, Object value)\n\t{\n\t\ts.getRequest().getSession().setAttribute(name, value);\n\t}\n\t\n\tpublic void setRequestAttribute(WebSession s, String name, Object value)\n" } } }, "message": { "text": "setAttribute(1)" } }, "kinds": [ "call", "function" ] } ] } ] }, { "threadFlows": [ { "locations": [ { "index": 104 }, { "index": 105 }, { "index": 116 }, { "index": 117 }, { "index": 118 }, { "index": 110 }, { "index": 111 }, { "index": 112 }, { "index": 120 }, { "index": 114 }, { "index": 115 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 106 }, "region": { "startLine": 89, "snippet": { "text": "\t\ts.getRequest().getSession().setAttribute(name, value);" } }, "contextRegion": { "startLine": 86, "endLine": 92, "snippet": { "text": "\t\n\tpublic void setSessionAttribute(WebSession s, String name, Object value)\n\t{\n\t\ts.getRequest().getSession().setAttribute(name, value);\n\t}\n\t\n\tpublic void setRequestAttribute(WebSession s, String name, Object value)\n" } } }, "message": { "text": "setAttribute(1)" } }, "kinds": [ "call", "function" ] } ] } ] }, { "threadFlows": [ { "locations": [ { "index": 104 }, { "index": 105 }, { "index": 121 }, { "index": 122 }, { "index": 123 }, { "index": 110 }, { "index": 111 }, { "index": 112 }, { "index": 125 }, { "index": 114 }, { "index": 115 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 106 }, "region": { "startLine": 89, "snippet": { "text": "\t\ts.getRequest().getSession().setAttribute(name, value);" } }, "contextRegion": { "startLine": 86, "endLine": 92, "snippet": { "text": "\t\n\tpublic void setSessionAttribute(WebSession s, String name, Object value)\n\t{\n\t\ts.getRequest().getSession().setAttribute(name, value);\n\t}\n\t\n\tpublic void setRequestAttribute(WebSession s, String name, Object value)\n" } } }, "message": { "text": "setAttribute(1)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 106 }, "region": { "startLine": 89, "startColumn": 50 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 108, "level": "error", "message": { "text": "The method getRawParameter() in [ParameterParser.java](1) mishandles confidential information, which can compromise user privacy and is often illegal.\r\nMishandling private information, such as customer passwords or social security numbers, can compromise user privacy and is often illegal." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 635, "snippet": { "text": "\t throw new ParameterNotFoundException(name + \" was empty\");" } }, "contextRegion": { "startLine": 632, "endLine": 638, "snippet": { "text": "\t}\n\telse if (values[0].length() == 0)\n\t{\n\t throw new ParameterNotFoundException(name + \" was empty\");\n\t}\n\n\treturn (values[0]);\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 126 }, { "index": 127 }, { "index": 128 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 635, "snippet": { "text": "\t throw new ParameterNotFoundException(name + \" was empty\");" } }, "contextRegion": { "startLine": 632, "endLine": 638, "snippet": { "text": "\t}\n\telse if (values[0].length() == 0)\n\t{\n\t throw new ParameterNotFoundException(name + \" was empty\");\n\t}\n\n\treturn (values[0]);\n" } } }, "message": { "text": "ParameterNotFoundException(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 635 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 142, "message": { "text": "The call to equals() on line [98](1) causes portability problems because it has different locales which may lead to unexpected output. This may also circumvent custom validation routines.\r\nUnexpected portability problems can be found when the locale is not specified." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 98, "snippet": { "text": "\t\t\t\t.toLowerCase().equals(\"ifconfig\") || helpFile" } }, "contextRegion": { "startLine": 95, "endLine": 101, "snippet": { "text": "\t\t\t|| helpFile.substring(index, helpFileLen).trim()\n\t\t\t\t.toLowerCase().equals(\"ls\")\n\t\t\t|| helpFile.substring(index, helpFileLen).trim()\n\t\t\t\t.toLowerCase().equals(\"ifconfig\") || helpFile\n\t\t\t.substring(index, helpFileLen).trim().toLowerCase()\n\t\t\t.equals(\"ipconfig\")))\n\t\t\t|| (helpFile.substring(index, helpFileLen).trim()\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 77, "snippet": { "text": "\t if (s.isDefuseOSCommands()" } }, "contextRegion": { "startLine": 74, "endLine": 80, "snippet": { "text": "\t String helpFile = s.getParser().getRawParameter(HELP_FILE,\n\t\t \"BasicAuthentication.help\");\n\t String safeDirName;\n\t if (s.isDefuseOSCommands()\n\t\t && (helpFile.indexOf('&') != -1 || helpFile.indexOf(';') != -1))\n\t {\n\t\tint index = helpFile.indexOf('&');\n" } } }, "message": { "text": "Branch taken" } }, "kinds": [ "branch", "true" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 78, "snippet": { "text": "\t\t && (helpFile.indexOf('&') != -1 || helpFile.indexOf(';') != -1))" } }, "contextRegion": { "startLine": 75, "endLine": 81, "snippet": { "text": "\t\t \"BasicAuthentication.help\");\n\t String safeDirName;\n\t if (s.isDefuseOSCommands()\n\t\t && (helpFile.indexOf('&') != -1 || helpFile.indexOf(';') != -1))\n\t {\n\t\tint index = helpFile.indexOf('&');\n\t\tif (index == -1)\n" } } }, "message": { "text": "Branch taken" } }, "kinds": [ "branch", "true" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 90, "snippet": { "text": "\t\tif ((osName.indexOf(\"Windows\") != -1 && (helpFile.substring(" } }, "contextRegion": { "startLine": 87, "endLine": 93, "snippet": { "text": "\t\tSystem.out.println(\"Command = [\"\n\t\t\t+ helpFile.substring(index, helpFileLen).trim()\n\t\t\t\t.toLowerCase() + \"]\");\n\t\tif ((osName.indexOf(\"Windows\") != -1 && (helpFile.substring(\n\t\t\tindex, helpFileLen).trim().toLowerCase().equals(\n\t\t\t\"netstat -a\")\n\t\t\t|| helpFile.substring(index, helpFileLen).trim()\n" } } }, "message": { "text": "Branch taken" } }, "kinds": [ "branch", "true" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 91, "snippet": { "text": "\t\t\tindex, helpFileLen).trim().toLowerCase().equals(" } }, "contextRegion": { "startLine": 88, "endLine": 94, "snippet": { "text": "\t\t\t+ helpFile.substring(index, helpFileLen).trim()\n\t\t\t\t.toLowerCase() + \"]\");\n\t\tif ((osName.indexOf(\"Windows\") != -1 && (helpFile.substring(\n\t\t\tindex, helpFileLen).trim().toLowerCase().equals(\n\t\t\t\"netstat -a\")\n\t\t\t|| helpFile.substring(index, helpFileLen).trim()\n\t\t\t\t.toLowerCase().equals(\"dir\")\n" } } }, "message": { "text": "Branch not taken" } }, "kinds": [ "branch", "false" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 94, "snippet": { "text": "\t\t\t\t.toLowerCase().equals(\"dir\")" } }, "contextRegion": { "startLine": 91, "endLine": 97, "snippet": { "text": "\t\t\tindex, helpFileLen).trim().toLowerCase().equals(\n\t\t\t\"netstat -a\")\n\t\t\t|| helpFile.substring(index, helpFileLen).trim()\n\t\t\t\t.toLowerCase().equals(\"dir\")\n\t\t\t|| helpFile.substring(index, helpFileLen).trim()\n\t\t\t\t.toLowerCase().equals(\"ls\")\n\t\t\t|| helpFile.substring(index, helpFileLen).trim()\n" } } }, "message": { "text": "Branch not taken" } }, "kinds": [ "branch", "false" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 96, "snippet": { "text": "\t\t\t\t.toLowerCase().equals(\"ls\")" } }, "contextRegion": { "startLine": 93, "endLine": 99, "snippet": { "text": "\t\t\t|| helpFile.substring(index, helpFileLen).trim()\n\t\t\t\t.toLowerCase().equals(\"dir\")\n\t\t\t|| helpFile.substring(index, helpFileLen).trim()\n\t\t\t\t.toLowerCase().equals(\"ls\")\n\t\t\t|| helpFile.substring(index, helpFileLen).trim()\n\t\t\t\t.toLowerCase().equals(\"ifconfig\") || helpFile\n\t\t\t.substring(index, helpFileLen).trim().toLowerCase()\n" } } }, "message": { "text": "Branch not taken" } }, "kinds": [ "branch", "false" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 98, "snippet": { "text": "\t\t\t\t.toLowerCase().equals(\"ifconfig\") || helpFile" } }, "contextRegion": { "startLine": 95, "endLine": 101, "snippet": { "text": "\t\t\t|| helpFile.substring(index, helpFileLen).trim()\n\t\t\t\t.toLowerCase().equals(\"ls\")\n\t\t\t|| helpFile.substring(index, helpFileLen).trim()\n\t\t\t\t.toLowerCase().equals(\"ifconfig\") || helpFile\n\t\t\t.substring(index, helpFileLen).trim().toLowerCase()\n\t\t\t.equals(\"ipconfig\")))\n\t\t\t|| (helpFile.substring(index, helpFileLen).trim()\n" } } }, "message": { "text": "toLowerCase() : Case changed using default locale" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 98, "snippet": { "text": "\t\t\t\t.toLowerCase().equals(\"ifconfig\") || helpFile" } }, "contextRegion": { "startLine": 95, "endLine": 101, "snippet": { "text": "\t\t\t|| helpFile.substring(index, helpFileLen).trim()\n\t\t\t\t.toLowerCase().equals(\"ls\")\n\t\t\t|| helpFile.substring(index, helpFileLen).trim()\n\t\t\t\t.toLowerCase().equals(\"ifconfig\") || helpFile\n\t\t\t.substring(index, helpFileLen).trim().toLowerCase()\n\t\t\t.equals(\"ipconfig\")))\n\t\t\t|| (helpFile.substring(index, helpFileLen).trim()\n" } } }, "message": { "text": "helpFile.substring(index, helpFileLen).trim().toLowerCase().equals(...) : Comparison without checking locale" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 98 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 142, "message": { "text": "The call to equals() on line [94](1) causes portability problems because it has different locales which may lead to unexpected output. This may also circumvent custom validation routines.\r\nUnexpected portability problems can be found when the locale is not specified." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 94, "snippet": { "text": "\t\t\t\t.toLowerCase().equals(\"dir\")" } }, "contextRegion": { "startLine": 91, "endLine": 97, "snippet": { "text": "\t\t\tindex, helpFileLen).trim().toLowerCase().equals(\n\t\t\t\"netstat -a\")\n\t\t\t|| helpFile.substring(index, helpFileLen).trim()\n\t\t\t\t.toLowerCase().equals(\"dir\")\n\t\t\t|| helpFile.substring(index, helpFileLen).trim()\n\t\t\t\t.toLowerCase().equals(\"ls\")\n\t\t\t|| helpFile.substring(index, helpFileLen).trim()\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 77, "snippet": { "text": "\t if (s.isDefuseOSCommands()" } }, "contextRegion": { "startLine": 74, "endLine": 80, "snippet": { "text": "\t String helpFile = s.getParser().getRawParameter(HELP_FILE,\n\t\t \"BasicAuthentication.help\");\n\t String safeDirName;\n\t if (s.isDefuseOSCommands()\n\t\t && (helpFile.indexOf('&') != -1 || helpFile.indexOf(';') != -1))\n\t {\n\t\tint index = helpFile.indexOf('&');\n" } } }, "message": { "text": "Branch taken" } }, "kinds": [ "branch", "true" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 78, "snippet": { "text": "\t\t && (helpFile.indexOf('&') != -1 || helpFile.indexOf(';') != -1))" } }, "contextRegion": { "startLine": 75, "endLine": 81, "snippet": { "text": "\t\t \"BasicAuthentication.help\");\n\t String safeDirName;\n\t if (s.isDefuseOSCommands()\n\t\t && (helpFile.indexOf('&') != -1 || helpFile.indexOf(';') != -1))\n\t {\n\t\tint index = helpFile.indexOf('&');\n\t\tif (index == -1)\n" } } }, "message": { "text": "Branch taken" } }, "kinds": [ "branch", "true" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 90, "snippet": { "text": "\t\tif ((osName.indexOf(\"Windows\") != -1 && (helpFile.substring(" } }, "contextRegion": { "startLine": 87, "endLine": 93, "snippet": { "text": "\t\tSystem.out.println(\"Command = [\"\n\t\t\t+ helpFile.substring(index, helpFileLen).trim()\n\t\t\t\t.toLowerCase() + \"]\");\n\t\tif ((osName.indexOf(\"Windows\") != -1 && (helpFile.substring(\n\t\t\tindex, helpFileLen).trim().toLowerCase().equals(\n\t\t\t\"netstat -a\")\n\t\t\t|| helpFile.substring(index, helpFileLen).trim()\n" } } }, "message": { "text": "Branch taken" } }, "kinds": [ "branch", "true" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 91, "snippet": { "text": "\t\t\tindex, helpFileLen).trim().toLowerCase().equals(" } }, "contextRegion": { "startLine": 88, "endLine": 94, "snippet": { "text": "\t\t\t+ helpFile.substring(index, helpFileLen).trim()\n\t\t\t\t.toLowerCase() + \"]\");\n\t\tif ((osName.indexOf(\"Windows\") != -1 && (helpFile.substring(\n\t\t\tindex, helpFileLen).trim().toLowerCase().equals(\n\t\t\t\"netstat -a\")\n\t\t\t|| helpFile.substring(index, helpFileLen).trim()\n\t\t\t\t.toLowerCase().equals(\"dir\")\n" } } }, "message": { "text": "Branch not taken" } }, "kinds": [ "branch", "false" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 94, "snippet": { "text": "\t\t\t\t.toLowerCase().equals(\"dir\")" } }, "contextRegion": { "startLine": 91, "endLine": 97, "snippet": { "text": "\t\t\tindex, helpFileLen).trim().toLowerCase().equals(\n\t\t\t\"netstat -a\")\n\t\t\t|| helpFile.substring(index, helpFileLen).trim()\n\t\t\t\t.toLowerCase().equals(\"dir\")\n\t\t\t|| helpFile.substring(index, helpFileLen).trim()\n\t\t\t\t.toLowerCase().equals(\"ls\")\n\t\t\t|| helpFile.substring(index, helpFileLen).trim()\n" } } }, "message": { "text": "toLowerCase() : Case changed using default locale" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 94, "snippet": { "text": "\t\t\t\t.toLowerCase().equals(\"dir\")" } }, "contextRegion": { "startLine": 91, "endLine": 97, "snippet": { "text": "\t\t\tindex, helpFileLen).trim().toLowerCase().equals(\n\t\t\t\"netstat -a\")\n\t\t\t|| helpFile.substring(index, helpFileLen).trim()\n\t\t\t\t.toLowerCase().equals(\"dir\")\n\t\t\t|| helpFile.substring(index, helpFileLen).trim()\n\t\t\t\t.toLowerCase().equals(\"ls\")\n\t\t\t|| helpFile.substring(index, helpFileLen).trim()\n" } } }, "message": { "text": "helpFile.substring(index, helpFileLen).trim().toLowerCase().equals(...) : Comparison without checking locale" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 94 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function createContent() in [WSDLScanning.java](1) might reveal system data or debugging information by calling printStackTrace() on line [264](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 83 }, "region": { "startLine": 264, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 261, "endLine": 267, "snippet": { "text": "\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\n\t e.printStackTrace();\n\t}\n\treturn (ec);\n }\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 83 }, "region": { "startLine": 264, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 261, "endLine": 267, "snippet": { "text": "\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\n\t e.printStackTrace();\n\t}\n\treturn (ec);\n }\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 83 }, "region": { "startLine": 264 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 33, "level": "note", "message": { "text": "Using println() rather than a dedicated logging facility makes it difficult to monitor the behavior of the program.\r\nUsing `System.out` or `System.err` rather than a dedicated logging facility makes it difficult to monitor the behavior of the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 40 }, "region": { "startLine": 856, "snippet": { "text": "\tSystem.out.println(\"Successful connection to database\");" } }, "contextRegion": { "startLine": 853, "endLine": 859, "snippet": { "text": " */\n public void makeDB(Connection connection) throws SQLException\n {\n\tSystem.out.println(\"Successful connection to database\");\n\tcreateUserDataTable(connection);\n\tcreateLoginTable(connection);\n\tcreateUserAdminTable(connection);\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 40 }, "region": { "startLine": 856, "snippet": { "text": "\tSystem.out.println(\"Successful connection to database\");" } }, "contextRegion": { "startLine": 853, "endLine": 859, "snippet": { "text": " */\n public void makeDB(Connection connection) throws SQLException\n {\n\tSystem.out.println(\"Successful connection to database\");\n\tcreateUserDataTable(connection);\n\tcreateLoginTable(connection);\n\tcreateUserAdminTable(connection);\n" } } }, "message": { "text": "FunctionCall: println" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 40 }, "region": { "startLine": 856 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 33, "level": "note", "message": { "text": "Using println() rather than a dedicated logging facility makes it difficult to monitor the behavior of the program.\r\nUsing `System.out` or `System.err` rather than a dedicated logging facility makes it difficult to monitor the behavior of the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 40 }, "region": { "startLine": 867, "snippet": { "text": "\tSystem.out.println(\"Success: creating tables.\");" } }, "contextRegion": { "startLine": 864, "endLine": 870, "snippet": { "text": "\tcreateAuthTable(connection);\n\tcreateOwnershipTable(connection);\n\tcreateWeatherDataTable(connection);\n\tSystem.out.println(\"Success: creating tables.\");\n }\n}\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 40 }, "region": { "startLine": 867, "snippet": { "text": "\tSystem.out.println(\"Success: creating tables.\");" } }, "contextRegion": { "startLine": 864, "endLine": 870, "snippet": { "text": "\tcreateAuthTable(connection);\n\tcreateOwnershipTable(connection);\n\tcreateWeatherDataTable(connection);\n\tSystem.out.println(\"Success: creating tables.\");\n }\n}\n" } } }, "message": { "text": "FunctionCall: println" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 40 }, "region": { "startLine": 867 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 42, "message": { "text": "The method updateSession() in [HammerHead.java](1) commingles trusted and untrusted data in the same data structure, which encourages programmers to mistakenly trust unvalidated data.\r\nCommingling trusted and untrusted data in the same data structure encourages programmers to mistakenly trust unvalidated data." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 495, "snippet": { "text": "\t hs.setAttribute(WebSession.SESSION, session);" } }, "contextRegion": { "startLine": 492, "endLine": 498, "snippet": { "text": "\t // Create new custom session and save it in the HTTP session\n\t // System.out.println( \"HH Creating new WebSession: \" );\n\t session = new WebSession(this, context);\n\t hs.setAttribute(WebSession.SESSION, session);\n\t // reset timeout\n\t hs.setMaxInactiveInterval(sessionTimeoutSeconds);\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 129 }, { "index": 130 }, { "index": 131 }, { "index": 132 }, { "index": 133 }, { "index": 134 }, { "index": 135 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 495, "snippet": { "text": "\t hs.setAttribute(WebSession.SESSION, session);" } }, "contextRegion": { "startLine": 492, "endLine": 498, "snippet": { "text": "\t // Create new custom session and save it in the HTTP session\n\t // System.out.println( \"HH Creating new WebSession: \" );\n\t session = new WebSession(this, context);\n\t hs.setAttribute(WebSession.SESSION, session);\n\t // reset timeout\n\t hs.setMaxInactiveInterval(sessionTimeoutSeconds);\n\n" } } }, "message": { "text": "setAttribute(1)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 495, "startColumn": 42 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 17, "message": { "text": "The catch block at [FailOpenAuthentication.java](1) line [83](1) handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program.\r\nThe catch block handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 48 }, "region": { "startLine": 83, "endLine": 96, "snippet": { "text": "\t catch (Exception e)\r\n\t {\r\n\t\t// The parameter was omitted. set fail open status complete\r\n\t\tif (username.length() > 0\r\n\t\t\t&& e.getMessage().indexOf(\"not found\") != -1)\r\n\t\t{\r\n\t\t if ((username != null) && (username.length() > 0))\r\n\t\t {\r\n\t\t\tmakeSuccess(s);\r\n\t\t\treturn (makeUser(s, username,\r\n\t\t\t\t\"Fail Open Error Handling\"));\r\n\t\t }\r\n\t\t}\r\n\t }" } }, "contextRegion": { "startLine": 80, "endLine": 99, "snippet": { "text": "\t\t return (makeLogin(s));\n\t\t}\n\t }\n\t catch (Exception e)\n\t {\n\t\t// The parameter was omitted. set fail open status complete\n\t\tif (username.length() > 0\n\t\t\t&& e.getMessage().indexOf(\"not found\") != -1)\n\t\t{\n\t\t if ((username != null) && (username.length() > 0))\n\t\t {\n\t\t\tmakeSuccess(s);\n\t\t\treturn (makeUser(s, username,\n\t\t\t\t\"Fail Open Error Handling\"));\n\t\t }\n\t\t}\n\t }\n\n\t // Don't let the fail open pass with a blank password.\n\t if (password.length() == 0)\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 48 }, "region": { "startLine": 83, "endLine": 96, "snippet": { "text": "\t catch (Exception e)\r\n\t {\r\n\t\t// The parameter was omitted. set fail open status complete\r\n\t\tif (username.length() > 0\r\n\t\t\t&& e.getMessage().indexOf(\"not found\") != -1)\r\n\t\t{\r\n\t\t if ((username != null) && (username.length() > 0))\r\n\t\t {\r\n\t\t\tmakeSuccess(s);\r\n\t\t\treturn (makeUser(s, username,\r\n\t\t\t\t\"Fail Open Error Handling\"));\r\n\t\t }\r\n\t\t}\r\n\t }" } }, "contextRegion": { "startLine": 80, "endLine": 99, "snippet": { "text": "\t\t return (makeLogin(s));\n\t\t}\n\t }\n\t catch (Exception e)\n\t {\n\t\t// The parameter was omitted. set fail open status complete\n\t\tif (username.length() > 0\n\t\t\t&& e.getMessage().indexOf(\"not found\") != -1)\n\t\t{\n\t\t if ((username != null) && (username.length() > 0))\n\t\t {\n\t\t\tmakeSuccess(s);\n\t\t\treturn (makeUser(s, username,\n\t\t\t\t\"Fail Open Error Handling\"));\n\t\t }\n\t\t}\n\t }\n\n\t // Don't let the fail open pass with a blank password.\n\t if (password.length() == 0)\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 48 }, "region": { "startLine": 83, "startColumn": 6, "endLine": 96 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 17, "message": { "text": "The catch block at [FailOpenAuthentication.java](1) line [120](1) handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program.\r\nThe catch block handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 48 }, "region": { "startLine": 120, "endLine": 123, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\r\n\t}" } }, "contextRegion": { "startLine": 117, "endLine": 126, "snippet": { "text": "\t\t\t\"Parameters. You did not exploit the fail open.\"));\n\t }\n\t}\n\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\n\t}\n\n\treturn (makeLogin(s));\n }\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 48 }, "region": { "startLine": 120, "endLine": 123, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\r\n\t}" } }, "contextRegion": { "startLine": 117, "endLine": 126, "snippet": { "text": "\t\t\t\"Parameters. You did not exploit the fail open.\"));\n\t }\n\t}\n\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\n\t}\n\n\treturn (makeLogin(s));\n }\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 48 }, "region": { "startLine": 120, "startColumn": 2, "endLine": 123 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 62, "level": "error", "message": { "text": "The method createContent() in [ReflectedXSS.java](1) sends unvalidated data to a web browser on line [165](1), which can result in the browser executing malicious code.\r\nSending unvalidated data to a web browser can result in the browser executing malicious code." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 137 }, "region": { "startLine": 165, "snippet": { "text": "\t\t\t .getStringParameter(\"QTY4\", \"1\")))" } }, "contextRegion": { "startLine": 162, "endLine": 168, "snippet": { "text": "\n\t tr.addElement(new TD().addElement(\n\t\t new Input(Input.TEXT, \"QTY4\", s.getParser()\n\t\t\t .getStringParameter(\"QTY4\", \"1\")))\n\t\t .setAlign(\"right\"));\n\t quantity = s.getParser().getFloatParameter(\"QTY4\", 1.0f);\n\t total = quantity * 299.99f;\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 67 }, { "index": 68 }, { "index": 69 }, { "index": 70 }, { "index": 76 }, { "index": 77 }, { "index": 136 }, { "index": 137 }, { "index": 138 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 137 }, "region": { "startLine": 165, "snippet": { "text": "\t\t\t .getStringParameter(\"QTY4\", \"1\")))" } }, "contextRegion": { "startLine": 162, "endLine": 168, "snippet": { "text": "\n\t tr.addElement(new TD().addElement(\n\t\t new Input(Input.TEXT, \"QTY4\", s.getParser()\n\t\t\t .getStringParameter(\"QTY4\", \"1\")))\n\t\t .setAlign(\"right\"));\n\t quantity = s.getParser().getFloatParameter(\"QTY4\", 1.0f);\n\t total = quantity * 299.99f;\n" } } }, "message": { "text": "Input(2)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 137 }, "region": { "startLine": 165 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 17, "message": { "text": "The catch block at [SqlNumericInjection.java](1) line [239](1) handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program.\r\nThe catch block handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 65 }, "region": { "startLine": 239, "endLine": 243, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\r\n\t e.printStackTrace();\r\n\t}" } }, "contextRegion": { "startLine": 236, "endLine": 246, "snippet": { "text": "\t\t\t\t+ npe.getMessage()));\n\t }\n\t}\n\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\n\t e.printStackTrace();\n\t}\n\n\treturn (ec);\n }\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 65 }, "region": { "startLine": 239, "endLine": 243, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\r\n\t e.printStackTrace();\r\n\t}" } }, "contextRegion": { "startLine": 236, "endLine": 246, "snippet": { "text": "\t\t\t\t+ npe.getMessage()));\n\t }\n\t}\n\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\n\t e.printStackTrace();\n\t}\n\n\treturn (ec);\n }\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 65 }, "region": { "startLine": 239, "startColumn": 2, "endLine": 243 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 108, "level": "error", "message": { "text": "The method getStringParameter() in [ParameterParser.java](1) mishandles confidential information, which can compromise user privacy and is often illegal.\r\nMishandling private information, such as customer passwords or social security numbers, can compromise user privacy and is often illegal." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 699, "snippet": { "text": "\t throw new ParameterNotFoundException(name + \" was empty\");" } }, "contextRegion": { "startLine": 696, "endLine": 702, "snippet": { "text": "\t}\n\telse if (values[0].length() == 0)\n\t{\n\t throw new ParameterNotFoundException(name + \" was empty\");\n\t}\n\telse\n\t{\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 139 }, { "index": 140 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 699, "snippet": { "text": "\t throw new ParameterNotFoundException(name + \" was empty\");" } }, "contextRegion": { "startLine": 696, "endLine": 702, "snippet": { "text": "\t}\n\telse if (values[0].length() == 0)\n\t{\n\t throw new ParameterNotFoundException(name + \" was empty\");\n\t}\n\telse\n\t{\n" } } }, "message": { "text": "ParameterNotFoundException(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 699 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 145, "level": "note", "message": { "text": "The method dumpSession() in [HammerHead.java](1) is not reachable from any method outside the class. It is dead code. Dead code is defined as code that is never directly or indirectly executed by a public method.\r\nThis method is not reachable from any method outside the class." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 237, "snippet": { "text": " private void dumpSession(HttpSession session)" } }, "contextRegion": { "startLine": 234, "endLine": 240, "snippet": { "text": " * @param session\n * Description of the Parameter\n */\n private void dumpSession(HttpSession session)\n {\n\tEnumeration enumerator = session.getAttributeNames();\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 237, "snippet": { "text": " private void dumpSession(HttpSession session)" } }, "contextRegion": { "startLine": 234, "endLine": 240, "snippet": { "text": " * @param session\n * Description of the Parameter\n */\n private void dumpSession(HttpSession session)\n {\n\tEnumeration enumerator = session.getAttributeNames();\n\n" } } }, "message": { "text": "Function: dumpSession" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 237 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 24, "level": "error", "message": { "text": "The method makeLink() in [ECSFactory.java](1) sends unvalidated data to a web browser on line [292](1), which can result in the browser executing malicious code.\r\nSending unvalidated data to a web browser can result in the browser executing malicious code." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 102 }, "region": { "startLine": 292, "snippet": { "text": "\ta.addElement(new U().addElement(text));" } }, "contextRegion": { "startLine": 289, "endLine": 295, "snippet": { "text": "\n\tA a = new A(href);\n\n\ta.addElement(new U().addElement(text));\n\n\ta.addAttribute(\"style\", \"cursor:hand\");\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 16 }, { "index": 17 }, { "index": 18 }, { "index": 19 }, { "index": 20 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 102 }, "region": { "startLine": 292, "snippet": { "text": "\ta.addElement(new U().addElement(text));" } }, "contextRegion": { "startLine": 289, "endLine": 295, "snippet": { "text": "\n\tA a = new A(href);\n\n\ta.addElement(new U().addElement(text));\n\n\ta.addAttribute(\"style\", \"cursor:hand\");\n\n" } } }, "message": { "text": "addElement(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 102 }, "region": { "startLine": 292, "startColumn": 34 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 24, "level": "error", "message": { "text": "The method createContent() in [WSDLScanning.java](1) sends unvalidated data to a web browser on line [221](1), which can result in the browser executing malicious code.\r\nSending unvalidated data to a web browser can result in the browser executing malicious code." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 83 }, "region": { "startLine": 221, "snippet": { "text": "\t\t\t.addElement((String) accessWGService(\"WSDLScanning\"," } }, "contextRegion": { "startLine": 218, "endLine": 224, "snippet": { "text": "\t {\n\t\theader.addElement(new TD().addElement(fields[i]));\n\t\tresults.addElement(new TD()\n\t\t\t.addElement((String) accessWGService(\"WSDLScanning\",\n\t\t\t\tfields[i], \"acct_num\", new Integer(id))));\n\t }\n\t if (fields.length == 0)\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 150 }, { "index": 151 }, { "index": 152 }, { "index": 153 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 83 }, "region": { "startLine": 221, "snippet": { "text": "\t\t\t.addElement((String) accessWGService(\"WSDLScanning\"," } }, "contextRegion": { "startLine": 218, "endLine": 224, "snippet": { "text": "\t {\n\t\theader.addElement(new TD().addElement(fields[i]));\n\t\tresults.addElement(new TD()\n\t\t\t.addElement((String) accessWGService(\"WSDLScanning\",\n\t\t\t\tfields[i], \"acct_num\", new Integer(id))));\n\t }\n\t if (fields.length == 0)\n" } } }, "message": { "text": "addElement(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 83 }, "region": { "startLine": 221 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 102, "level": "error", "message": { "text": "On line [340](1) of [UpdateProfile.java](1), the method createEmployeeProfile() invokes a SQL query built using input coming from an untrusted source. This call could allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands.\r\nConstructing a dynamic SQL statement with input coming from an untrusted source could allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 340, "snippet": { "text": "\t\tstatement.executeUpdate(query);" } }, "contextRegion": { "startLine": 337, "endLine": 343, "snippet": { "text": "\t {\n\t\tStatement statement = WebSession.getConnection(s)\n\t\t\t.createStatement();\n\t\tstatement.executeUpdate(query);\n\t }\n\t catch (SQLException sqle)\n\t {\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 86 }, { "index": 87 }, { "index": 88 }, { "index": 90 }, { "index": 91 }, { "index": 92 }, { "index": 93 }, { "index": 94 }, { "index": 95 }, { "index": 97 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 340, "snippet": { "text": "\t\tstatement.executeUpdate(query);" } }, "contextRegion": { "startLine": 337, "endLine": 343, "snippet": { "text": "\t {\n\t\tStatement statement = WebSession.getConnection(s)\n\t\t\t.createStatement();\n\t\tstatement.executeUpdate(query);\n\t }\n\t catch (SQLException sqle)\n\t {\n" } } }, "message": { "text": "executeUpdate(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 340, "startColumn": 27 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 17, "message": { "text": "The catch block at [ParameterParser.java](1) line [752](1) handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program.\r\nThe catch block handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 752, "endLine": 755, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t return def;\r\n\t}" } }, "contextRegion": { "startLine": 749, "endLine": 758, "snippet": { "text": "\t{\n\t return getSubParameter(first, next);\n\t}\n\tcatch (Exception e)\n\t{\n\t return def;\n\t}\n }\n\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 752, "endLine": 755, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t return def;\r\n\t}" } }, "contextRegion": { "startLine": 749, "endLine": 758, "snippet": { "text": "\t{\n\t return getSubParameter(first, next);\n\t}\n\tcatch (Exception e)\n\t{\n\t return def;\n\t}\n }\n\n\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 752, "startColumn": 2, "endLine": 755 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function doStage2() in [BasicAuthentication.java](1) might reveal system data or debugging information by calling printStackTrace() on line [251](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 56 }, "region": { "startLine": 251, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 248, "endLine": 254, "snippet": { "text": "\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\n\t e.printStackTrace();\n\t}\n\n\treturn (ec);\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 56 }, "region": { "startLine": 251, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 248, "endLine": 254, "snippet": { "text": "\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\n\t e.printStackTrace();\n\t}\n\n\treturn (ec);\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 56 }, "region": { "startLine": 251 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function isAuthorized() in [DefaultLessonAction.java](1) might reveal system data or debugging information by calling printStackTrace() on line [272](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 106 }, "region": { "startLine": 272, "snippet": { "text": "\t\t\t\tsqle.printStackTrace();" } }, "contextRegion": { "startLine": 269, "endLine": 275, "snippet": { "text": "\t\t\tcatch ( SQLException sqle )\n\t\t\t{\n\t\t\t\ts.setMessage( \"Error authorizing\" );\n\t\t\t\tsqle.printStackTrace();\n\t\t\t}\n\t\t}\n\t\tcatch ( Exception e )\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 106 }, "region": { "startLine": 272, "snippet": { "text": "\t\t\t\tsqle.printStackTrace();" } }, "contextRegion": { "startLine": 269, "endLine": 275, "snippet": { "text": "\t\t\tcatch ( SQLException sqle )\n\t\t\t{\n\t\t\t\ts.setMessage( \"Error authorizing\" );\n\t\t\t\tsqle.printStackTrace();\n\t\t\t}\n\t\t}\n\t\tcatch ( Exception e )\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 106 }, "region": { "startLine": 272 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 133, "message": { "text": "The function WebgoatProperties() in [WebgoatProperties.java](1) sometimes fails to release a system resource allocated by FileInputStream() on line 43.\r\nThe program can potentially fail to release a system resource." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 120 }, "region": { "startLine": 43, "snippet": { "text": "\t FileInputStream in = new FileInputStream(propertiesFileName);" } }, "contextRegion": { "startLine": 40, "endLine": 46, "snippet": { "text": " {\n\ttry\n\t{\n\t FileInputStream in = new FileInputStream(propertiesFileName);\n\t load(in);\n\t}\n\tcatch (IOException e)\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 120 }, "region": { "startLine": 43, "snippet": { "text": "\t FileInputStream in = new FileInputStream(propertiesFileName);" } }, "contextRegion": { "startLine": 40, "endLine": 46, "snippet": { "text": " {\n\ttry\n\t{\n\t FileInputStream in = new FileInputStream(propertiesFileName);\n\t load(in);\n\t}\n\tcatch (IOException e)\n" } } }, "message": { "text": "in = new FileInputStream(...)" }, "annotations": [ { "startLine": 43, "startColumn": 6, "message": { "text": "in refers to an allocated resource" } } ] }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 120 }, "region": { "startLine": 44, "snippet": { "text": "\t load(in);" } }, "contextRegion": { "startLine": 41, "endLine": 47, "snippet": { "text": "\ttry\n\t{\n\t FileInputStream in = new FileInputStream(propertiesFileName);\n\t load(in);\n\t}\n\tcatch (IOException e)\n\t{\n" } } }, "message": { "text": "java.io.IOException thrown" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 120 }, "region": { "startLine": 44, "snippet": { "text": "\t load(in);" } }, "contextRegion": { "startLine": 41, "endLine": 47, "snippet": { "text": "\ttry\n\t{\n\t FileInputStream in = new FileInputStream(propertiesFileName);\n\t load(in);\n\t}\n\tcatch (IOException e)\n\t{\n" } } }, "message": { "text": "in no longer refers to an allocated resource" } }, "kinds": [ "exit", "scope" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 120 }, "region": { "startLine": 44, "snippet": { "text": "\t load(in);" } }, "contextRegion": { "startLine": 41, "endLine": 47, "snippet": { "text": "\ttry\n\t{\n\t FileInputStream in = new FileInputStream(propertiesFileName);\n\t load(in);\n\t}\n\tcatch (IOException e)\n\t{\n" } } }, "message": { "text": "in no longer refers to an allocated resource" } }, "kinds": [ "exit", "scope" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 120 }, "region": { "startLine": 44, "snippet": { "text": "\t load(in);" } }, "contextRegion": { "startLine": 41, "endLine": 47, "snippet": { "text": "\ttry\n\t{\n\t FileInputStream in = new FileInputStream(propertiesFileName);\n\t load(in);\n\t}\n\tcatch (IOException e)\n\t{\n" } } }, "message": { "text": "in end scope : Resource leaked : java.io.IOException thrown" } }, "kinds": [ "exit", "scope" ] } ] } ] }, { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 120 }, "region": { "startLine": 43, "snippet": { "text": "\t FileInputStream in = new FileInputStream(propertiesFileName);" } }, "contextRegion": { "startLine": 40, "endLine": 46, "snippet": { "text": " {\n\ttry\n\t{\n\t FileInputStream in = new FileInputStream(propertiesFileName);\n\t load(in);\n\t}\n\tcatch (IOException e)\n" } } }, "message": { "text": "in = new FileInputStream(...)" }, "annotations": [ { "startLine": 43, "startColumn": 6, "message": { "text": "in refers to an allocated resource" } } ] }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 120 }, "region": { "startLine": 45, "snippet": { "text": "\t}" } }, "contextRegion": { "startLine": 42, "endLine": 48, "snippet": { "text": "\t{\n\t FileInputStream in = new FileInputStream(propertiesFileName);\n\t load(in);\n\t}\n\tcatch (IOException e)\n\t{\n\t System.out\n" } } }, "message": { "text": "in no longer refers to an allocated resource" } }, "kinds": [ "exit", "scope" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 120 }, "region": { "startLine": 45, "snippet": { "text": "\t}" } }, "contextRegion": { "startLine": 42, "endLine": 48, "snippet": { "text": "\t{\n\t FileInputStream in = new FileInputStream(propertiesFileName);\n\t load(in);\n\t}\n\tcatch (IOException e)\n\t{\n\t System.out\n" } } }, "message": { "text": "in no longer refers to an allocated resource" } }, "kinds": [ "exit", "scope" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 120 }, "region": { "startLine": 45, "snippet": { "text": "\t}" } }, "contextRegion": { "startLine": 42, "endLine": 48, "snippet": { "text": "\t{\n\t FileInputStream in = new FileInputStream(propertiesFileName);\n\t load(in);\n\t}\n\tcatch (IOException e)\n\t{\n\t System.out\n" } } }, "message": { "text": "in end scope : Resource leaked" } }, "kinds": [ "exit", "scope" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 120 }, "region": { "startLine": 43 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 33, "level": "note", "message": { "text": "Using println() rather than a dedicated logging facility makes it difficult to monitor the behavior of the program.\r\nUsing `System.out` or `System.err` rather than a dedicated logging facility makes it difficult to monitor the behavior of the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 306, "snippet": { "text": "\tSystem.out.println(\"Executing OS command: '\" + command" } }, "contextRegion": { "startLine": 303, "endLine": 309, "snippet": { "text": " */\n private Element exec(WebSession s, String command, String args)\n {\n\tSystem.out.println(\"Executing OS command: '\" + command\n\t\t+ \"' with args: '\" + args + \"'\");\n\tExecResults er = Exec.execSimple(command, args);\n\tif ((args.indexOf(\"&\") != -1 || args.indexOf(\";\") != -1)\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 306, "snippet": { "text": "\tSystem.out.println(\"Executing OS command: '\" + command" } }, "contextRegion": { "startLine": 303, "endLine": 309, "snippet": { "text": " */\n private Element exec(WebSession s, String command, String args)\n {\n\tSystem.out.println(\"Executing OS command: '\" + command\n\t\t+ \"' with args: '\" + args + \"'\");\n\tExecResults er = Exec.execSimple(command, args);\n\tif ((args.indexOf(\"&\") != -1 || args.indexOf(\";\") != -1)\n" } } }, "message": { "text": "FunctionCall: println" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 306 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 62, "level": "error", "message": { "text": "The method makeUser() in [WeakAuthenticationCookie.java](1) sends unvalidated data to a web browser on line [377](1), which can result in the browser executing malicious code.\r\nSending unvalidated data to a web browser can result in the browser executing malicious code." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 132 }, "region": { "startLine": 377, "snippet": { "text": "\tec.addElement(new P().addElement(\"Welcome, \" + user));" } }, "contextRegion": { "startLine": 374, "endLine": 380, "snippet": { "text": "\t throws Exception\n {\n\tElementContainer ec = new ElementContainer();\n\tec.addElement(new P().addElement(\"Welcome, \" + user));\n\tec.addElement(new P().addElement(\"You have been authenticated with \"\n\t\t+ method));\n\tec.addElement(new P().addElement(ECSFactory.makeLink(\"Logout\", LOGOUT,\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 0 }, { "index": 2 }, { "index": 3 }, { "index": 154 }, { "index": 155 }, { "index": 156 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 132 }, "region": { "startLine": 377, "snippet": { "text": "\tec.addElement(new P().addElement(\"Welcome, \" + user));" } }, "contextRegion": { "startLine": 374, "endLine": 380, "snippet": { "text": "\t throws Exception\n {\n\tElementContainer ec = new ElementContainer();\n\tec.addElement(new P().addElement(\"Welcome, \" + user));\n\tec.addElement(new P().addElement(\"You have been authenticated with \"\n\t\t+ method));\n\tec.addElement(new P().addElement(ECSFactory.makeLink(\"Logout\", LOGOUT,\n" } } }, "message": { "text": "addElement(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 132 }, "region": { "startLine": 377 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 17, "message": { "text": "The catch block at [WeakSessionID.java](1) line [135](1) handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program.\r\nThe catch block handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 128 }, "region": { "startLine": 135, "endLine": 139, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\r\n\t e.printStackTrace();\r\n\t}" } }, "contextRegion": { "startLine": 132, "endLine": 142, "snippet": { "text": "\t\treturn makeLogin(s);\n\t }\n\t}\n\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\n\t e.printStackTrace();\n\t}\n\n\treturn (null);\n }\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 128 }, "region": { "startLine": 135, "endLine": 139, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\r\n\t e.printStackTrace();\r\n\t}" } }, "contextRegion": { "startLine": 132, "endLine": 142, "snippet": { "text": "\t\treturn makeLogin(s);\n\t }\n\t}\n\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\n\t e.printStackTrace();\n\t}\n\n\treturn (null);\n }\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 128 }, "region": { "startLine": 135, "startColumn": 2, "endLine": 139 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 102, "level": "error", "message": { "text": "On line [248](1) of [UpdateProfile.java](1), the method changeEmployeeProfile() invokes a SQL query built using input coming from an untrusted source. This call could allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands.\r\nConstructing a dynamic SQL statement with input coming from an untrusted source could allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 248, "snippet": { "text": "\t\tanswer_statement.executeUpdate(query);" } }, "contextRegion": { "startLine": 245, "endLine": 251, "snippet": { "text": "\t\tStatement answer_statement = WebSession.getConnection(s)\n\t\t\t.createStatement(ResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tanswer_statement.executeUpdate(query);\n\t }\n\t catch (SQLException sqle)\n\t {\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 141 }, { "index": 142 }, { "index": 143 }, { "index": 90 }, { "index": 91 }, { "index": 145 }, { "index": 93 }, { "index": 146 }, { "index": 147 }, { "index": 149 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 248, "snippet": { "text": "\t\tanswer_statement.executeUpdate(query);" } }, "contextRegion": { "startLine": 245, "endLine": 251, "snippet": { "text": "\t\tStatement answer_statement = WebSession.getConnection(s)\n\t\t\t.createStatement(ResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tanswer_statement.executeUpdate(query);\n\t }\n\t catch (SQLException sqle)\n\t {\n" } } }, "message": { "text": "executeUpdate(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 248, "startColumn": 34 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function handleRequest() in [BlindSqlInjection.java](1) might reveal system data or debugging information by calling printStackTrace() on line [344](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 70 }, "region": { "startLine": 344, "snippet": { "text": "\t e.printStackTrace(System.out);" } }, "contextRegion": { "startLine": 341, "endLine": 347, "snippet": { "text": "\tcatch (Exception e)\n\t{\n\t System.out.println(\"Exception caught: \" + e);\n\t e.printStackTrace(System.out);\n\t}\n }\n}\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 70 }, "region": { "startLine": 344, "snippet": { "text": "\t e.printStackTrace(System.out);" } }, "contextRegion": { "startLine": 341, "endLine": 347, "snippet": { "text": "\tcatch (Exception e)\n\t{\n\t System.out.println(\"Exception caught: \" + e);\n\t e.printStackTrace(System.out);\n\t}\n }\n}\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 70 }, "region": { "startLine": 344 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 33, "level": "note", "message": { "text": "Using println() rather than a dedicated logging facility makes it difficult to monitor the behavior of the program.\r\nUsing `System.out` or `System.err` rather than a dedicated logging facility makes it difficult to monitor the behavior of the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 40 }, "region": { "startLine": 549, "snippet": { "text": "\t System.out.println(\"Error: unable to drop roles\");" } }, "contextRegion": { "startLine": 546, "endLine": 552, "snippet": { "text": "\t}\n\tcatch (SQLException e)\n\t{\n\t System.out.println(\"Error: unable to drop roles\");\n\t}\n\n\ttry\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 40 }, "region": { "startLine": 549, "snippet": { "text": "\t System.out.println(\"Error: unable to drop roles\");" } }, "contextRegion": { "startLine": 546, "endLine": 552, "snippet": { "text": "\t}\n\tcatch (SQLException e)\n\t{\n\t System.out.println(\"Error: unable to drop roles\");\n\t}\n\n\ttry\n" } } }, "message": { "text": "FunctionCall: println" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 40 }, "region": { "startLine": 549 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 33, "level": "note", "message": { "text": "Using println() rather than a dedicated logging facility makes it difficult to monitor the behavior of the program.\r\nUsing `System.out` or `System.err` rather than a dedicated logging facility makes it difficult to monitor the behavior of the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 40 }, "region": { "startLine": 562, "snippet": { "text": "\t System.out.println(\"Error: Unable to create role table\");" } }, "contextRegion": { "startLine": 559, "endLine": 565, "snippet": { "text": "\t}\n\tcatch (SQLException e)\n\t{\n\t System.out.println(\"Error: Unable to create role table\");\n\t}\n\n\tString insertData1 = \"INSERT INTO roles VALUES (101, 'employee')\";\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 40 }, "region": { "startLine": 562, "snippet": { "text": "\t System.out.println(\"Error: Unable to create role table\");" } }, "contextRegion": { "startLine": 559, "endLine": 565, "snippet": { "text": "\t}\n\tcatch (SQLException e)\n\t{\n\t System.out.println(\"Error: Unable to create role table\");\n\t}\n\n\tString insertData1 = \"INSERT INTO roles VALUES (101, 'employee')\";\n" } } }, "message": { "text": "FunctionCall: println" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 40 }, "region": { "startLine": 562 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function changeEmployeeProfile_BACKUP() in [UpdateProfile.java](1) might reveal system data or debugging information by calling printStackTrace() on line [237](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 101 }, "region": { "startLine": 237, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 234, "endLine": 240, "snippet": { "text": "\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error updating employee profile\");\n\t e.printStackTrace();\n\t}\n }\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 101 }, "region": { "startLine": 237, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 234, "endLine": 240, "snippet": { "text": "\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error updating employee profile\");\n\t e.printStackTrace();\n\t}\n }\n\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 101 }, "region": { "startLine": 237 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 42, "message": { "text": "The method doPost() in [HammerHead.java](1) commingles trusted and untrusted data in the same data structure, which encourages programmers to mistakenly trust unvalidated data.\r\nCommingling trusted and untrusted data in the same data structure encourages programmers to mistakenly trust unvalidated data." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 185, "snippet": { "text": "\t request.getSession().setAttribute(\"course\", mySession.getCourse());" } }, "contextRegion": { "startLine": 182, "endLine": 188, "snippet": { "text": "\t }\n\t request.setAttribute(\"client.browser\", clientBrowser);\n\t request.getSession().setAttribute(\"websession\", mySession);\n\t request.getSession().setAttribute(\"course\", mySession.getCourse());\n\n\t request.getRequestDispatcher(getViewPage(mySession)).forward(\n\t\t request, response);\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 129 }, { "index": 130 }, { "index": 131 }, { "index": 132 }, { "index": 133 }, { "index": 134 }, { "index": 135 }, { "index": 157 }, { "index": 158 }, { "index": 159 }, { "index": 160 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 185, "snippet": { "text": "\t request.getSession().setAttribute(\"course\", mySession.getCourse());" } }, "contextRegion": { "startLine": 182, "endLine": 188, "snippet": { "text": "\t }\n\t request.setAttribute(\"client.browser\", clientBrowser);\n\t request.getSession().setAttribute(\"websession\", mySession);\n\t request.getSession().setAttribute(\"course\", mySession.getCourse());\n\n\t request.getRequestDispatcher(getViewPage(mySession)).forward(\n\t\t request, response);\n" } } }, "message": { "text": "setAttribute(1)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 185 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function createContent() in [HiddenFieldTampering.java](1) might reveal system data or debugging information by calling printStackTrace() on line [165](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 49 }, "region": { "startLine": 165, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 162, "endLine": 168, "snippet": { "text": "\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\n\t e.printStackTrace();\n\t}\n\n\treturn (ec);\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 49 }, "region": { "startLine": 165, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 162, "endLine": 168, "snippet": { "text": "\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\n\t e.printStackTrace();\n\t}\n\n\treturn (ec);\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 49 }, "region": { "startLine": 165 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 108, "level": "error", "message": { "text": "The method ParameterNotFoundException() in [ParameterNotFoundException.java](1) mishandles confidential information, which can compromise user privacy and is often illegal.\r\nMishandling private information, such as customer passwords or social security numbers, can compromise user privacy and is often illegal." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 77 }, "region": { "startLine": 54, "snippet": { "text": "\tsuper(s);" } }, "contextRegion": { "startLine": 51, "endLine": 57, "snippet": { "text": " */\n public ParameterNotFoundException(String s)\n {\n\tsuper(s);\n }\n}\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 162 }, { "index": 163 }, { "index": 164 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 77 }, "region": { "startLine": 54, "snippet": { "text": "\tsuper(s);" } }, "contextRegion": { "startLine": 51, "endLine": 57, "snippet": { "text": " */\n public ParameterNotFoundException(String s)\n {\n\tsuper(s);\n }\n}\n" } } }, "message": { "text": "Exception(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 77 }, "region": { "startLine": 54, "startColumn": 8 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 133, "message": { "text": "The function isDefaced() in [Challenge2Screen.java](1) sometimes fails to release a system resource allocated by FileReader() on line 381.\r\nThe program can potentially fail to release a system resource." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 381, "snippet": { "text": "\t String defacedText = getFileText(new BufferedReader(new FileReader(" } }, "contextRegion": { "startLine": 378, "endLine": 384, "snippet": { "text": "\t\t WEBGOAT_CHALLENGE + \"_\" + s.getUserName() + JSP);\n\t String masterFilePath = s.getContext().getRealPath(\n\t\t WEBGOAT_CHALLENGE_JSP);\n\t String defacedText = getFileText(new BufferedReader(new FileReader(\n\t\t origpath)), false);\n\t String origText = getFileText(new BufferedReader(new FileReader(\n\t\t masterFilePath)), false);\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 381, "snippet": { "text": "\t String defacedText = getFileText(new BufferedReader(new FileReader(" } }, "contextRegion": { "startLine": 378, "endLine": 384, "snippet": { "text": "\t\t WEBGOAT_CHALLENGE + \"_\" + s.getUserName() + JSP);\n\t String masterFilePath = s.getContext().getRealPath(\n\t\t WEBGOAT_CHALLENGE_JSP);\n\t String defacedText = getFileText(new BufferedReader(new FileReader(\n\t\t origpath)), false);\n\t String origText = getFileText(new BufferedReader(new FileReader(\n\t\t masterFilePath)), false);\n" } } }, "message": { "text": "new FileReader(...)" }, "annotations": [ { "startLine": 381, "startColumn": 58, "message": { "text": " refers to an allocated resource" } } ] }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 381, "snippet": { "text": "\t String defacedText = getFileText(new BufferedReader(new FileReader(" } }, "contextRegion": { "startLine": 378, "endLine": 384, "snippet": { "text": "\t\t WEBGOAT_CHALLENGE + \"_\" + s.getUserName() + JSP);\n\t String masterFilePath = s.getContext().getRealPath(\n\t\t WEBGOAT_CHALLENGE_JSP);\n\t String defacedText = getFileText(new BufferedReader(new FileReader(\n\t\t origpath)), false);\n\t String origText = getFileText(new BufferedReader(new FileReader(\n\t\t masterFilePath)), false);\n" } } }, "message": { "text": "new BufferedReader(new java.io.FileReader())" }, "annotations": [ { "startLine": 381, "startColumn": 39, "message": { "text": " refers to an allocated resource" } } ] }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 381, "snippet": { "text": "\t String defacedText = getFileText(new BufferedReader(new FileReader(" } }, "contextRegion": { "startLine": 378, "endLine": 384, "snippet": { "text": "\t\t WEBGOAT_CHALLENGE + \"_\" + s.getUserName() + JSP);\n\t String masterFilePath = s.getContext().getRealPath(\n\t\t WEBGOAT_CHALLENGE_JSP);\n\t String defacedText = getFileText(new BufferedReader(new FileReader(\n\t\t origpath)), false);\n\t String origText = getFileText(new BufferedReader(new FileReader(\n\t\t masterFilePath)), false);\n" } } }, "message": { "text": "getFileText(new java.io.BufferedReader(), ?)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 384, "snippet": { "text": "\t\t masterFilePath)), false);" } }, "contextRegion": { "startLine": 381, "endLine": 387, "snippet": { "text": "\t String defacedText = getFileText(new BufferedReader(new FileReader(\n\t\t origpath)), false);\n\t String origText = getFileText(new BufferedReader(new FileReader(\n\t\t masterFilePath)), false);\n\n\t defaced = (!origText.equals(defacedText));\n\t}\n" } } }, "message": { "text": "java.lang.Exception thrown" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 384, "snippet": { "text": "\t\t masterFilePath)), false);" } }, "contextRegion": { "startLine": 381, "endLine": 387, "snippet": { "text": "\t String defacedText = getFileText(new BufferedReader(new FileReader(\n\t\t origpath)), false);\n\t String origText = getFileText(new BufferedReader(new FileReader(\n\t\t masterFilePath)), false);\n\n\t defaced = (!origText.equals(defacedText));\n\t}\n" } } }, "message": { "text": " no longer refers to an allocated resource" } }, "kinds": [ "exit", "scope" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 384, "snippet": { "text": "\t\t masterFilePath)), false);" } }, "contextRegion": { "startLine": 381, "endLine": 387, "snippet": { "text": "\t String defacedText = getFileText(new BufferedReader(new FileReader(\n\t\t origpath)), false);\n\t String origText = getFileText(new BufferedReader(new FileReader(\n\t\t masterFilePath)), false);\n\n\t defaced = (!origText.equals(defacedText));\n\t}\n" } } }, "message": { "text": " no longer refers to an allocated resource" } }, "kinds": [ "exit", "scope" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 384, "snippet": { "text": "\t\t masterFilePath)), false);" } }, "contextRegion": { "startLine": 381, "endLine": 387, "snippet": { "text": "\t String defacedText = getFileText(new BufferedReader(new FileReader(\n\t\t origpath)), false);\n\t String origText = getFileText(new BufferedReader(new FileReader(\n\t\t masterFilePath)), false);\n\n\t defaced = (!origText.equals(defacedText));\n\t}\n" } } }, "message": { "text": "end scope : Resource leaked : java.lang.Exception thrown" } }, "kinds": [ "exit", "scope" ] } ] } ] }, { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 381, "snippet": { "text": "\t String defacedText = getFileText(new BufferedReader(new FileReader(" } }, "contextRegion": { "startLine": 378, "endLine": 384, "snippet": { "text": "\t\t WEBGOAT_CHALLENGE + \"_\" + s.getUserName() + JSP);\n\t String masterFilePath = s.getContext().getRealPath(\n\t\t WEBGOAT_CHALLENGE_JSP);\n\t String defacedText = getFileText(new BufferedReader(new FileReader(\n\t\t origpath)), false);\n\t String origText = getFileText(new BufferedReader(new FileReader(\n\t\t masterFilePath)), false);\n" } } }, "message": { "text": "new FileReader(...)" }, "annotations": [ { "startLine": 381, "startColumn": 58, "message": { "text": " refers to an allocated resource" } } ] }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 381, "snippet": { "text": "\t String defacedText = getFileText(new BufferedReader(new FileReader(" } }, "contextRegion": { "startLine": 378, "endLine": 384, "snippet": { "text": "\t\t WEBGOAT_CHALLENGE + \"_\" + s.getUserName() + JSP);\n\t String masterFilePath = s.getContext().getRealPath(\n\t\t WEBGOAT_CHALLENGE_JSP);\n\t String defacedText = getFileText(new BufferedReader(new FileReader(\n\t\t origpath)), false);\n\t String origText = getFileText(new BufferedReader(new FileReader(\n\t\t masterFilePath)), false);\n" } } }, "message": { "text": "new BufferedReader(new java.io.FileReader())" }, "annotations": [ { "startLine": 381, "startColumn": 39, "message": { "text": " refers to an allocated resource" } } ] }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 381, "snippet": { "text": "\t String defacedText = getFileText(new BufferedReader(new FileReader(" } }, "contextRegion": { "startLine": 378, "endLine": 384, "snippet": { "text": "\t\t WEBGOAT_CHALLENGE + \"_\" + s.getUserName() + JSP);\n\t String masterFilePath = s.getContext().getRealPath(\n\t\t WEBGOAT_CHALLENGE_JSP);\n\t String defacedText = getFileText(new BufferedReader(new FileReader(\n\t\t origpath)), false);\n\t String origText = getFileText(new BufferedReader(new FileReader(\n\t\t masterFilePath)), false);\n" } } }, "message": { "text": "getFileText(new java.io.BufferedReader(), ?)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 387, "snippet": { "text": "\t}" } }, "contextRegion": { "startLine": 384, "endLine": 390, "snippet": { "text": "\t\t masterFilePath)), false);\n\n\t defaced = (!origText.equals(defacedText));\n\t}\n\tcatch (Exception e)\n\t{\n\t e.printStackTrace();\n" } } }, "message": { "text": " no longer refers to an allocated resource" } }, "kinds": [ "exit", "scope" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 387, "snippet": { "text": "\t}" } }, "contextRegion": { "startLine": 384, "endLine": 390, "snippet": { "text": "\t\t masterFilePath)), false);\n\n\t defaced = (!origText.equals(defacedText));\n\t}\n\tcatch (Exception e)\n\t{\n\t e.printStackTrace();\n" } } }, "message": { "text": " no longer refers to an allocated resource" } }, "kinds": [ "exit", "scope" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 387, "snippet": { "text": "\t}" } }, "contextRegion": { "startLine": 384, "endLine": 390, "snippet": { "text": "\t\t masterFilePath)), false);\n\n\t defaced = (!origText.equals(defacedText));\n\t}\n\tcatch (Exception e)\n\t{\n\t e.printStackTrace();\n" } } }, "message": { "text": "end scope : Resource leaked" } }, "kinds": [ "exit", "scope" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 381 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 133, "message": { "text": "The function isDefaced() in [Challenge2Screen.java](1) sometimes fails to release a system resource allocated by FileReader() on line 383.\r\nThe program can potentially fail to release a system resource." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 383, "snippet": { "text": "\t String origText = getFileText(new BufferedReader(new FileReader(" } }, "contextRegion": { "startLine": 380, "endLine": 386, "snippet": { "text": "\t\t WEBGOAT_CHALLENGE_JSP);\n\t String defacedText = getFileText(new BufferedReader(new FileReader(\n\t\t origpath)), false);\n\t String origText = getFileText(new BufferedReader(new FileReader(\n\t\t masterFilePath)), false);\n\n\t defaced = (!origText.equals(defacedText));\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 383, "snippet": { "text": "\t String origText = getFileText(new BufferedReader(new FileReader(" } }, "contextRegion": { "startLine": 380, "endLine": 386, "snippet": { "text": "\t\t WEBGOAT_CHALLENGE_JSP);\n\t String defacedText = getFileText(new BufferedReader(new FileReader(\n\t\t origpath)), false);\n\t String origText = getFileText(new BufferedReader(new FileReader(\n\t\t masterFilePath)), false);\n\n\t defaced = (!origText.equals(defacedText));\n" } } }, "message": { "text": "new FileReader(...)" }, "annotations": [ { "startLine": 383, "startColumn": 55, "message": { "text": " refers to an allocated resource" } } ] }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 383, "snippet": { "text": "\t String origText = getFileText(new BufferedReader(new FileReader(" } }, "contextRegion": { "startLine": 380, "endLine": 386, "snippet": { "text": "\t\t WEBGOAT_CHALLENGE_JSP);\n\t String defacedText = getFileText(new BufferedReader(new FileReader(\n\t\t origpath)), false);\n\t String origText = getFileText(new BufferedReader(new FileReader(\n\t\t masterFilePath)), false);\n\n\t defaced = (!origText.equals(defacedText));\n" } } }, "message": { "text": "new BufferedReader(new java.io.FileReader())" }, "annotations": [ { "startLine": 383, "startColumn": 36, "message": { "text": " refers to an allocated resource" } } ] }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 383, "snippet": { "text": "\t String origText = getFileText(new BufferedReader(new FileReader(" } }, "contextRegion": { "startLine": 380, "endLine": 386, "snippet": { "text": "\t\t WEBGOAT_CHALLENGE_JSP);\n\t String defacedText = getFileText(new BufferedReader(new FileReader(\n\t\t origpath)), false);\n\t String origText = getFileText(new BufferedReader(new FileReader(\n\t\t masterFilePath)), false);\n\n\t defaced = (!origText.equals(defacedText));\n" } } }, "message": { "text": "getFileText(new java.io.BufferedReader(), ?)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 387, "snippet": { "text": "\t}" } }, "contextRegion": { "startLine": 384, "endLine": 390, "snippet": { "text": "\t\t masterFilePath)), false);\n\n\t defaced = (!origText.equals(defacedText));\n\t}\n\tcatch (Exception e)\n\t{\n\t e.printStackTrace();\n" } } }, "message": { "text": " no longer refers to an allocated resource" } }, "kinds": [ "exit", "scope" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 387, "snippet": { "text": "\t}" } }, "contextRegion": { "startLine": 384, "endLine": 390, "snippet": { "text": "\t\t masterFilePath)), false);\n\n\t defaced = (!origText.equals(defacedText));\n\t}\n\tcatch (Exception e)\n\t{\n\t e.printStackTrace();\n" } } }, "message": { "text": " no longer refers to an allocated resource" } }, "kinds": [ "exit", "scope" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 387, "snippet": { "text": "\t}" } }, "contextRegion": { "startLine": 384, "endLine": 390, "snippet": { "text": "\t\t masterFilePath)), false);\n\n\t defaced = (!origText.equals(defacedText));\n\t}\n\tcatch (Exception e)\n\t{\n\t e.printStackTrace();\n" } } }, "message": { "text": "end scope : Resource leaked" } }, "kinds": [ "exit", "scope" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 383 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 111, "message": { "text": "The call to readLine() at [LessonAdapter.java](1) line [288](1) might allow an attacker to crash the program or otherwise make it unavailable to legitimate users.\r\nAn attacker could cause the program to crash or otherwise become unavailable to legitimate users." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 116 }, "region": { "startLine": 288, "snippet": { "text": "\t\twhile ((line = in.readLine()) != null)" } }, "contextRegion": { "startLine": 285, "endLine": 291, "snippet": { "text": "\t\tBufferedReader in = new BufferedReader(new FileReader(fileName));\n\t\tString line = null;\n\t\tboolean startAppending = false;\n\t\twhile ((line = in.readLine()) != null)\n\t\t{\n\t\t if (line.indexOf(\"\") != -1)\n\t\t {\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 116 }, "region": { "startLine": 288, "snippet": { "text": "\t\twhile ((line = in.readLine()) != null)" } }, "contextRegion": { "startLine": 285, "endLine": 291, "snippet": { "text": "\t\tBufferedReader in = new BufferedReader(new FileReader(fileName));\n\t\tString line = null;\n\t\tboolean startAppending = false;\n\t\twhile ((line = in.readLine()) != null)\n\t\t{\n\t\t if (line.indexOf(\"\") != -1)\n\t\t {\n" } } }, "message": { "text": "readLine()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 116 }, "region": { "startLine": 288 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 24, "level": "error", "message": { "text": "The method writeTable() in [DatabaseUtilities.java](1) sends unvalidated data to a web browser on line [154](1), which can result in the browser executing malicious code.\r\nSending unvalidated data to a web browser can result in the browser executing malicious code." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 17 }, "region": { "startLine": 154, "snippet": { "text": "\t\t row.addElement(new TD(results.getString(i).replaceAll(\" \"," } }, "contextRegion": { "startLine": 151, "endLine": 157, "snippet": { "text": "\n\t\tfor (int i = 1; i < (numColumns + 1); i++)\n\t\t{\n\t\t row.addElement(new TD(results.getString(i).replaceAll(\" \",\n\t\t\t \" \")));\n\t\t}\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 62 }, { "index": 63 }, { "index": 64 }, { "index": 65 }, { "index": 66 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 17 }, "region": { "startLine": 154, "snippet": { "text": "\t\t row.addElement(new TD(results.getString(i).replaceAll(\" \"," } }, "contextRegion": { "startLine": 151, "endLine": 157, "snippet": { "text": "\n\t\tfor (int i = 1; i < (numColumns + 1); i++)\n\t\t{\n\t\t row.addElement(new TD(results.getString(i).replaceAll(\" \",\n\t\t\t \" \")));\n\t\t}\n\n" } } }, "message": { "text": "TD(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 17 }, "region": { "startLine": 154 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 109, "level": "note", "message": { "text": "A hidden form field is used in [EditProfile.jsp](1) at line [123](1).\r\nA hidden form field is used." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 42 }, "region": { "startLine": 123, "snippet": { "text": "\t\t\t\t\t\t\t\" type=\"hidden\" value=\"<%=employee.getTitle()%>\">" } }, "contextRegion": { "startLine": 120, "endLine": 126, "snippet": { "text": "\t\t\t\t \t\t\n \t\n \t\t\t\t\t\t\t\" type=\"hidden\" value=\"<%=employee.getId()%>\">\n\t\t\t\t\t\t\t\" type=\"hidden\" value=\"<%=employee.getTitle()%>\">\n\t\t\t\t\t\t\t\"/>\n\t\t\t\t\t\t\n \t\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 42 }, "region": { "startLine": 123, "snippet": { "text": "\t\t\t\t\t\t\t\" type=\"hidden\" value=\"<%=employee.getTitle()%>\">" } }, "contextRegion": { "startLine": 120, "endLine": 126, "snippet": { "text": "\t\t\t\t \t\t\n \t\n \t\t\t\t\t\t\t\" type=\"hidden\" value=\"<%=employee.getId()%>\">\n\t\t\t\t\t\t\t\" type=\"hidden\" value=\"<%=employee.getTitle()%>\">\n\t\t\t\t\t\t\t\"/>\n\t\t\t\t\t\t\n \t\n" } } } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 42 }, "region": { "startLine": 123, "startColumn": 8 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 109, "level": "note", "message": { "text": "A hidden form field is used in [EditProfile.jsp](1) at line [126](1).\r\nA hidden form field is used." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 112 }, "region": { "startLine": 126, "snippet": { "text": "\t\t\t\t\t\t\t\" type=\"hidden\" value=\"<%=employee.getTitle()%>\">" } }, "contextRegion": { "startLine": 123, "endLine": 129, "snippet": { "text": "\t\t\t\t \t\t\n \t\n \t\t\t\t\t\t\t\" type=\"hidden\" value=\"<%=employee.getId()%>\">\n\t\t\t\t\t\t\t\" type=\"hidden\" value=\"<%=employee.getTitle()%>\">\n\t\t\t\t\t\t\t\"/>\n\t\t\t\t\t\t\n \t\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 112 }, "region": { "startLine": 126, "snippet": { "text": "\t\t\t\t\t\t\t\" type=\"hidden\" value=\"<%=employee.getTitle()%>\">" } }, "contextRegion": { "startLine": 123, "endLine": 129, "snippet": { "text": "\t\t\t\t \t\t\n \t\n \t\t\t\t\t\t\t\" type=\"hidden\" value=\"<%=employee.getId()%>\">\n\t\t\t\t\t\t\t\" type=\"hidden\" value=\"<%=employee.getTitle()%>\">\n\t\t\t\t\t\t\t\"/>\n\t\t\t\t\t\t\n \t\n" } } } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 112 }, "region": { "startLine": 126, "startColumn": 8 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 109, "level": "note", "message": { "text": "A hidden form field is used in [EditProfile.jsp](1) at line [122](1).\r\nA hidden form field is used." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 79 }, "region": { "startLine": 122, "snippet": { "text": " \t\t\t\t\t\t\t\" type=\"hidden\" value=\"<%=employee.getId()%>\">" } }, "contextRegion": { "startLine": 119, "endLine": 125, "snippet": { "text": "\t\t\t\t \t\t\n\t\t\t\t \t\t\n \t\n \t\t\t\t\t\t\t\" type=\"hidden\" value=\"<%=employee.getId()%>\">\n\t\t\t\t\t\t\t\" type=\"hidden\" value=\"<%=employee.getTitle()%>\">\n\t\t\t\t\t\t\t\"/>\n\t\t\t\t\t\t\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 79 }, "region": { "startLine": 122, "snippet": { "text": " \t\t\t\t\t\t\t\" type=\"hidden\" value=\"<%=employee.getId()%>\">" } }, "contextRegion": { "startLine": 119, "endLine": 125, "snippet": { "text": "\t\t\t\t \t\t\n\t\t\t\t \t\t\n \t\n \t\t\t\t\t\t\t\" type=\"hidden\" value=\"<%=employee.getId()%>\">\n\t\t\t\t\t\t\t\" type=\"hidden\" value=\"<%=employee.getTitle()%>\">\n\t\t\t\t\t\t\t\"/>\n\t\t\t\t\t\t\n" } } } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 79 }, "region": { "startLine": 122, "startColumn": 9 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 109, "level": "note", "message": { "text": "A hidden form field is used in [EditProfile.jsp](1) at line [123](1).\r\nA hidden form field is used." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 79 }, "region": { "startLine": 123, "snippet": { "text": "\t\t\t\t\t\t\t\" type=\"hidden\" value=\"<%=employee.getTitle()%>\">" } }, "contextRegion": { "startLine": 120, "endLine": 126, "snippet": { "text": "\t\t\t\t \t\t\n \t\n \t\t\t\t\t\t\t\" type=\"hidden\" value=\"<%=employee.getId()%>\">\n\t\t\t\t\t\t\t\" type=\"hidden\" value=\"<%=employee.getTitle()%>\">\n\t\t\t\t\t\t\t\"/>\n\t\t\t\t\t\t\n \t\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 79 }, "region": { "startLine": 123, "snippet": { "text": "\t\t\t\t\t\t\t\" type=\"hidden\" value=\"<%=employee.getTitle()%>\">" } }, "contextRegion": { "startLine": 120, "endLine": 126, "snippet": { "text": "\t\t\t\t \t\t\n \t\n \t\t\t\t\t\t\t\" type=\"hidden\" value=\"<%=employee.getId()%>\">\n\t\t\t\t\t\t\t\" type=\"hidden\" value=\"<%=employee.getTitle()%>\">\n\t\t\t\t\t\t\t\"/>\n\t\t\t\t\t\t\n \t\n" } } } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 79 }, "region": { "startLine": 123, "startColumn": 8 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function determineType() in [SoapRequest.java](1) might reveal system data or debugging information by calling printStackTrace() on line [330](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 130 }, "region": { "startLine": 330, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 327, "endLine": 333, "snippet": { "text": "\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\n\t e.printStackTrace();\n\t}\n\n\t//DEVNOTE: Conditionally display Stage2 content depending on whether stage is completed or not\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 130 }, "region": { "startLine": 330, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 327, "endLine": 333, "snippet": { "text": "\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\n\t e.printStackTrace();\n\t}\n\n\t//DEVNOTE: Conditionally display Stage2 content depending on whether stage is completed or not\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 130 }, "region": { "startLine": 330 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 108, "level": "error", "message": { "text": "The method getRawParameter() in [ParameterParser.java](1) mishandles confidential information, which can compromise user privacy and is often illegal.\r\nMishandling private information, such as customer passwords or social security numbers, can compromise user privacy and is often illegal." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 635, "snippet": { "text": "\t throw new ParameterNotFoundException(name + \" was empty\");" } }, "contextRegion": { "startLine": 632, "endLine": 638, "snippet": { "text": "\t}\n\telse if (values[0].length() == 0)\n\t{\n\t throw new ParameterNotFoundException(name + \" was empty\");\n\t}\n\n\treturn (values[0]);\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 165 }, { "index": 166 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 635, "snippet": { "text": "\t throw new ParameterNotFoundException(name + \" was empty\");" } }, "contextRegion": { "startLine": 632, "endLine": 638, "snippet": { "text": "\t}\n\telse if (values[0].length() == 0)\n\t{\n\t throw new ParameterNotFoundException(name + \" was empty\");\n\t}\n\n\treturn (values[0]);\n" } } }, "message": { "text": "ParameterNotFoundException(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 635 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 109, "level": "note", "message": { "text": "A hidden form field is used in [EditProfile.jsp](1) at line [125](1).\r\nA hidden form field is used." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 112 }, "region": { "startLine": 125, "snippet": { "text": " \t\t\t\t\t\t\t\" type=\"hidden\" value=\"<%=employee.getId()%>\">" } }, "contextRegion": { "startLine": 122, "endLine": 128, "snippet": { "text": "\t\t\t\t \t\t\n\t\t\t\t \t\t\n \t\n \t\t\t\t\t\t\t\" type=\"hidden\" value=\"<%=employee.getId()%>\">\n\t\t\t\t\t\t\t\" type=\"hidden\" value=\"<%=employee.getTitle()%>\">\n\t\t\t\t\t\t\t\"/>\n\t\t\t\t\t\t\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 112 }, "region": { "startLine": 125, "snippet": { "text": " \t\t\t\t\t\t\t\" type=\"hidden\" value=\"<%=employee.getId()%>\">" } }, "contextRegion": { "startLine": 122, "endLine": 128, "snippet": { "text": "\t\t\t\t \t\t\n\t\t\t\t \t\t\n \t\n \t\t\t\t\t\t\t\" type=\"hidden\" value=\"<%=employee.getId()%>\">\n\t\t\t\t\t\t\t\" type=\"hidden\" value=\"<%=employee.getTitle()%>\">\n\t\t\t\t\t\t\t\"/>\n\t\t\t\t\t\t\n" } } } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 112 }, "region": { "startLine": 125, "startColumn": 9 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 33, "level": "note", "message": { "text": "Using println() rather than a dedicated logging facility makes it difficult to monitor the behavior of the program.\r\nUsing `System.out` or `System.err` rather than a dedicated logging facility makes it difficult to monitor the behavior of the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 101 }, "region": { "startLine": 124, "snippet": { "text": "\t\tSystem.out.println(\"Internal server error\");" } }, "contextRegion": { "startLine": 121, "endLine": 127, "snippet": { "text": "\t }\n\t catch (UnauthenticatedException ue1)\n\t {\n\t\tSystem.out.println(\"Internal server error\");\n\t\tue1.printStackTrace();\n\t }\n\t catch (UnauthorizedException ue2)\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 101 }, "region": { "startLine": 124, "snippet": { "text": "\t\tSystem.out.println(\"Internal server error\");" } }, "contextRegion": { "startLine": 121, "endLine": 127, "snippet": { "text": "\t }\n\t catch (UnauthenticatedException ue1)\n\t {\n\t\tSystem.out.println(\"Internal server error\");\n\t\tue1.printStackTrace();\n\t }\n\t catch (UnauthorizedException ue2)\n" } } }, "message": { "text": "FunctionCall: println" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 101 }, "region": { "startLine": 124 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 33, "level": "note", "message": { "text": "Using println() rather than a dedicated logging facility makes it difficult to monitor the behavior of the program.\r\nUsing `System.out` or `System.err` rather than a dedicated logging facility makes it difficult to monitor the behavior of the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 101 }, "region": { "startLine": 129, "snippet": { "text": "\t\tSystem.out.println(\"Internal server error\");" } }, "contextRegion": { "startLine": 126, "endLine": 132, "snippet": { "text": "\t }\n\t catch (UnauthorizedException ue2)\n\t {\n\t\tSystem.out.println(\"Internal server error\");\n\t\tue2.printStackTrace();\n\t }\n\t}\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 101 }, "region": { "startLine": 129, "snippet": { "text": "\t\tSystem.out.println(\"Internal server error\");" } }, "contextRegion": { "startLine": 126, "endLine": 132, "snippet": { "text": "\t }\n\t catch (UnauthorizedException ue2)\n\t {\n\t\tSystem.out.println(\"Internal server error\");\n\t\tue2.printStackTrace();\n\t }\n\t}\n" } } }, "message": { "text": "FunctionCall: println" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 101 }, "region": { "startLine": 129 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 77, "level": "note", "message": { "text": "The method updateLessonStatus() in [ViewProfile.java](1) ignores an exception on line [105](1), which could cause the program to overlook unexpected states and conditions.\r\nIgnoring an exception can cause the program to overlook unexpected states and conditions." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 66 }, "region": { "startLine": 105, "endLine": 106, "snippet": { "text": "\tcatch (ParameterNotFoundException e)\r\n\t{}" } }, "contextRegion": { "startLine": 102, "endLine": 109, "snippet": { "text": "\t\tsetStage(s, 4);\n\t }\n\t}\n\tcatch (ParameterNotFoundException e)\n\t{}\n }\n\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 66 }, "region": { "startLine": 105, "endLine": 106, "snippet": { "text": "\tcatch (ParameterNotFoundException e)\r\n\t{}" } }, "contextRegion": { "startLine": 102, "endLine": 109, "snippet": { "text": "\t\tsetStage(s, 4);\n\t }\n\t}\n\tcatch (ParameterNotFoundException e)\n\t{}\n }\n\n\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 66 }, "region": { "startLine": 105, "startColumn": 2, "endLine": 106 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 49, "level": "note", "message": { "text": "The function main() in [Exec.java](1) might reveal system data or debugging information by calling println() on line [509](1). The information revealed by println() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 74 }, "region": { "startLine": 509, "snippet": { "text": "\tSystem.out.println(results);" } }, "contextRegion": { "startLine": 506, "endLine": 512, "snippet": { "text": "\tSystem.out.println(\"-------------------------------------------\" + sep\n\t\t+ \"TEST 1: execSimple\");\n\tresults = Exec.execSimple(\"c:/swarm-2.1.1/bin/whoami.exe\");\n\tSystem.out.println(results);\n\tSystem.out.println(\"-------------------------------------------\" + sep\n\t\t+ \"TEST 2: execSimple (with search)\");\n\tresults = Exec.execSimple(\"netstat -r\");\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 170 }, { "index": 171 }, { "index": 24 }, { "index": 25 }, { "index": 26 }, { "index": 27 }, { "index": 28 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 74 }, "region": { "startLine": 509, "snippet": { "text": "\tSystem.out.println(results);" } }, "contextRegion": { "startLine": 506, "endLine": 512, "snippet": { "text": "\tSystem.out.println(\"-------------------------------------------\" + sep\n\t\t+ \"TEST 1: execSimple\");\n\tresults = Exec.execSimple(\"c:/swarm-2.1.1/bin/whoami.exe\");\n\tSystem.out.println(results);\n\tSystem.out.println(\"-------------------------------------------\" + sep\n\t\t+ \"TEST 2: execSimple (with search)\");\n\tresults = Exec.execSimple(\"netstat -r\");\n" } } }, "message": { "text": "println(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 74 }, "region": { "startLine": 509, "startColumn": 21 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 49, "level": "note", "message": { "text": "The function main() in [Exec.java](1) might reveal system data or debugging information by calling println() on line [513](1). The information revealed by println() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 74 }, "region": { "startLine": 513, "snippet": { "text": "\tSystem.out.println(results);" } }, "contextRegion": { "startLine": 510, "endLine": 516, "snippet": { "text": "\tSystem.out.println(\"-------------------------------------------\" + sep\n\t\t+ \"TEST 2: execSimple (with search)\");\n\tresults = Exec.execSimple(\"netstat -r\");\n\tSystem.out.println(results);\n\n\tif (results.outputContains(\"localhost:1031\"))\n\t{\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 170 }, { "index": 171 }, { "index": 24 }, { "index": 25 }, { "index": 26 }, { "index": 29 }, { "index": 30 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 74 }, "region": { "startLine": 513, "snippet": { "text": "\tSystem.out.println(results);" } }, "contextRegion": { "startLine": 510, "endLine": 516, "snippet": { "text": "\tSystem.out.println(\"-------------------------------------------\" + sep\n\t\t+ \"TEST 2: execSimple (with search)\");\n\tresults = Exec.execSimple(\"netstat -r\");\n\tSystem.out.println(results);\n\n\tif (results.outputContains(\"localhost:1031\"))\n\t{\n" } } }, "message": { "text": "println(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 74 }, "region": { "startLine": 513, "startColumn": 21 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 0, "message": { "text": "Attackers can control the filesystem path argument to File() at [PathBasedAccessControl.java](1) line [136](1), which allows them to access or modify otherwise protected files.\r\nAllowing user input to control paths used in filesystem operations could enable an attacker to access or modify otherwise protected system resources." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 52 }, "region": { "startLine": 136, "snippet": { "text": "\t File f = new File((dir + \"\\\\\" + file).replaceAll(\"\\\\\\\\\", \"/\"));" } }, "contextRegion": { "startLine": 133, "endLine": 139, "snippet": { "text": "\t // We could force the user to use encoded '/'s == %2f to make the lesson more difficult.\n\t // We url Encode our dir name to avoid problems with special characters in our own path.\n\t //File f = new File( new URI(\"file:///\" + Encoding.urlEncode(dir).replaceAll(\"\\\\\\\\\",\"/\") + \"/\" + file.replaceAll(\"\\\\\\\\\",\"/\")) );\n\t File f = new File((dir + \"\\\\\" + file).replaceAll(\"\\\\\\\\\", \"/\"));\n\n\t if (s.isDebug())\n\t {\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 0 }, { "index": 2 }, { "index": 3 }, { "index": 7 }, { "index": 10 }, { "index": 167 }, { "index": 168 }, { "index": 169 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 52 }, "region": { "startLine": 136, "snippet": { "text": "\t File f = new File((dir + \"\\\\\" + file).replaceAll(\"\\\\\\\\\", \"/\"));" } }, "contextRegion": { "startLine": 133, "endLine": 139, "snippet": { "text": "\t // We could force the user to use encoded '/'s == %2f to make the lesson more difficult.\n\t // We url Encode our dir name to avoid problems with special characters in our own path.\n\t //File f = new File( new URI(\"file:///\" + Encoding.urlEncode(dir).replaceAll(\"\\\\\\\\\",\"/\") + \"/\" + file.replaceAll(\"\\\\\\\\\",\"/\")) );\n\t File f = new File((dir + \"\\\\\" + file).replaceAll(\"\\\\\\\\\", \"/\"));\n\n\t if (s.isDebug())\n\t {\n" } } }, "message": { "text": "File(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 52 }, "region": { "startLine": 136 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 109, "level": "note", "message": { "text": "A hidden form field is used in [EditProfile.jsp](1) at line [122](1).\r\nA hidden form field is used." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 42 }, "region": { "startLine": 122, "snippet": { "text": " \t\t\t\t\t\t\t\" type=\"hidden\" value=\"<%=employee.getId()%>\">" } }, "contextRegion": { "startLine": 119, "endLine": 125, "snippet": { "text": "\t\t\t\t \t\t\n\t\t\t\t \t\t\n \t\n \t\t\t\t\t\t\t\" type=\"hidden\" value=\"<%=employee.getId()%>\">\n\t\t\t\t\t\t\t\" type=\"hidden\" value=\"<%=employee.getTitle()%>\">\n\t\t\t\t\t\t\t\"/>\n\t\t\t\t\t\t\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 42 }, "region": { "startLine": 122, "snippet": { "text": " \t\t\t\t\t\t\t\" type=\"hidden\" value=\"<%=employee.getId()%>\">" } }, "contextRegion": { "startLine": 119, "endLine": 125, "snippet": { "text": "\t\t\t\t \t\t\n\t\t\t\t \t\t\n \t\n \t\t\t\t\t\t\t\" type=\"hidden\" value=\"<%=employee.getId()%>\">\n\t\t\t\t\t\t\t\" type=\"hidden\" value=\"<%=employee.getTitle()%>\">\n\t\t\t\t\t\t\t\"/>\n\t\t\t\t\t\t\n" } } } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 42 }, "region": { "startLine": 122, "startColumn": 9 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 49, "level": "note", "message": { "text": "The function main() in [Exec.java](1) might reveal system data or debugging information by calling println() on line [528](1). The information revealed by println() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 74 }, "region": { "startLine": 528, "snippet": { "text": "\tSystem.out.println(results);" } }, "contextRegion": { "startLine": 525, "endLine": 531, "snippet": { "text": "\tSystem.out.println(\"-------------------------------------------\" + sep\n\t\t+ \"TEST 4:execTimeout\");\n\tresults = Exec.execTimeout(\"ping -t 127.0.0.1\", 5 * 1000);\n\tSystem.out.println(results);\n\tSystem.out.println(\"-------------------------------------------\" + sep\n\t\t+ \"TEST 5:execLazy\");\n\tresults = Exec.execLazy(\"ping -t 127.0.0.1\");\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 170 }, { "index": 171 }, { "index": 24 }, { "index": 35 }, { "index": 36 }, { "index": 37 }, { "index": 38 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 74 }, "region": { "startLine": 528, "snippet": { "text": "\tSystem.out.println(results);" } }, "contextRegion": { "startLine": 525, "endLine": 531, "snippet": { "text": "\tSystem.out.println(\"-------------------------------------------\" + sep\n\t\t+ \"TEST 4:execTimeout\");\n\tresults = Exec.execTimeout(\"ping -t 127.0.0.1\", 5 * 1000);\n\tSystem.out.println(results);\n\tSystem.out.println(\"-------------------------------------------\" + sep\n\t\t+ \"TEST 5:execLazy\");\n\tresults = Exec.execLazy(\"ping -t 127.0.0.1\");\n" } } }, "message": { "text": "println(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 74 }, "region": { "startLine": 528, "startColumn": 21 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 49, "level": "note", "message": { "text": "The function main() in [Exec.java](1) might reveal system data or debugging information by calling println() on line [532](1). The information revealed by println() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 74 }, "region": { "startLine": 532, "snippet": { "text": "\tSystem.out.println(results);" } }, "contextRegion": { "startLine": 529, "endLine": 535, "snippet": { "text": "\tSystem.out.println(\"-------------------------------------------\" + sep\n\t\t+ \"TEST 5:execLazy\");\n\tresults = Exec.execLazy(\"ping -t 127.0.0.1\");\n\tSystem.out.println(results);\n\tSystem.out.println(\"-------------------------------------------\" + sep\n\t\t+ \"TEST 6:ExecTimeout process never outputs\");\n\tresults = Exec.execTimeout(\"c:/swarm-2.1.1/bin/sleep.exe 20\", 5 * 1000);\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 170 }, { "index": 171 }, { "index": 24 }, { "index": 39 }, { "index": 40 }, { "index": 41 }, { "index": 42 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 74 }, "region": { "startLine": 532, "snippet": { "text": "\tSystem.out.println(results);" } }, "contextRegion": { "startLine": 529, "endLine": 535, "snippet": { "text": "\tSystem.out.println(\"-------------------------------------------\" + sep\n\t\t+ \"TEST 5:execLazy\");\n\tresults = Exec.execLazy(\"ping -t 127.0.0.1\");\n\tSystem.out.println(results);\n\tSystem.out.println(\"-------------------------------------------\" + sep\n\t\t+ \"TEST 6:ExecTimeout process never outputs\");\n\tresults = Exec.execTimeout(\"c:/swarm-2.1.1/bin/sleep.exe 20\", 5 * 1000);\n" } } }, "message": { "text": "println(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 74 }, "region": { "startLine": 532, "startColumn": 21 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 49, "level": "note", "message": { "text": "The function main() in [Exec.java](1) might reveal system data or debugging information by calling println() on line [536](1). The information revealed by println() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 74 }, "region": { "startLine": 536, "snippet": { "text": "\tSystem.out.println(results);" } }, "contextRegion": { "startLine": 533, "endLine": 539, "snippet": { "text": "\tSystem.out.println(\"-------------------------------------------\" + sep\n\t\t+ \"TEST 6:ExecTimeout process never outputs\");\n\tresults = Exec.execTimeout(\"c:/swarm-2.1.1/bin/sleep.exe 20\", 5 * 1000);\n\tSystem.out.println(results);\n\tSystem.out.println(\"-------------------------------------------\" + sep\n\t\t+ \"TEST 7:ExecTimeout process waits for input\");\n\tresults = Exec.execTimeout(\"c:/swarm-2.1.1/bin/cat\", 5 * 1000);\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 170 }, { "index": 171 }, { "index": 24 }, { "index": 35 }, { "index": 36 }, { "index": 43 }, { "index": 46 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 74 }, "region": { "startLine": 536, "snippet": { "text": "\tSystem.out.println(results);" } }, "contextRegion": { "startLine": 533, "endLine": 539, "snippet": { "text": "\tSystem.out.println(\"-------------------------------------------\" + sep\n\t\t+ \"TEST 6:ExecTimeout process never outputs\");\n\tresults = Exec.execTimeout(\"c:/swarm-2.1.1/bin/sleep.exe 20\", 5 * 1000);\n\tSystem.out.println(results);\n\tSystem.out.println(\"-------------------------------------------\" + sep\n\t\t+ \"TEST 7:ExecTimeout process waits for input\");\n\tresults = Exec.execTimeout(\"c:/swarm-2.1.1/bin/cat\", 5 * 1000);\n" } } }, "message": { "text": "println(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 74 }, "region": { "startLine": 536, "startColumn": 21 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 12, "level": "note", "message": { "text": "On line [172](1) of [ViewProfile.java](1), the method getEmployeeProfile_BACKUP() invokes a SQL query built using input potentially coming from an untrusted source. This call could allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands.\r\nConstructing a dynamic SQL statement with input coming from an untrusted source could allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 53 }, "region": { "startLine": 172, "snippet": { "text": "\t\tResultSet answer_results = answer_statement.executeQuery(query);" } }, "contextRegion": { "startLine": 169, "endLine": 175, "snippet": { "text": "\t\tStatement answer_statement = WebSession.getConnection(s)\n\t\t\t.createStatement(ResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tResultSet answer_results = answer_statement.executeQuery(query);\n\t\tif (answer_results.next())\n\t\t{\n\t\t // Note: Do NOT get the password field.\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 53 }, "region": { "startLine": 172, "snippet": { "text": "\t\tResultSet answer_results = answer_statement.executeQuery(query);" } }, "contextRegion": { "startLine": 169, "endLine": 175, "snippet": { "text": "\t\tStatement answer_statement = WebSession.getConnection(s)\n\t\t\t.createStatement(ResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tResultSet answer_results = answer_statement.executeQuery(query);\n\t\tif (answer_results.next())\n\t\t{\n\t\t // Note: Do NOT get the password field.\n" } } }, "message": { "text": "executeQuery()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 53 }, "region": { "startLine": 172 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 49, "level": "note", "message": { "text": "The function main() in [Exec.java](1) might reveal system data or debugging information by calling println() on line [524](1). The information revealed by println() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 74 }, "region": { "startLine": 524, "snippet": { "text": "\tSystem.out.println(results);" } }, "contextRegion": { "startLine": 521, "endLine": 527, "snippet": { "text": "\t\t+ \"TEST 3: execInput\");\n\tresults = Exec.execInput(\"find \\\"cde\\\"\",\n\t\t\"abcdefg1\\nhijklmnop\\nqrstuv\\nabcdefg2\");\n\tSystem.out.println(results);\n\tSystem.out.println(\"-------------------------------------------\" + sep\n\t\t+ \"TEST 4:execTimeout\");\n\tresults = Exec.execTimeout(\"ping -t 127.0.0.1\", 5 * 1000);\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 170 }, { "index": 171 }, { "index": 24 }, { "index": 31 }, { "index": 32 }, { "index": 33 }, { "index": 34 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 74 }, "region": { "startLine": 524, "snippet": { "text": "\tSystem.out.println(results);" } }, "contextRegion": { "startLine": 521, "endLine": 527, "snippet": { "text": "\t\t+ \"TEST 3: execInput\");\n\tresults = Exec.execInput(\"find \\\"cde\\\"\",\n\t\t\"abcdefg1\\nhijklmnop\\nqrstuv\\nabcdefg2\");\n\tSystem.out.println(results);\n\tSystem.out.println(\"-------------------------------------------\" + sep\n\t\t+ \"TEST 4:execTimeout\");\n\tresults = Exec.execTimeout(\"ping -t 127.0.0.1\", 5 * 1000);\n" } } }, "message": { "text": "println(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 74 }, "region": { "startLine": 524, "startColumn": 21 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 49, "level": "note", "message": { "text": "The function main() in [Exec.java](1) might reveal system data or debugging information by calling println() on line [540](1). The information revealed by println() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 74 }, "region": { "startLine": 540, "snippet": { "text": "\tSystem.out.println(results);" } }, "contextRegion": { "startLine": 537, "endLine": 543, "snippet": { "text": "\tSystem.out.println(\"-------------------------------------------\" + sep\n\t\t+ \"TEST 7:ExecTimeout process waits for input\");\n\tresults = Exec.execTimeout(\"c:/swarm-2.1.1/bin/cat\", 5 * 1000);\n\tSystem.out.println(results);\n }\n}\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 170 }, { "index": 171 }, { "index": 24 }, { "index": 35 }, { "index": 36 }, { "index": 44 }, { "index": 45 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 74 }, "region": { "startLine": 540, "snippet": { "text": "\tSystem.out.println(results);" } }, "contextRegion": { "startLine": 537, "endLine": 543, "snippet": { "text": "\tSystem.out.println(\"-------------------------------------------\" + sep\n\t\t+ \"TEST 7:ExecTimeout process waits for input\");\n\tresults = Exec.execTimeout(\"c:/swarm-2.1.1/bin/cat\", 5 * 1000);\n\tSystem.out.println(results);\n }\n}\n" } } }, "message": { "text": "println(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 74 }, "region": { "startLine": 540, "startColumn": 21 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function getAllEmployees() in [Login.java](1) might reveal system data or debugging information by calling printStackTrace() on line [258](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 88 }, "region": { "startLine": 258, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 255, "endLine": 261, "snippet": { "text": "\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error getting employees\");\n\t e.printStackTrace();\n\t}\n\n\treturn employees;\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 88 }, "region": { "startLine": 258, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 255, "endLine": 261, "snippet": { "text": "\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error getting employees\");\n\t e.printStackTrace();\n\t}\n\n\treturn employees;\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 88 }, "region": { "startLine": 258 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 133, "message": { "text": "The function readFromURL() in [AbstractLesson.java](1) sometimes fails to release a system resource allocated by getInputStream() on line 1032.\r\nThe program can potentially fail to release a system resource." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 75 }, "region": { "startLine": 1031, "snippet": { "text": "\t BufferedReader reader = new BufferedReader(new InputStreamReader(" } }, "contextRegion": { "startLine": 1028, "endLine": 1034, "snippet": { "text": "\t{\n\t URL u = new URL(url);\n\t HttpURLConnection huc = (HttpURLConnection) u.openConnection();\n\t BufferedReader reader = new BufferedReader(new InputStreamReader(\n\t\t huc.getInputStream()));\n\t String line;\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 75 }, "region": { "startLine": 1032, "snippet": { "text": "\t\t huc.getInputStream()));" } }, "contextRegion": { "startLine": 1029, "endLine": 1035, "snippet": { "text": "\t URL u = new URL(url);\n\t HttpURLConnection huc = (HttpURLConnection) u.openConnection();\n\t BufferedReader reader = new BufferedReader(new InputStreamReader(\n\t\t huc.getInputStream()));\n\t String line;\n\n\t while ((line = reader.readLine()) != null)\n" } } }, "message": { "text": "getInputStream()" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 75 }, "region": { "startLine": 1031, "snippet": { "text": "\t BufferedReader reader = new BufferedReader(new InputStreamReader(" } }, "contextRegion": { "startLine": 1028, "endLine": 1034, "snippet": { "text": "\t{\n\t URL u = new URL(url);\n\t HttpURLConnection huc = (HttpURLConnection) u.openConnection();\n\t BufferedReader reader = new BufferedReader(new InputStreamReader(\n\t\t huc.getInputStream()));\n\t String line;\n\n" } } }, "message": { "text": "new InputStreamReader(huc.getInputStream())" }, "annotations": [ { "startLine": 1031, "startColumn": 49, "message": { "text": " refers to an allocated resource" } } ] }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 75 }, "region": { "startLine": 1031, "snippet": { "text": "\t BufferedReader reader = new BufferedReader(new InputStreamReader(" } }, "contextRegion": { "startLine": 1028, "endLine": 1034, "snippet": { "text": "\t{\n\t URL u = new URL(url);\n\t HttpURLConnection huc = (HttpURLConnection) u.openConnection();\n\t BufferedReader reader = new BufferedReader(new InputStreamReader(\n\t\t huc.getInputStream()));\n\t String line;\n\n" } } }, "message": { "text": "reader = new BufferedReader(new java.io.InputStreamReader())" }, "annotations": [ { "startLine": 1031, "startColumn": 6, "message": { "text": "reader refers to an allocated resource" } } ] }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 75 }, "region": { "startLine": 1035, "snippet": { "text": "\t while ((line = reader.readLine()) != null)" } }, "contextRegion": { "startLine": 1032, "endLine": 1038, "snippet": { "text": "\t\t huc.getInputStream()));\n\t String line;\n\n\t while ((line = reader.readLine()) != null)\n\t {\n\t\tec.addElement(new StringElement(line));\n\t }\n" } } }, "message": { "text": "java.lang.Exception thrown" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 75 }, "region": { "startLine": 1035, "snippet": { "text": "\t while ((line = reader.readLine()) != null)" } }, "contextRegion": { "startLine": 1032, "endLine": 1038, "snippet": { "text": "\t\t huc.getInputStream()));\n\t String line;\n\n\t while ((line = reader.readLine()) != null)\n\t {\n\t\tec.addElement(new StringElement(line));\n\t }\n" } } }, "message": { "text": "reader no longer refers to an allocated resource" } }, "kinds": [ "exit", "scope" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 75 }, "region": { "startLine": 1035, "snippet": { "text": "\t while ((line = reader.readLine()) != null)" } }, "contextRegion": { "startLine": 1032, "endLine": 1038, "snippet": { "text": "\t\t huc.getInputStream()));\n\t String line;\n\n\t while ((line = reader.readLine()) != null)\n\t {\n\t\tec.addElement(new StringElement(line));\n\t }\n" } } }, "message": { "text": "reader no longer refers to an allocated resource" } }, "kinds": [ "exit", "scope" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 75 }, "region": { "startLine": 1035, "snippet": { "text": "\t while ((line = reader.readLine()) != null)" } }, "contextRegion": { "startLine": 1032, "endLine": 1038, "snippet": { "text": "\t\t huc.getInputStream()));\n\t String line;\n\n\t while ((line = reader.readLine()) != null)\n\t {\n\t\tec.addElement(new StringElement(line));\n\t }\n" } } }, "message": { "text": "reader no longer refers to an allocated resource" } }, "kinds": [ "exit", "scope" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 75 }, "region": { "startLine": 1035, "snippet": { "text": "\t while ((line = reader.readLine()) != null)" } }, "contextRegion": { "startLine": 1032, "endLine": 1038, "snippet": { "text": "\t\t huc.getInputStream()));\n\t String line;\n\n\t while ((line = reader.readLine()) != null)\n\t {\n\t\tec.addElement(new StringElement(line));\n\t }\n" } } }, "message": { "text": "reader no longer refers to an allocated resource" } }, "kinds": [ "exit", "scope" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 75 }, "region": { "startLine": 1035, "snippet": { "text": "\t while ((line = reader.readLine()) != null)" } }, "contextRegion": { "startLine": 1032, "endLine": 1038, "snippet": { "text": "\t\t huc.getInputStream()));\n\t String line;\n\n\t while ((line = reader.readLine()) != null)\n\t {\n\t\tec.addElement(new StringElement(line));\n\t }\n" } } }, "message": { "text": "reader end scope : Resource leaked : java.lang.Exception thrown" } }, "kinds": [ "exit", "scope" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 75 }, "region": { "startLine": 1031 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 17, "message": { "text": "The catch block at [UserAdminScreen.java](1) line [85](1) handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program.\r\nThe catch block handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 122 }, "region": { "startLine": 85, "endLine": 89, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\r\n\t e.printStackTrace();\r\n\t}" } }, "contextRegion": { "startLine": 82, "endLine": 92, "snippet": { "text": "\t\t\tresultsMetaData));\n\t }\n\t}\n\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\n\t e.printStackTrace();\n\t}\n\n\treturn (ec);\n }\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 122 }, "region": { "startLine": 85, "endLine": 89, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\r\n\t e.printStackTrace();\r\n\t}" } }, "contextRegion": { "startLine": 82, "endLine": 92, "snippet": { "text": "\t\t\tresultsMetaData));\n\t }\n\t}\n\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\n\t e.printStackTrace();\n\t}\n\n\treturn (ec);\n }\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 122 }, "region": { "startLine": 85, "startColumn": 2, "endLine": 89 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function createContent() in [CommandInjection.java](1) might reveal system data or debugging information by calling printStackTrace() on line [211](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 211, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 208, "endLine": 214, "snippet": { "text": "\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\n\t e.printStackTrace();\n\t}\n\n\treturn (ec);\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 211, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 208, "endLine": 214, "snippet": { "text": "\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\n\t e.printStackTrace();\n\t}\n\n\treturn (ec);\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 211 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function getEmployeeProfile_BACKUP() in [EditProfile.java](1) might reveal system data or debugging information by calling printStackTrace() on line [189](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 89 }, "region": { "startLine": 189, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 186, "endLine": 192, "snippet": { "text": "\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error getting employee profile\");\n\t e.printStackTrace();\n\t}\n\n\treturn profile;\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 89 }, "region": { "startLine": 189, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 186, "endLine": 192, "snippet": { "text": "\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error getting employee profile\");\n\t e.printStackTrace();\n\t}\n\n\treturn profile;\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 89 }, "region": { "startLine": 189 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function handleRequest() in [CrossSiteScripting.java](1) might reveal system data or debugging information by calling printStackTrace() on line [366](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 125 }, "region": { "startLine": 366, "snippet": { "text": "\t\tve.printStackTrace();" } }, "contextRegion": { "startLine": 363, "endLine": 369, "snippet": { "text": "\t catch (ValidationException ve)\n\t {\n\t\tSystem.out.println(\"Validation failed\");\n\t\tve.printStackTrace();\n\t\tsetCurrentAction(s, ERROR_ACTION);\n\t }\n\t catch (UnauthenticatedException ue)\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 125 }, "region": { "startLine": 366, "snippet": { "text": "\t\tve.printStackTrace();" } }, "contextRegion": { "startLine": 363, "endLine": 369, "snippet": { "text": "\t catch (ValidationException ve)\n\t {\n\t\tSystem.out.println(\"Validation failed\");\n\t\tve.printStackTrace();\n\t\tsetCurrentAction(s, ERROR_ACTION);\n\t }\n\t catch (UnauthenticatedException ue)\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 125 }, "region": { "startLine": 366 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 26, "message": { "text": "A constructor of CrossSiteScripting in [CrossSiteScripting.java](1) at line [157](1) calls a function that can be overridden by an attacker.\r\nA constructor of the class calls a function that can be overridden." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 125 }, "region": { "startLine": 157, "snippet": { "text": "\tregisterAction(new ListStaff(this, myClassName, LISTSTAFF_ACTION));" } }, "contextRegion": { "startLine": 154, "endLine": 160, "snippet": { "text": " public CrossSiteScripting()\n {\n\tString myClassName = parseClassName(this.getClass().getName());\n\tregisterAction(new ListStaff(this, myClassName, LISTSTAFF_ACTION));\n\tregisterAction(new SearchStaff(this, myClassName, SEARCHSTAFF_ACTION));\n\tregisterAction(new ViewProfile(this, myClassName, VIEWPROFILE_ACTION));\n\tregisterAction(new EditProfile(this, myClassName, EDITPROFILE_ACTION));\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 125 }, "region": { "startLine": 157, "snippet": { "text": "\tregisterAction(new ListStaff(this, myClassName, LISTSTAFF_ACTION));" } }, "contextRegion": { "startLine": 154, "endLine": 160, "snippet": { "text": " public CrossSiteScripting()\n {\n\tString myClassName = parseClassName(this.getClass().getName());\n\tregisterAction(new ListStaff(this, myClassName, LISTSTAFF_ACTION));\n\tregisterAction(new SearchStaff(this, myClassName, SEARCHSTAFF_ACTION));\n\tregisterAction(new ViewProfile(this, myClassName, VIEWPROFILE_ACTION));\n\tregisterAction(new EditProfile(this, myClassName, EDITPROFILE_ACTION));\n" } } }, "message": { "text": "FunctionCall: registerAction" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 125 }, "region": { "startLine": 154, "snippet": { "text": " public CrossSiteScripting()" } }, "contextRegion": { "startLine": 151, "endLine": 157, "snippet": { "text": " }\n\n\n public CrossSiteScripting()\n {\n\tString myClassName = parseClassName(this.getClass().getName());\n\tregisterAction(new ListStaff(this, myClassName, LISTSTAFF_ACTION));\n" } } }, "message": { "text": "Function: CrossSiteScripting" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 125 }, "region": { "startLine": 189, "snippet": { "text": " protected void registerAction(LessonAction action)" } }, "contextRegion": { "startLine": 186, "endLine": 192, "snippet": { "text": " }\n\n\n protected void registerAction(LessonAction action)\n {\n\tlessonFunctions.put(action.getActionName(), action);\n }\n" } } }, "message": { "text": "Function: registerAction" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 125 }, "region": { "startLine": 157 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 26, "message": { "text": "A constructor of CrossSiteScripting in [CrossSiteScripting.java](1) at line [158](1) calls a function that can be overridden by an attacker.\r\nA constructor of the class calls a function that can be overridden." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 125 }, "region": { "startLine": 158, "snippet": { "text": "\tregisterAction(new SearchStaff(this, myClassName, SEARCHSTAFF_ACTION));" } }, "contextRegion": { "startLine": 155, "endLine": 161, "snippet": { "text": " {\n\tString myClassName = parseClassName(this.getClass().getName());\n\tregisterAction(new ListStaff(this, myClassName, LISTSTAFF_ACTION));\n\tregisterAction(new SearchStaff(this, myClassName, SEARCHSTAFF_ACTION));\n\tregisterAction(new ViewProfile(this, myClassName, VIEWPROFILE_ACTION));\n\tregisterAction(new EditProfile(this, myClassName, EDITPROFILE_ACTION));\n\tregisterAction(new EditProfile(this, myClassName, CREATEPROFILE_ACTION));\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 125 }, "region": { "startLine": 158, "snippet": { "text": "\tregisterAction(new SearchStaff(this, myClassName, SEARCHSTAFF_ACTION));" } }, "contextRegion": { "startLine": 155, "endLine": 161, "snippet": { "text": " {\n\tString myClassName = parseClassName(this.getClass().getName());\n\tregisterAction(new ListStaff(this, myClassName, LISTSTAFF_ACTION));\n\tregisterAction(new SearchStaff(this, myClassName, SEARCHSTAFF_ACTION));\n\tregisterAction(new ViewProfile(this, myClassName, VIEWPROFILE_ACTION));\n\tregisterAction(new EditProfile(this, myClassName, EDITPROFILE_ACTION));\n\tregisterAction(new EditProfile(this, myClassName, CREATEPROFILE_ACTION));\n" } } }, "message": { "text": "FunctionCall: registerAction" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 125 }, "region": { "startLine": 154, "snippet": { "text": " public CrossSiteScripting()" } }, "contextRegion": { "startLine": 151, "endLine": 157, "snippet": { "text": " }\n\n\n public CrossSiteScripting()\n {\n\tString myClassName = parseClassName(this.getClass().getName());\n\tregisterAction(new ListStaff(this, myClassName, LISTSTAFF_ACTION));\n" } } }, "message": { "text": "Function: CrossSiteScripting" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 125 }, "region": { "startLine": 189, "snippet": { "text": " protected void registerAction(LessonAction action)" } }, "contextRegion": { "startLine": 186, "endLine": 192, "snippet": { "text": " }\n\n\n protected void registerAction(LessonAction action)\n {\n\tlessonFunctions.put(action.getActionName(), action);\n }\n" } } }, "message": { "text": "Function: registerAction" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 125 }, "region": { "startLine": 158 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 62, "level": "error", "message": { "text": "The method createContent() in [JavaScriptValidation.java](1) sends unvalidated data to a web browser on line [155](1), which can result in the browser executing malicious code.\r\nSending unvalidated data to a web browser can result in the browser executing malicious code." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 8 }, "region": { "startLine": 155, "snippet": { "text": "\t TextArea input5 = new TextArea(\"field5\", 1, 25).addElement(param5);" } }, "contextRegion": { "startLine": 152, "endLine": 158, "snippet": { "text": "\t TextArea input2 = new TextArea(\"field2\", 1, 25).addElement(param2);\n\t TextArea input3 = new TextArea(\"field3\", 1, 25).addElement(param3);\n\t TextArea input4 = new TextArea(\"field4\", 1, 25).addElement(param4);\n\t TextArea input5 = new TextArea(\"field5\", 1, 25).addElement(param5);\n\t TextArea input6 = new TextArea(\"field6\", 1, 25).addElement(param6);\n\t TextArea input7 = new TextArea(\"field7\", 1, 25).addElement(param7);\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 0 }, { "index": 2 }, { "index": 3 }, { "index": 7 }, { "index": 10 }, { "index": 172 }, { "index": 173 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 8 }, "region": { "startLine": 155, "snippet": { "text": "\t TextArea input5 = new TextArea(\"field5\", 1, 25).addElement(param5);" } }, "contextRegion": { "startLine": 152, "endLine": 158, "snippet": { "text": "\t TextArea input2 = new TextArea(\"field2\", 1, 25).addElement(param2);\n\t TextArea input3 = new TextArea(\"field3\", 1, 25).addElement(param3);\n\t TextArea input4 = new TextArea(\"field4\", 1, 25).addElement(param4);\n\t TextArea input5 = new TextArea(\"field5\", 1, 25).addElement(param5);\n\t TextArea input6 = new TextArea(\"field6\", 1, 25).addElement(param6);\n\t TextArea input7 = new TextArea(\"field7\", 1, 25).addElement(param7);\n\n" } } }, "message": { "text": "addElement(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 8 }, "region": { "startLine": 155, "startColumn": 65 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 26, "message": { "text": "A constructor of CrossSiteScripting in [CrossSiteScripting.java](1) at line [159](1) calls a function that can be overridden by an attacker.\r\nA constructor of the class calls a function that can be overridden." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 125 }, "region": { "startLine": 159, "snippet": { "text": "\tregisterAction(new ViewProfile(this, myClassName, VIEWPROFILE_ACTION));" } }, "contextRegion": { "startLine": 156, "endLine": 162, "snippet": { "text": "\tString myClassName = parseClassName(this.getClass().getName());\n\tregisterAction(new ListStaff(this, myClassName, LISTSTAFF_ACTION));\n\tregisterAction(new SearchStaff(this, myClassName, SEARCHSTAFF_ACTION));\n\tregisterAction(new ViewProfile(this, myClassName, VIEWPROFILE_ACTION));\n\tregisterAction(new EditProfile(this, myClassName, EDITPROFILE_ACTION));\n\tregisterAction(new EditProfile(this, myClassName, CREATEPROFILE_ACTION));\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 125 }, "region": { "startLine": 159, "snippet": { "text": "\tregisterAction(new ViewProfile(this, myClassName, VIEWPROFILE_ACTION));" } }, "contextRegion": { "startLine": 156, "endLine": 162, "snippet": { "text": "\tString myClassName = parseClassName(this.getClass().getName());\n\tregisterAction(new ListStaff(this, myClassName, LISTSTAFF_ACTION));\n\tregisterAction(new SearchStaff(this, myClassName, SEARCHSTAFF_ACTION));\n\tregisterAction(new ViewProfile(this, myClassName, VIEWPROFILE_ACTION));\n\tregisterAction(new EditProfile(this, myClassName, EDITPROFILE_ACTION));\n\tregisterAction(new EditProfile(this, myClassName, CREATEPROFILE_ACTION));\n\n" } } }, "message": { "text": "FunctionCall: registerAction" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 125 }, "region": { "startLine": 154, "snippet": { "text": " public CrossSiteScripting()" } }, "contextRegion": { "startLine": 151, "endLine": 157, "snippet": { "text": " }\n\n\n public CrossSiteScripting()\n {\n\tString myClassName = parseClassName(this.getClass().getName());\n\tregisterAction(new ListStaff(this, myClassName, LISTSTAFF_ACTION));\n" } } }, "message": { "text": "Function: CrossSiteScripting" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 125 }, "region": { "startLine": 189, "snippet": { "text": " protected void registerAction(LessonAction action)" } }, "contextRegion": { "startLine": 186, "endLine": 192, "snippet": { "text": " }\n\n\n protected void registerAction(LessonAction action)\n {\n\tlessonFunctions.put(action.getActionName(), action);\n }\n" } } }, "message": { "text": "Function: registerAction" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 125 }, "region": { "startLine": 159 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 26, "message": { "text": "A constructor of CrossSiteScripting in [CrossSiteScripting.java](1) at line [160](1) calls a function that can be overridden by an attacker.\r\nA constructor of the class calls a function that can be overridden." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 125 }, "region": { "startLine": 160, "snippet": { "text": "\tregisterAction(new EditProfile(this, myClassName, EDITPROFILE_ACTION));" } }, "contextRegion": { "startLine": 157, "endLine": 163, "snippet": { "text": "\tregisterAction(new ListStaff(this, myClassName, LISTSTAFF_ACTION));\n\tregisterAction(new SearchStaff(this, myClassName, SEARCHSTAFF_ACTION));\n\tregisterAction(new ViewProfile(this, myClassName, VIEWPROFILE_ACTION));\n\tregisterAction(new EditProfile(this, myClassName, EDITPROFILE_ACTION));\n\tregisterAction(new EditProfile(this, myClassName, CREATEPROFILE_ACTION));\n\n\t// These actions are special in that they chain to other actions.\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 125 }, "region": { "startLine": 160, "snippet": { "text": "\tregisterAction(new EditProfile(this, myClassName, EDITPROFILE_ACTION));" } }, "contextRegion": { "startLine": 157, "endLine": 163, "snippet": { "text": "\tregisterAction(new ListStaff(this, myClassName, LISTSTAFF_ACTION));\n\tregisterAction(new SearchStaff(this, myClassName, SEARCHSTAFF_ACTION));\n\tregisterAction(new ViewProfile(this, myClassName, VIEWPROFILE_ACTION));\n\tregisterAction(new EditProfile(this, myClassName, EDITPROFILE_ACTION));\n\tregisterAction(new EditProfile(this, myClassName, CREATEPROFILE_ACTION));\n\n\t// These actions are special in that they chain to other actions.\n" } } }, "message": { "text": "FunctionCall: registerAction" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 125 }, "region": { "startLine": 154, "snippet": { "text": " public CrossSiteScripting()" } }, "contextRegion": { "startLine": 151, "endLine": 157, "snippet": { "text": " }\n\n\n public CrossSiteScripting()\n {\n\tString myClassName = parseClassName(this.getClass().getName());\n\tregisterAction(new ListStaff(this, myClassName, LISTSTAFF_ACTION));\n" } } }, "message": { "text": "Function: CrossSiteScripting" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 125 }, "region": { "startLine": 189, "snippet": { "text": " protected void registerAction(LessonAction action)" } }, "contextRegion": { "startLine": 186, "endLine": 192, "snippet": { "text": " }\n\n\n protected void registerAction(LessonAction action)\n {\n\tlessonFunctions.put(action.getActionName(), action);\n }\n" } } }, "message": { "text": "Function: registerAction" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 125 }, "region": { "startLine": 160 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 26, "message": { "text": "A constructor of CrossSiteScripting in [CrossSiteScripting.java](1) at line [161](1) calls a function that can be overridden by an attacker.\r\nA constructor of the class calls a function that can be overridden." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 125 }, "region": { "startLine": 161, "snippet": { "text": "\tregisterAction(new EditProfile(this, myClassName, CREATEPROFILE_ACTION));" } }, "contextRegion": { "startLine": 158, "endLine": 164, "snippet": { "text": "\tregisterAction(new SearchStaff(this, myClassName, SEARCHSTAFF_ACTION));\n\tregisterAction(new ViewProfile(this, myClassName, VIEWPROFILE_ACTION));\n\tregisterAction(new EditProfile(this, myClassName, EDITPROFILE_ACTION));\n\tregisterAction(new EditProfile(this, myClassName, CREATEPROFILE_ACTION));\n\n\t// These actions are special in that they chain to other actions.\n\tregisterAction(new Login(this, myClassName, LOGIN_ACTION,\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 125 }, "region": { "startLine": 161, "snippet": { "text": "\tregisterAction(new EditProfile(this, myClassName, CREATEPROFILE_ACTION));" } }, "contextRegion": { "startLine": 158, "endLine": 164, "snippet": { "text": "\tregisterAction(new SearchStaff(this, myClassName, SEARCHSTAFF_ACTION));\n\tregisterAction(new ViewProfile(this, myClassName, VIEWPROFILE_ACTION));\n\tregisterAction(new EditProfile(this, myClassName, EDITPROFILE_ACTION));\n\tregisterAction(new EditProfile(this, myClassName, CREATEPROFILE_ACTION));\n\n\t// These actions are special in that they chain to other actions.\n\tregisterAction(new Login(this, myClassName, LOGIN_ACTION,\n" } } }, "message": { "text": "FunctionCall: registerAction" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 125 }, "region": { "startLine": 154, "snippet": { "text": " public CrossSiteScripting()" } }, "contextRegion": { "startLine": 151, "endLine": 157, "snippet": { "text": " }\n\n\n public CrossSiteScripting()\n {\n\tString myClassName = parseClassName(this.getClass().getName());\n\tregisterAction(new ListStaff(this, myClassName, LISTSTAFF_ACTION));\n" } } }, "message": { "text": "Function: CrossSiteScripting" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 125 }, "region": { "startLine": 189, "snippet": { "text": " protected void registerAction(LessonAction action)" } }, "contextRegion": { "startLine": 186, "endLine": 192, "snippet": { "text": " }\n\n\n protected void registerAction(LessonAction action)\n {\n\tlessonFunctions.put(action.getActionName(), action);\n }\n" } } }, "message": { "text": "Function: registerAction" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 125 }, "region": { "startLine": 161 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 26, "message": { "text": "A constructor of CrossSiteScripting in [CrossSiteScripting.java](1) at line [164](1) calls a function that can be overridden by an attacker.\r\nA constructor of the class calls a function that can be overridden." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 125 }, "region": { "startLine": 164, "snippet": { "text": "\tregisterAction(new Login(this, myClassName, LOGIN_ACTION," } }, "contextRegion": { "startLine": 161, "endLine": 167, "snippet": { "text": "\tregisterAction(new EditProfile(this, myClassName, CREATEPROFILE_ACTION));\n\n\t// These actions are special in that they chain to other actions.\n\tregisterAction(new Login(this, myClassName, LOGIN_ACTION,\n\t\tgetAction(LISTSTAFF_ACTION)));\n\tregisterAction(new Logout(this, myClassName, LOGOUT_ACTION,\n\t\tgetAction(LOGIN_ACTION)));\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 125 }, "region": { "startLine": 164, "snippet": { "text": "\tregisterAction(new Login(this, myClassName, LOGIN_ACTION," } }, "contextRegion": { "startLine": 161, "endLine": 167, "snippet": { "text": "\tregisterAction(new EditProfile(this, myClassName, CREATEPROFILE_ACTION));\n\n\t// These actions are special in that they chain to other actions.\n\tregisterAction(new Login(this, myClassName, LOGIN_ACTION,\n\t\tgetAction(LISTSTAFF_ACTION)));\n\tregisterAction(new Logout(this, myClassName, LOGOUT_ACTION,\n\t\tgetAction(LOGIN_ACTION)));\n" } } }, "message": { "text": "FunctionCall: registerAction" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 125 }, "region": { "startLine": 154, "snippet": { "text": " public CrossSiteScripting()" } }, "contextRegion": { "startLine": 151, "endLine": 157, "snippet": { "text": " }\n\n\n public CrossSiteScripting()\n {\n\tString myClassName = parseClassName(this.getClass().getName());\n\tregisterAction(new ListStaff(this, myClassName, LISTSTAFF_ACTION));\n" } } }, "message": { "text": "Function: CrossSiteScripting" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 125 }, "region": { "startLine": 189, "snippet": { "text": " protected void registerAction(LessonAction action)" } }, "contextRegion": { "startLine": 186, "endLine": 192, "snippet": { "text": " }\n\n\n protected void registerAction(LessonAction action)\n {\n\tlessonFunctions.put(action.getActionName(), action);\n }\n" } } }, "message": { "text": "Function: registerAction" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 125 }, "region": { "startLine": 164 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 26, "message": { "text": "A constructor of CrossSiteScripting in [CrossSiteScripting.java](1) at line [165](1) calls a function that can be overridden by an attacker.\r\nA constructor of the class calls a function that can be overridden." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 125 }, "region": { "startLine": 165, "snippet": { "text": "\t\tgetAction(LISTSTAFF_ACTION)));" } }, "contextRegion": { "startLine": 162, "endLine": 168, "snippet": { "text": "\n\t// These actions are special in that they chain to other actions.\n\tregisterAction(new Login(this, myClassName, LOGIN_ACTION,\n\t\tgetAction(LISTSTAFF_ACTION)));\n\tregisterAction(new Logout(this, myClassName, LOGOUT_ACTION,\n\t\tgetAction(LOGIN_ACTION)));\n\tregisterAction(new FindProfile(this, myClassName, FINDPROFILE_ACTION,\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 125 }, "region": { "startLine": 165, "snippet": { "text": "\t\tgetAction(LISTSTAFF_ACTION)));" } }, "contextRegion": { "startLine": 162, "endLine": 168, "snippet": { "text": "\n\t// These actions are special in that they chain to other actions.\n\tregisterAction(new Login(this, myClassName, LOGIN_ACTION,\n\t\tgetAction(LISTSTAFF_ACTION)));\n\tregisterAction(new Logout(this, myClassName, LOGOUT_ACTION,\n\t\tgetAction(LOGIN_ACTION)));\n\tregisterAction(new FindProfile(this, myClassName, FINDPROFILE_ACTION,\n" } } }, "message": { "text": "FunctionCall: getAction" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 125 }, "region": { "startLine": 154, "snippet": { "text": " public CrossSiteScripting()" } }, "contextRegion": { "startLine": 151, "endLine": 157, "snippet": { "text": " }\n\n\n public CrossSiteScripting()\n {\n\tString myClassName = parseClassName(this.getClass().getName());\n\tregisterAction(new ListStaff(this, myClassName, LISTSTAFF_ACTION));\n" } } }, "message": { "text": "Function: CrossSiteScripting" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 125 }, "region": { "startLine": 315, "snippet": { "text": " protected LessonAction getAction(String actionName)" } }, "contextRegion": { "startLine": 312, "endLine": 318, "snippet": { "text": " }\n\n\n protected LessonAction getAction(String actionName)\n {\n\treturn (LessonAction) lessonFunctions.get(actionName);\n }\n" } } }, "message": { "text": "Function: getAction" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 125 }, "region": { "startLine": 165 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 26, "message": { "text": "A constructor of CrossSiteScripting in [CrossSiteScripting.java](1) at line [166](1) calls a function that can be overridden by an attacker.\r\nA constructor of the class calls a function that can be overridden." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 125 }, "region": { "startLine": 166, "snippet": { "text": "\tregisterAction(new Logout(this, myClassName, LOGOUT_ACTION," } }, "contextRegion": { "startLine": 163, "endLine": 169, "snippet": { "text": "\t// These actions are special in that they chain to other actions.\n\tregisterAction(new Login(this, myClassName, LOGIN_ACTION,\n\t\tgetAction(LISTSTAFF_ACTION)));\n\tregisterAction(new Logout(this, myClassName, LOGOUT_ACTION,\n\t\tgetAction(LOGIN_ACTION)));\n\tregisterAction(new FindProfile(this, myClassName, FINDPROFILE_ACTION,\n\t\tgetAction(VIEWPROFILE_ACTION)));\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 125 }, "region": { "startLine": 166, "snippet": { "text": "\tregisterAction(new Logout(this, myClassName, LOGOUT_ACTION," } }, "contextRegion": { "startLine": 163, "endLine": 169, "snippet": { "text": "\t// These actions are special in that they chain to other actions.\n\tregisterAction(new Login(this, myClassName, LOGIN_ACTION,\n\t\tgetAction(LISTSTAFF_ACTION)));\n\tregisterAction(new Logout(this, myClassName, LOGOUT_ACTION,\n\t\tgetAction(LOGIN_ACTION)));\n\tregisterAction(new FindProfile(this, myClassName, FINDPROFILE_ACTION,\n\t\tgetAction(VIEWPROFILE_ACTION)));\n" } } }, "message": { "text": "FunctionCall: registerAction" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 125 }, "region": { "startLine": 154, "snippet": { "text": " public CrossSiteScripting()" } }, "contextRegion": { "startLine": 151, "endLine": 157, "snippet": { "text": " }\n\n\n public CrossSiteScripting()\n {\n\tString myClassName = parseClassName(this.getClass().getName());\n\tregisterAction(new ListStaff(this, myClassName, LISTSTAFF_ACTION));\n" } } }, "message": { "text": "Function: CrossSiteScripting" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 125 }, "region": { "startLine": 189, "snippet": { "text": " protected void registerAction(LessonAction action)" } }, "contextRegion": { "startLine": 186, "endLine": 192, "snippet": { "text": " }\n\n\n protected void registerAction(LessonAction action)\n {\n\tlessonFunctions.put(action.getActionName(), action);\n }\n" } } }, "message": { "text": "Function: registerAction" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 125 }, "region": { "startLine": 166 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 26, "message": { "text": "A constructor of CrossSiteScripting in [CrossSiteScripting.java](1) at line [167](1) calls a function that can be overridden by an attacker.\r\nA constructor of the class calls a function that can be overridden." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 125 }, "region": { "startLine": 167, "snippet": { "text": "\t\tgetAction(LOGIN_ACTION)));" } }, "contextRegion": { "startLine": 164, "endLine": 170, "snippet": { "text": "\tregisterAction(new Login(this, myClassName, LOGIN_ACTION,\n\t\tgetAction(LISTSTAFF_ACTION)));\n\tregisterAction(new Logout(this, myClassName, LOGOUT_ACTION,\n\t\tgetAction(LOGIN_ACTION)));\n\tregisterAction(new FindProfile(this, myClassName, FINDPROFILE_ACTION,\n\t\tgetAction(VIEWPROFILE_ACTION)));\n\tregisterAction(new UpdateProfile(this, myClassName,\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 125 }, "region": { "startLine": 167, "snippet": { "text": "\t\tgetAction(LOGIN_ACTION)));" } }, "contextRegion": { "startLine": 164, "endLine": 170, "snippet": { "text": "\tregisterAction(new Login(this, myClassName, LOGIN_ACTION,\n\t\tgetAction(LISTSTAFF_ACTION)));\n\tregisterAction(new Logout(this, myClassName, LOGOUT_ACTION,\n\t\tgetAction(LOGIN_ACTION)));\n\tregisterAction(new FindProfile(this, myClassName, FINDPROFILE_ACTION,\n\t\tgetAction(VIEWPROFILE_ACTION)));\n\tregisterAction(new UpdateProfile(this, myClassName,\n" } } }, "message": { "text": "FunctionCall: getAction" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 125 }, "region": { "startLine": 154, "snippet": { "text": " public CrossSiteScripting()" } }, "contextRegion": { "startLine": 151, "endLine": 157, "snippet": { "text": " }\n\n\n public CrossSiteScripting()\n {\n\tString myClassName = parseClassName(this.getClass().getName());\n\tregisterAction(new ListStaff(this, myClassName, LISTSTAFF_ACTION));\n" } } }, "message": { "text": "Function: CrossSiteScripting" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 125 }, "region": { "startLine": 315, "snippet": { "text": " protected LessonAction getAction(String actionName)" } }, "contextRegion": { "startLine": 312, "endLine": 318, "snippet": { "text": " }\n\n\n protected LessonAction getAction(String actionName)\n {\n\treturn (LessonAction) lessonFunctions.get(actionName);\n }\n" } } }, "message": { "text": "Function: getAction" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 125 }, "region": { "startLine": 167 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 29, "level": "error", "message": { "text": "The function getResults() in [WSDLScanning.java](1) sometimes fails to release a system resource allocated by makeConnection() on line 274.\r\nThe program can potentially fail to release a database connection." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 83 }, "region": { "startLine": 274, "snippet": { "text": "\t Connection connection = DatabaseUtilities.makeConnection();" } }, "contextRegion": { "startLine": 271, "endLine": 277, "snippet": { "text": " {\n\ttry\n\t{\n\t Connection connection = DatabaseUtilities.makeConnection();\n\t if (connection == null)\n\t {\n\t\treturn null;\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 83 }, "region": { "startLine": 274, "snippet": { "text": "\t Connection connection = DatabaseUtilities.makeConnection();" } }, "contextRegion": { "startLine": 271, "endLine": 277, "snippet": { "text": " {\n\ttry\n\t{\n\t Connection connection = DatabaseUtilities.makeConnection();\n\t if (connection == null)\n\t {\n\t\treturn null;\n" } } }, "message": { "text": "connection = makeConnection()" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 83 }, "region": { "startLine": 275, "snippet": { "text": "\t if (connection == null)" } }, "contextRegion": { "startLine": 272, "endLine": 278, "snippet": { "text": "\ttry\n\t{\n\t Connection connection = DatabaseUtilities.makeConnection();\n\t if (connection == null)\n\t {\n\t\treturn null;\n\t }\n" } } }, "message": { "text": "Branch not taken" } }, "kinds": [ "branch", "false" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 83 }, "region": { "startLine": 279, "snippet": { "text": "\t PreparedStatement ps = connection" } }, "contextRegion": { "startLine": 276, "endLine": 282, "snippet": { "text": "\t {\n\t\treturn null;\n\t }\n\t PreparedStatement ps = connection\n\t\t .prepareStatement(\"SELECT * FROM user_data WHERE userid = ?\");\n\t ps.setInt(1, id);\n\t try\n" } } }, "message": { "text": "java.lang.Exception thrown" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 83 }, "region": { "startLine": 279, "snippet": { "text": "\t PreparedStatement ps = connection" } }, "contextRegion": { "startLine": 276, "endLine": 282, "snippet": { "text": "\t {\n\t\treturn null;\n\t }\n\t PreparedStatement ps = connection\n\t\t .prepareStatement(\"SELECT * FROM user_data WHERE userid = ?\");\n\t ps.setInt(1, id);\n\t try\n" } } }, "message": { "text": "connection no longer refers to a database connection" } }, "kinds": [ "exit", "scope" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 83 }, "region": { "startLine": 279, "snippet": { "text": "\t PreparedStatement ps = connection" } }, "contextRegion": { "startLine": 276, "endLine": 282, "snippet": { "text": "\t {\n\t\treturn null;\n\t }\n\t PreparedStatement ps = connection\n\t\t .prepareStatement(\"SELECT * FROM user_data WHERE userid = ?\");\n\t ps.setInt(1, id);\n\t try\n" } } }, "message": { "text": "connection end scope : Database resource leaked : java.lang.Exception thrown" } }, "kinds": [ "exit", "scope" ] } ] } ] }, { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 83 }, "region": { "startLine": 274, "snippet": { "text": "\t Connection connection = DatabaseUtilities.makeConnection();" } }, "contextRegion": { "startLine": 271, "endLine": 277, "snippet": { "text": " {\n\ttry\n\t{\n\t Connection connection = DatabaseUtilities.makeConnection();\n\t if (connection == null)\n\t {\n\t\treturn null;\n" } } }, "message": { "text": "connection = makeConnection()" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 83 }, "region": { "startLine": 275, "snippet": { "text": "\t if (connection == null)" } }, "contextRegion": { "startLine": 272, "endLine": 278, "snippet": { "text": "\ttry\n\t{\n\t Connection connection = DatabaseUtilities.makeConnection();\n\t if (connection == null)\n\t {\n\t\treturn null;\n\t }\n" } } }, "message": { "text": "Branch not taken" } }, "kinds": [ "branch", "false" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 83 }, "region": { "startLine": 281, "snippet": { "text": "\t ps.setInt(1, id);" } }, "contextRegion": { "startLine": 278, "endLine": 284, "snippet": { "text": "\t }\n\t PreparedStatement ps = connection\n\t\t .prepareStatement(\"SELECT * FROM user_data WHERE userid = ?\");\n\t ps.setInt(1, id);\n\t try\n\t {\n\t\tResultSet results = ps.executeQuery();\n" } } }, "message": { "text": "java.lang.Exception thrown" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 83 }, "region": { "startLine": 281, "snippet": { "text": "\t ps.setInt(1, id);" } }, "contextRegion": { "startLine": 278, "endLine": 284, "snippet": { "text": "\t }\n\t PreparedStatement ps = connection\n\t\t .prepareStatement(\"SELECT * FROM user_data WHERE userid = ?\");\n\t ps.setInt(1, id);\n\t try\n\t {\n\t\tResultSet results = ps.executeQuery();\n" } } }, "message": { "text": "connection no longer refers to a database connection" } }, "kinds": [ "exit", "scope" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 83 }, "region": { "startLine": 281, "snippet": { "text": "\t ps.setInt(1, id);" } }, "contextRegion": { "startLine": 278, "endLine": 284, "snippet": { "text": "\t }\n\t PreparedStatement ps = connection\n\t\t .prepareStatement(\"SELECT * FROM user_data WHERE userid = ?\");\n\t ps.setInt(1, id);\n\t try\n\t {\n\t\tResultSet results = ps.executeQuery();\n" } } }, "message": { "text": "connection end scope : Database resource leaked : java.lang.Exception thrown" } }, "kinds": [ "exit", "scope" ] } ] } ] }, { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 83 }, "region": { "startLine": 274, "snippet": { "text": "\t Connection connection = DatabaseUtilities.makeConnection();" } }, "contextRegion": { "startLine": 271, "endLine": 277, "snippet": { "text": " {\n\ttry\n\t{\n\t Connection connection = DatabaseUtilities.makeConnection();\n\t if (connection == null)\n\t {\n\t\treturn null;\n" } } }, "message": { "text": "connection = makeConnection()" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 83 }, "region": { "startLine": 275, "snippet": { "text": "\t if (connection == null)" } }, "contextRegion": { "startLine": 272, "endLine": 278, "snippet": { "text": "\ttry\n\t{\n\t Connection connection = DatabaseUtilities.makeConnection();\n\t if (connection == null)\n\t {\n\t\treturn null;\n\t }\n" } } }, "message": { "text": "Branch not taken" } }, "kinds": [ "branch", "false" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 83 }, "region": { "startLine": 284, "snippet": { "text": "\t\tResultSet results = ps.executeQuery();" } }, "contextRegion": { "startLine": 281, "endLine": 287, "snippet": { "text": "\t ps.setInt(1, id);\n\t try\n\t {\n\t\tResultSet results = ps.executeQuery();\n\t\tif ((results != null) && (results.next() == true))\n\t\t{\n\t\t return results.getString(field);\n" } } }, "message": { "text": "java.sql.SQLException thrown" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 83 }, "region": { "startLine": 292, "snippet": { "text": "\t}" } }, "contextRegion": { "startLine": 289, "endLine": 295, "snippet": { "text": "\t }\n\t catch (SQLException sqle)\n\t {}\n\t}\n\tcatch (Exception e)\n\t{}\n\treturn null;\n" } } }, "message": { "text": "connection no longer refers to a database connection" } }, "kinds": [ "exit", "scope" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 83 }, "region": { "startLine": 292, "snippet": { "text": "\t}" } }, "contextRegion": { "startLine": 289, "endLine": 295, "snippet": { "text": "\t }\n\t catch (SQLException sqle)\n\t {}\n\t}\n\tcatch (Exception e)\n\t{}\n\treturn null;\n" } } }, "message": { "text": "connection end scope : Database resource leaked" } }, "kinds": [ "exit", "scope" ] } ] } ] }, { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 83 }, "region": { "startLine": 274, "snippet": { "text": "\t Connection connection = DatabaseUtilities.makeConnection();" } }, "contextRegion": { "startLine": 271, "endLine": 277, "snippet": { "text": " {\n\ttry\n\t{\n\t Connection connection = DatabaseUtilities.makeConnection();\n\t if (connection == null)\n\t {\n\t\treturn null;\n" } } }, "message": { "text": "connection = makeConnection()" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 83 }, "region": { "startLine": 275, "snippet": { "text": "\t if (connection == null)" } }, "contextRegion": { "startLine": 272, "endLine": 278, "snippet": { "text": "\ttry\n\t{\n\t Connection connection = DatabaseUtilities.makeConnection();\n\t if (connection == null)\n\t {\n\t\treturn null;\n\t }\n" } } }, "message": { "text": "Branch not taken" } }, "kinds": [ "branch", "false" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 83 }, "region": { "startLine": 285, "snippet": { "text": "\t\tif ((results != null) && (results.next() == true))" } }, "contextRegion": { "startLine": 282, "endLine": 288, "snippet": { "text": "\t try\n\t {\n\t\tResultSet results = ps.executeQuery();\n\t\tif ((results != null) && (results.next() == true))\n\t\t{\n\t\t return results.getString(field);\n\t\t}\n" } } }, "message": { "text": "Branch taken" } }, "kinds": [ "branch", "true" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 83 }, "region": { "startLine": 285, "snippet": { "text": "\t\tif ((results != null) && (results.next() == true))" } }, "contextRegion": { "startLine": 282, "endLine": 288, "snippet": { "text": "\t try\n\t {\n\t\tResultSet results = ps.executeQuery();\n\t\tif ((results != null) && (results.next() == true))\n\t\t{\n\t\t return results.getString(field);\n\t\t}\n" } } }, "message": { "text": "Branch taken" } }, "kinds": [ "branch", "true" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 83 }, "region": { "startLine": 287, "snippet": { "text": "\t\t return results.getString(field);" } }, "contextRegion": { "startLine": 284, "endLine": 290, "snippet": { "text": "\t\tResultSet results = ps.executeQuery();\n\t\tif ((results != null) && (results.next() == true))\n\t\t{\n\t\t return results.getString(field);\n\t\t}\n\t }\n\t catch (SQLException sqle)\n" } } }, "message": { "text": "return" } }, "kinds": [ "return", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 83 }, "region": { "startLine": 287, "snippet": { "text": "\t\t return results.getString(field);" } }, "contextRegion": { "startLine": 284, "endLine": 290, "snippet": { "text": "\t\tResultSet results = ps.executeQuery();\n\t\tif ((results != null) && (results.next() == true))\n\t\t{\n\t\t return results.getString(field);\n\t\t}\n\t }\n\t catch (SQLException sqle)\n" } } }, "message": { "text": "connection no longer refers to a database connection" } }, "kinds": [ "exit", "scope" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 83 }, "region": { "startLine": 287, "snippet": { "text": "\t\t return results.getString(field);" } }, "contextRegion": { "startLine": 284, "endLine": 290, "snippet": { "text": "\t\tResultSet results = ps.executeQuery();\n\t\tif ((results != null) && (results.next() == true))\n\t\t{\n\t\t return results.getString(field);\n\t\t}\n\t }\n\t catch (SQLException sqle)\n" } } }, "message": { "text": "connection end scope : Database resource leaked" } }, "kinds": [ "exit", "scope" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 83 }, "region": { "startLine": 274 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 26, "message": { "text": "A constructor of CrossSiteScripting in [CrossSiteScripting.java](1) at line [168](1) calls a function that can be overridden by an attacker.\r\nA constructor of the class calls a function that can be overridden." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 125 }, "region": { "startLine": 168, "snippet": { "text": "\tregisterAction(new FindProfile(this, myClassName, FINDPROFILE_ACTION," } }, "contextRegion": { "startLine": 165, "endLine": 171, "snippet": { "text": "\t\tgetAction(LISTSTAFF_ACTION)));\n\tregisterAction(new Logout(this, myClassName, LOGOUT_ACTION,\n\t\tgetAction(LOGIN_ACTION)));\n\tregisterAction(new FindProfile(this, myClassName, FINDPROFILE_ACTION,\n\t\tgetAction(VIEWPROFILE_ACTION)));\n\tregisterAction(new UpdateProfile(this, myClassName,\n\t\tUPDATEPROFILE_ACTION, getAction(VIEWPROFILE_ACTION)));\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 125 }, "region": { "startLine": 168, "snippet": { "text": "\tregisterAction(new FindProfile(this, myClassName, FINDPROFILE_ACTION," } }, "contextRegion": { "startLine": 165, "endLine": 171, "snippet": { "text": "\t\tgetAction(LISTSTAFF_ACTION)));\n\tregisterAction(new Logout(this, myClassName, LOGOUT_ACTION,\n\t\tgetAction(LOGIN_ACTION)));\n\tregisterAction(new FindProfile(this, myClassName, FINDPROFILE_ACTION,\n\t\tgetAction(VIEWPROFILE_ACTION)));\n\tregisterAction(new UpdateProfile(this, myClassName,\n\t\tUPDATEPROFILE_ACTION, getAction(VIEWPROFILE_ACTION)));\n" } } }, "message": { "text": "FunctionCall: registerAction" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 125 }, "region": { "startLine": 154, "snippet": { "text": " public CrossSiteScripting()" } }, "contextRegion": { "startLine": 151, "endLine": 157, "snippet": { "text": " }\n\n\n public CrossSiteScripting()\n {\n\tString myClassName = parseClassName(this.getClass().getName());\n\tregisterAction(new ListStaff(this, myClassName, LISTSTAFF_ACTION));\n" } } }, "message": { "text": "Function: CrossSiteScripting" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 125 }, "region": { "startLine": 189, "snippet": { "text": " protected void registerAction(LessonAction action)" } }, "contextRegion": { "startLine": 186, "endLine": 192, "snippet": { "text": " }\n\n\n protected void registerAction(LessonAction action)\n {\n\tlessonFunctions.put(action.getActionName(), action);\n }\n" } } }, "message": { "text": "Function: registerAction" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 125 }, "region": { "startLine": 168 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 26, "message": { "text": "A constructor of CrossSiteScripting in [CrossSiteScripting.java](1) at line [169](1) calls a function that can be overridden by an attacker.\r\nA constructor of the class calls a function that can be overridden." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 125 }, "region": { "startLine": 169, "snippet": { "text": "\t\tgetAction(VIEWPROFILE_ACTION)));" } }, "contextRegion": { "startLine": 166, "endLine": 172, "snippet": { "text": "\tregisterAction(new Logout(this, myClassName, LOGOUT_ACTION,\n\t\tgetAction(LOGIN_ACTION)));\n\tregisterAction(new FindProfile(this, myClassName, FINDPROFILE_ACTION,\n\t\tgetAction(VIEWPROFILE_ACTION)));\n\tregisterAction(new UpdateProfile(this, myClassName,\n\t\tUPDATEPROFILE_ACTION, getAction(VIEWPROFILE_ACTION)));\n\tregisterAction(new DeleteProfile(this, myClassName,\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 125 }, "region": { "startLine": 169, "snippet": { "text": "\t\tgetAction(VIEWPROFILE_ACTION)));" } }, "contextRegion": { "startLine": 166, "endLine": 172, "snippet": { "text": "\tregisterAction(new Logout(this, myClassName, LOGOUT_ACTION,\n\t\tgetAction(LOGIN_ACTION)));\n\tregisterAction(new FindProfile(this, myClassName, FINDPROFILE_ACTION,\n\t\tgetAction(VIEWPROFILE_ACTION)));\n\tregisterAction(new UpdateProfile(this, myClassName,\n\t\tUPDATEPROFILE_ACTION, getAction(VIEWPROFILE_ACTION)));\n\tregisterAction(new DeleteProfile(this, myClassName,\n" } } }, "message": { "text": "FunctionCall: getAction" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 125 }, "region": { "startLine": 154, "snippet": { "text": " public CrossSiteScripting()" } }, "contextRegion": { "startLine": 151, "endLine": 157, "snippet": { "text": " }\n\n\n public CrossSiteScripting()\n {\n\tString myClassName = parseClassName(this.getClass().getName());\n\tregisterAction(new ListStaff(this, myClassName, LISTSTAFF_ACTION));\n" } } }, "message": { "text": "Function: CrossSiteScripting" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 125 }, "region": { "startLine": 315, "snippet": { "text": " protected LessonAction getAction(String actionName)" } }, "contextRegion": { "startLine": 312, "endLine": 318, "snippet": { "text": " }\n\n\n protected LessonAction getAction(String actionName)\n {\n\treturn (LessonAction) lessonFunctions.get(actionName);\n }\n" } } }, "message": { "text": "Function: getAction" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 125 }, "region": { "startLine": 169 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 26, "message": { "text": "A constructor of CrossSiteScripting in [CrossSiteScripting.java](1) at line [170](1) calls a function that can be overridden by an attacker.\r\nA constructor of the class calls a function that can be overridden." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 125 }, "region": { "startLine": 170, "snippet": { "text": "\tregisterAction(new UpdateProfile(this, myClassName," } }, "contextRegion": { "startLine": 167, "endLine": 173, "snippet": { "text": "\t\tgetAction(LOGIN_ACTION)));\n\tregisterAction(new FindProfile(this, myClassName, FINDPROFILE_ACTION,\n\t\tgetAction(VIEWPROFILE_ACTION)));\n\tregisterAction(new UpdateProfile(this, myClassName,\n\t\tUPDATEPROFILE_ACTION, getAction(VIEWPROFILE_ACTION)));\n\tregisterAction(new DeleteProfile(this, myClassName,\n\t\tDELETEPROFILE_ACTION, getAction(LISTSTAFF_ACTION)));\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 125 }, "region": { "startLine": 170, "snippet": { "text": "\tregisterAction(new UpdateProfile(this, myClassName," } }, "contextRegion": { "startLine": 167, "endLine": 173, "snippet": { "text": "\t\tgetAction(LOGIN_ACTION)));\n\tregisterAction(new FindProfile(this, myClassName, FINDPROFILE_ACTION,\n\t\tgetAction(VIEWPROFILE_ACTION)));\n\tregisterAction(new UpdateProfile(this, myClassName,\n\t\tUPDATEPROFILE_ACTION, getAction(VIEWPROFILE_ACTION)));\n\tregisterAction(new DeleteProfile(this, myClassName,\n\t\tDELETEPROFILE_ACTION, getAction(LISTSTAFF_ACTION)));\n" } } }, "message": { "text": "FunctionCall: registerAction" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 125 }, "region": { "startLine": 154, "snippet": { "text": " public CrossSiteScripting()" } }, "contextRegion": { "startLine": 151, "endLine": 157, "snippet": { "text": " }\n\n\n public CrossSiteScripting()\n {\n\tString myClassName = parseClassName(this.getClass().getName());\n\tregisterAction(new ListStaff(this, myClassName, LISTSTAFF_ACTION));\n" } } }, "message": { "text": "Function: CrossSiteScripting" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 125 }, "region": { "startLine": 189, "snippet": { "text": " protected void registerAction(LessonAction action)" } }, "contextRegion": { "startLine": 186, "endLine": 192, "snippet": { "text": " }\n\n\n protected void registerAction(LessonAction action)\n {\n\tlessonFunctions.put(action.getActionName(), action);\n }\n" } } }, "message": { "text": "Function: registerAction" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 125 }, "region": { "startLine": 170 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 26, "message": { "text": "A constructor of CrossSiteScripting in [CrossSiteScripting.java](1) at line [171](1) calls a function that can be overridden by an attacker.\r\nA constructor of the class calls a function that can be overridden." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 125 }, "region": { "startLine": 171, "snippet": { "text": "\t\tUPDATEPROFILE_ACTION, getAction(VIEWPROFILE_ACTION)));" } }, "contextRegion": { "startLine": 168, "endLine": 174, "snippet": { "text": "\tregisterAction(new FindProfile(this, myClassName, FINDPROFILE_ACTION,\n\t\tgetAction(VIEWPROFILE_ACTION)));\n\tregisterAction(new UpdateProfile(this, myClassName,\n\t\tUPDATEPROFILE_ACTION, getAction(VIEWPROFILE_ACTION)));\n\tregisterAction(new DeleteProfile(this, myClassName,\n\t\tDELETEPROFILE_ACTION, getAction(LISTSTAFF_ACTION)));\n }\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 125 }, "region": { "startLine": 171, "snippet": { "text": "\t\tUPDATEPROFILE_ACTION, getAction(VIEWPROFILE_ACTION)));" } }, "contextRegion": { "startLine": 168, "endLine": 174, "snippet": { "text": "\tregisterAction(new FindProfile(this, myClassName, FINDPROFILE_ACTION,\n\t\tgetAction(VIEWPROFILE_ACTION)));\n\tregisterAction(new UpdateProfile(this, myClassName,\n\t\tUPDATEPROFILE_ACTION, getAction(VIEWPROFILE_ACTION)));\n\tregisterAction(new DeleteProfile(this, myClassName,\n\t\tDELETEPROFILE_ACTION, getAction(LISTSTAFF_ACTION)));\n }\n" } } }, "message": { "text": "FunctionCall: getAction" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 125 }, "region": { "startLine": 154, "snippet": { "text": " public CrossSiteScripting()" } }, "contextRegion": { "startLine": 151, "endLine": 157, "snippet": { "text": " }\n\n\n public CrossSiteScripting()\n {\n\tString myClassName = parseClassName(this.getClass().getName());\n\tregisterAction(new ListStaff(this, myClassName, LISTSTAFF_ACTION));\n" } } }, "message": { "text": "Function: CrossSiteScripting" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 125 }, "region": { "startLine": 315, "snippet": { "text": " protected LessonAction getAction(String actionName)" } }, "contextRegion": { "startLine": 312, "endLine": 318, "snippet": { "text": " }\n\n\n protected LessonAction getAction(String actionName)\n {\n\treturn (LessonAction) lessonFunctions.get(actionName);\n }\n" } } }, "message": { "text": "Function: getAction" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 125 }, "region": { "startLine": 171 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 26, "message": { "text": "A constructor of CrossSiteScripting in [CrossSiteScripting.java](1) at line [172](1) calls a function that can be overridden by an attacker.\r\nA constructor of the class calls a function that can be overridden." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 125 }, "region": { "startLine": 172, "snippet": { "text": "\tregisterAction(new DeleteProfile(this, myClassName," } }, "contextRegion": { "startLine": 169, "endLine": 175, "snippet": { "text": "\t\tgetAction(VIEWPROFILE_ACTION)));\n\tregisterAction(new UpdateProfile(this, myClassName,\n\t\tUPDATEPROFILE_ACTION, getAction(VIEWPROFILE_ACTION)));\n\tregisterAction(new DeleteProfile(this, myClassName,\n\t\tDELETEPROFILE_ACTION, getAction(LISTSTAFF_ACTION)));\n }\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 125 }, "region": { "startLine": 172, "snippet": { "text": "\tregisterAction(new DeleteProfile(this, myClassName," } }, "contextRegion": { "startLine": 169, "endLine": 175, "snippet": { "text": "\t\tgetAction(VIEWPROFILE_ACTION)));\n\tregisterAction(new UpdateProfile(this, myClassName,\n\t\tUPDATEPROFILE_ACTION, getAction(VIEWPROFILE_ACTION)));\n\tregisterAction(new DeleteProfile(this, myClassName,\n\t\tDELETEPROFILE_ACTION, getAction(LISTSTAFF_ACTION)));\n }\n\n" } } }, "message": { "text": "FunctionCall: registerAction" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 125 }, "region": { "startLine": 154, "snippet": { "text": " public CrossSiteScripting()" } }, "contextRegion": { "startLine": 151, "endLine": 157, "snippet": { "text": " }\n\n\n public CrossSiteScripting()\n {\n\tString myClassName = parseClassName(this.getClass().getName());\n\tregisterAction(new ListStaff(this, myClassName, LISTSTAFF_ACTION));\n" } } }, "message": { "text": "Function: CrossSiteScripting" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 125 }, "region": { "startLine": 189, "snippet": { "text": " protected void registerAction(LessonAction action)" } }, "contextRegion": { "startLine": 186, "endLine": 192, "snippet": { "text": " }\n\n\n protected void registerAction(LessonAction action)\n {\n\tlessonFunctions.put(action.getActionName(), action);\n }\n" } } }, "message": { "text": "Function: registerAction" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 125 }, "region": { "startLine": 172 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 26, "message": { "text": "A constructor of CrossSiteScripting in [CrossSiteScripting.java](1) at line [173](1) calls a function that can be overridden by an attacker.\r\nA constructor of the class calls a function that can be overridden." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 125 }, "region": { "startLine": 173, "snippet": { "text": "\t\tDELETEPROFILE_ACTION, getAction(LISTSTAFF_ACTION)));" } }, "contextRegion": { "startLine": 170, "endLine": 176, "snippet": { "text": "\tregisterAction(new UpdateProfile(this, myClassName,\n\t\tUPDATEPROFILE_ACTION, getAction(VIEWPROFILE_ACTION)));\n\tregisterAction(new DeleteProfile(this, myClassName,\n\t\tDELETEPROFILE_ACTION, getAction(LISTSTAFF_ACTION)));\n }\n\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 125 }, "region": { "startLine": 173, "snippet": { "text": "\t\tDELETEPROFILE_ACTION, getAction(LISTSTAFF_ACTION)));" } }, "contextRegion": { "startLine": 170, "endLine": 176, "snippet": { "text": "\tregisterAction(new UpdateProfile(this, myClassName,\n\t\tUPDATEPROFILE_ACTION, getAction(VIEWPROFILE_ACTION)));\n\tregisterAction(new DeleteProfile(this, myClassName,\n\t\tDELETEPROFILE_ACTION, getAction(LISTSTAFF_ACTION)));\n }\n\n\n" } } }, "message": { "text": "FunctionCall: getAction" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 125 }, "region": { "startLine": 154, "snippet": { "text": " public CrossSiteScripting()" } }, "contextRegion": { "startLine": 151, "endLine": 157, "snippet": { "text": " }\n\n\n public CrossSiteScripting()\n {\n\tString myClassName = parseClassName(this.getClass().getName());\n\tregisterAction(new ListStaff(this, myClassName, LISTSTAFF_ACTION));\n" } } }, "message": { "text": "Function: CrossSiteScripting" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 125 }, "region": { "startLine": 315, "snippet": { "text": " protected LessonAction getAction(String actionName)" } }, "contextRegion": { "startLine": 312, "endLine": 318, "snippet": { "text": " }\n\n\n protected LessonAction getAction(String actionName)\n {\n\treturn (LessonAction) lessonFunctions.get(actionName);\n }\n" } } }, "message": { "text": "Function: getAction" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 125 }, "region": { "startLine": 173 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 125, "level": "error", "message": { "text": "The method _jspService() in [EditProfile.jsp](1) mishandles confidential information, which can compromise user privacy and is often illegal.\r\nMishandling private information, such as customer passwords or social security numbers, can compromise user privacy and is often illegal." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 112 }, "region": { "startLine": 72, "snippet": { "text": "\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getCcnLimit()%>\"/>" } }, "contextRegion": { "startLine": 69, "endLine": 75, "snippet": { "text": "\t\t\t\t\t\tCredit Card Limit: \n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getCcnLimit()%>\"/>\n\t\t\t\t\t\n\t\t\t\t\n\t\t\t\t\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 174 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 112 }, "region": { "startLine": 72, "snippet": { "text": "\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getCcnLimit()%>\"/>" } }, "contextRegion": { "startLine": 69, "endLine": 75, "snippet": { "text": "\t\t\t\t\t\tCredit Card Limit: \n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getCcnLimit()%>\"/>\n\t\t\t\t\t\n\t\t\t\t\n\t\t\t\t\n" } } }, "message": { "text": "print(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 112 }, "region": { "startLine": 72 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 67, "message": { "text": "Using a `throw` statement inside a `finally` block breaks the logical progression through the `try-catch-finally`." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 39 }, "region": { "startLine": 118, "endLine": 131, "snippet": { "text": "\t{\r\n\t if (out != null)\r\n\t {\r\n\t\tout.close();\r\n\t }\r\n\t if (in != null)\r\n\t {\r\n\t\tin.close();\r\n\t }\r\n\t if (osgSocket != null)\r\n\t {\r\n\t\tosgSocket.close();\r\n\t }\r\n\t}" } }, "contextRegion": { "startLine": 115, "endLine": 134, "snippet": { "text": "\t e.printStackTrace();\n\t}\n\tfinally\n\t{\n\t if (out != null)\n\t {\n\t\tout.close();\n\t }\n\t if (in != null)\n\t {\n\t\tin.close();\n\t }\n\t if (osgSocket != null)\n\t {\n\t\tosgSocket.close();\n\t }\n\t}\n\n\tString url = req.getRequestURL().toString();\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 39 }, "region": { "startLine": 118, "endLine": 131, "snippet": { "text": "\t{\r\n\t if (out != null)\r\n\t {\r\n\t\tout.close();\r\n\t }\r\n\t if (in != null)\r\n\t {\r\n\t\tin.close();\r\n\t }\r\n\t if (osgSocket != null)\r\n\t {\r\n\t\tosgSocket.close();\r\n\t }\r\n\t}" } }, "contextRegion": { "startLine": 115, "endLine": 134, "snippet": { "text": "\t e.printStackTrace();\n\t}\n\tfinally\n\t{\n\t if (out != null)\n\t {\n\t\tout.close();\n\t }\n\t if (in != null)\n\t {\n\t\tin.close();\n\t }\n\t if (osgSocket != null)\n\t {\n\t\tosgSocket.close();\n\t }\n\t}\n\n\tString url = req.getRequestURL().toString();\n\n" } } }, "message": { "text": "FinallyBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 39 }, "region": { "startLine": 118, "startColumn": 2, "endLine": 131 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function changeEmployeeProfile() in [UpdateProfile.java](1) might reveal system data or debugging information by calling printStackTrace() on line [253](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 253, "snippet": { "text": "\t\tsqle.printStackTrace();" } }, "contextRegion": { "startLine": 250, "endLine": 256, "snippet": { "text": "\t catch (SQLException sqle)\n\t {\n\t\ts.setMessage(\"Error updating employee profile\");\n\t\tsqle.printStackTrace();\n\t }\n\n\t}\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 253, "snippet": { "text": "\t\tsqle.printStackTrace();" } }, "contextRegion": { "startLine": 250, "endLine": 256, "snippet": { "text": "\t catch (SQLException sqle)\n\t {\n\t\ts.setMessage(\"Error updating employee profile\");\n\t\tsqle.printStackTrace();\n\t }\n\n\t}\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 253 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 42, "message": { "text": "The method doPost() in [HammerHead.java](1) commingles trusted and untrusted data in the same data structure, which encourages programmers to mistakenly trust unvalidated data.\r\nCommingling trusted and untrusted data in the same data structure encourages programmers to mistakenly trust unvalidated data." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 184, "snippet": { "text": "\t request.getSession().setAttribute(\"websession\", mySession);" } }, "contextRegion": { "startLine": 181, "endLine": 187, "snippet": { "text": "\t\tclientBrowser = userAgent;\n\t }\n\t request.setAttribute(\"client.browser\", clientBrowser);\n\t request.getSession().setAttribute(\"websession\", mySession);\n\t request.getSession().setAttribute(\"course\", mySession.getCourse());\n\n\t request.getRequestDispatcher(getViewPage(mySession)).forward(\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 175 }, { "index": 176 }, { "index": 177 }, { "index": 135 }, { "index": 157 }, { "index": 178 }, { "index": 159 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 184, "snippet": { "text": "\t request.getSession().setAttribute(\"websession\", mySession);" } }, "contextRegion": { "startLine": 181, "endLine": 187, "snippet": { "text": "\t\tclientBrowser = userAgent;\n\t }\n\t request.setAttribute(\"client.browser\", clientBrowser);\n\t request.getSession().setAttribute(\"websession\", mySession);\n\t request.getSession().setAttribute(\"course\", mySession.getCourse());\n\n\t request.getRequestDispatcher(getViewPage(mySession)).forward(\n" } } }, "message": { "text": "setAttribute(1)" } }, "kinds": [ "call", "function" ] } ] } ] }, { "threadFlows": [ { "locations": [ { "index": 175 }, { "index": 176 }, { "index": 177 }, { "index": 135 }, { "index": 179 }, { "index": 180 }, { "index": 181 }, { "index": 182 }, { "index": 183 }, { "index": 157 }, { "index": 178 }, { "index": 159 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 184, "snippet": { "text": "\t request.getSession().setAttribute(\"websession\", mySession);" } }, "contextRegion": { "startLine": 181, "endLine": 187, "snippet": { "text": "\t\tclientBrowser = userAgent;\n\t }\n\t request.setAttribute(\"client.browser\", clientBrowser);\n\t request.getSession().setAttribute(\"websession\", mySession);\n\t request.getSession().setAttribute(\"course\", mySession.getCourse());\n\n\t request.getRequestDispatcher(getViewPage(mySession)).forward(\n" } } }, "message": { "text": "setAttribute(1)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 184 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 62, "level": "error", "message": { "text": "The method createContent() in [JavaScriptValidation.java](1) sends unvalidated data to a web browser on line [152](1), which can result in the browser executing malicious code.\r\nSending unvalidated data to a web browser can result in the browser executing malicious code." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 8 }, "region": { "startLine": 152, "snippet": { "text": "\t TextArea input2 = new TextArea(\"field2\", 1, 25).addElement(param2);" } }, "contextRegion": { "startLine": 149, "endLine": 155, "snippet": { "text": "\t\t \"301-604-4882\");\n\t ec.addElement(new StringElement(script));\n\t TextArea input1 = new TextArea(\"field1\", 1, 25).addElement(param1);\n\t TextArea input2 = new TextArea(\"field2\", 1, 25).addElement(param2);\n\t TextArea input3 = new TextArea(\"field3\", 1, 25).addElement(param3);\n\t TextArea input4 = new TextArea(\"field4\", 1, 25).addElement(param4);\n\t TextArea input5 = new TextArea(\"field5\", 1, 25).addElement(param5);\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 0 }, { "index": 2 }, { "index": 3 }, { "index": 7 }, { "index": 10 }, { "index": 184 }, { "index": 185 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 8 }, "region": { "startLine": 152, "snippet": { "text": "\t TextArea input2 = new TextArea(\"field2\", 1, 25).addElement(param2);" } }, "contextRegion": { "startLine": 149, "endLine": 155, "snippet": { "text": "\t\t \"301-604-4882\");\n\t ec.addElement(new StringElement(script));\n\t TextArea input1 = new TextArea(\"field1\", 1, 25).addElement(param1);\n\t TextArea input2 = new TextArea(\"field2\", 1, 25).addElement(param2);\n\t TextArea input3 = new TextArea(\"field3\", 1, 25).addElement(param3);\n\t TextArea input4 = new TextArea(\"field4\", 1, 25).addElement(param4);\n\t TextArea input5 = new TextArea(\"field5\", 1, 25).addElement(param5);\n" } } }, "message": { "text": "addElement(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 8 }, "region": { "startLine": 152, "startColumn": 65 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 125, "level": "error", "message": { "text": "The method _jspService() in [EditProfile.jsp](1) mishandles confidential information, which can compromise user privacy and is often illegal.\r\nMishandling private information, such as customer passwords or social security numbers, can compromise user privacy and is often illegal." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 112 }, "region": { "startLine": 53, "snippet": { "text": "\t\t\t \t\t\" type=\"text\" value=\"<%=employee.getSsn()%>\"/> " } }, "contextRegion": { "startLine": 50, "endLine": 56, "snippet": { "text": "\t\t\t \t\tSSN: \n\t\t\t \t\n\t\t\t \t\n\t\t\t \t\t\" type=\"text\" value=\"<%=employee.getSsn()%>\"/> \n\t\t\t\t\t\n\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\tSalary: \n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 186 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 112 }, "region": { "startLine": 53, "snippet": { "text": "\t\t\t \t\t\" type=\"text\" value=\"<%=employee.getSsn()%>\"/> " } }, "contextRegion": { "startLine": 50, "endLine": 56, "snippet": { "text": "\t\t\t \t\tSSN: \n\t\t\t \t\n\t\t\t \t\n\t\t\t \t\t\" type=\"text\" value=\"<%=employee.getSsn()%>\"/> \n\t\t\t\t\t\n\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\tSalary: \n" } } }, "message": { "text": "print(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 112 }, "region": { "startLine": 53 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 54, "message": { "text": "Hardcoded passwords may compromise system security in a way that cannot be easily remedied." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 48 }, "region": { "startLine": 76, "snippet": { "text": "\t\tif (!\"webgoat\".equals(username) || !password.equals(\"webgoat\"))" } }, "contextRegion": { "startLine": 73, "endLine": 79, "snippet": { "text": "\t\tpassword = s.getParser().getRawParameter(PASSWORD);\n\n\t\t// if credentials are bad, send the login page\n\t\tif (!\"webgoat\".equals(username) || !password.equals(\"webgoat\"))\n\t\t{\n\t\t s.setMessage(\"Invalid username and password entered.\");\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 48 }, "region": { "startLine": 76, "snippet": { "text": "\t\tif (!\"webgoat\".equals(username) || !password.equals(\"webgoat\"))" } }, "contextRegion": { "startLine": 73, "endLine": 79, "snippet": { "text": "\t\tpassword = s.getParser().getRawParameter(PASSWORD);\n\n\t\t// if credentials are bad, send the login page\n\t\tif (!\"webgoat\".equals(username) || !password.equals(\"webgoat\"))\n\t\t{\n\t\t s.setMessage(\"Invalid username and password entered.\");\n\n" } } }, "message": { "text": "FunctionCall: equals" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 48 }, "region": { "startLine": 76 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 116, "level": "error", "message": { "text": "The function getResults() in [WSDLScanning.java](1) sometimes fails to release a system resource allocated by makeConnection() on line 274.\r\nThe program can potentially fail to release a database connection." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 83 }, "region": { "startLine": 284, "snippet": { "text": "\t\tResultSet results = ps.executeQuery();" } }, "contextRegion": { "startLine": 281, "endLine": 287, "snippet": { "text": "\t ps.setInt(1, id);\n\t try\n\t {\n\t\tResultSet results = ps.executeQuery();\n\t\tif ((results != null) && (results.next() == true))\n\t\t{\n\t\t return results.getString(field);\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 83 }, "region": { "startLine": 274, "snippet": { "text": "\t Connection connection = DatabaseUtilities.makeConnection();" } }, "contextRegion": { "startLine": 271, "endLine": 277, "snippet": { "text": " {\n\ttry\n\t{\n\t Connection connection = DatabaseUtilities.makeConnection();\n\t if (connection == null)\n\t {\n\t\treturn null;\n" } } }, "message": { "text": "connection = makeConnection()" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 83 }, "region": { "startLine": 275, "snippet": { "text": "\t if (connection == null)" } }, "contextRegion": { "startLine": 272, "endLine": 278, "snippet": { "text": "\ttry\n\t{\n\t Connection connection = DatabaseUtilities.makeConnection();\n\t if (connection == null)\n\t {\n\t\treturn null;\n\t }\n" } } }, "message": { "text": "Branch not taken" } }, "kinds": [ "branch", "false" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 83 }, "region": { "startLine": 280, "snippet": { "text": "" } }, "contextRegion": { "startLine": 277, "endLine": 282, "snippet": { "text": "\t\treturn null;\n\t }\n\t PreparedStatement ps = connection\n\t\t .prepareStatement(\"SELECT * FROM user_data WHERE userid = ?\");\n\t ps.setInt(1, id);\n\t try\n" } } }, "message": { "text": "ps = connection.prepareStatement(...)" }, "annotations": [ { "startLine": 279, "startColumn": 6, "message": { "text": "ps refers to a database command" } } ] }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 83 }, "region": { "startLine": 284, "snippet": { "text": "\t\tResultSet results = ps.executeQuery();" } }, "contextRegion": { "startLine": 281, "endLine": 287, "snippet": { "text": "\t ps.setInt(1, id);\n\t try\n\t {\n\t\tResultSet results = ps.executeQuery();\n\t\tif ((results != null) && (results.next() == true))\n\t\t{\n\t\t return results.getString(field);\n" } } }, "message": { "text": "results = ps.executeQuery()" }, "annotations": [ { "startLine": 284, "startColumn": 3, "message": { "text": "results refers to a database reader" } } ] }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 83 }, "region": { "startLine": 285, "snippet": { "text": "\t\tif ((results != null) && (results.next() == true))" } }, "contextRegion": { "startLine": 282, "endLine": 288, "snippet": { "text": "\t try\n\t {\n\t\tResultSet results = ps.executeQuery();\n\t\tif ((results != null) && (results.next() == true))\n\t\t{\n\t\t return results.getString(field);\n\t\t}\n" } } }, "message": { "text": "Branch taken" } }, "kinds": [ "branch", "true" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 83 }, "region": { "startLine": 285, "snippet": { "text": "\t\tif ((results != null) && (results.next() == true))" } }, "contextRegion": { "startLine": 282, "endLine": 288, "snippet": { "text": "\t try\n\t {\n\t\tResultSet results = ps.executeQuery();\n\t\tif ((results != null) && (results.next() == true))\n\t\t{\n\t\t return results.getString(field);\n\t\t}\n" } } }, "message": { "text": "Branch taken" } }, "kinds": [ "branch", "true" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 83 }, "region": { "startLine": 287, "snippet": { "text": "\t\t return results.getString(field);" } }, "contextRegion": { "startLine": 284, "endLine": 290, "snippet": { "text": "\t\tResultSet results = ps.executeQuery();\n\t\tif ((results != null) && (results.next() == true))\n\t\t{\n\t\t return results.getString(field);\n\t\t}\n\t }\n\t catch (SQLException sqle)\n" } } }, "message": { "text": "return" } }, "kinds": [ "return", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 83 }, "region": { "startLine": 287, "snippet": { "text": "\t\t return results.getString(field);" } }, "contextRegion": { "startLine": 284, "endLine": 290, "snippet": { "text": "\t\tResultSet results = ps.executeQuery();\n\t\tif ((results != null) && (results.next() == true))\n\t\t{\n\t\t return results.getString(field);\n\t\t}\n\t }\n\t catch (SQLException sqle)\n" } } }, "message": { "text": "results no longer refers to a database reader" } }, "kinds": [ "exit", "scope" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 83 }, "region": { "startLine": 287, "snippet": { "text": "\t\t return results.getString(field);" } }, "contextRegion": { "startLine": 284, "endLine": 290, "snippet": { "text": "\t\tResultSet results = ps.executeQuery();\n\t\tif ((results != null) && (results.next() == true))\n\t\t{\n\t\t return results.getString(field);\n\t\t}\n\t }\n\t catch (SQLException sqle)\n" } } }, "message": { "text": "results no longer refers to a database reader" } }, "kinds": [ "exit", "scope" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 83 }, "region": { "startLine": 287, "snippet": { "text": "\t\t return results.getString(field);" } }, "contextRegion": { "startLine": 284, "endLine": 290, "snippet": { "text": "\t\tResultSet results = ps.executeQuery();\n\t\tif ((results != null) && (results.next() == true))\n\t\t{\n\t\t return results.getString(field);\n\t\t}\n\t }\n\t catch (SQLException sqle)\n" } } }, "message": { "text": "results end scope" } }, "kinds": [ "exit", "scope" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 83 }, "region": { "startLine": 287, "snippet": { "text": "\t\t return results.getString(field);" } }, "contextRegion": { "startLine": 284, "endLine": 290, "snippet": { "text": "\t\tResultSet results = ps.executeQuery();\n\t\tif ((results != null) && (results.next() == true))\n\t\t{\n\t\t return results.getString(field);\n\t\t}\n\t }\n\t catch (SQLException sqle)\n" } } }, "message": { "text": "connection end scope : Database resource leaked" } }, "kinds": [ "exit", "scope" ] } ] } ] }, { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 83 }, "region": { "startLine": 274, "snippet": { "text": "\t Connection connection = DatabaseUtilities.makeConnection();" } }, "contextRegion": { "startLine": 271, "endLine": 277, "snippet": { "text": " {\n\ttry\n\t{\n\t Connection connection = DatabaseUtilities.makeConnection();\n\t if (connection == null)\n\t {\n\t\treturn null;\n" } } }, "message": { "text": "connection = makeConnection()" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 83 }, "region": { "startLine": 275, "snippet": { "text": "\t if (connection == null)" } }, "contextRegion": { "startLine": 272, "endLine": 278, "snippet": { "text": "\ttry\n\t{\n\t Connection connection = DatabaseUtilities.makeConnection();\n\t if (connection == null)\n\t {\n\t\treturn null;\n\t }\n" } } }, "message": { "text": "Branch not taken" } }, "kinds": [ "branch", "false" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 83 }, "region": { "startLine": 280, "snippet": { "text": "" } }, "contextRegion": { "startLine": 277, "endLine": 282, "snippet": { "text": "\t\treturn null;\n\t }\n\t PreparedStatement ps = connection\n\t\t .prepareStatement(\"SELECT * FROM user_data WHERE userid = ?\");\n\t ps.setInt(1, id);\n\t try\n" } } }, "message": { "text": "ps = connection.prepareStatement(...)" }, "annotations": [ { "startLine": 279, "startColumn": 6, "message": { "text": "ps refers to a database command" } } ] }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 83 }, "region": { "startLine": 284, "snippet": { "text": "\t\tResultSet results = ps.executeQuery();" } }, "contextRegion": { "startLine": 281, "endLine": 287, "snippet": { "text": "\t ps.setInt(1, id);\n\t try\n\t {\n\t\tResultSet results = ps.executeQuery();\n\t\tif ((results != null) && (results.next() == true))\n\t\t{\n\t\t return results.getString(field);\n" } } }, "message": { "text": "results = ps.executeQuery()" }, "annotations": [ { "startLine": 284, "startColumn": 3, "message": { "text": "results refers to a database reader" } } ] }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 83 }, "region": { "startLine": 285, "snippet": { "text": "\t\tif ((results != null) && (results.next() == true))" } }, "contextRegion": { "startLine": 282, "endLine": 288, "snippet": { "text": "\t try\n\t {\n\t\tResultSet results = ps.executeQuery();\n\t\tif ((results != null) && (results.next() == true))\n\t\t{\n\t\t return results.getString(field);\n\t\t}\n" } } }, "message": { "text": "Branch taken" } }, "kinds": [ "branch", "true" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 83 }, "region": { "startLine": 285, "snippet": { "text": "\t\tif ((results != null) && (results.next() == true))" } }, "contextRegion": { "startLine": 282, "endLine": 288, "snippet": { "text": "\t try\n\t {\n\t\tResultSet results = ps.executeQuery();\n\t\tif ((results != null) && (results.next() == true))\n\t\t{\n\t\t return results.getString(field);\n\t\t}\n" } } }, "message": { "text": "Branch not taken" } }, "kinds": [ "branch", "false" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 83 }, "region": { "startLine": 289, "snippet": { "text": "\t }" } }, "contextRegion": { "startLine": 286, "endLine": 292, "snippet": { "text": "\t\t{\n\t\t return results.getString(field);\n\t\t}\n\t }\n\t catch (SQLException sqle)\n\t {}\n\t}\n" } } }, "message": { "text": "results no longer refers to a database reader" } }, "kinds": [ "exit", "scope" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 83 }, "region": { "startLine": 289, "snippet": { "text": "\t }" } }, "contextRegion": { "startLine": 286, "endLine": 292, "snippet": { "text": "\t\t{\n\t\t return results.getString(field);\n\t\t}\n\t }\n\t catch (SQLException sqle)\n\t {}\n\t}\n" } } }, "message": { "text": "results no longer refers to a database reader" } }, "kinds": [ "exit", "scope" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 83 }, "region": { "startLine": 289, "snippet": { "text": "\t }" } }, "contextRegion": { "startLine": 286, "endLine": 292, "snippet": { "text": "\t\t{\n\t\t return results.getString(field);\n\t\t}\n\t }\n\t catch (SQLException sqle)\n\t {}\n\t}\n" } } }, "message": { "text": "results end scope" } }, "kinds": [ "exit", "scope" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 83 }, "region": { "startLine": 292, "snippet": { "text": "\t}" } }, "contextRegion": { "startLine": 289, "endLine": 295, "snippet": { "text": "\t }\n\t catch (SQLException sqle)\n\t {}\n\t}\n\tcatch (Exception e)\n\t{}\n\treturn null;\n" } } }, "message": { "text": "connection end scope : Database resource leaked" } }, "kinds": [ "exit", "scope" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 83 }, "region": { "startLine": 284 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 104, "level": "note", "message": { "text": "The method createContent() in [ReflectedXSS.java](1) never uses the initial value it assigns to the variable quantity on line [77](1).\r\nThe variable's value is assigned but never used, making it a dead store." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 137 }, "region": { "startLine": 77, "snippet": { "text": "\t float quantity = 1.0f;" } }, "contextRegion": { "startLine": 74, "endLine": 80, "snippet": { "text": "\t String param1 = s.getParser().getRawParameter(\"field1\", \"111\");\n\t String param2 = HtmlEncoder.encode(s.getParser().getRawParameter(\n\t\t \"field2\", \"4128 3214 0002 1999\"));\n\t float quantity = 1.0f;\n\t float total = 0.0f;\n\t float runningTotal = 0.0f;\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 137 }, "region": { "startLine": 77, "snippet": { "text": "\t float quantity = 1.0f;" } }, "contextRegion": { "startLine": 74, "endLine": 80, "snippet": { "text": "\t String param1 = s.getParser().getRawParameter(\"field1\", \"111\");\n\t String param2 = HtmlEncoder.encode(s.getParser().getRawParameter(\n\t\t \"field2\", \"4128 3214 0002 1999\"));\n\t float quantity = 1.0f;\n\t float total = 0.0f;\n\t float runningTotal = 0.0f;\n\n" } } }, "message": { "text": "VariableAccess: quantity" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 137 }, "region": { "startLine": 77, "snippet": { "text": "\t float quantity = 1.0f;" } }, "contextRegion": { "startLine": 74, "endLine": 80, "snippet": { "text": "\t String param1 = s.getParser().getRawParameter(\"field1\", \"111\");\n\t String param2 = HtmlEncoder.encode(s.getParser().getRawParameter(\n\t\t \"field2\", \"4128 3214 0002 1999\"));\n\t float quantity = 1.0f;\n\t float total = 0.0f;\n\t float runningTotal = 0.0f;\n\n" } } }, "message": { "text": "Variable: quantity" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 137 }, "region": { "startLine": 77, "startColumn": 6 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 125, "level": "error", "message": { "text": "The method _jspService() in [ViewProfile.jsp](1) mishandles confidential information, which can compromise user privacy and is often illegal.\r\nMishandling private information, such as customer passwords or social security numbers, can compromise user privacy and is often illegal." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 27 }, "region": { "startLine": 54, "snippet": { "text": "\t\t\t \t\t<%=employee.getSsn()%>" } }, "contextRegion": { "startLine": 51, "endLine": 57, "snippet": { "text": "\t\t\t \t\tSSN: \n\t\t\t \t\n\t\t\t \t\n\t\t\t \t\t<%=employee.getSsn()%>\n\t\t\t\t\t\n\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\tSalary: \n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 13 }, { "index": 14 }, { "index": 194 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 27 }, "region": { "startLine": 54, "snippet": { "text": "\t\t\t \t\t<%=employee.getSsn()%>" } }, "contextRegion": { "startLine": 51, "endLine": 57, "snippet": { "text": "\t\t\t \t\tSSN: \n\t\t\t \t\n\t\t\t \t\n\t\t\t \t\t<%=employee.getSsn()%>\n\t\t\t\t\t\n\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\tSalary: \n" } } }, "message": { "text": "print(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 27 }, "region": { "startLine": 54 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 104, "level": "note", "message": { "text": "The method createContent() in [ReflectedXSS.java](1) never uses the initial value it assigns to the variable total on line [78](1).\r\nThe variable's value is assigned but never used, making it a dead store." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 137 }, "region": { "startLine": 78, "snippet": { "text": "\t float total = 0.0f;" } }, "contextRegion": { "startLine": 75, "endLine": 81, "snippet": { "text": "\t String param2 = HtmlEncoder.encode(s.getParser().getRawParameter(\n\t\t \"field2\", \"4128 3214 0002 1999\"));\n\t float quantity = 1.0f;\n\t float total = 0.0f;\n\t float runningTotal = 0.0f;\n\n\t // test input field1\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 137 }, "region": { "startLine": 78, "snippet": { "text": "\t float total = 0.0f;" } }, "contextRegion": { "startLine": 75, "endLine": 81, "snippet": { "text": "\t String param2 = HtmlEncoder.encode(s.getParser().getRawParameter(\n\t\t \"field2\", \"4128 3214 0002 1999\"));\n\t float quantity = 1.0f;\n\t float total = 0.0f;\n\t float runningTotal = 0.0f;\n\n\t // test input field1\n" } } }, "message": { "text": "VariableAccess: total" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 137 }, "region": { "startLine": 78, "snippet": { "text": "\t float total = 0.0f;" } }, "contextRegion": { "startLine": 75, "endLine": 81, "snippet": { "text": "\t String param2 = HtmlEncoder.encode(s.getParser().getRawParameter(\n\t\t \"field2\", \"4128 3214 0002 1999\"));\n\t float quantity = 1.0f;\n\t float total = 0.0f;\n\t float runningTotal = 0.0f;\n\n\t // test input field1\n" } } }, "message": { "text": "Variable: total" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 137 }, "region": { "startLine": 78, "startColumn": 6 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 14, "level": "error", "message": { "text": "XML parser configured in [WsSAXInjection.java](1):[179](1) does not prevent nor limit external entities resolution. This can expose the parser to an XML External Entities attack\r\nUsing XML parsers configured to not prevent nor limit external entities resolution can expose the parser to an XML External Entities attack\r\n." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 18 }, "region": { "startLine": 179, "snippet": { "text": "\t reader.parse(new InputSource(new StringReader(xml)));" } }, "contextRegion": { "startLine": 176, "endLine": 182, "snippet": { "text": "\t XMLReader reader = XMLReaderFactory.createXMLReader();\n\t PasswordChanger changer = new PasswordChanger();\n\t reader.setContentHandler(changer);\n\t reader.parse(new InputSource(new StringReader(xml)));\n\t if (!\"101\".equals(changer.getId()))\n\t {\n\t\tmakeSuccess(s);\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 0 }, { "index": 2 }, { "index": 3 }, { "index": 7 }, { "index": 10 }, { "index": 187 }, { "index": 188 }, { "index": 189 }, { "index": 190 }, { "index": 191 }, { "index": 192 }, { "index": 193 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 18 }, "region": { "startLine": 179, "snippet": { "text": "\t reader.parse(new InputSource(new StringReader(xml)));" } }, "contextRegion": { "startLine": 176, "endLine": 182, "snippet": { "text": "\t XMLReader reader = XMLReaderFactory.createXMLReader();\n\t PasswordChanger changer = new PasswordChanger();\n\t reader.setContentHandler(changer);\n\t reader.parse(new InputSource(new StringReader(xml)));\n\t if (!\"101\".equals(changer.getId()))\n\t {\n\t\tmakeSuccess(s);\n" } } }, "message": { "text": "parse(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 18 }, "region": { "startLine": 179, "startColumn": 19 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function login() in [Login.java](1) might reveal system data or debugging information by calling printStackTrace() on line [163](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 37 }, "region": { "startLine": 163, "snippet": { "text": "\t\tsqle.printStackTrace();" } }, "contextRegion": { "startLine": 160, "endLine": 166, "snippet": { "text": "\t catch (SQLException sqle)\n\t {\n\t\ts.setMessage(\"Error logging in\");\n\t\tsqle.printStackTrace();\n\t }\n\t}\n\tcatch (Exception e)\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 37 }, "region": { "startLine": 163, "snippet": { "text": "\t\tsqle.printStackTrace();" } }, "contextRegion": { "startLine": 160, "endLine": 166, "snippet": { "text": "\t catch (SQLException sqle)\n\t {\n\t\ts.setMessage(\"Error logging in\");\n\t\tsqle.printStackTrace();\n\t }\n\t}\n\tcatch (Exception e)\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 37 }, "region": { "startLine": 163 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 42, "message": { "text": "The method setSessionAttribute() in [DefaultLessonAction.java](1) commingles trusted and untrusted data in the same data structure, which encourages programmers to mistakenly trust unvalidated data.\r\nCommingling trusted and untrusted data in the same data structure encourages programmers to mistakenly trust unvalidated data." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 106 }, "region": { "startLine": 89, "snippet": { "text": "\t\ts.getRequest().getSession().setAttribute(name, value);" } }, "contextRegion": { "startLine": 86, "endLine": 92, "snippet": { "text": "\t\n\tpublic void setSessionAttribute(WebSession s, String name, Object value)\n\t{\n\t\ts.getRequest().getSession().setAttribute(name, value);\n\t}\n\t\n\tpublic void setRequestAttribute(WebSession s, String name, Object value)\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 195 }, { "index": 196 }, { "index": 197 }, { "index": 198 }, { "index": 199 }, { "index": 200 }, { "index": 201 }, { "index": 202 }, { "index": 203 }, { "index": 204 }, { "index": 205 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 106 }, "region": { "startLine": 89, "snippet": { "text": "\t\ts.getRequest().getSession().setAttribute(name, value);" } }, "contextRegion": { "startLine": 86, "endLine": 92, "snippet": { "text": "\t\n\tpublic void setSessionAttribute(WebSession s, String name, Object value)\n\t{\n\t\ts.getRequest().getSession().setAttribute(name, value);\n\t}\n\t\n\tpublic void setRequestAttribute(WebSession s, String name, Object value)\n" } } }, "message": { "text": "setAttribute(1)" } }, "kinds": [ "call", "function" ] } ] } ] }, { "threadFlows": [ { "locations": [ { "index": 195 }, { "index": 196 }, { "index": 206 }, { "index": 207 }, { "index": 208 }, { "index": 200 }, { "index": 201 }, { "index": 202 }, { "index": 209 }, { "index": 204 }, { "index": 205 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 106 }, "region": { "startLine": 89, "snippet": { "text": "\t\ts.getRequest().getSession().setAttribute(name, value);" } }, "contextRegion": { "startLine": 86, "endLine": 92, "snippet": { "text": "\t\n\tpublic void setSessionAttribute(WebSession s, String name, Object value)\n\t{\n\t\ts.getRequest().getSession().setAttribute(name, value);\n\t}\n\t\n\tpublic void setRequestAttribute(WebSession s, String name, Object value)\n" } } }, "message": { "text": "setAttribute(1)" } }, "kinds": [ "call", "function" ] } ] } ] }, { "threadFlows": [ { "locations": [ { "index": 195 }, { "index": 196 }, { "index": 210 }, { "index": 211 }, { "index": 212 }, { "index": 200 }, { "index": 201 }, { "index": 202 }, { "index": 213 }, { "index": 204 }, { "index": 205 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 106 }, "region": { "startLine": 89, "snippet": { "text": "\t\ts.getRequest().getSession().setAttribute(name, value);" } }, "contextRegion": { "startLine": 86, "endLine": 92, "snippet": { "text": "\t\n\tpublic void setSessionAttribute(WebSession s, String name, Object value)\n\t{\n\t\ts.getRequest().getSession().setAttribute(name, value);\n\t}\n\t\n\tpublic void setRequestAttribute(WebSession s, String name, Object value)\n" } } }, "message": { "text": "setAttribute(1)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 106 }, "region": { "startLine": 89, "startColumn": 50 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 102, "level": "error", "message": { "text": "On line [248](1) of [UpdateProfile.java](1), the method changeEmployeeProfile() invokes a SQL query built using input coming from an untrusted source. This call could allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands.\r\nConstructing a dynamic SQL statement with input coming from an untrusted source could allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 248, "snippet": { "text": "\t\tanswer_statement.executeUpdate(query);" } }, "contextRegion": { "startLine": 245, "endLine": 251, "snippet": { "text": "\t\tStatement answer_statement = WebSession.getConnection(s)\n\t\t\t.createStatement(ResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tanswer_statement.executeUpdate(query);\n\t }\n\t catch (SQLException sqle)\n\t {\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 214 }, { "index": 215 }, { "index": 216 }, { "index": 90 }, { "index": 91 }, { "index": 218 }, { "index": 93 }, { "index": 219 }, { "index": 220 }, { "index": 149 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 248, "snippet": { "text": "\t\tanswer_statement.executeUpdate(query);" } }, "contextRegion": { "startLine": 245, "endLine": 251, "snippet": { "text": "\t\tStatement answer_statement = WebSession.getConnection(s)\n\t\t\t.createStatement(ResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tanswer_statement.executeUpdate(query);\n\t }\n\t catch (SQLException sqle)\n\t {\n" } } }, "message": { "text": "executeUpdate(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 248, "startColumn": 34 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 133, "message": { "text": "The function resetWebPage() in [Challenge2Screen.java](1) sometimes fails to release a system resource allocated by FileReader() on line 434.\r\nThe program can potentially fail to release a system resource." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 434, "snippet": { "text": "\t fw.write(getFileText(new BufferedReader(new FileReader(" } }, "contextRegion": { "startLine": 431, "endLine": 437, "snippet": { "text": "\t // replace the defaced text with the original\n\t File usersFile = new File(defacedpath);\n\t FileWriter fw = new FileWriter(usersFile);\n\t fw.write(getFileText(new BufferedReader(new FileReader(\n\t\t masterFilePath)), false));\n\t fw.close();\n\t //\t\t\tSystem.out.println(\"webgoat_guest replaced: \" + getFileText( new BufferedReader( new FileReader( defacedpath ) ), false ) );\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 434, "snippet": { "text": "\t fw.write(getFileText(new BufferedReader(new FileReader(" } }, "contextRegion": { "startLine": 431, "endLine": 437, "snippet": { "text": "\t // replace the defaced text with the original\n\t File usersFile = new File(defacedpath);\n\t FileWriter fw = new FileWriter(usersFile);\n\t fw.write(getFileText(new BufferedReader(new FileReader(\n\t\t masterFilePath)), false));\n\t fw.close();\n\t //\t\t\tSystem.out.println(\"webgoat_guest replaced: \" + getFileText( new BufferedReader( new FileReader( defacedpath ) ), false ) );\n" } } }, "message": { "text": "new FileReader(...)" }, "annotations": [ { "startLine": 434, "startColumn": 46, "message": { "text": " refers to an allocated resource" } } ] }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 434, "snippet": { "text": "\t fw.write(getFileText(new BufferedReader(new FileReader(" } }, "contextRegion": { "startLine": 431, "endLine": 437, "snippet": { "text": "\t // replace the defaced text with the original\n\t File usersFile = new File(defacedpath);\n\t FileWriter fw = new FileWriter(usersFile);\n\t fw.write(getFileText(new BufferedReader(new FileReader(\n\t\t masterFilePath)), false));\n\t fw.close();\n\t //\t\t\tSystem.out.println(\"webgoat_guest replaced: \" + getFileText( new BufferedReader( new FileReader( defacedpath ) ), false ) );\n" } } }, "message": { "text": "new BufferedReader(new java.io.FileReader())" }, "annotations": [ { "startLine": 434, "startColumn": 27, "message": { "text": " refers to an allocated resource" } } ] }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 434, "snippet": { "text": "\t fw.write(getFileText(new BufferedReader(new FileReader(" } }, "contextRegion": { "startLine": 431, "endLine": 437, "snippet": { "text": "\t // replace the defaced text with the original\n\t File usersFile = new File(defacedpath);\n\t FileWriter fw = new FileWriter(usersFile);\n\t fw.write(getFileText(new BufferedReader(new FileReader(\n\t\t masterFilePath)), false));\n\t fw.close();\n\t //\t\t\tSystem.out.println(\"webgoat_guest replaced: \" + getFileText( new BufferedReader( new FileReader( defacedpath ) ), false ) );\n" } } }, "message": { "text": "getFileText(new java.io.BufferedReader(), ?)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 434, "snippet": { "text": "\t fw.write(getFileText(new BufferedReader(new FileReader(" } }, "contextRegion": { "startLine": 431, "endLine": 437, "snippet": { "text": "\t // replace the defaced text with the original\n\t File usersFile = new File(defacedpath);\n\t FileWriter fw = new FileWriter(usersFile);\n\t fw.write(getFileText(new BufferedReader(new FileReader(\n\t\t masterFilePath)), false));\n\t fw.close();\n\t //\t\t\tSystem.out.println(\"webgoat_guest replaced: \" + getFileText( new BufferedReader( new FileReader( defacedpath ) ), false ) );\n" } } }, "message": { "text": "java.lang.Exception thrown" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 434, "snippet": { "text": "\t fw.write(getFileText(new BufferedReader(new FileReader(" } }, "contextRegion": { "startLine": 431, "endLine": 437, "snippet": { "text": "\t // replace the defaced text with the original\n\t File usersFile = new File(defacedpath);\n\t FileWriter fw = new FileWriter(usersFile);\n\t fw.write(getFileText(new BufferedReader(new FileReader(\n\t\t masterFilePath)), false));\n\t fw.close();\n\t //\t\t\tSystem.out.println(\"webgoat_guest replaced: \" + getFileText( new BufferedReader( new FileReader( defacedpath ) ), false ) );\n" } } }, "message": { "text": " no longer refers to an allocated resource" } }, "kinds": [ "exit", "scope" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 434, "snippet": { "text": "\t fw.write(getFileText(new BufferedReader(new FileReader(" } }, "contextRegion": { "startLine": 431, "endLine": 437, "snippet": { "text": "\t // replace the defaced text with the original\n\t File usersFile = new File(defacedpath);\n\t FileWriter fw = new FileWriter(usersFile);\n\t fw.write(getFileText(new BufferedReader(new FileReader(\n\t\t masterFilePath)), false));\n\t fw.close();\n\t //\t\t\tSystem.out.println(\"webgoat_guest replaced: \" + getFileText( new BufferedReader( new FileReader( defacedpath ) ), false ) );\n" } } }, "message": { "text": " no longer refers to an allocated resource" } }, "kinds": [ "exit", "scope" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 434, "snippet": { "text": "\t fw.write(getFileText(new BufferedReader(new FileReader(" } }, "contextRegion": { "startLine": 431, "endLine": 437, "snippet": { "text": "\t // replace the defaced text with the original\n\t File usersFile = new File(defacedpath);\n\t FileWriter fw = new FileWriter(usersFile);\n\t fw.write(getFileText(new BufferedReader(new FileReader(\n\t\t masterFilePath)), false));\n\t fw.close();\n\t //\t\t\tSystem.out.println(\"webgoat_guest replaced: \" + getFileText( new BufferedReader( new FileReader( defacedpath ) ), false ) );\n" } } }, "message": { "text": "end scope : Resource leaked : java.lang.Exception thrown" } }, "kinds": [ "exit", "scope" ] } ] } ] }, { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 434, "snippet": { "text": "\t fw.write(getFileText(new BufferedReader(new FileReader(" } }, "contextRegion": { "startLine": 431, "endLine": 437, "snippet": { "text": "\t // replace the defaced text with the original\n\t File usersFile = new File(defacedpath);\n\t FileWriter fw = new FileWriter(usersFile);\n\t fw.write(getFileText(new BufferedReader(new FileReader(\n\t\t masterFilePath)), false));\n\t fw.close();\n\t //\t\t\tSystem.out.println(\"webgoat_guest replaced: \" + getFileText( new BufferedReader( new FileReader( defacedpath ) ), false ) );\n" } } }, "message": { "text": "new FileReader(...)" }, "annotations": [ { "startLine": 434, "startColumn": 46, "message": { "text": " refers to an allocated resource" } } ] }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 434, "snippet": { "text": "\t fw.write(getFileText(new BufferedReader(new FileReader(" } }, "contextRegion": { "startLine": 431, "endLine": 437, "snippet": { "text": "\t // replace the defaced text with the original\n\t File usersFile = new File(defacedpath);\n\t FileWriter fw = new FileWriter(usersFile);\n\t fw.write(getFileText(new BufferedReader(new FileReader(\n\t\t masterFilePath)), false));\n\t fw.close();\n\t //\t\t\tSystem.out.println(\"webgoat_guest replaced: \" + getFileText( new BufferedReader( new FileReader( defacedpath ) ), false ) );\n" } } }, "message": { "text": "new BufferedReader(new java.io.FileReader())" }, "annotations": [ { "startLine": 434, "startColumn": 27, "message": { "text": " refers to an allocated resource" } } ] }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 434, "snippet": { "text": "\t fw.write(getFileText(new BufferedReader(new FileReader(" } }, "contextRegion": { "startLine": 431, "endLine": 437, "snippet": { "text": "\t // replace the defaced text with the original\n\t File usersFile = new File(defacedpath);\n\t FileWriter fw = new FileWriter(usersFile);\n\t fw.write(getFileText(new BufferedReader(new FileReader(\n\t\t masterFilePath)), false));\n\t fw.close();\n\t //\t\t\tSystem.out.println(\"webgoat_guest replaced: \" + getFileText( new BufferedReader( new FileReader( defacedpath ) ), false ) );\n" } } }, "message": { "text": "getFileText(new java.io.BufferedReader(), ?)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 436, "snippet": { "text": "\t fw.close();" } }, "contextRegion": { "startLine": 433, "endLine": 439, "snippet": { "text": "\t FileWriter fw = new FileWriter(usersFile);\n\t fw.write(getFileText(new BufferedReader(new FileReader(\n\t\t masterFilePath)), false));\n\t fw.close();\n\t //\t\t\tSystem.out.println(\"webgoat_guest replaced: \" + getFileText( new BufferedReader( new FileReader( defacedpath ) ), false ) );\n\t}\n\tcatch (Exception e)\n" } } }, "message": { "text": "java.lang.Exception thrown" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 436, "snippet": { "text": "\t fw.close();" } }, "contextRegion": { "startLine": 433, "endLine": 439, "snippet": { "text": "\t FileWriter fw = new FileWriter(usersFile);\n\t fw.write(getFileText(new BufferedReader(new FileReader(\n\t\t masterFilePath)), false));\n\t fw.close();\n\t //\t\t\tSystem.out.println(\"webgoat_guest replaced: \" + getFileText( new BufferedReader( new FileReader( defacedpath ) ), false ) );\n\t}\n\tcatch (Exception e)\n" } } }, "message": { "text": " no longer refers to an allocated resource" } }, "kinds": [ "exit", "scope" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 436, "snippet": { "text": "\t fw.close();" } }, "contextRegion": { "startLine": 433, "endLine": 439, "snippet": { "text": "\t FileWriter fw = new FileWriter(usersFile);\n\t fw.write(getFileText(new BufferedReader(new FileReader(\n\t\t masterFilePath)), false));\n\t fw.close();\n\t //\t\t\tSystem.out.println(\"webgoat_guest replaced: \" + getFileText( new BufferedReader( new FileReader( defacedpath ) ), false ) );\n\t}\n\tcatch (Exception e)\n" } } }, "message": { "text": " no longer refers to an allocated resource" } }, "kinds": [ "exit", "scope" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 436, "snippet": { "text": "\t fw.close();" } }, "contextRegion": { "startLine": 433, "endLine": 439, "snippet": { "text": "\t FileWriter fw = new FileWriter(usersFile);\n\t fw.write(getFileText(new BufferedReader(new FileReader(\n\t\t masterFilePath)), false));\n\t fw.close();\n\t //\t\t\tSystem.out.println(\"webgoat_guest replaced: \" + getFileText( new BufferedReader( new FileReader( defacedpath ) ), false ) );\n\t}\n\tcatch (Exception e)\n" } } }, "message": { "text": "end scope : Resource leaked : java.lang.Exception thrown" } }, "kinds": [ "exit", "scope" ] } ] } ] }, { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 434, "snippet": { "text": "\t fw.write(getFileText(new BufferedReader(new FileReader(" } }, "contextRegion": { "startLine": 431, "endLine": 437, "snippet": { "text": "\t // replace the defaced text with the original\n\t File usersFile = new File(defacedpath);\n\t FileWriter fw = new FileWriter(usersFile);\n\t fw.write(getFileText(new BufferedReader(new FileReader(\n\t\t masterFilePath)), false));\n\t fw.close();\n\t //\t\t\tSystem.out.println(\"webgoat_guest replaced: \" + getFileText( new BufferedReader( new FileReader( defacedpath ) ), false ) );\n" } } }, "message": { "text": "new FileReader(...)" }, "annotations": [ { "startLine": 434, "startColumn": 46, "message": { "text": " refers to an allocated resource" } } ] }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 434, "snippet": { "text": "\t fw.write(getFileText(new BufferedReader(new FileReader(" } }, "contextRegion": { "startLine": 431, "endLine": 437, "snippet": { "text": "\t // replace the defaced text with the original\n\t File usersFile = new File(defacedpath);\n\t FileWriter fw = new FileWriter(usersFile);\n\t fw.write(getFileText(new BufferedReader(new FileReader(\n\t\t masterFilePath)), false));\n\t fw.close();\n\t //\t\t\tSystem.out.println(\"webgoat_guest replaced: \" + getFileText( new BufferedReader( new FileReader( defacedpath ) ), false ) );\n" } } }, "message": { "text": "new BufferedReader(new java.io.FileReader())" }, "annotations": [ { "startLine": 434, "startColumn": 27, "message": { "text": " refers to an allocated resource" } } ] }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 434, "snippet": { "text": "\t fw.write(getFileText(new BufferedReader(new FileReader(" } }, "contextRegion": { "startLine": 431, "endLine": 437, "snippet": { "text": "\t // replace the defaced text with the original\n\t File usersFile = new File(defacedpath);\n\t FileWriter fw = new FileWriter(usersFile);\n\t fw.write(getFileText(new BufferedReader(new FileReader(\n\t\t masterFilePath)), false));\n\t fw.close();\n\t //\t\t\tSystem.out.println(\"webgoat_guest replaced: \" + getFileText( new BufferedReader( new FileReader( defacedpath ) ), false ) );\n" } } }, "message": { "text": "getFileText(new java.io.BufferedReader(), ?)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 438, "snippet": { "text": "\t}" } }, "contextRegion": { "startLine": 435, "endLine": 441, "snippet": { "text": "\t\t masterFilePath)), false));\n\t fw.close();\n\t //\t\t\tSystem.out.println(\"webgoat_guest replaced: \" + getFileText( new BufferedReader( new FileReader( defacedpath ) ), false ) );\n\t}\n\tcatch (Exception e)\n\t{\n\t e.printStackTrace();\n" } } }, "message": { "text": " no longer refers to an allocated resource" } }, "kinds": [ "exit", "scope" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 438, "snippet": { "text": "\t}" } }, "contextRegion": { "startLine": 435, "endLine": 441, "snippet": { "text": "\t\t masterFilePath)), false));\n\t fw.close();\n\t //\t\t\tSystem.out.println(\"webgoat_guest replaced: \" + getFileText( new BufferedReader( new FileReader( defacedpath ) ), false ) );\n\t}\n\tcatch (Exception e)\n\t{\n\t e.printStackTrace();\n" } } }, "message": { "text": " no longer refers to an allocated resource" } }, "kinds": [ "exit", "scope" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 438, "snippet": { "text": "\t}" } }, "contextRegion": { "startLine": 435, "endLine": 441, "snippet": { "text": "\t\t masterFilePath)), false));\n\t fw.close();\n\t //\t\t\tSystem.out.println(\"webgoat_guest replaced: \" + getFileText( new BufferedReader( new FileReader( defacedpath ) ), false ) );\n\t}\n\tcatch (Exception e)\n\t{\n\t e.printStackTrace();\n" } } }, "message": { "text": "end scope : Resource leaked" } }, "kinds": [ "exit", "scope" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 434 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 77, "level": "note", "message": { "text": "The method createContent() in [ReportCardScreen.java](1) ignores an exception on line [87](1), which could cause the program to overlook unexpected states and conditions.\r\nIgnoring an exception can cause the program to overlook unexpected states and conditions." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 55 }, "region": { "startLine": 87, "endLine": 88, "snippet": { "text": "\tcatch (Exception e)\r\n\t{}" } }, "contextRegion": { "startLine": 84, "endLine": 91, "snippet": { "text": "\t\tuser = s.getUserName();\n\t }\n\t}\n\tcatch (Exception e)\n\t{}\n\n\tif (user == null)\n\t{\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 55 }, "region": { "startLine": 87, "endLine": 88, "snippet": { "text": "\tcatch (Exception e)\r\n\t{}" } }, "contextRegion": { "startLine": 84, "endLine": 91, "snippet": { "text": "\t\tuser = s.getUserName();\n\t }\n\t}\n\tcatch (Exception e)\n\t{}\n\n\tif (user == null)\n\t{\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 55 }, "region": { "startLine": 87, "startColumn": 2, "endLine": 88 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 28, "message": { "text": "The form post at [webgoat_challenge.jsp](1) line [51](1) must contain a user-specific secret in order to prevent an attacker from making unauthorized requests.\r\nForm posts must contain a user-specific secret in order to prevent an attacker from making unauthorized requests." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 64 }, "region": { "startLine": 51, "endLine": 55, "snippet": { "text": "\t\t\t
\r\n\t \t\t\t
\r\n \t\t\t \r\n\t \t\t\t
\r\n\t\t\t
" } }, "contextRegion": { "startLine": 48, "endLine": 58, "snippet": { "text": "
\n \n \n\t\t\t
\n\t \t\t\t
\n \t\t\t \n\t \t\t\t
\n\t\t\t
\n\t\t \n\t \n\t\t
WARNING
\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 64 }, "region": { "startLine": 51, "endLine": 55, "snippet": { "text": "\t\t\t
\r\n\t \t\t\t
\r\n \t\t\t \r\n\t \t\t\t
\r\n\t\t\t
" } }, "contextRegion": { "startLine": 48, "endLine": 58, "snippet": { "text": "
\n \n \n\t\t\t
\n\t \t\t\t
\n \t\t\t \n\t \t\t\t
\n\t\t\t
\n\t\t
\n\t \n\t\t
WARNING
\n" } } } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 64 }, "region": { "startLine": 51, "startColumn": 4, "endLine": 55 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 17, "message": { "text": "The catch block at [ParameterParser.java](1) line [610](1) handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program.\r\nThe catch block handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 610, "endLine": 613, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t return def;\r\n\t}" } }, "contextRegion": { "startLine": 607, "endLine": 616, "snippet": { "text": "\t{\n\t return getRawParameter(name);\n\t}\n\tcatch (Exception e)\n\t{\n\t return def;\n\t}\n }\n\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 610, "endLine": 613, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t return def;\r\n\t}" } }, "contextRegion": { "startLine": 607, "endLine": 616, "snippet": { "text": "\t{\n\t return getRawParameter(name);\n\t}\n\tcatch (Exception e)\n\t{\n\t return def;\n\t}\n }\n\n\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 610, "startColumn": 2, "endLine": 613 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 108, "level": "error", "message": { "text": "The method getRawParameter() in [ParameterParser.java](1) mishandles confidential information, which can compromise user privacy and is often illegal.\r\nMishandling private information, such as customer passwords or social security numbers, can compromise user privacy and is often illegal." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 635, "snippet": { "text": "\t throw new ParameterNotFoundException(name + \" was empty\");" } }, "contextRegion": { "startLine": 632, "endLine": 638, "snippet": { "text": "\t}\n\telse if (values[0].length() == 0)\n\t{\n\t throw new ParameterNotFoundException(name + \" was empty\");\n\t}\n\n\treturn (values[0]);\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 4 }, { "index": 5 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 635, "snippet": { "text": "\t throw new ParameterNotFoundException(name + \" was empty\");" } }, "contextRegion": { "startLine": 632, "endLine": 638, "snippet": { "text": "\t}\n\telse if (values[0].length() == 0)\n\t{\n\t throw new ParameterNotFoundException(name + \" was empty\");\n\t}\n\n\treturn (values[0]);\n" } } }, "message": { "text": "ParameterNotFoundException(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 635 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function createStagedContent() in [LessonAdapter.java](1) might reveal system data or debugging information by calling printStackTrace() on line [137](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 116 }, "region": { "startLine": 137, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 134, "endLine": 140, "snippet": { "text": "\t{\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\n\t System.out.println(e);\n\t e.printStackTrace();\n\t}\n\n\treturn (new StringElement(\"\"));\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 116 }, "region": { "startLine": 137, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 134, "endLine": 140, "snippet": { "text": "\t{\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\n\t System.out.println(e);\n\t e.printStackTrace();\n\t}\n\n\treturn (new StringElement(\"\"));\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 116 }, "region": { "startLine": 137 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 113, "message": { "text": "The call to getInstance() at [Encoding.java](1) line [489](1) uses a weak encryption algorithm that cannot guarantee the confidentiality of sensitive data.\r\nThe identified call uses a weak encryption algorithm that cannot guarantee the confidentiality of sensitive data." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 489, "snippet": { "text": "\t\t\tSecretKeyFactory kf = SecretKeyFactory.getInstance( \"PBEWithMD5AndDES\" );" } }, "contextRegion": { "startLine": 486, "endLine": 492, "snippet": { "text": "\n\t\t\tPBEParameterSpec ps = new javax.crypto.spec.PBEParameterSpec( salt, 20 );\n\n\t\t\tSecretKeyFactory kf = SecretKeyFactory.getInstance( \"PBEWithMD5AndDES\" );\n\n\t\t\tCipher passwordDecryptCipher = Cipher.getInstance( \"PBEWithMD5AndDES/CBC/PKCS5Padding\" );\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 489, "snippet": { "text": "\t\t\tSecretKeyFactory kf = SecretKeyFactory.getInstance( \"PBEWithMD5AndDES\" );" } }, "contextRegion": { "startLine": 486, "endLine": 492, "snippet": { "text": "\n\t\t\tPBEParameterSpec ps = new javax.crypto.spec.PBEParameterSpec( salt, 20 );\n\n\t\t\tSecretKeyFactory kf = SecretKeyFactory.getInstance( \"PBEWithMD5AndDES\" );\n\n\t\t\tCipher passwordDecryptCipher = Cipher.getInstance( \"PBEWithMD5AndDES/CBC/PKCS5Padding\" );\n\n" } } }, "message": { "text": "getInstance()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 489 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function getEmployeeProfile_BACKUP() in [ViewProfile.java](1) might reveal system data or debugging information by calling printStackTrace() on line [212](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 38 }, "region": { "startLine": 212, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 209, "endLine": 215, "snippet": { "text": "\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error getting employee profile\");\n\t e.printStackTrace();\n\t}\n\n\treturn profile;\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 38 }, "region": { "startLine": 212, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 209, "endLine": 215, "snippet": { "text": "\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error getting employee profile\");\n\t e.printStackTrace();\n\t}\n\n\treturn profile;\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 38 }, "region": { "startLine": 212 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 17, "message": { "text": "The catch block at [ParameterParser.java](1) line [731](1) handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program.\r\nThe catch block handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 731, "endLine": 734, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t return def;\r\n\t}" } }, "contextRegion": { "startLine": 728, "endLine": 737, "snippet": { "text": "\t{\n\t return getStringParameter(name);\n\t}\n\tcatch (Exception e)\n\t{\n\t return def;\n\t}\n }\n\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 731, "endLine": 734, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t return def;\r\n\t}" } }, "contextRegion": { "startLine": 728, "endLine": 737, "snippet": { "text": "\t{\n\t return getStringParameter(name);\n\t}\n\tcatch (Exception e)\n\t{\n\t return def;\n\t}\n }\n\n\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 731, "startColumn": 2, "endLine": 734 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 49, "level": "note", "message": { "text": "The function getFileText() in [AbstractLesson.java](1) might reveal system data or debugging information by calling println() on line [478](1). The information revealed by println() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 75 }, "region": { "startLine": 478, "snippet": { "text": "\t System.out.println(e);" } }, "contextRegion": { "startLine": 475, "endLine": 481, "snippet": { "text": "\t}\n\tcatch (Exception e)\n\t{\n\t System.out.println(e);\n\t e.printStackTrace();\n\t}\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 222 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 75 }, "region": { "startLine": 478, "snippet": { "text": "\t System.out.println(e);" } }, "contextRegion": { "startLine": 475, "endLine": 481, "snippet": { "text": "\t}\n\tcatch (Exception e)\n\t{\n\t System.out.println(e);\n\t e.printStackTrace();\n\t}\n\n" } } }, "message": { "text": "println(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 75 }, "region": { "startLine": 478, "startColumn": 25 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 141, "level": "error", "message": { "text": "The method execOptions() in [Exec.java](1) calls exec() with a command built from untrusted data. This call can cause the program to execute malicious commands on behalf of an attacker.\r\nExecuting commands from an untrusted source or in an untrusted environment can cause an application to execute malicious commands on behalf of an attacker." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 74 }, "region": { "startLine": 103, "snippet": { "text": "\t child = Runtime.getRuntime().exec(command);" } }, "contextRegion": { "startLine": 100, "endLine": 106, "snippet": { "text": "\ttry\n\t{\n\t // start the command\n\t child = Runtime.getRuntime().exec(command);\n\n\t // get the streams in and out of the command\n\t InputStream processIn = child.getInputStream();\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 0 }, { "index": 2 }, { "index": 3 }, { "index": 7 }, { "index": 10 }, { "index": 226 }, { "index": 227 }, { "index": 228 }, { "index": 229 }, { "index": 230 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 74 }, "region": { "startLine": 103, "snippet": { "text": "\t child = Runtime.getRuntime().exec(command);" } }, "contextRegion": { "startLine": 100, "endLine": 106, "snippet": { "text": "\ttry\n\t{\n\t // start the command\n\t child = Runtime.getRuntime().exec(command);\n\n\t // get the streams in and out of the command\n\t InputStream processIn = child.getInputStream();\n" } } }, "message": { "text": "exec(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 74 }, "region": { "startLine": 103, "startColumn": 40 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 18, "level": "error", "message": { "text": "The method _jspService() in [main.jsp](1) sends unvalidated data to a web browser on line [163](1), which can result in the browser executing malicious code.\r\nSending unvalidated data to a web browser can result in the browser executing malicious code." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 84 }, "region": { "startLine": 163, "snippet": { "text": "\t\t\t \t" } }, "contextRegion": { "startLine": 160, "endLine": 166, "snippet": { "text": "\t\t\t if (currentLesson != null)\n\t\t\t {\n\t\t\t \t%>\n\t\t\t \t\n\t \t\t\t<%\n\t \t\t\t}\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 243 }, { "index": 244 }, { "index": 245 }, { "index": 50 }, { "index": 58 }, { "index": 59 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 84 }, "region": { "startLine": 163, "snippet": { "text": "\t\t\t \t" } }, "contextRegion": { "startLine": 160, "endLine": 166, "snippet": { "text": "\t\t\t if (currentLesson != null)\n\t\t\t {\n\t\t\t \t%>\n\t\t\t \t\n\t \t\t\t<%\n\t \t\t\t}\n\n" } } }, "message": { "text": "print(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 84 }, "region": { "startLine": 163 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 23, "level": "error", "message": { "text": "Without proper access control, the method makeCurrent() in [StoredXss.java](1) can execute a SQL statement on line [223](1) that contains an attacker-controlled primary key, thereby allowing the attacker to access unauthorized records.\r\nWithout proper access control, executing a SQL statement that contains a user-controlled primary key can allow an attacker to view unauthorized records." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 60 }, "region": { "startLine": 223, "snippet": { "text": "\t statement.setInt(2, messageNum);" } }, "contextRegion": { "startLine": 220, "endLine": 226, "snippet": { "text": "\t\t ResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t ResultSet.CONCUR_READ_ONLY);\n\t statement.setString(1, getNameroot(s.getUserName()) + \"%\");\n\t statement.setInt(2, messageNum);\n\t ResultSet results = statement.executeQuery();\n\n\t if ((results != null) && results.first())\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 67 }, { "index": 68 }, { "index": 69 }, { "index": 70 }, { "index": 76 }, { "index": 77 }, { "index": 78 }, { "index": 79 }, { "index": 80 }, { "index": 246 }, { "index": 82 }, { "index": 247 }, { "index": 248 }, { "index": 82 }, { "index": 249 }, { "index": 250 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 60 }, "region": { "startLine": 223, "snippet": { "text": "\t statement.setInt(2, messageNum);" } }, "contextRegion": { "startLine": 220, "endLine": 226, "snippet": { "text": "\t\t ResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t ResultSet.CONCUR_READ_ONLY);\n\t statement.setString(1, getNameroot(s.getUserName()) + \"%\");\n\t statement.setInt(2, messageNum);\n\t ResultSet results = statement.executeQuery();\n\n\t if ((results != null) && results.first())\n" } } }, "message": { "text": "setInt(1)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 60 }, "region": { "startLine": 223, "startColumn": 26 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 49, "level": "note", "message": { "text": "The function getDatabaseConnectionString() in [WebSession.java](1) might reveal system data or debugging information by calling println() on line [439](1). The information revealed by println() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 46 }, "region": { "startLine": 439, "snippet": { "text": "\t\t\tSystem.out.println( \"PATH: \" + path );" } }, "contextRegion": { "startLine": 436, "endLine": 442, "snippet": { "text": "\t\ttry\n\t\t{\n\t\t\tString path = context.getRealPath( \"/database\" ).replace( '\\\\', '/' );\n\t\t\tSystem.out.println( \"PATH: \" + path );\n\t\t\tString realConnectionString = databaseConnectionString.replaceAll( \"PATH\", path );\n\t\t\tSystem.out.println( \"Database Connection String: \" + realConnectionString );\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 251 }, { "index": 252 }, { "index": 253 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 46 }, "region": { "startLine": 439, "snippet": { "text": "\t\t\tSystem.out.println( \"PATH: \" + path );" } }, "contextRegion": { "startLine": 436, "endLine": 442, "snippet": { "text": "\t\ttry\n\t\t{\n\t\t\tString path = context.getRealPath( \"/database\" ).replace( '\\\\', '/' );\n\t\t\tSystem.out.println( \"PATH: \" + path );\n\t\t\tString realConnectionString = databaseConnectionString.replaceAll( \"PATH\", path );\n\t\t\tSystem.out.println( \"Database Connection String: \" + realConnectionString );\n\n" } } }, "message": { "text": "println(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 46 }, "region": { "startLine": 439 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 141, "level": "error", "message": { "text": "The method execOptions() in [Exec.java](1) calls exec() with a command built from untrusted data. This call can cause the program to execute malicious commands on behalf of an attacker.\r\nExecuting commands from an untrusted source or in an untrusted environment can cause an application to execute malicious commands on behalf of an attacker." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 74 }, "region": { "startLine": 292, "snippet": { "text": "\t child = Runtime.getRuntime().exec(command);" } }, "contextRegion": { "startLine": 289, "endLine": 295, "snippet": { "text": "\ttry\n\t{\n\t // start the command\n\t child = Runtime.getRuntime().exec(command);\n\n\t // get the streams in and out of the command\n\t InputStream processIn = child.getInputStream();\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 0 }, { "index": 2 }, { "index": 3 }, { "index": 7 }, { "index": 10 }, { "index": 226 }, { "index": 227 }, { "index": 231 }, { "index": 232 }, { "index": 233 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 74 }, "region": { "startLine": 292, "snippet": { "text": "\t child = Runtime.getRuntime().exec(command);" } }, "contextRegion": { "startLine": 289, "endLine": 295, "snippet": { "text": "\ttry\n\t{\n\t // start the command\n\t child = Runtime.getRuntime().exec(command);\n\n\t // get the streams in and out of the command\n\t InputStream processIn = child.getInputStream();\n" } } }, "message": { "text": "exec(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 74 }, "region": { "startLine": 292, "startColumn": 40 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 125, "level": "error", "message": { "text": "The method _jspService() in [ViewProfile.jsp](1) mishandles confidential information, which can compromise user privacy and is often illegal.\r\nMishandling private information, such as customer passwords or social security numbers, can compromise user privacy and is often illegal." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 16 }, "region": { "startLine": 71, "snippet": { "text": "\t\t\t\t\t\t<%=employee.getCcn()%>" } }, "contextRegion": { "startLine": 68, "endLine": 74, "snippet": { "text": "\t\t\t\t\t\tCredit Card: \n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t\t<%=employee.getCcn()%>\n\t\t\t\t\t\n\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\tCredit Card Limit: \n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 256 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 16 }, "region": { "startLine": 71, "snippet": { "text": "\t\t\t\t\t\t<%=employee.getCcn()%>" } }, "contextRegion": { "startLine": 68, "endLine": 74, "snippet": { "text": "\t\t\t\t\t\tCredit Card: \n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t\t<%=employee.getCcn()%>\n\t\t\t\t\t\n\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\tCredit Card Limit: \n" } } }, "message": { "text": "print(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 16 }, "region": { "startLine": 71 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 17, "message": { "text": "The catch block at [SqlNumericInjection.java](1) line [159](1) handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program.\r\nThe catch block handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 65 }, "region": { "startLine": 159, "endLine": 163, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\r\n\t e.printStackTrace();\r\n\t}" } }, "contextRegion": { "startLine": 156, "endLine": 166, "snippet": { "text": "\t\tec.addElement(new P().addElement(sqle.getMessage()));\n\t }\n\t}\n\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\n\t e.printStackTrace();\n\t}\n\n\treturn (ec);\n }\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 65 }, "region": { "startLine": 159, "endLine": 163, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\r\n\t e.printStackTrace();\r\n\t}" } }, "contextRegion": { "startLine": 156, "endLine": 166, "snippet": { "text": "\t\tec.addElement(new P().addElement(sqle.getMessage()));\n\t }\n\t}\n\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\n\t e.printStackTrace();\n\t}\n\n\treturn (ec);\n }\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 65 }, "region": { "startLine": 159, "startColumn": 2, "endLine": 163 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 16, "message": { "text": "Storing passwords or password details in plaintext anywhere in the system or system code may compromise system security in a way that cannot be easily remedied." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 56 }, "region": { "startLine": 258, "endLine": 262, "snippet": { "text": " /**\r\n * Gets the category attribute of the ForgotPassword object\r\n *\r\n * @return The category value\r\n */" } }, "contextRegion": { "startLine": 255, "endLine": 265, "snippet": { "text": " }\n\n\n /**\n * Gets the category attribute of the ForgotPassword object\n *\n * @return The category value\n */\n protected Category getDefaultCategory()\n {\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 56 }, "region": { "startLine": 258, "endLine": 262, "snippet": { "text": " /**\r\n * Gets the category attribute of the ForgotPassword object\r\n *\r\n * @return The category value\r\n */" } }, "contextRegion": { "startLine": 255, "endLine": 265, "snippet": { "text": " }\n\n\n /**\n * Gets the category attribute of the ForgotPassword object\n *\n * @return The category value\n */\n protected Category getDefaultCategory()\n {\n\n" } } }, "message": { "text": "Comment" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 56 }, "region": { "startLine": 258, "startColumn": 5, "endLine": 262 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 16, "message": { "text": "Storing passwords or password details in plaintext anywhere in the system or system code may compromise system security in a way that cannot be easily remedied." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 85 }, "region": { "startLine": 59, "endLine": 63, "snippet": { "text": " /**\r\n * Gets the category attribute of the ForgotPassword object\r\n *\r\n * @return The category value\r\n */" } }, "contextRegion": { "startLine": 56, "endLine": 66, "snippet": { "text": " }\n\n\n /**\n * Gets the category attribute of the ForgotPassword object\n *\n * @return The category value\n */\n protected Category getDefaultCategory()\n {\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 85 }, "region": { "startLine": 59, "endLine": 63, "snippet": { "text": " /**\r\n * Gets the category attribute of the ForgotPassword object\r\n *\r\n * @return The category value\r\n */" } }, "contextRegion": { "startLine": 56, "endLine": 66, "snippet": { "text": " }\n\n\n /**\n * Gets the category attribute of the ForgotPassword object\n *\n * @return The category value\n */\n protected Category getDefaultCategory()\n {\n\n" } } }, "message": { "text": "Comment" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 85 }, "region": { "startLine": 59, "startColumn": 5, "endLine": 63 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 16, "message": { "text": "Storing passwords or password details in plaintext anywhere in the system or system code may compromise system security in a way that cannot be easily remedied." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 131 }, "region": { "startLine": 103, "endLine": 107, "snippet": { "text": " /**\r\n * Gets the category attribute of the ForgotPassword object\r\n *\r\n * @return The category value\r\n */" } }, "contextRegion": { "startLine": 100, "endLine": 110, "snippet": { "text": " }\n\n\n /**\n * Gets the category attribute of the ForgotPassword object\n *\n * @return The category value\n */\n protected Category getDefaultCategory()\n {\n \treturn AbstractLesson.A10;\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 131 }, "region": { "startLine": 103, "endLine": 107, "snippet": { "text": " /**\r\n * Gets the category attribute of the ForgotPassword object\r\n *\r\n * @return The category value\r\n */" } }, "contextRegion": { "startLine": 100, "endLine": 110, "snippet": { "text": " }\n\n\n /**\n * Gets the category attribute of the ForgotPassword object\n *\n * @return The category value\n */\n protected Category getDefaultCategory()\n {\n \treturn AbstractLesson.A10;\n" } } }, "message": { "text": "Comment" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 131 }, "region": { "startLine": 103, "startColumn": 5, "endLine": 107 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 16, "message": { "text": "Storing passwords or password details in plaintext anywhere in the system or system code may compromise system security in a way that cannot be easily remedied." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 129 }, "region": { "startLine": 285, "endLine": 289, "snippet": { "text": " /**\r\n * Gets the category attribute of the ForgotPassword object\r\n *\r\n * @return The category value\r\n */" } }, "contextRegion": { "startLine": 282, "endLine": 292, "snippet": { "text": " }\n\n\n /**\n * Gets the category attribute of the ForgotPassword object\n *\n * @return The category value\n */\n protected Category getDefaultCategory()\n {\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 129 }, "region": { "startLine": 285, "endLine": 289, "snippet": { "text": " /**\r\n * Gets the category attribute of the ForgotPassword object\r\n *\r\n * @return The category value\r\n */" } }, "contextRegion": { "startLine": 282, "endLine": 292, "snippet": { "text": " }\n\n\n /**\n * Gets the category attribute of the ForgotPassword object\n *\n * @return The category value\n */\n protected Category getDefaultCategory()\n {\n\n" } } }, "message": { "text": "Comment" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 129 }, "region": { "startLine": 285, "startColumn": 5, "endLine": 289 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 16, "message": { "text": "Storing passwords or password details in plaintext anywhere in the system or system code may compromise system security in a way that cannot be easily remedied." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 107 }, "region": { "startLine": 69, "endLine": 73, "snippet": { "text": " /**\r\n * Gets the category attribute of the ForgotPassword object\r\n *\r\n * @return The category value\r\n */" } }, "contextRegion": { "startLine": 66, "endLine": 76, "snippet": { "text": " }\n\n\n /**\n * Gets the category attribute of the ForgotPassword object\n *\n * @return The category value\n */\n protected Category getDefaultCategory()\n {\n \treturn AbstractLesson.A2;\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 107 }, "region": { "startLine": 69, "endLine": 73, "snippet": { "text": " /**\r\n * Gets the category attribute of the ForgotPassword object\r\n *\r\n * @return The category value\r\n */" } }, "contextRegion": { "startLine": 66, "endLine": 76, "snippet": { "text": " }\n\n\n /**\n * Gets the category attribute of the ForgotPassword object\n *\n * @return The category value\n */\n protected Category getDefaultCategory()\n {\n \treturn AbstractLesson.A2;\n" } } }, "message": { "text": "Comment" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 107 }, "region": { "startLine": 69, "startColumn": 5, "endLine": 73 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 18, "level": "error", "message": { "text": "The method _jspService() in [main.jsp](1) sends unvalidated data to a web browser on line [180](1), which can result in the browser executing malicious code.\r\nSending unvalidated data to a web browser can result in the browser executing malicious code." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 84 }, "region": { "startLine": 180, "snippet": { "text": "\t\t\t\t\t\tout.println(printParameters);" } }, "contextRegion": { "startLine": 177, "endLine": 183, "snippet": { "text": "\t\t\t\t\t{\n\t\t\t\t\t\tParameter p = (Parameter) i.next();\n\t\t\t\t\t\tprintParameters = \"
\" + p.getName() + \"=\" + p.getValue() + \"

\";\n\t\t\t\t\t\tout.println(printParameters);\n\t\t\t\t\t}\n\t\t\t\t}\n\t\t\t\t\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 257 }, { "index": 258 }, { "index": 259 }, { "index": 260 }, { "index": 261 }, { "index": 262 }, { "index": 263 }, { "index": 265 }, { "index": 266 }, { "index": 267 }, { "index": 268 }, { "index": 269 }, { "index": 270 }, { "index": 271 }, { "index": 272 }, { "index": 274 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 84 }, "region": { "startLine": 180, "snippet": { "text": "\t\t\t\t\t\tout.println(printParameters);" } }, "contextRegion": { "startLine": 177, "endLine": 183, "snippet": { "text": "\t\t\t\t\t{\n\t\t\t\t\t\tParameter p = (Parameter) i.next();\n\t\t\t\t\t\tprintParameters = \"
\" + p.getName() + \"=\" + p.getValue() + \"

\";\n\t\t\t\t\t\tout.println(printParameters);\n\t\t\t\t\t}\n\t\t\t\t}\n\t\t\t\t\n" } } }, "message": { "text": "println(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 84 }, "region": { "startLine": 180 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 33, "level": "note", "message": { "text": "Using println() rather than a dedicated logging facility makes it difficult to monitor the behavior of the program.\r\nUsing `System.out` or `System.err` rather than a dedicated logging facility makes it difficult to monitor the behavior of the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 728, "snippet": { "text": "\t System.out.println(\"Couldn't write \" + message + \" to \" + s);" } }, "contextRegion": { "startLine": 725, "endLine": 731, "snippet": { "text": "\t}\n\tcatch (Exception e)\n\t{\n\t System.out.println(\"Couldn't write \" + message + \" to \" + s);\n\t e.printStackTrace();\n\t}\n }\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 728, "snippet": { "text": "\t System.out.println(\"Couldn't write \" + message + \" to \" + s);" } }, "contextRegion": { "startLine": 725, "endLine": 731, "snippet": { "text": "\t}\n\tcatch (Exception e)\n\t{\n\t System.out.println(\"Couldn't write \" + message + \" to \" + s);\n\t e.printStackTrace();\n\t}\n }\n" } } }, "message": { "text": "FunctionCall: println" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 728 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 23, "level": "error", "message": { "text": "Without proper access control, the method isAuthorizedForEmployee() in [DefaultLessonAction.java](1) can execute a SQL statement on line [313](1) that contains an attacker-controlled primary key, thereby allowing the attacker to access unauthorized records.\r\nWithout proper access control, executing a SQL statement that contains a user-controlled primary key can allow an attacker to view unauthorized records." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 106 }, "region": { "startLine": 313, "snippet": { "text": "\t\t\t\tanswer_statement.setInt(2, employeeId);" } }, "contextRegion": { "startLine": 310, "endLine": 316, "snippet": { "text": "\t\t\t\tPreparedStatement answer_statement = WebSession.getConnection(s).prepareStatement( query, \n\t\t\t\t\t\tResultSet.TYPE_SCROLL_INSENSITIVE, ResultSet.CONCUR_READ_ONLY );\n\t\t\t\tanswer_statement.setInt(1, userId);\n\t\t\t\tanswer_statement.setInt(2, employeeId);\n\t\t\t\tResultSet answer_results = answer_statement.executeQuery();\n\t\t\t\tauthorized = answer_results.first();\n\t\t\t}\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 67 }, { "index": 68 }, { "index": 69 }, { "index": 70 }, { "index": 76 }, { "index": 77 }, { "index": 78 }, { "index": 79 }, { "index": 80 }, { "index": 275 }, { "index": 82 }, { "index": 276 }, { "index": 277 }, { "index": 278 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 106 }, "region": { "startLine": 313, "snippet": { "text": "\t\t\t\tanswer_statement.setInt(2, employeeId);" } }, "contextRegion": { "startLine": 310, "endLine": 316, "snippet": { "text": "\t\t\t\tPreparedStatement answer_statement = WebSession.getConnection(s).prepareStatement( query, \n\t\t\t\t\t\tResultSet.TYPE_SCROLL_INSENSITIVE, ResultSet.CONCUR_READ_ONLY );\n\t\t\t\tanswer_statement.setInt(1, userId);\n\t\t\t\tanswer_statement.setInt(2, employeeId);\n\t\t\t\tResultSet answer_results = answer_statement.executeQuery();\n\t\t\t\tauthorized = answer_results.first();\n\t\t\t}\n" } } }, "message": { "text": "setInt(1)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 106 }, "region": { "startLine": 313, "startColumn": 32 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 17, "message": { "text": "The catch block at [AbstractLesson.java](1) line [571](1) handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program.\r\nThe catch block handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 75 }, "region": { "startLine": 571, "endLine": 577, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t // s.setMessage( \"Could not find lesson plan for \" +\r\n\t // getLessonName());\r\n\t src = (\"Could not find lesson plan for: \" + getLessonName());\r\n\r\n\t}" } }, "contextRegion": { "startLine": 568, "endLine": 580, "snippet": { "text": "\t\t .getWebResource(getLessonPlanFileName()))), false);\n\n\t}\n\tcatch (Exception e)\n\t{\n\t // s.setMessage( \"Could not find lesson plan for \" +\n\t // getLessonName());\n\t src = (\"Could not find lesson plan for: \" + getLessonName());\n\n\t}\n\treturn src;\n }\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 75 }, "region": { "startLine": 571, "endLine": 577, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t // s.setMessage( \"Could not find lesson plan for \" +\r\n\t // getLessonName());\r\n\t src = (\"Could not find lesson plan for: \" + getLessonName());\r\n\r\n\t}" } }, "contextRegion": { "startLine": 568, "endLine": 580, "snippet": { "text": "\t\t .getWebResource(getLessonPlanFileName()))), false);\n\n\t}\n\tcatch (Exception e)\n\t{\n\t // s.setMessage( \"Could not find lesson plan for \" +\n\t // getLessonName());\n\t src = (\"Could not find lesson plan for: \" + getLessonName());\n\n\t}\n\treturn src;\n }\n\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 75 }, "region": { "startLine": 571, "startColumn": 2, "endLine": 577 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 47, "level": "note", "message": { "text": "The method doStage4() in [LessonAdapter.java](1) throws a generic exception making it harder for callers to do a good job of error handling and recovery.\r\nThe method throws a generic exception making it harder for callers to do a good job of error handling and recovery." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 116 }, "region": { "startLine": 168, "snippet": { "text": " protected Element doStage4(WebSession s) throws Exception" } }, "contextRegion": { "startLine": 165, "endLine": 171, "snippet": { "text": " }\n\n\n protected Element doStage4(WebSession s) throws Exception\n {\n\tElementContainer ec = new ElementContainer();\n\tec.addElement(\"Stage 4 Stub\");\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 116 }, "region": { "startLine": 168, "snippet": { "text": " protected Element doStage4(WebSession s) throws Exception" } }, "contextRegion": { "startLine": 165, "endLine": 171, "snippet": { "text": " }\n\n\n protected Element doStage4(WebSession s) throws Exception\n {\n\tElementContainer ec = new ElementContainer();\n\tec.addElement(\"Stage 4 Stub\");\n" } } }, "message": { "text": "Function: doStage4" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 116 }, "region": { "startLine": 168 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 47, "level": "note", "message": { "text": "The method doStage1() in [LessonAdapter.java](1) throws a generic exception making it harder for callers to do a good job of error handling and recovery.\r\nThe method throws a generic exception making it harder for callers to do a good job of error handling and recovery." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 116 }, "region": { "startLine": 144, "snippet": { "text": " protected Element doStage1(WebSession s) throws Exception" } }, "contextRegion": { "startLine": 141, "endLine": 147, "snippet": { "text": " }\n\n\n protected Element doStage1(WebSession s) throws Exception\n {\n\tElementContainer ec = new ElementContainer();\n\tec.addElement(\"Stage 1 Stub\");\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 116 }, "region": { "startLine": 144, "snippet": { "text": " protected Element doStage1(WebSession s) throws Exception" } }, "contextRegion": { "startLine": 141, "endLine": 147, "snippet": { "text": " }\n\n\n protected Element doStage1(WebSession s) throws Exception\n {\n\tElementContainer ec = new ElementContainer();\n\tec.addElement(\"Stage 1 Stub\");\n" } } }, "message": { "text": "Function: doStage1" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 116 }, "region": { "startLine": 144 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function getNextUID() in [UpdateProfile.java](1) might reveal system data or debugging information by calling printStackTrace() on line [263](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 101 }, "region": { "startLine": 263, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 260, "endLine": 266, "snippet": { "text": "\tcatch (ClassNotFoundException e)\n\t{\n\t // TODO Auto-generated catch block\n\t e.printStackTrace();\n\t}\n\treturn uid + 1;\n }\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 101 }, "region": { "startLine": 263, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 260, "endLine": 266, "snippet": { "text": "\tcatch (ClassNotFoundException e)\n\t{\n\t // TODO Auto-generated catch block\n\t e.printStackTrace();\n\t}\n\treturn uid + 1;\n }\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 101 }, "region": { "startLine": 263 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 142, "message": { "text": "The call to equals() on line [108](1) causes portability problems because it has different locales which may lead to unexpected output. This may also circumvent custom validation routines.\r\nUnexpected portability problems can be found when the locale is not specified." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 108, "snippet": { "text": "\t\t\t\t\t.trim().toLowerCase().equals(\"ls -l #\")" } }, "contextRegion": { "startLine": 105, "endLine": 111, "snippet": { "text": "\t\t\t\t|| helpFile.substring(index, helpFileLen)\n\t\t\t\t\t.trim().toLowerCase().equals(\"ls #\")\n\t\t\t\t|| helpFile.substring(index, helpFileLen)\n\t\t\t\t\t.trim().toLowerCase().equals(\"ls -l #\")\n\t\t\t\t|| helpFile.substring(index, helpFileLen)\n\t\t\t\t\t.trim().toLowerCase().equals(\n\t\t\t\t\t\t\"ifconfig #\") || helpFile\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 77, "snippet": { "text": "\t if (s.isDefuseOSCommands()" } }, "contextRegion": { "startLine": 74, "endLine": 80, "snippet": { "text": "\t String helpFile = s.getParser().getRawParameter(HELP_FILE,\n\t\t \"BasicAuthentication.help\");\n\t String safeDirName;\n\t if (s.isDefuseOSCommands()\n\t\t && (helpFile.indexOf('&') != -1 || helpFile.indexOf(';') != -1))\n\t {\n\t\tint index = helpFile.indexOf('&');\n" } } }, "message": { "text": "Branch taken" } }, "kinds": [ "branch", "true" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 78, "snippet": { "text": "\t\t && (helpFile.indexOf('&') != -1 || helpFile.indexOf(';') != -1))" } }, "contextRegion": { "startLine": 75, "endLine": 81, "snippet": { "text": "\t\t \"BasicAuthentication.help\");\n\t String safeDirName;\n\t if (s.isDefuseOSCommands()\n\t\t && (helpFile.indexOf('&') != -1 || helpFile.indexOf(';') != -1))\n\t {\n\t\tint index = helpFile.indexOf('&');\n\t\tif (index == -1)\n" } } }, "message": { "text": "Branch taken" } }, "kinds": [ "branch", "true" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 90, "snippet": { "text": "\t\tif ((osName.indexOf(\"Windows\") != -1 && (helpFile.substring(" } }, "contextRegion": { "startLine": 87, "endLine": 93, "snippet": { "text": "\t\tSystem.out.println(\"Command = [\"\n\t\t\t+ helpFile.substring(index, helpFileLen).trim()\n\t\t\t\t.toLowerCase() + \"]\");\n\t\tif ((osName.indexOf(\"Windows\") != -1 && (helpFile.substring(\n\t\t\tindex, helpFileLen).trim().toLowerCase().equals(\n\t\t\t\"netstat -a\")\n\t\t\t|| helpFile.substring(index, helpFileLen).trim()\n" } } }, "message": { "text": "Branch not taken" } }, "kinds": [ "branch", "false" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 102, "snippet": { "text": "\t\t\t\t.toLowerCase().equals(\"netstat -a #\")" } }, "contextRegion": { "startLine": 99, "endLine": 105, "snippet": { "text": "\t\t\t.substring(index, helpFileLen).trim().toLowerCase()\n\t\t\t.equals(\"ipconfig\")))\n\t\t\t|| (helpFile.substring(index, helpFileLen).trim()\n\t\t\t\t.toLowerCase().equals(\"netstat -a #\")\n\t\t\t\t|| helpFile.substring(index, helpFileLen)\n\t\t\t\t\t.trim().toLowerCase().equals(\"dir #\")\n\t\t\t\t|| helpFile.substring(index, helpFileLen)\n" } } }, "message": { "text": "Branch not taken" } }, "kinds": [ "branch", "false" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 104, "snippet": { "text": "\t\t\t\t\t.trim().toLowerCase().equals(\"dir #\")" } }, "contextRegion": { "startLine": 101, "endLine": 107, "snippet": { "text": "\t\t\t|| (helpFile.substring(index, helpFileLen).trim()\n\t\t\t\t.toLowerCase().equals(\"netstat -a #\")\n\t\t\t\t|| helpFile.substring(index, helpFileLen)\n\t\t\t\t\t.trim().toLowerCase().equals(\"dir #\")\n\t\t\t\t|| helpFile.substring(index, helpFileLen)\n\t\t\t\t\t.trim().toLowerCase().equals(\"ls #\")\n\t\t\t\t|| helpFile.substring(index, helpFileLen)\n" } } }, "message": { "text": "Branch not taken" } }, "kinds": [ "branch", "false" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 106, "snippet": { "text": "\t\t\t\t\t.trim().toLowerCase().equals(\"ls #\")" } }, "contextRegion": { "startLine": 103, "endLine": 109, "snippet": { "text": "\t\t\t\t|| helpFile.substring(index, helpFileLen)\n\t\t\t\t\t.trim().toLowerCase().equals(\"dir #\")\n\t\t\t\t|| helpFile.substring(index, helpFileLen)\n\t\t\t\t\t.trim().toLowerCase().equals(\"ls #\")\n\t\t\t\t|| helpFile.substring(index, helpFileLen)\n\t\t\t\t\t.trim().toLowerCase().equals(\"ls -l #\")\n\t\t\t\t|| helpFile.substring(index, helpFileLen)\n" } } }, "message": { "text": "Branch not taken" } }, "kinds": [ "branch", "false" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 108, "snippet": { "text": "\t\t\t\t\t.trim().toLowerCase().equals(\"ls -l #\")" } }, "contextRegion": { "startLine": 105, "endLine": 111, "snippet": { "text": "\t\t\t\t|| helpFile.substring(index, helpFileLen)\n\t\t\t\t\t.trim().toLowerCase().equals(\"ls #\")\n\t\t\t\t|| helpFile.substring(index, helpFileLen)\n\t\t\t\t\t.trim().toLowerCase().equals(\"ls -l #\")\n\t\t\t\t|| helpFile.substring(index, helpFileLen)\n\t\t\t\t\t.trim().toLowerCase().equals(\n\t\t\t\t\t\t\"ifconfig #\") || helpFile\n" } } }, "message": { "text": "toLowerCase() : Case changed using default locale" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 108, "snippet": { "text": "\t\t\t\t\t.trim().toLowerCase().equals(\"ls -l #\")" } }, "contextRegion": { "startLine": 105, "endLine": 111, "snippet": { "text": "\t\t\t\t|| helpFile.substring(index, helpFileLen)\n\t\t\t\t\t.trim().toLowerCase().equals(\"ls #\")\n\t\t\t\t|| helpFile.substring(index, helpFileLen)\n\t\t\t\t\t.trim().toLowerCase().equals(\"ls -l #\")\n\t\t\t\t|| helpFile.substring(index, helpFileLen)\n\t\t\t\t\t.trim().toLowerCase().equals(\n\t\t\t\t\t\t\"ifconfig #\") || helpFile\n" } } }, "message": { "text": "helpFile.substring(index, helpFileLen).trim().toLowerCase().equals(...) : Comparison without checking locale" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 108 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 26, "message": { "text": "A constructor of RoleBasedAccessControl in [RoleBasedAccessControl.java](1) at line [150](1) calls a function that can be overridden by an attacker.\r\nA constructor of the class calls a function that can be overridden." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 150, "snippet": { "text": "\tregisterAction(new ListStaff(this, myClassName, LISTSTAFF_ACTION));" } }, "contextRegion": { "startLine": 147, "endLine": 153, "snippet": { "text": " public RoleBasedAccessControl()\n {\n\tString myClassName = parseClassName(this.getClass().getName());\n\tregisterAction(new ListStaff(this, myClassName, LISTSTAFF_ACTION));\n\tregisterAction(new SearchStaff(this, myClassName, SEARCHSTAFF_ACTION));\n\tregisterAction(new ViewProfile(this, myClassName, VIEWPROFILE_ACTION));\n\tregisterAction(new EditProfile(this, myClassName, EDITPROFILE_ACTION));\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 150, "snippet": { "text": "\tregisterAction(new ListStaff(this, myClassName, LISTSTAFF_ACTION));" } }, "contextRegion": { "startLine": 147, "endLine": 153, "snippet": { "text": " public RoleBasedAccessControl()\n {\n\tString myClassName = parseClassName(this.getClass().getName());\n\tregisterAction(new ListStaff(this, myClassName, LISTSTAFF_ACTION));\n\tregisterAction(new SearchStaff(this, myClassName, SEARCHSTAFF_ACTION));\n\tregisterAction(new ViewProfile(this, myClassName, VIEWPROFILE_ACTION));\n\tregisterAction(new EditProfile(this, myClassName, EDITPROFILE_ACTION));\n" } } }, "message": { "text": "FunctionCall: registerAction" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 147, "snippet": { "text": " public RoleBasedAccessControl()" } }, "contextRegion": { "startLine": 144, "endLine": 150, "snippet": { "text": " }\n\n\n public RoleBasedAccessControl()\n {\n\tString myClassName = parseClassName(this.getClass().getName());\n\tregisterAction(new ListStaff(this, myClassName, LISTSTAFF_ACTION));\n" } } }, "message": { "text": "Function: RoleBasedAccessControl" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 182, "snippet": { "text": " protected void registerAction(LessonAction action)" } }, "contextRegion": { "startLine": 179, "endLine": 185, "snippet": { "text": " }\n\n\n protected void registerAction(LessonAction action)\n {\n\tlessonFunctions.put(action.getActionName(), action);\n }\n" } } }, "message": { "text": "Function: registerAction" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 150 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 26, "message": { "text": "A constructor of RoleBasedAccessControl in [RoleBasedAccessControl.java](1) at line [151](1) calls a function that can be overridden by an attacker.\r\nA constructor of the class calls a function that can be overridden." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 151, "snippet": { "text": "\tregisterAction(new SearchStaff(this, myClassName, SEARCHSTAFF_ACTION));" } }, "contextRegion": { "startLine": 148, "endLine": 154, "snippet": { "text": " {\n\tString myClassName = parseClassName(this.getClass().getName());\n\tregisterAction(new ListStaff(this, myClassName, LISTSTAFF_ACTION));\n\tregisterAction(new SearchStaff(this, myClassName, SEARCHSTAFF_ACTION));\n\tregisterAction(new ViewProfile(this, myClassName, VIEWPROFILE_ACTION));\n\tregisterAction(new EditProfile(this, myClassName, EDITPROFILE_ACTION));\n\tregisterAction(new EditProfile(this, myClassName, CREATEPROFILE_ACTION));\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 151, "snippet": { "text": "\tregisterAction(new SearchStaff(this, myClassName, SEARCHSTAFF_ACTION));" } }, "contextRegion": { "startLine": 148, "endLine": 154, "snippet": { "text": " {\n\tString myClassName = parseClassName(this.getClass().getName());\n\tregisterAction(new ListStaff(this, myClassName, LISTSTAFF_ACTION));\n\tregisterAction(new SearchStaff(this, myClassName, SEARCHSTAFF_ACTION));\n\tregisterAction(new ViewProfile(this, myClassName, VIEWPROFILE_ACTION));\n\tregisterAction(new EditProfile(this, myClassName, EDITPROFILE_ACTION));\n\tregisterAction(new EditProfile(this, myClassName, CREATEPROFILE_ACTION));\n" } } }, "message": { "text": "FunctionCall: registerAction" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 147, "snippet": { "text": " public RoleBasedAccessControl()" } }, "contextRegion": { "startLine": 144, "endLine": 150, "snippet": { "text": " }\n\n\n public RoleBasedAccessControl()\n {\n\tString myClassName = parseClassName(this.getClass().getName());\n\tregisterAction(new ListStaff(this, myClassName, LISTSTAFF_ACTION));\n" } } }, "message": { "text": "Function: RoleBasedAccessControl" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 182, "snippet": { "text": " protected void registerAction(LessonAction action)" } }, "contextRegion": { "startLine": 179, "endLine": 185, "snippet": { "text": " }\n\n\n protected void registerAction(LessonAction action)\n {\n\tlessonFunctions.put(action.getActionName(), action);\n }\n" } } }, "message": { "text": "Function: registerAction" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 151 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 26, "message": { "text": "A constructor of RoleBasedAccessControl in [RoleBasedAccessControl.java](1) at line [152](1) calls a function that can be overridden by an attacker.\r\nA constructor of the class calls a function that can be overridden." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 152, "snippet": { "text": "\tregisterAction(new ViewProfile(this, myClassName, VIEWPROFILE_ACTION));" } }, "contextRegion": { "startLine": 149, "endLine": 155, "snippet": { "text": "\tString myClassName = parseClassName(this.getClass().getName());\n\tregisterAction(new ListStaff(this, myClassName, LISTSTAFF_ACTION));\n\tregisterAction(new SearchStaff(this, myClassName, SEARCHSTAFF_ACTION));\n\tregisterAction(new ViewProfile(this, myClassName, VIEWPROFILE_ACTION));\n\tregisterAction(new EditProfile(this, myClassName, EDITPROFILE_ACTION));\n\tregisterAction(new EditProfile(this, myClassName, CREATEPROFILE_ACTION));\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 152, "snippet": { "text": "\tregisterAction(new ViewProfile(this, myClassName, VIEWPROFILE_ACTION));" } }, "contextRegion": { "startLine": 149, "endLine": 155, "snippet": { "text": "\tString myClassName = parseClassName(this.getClass().getName());\n\tregisterAction(new ListStaff(this, myClassName, LISTSTAFF_ACTION));\n\tregisterAction(new SearchStaff(this, myClassName, SEARCHSTAFF_ACTION));\n\tregisterAction(new ViewProfile(this, myClassName, VIEWPROFILE_ACTION));\n\tregisterAction(new EditProfile(this, myClassName, EDITPROFILE_ACTION));\n\tregisterAction(new EditProfile(this, myClassName, CREATEPROFILE_ACTION));\n\n" } } }, "message": { "text": "FunctionCall: registerAction" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 147, "snippet": { "text": " public RoleBasedAccessControl()" } }, "contextRegion": { "startLine": 144, "endLine": 150, "snippet": { "text": " }\n\n\n public RoleBasedAccessControl()\n {\n\tString myClassName = parseClassName(this.getClass().getName());\n\tregisterAction(new ListStaff(this, myClassName, LISTSTAFF_ACTION));\n" } } }, "message": { "text": "Function: RoleBasedAccessControl" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 182, "snippet": { "text": " protected void registerAction(LessonAction action)" } }, "contextRegion": { "startLine": 179, "endLine": 185, "snippet": { "text": " }\n\n\n protected void registerAction(LessonAction action)\n {\n\tlessonFunctions.put(action.getActionName(), action);\n }\n" } } }, "message": { "text": "Function: registerAction" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 152 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 26, "message": { "text": "A constructor of RoleBasedAccessControl in [RoleBasedAccessControl.java](1) at line [153](1) calls a function that can be overridden by an attacker.\r\nA constructor of the class calls a function that can be overridden." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 153, "snippet": { "text": "\tregisterAction(new EditProfile(this, myClassName, EDITPROFILE_ACTION));" } }, "contextRegion": { "startLine": 150, "endLine": 156, "snippet": { "text": "\tregisterAction(new ListStaff(this, myClassName, LISTSTAFF_ACTION));\n\tregisterAction(new SearchStaff(this, myClassName, SEARCHSTAFF_ACTION));\n\tregisterAction(new ViewProfile(this, myClassName, VIEWPROFILE_ACTION));\n\tregisterAction(new EditProfile(this, myClassName, EDITPROFILE_ACTION));\n\tregisterAction(new EditProfile(this, myClassName, CREATEPROFILE_ACTION));\n\n\t// These actions are special in that they chain to other actions.\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 153, "snippet": { "text": "\tregisterAction(new EditProfile(this, myClassName, EDITPROFILE_ACTION));" } }, "contextRegion": { "startLine": 150, "endLine": 156, "snippet": { "text": "\tregisterAction(new ListStaff(this, myClassName, LISTSTAFF_ACTION));\n\tregisterAction(new SearchStaff(this, myClassName, SEARCHSTAFF_ACTION));\n\tregisterAction(new ViewProfile(this, myClassName, VIEWPROFILE_ACTION));\n\tregisterAction(new EditProfile(this, myClassName, EDITPROFILE_ACTION));\n\tregisterAction(new EditProfile(this, myClassName, CREATEPROFILE_ACTION));\n\n\t// These actions are special in that they chain to other actions.\n" } } }, "message": { "text": "FunctionCall: registerAction" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 147, "snippet": { "text": " public RoleBasedAccessControl()" } }, "contextRegion": { "startLine": 144, "endLine": 150, "snippet": { "text": " }\n\n\n public RoleBasedAccessControl()\n {\n\tString myClassName = parseClassName(this.getClass().getName());\n\tregisterAction(new ListStaff(this, myClassName, LISTSTAFF_ACTION));\n" } } }, "message": { "text": "Function: RoleBasedAccessControl" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 182, "snippet": { "text": " protected void registerAction(LessonAction action)" } }, "contextRegion": { "startLine": 179, "endLine": 185, "snippet": { "text": " }\n\n\n protected void registerAction(LessonAction action)\n {\n\tlessonFunctions.put(action.getActionName(), action);\n }\n" } } }, "message": { "text": "Function: registerAction" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 153 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 26, "message": { "text": "A constructor of RoleBasedAccessControl in [RoleBasedAccessControl.java](1) at line [154](1) calls a function that can be overridden by an attacker.\r\nA constructor of the class calls a function that can be overridden." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 154, "snippet": { "text": "\tregisterAction(new EditProfile(this, myClassName, CREATEPROFILE_ACTION));" } }, "contextRegion": { "startLine": 151, "endLine": 157, "snippet": { "text": "\tregisterAction(new SearchStaff(this, myClassName, SEARCHSTAFF_ACTION));\n\tregisterAction(new ViewProfile(this, myClassName, VIEWPROFILE_ACTION));\n\tregisterAction(new EditProfile(this, myClassName, EDITPROFILE_ACTION));\n\tregisterAction(new EditProfile(this, myClassName, CREATEPROFILE_ACTION));\n\n\t// These actions are special in that they chain to other actions.\n\tregisterAction(new Login(this, myClassName, LOGIN_ACTION,\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 154, "snippet": { "text": "\tregisterAction(new EditProfile(this, myClassName, CREATEPROFILE_ACTION));" } }, "contextRegion": { "startLine": 151, "endLine": 157, "snippet": { "text": "\tregisterAction(new SearchStaff(this, myClassName, SEARCHSTAFF_ACTION));\n\tregisterAction(new ViewProfile(this, myClassName, VIEWPROFILE_ACTION));\n\tregisterAction(new EditProfile(this, myClassName, EDITPROFILE_ACTION));\n\tregisterAction(new EditProfile(this, myClassName, CREATEPROFILE_ACTION));\n\n\t// These actions are special in that they chain to other actions.\n\tregisterAction(new Login(this, myClassName, LOGIN_ACTION,\n" } } }, "message": { "text": "FunctionCall: registerAction" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 147, "snippet": { "text": " public RoleBasedAccessControl()" } }, "contextRegion": { "startLine": 144, "endLine": 150, "snippet": { "text": " }\n\n\n public RoleBasedAccessControl()\n {\n\tString myClassName = parseClassName(this.getClass().getName());\n\tregisterAction(new ListStaff(this, myClassName, LISTSTAFF_ACTION));\n" } } }, "message": { "text": "Function: RoleBasedAccessControl" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 182, "snippet": { "text": " protected void registerAction(LessonAction action)" } }, "contextRegion": { "startLine": 179, "endLine": 185, "snippet": { "text": " }\n\n\n protected void registerAction(LessonAction action)\n {\n\tlessonFunctions.put(action.getActionName(), action);\n }\n" } } }, "message": { "text": "Function: registerAction" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 154 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 26, "message": { "text": "A constructor of RoleBasedAccessControl in [RoleBasedAccessControl.java](1) at line [157](1) calls a function that can be overridden by an attacker.\r\nA constructor of the class calls a function that can be overridden." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 157, "snippet": { "text": "\tregisterAction(new Login(this, myClassName, LOGIN_ACTION," } }, "contextRegion": { "startLine": 154, "endLine": 160, "snippet": { "text": "\tregisterAction(new EditProfile(this, myClassName, CREATEPROFILE_ACTION));\n\n\t// These actions are special in that they chain to other actions.\n\tregisterAction(new Login(this, myClassName, LOGIN_ACTION,\n\t\tgetAction(LISTSTAFF_ACTION)));\n\tregisterAction(new Logout(this, myClassName, LOGOUT_ACTION,\n\t\tgetAction(LOGIN_ACTION)));\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 157, "snippet": { "text": "\tregisterAction(new Login(this, myClassName, LOGIN_ACTION," } }, "contextRegion": { "startLine": 154, "endLine": 160, "snippet": { "text": "\tregisterAction(new EditProfile(this, myClassName, CREATEPROFILE_ACTION));\n\n\t// These actions are special in that they chain to other actions.\n\tregisterAction(new Login(this, myClassName, LOGIN_ACTION,\n\t\tgetAction(LISTSTAFF_ACTION)));\n\tregisterAction(new Logout(this, myClassName, LOGOUT_ACTION,\n\t\tgetAction(LOGIN_ACTION)));\n" } } }, "message": { "text": "FunctionCall: registerAction" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 147, "snippet": { "text": " public RoleBasedAccessControl()" } }, "contextRegion": { "startLine": 144, "endLine": 150, "snippet": { "text": " }\n\n\n public RoleBasedAccessControl()\n {\n\tString myClassName = parseClassName(this.getClass().getName());\n\tregisterAction(new ListStaff(this, myClassName, LISTSTAFF_ACTION));\n" } } }, "message": { "text": "Function: RoleBasedAccessControl" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 182, "snippet": { "text": " protected void registerAction(LessonAction action)" } }, "contextRegion": { "startLine": 179, "endLine": 185, "snippet": { "text": " }\n\n\n protected void registerAction(LessonAction action)\n {\n\tlessonFunctions.put(action.getActionName(), action);\n }\n" } } }, "message": { "text": "Function: registerAction" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 157 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 26, "message": { "text": "A constructor of RoleBasedAccessControl in [RoleBasedAccessControl.java](1) at line [158](1) calls a function that can be overridden by an attacker.\r\nA constructor of the class calls a function that can be overridden." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 158, "snippet": { "text": "\t\tgetAction(LISTSTAFF_ACTION)));" } }, "contextRegion": { "startLine": 155, "endLine": 161, "snippet": { "text": "\n\t// These actions are special in that they chain to other actions.\n\tregisterAction(new Login(this, myClassName, LOGIN_ACTION,\n\t\tgetAction(LISTSTAFF_ACTION)));\n\tregisterAction(new Logout(this, myClassName, LOGOUT_ACTION,\n\t\tgetAction(LOGIN_ACTION)));\n\tregisterAction(new FindProfile(this, myClassName, FINDPROFILE_ACTION,\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 158, "snippet": { "text": "\t\tgetAction(LISTSTAFF_ACTION)));" } }, "contextRegion": { "startLine": 155, "endLine": 161, "snippet": { "text": "\n\t// These actions are special in that they chain to other actions.\n\tregisterAction(new Login(this, myClassName, LOGIN_ACTION,\n\t\tgetAction(LISTSTAFF_ACTION)));\n\tregisterAction(new Logout(this, myClassName, LOGOUT_ACTION,\n\t\tgetAction(LOGIN_ACTION)));\n\tregisterAction(new FindProfile(this, myClassName, FINDPROFILE_ACTION,\n" } } }, "message": { "text": "FunctionCall: getAction" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 147, "snippet": { "text": " public RoleBasedAccessControl()" } }, "contextRegion": { "startLine": 144, "endLine": 150, "snippet": { "text": " }\n\n\n public RoleBasedAccessControl()\n {\n\tString myClassName = parseClassName(this.getClass().getName());\n\tregisterAction(new ListStaff(this, myClassName, LISTSTAFF_ACTION));\n" } } }, "message": { "text": "Function: RoleBasedAccessControl" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 284, "snippet": { "text": " protected LessonAction getAction(String actionName)" } }, "contextRegion": { "startLine": 281, "endLine": 287, "snippet": { "text": " }\n\n\n protected LessonAction getAction(String actionName)\n {\n\treturn (LessonAction) lessonFunctions.get(actionName);\n }\n" } } }, "message": { "text": "Function: getAction" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 158 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 76, "message": { "text": "Attackers can control the resource identifier argument to Socket() at [Interceptor.java](1) line [94](1), which could enable them to access or modify otherwise protected system resources.\r\nAllowing user input to control resource identifiers could enable an attacker to access or modify otherwise protected system resources." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 39 }, "region": { "startLine": 94, "snippet": { "text": "\t\t\t.parseInt(osgServerPort));" } }, "contextRegion": { "startLine": 91, "endLine": 97, "snippet": { "text": "\t\t && osgServerPort != null && osgServerPort.length() != 0)\n\t {\n\t\tosgSocket = new Socket(osgServerName, Integer\n\t\t\t.parseInt(osgServerPort));\n\t\tif (osgSocket != null)\n\t\t{\n\t\t out = new PrintWriter(osgSocket.getOutputStream(), true);\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 223 }, { "index": 224 }, { "index": 225 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 39 }, "region": { "startLine": 94, "snippet": { "text": "\t\t\t.parseInt(osgServerPort));" } }, "contextRegion": { "startLine": 91, "endLine": 97, "snippet": { "text": "\t\t && osgServerPort != null && osgServerPort.length() != 0)\n\t {\n\t\tosgSocket = new Socket(osgServerName, Integer\n\t\t\t.parseInt(osgServerPort));\n\t\tif (osgSocket != null)\n\t\t{\n\t\t out = new PrintWriter(osgSocket.getOutputStream(), true);\n" } } }, "message": { "text": "Socket(1)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 39 }, "region": { "startLine": 94, "startColumn": 5 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 26, "message": { "text": "A constructor of RoleBasedAccessControl in [RoleBasedAccessControl.java](1) at line [160](1) calls a function that can be overridden by an attacker.\r\nA constructor of the class calls a function that can be overridden." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 160, "snippet": { "text": "\t\tgetAction(LOGIN_ACTION)));" } }, "contextRegion": { "startLine": 157, "endLine": 163, "snippet": { "text": "\tregisterAction(new Login(this, myClassName, LOGIN_ACTION,\n\t\tgetAction(LISTSTAFF_ACTION)));\n\tregisterAction(new Logout(this, myClassName, LOGOUT_ACTION,\n\t\tgetAction(LOGIN_ACTION)));\n\tregisterAction(new FindProfile(this, myClassName, FINDPROFILE_ACTION,\n\t\tgetAction(VIEWPROFILE_ACTION)));\n\tregisterAction(new UpdateProfile(this, myClassName,\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 160, "snippet": { "text": "\t\tgetAction(LOGIN_ACTION)));" } }, "contextRegion": { "startLine": 157, "endLine": 163, "snippet": { "text": "\tregisterAction(new Login(this, myClassName, LOGIN_ACTION,\n\t\tgetAction(LISTSTAFF_ACTION)));\n\tregisterAction(new Logout(this, myClassName, LOGOUT_ACTION,\n\t\tgetAction(LOGIN_ACTION)));\n\tregisterAction(new FindProfile(this, myClassName, FINDPROFILE_ACTION,\n\t\tgetAction(VIEWPROFILE_ACTION)));\n\tregisterAction(new UpdateProfile(this, myClassName,\n" } } }, "message": { "text": "FunctionCall: getAction" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 147, "snippet": { "text": " public RoleBasedAccessControl()" } }, "contextRegion": { "startLine": 144, "endLine": 150, "snippet": { "text": " }\n\n\n public RoleBasedAccessControl()\n {\n\tString myClassName = parseClassName(this.getClass().getName());\n\tregisterAction(new ListStaff(this, myClassName, LISTSTAFF_ACTION));\n" } } }, "message": { "text": "Function: RoleBasedAccessControl" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 284, "snippet": { "text": " protected LessonAction getAction(String actionName)" } }, "contextRegion": { "startLine": 281, "endLine": 287, "snippet": { "text": " }\n\n\n protected LessonAction getAction(String actionName)\n {\n\treturn (LessonAction) lessonFunctions.get(actionName);\n }\n" } } }, "message": { "text": "Function: getAction" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 160 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 89, "level": "note", "message": { "text": "The function doPost() in [LessonSource.java](1) might reveal system data or debugging information by calling log() on line [94](1). The information revealed by log() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 117 }, "region": { "startLine": 94, "snippet": { "text": "\t log(\"ERROR: \" + t);" } }, "contextRegion": { "startLine": 91, "endLine": 97, "snippet": { "text": "\tcatch (Throwable t)\n\t{\n\t t.printStackTrace();\n\t log(\"ERROR: \" + t);\n\t}\n\tfinally\n\t{\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 254 }, { "index": 255 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 117 }, "region": { "startLine": 94, "snippet": { "text": "\t log(\"ERROR: \" + t);" } }, "contextRegion": { "startLine": 91, "endLine": 97, "snippet": { "text": "\tcatch (Throwable t)\n\t{\n\t t.printStackTrace();\n\t log(\"ERROR: \" + t);\n\t}\n\tfinally\n\t{\n" } } }, "message": { "text": "log(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 117 }, "region": { "startLine": 94 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 26, "message": { "text": "A constructor of RoleBasedAccessControl in [RoleBasedAccessControl.java](1) at line [159](1) calls a function that can be overridden by an attacker.\r\nA constructor of the class calls a function that can be overridden." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 159, "snippet": { "text": "\tregisterAction(new Logout(this, myClassName, LOGOUT_ACTION," } }, "contextRegion": { "startLine": 156, "endLine": 162, "snippet": { "text": "\t// These actions are special in that they chain to other actions.\n\tregisterAction(new Login(this, myClassName, LOGIN_ACTION,\n\t\tgetAction(LISTSTAFF_ACTION)));\n\tregisterAction(new Logout(this, myClassName, LOGOUT_ACTION,\n\t\tgetAction(LOGIN_ACTION)));\n\tregisterAction(new FindProfile(this, myClassName, FINDPROFILE_ACTION,\n\t\tgetAction(VIEWPROFILE_ACTION)));\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 159, "snippet": { "text": "\tregisterAction(new Logout(this, myClassName, LOGOUT_ACTION," } }, "contextRegion": { "startLine": 156, "endLine": 162, "snippet": { "text": "\t// These actions are special in that they chain to other actions.\n\tregisterAction(new Login(this, myClassName, LOGIN_ACTION,\n\t\tgetAction(LISTSTAFF_ACTION)));\n\tregisterAction(new Logout(this, myClassName, LOGOUT_ACTION,\n\t\tgetAction(LOGIN_ACTION)));\n\tregisterAction(new FindProfile(this, myClassName, FINDPROFILE_ACTION,\n\t\tgetAction(VIEWPROFILE_ACTION)));\n" } } }, "message": { "text": "FunctionCall: registerAction" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 147, "snippet": { "text": " public RoleBasedAccessControl()" } }, "contextRegion": { "startLine": 144, "endLine": 150, "snippet": { "text": " }\n\n\n public RoleBasedAccessControl()\n {\n\tString myClassName = parseClassName(this.getClass().getName());\n\tregisterAction(new ListStaff(this, myClassName, LISTSTAFF_ACTION));\n" } } }, "message": { "text": "Function: RoleBasedAccessControl" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 182, "snippet": { "text": " protected void registerAction(LessonAction action)" } }, "contextRegion": { "startLine": 179, "endLine": 185, "snippet": { "text": " }\n\n\n protected void registerAction(LessonAction action)\n {\n\tlessonFunctions.put(action.getActionName(), action);\n }\n" } } }, "message": { "text": "Function: registerAction" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 159 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 26, "message": { "text": "A constructor of RoleBasedAccessControl in [RoleBasedAccessControl.java](1) at line [161](1) calls a function that can be overridden by an attacker.\r\nA constructor of the class calls a function that can be overridden." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 161, "snippet": { "text": "\tregisterAction(new FindProfile(this, myClassName, FINDPROFILE_ACTION," } }, "contextRegion": { "startLine": 158, "endLine": 164, "snippet": { "text": "\t\tgetAction(LISTSTAFF_ACTION)));\n\tregisterAction(new Logout(this, myClassName, LOGOUT_ACTION,\n\t\tgetAction(LOGIN_ACTION)));\n\tregisterAction(new FindProfile(this, myClassName, FINDPROFILE_ACTION,\n\t\tgetAction(VIEWPROFILE_ACTION)));\n\tregisterAction(new UpdateProfile(this, myClassName,\n\t\tUPDATEPROFILE_ACTION, getAction(VIEWPROFILE_ACTION)));\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 161, "snippet": { "text": "\tregisterAction(new FindProfile(this, myClassName, FINDPROFILE_ACTION," } }, "contextRegion": { "startLine": 158, "endLine": 164, "snippet": { "text": "\t\tgetAction(LISTSTAFF_ACTION)));\n\tregisterAction(new Logout(this, myClassName, LOGOUT_ACTION,\n\t\tgetAction(LOGIN_ACTION)));\n\tregisterAction(new FindProfile(this, myClassName, FINDPROFILE_ACTION,\n\t\tgetAction(VIEWPROFILE_ACTION)));\n\tregisterAction(new UpdateProfile(this, myClassName,\n\t\tUPDATEPROFILE_ACTION, getAction(VIEWPROFILE_ACTION)));\n" } } }, "message": { "text": "FunctionCall: registerAction" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 147, "snippet": { "text": " public RoleBasedAccessControl()" } }, "contextRegion": { "startLine": 144, "endLine": 150, "snippet": { "text": " }\n\n\n public RoleBasedAccessControl()\n {\n\tString myClassName = parseClassName(this.getClass().getName());\n\tregisterAction(new ListStaff(this, myClassName, LISTSTAFF_ACTION));\n" } } }, "message": { "text": "Function: RoleBasedAccessControl" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 182, "snippet": { "text": " protected void registerAction(LessonAction action)" } }, "contextRegion": { "startLine": 179, "endLine": 185, "snippet": { "text": " }\n\n\n protected void registerAction(LessonAction action)\n {\n\tlessonFunctions.put(action.getActionName(), action);\n }\n" } } }, "message": { "text": "Function: registerAction" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 161 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 26, "message": { "text": "A constructor of RoleBasedAccessControl in [RoleBasedAccessControl.java](1) at line [162](1) calls a function that can be overridden by an attacker.\r\nA constructor of the class calls a function that can be overridden." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 162, "snippet": { "text": "\t\tgetAction(VIEWPROFILE_ACTION)));" } }, "contextRegion": { "startLine": 159, "endLine": 165, "snippet": { "text": "\tregisterAction(new Logout(this, myClassName, LOGOUT_ACTION,\n\t\tgetAction(LOGIN_ACTION)));\n\tregisterAction(new FindProfile(this, myClassName, FINDPROFILE_ACTION,\n\t\tgetAction(VIEWPROFILE_ACTION)));\n\tregisterAction(new UpdateProfile(this, myClassName,\n\t\tUPDATEPROFILE_ACTION, getAction(VIEWPROFILE_ACTION)));\n\tregisterAction(new DeleteProfile(this, myClassName,\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 162, "snippet": { "text": "\t\tgetAction(VIEWPROFILE_ACTION)));" } }, "contextRegion": { "startLine": 159, "endLine": 165, "snippet": { "text": "\tregisterAction(new Logout(this, myClassName, LOGOUT_ACTION,\n\t\tgetAction(LOGIN_ACTION)));\n\tregisterAction(new FindProfile(this, myClassName, FINDPROFILE_ACTION,\n\t\tgetAction(VIEWPROFILE_ACTION)));\n\tregisterAction(new UpdateProfile(this, myClassName,\n\t\tUPDATEPROFILE_ACTION, getAction(VIEWPROFILE_ACTION)));\n\tregisterAction(new DeleteProfile(this, myClassName,\n" } } }, "message": { "text": "FunctionCall: getAction" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 147, "snippet": { "text": " public RoleBasedAccessControl()" } }, "contextRegion": { "startLine": 144, "endLine": 150, "snippet": { "text": " }\n\n\n public RoleBasedAccessControl()\n {\n\tString myClassName = parseClassName(this.getClass().getName());\n\tregisterAction(new ListStaff(this, myClassName, LISTSTAFF_ACTION));\n" } } }, "message": { "text": "Function: RoleBasedAccessControl" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 284, "snippet": { "text": " protected LessonAction getAction(String actionName)" } }, "contextRegion": { "startLine": 281, "endLine": 287, "snippet": { "text": " }\n\n\n protected LessonAction getAction(String actionName)\n {\n\treturn (LessonAction) lessonFunctions.get(actionName);\n }\n" } } }, "message": { "text": "Function: getAction" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 162 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 26, "message": { "text": "A constructor of RoleBasedAccessControl in [RoleBasedAccessControl.java](1) at line [163](1) calls a function that can be overridden by an attacker.\r\nA constructor of the class calls a function that can be overridden." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 163, "snippet": { "text": "\tregisterAction(new UpdateProfile(this, myClassName," } }, "contextRegion": { "startLine": 160, "endLine": 166, "snippet": { "text": "\t\tgetAction(LOGIN_ACTION)));\n\tregisterAction(new FindProfile(this, myClassName, FINDPROFILE_ACTION,\n\t\tgetAction(VIEWPROFILE_ACTION)));\n\tregisterAction(new UpdateProfile(this, myClassName,\n\t\tUPDATEPROFILE_ACTION, getAction(VIEWPROFILE_ACTION)));\n\tregisterAction(new DeleteProfile(this, myClassName,\n\t\tDELETEPROFILE_ACTION, getAction(LISTSTAFF_ACTION)));\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 163, "snippet": { "text": "\tregisterAction(new UpdateProfile(this, myClassName," } }, "contextRegion": { "startLine": 160, "endLine": 166, "snippet": { "text": "\t\tgetAction(LOGIN_ACTION)));\n\tregisterAction(new FindProfile(this, myClassName, FINDPROFILE_ACTION,\n\t\tgetAction(VIEWPROFILE_ACTION)));\n\tregisterAction(new UpdateProfile(this, myClassName,\n\t\tUPDATEPROFILE_ACTION, getAction(VIEWPROFILE_ACTION)));\n\tregisterAction(new DeleteProfile(this, myClassName,\n\t\tDELETEPROFILE_ACTION, getAction(LISTSTAFF_ACTION)));\n" } } }, "message": { "text": "FunctionCall: registerAction" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 147, "snippet": { "text": " public RoleBasedAccessControl()" } }, "contextRegion": { "startLine": 144, "endLine": 150, "snippet": { "text": " }\n\n\n public RoleBasedAccessControl()\n {\n\tString myClassName = parseClassName(this.getClass().getName());\n\tregisterAction(new ListStaff(this, myClassName, LISTSTAFF_ACTION));\n" } } }, "message": { "text": "Function: RoleBasedAccessControl" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 182, "snippet": { "text": " protected void registerAction(LessonAction action)" } }, "contextRegion": { "startLine": 179, "endLine": 185, "snippet": { "text": " }\n\n\n protected void registerAction(LessonAction action)\n {\n\tlessonFunctions.put(action.getActionName(), action);\n }\n" } } }, "message": { "text": "Function: registerAction" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 163 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 26, "message": { "text": "A constructor of RoleBasedAccessControl in [RoleBasedAccessControl.java](1) at line [165](1) calls a function that can be overridden by an attacker.\r\nA constructor of the class calls a function that can be overridden." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 165, "snippet": { "text": "\tregisterAction(new DeleteProfile(this, myClassName," } }, "contextRegion": { "startLine": 162, "endLine": 168, "snippet": { "text": "\t\tgetAction(VIEWPROFILE_ACTION)));\n\tregisterAction(new UpdateProfile(this, myClassName,\n\t\tUPDATEPROFILE_ACTION, getAction(VIEWPROFILE_ACTION)));\n\tregisterAction(new DeleteProfile(this, myClassName,\n\t\tDELETEPROFILE_ACTION, getAction(LISTSTAFF_ACTION)));\n }\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 165, "snippet": { "text": "\tregisterAction(new DeleteProfile(this, myClassName," } }, "contextRegion": { "startLine": 162, "endLine": 168, "snippet": { "text": "\t\tgetAction(VIEWPROFILE_ACTION)));\n\tregisterAction(new UpdateProfile(this, myClassName,\n\t\tUPDATEPROFILE_ACTION, getAction(VIEWPROFILE_ACTION)));\n\tregisterAction(new DeleteProfile(this, myClassName,\n\t\tDELETEPROFILE_ACTION, getAction(LISTSTAFF_ACTION)));\n }\n\n" } } }, "message": { "text": "FunctionCall: registerAction" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 147, "snippet": { "text": " public RoleBasedAccessControl()" } }, "contextRegion": { "startLine": 144, "endLine": 150, "snippet": { "text": " }\n\n\n public RoleBasedAccessControl()\n {\n\tString myClassName = parseClassName(this.getClass().getName());\n\tregisterAction(new ListStaff(this, myClassName, LISTSTAFF_ACTION));\n" } } }, "message": { "text": "Function: RoleBasedAccessControl" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 182, "snippet": { "text": " protected void registerAction(LessonAction action)" } }, "contextRegion": { "startLine": 179, "endLine": 185, "snippet": { "text": " }\n\n\n protected void registerAction(LessonAction action)\n {\n\tlessonFunctions.put(action.getActionName(), action);\n }\n" } } }, "message": { "text": "Function: registerAction" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 165 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 26, "message": { "text": "A constructor of RoleBasedAccessControl in [RoleBasedAccessControl.java](1) at line [164](1) calls a function that can be overridden by an attacker.\r\nA constructor of the class calls a function that can be overridden." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 164, "snippet": { "text": "\t\tUPDATEPROFILE_ACTION, getAction(VIEWPROFILE_ACTION)));" } }, "contextRegion": { "startLine": 161, "endLine": 167, "snippet": { "text": "\tregisterAction(new FindProfile(this, myClassName, FINDPROFILE_ACTION,\n\t\tgetAction(VIEWPROFILE_ACTION)));\n\tregisterAction(new UpdateProfile(this, myClassName,\n\t\tUPDATEPROFILE_ACTION, getAction(VIEWPROFILE_ACTION)));\n\tregisterAction(new DeleteProfile(this, myClassName,\n\t\tDELETEPROFILE_ACTION, getAction(LISTSTAFF_ACTION)));\n }\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 164, "snippet": { "text": "\t\tUPDATEPROFILE_ACTION, getAction(VIEWPROFILE_ACTION)));" } }, "contextRegion": { "startLine": 161, "endLine": 167, "snippet": { "text": "\tregisterAction(new FindProfile(this, myClassName, FINDPROFILE_ACTION,\n\t\tgetAction(VIEWPROFILE_ACTION)));\n\tregisterAction(new UpdateProfile(this, myClassName,\n\t\tUPDATEPROFILE_ACTION, getAction(VIEWPROFILE_ACTION)));\n\tregisterAction(new DeleteProfile(this, myClassName,\n\t\tDELETEPROFILE_ACTION, getAction(LISTSTAFF_ACTION)));\n }\n" } } }, "message": { "text": "FunctionCall: getAction" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 147, "snippet": { "text": " public RoleBasedAccessControl()" } }, "contextRegion": { "startLine": 144, "endLine": 150, "snippet": { "text": " }\n\n\n public RoleBasedAccessControl()\n {\n\tString myClassName = parseClassName(this.getClass().getName());\n\tregisterAction(new ListStaff(this, myClassName, LISTSTAFF_ACTION));\n" } } }, "message": { "text": "Function: RoleBasedAccessControl" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 284, "snippet": { "text": " protected LessonAction getAction(String actionName)" } }, "contextRegion": { "startLine": 281, "endLine": 287, "snippet": { "text": " }\n\n\n protected LessonAction getAction(String actionName)\n {\n\treturn (LessonAction) lessonFunctions.get(actionName);\n }\n" } } }, "message": { "text": "Function: getAction" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 164 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 26, "message": { "text": "A constructor of RoleBasedAccessControl in [RoleBasedAccessControl.java](1) at line [166](1) calls a function that can be overridden by an attacker.\r\nA constructor of the class calls a function that can be overridden." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 166, "snippet": { "text": "\t\tDELETEPROFILE_ACTION, getAction(LISTSTAFF_ACTION)));" } }, "contextRegion": { "startLine": 163, "endLine": 169, "snippet": { "text": "\tregisterAction(new UpdateProfile(this, myClassName,\n\t\tUPDATEPROFILE_ACTION, getAction(VIEWPROFILE_ACTION)));\n\tregisterAction(new DeleteProfile(this, myClassName,\n\t\tDELETEPROFILE_ACTION, getAction(LISTSTAFF_ACTION)));\n }\n\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 166, "snippet": { "text": "\t\tDELETEPROFILE_ACTION, getAction(LISTSTAFF_ACTION)));" } }, "contextRegion": { "startLine": 163, "endLine": 169, "snippet": { "text": "\tregisterAction(new UpdateProfile(this, myClassName,\n\t\tUPDATEPROFILE_ACTION, getAction(VIEWPROFILE_ACTION)));\n\tregisterAction(new DeleteProfile(this, myClassName,\n\t\tDELETEPROFILE_ACTION, getAction(LISTSTAFF_ACTION)));\n }\n\n\n" } } }, "message": { "text": "FunctionCall: getAction" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 147, "snippet": { "text": " public RoleBasedAccessControl()" } }, "contextRegion": { "startLine": 144, "endLine": 150, "snippet": { "text": " }\n\n\n public RoleBasedAccessControl()\n {\n\tString myClassName = parseClassName(this.getClass().getName());\n\tregisterAction(new ListStaff(this, myClassName, LISTSTAFF_ACTION));\n" } } }, "message": { "text": "Function: RoleBasedAccessControl" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 284, "snippet": { "text": " protected LessonAction getAction(String actionName)" } }, "contextRegion": { "startLine": 281, "endLine": 287, "snippet": { "text": " }\n\n\n protected LessonAction getAction(String actionName)\n {\n\treturn (LessonAction) lessonFunctions.get(actionName);\n }\n" } } }, "message": { "text": "Function: getAction" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 166 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 49, "level": "note", "message": { "text": "The function main() in [Exec.java](1) might reveal system data or debugging information by calling println() on line [513](1). The information revealed by println() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 74 }, "region": { "startLine": 513, "snippet": { "text": "\tSystem.out.println(results);" } }, "contextRegion": { "startLine": 510, "endLine": 516, "snippet": { "text": "\tSystem.out.println(\"-------------------------------------------\" + sep\n\t\t+ \"TEST 2: execSimple (with search)\");\n\tresults = Exec.execSimple(\"netstat -r\");\n\tSystem.out.println(results);\n\n\tif (results.outputContains(\"localhost:1031\"))\n\t{\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 279 }, { "index": 280 }, { "index": 24 }, { "index": 25 }, { "index": 26 }, { "index": 29 }, { "index": 30 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 74 }, "region": { "startLine": 513, "snippet": { "text": "\tSystem.out.println(results);" } }, "contextRegion": { "startLine": 510, "endLine": 516, "snippet": { "text": "\tSystem.out.println(\"-------------------------------------------\" + sep\n\t\t+ \"TEST 2: execSimple (with search)\");\n\tresults = Exec.execSimple(\"netstat -r\");\n\tSystem.out.println(results);\n\n\tif (results.outputContains(\"localhost:1031\"))\n\t{\n" } } }, "message": { "text": "println(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 74 }, "region": { "startLine": 513, "startColumn": 21 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 49, "level": "note", "message": { "text": "The function main() in [Exec.java](1) might reveal system data or debugging information by calling println() on line [509](1). The information revealed by println() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 74 }, "region": { "startLine": 509, "snippet": { "text": "\tSystem.out.println(results);" } }, "contextRegion": { "startLine": 506, "endLine": 512, "snippet": { "text": "\tSystem.out.println(\"-------------------------------------------\" + sep\n\t\t+ \"TEST 1: execSimple\");\n\tresults = Exec.execSimple(\"c:/swarm-2.1.1/bin/whoami.exe\");\n\tSystem.out.println(results);\n\tSystem.out.println(\"-------------------------------------------\" + sep\n\t\t+ \"TEST 2: execSimple (with search)\");\n\tresults = Exec.execSimple(\"netstat -r\");\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 279 }, { "index": 280 }, { "index": 24 }, { "index": 25 }, { "index": 26 }, { "index": 27 }, { "index": 28 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 74 }, "region": { "startLine": 509, "snippet": { "text": "\tSystem.out.println(results);" } }, "contextRegion": { "startLine": 506, "endLine": 512, "snippet": { "text": "\tSystem.out.println(\"-------------------------------------------\" + sep\n\t\t+ \"TEST 1: execSimple\");\n\tresults = Exec.execSimple(\"c:/swarm-2.1.1/bin/whoami.exe\");\n\tSystem.out.println(results);\n\tSystem.out.println(\"-------------------------------------------\" + sep\n\t\t+ \"TEST 2: execSimple (with search)\");\n\tresults = Exec.execSimple(\"netstat -r\");\n" } } }, "message": { "text": "println(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 74 }, "region": { "startLine": 509, "startColumn": 21 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 49, "level": "note", "message": { "text": "The function main() in [Exec.java](1) might reveal system data or debugging information by calling println() on line [524](1). The information revealed by println() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 74 }, "region": { "startLine": 524, "snippet": { "text": "\tSystem.out.println(results);" } }, "contextRegion": { "startLine": 521, "endLine": 527, "snippet": { "text": "\t\t+ \"TEST 3: execInput\");\n\tresults = Exec.execInput(\"find \\\"cde\\\"\",\n\t\t\"abcdefg1\\nhijklmnop\\nqrstuv\\nabcdefg2\");\n\tSystem.out.println(results);\n\tSystem.out.println(\"-------------------------------------------\" + sep\n\t\t+ \"TEST 4:execTimeout\");\n\tresults = Exec.execTimeout(\"ping -t 127.0.0.1\", 5 * 1000);\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 279 }, { "index": 280 }, { "index": 24 }, { "index": 31 }, { "index": 32 }, { "index": 33 }, { "index": 34 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 74 }, "region": { "startLine": 524, "snippet": { "text": "\tSystem.out.println(results);" } }, "contextRegion": { "startLine": 521, "endLine": 527, "snippet": { "text": "\t\t+ \"TEST 3: execInput\");\n\tresults = Exec.execInput(\"find \\\"cde\\\"\",\n\t\t\"abcdefg1\\nhijklmnop\\nqrstuv\\nabcdefg2\");\n\tSystem.out.println(results);\n\tSystem.out.println(\"-------------------------------------------\" + sep\n\t\t+ \"TEST 4:execTimeout\");\n\tresults = Exec.execTimeout(\"ping -t 127.0.0.1\", 5 * 1000);\n" } } }, "message": { "text": "println(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 74 }, "region": { "startLine": 524, "startColumn": 21 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 49, "level": "note", "message": { "text": "The function main() in [Exec.java](1) might reveal system data or debugging information by calling println() on line [528](1). The information revealed by println() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 74 }, "region": { "startLine": 528, "snippet": { "text": "\tSystem.out.println(results);" } }, "contextRegion": { "startLine": 525, "endLine": 531, "snippet": { "text": "\tSystem.out.println(\"-------------------------------------------\" + sep\n\t\t+ \"TEST 4:execTimeout\");\n\tresults = Exec.execTimeout(\"ping -t 127.0.0.1\", 5 * 1000);\n\tSystem.out.println(results);\n\tSystem.out.println(\"-------------------------------------------\" + sep\n\t\t+ \"TEST 5:execLazy\");\n\tresults = Exec.execLazy(\"ping -t 127.0.0.1\");\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 279 }, { "index": 280 }, { "index": 24 }, { "index": 35 }, { "index": 36 }, { "index": 37 }, { "index": 38 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 74 }, "region": { "startLine": 528, "snippet": { "text": "\tSystem.out.println(results);" } }, "contextRegion": { "startLine": 525, "endLine": 531, "snippet": { "text": "\tSystem.out.println(\"-------------------------------------------\" + sep\n\t\t+ \"TEST 4:execTimeout\");\n\tresults = Exec.execTimeout(\"ping -t 127.0.0.1\", 5 * 1000);\n\tSystem.out.println(results);\n\tSystem.out.println(\"-------------------------------------------\" + sep\n\t\t+ \"TEST 5:execLazy\");\n\tresults = Exec.execLazy(\"ping -t 127.0.0.1\");\n" } } }, "message": { "text": "println(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 74 }, "region": { "startLine": 528, "startColumn": 21 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 49, "level": "note", "message": { "text": "The function main() in [Exec.java](1) might reveal system data or debugging information by calling println() on line [532](1). The information revealed by println() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 74 }, "region": { "startLine": 532, "snippet": { "text": "\tSystem.out.println(results);" } }, "contextRegion": { "startLine": 529, "endLine": 535, "snippet": { "text": "\tSystem.out.println(\"-------------------------------------------\" + sep\n\t\t+ \"TEST 5:execLazy\");\n\tresults = Exec.execLazy(\"ping -t 127.0.0.1\");\n\tSystem.out.println(results);\n\tSystem.out.println(\"-------------------------------------------\" + sep\n\t\t+ \"TEST 6:ExecTimeout process never outputs\");\n\tresults = Exec.execTimeout(\"c:/swarm-2.1.1/bin/sleep.exe 20\", 5 * 1000);\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 279 }, { "index": 280 }, { "index": 24 }, { "index": 39 }, { "index": 40 }, { "index": 41 }, { "index": 42 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 74 }, "region": { "startLine": 532, "snippet": { "text": "\tSystem.out.println(results);" } }, "contextRegion": { "startLine": 529, "endLine": 535, "snippet": { "text": "\tSystem.out.println(\"-------------------------------------------\" + sep\n\t\t+ \"TEST 5:execLazy\");\n\tresults = Exec.execLazy(\"ping -t 127.0.0.1\");\n\tSystem.out.println(results);\n\tSystem.out.println(\"-------------------------------------------\" + sep\n\t\t+ \"TEST 6:ExecTimeout process never outputs\");\n\tresults = Exec.execTimeout(\"c:/swarm-2.1.1/bin/sleep.exe 20\", 5 * 1000);\n" } } }, "message": { "text": "println(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 74 }, "region": { "startLine": 532, "startColumn": 21 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 49, "level": "note", "message": { "text": "The function main() in [Exec.java](1) might reveal system data or debugging information by calling println() on line [536](1). The information revealed by println() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 74 }, "region": { "startLine": 536, "snippet": { "text": "\tSystem.out.println(results);" } }, "contextRegion": { "startLine": 533, "endLine": 539, "snippet": { "text": "\tSystem.out.println(\"-------------------------------------------\" + sep\n\t\t+ \"TEST 6:ExecTimeout process never outputs\");\n\tresults = Exec.execTimeout(\"c:/swarm-2.1.1/bin/sleep.exe 20\", 5 * 1000);\n\tSystem.out.println(results);\n\tSystem.out.println(\"-------------------------------------------\" + sep\n\t\t+ \"TEST 7:ExecTimeout process waits for input\");\n\tresults = Exec.execTimeout(\"c:/swarm-2.1.1/bin/cat\", 5 * 1000);\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 279 }, { "index": 280 }, { "index": 24 }, { "index": 35 }, { "index": 36 }, { "index": 43 }, { "index": 46 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 74 }, "region": { "startLine": 536, "snippet": { "text": "\tSystem.out.println(results);" } }, "contextRegion": { "startLine": 533, "endLine": 539, "snippet": { "text": "\tSystem.out.println(\"-------------------------------------------\" + sep\n\t\t+ \"TEST 6:ExecTimeout process never outputs\");\n\tresults = Exec.execTimeout(\"c:/swarm-2.1.1/bin/sleep.exe 20\", 5 * 1000);\n\tSystem.out.println(results);\n\tSystem.out.println(\"-------------------------------------------\" + sep\n\t\t+ \"TEST 7:ExecTimeout process waits for input\");\n\tresults = Exec.execTimeout(\"c:/swarm-2.1.1/bin/cat\", 5 * 1000);\n" } } }, "message": { "text": "println(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 74 }, "region": { "startLine": 536, "startColumn": 21 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 68, "message": { "text": "Without proper access control, the method createEmployeeProfile() in [UpdateProfile.java](1) can execute a SQL statement on line [340](1) that contains an attacker-controlled primary key, thereby allowing the attacker to access unauthorized records.\r\nWithout proper access control, executing a SQL statement that contains a user-controlled primary key can allow an attacker to view unauthorized records." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 340, "snippet": { "text": "\t\tstatement.executeUpdate(query);" } }, "contextRegion": { "startLine": 337, "endLine": 343, "snippet": { "text": "\t {\n\t\tStatement statement = WebSession.getConnection(s)\n\t\t\t.createStatement();\n\t\tstatement.executeUpdate(query);\n\t }\n\t catch (SQLException sqle)\n\t {\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 234 }, { "index": 235 }, { "index": 236 }, { "index": 237 }, { "index": 90 }, { "index": 91 }, { "index": 239 }, { "index": 93 }, { "index": 240 }, { "index": 241 }, { "index": 82 }, { "index": 97 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 340, "snippet": { "text": "\t\tstatement.executeUpdate(query);" } }, "contextRegion": { "startLine": 337, "endLine": 343, "snippet": { "text": "\t {\n\t\tStatement statement = WebSession.getConnection(s)\n\t\t\t.createStatement();\n\t\tstatement.executeUpdate(query);\n\t }\n\t catch (SQLException sqle)\n\t {\n" } } }, "message": { "text": "executeUpdate(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 340, "startColumn": 27 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 49, "level": "note", "message": { "text": "The function main() in [Exec.java](1) might reveal system data or debugging information by calling println() on line [540](1). The information revealed by println() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 74 }, "region": { "startLine": 540, "snippet": { "text": "\tSystem.out.println(results);" } }, "contextRegion": { "startLine": 537, "endLine": 543, "snippet": { "text": "\tSystem.out.println(\"-------------------------------------------\" + sep\n\t\t+ \"TEST 7:ExecTimeout process waits for input\");\n\tresults = Exec.execTimeout(\"c:/swarm-2.1.1/bin/cat\", 5 * 1000);\n\tSystem.out.println(results);\n }\n}\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 279 }, { "index": 280 }, { "index": 24 }, { "index": 35 }, { "index": 36 }, { "index": 44 }, { "index": 45 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 74 }, "region": { "startLine": 540, "snippet": { "text": "\tSystem.out.println(results);" } }, "contextRegion": { "startLine": 537, "endLine": 543, "snippet": { "text": "\tSystem.out.println(\"-------------------------------------------\" + sep\n\t\t+ \"TEST 7:ExecTimeout process waits for input\");\n\tresults = Exec.execTimeout(\"c:/swarm-2.1.1/bin/cat\", 5 * 1000);\n\tSystem.out.println(results);\n }\n}\n" } } }, "message": { "text": "println(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 74 }, "region": { "startLine": 540, "startColumn": 21 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 17, "message": { "text": "The catch block at [JavaScriptValidation.java](1) line [256](1) handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program.\r\nThe catch block handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 8 }, "region": { "startLine": 256, "endLine": 260, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\r\n\t e.printStackTrace();\r\n\t}" } }, "contextRegion": { "startLine": 253, "endLine": 263, "snippet": { "text": "\t }\n\t}\n\n\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\n\t e.printStackTrace();\n\t}\n\n\treturn (ec);\n }\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 8 }, "region": { "startLine": 256, "endLine": 260, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\r\n\t e.printStackTrace();\r\n\t}" } }, "contextRegion": { "startLine": 253, "endLine": 263, "snippet": { "text": "\t }\n\t}\n\n\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\n\t e.printStackTrace();\n\t}\n\n\treturn (ec);\n }\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 8 }, "region": { "startLine": 256, "startColumn": 2, "endLine": 260 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 17, "message": { "text": "The catch block at [ViewProfile.java](1) line [209](1) handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program.\r\nThe catch block handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 38 }, "region": { "startLine": 209, "endLine": 213, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t s.setMessage(\"Error getting employee profile\");\r\n\t e.printStackTrace();\r\n\t}" } }, "contextRegion": { "startLine": 206, "endLine": 216, "snippet": { "text": "\t\tsqle.printStackTrace();\n\t }\n\t}\n\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error getting employee profile\");\n\t e.printStackTrace();\n\t}\n\n\treturn profile;\n }\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 38 }, "region": { "startLine": 209, "endLine": 213, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t s.setMessage(\"Error getting employee profile\");\r\n\t e.printStackTrace();\r\n\t}" } }, "contextRegion": { "startLine": 206, "endLine": 216, "snippet": { "text": "\t\tsqle.printStackTrace();\n\t }\n\t}\n\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error getting employee profile\");\n\t e.printStackTrace();\n\t}\n\n\treturn profile;\n }\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 38 }, "region": { "startLine": 209, "startColumn": 2, "endLine": 213 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 108, "level": "error", "message": { "text": "The method getStringParameter() in [ParameterParser.java](1) mishandles confidential information, which can compromise user privacy and is often illegal.\r\nMishandling private information, such as customer passwords or social security numbers, can compromise user privacy and is often illegal." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 695, "snippet": { "text": "\t throw new ParameterNotFoundException(name + \" not found\");" } }, "contextRegion": { "startLine": 692, "endLine": 698, "snippet": { "text": "\n\tif (values == null)\n\t{\n\t throw new ParameterNotFoundException(name + \" not found\");\n\t}\n\telse if (values[0].length() == 0)\n\t{\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 282 }, { "index": 283 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 695, "snippet": { "text": "\t throw new ParameterNotFoundException(name + \" not found\");" } }, "contextRegion": { "startLine": 692, "endLine": 698, "snippet": { "text": "\n\tif (values == null)\n\t{\n\t throw new ParameterNotFoundException(name + \" not found\");\n\t}\n\telse if (values[0].length() == 0)\n\t{\n" } } }, "message": { "text": "ParameterNotFoundException(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 695 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function hashMD5() in [Encoding.java](1) might reveal system data or debugging information by calling printStackTrace() on line [646](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 646, "snippet": { "text": "\t\t\te.printStackTrace();" } }, "contextRegion": { "startLine": 643, "endLine": 649, "snippet": { "text": "\t\tcatch ( NoSuchAlgorithmException e )\n\t\t{\n\t\t\t// it's got to be there\n\t\t\te.printStackTrace();\n\t\t}\n\t\treturn ( base64Encode( md.digest() ) );\n\t}\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 646, "snippet": { "text": "\t\t\te.printStackTrace();" } }, "contextRegion": { "startLine": 643, "endLine": 649, "snippet": { "text": "\t\tcatch ( NoSuchAlgorithmException e )\n\t\t{\n\t\t\t// it's got to be there\n\t\t\te.printStackTrace();\n\t\t}\n\t\treturn ( base64Encode( md.digest() ) );\n\t}\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 646 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 33, "level": "note", "message": { "text": "Using println() rather than a dedicated logging facility makes it difficult to monitor the behavior of the program.\r\nUsing `System.out` or `System.err` rather than a dedicated logging facility makes it difficult to monitor the behavior of the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 40 }, "region": { "startLine": 189, "snippet": { "text": "\t System.out.println(\"Error dropping product database\");" } }, "contextRegion": { "startLine": 186, "endLine": 192, "snippet": { "text": "\t}\n\tcatch (SQLException e)\n\t{\n\t System.out.println(\"Error dropping product database\");\n\t}\n\n\t// Create the new table\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 40 }, "region": { "startLine": 189, "snippet": { "text": "\t System.out.println(\"Error dropping product database\");" } }, "contextRegion": { "startLine": 186, "endLine": 192, "snippet": { "text": "\t}\n\tcatch (SQLException e)\n\t{\n\t System.out.println(\"Error dropping product database\");\n\t}\n\n\t// Create the new table\n" } } }, "message": { "text": "FunctionCall: println" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 40 }, "region": { "startLine": 189 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 102, "level": "error", "message": { "text": "On line [340](1) of [UpdateProfile.java](1), the method createEmployeeProfile() invokes a SQL query built using input coming from an untrusted source. This call could allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands.\r\nConstructing a dynamic SQL statement with input coming from an untrusted source could allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 340, "snippet": { "text": "\t\tstatement.executeUpdate(query);" } }, "contextRegion": { "startLine": 337, "endLine": 343, "snippet": { "text": "\t {\n\t\tStatement statement = WebSession.getConnection(s)\n\t\t\t.createStatement();\n\t\tstatement.executeUpdate(query);\n\t }\n\t catch (SQLException sqle)\n\t {\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 281 }, { "index": 284 }, { "index": 288 }, { "index": 290 }, { "index": 90 }, { "index": 91 }, { "index": 294 }, { "index": 93 }, { "index": 296 }, { "index": 297 }, { "index": 299 }, { "index": 97 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 340, "snippet": { "text": "\t\tstatement.executeUpdate(query);" } }, "contextRegion": { "startLine": 337, "endLine": 343, "snippet": { "text": "\t {\n\t\tStatement statement = WebSession.getConnection(s)\n\t\t\t.createStatement();\n\t\tstatement.executeUpdate(query);\n\t }\n\t catch (SQLException sqle)\n\t {\n" } } }, "message": { "text": "executeUpdate(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 340, "startColumn": 27 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 17, "message": { "text": "The catch block at [ParameterParser.java](1) line [141](1) handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program.\r\nThe catch block handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 141, "endLine": 144, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t return def;\r\n\t}" } }, "contextRegion": { "startLine": 138, "endLine": 147, "snippet": { "text": "\t{\n\t return new Boolean(getSubParameter(first, next)).booleanValue();\n\t}\n\tcatch (Exception e)\n\t{\n\t return def;\n\t}\n }\n\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 141, "endLine": 144, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t return def;\r\n\t}" } }, "contextRegion": { "startLine": 138, "endLine": 147, "snippet": { "text": "\t{\n\t return new Boolean(getSubParameter(first, next)).booleanValue();\n\t}\n\tcatch (Exception e)\n\t{\n\t return def;\n\t}\n }\n\n\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 141, "startColumn": 2, "endLine": 144 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 66, "message": { "text": "The method doPost() in [LessonSource.java](1) writes unvalidated user input to the log on line [105](1). An attacker could take advantage of this behavior to forge log entries or inject malicious content into the log.\r\nWriting unvalidated user input to log files can allow an attacker to forge log entries or inject malicious content into the logs." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 117 }, "region": { "startLine": 105, "snippet": { "text": "\t\tlog(request, \"Could not write error screen: \"" } }, "contextRegion": { "startLine": 102, "endLine": 108, "snippet": { "text": "\t catch (Throwable thr)\n\t {\n\t\tthr.printStackTrace();\n\t\tlog(request, \"Could not write error screen: \"\n\t\t\t+ thr.getMessage());\n\t }\n\t //System.out.println( \"Leaving doPost: \" );\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 300 }, { "index": 301 }, { "index": 302 }, { "index": 303 }, { "index": 304 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 117 }, "region": { "startLine": 105, "snippet": { "text": "\t\tlog(request, \"Could not write error screen: \"" } }, "contextRegion": { "startLine": 102, "endLine": 108, "snippet": { "text": "\t catch (Throwable thr)\n\t {\n\t\tthr.printStackTrace();\n\t\tlog(request, \"Could not write error screen: \"\n\t\t\t+ thr.getMessage());\n\t }\n\t //System.out.println( \"Leaving doPost: \" );\n" } } }, "message": { "text": "log(0)" } }, "kinds": [ "call", "function" ] } ] } ] }, { "threadFlows": [ { "locations": [ { "index": 300 }, { "index": 301 }, { "index": 302 }, { "index": 303 }, { "index": 305 }, { "index": 306 }, { "index": 304 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 117 }, "region": { "startLine": 105, "snippet": { "text": "\t\tlog(request, \"Could not write error screen: \"" } }, "contextRegion": { "startLine": 102, "endLine": 108, "snippet": { "text": "\t catch (Throwable thr)\n\t {\n\t\tthr.printStackTrace();\n\t\tlog(request, \"Could not write error screen: \"\n\t\t\t+ thr.getMessage());\n\t }\n\t //System.out.println( \"Leaving doPost: \" );\n" } } }, "message": { "text": "log(0)" } }, "kinds": [ "call", "function" ] } ] } ] }, { "threadFlows": [ { "locations": [ { "index": 300 }, { "index": 301 }, { "index": 302 }, { "index": 303 }, { "index": 307 }, { "index": 308 }, { "index": 309 }, { "index": 310 }, { "index": 304 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 117 }, "region": { "startLine": 105, "snippet": { "text": "\t\tlog(request, \"Could not write error screen: \"" } }, "contextRegion": { "startLine": 102, "endLine": 108, "snippet": { "text": "\t catch (Throwable thr)\n\t {\n\t\tthr.printStackTrace();\n\t\tlog(request, \"Could not write error screen: \"\n\t\t\t+ thr.getMessage());\n\t }\n\t //System.out.println( \"Leaving doPost: \" );\n" } } }, "message": { "text": "log(0)" } }, "kinds": [ "call", "function" ] } ] } ] }, { "threadFlows": [ { "locations": [ { "index": 300 }, { "index": 301 }, { "index": 302 }, { "index": 303 }, { "index": 305 }, { "index": 306 }, { "index": 307 }, { "index": 308 }, { "index": 309 }, { "index": 310 }, { "index": 304 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 117 }, "region": { "startLine": 105, "snippet": { "text": "\t\tlog(request, \"Could not write error screen: \"" } }, "contextRegion": { "startLine": 102, "endLine": 108, "snippet": { "text": "\t catch (Throwable thr)\n\t {\n\t\tthr.printStackTrace();\n\t\tlog(request, \"Could not write error screen: \"\n\t\t\t+ thr.getMessage());\n\t }\n\t //System.out.println( \"Leaving doPost: \" );\n" } } }, "message": { "text": "log(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 117 }, "region": { "startLine": 105, "startColumn": 7 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function createContent() in [WsSqlInjection.java](1) might reveal system data or debugging information by calling printStackTrace() on line [219](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 99 }, "region": { "startLine": 219, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 216, "endLine": 222, "snippet": { "text": "\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\n\t e.printStackTrace();\n\t}\n\treturn (ec);\n }\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 99 }, "region": { "startLine": 219, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 216, "endLine": 222, "snippet": { "text": "\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\n\t e.printStackTrace();\n\t}\n\treturn (ec);\n }\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 99 }, "region": { "startLine": 219 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 25, "message": { "text": "Untrusted data is passed to the application and used as a regular expression. This can cause the thread to over-consume CPU resources." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 52 }, "region": { "startLine": 199, "snippet": { "text": "\t\t\t System.getProperty(\"line.separator\"), \"
\")" } }, "contextRegion": { "startLine": 196, "endLine": 202, "snippet": { "text": "\t\t\tthrow new Exception(\"File is binary\");\n\t\t }\n\t\t ec.addElement(new StringElement(fileData.replaceAll(\n\t\t\t System.getProperty(\"line.separator\"), \"
\")\n\t\t\t .replaceAll(\"(?s)\", \"\")\n\t\t\t .replaceAll(\"

\", \"
\").replaceAll(\n\t\t\t\t \"
\\\\s
\", \"
\").replaceAll(\"<\\\\?\",\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 311 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 52 }, "region": { "startLine": 199, "snippet": { "text": "\t\t\t System.getProperty(\"line.separator\"), \"
\")" } }, "contextRegion": { "startLine": 196, "endLine": 202, "snippet": { "text": "\t\t\tthrow new Exception(\"File is binary\");\n\t\t }\n\t\t ec.addElement(new StringElement(fileData.replaceAll(\n\t\t\t System.getProperty(\"line.separator\"), \"
\")\n\t\t\t .replaceAll(\"(?s)\", \"\")\n\t\t\t .replaceAll(\"

\", \"
\").replaceAll(\n\t\t\t\t \"
\\\\s
\", \"
\").replaceAll(\"<\\\\?\",\n" } } }, "message": { "text": "replaceAll(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 52 }, "region": { "startLine": 199 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 33, "level": "note", "message": { "text": "Using println() rather than a dedicated logging facility makes it difficult to monitor the behavior of the program.\r\nUsing `System.out` or `System.err` rather than a dedicated logging facility makes it difficult to monitor the behavior of the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 40 }, "region": { "startLine": 202, "snippet": { "text": "\t System.out.println(\"Error creating product database\");" } }, "contextRegion": { "startLine": 199, "endLine": 205, "snippet": { "text": "\t}\n\tcatch (SQLException e)\n\t{\n\t System.out.println(\"Error creating product database\");\n\t e.printStackTrace();\n\t}\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 40 }, "region": { "startLine": 202, "snippet": { "text": "\t System.out.println(\"Error creating product database\");" } }, "contextRegion": { "startLine": 199, "endLine": 205, "snippet": { "text": "\t}\n\tcatch (SQLException e)\n\t{\n\t System.out.println(\"Error creating product database\");\n\t e.printStackTrace();\n\t}\n\n" } } }, "message": { "text": "FunctionCall: println" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 40 }, "region": { "startLine": 202 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function doPost() in [LessonSource.java](1) might reveal system data or debugging information by calling printStackTrace() on line [104](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 117 }, "region": { "startLine": 104, "snippet": { "text": "\t\tthr.printStackTrace();" } }, "contextRegion": { "startLine": 101, "endLine": 107, "snippet": { "text": "\t }\n\t catch (Throwable thr)\n\t {\n\t\tthr.printStackTrace();\n\t\tlog(request, \"Could not write error screen: \"\n\t\t\t+ thr.getMessage());\n\t }\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 117 }, "region": { "startLine": 104, "snippet": { "text": "\t\tthr.printStackTrace();" } }, "contextRegion": { "startLine": 101, "endLine": 107, "snippet": { "text": "\t }\n\t catch (Throwable thr)\n\t {\n\t\tthr.printStackTrace();\n\t\tlog(request, \"Could not write error screen: \"\n\t\t\t+ thr.getMessage());\n\t }\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 117 }, "region": { "startLine": 104 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 97, "level": "error", "message": { "text": "The method accessWGService() in [WSDLScanning.java](1) calls setOperationName() with a command built from untrusted data. This call can cause the program to execute malicious commands on behalf of an attacker.\r\nExecuting commands from an untrusted source or in an untrusted environment can cause an application to execute malicious commands on behalf of an attacker." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 83 }, "region": { "startLine": 143, "snippet": { "text": "\t call.setOperationName(operationName);" } }, "contextRegion": { "startLine": 140, "endLine": 146, "snippet": { "text": "\t QName operationName = new QName(targetNamespace, proc);\n\t Service service = new Service();\n\t Call call = (Call) service.createCall();\n\t call.setOperationName(operationName);\n\t call.addParameter(parameterName, serviceName, ParameterMode.INOUT);\n\t call.setReturnType(XMLType.XSD_STRING);\n\t call.setUsername(\"guest\");\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 285 }, { "index": 286 }, { "index": 287 }, { "index": 289 }, { "index": 291 }, { "index": 293 }, { "index": 295 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 83 }, "region": { "startLine": 143, "snippet": { "text": "\t call.setOperationName(operationName);" } }, "contextRegion": { "startLine": 140, "endLine": 146, "snippet": { "text": "\t QName operationName = new QName(targetNamespace, proc);\n\t Service service = new Service();\n\t Call call = (Call) service.createCall();\n\t call.setOperationName(operationName);\n\t call.addParameter(parameterName, serviceName, ParameterMode.INOUT);\n\t call.setReturnType(XMLType.XSD_STRING);\n\t call.setUsername(\"guest\");\n" } } }, "message": { "text": "setOperationName(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 83 }, "region": { "startLine": 143, "startColumn": 28 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 16, "message": { "text": "Storing passwords or password details in plaintext anywhere in the system or system code may compromise system security in a way that cannot be easily remedied." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 139, "endLine": 145, "snippet": { "text": " /**\r\n * Determine the username and password\r\n *\r\n * @param s Description of the Parameter\r\n * @return Description of the Return Value\r\n * @exception Exception Description of the Exception\r\n */" } }, "contextRegion": { "startLine": 136, "endLine": 148, "snippet": { "text": " }\n\n\n /**\n * Determine the username and password\n *\n * @param s Description of the Parameter\n * @return Description of the Return Value\n * @exception Exception Description of the Exception\n */\n protected Element doStage1(WebSession s) throws Exception\n {\n\tsetStage(s, 1);\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 139, "endLine": 145, "snippet": { "text": " /**\r\n * Determine the username and password\r\n *\r\n * @param s Description of the Parameter\r\n * @return Description of the Return Value\r\n * @exception Exception Description of the Exception\r\n */" } }, "contextRegion": { "startLine": 136, "endLine": 148, "snippet": { "text": " }\n\n\n /**\n * Determine the username and password\n *\n * @param s Description of the Parameter\n * @return Description of the Return Value\n * @exception Exception Description of the Exception\n */\n protected Element doStage1(WebSession s) throws Exception\n {\n\tsetStage(s, 1);\n" } } }, "message": { "text": "Comment" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 139, "startColumn": 5, "endLine": 145 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function getEmployeeProfile() in [EditProfile.java](1) might reveal system data or debugging information by calling printStackTrace() on line [131](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 138 }, "region": { "startLine": 131, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 128, "endLine": 134, "snippet": { "text": "\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error getting employee profile\");\n\t e.printStackTrace();\n\t}\n\n\treturn profile;\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 138 }, "region": { "startLine": 131, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 128, "endLine": 134, "snippet": { "text": "\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error getting employee profile\");\n\t e.printStackTrace();\n\t}\n\n\treturn profile;\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 138 }, "region": { "startLine": 131 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 62, "level": "error", "message": { "text": "The method createContent() in [ReflectedXSS.java](1) sends unvalidated data to a web browser on line [150](1), which can result in the browser executing malicious code.\r\nSending unvalidated data to a web browser can result in the browser executing malicious code." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 137 }, "region": { "startLine": 150, "snippet": { "text": "\t\t\t .getStringParameter(\"QTY3\", \"1\")))" } }, "contextRegion": { "startLine": 147, "endLine": 153, "snippet": { "text": "\t tr.addElement(new TD().addElement(\"1599.99\").setAlign(\"right\"));\n\t tr.addElement(new TD().addElement(\n\t\t new Input(Input.TEXT, \"QTY3\", s.getParser()\n\t\t\t .getStringParameter(\"QTY3\", \"1\")))\n\t\t .setAlign(\"right\"));\n\t quantity = s.getParser().getFloatParameter(\"QTY3\", 1.0f);\n\t total = quantity * 1599.99f;\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 67 }, { "index": 68 }, { "index": 69 }, { "index": 70 }, { "index": 76 }, { "index": 77 }, { "index": 136 }, { "index": 137 }, { "index": 315 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 137 }, "region": { "startLine": 150, "snippet": { "text": "\t\t\t .getStringParameter(\"QTY3\", \"1\")))" } }, "contextRegion": { "startLine": 147, "endLine": 153, "snippet": { "text": "\t tr.addElement(new TD().addElement(\"1599.99\").setAlign(\"right\"));\n\t tr.addElement(new TD().addElement(\n\t\t new Input(Input.TEXT, \"QTY3\", s.getParser()\n\t\t\t .getStringParameter(\"QTY3\", \"1\")))\n\t\t .setAlign(\"right\"));\n\t quantity = s.getParser().getFloatParameter(\"QTY3\", 1.0f);\n\t total = quantity * 1599.99f;\n" } } }, "message": { "text": "Input(2)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 137 }, "region": { "startLine": 150 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 42, "message": { "text": "The method setSessionAttribute() in [DefaultLessonAction.java](1) commingles trusted and untrusted data in the same data structure, which encourages programmers to mistakenly trust unvalidated data.\r\nCommingling trusted and untrusted data in the same data structure encourages programmers to mistakenly trust unvalidated data." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 106 }, "region": { "startLine": 89, "snippet": { "text": "\t\ts.getRequest().getSession().setAttribute(name, value);" } }, "contextRegion": { "startLine": 86, "endLine": 92, "snippet": { "text": "\t\n\tpublic void setSessionAttribute(WebSession s, String name, Object value)\n\t{\n\t\ts.getRequest().getSession().setAttribute(name, value);\n\t}\n\t\n\tpublic void setRequestAttribute(WebSession s, String name, Object value)\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 316 }, { "index": 317 }, { "index": 318 }, { "index": 319 }, { "index": 320 }, { "index": 321 }, { "index": 322 }, { "index": 323 }, { "index": 324 }, { "index": 325 }, { "index": 326 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 106 }, "region": { "startLine": 89, "snippet": { "text": "\t\ts.getRequest().getSession().setAttribute(name, value);" } }, "contextRegion": { "startLine": 86, "endLine": 92, "snippet": { "text": "\t\n\tpublic void setSessionAttribute(WebSession s, String name, Object value)\n\t{\n\t\ts.getRequest().getSession().setAttribute(name, value);\n\t}\n\t\n\tpublic void setRequestAttribute(WebSession s, String name, Object value)\n" } } }, "message": { "text": "setAttribute(1)" } }, "kinds": [ "call", "function" ] } ] } ] }, { "threadFlows": [ { "locations": [ { "index": 316 }, { "index": 317 }, { "index": 327 }, { "index": 328 }, { "index": 329 }, { "index": 321 }, { "index": 322 }, { "index": 323 }, { "index": 330 }, { "index": 325 }, { "index": 326 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 106 }, "region": { "startLine": 89, "snippet": { "text": "\t\ts.getRequest().getSession().setAttribute(name, value);" } }, "contextRegion": { "startLine": 86, "endLine": 92, "snippet": { "text": "\t\n\tpublic void setSessionAttribute(WebSession s, String name, Object value)\n\t{\n\t\ts.getRequest().getSession().setAttribute(name, value);\n\t}\n\t\n\tpublic void setRequestAttribute(WebSession s, String name, Object value)\n" } } }, "message": { "text": "setAttribute(1)" } }, "kinds": [ "call", "function" ] } ] } ] }, { "threadFlows": [ { "locations": [ { "index": 316 }, { "index": 317 }, { "index": 331 }, { "index": 332 }, { "index": 333 }, { "index": 321 }, { "index": 322 }, { "index": 323 }, { "index": 334 }, { "index": 325 }, { "index": 326 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 106 }, "region": { "startLine": 89, "snippet": { "text": "\t\ts.getRequest().getSession().setAttribute(name, value);" } }, "contextRegion": { "startLine": 86, "endLine": 92, "snippet": { "text": "\t\n\tpublic void setSessionAttribute(WebSession s, String name, Object value)\n\t{\n\t\ts.getRequest().getSession().setAttribute(name, value);\n\t}\n\t\n\tpublic void setRequestAttribute(WebSession s, String name, Object value)\n" } } }, "message": { "text": "setAttribute(1)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 106 }, "region": { "startLine": 89, "startColumn": 50 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 33, "level": "note", "message": { "text": "Using println() rather than a dedicated logging facility makes it difficult to monitor the behavior of the program.\r\nUsing `System.out` or `System.err` rather than a dedicated logging facility makes it difficult to monitor the behavior of the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 307, "snippet": { "text": "\tSystem.out.println(output);" } }, "contextRegion": { "startLine": 304, "endLine": 310, "snippet": { "text": "\tString output = new Date() + \" | \" + request.getRemoteHost() + \":\"\n\t\t+ request.getRemoteAddr() + \" | \" + message;\n\tlog(output);\n\tSystem.out.println(output);\n }\n\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 307, "snippet": { "text": "\tSystem.out.println(output);" } }, "contextRegion": { "startLine": 304, "endLine": 310, "snippet": { "text": "\tString output = new Date() + \" | \" + request.getRemoteHost() + \":\"\n\t\t+ request.getRemoteAddr() + \" | \" + message;\n\tlog(output);\n\tSystem.out.println(output);\n }\n\n\n" } } }, "message": { "text": "FunctionCall: println" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 307 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 33, "level": "note", "message": { "text": "Using println() rather than a dedicated logging facility makes it difficult to monitor the behavior of the program.\r\nUsing `System.out` or `System.err` rather than a dedicated logging facility makes it difficult to monitor the behavior of the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 75 }, "region": { "startLine": 478, "snippet": { "text": "\t System.out.println(e);" } }, "contextRegion": { "startLine": 475, "endLine": 481, "snippet": { "text": "\t}\n\tcatch (Exception e)\n\t{\n\t System.out.println(e);\n\t e.printStackTrace();\n\t}\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 75 }, "region": { "startLine": 478, "snippet": { "text": "\t System.out.println(e);" } }, "contextRegion": { "startLine": 475, "endLine": 481, "snippet": { "text": "\t}\n\tcatch (Exception e)\n\t{\n\t System.out.println(e);\n\t e.printStackTrace();\n\t}\n\n" } } }, "message": { "text": "FunctionCall: println" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 75 }, "region": { "startLine": 478 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 126, "level": "error", "message": { "text": "On line [103](1) of [ThreadSafetyProblem.java](1), the method createContent() invokes a SQL query built using input coming from an untrusted source. This call could allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands.\r\nConstructing a dynamic SQL statement with input coming from an untrusted source could allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 12 }, "region": { "startLine": 103, "snippet": { "text": "\t\tResultSet results = statement.executeQuery(query);" } }, "contextRegion": { "startLine": 100, "endLine": 106, "snippet": { "text": "\t\tStatement statement = connection.createStatement(\n\t\t\tResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tResultSet results = statement.executeQuery(query);\n\n\t\tif ((results != null) && (results.first() == true))\n\t\t{\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 0 }, { "index": 2 }, { "index": 3 }, { "index": 7 }, { "index": 10 }, { "index": 312 }, { "index": 313 }, { "index": 314 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 12 }, "region": { "startLine": 103, "snippet": { "text": "\t\tResultSet results = statement.executeQuery(query);" } }, "contextRegion": { "startLine": 100, "endLine": 106, "snippet": { "text": "\t\tStatement statement = connection.createStatement(\n\t\t\tResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tResultSet results = statement.executeQuery(query);\n\n\t\tif ((results != null) && (results.first() == true))\n\t\t{\n" } } }, "message": { "text": "executeQuery(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 12 }, "region": { "startLine": 103, "startColumn": 46 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 108, "level": "error", "message": { "text": "The method ParameterNotFoundException() in [ParameterNotFoundException.java](1) mishandles confidential information, which can compromise user privacy and is often illegal.\r\nMishandling private information, such as customer passwords or social security numbers, can compromise user privacy and is often illegal." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 77 }, "region": { "startLine": 54, "snippet": { "text": "\tsuper(s);" } }, "contextRegion": { "startLine": 51, "endLine": 57, "snippet": { "text": " */\n public ParameterNotFoundException(String s)\n {\n\tsuper(s);\n }\n}\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 126 }, { "index": 127 }, { "index": 128 }, { "index": 335 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 77 }, "region": { "startLine": 54, "snippet": { "text": "\tsuper(s);" } }, "contextRegion": { "startLine": 51, "endLine": 57, "snippet": { "text": " */\n public ParameterNotFoundException(String s)\n {\n\tsuper(s);\n }\n}\n" } } }, "message": { "text": "Exception(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 77 }, "region": { "startLine": 54, "startColumn": 8 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 16, "message": { "text": "Storing passwords or password details in plaintext anywhere in the system or system code may compromise system security in a way that cannot be easily remedied." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 48 }, "region": { "startLine": 102, "snippet": { "text": "\t\t// username/password was entered when they first enter the lesson via the side menu." } }, "contextRegion": { "startLine": 99, "endLine": 105, "snippet": { "text": "\t if (password.length() == 0)\n\t {\n\t\t// We make sure the username was submitted to avoid telling the user an invalid\n\t\t// username/password was entered when they first enter the lesson via the side menu.\n\t\t// This also suppresses the error if they just hit the login and both fields are empty.\n\t\tif (username.length() != 0)\n\t\t{\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 48 }, "region": { "startLine": 102, "snippet": { "text": "\t\t// username/password was entered when they first enter the lesson via the side menu." } }, "contextRegion": { "startLine": 99, "endLine": 105, "snippet": { "text": "\t if (password.length() == 0)\n\t {\n\t\t// We make sure the username was submitted to avoid telling the user an invalid\n\t\t// username/password was entered when they first enter the lesson via the side menu.\n\t\t// This also suppresses the error if they just hit the login and both fields are empty.\n\t\tif (username.length() != 0)\n\t\t{\n" } } }, "message": { "text": "Comment" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 48 }, "region": { "startLine": 102, "startColumn": 3 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 126, "level": "error", "message": { "text": "On line [149](1) of [Login.java](1), the method login() invokes a SQL query built using input coming from an untrusted source. This call could allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands.\r\nConstructing a dynamic SQL statement with input coming from an untrusted source could allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 88 }, "region": { "startLine": 149, "snippet": { "text": "\t\tResultSet answer_results = answer_statement.executeQuery(query);" } }, "contextRegion": { "startLine": 146, "endLine": 152, "snippet": { "text": "\t\tStatement answer_statement = WebSession.getConnection(s)\n\t\t\t.createStatement(ResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tResultSet answer_results = answer_statement.executeQuery(query);\n\t\tif (answer_results.first())\n\t\t{\n\t\t setSessionAttribute(s,\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 0 }, { "index": 2 }, { "index": 3 }, { "index": 336 }, { "index": 337 }, { "index": 338 }, { "index": 339 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 88 }, "region": { "startLine": 149, "snippet": { "text": "\t\tResultSet answer_results = answer_statement.executeQuery(query);" } }, "contextRegion": { "startLine": 146, "endLine": 152, "snippet": { "text": "\t\tStatement answer_statement = WebSession.getConnection(s)\n\t\t\t.createStatement(ResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tResultSet answer_results = answer_statement.executeQuery(query);\n\t\tif (answer_results.first())\n\t\t{\n\t\t setSessionAttribute(s,\n" } } }, "message": { "text": "executeQuery(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 88 }, "region": { "startLine": 149, "startColumn": 60 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 94, "message": { "text": "The method updateSession() in [HammerHead.java](1) stores a non-serializable object as an `HttpSession` attribute, which can damage application reliability.\r\nStoring a non-serializable object as an `HttpSession` attribute can damage application reliability." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 495, "snippet": { "text": "\t hs.setAttribute(WebSession.SESSION, session);" } }, "contextRegion": { "startLine": 492, "endLine": 498, "snippet": { "text": "\t // Create new custom session and save it in the HTTP session\n\t // System.out.println( \"HH Creating new WebSession: \" );\n\t session = new WebSession(this, context);\n\t hs.setAttribute(WebSession.SESSION, session);\n\t // reset timeout\n\t hs.setMaxInactiveInterval(sessionTimeoutSeconds);\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 495, "snippet": { "text": "\t hs.setAttribute(WebSession.SESSION, session);" } }, "contextRegion": { "startLine": 492, "endLine": 498, "snippet": { "text": "\t // Create new custom session and save it in the HTTP session\n\t // System.out.println( \"HH Creating new WebSession: \" );\n\t session = new WebSession(this, context);\n\t hs.setAttribute(WebSession.SESSION, session);\n\t // reset timeout\n\t hs.setMaxInactiveInterval(sessionTimeoutSeconds);\n\n" } } }, "message": { "text": "FunctionCall: setAttribute" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 495 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function deleteEmployeeProfile() in [DeleteProfile.java](1) might reveal system data or debugging information by calling printStackTrace() on line [126](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 73 }, "region": { "startLine": 126, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 123, "endLine": 129, "snippet": { "text": "\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error deleting employee profile\");\n\t e.printStackTrace();\n\t}\n }\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 73 }, "region": { "startLine": 126, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 123, "endLine": 129, "snippet": { "text": "\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error deleting employee profile\");\n\t e.printStackTrace();\n\t}\n }\n\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 73 }, "region": { "startLine": 126 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function login() in [Login.java](1) might reveal system data or debugging information by calling printStackTrace() on line [168](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 88 }, "region": { "startLine": 168, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 165, "endLine": 171, "snippet": { "text": "\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error logging in\");\n\t e.printStackTrace();\n\t}\n\n\t//System.out.println(\"Lesson login result: \" + authenticated);\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 88 }, "region": { "startLine": 168, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 165, "endLine": 171, "snippet": { "text": "\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error logging in\");\n\t e.printStackTrace();\n\t}\n\n\t//System.out.println(\"Lesson login result: \" + authenticated);\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 88 }, "region": { "startLine": 168 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 118, "message": { "text": "A cookie is created without the `secure` flag set to `true`." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 128 }, "region": { "startLine": 209, "snippet": { "text": "\t s.getResponse().addCookie(cookie);" } }, "contextRegion": { "startLine": 206, "endLine": 212, "snippet": { "text": "\t{\n\t weakid = newCookie();\n\t Cookie cookie = new Cookie(SESSIONID, weakid);\n\t s.getResponse().addCookie(cookie);\n\t}\n\n\tec.addElement(new H1().addElement(\"Sign In \"));\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 128 }, "region": { "startLine": 205, "snippet": { "text": "\tif (weakid == null)" } }, "contextRegion": { "startLine": 202, "endLine": 208, "snippet": { "text": "\n\tString weakid = s.getCookie(SESSIONID);\n\n\tif (weakid == null)\n\t{\n\t weakid = newCookie();\n\t Cookie cookie = new Cookie(SESSIONID, weakid);\n" } } }, "message": { "text": "Branch taken" } }, "kinds": [ "branch", "true" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 128 }, "region": { "startLine": 208, "snippet": { "text": "\t Cookie cookie = new Cookie(SESSIONID, weakid);" } }, "contextRegion": { "startLine": 205, "endLine": 211, "snippet": { "text": "\tif (weakid == null)\n\t{\n\t weakid = newCookie();\n\t Cookie cookie = new Cookie(SESSIONID, weakid);\n\t s.getResponse().addCookie(cookie);\n\t}\n\n" } } }, "message": { "text": "cookie = new Cookie(...)" } }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 128 }, "region": { "startLine": 209, "snippet": { "text": "\t s.getResponse().addCookie(cookie);" } }, "contextRegion": { "startLine": 206, "endLine": 212, "snippet": { "text": "\t{\n\t weakid = newCookie();\n\t Cookie cookie = new Cookie(SESSIONID, weakid);\n\t s.getResponse().addCookie(cookie);\n\t}\n\n\tec.addElement(new H1().addElement(\"Sign In \"));\n" } } }, "message": { "text": "addCookie(cookie)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 128 }, "region": { "startLine": 209 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function createMessageTable() in [CreateDB.java](1) might reveal system data or debugging information by calling printStackTrace() on line [165](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 40 }, "region": { "startLine": 165, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 162, "endLine": 168, "snippet": { "text": "\tcatch (SQLException e)\n\t{\n\t System.out.println(\"Error creating message database\");\n\t e.printStackTrace();\n\t}\n }\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 40 }, "region": { "startLine": 165, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 162, "endLine": 168, "snippet": { "text": "\tcatch (SQLException e)\n\t{\n\t System.out.println(\"Error creating message database\");\n\t e.printStackTrace();\n\t}\n }\n\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 40 }, "region": { "startLine": 165 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 114, "message": { "text": "The method removeHttpOnly() in [HttpOnly.java](1) includes unvalidated data in an HTTP response header on line [212](1). This enables attacks such as cache-poisoning, cross-site scripting, cross-user defacement, page hijacking, cookie manipulation or open redirect.\r\nIncluding unvalidated data in an HTTP response header can enable cache-poisoning, cross-site scripting, cross-user defacement, page hijacking, cookie manipulation or open redirect." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 11 }, "region": { "startLine": 212, "snippet": { "text": "\t\t\tresponse.setHeader(\"Set-Cookie\", UNIQUE2U + \"=\" + cookie + \";\");" } }, "contextRegion": { "startLine": 209, "endLine": 215, "snippet": { "text": "\t\t\tresponse.setHeader(\"Set-Cookie\", UNIQUE2U + \"=\" + value + \";\");\n\t\t\toriginal = value;\n\t\t} else {\n\t\t\tresponse.setHeader(\"Set-Cookie\", UNIQUE2U + \"=\" + cookie + \";\");\n\t\t\toriginal = cookie;\n\t\t}\n\t}\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 340 }, { "index": 341 }, { "index": 342 }, { "index": 343 }, { "index": 344 }, { "index": 345 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 11 }, "region": { "startLine": 212, "snippet": { "text": "\t\t\tresponse.setHeader(\"Set-Cookie\", UNIQUE2U + \"=\" + cookie + \";\");" } }, "contextRegion": { "startLine": 209, "endLine": 215, "snippet": { "text": "\t\t\tresponse.setHeader(\"Set-Cookie\", UNIQUE2U + \"=\" + value + \";\");\n\t\t\toriginal = value;\n\t\t} else {\n\t\t\tresponse.setHeader(\"Set-Cookie\", UNIQUE2U + \"=\" + cookie + \";\");\n\t\t\toriginal = cookie;\n\t\t}\n\t}\n" } } }, "message": { "text": "setHeader(1)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 11 }, "region": { "startLine": 212 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 17, "message": { "text": "The catch block at [ViewDatabase.java](1) line [102](1) handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program.\r\nThe catch block handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 114 }, "region": { "startLine": 102, "endLine": 106, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\r\n\t e.printStackTrace();\r\n\t}" } }, "contextRegion": { "startLine": 99, "endLine": 109, "snippet": { "text": "\n\t }\n\t}\n\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\n\t e.printStackTrace();\n\t}\n\n\treturn (ec);\n }\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 114 }, "region": { "startLine": 102, "endLine": 106, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\r\n\t e.printStackTrace();\r\n\t}" } }, "contextRegion": { "startLine": 99, "endLine": 109, "snippet": { "text": "\n\t }\n\t}\n\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\n\t e.printStackTrace();\n\t}\n\n\treturn (ec);\n }\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 114 }, "region": { "startLine": 102, "startColumn": 2, "endLine": 106 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 125, "level": "error", "message": { "text": "The method _jspService() in [EditProfile.jsp](1) mishandles confidential information, which can compromise user privacy and is often illegal.\r\nMishandling private information, such as customer passwords or social security numbers, can compromise user privacy and is often illegal." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 79 }, "region": { "startLine": 54, "snippet": { "text": "\t\t\t \t\t\" type=\"text\" value=\"<%=employee.getSsn()%>\"/> " } }, "contextRegion": { "startLine": 51, "endLine": 57, "snippet": { "text": "\t\t\t \t\tSSN: \n\t\t\t \t\n\t\t\t \t\n\t\t\t \t\t\" type=\"text\" value=\"<%=employee.getSsn()%>\"/> \n\t\t\t\t\t\n\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\tSalary: \n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 346 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 79 }, "region": { "startLine": 54, "snippet": { "text": "\t\t\t \t\t\" type=\"text\" value=\"<%=employee.getSsn()%>\"/> " } }, "contextRegion": { "startLine": 51, "endLine": 57, "snippet": { "text": "\t\t\t \t\tSSN: \n\t\t\t \t\n\t\t\t \t\n\t\t\t \t\t\" type=\"text\" value=\"<%=employee.getSsn()%>\"/> \n\t\t\t\t\t\n\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\tSalary: \n" } } }, "message": { "text": "print(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 79 }, "region": { "startLine": 54 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 17, "message": { "text": "The catch block at [RoleBasedAccessControl.java](1) line [454](1) handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program.\r\nThe catch block handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 454, "endLine": 460, "snippet": { "text": "\t catch (Exception e)\r\n\t {\r\n\t\t// All other errors send the user to the generic error page\r\n\t\tSystem.out.println(\"handleRequest() error\");\r\n\t\te.printStackTrace();\r\n\t\tsetCurrentAction(s, ERROR_ACTION);\r\n\t }" } }, "contextRegion": { "startLine": 451, "endLine": 463, "snippet": { "text": "\t\tsetCurrentAction(s, ERROR_ACTION);\n\t\tue2.printStackTrace();\n\t }\n\t catch (Exception e)\n\t {\n\t\t// All other errors send the user to the generic error page\n\t\tSystem.out.println(\"handleRequest() error\");\n\t\te.printStackTrace();\n\t\tsetCurrentAction(s, ERROR_ACTION);\n\t }\n\t}\n\n\t// All this does for this lesson is ensure that a non-null content exists.\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 454, "endLine": 460, "snippet": { "text": "\t catch (Exception e)\r\n\t {\r\n\t\t// All other errors send the user to the generic error page\r\n\t\tSystem.out.println(\"handleRequest() error\");\r\n\t\te.printStackTrace();\r\n\t\tsetCurrentAction(s, ERROR_ACTION);\r\n\t }" } }, "contextRegion": { "startLine": 451, "endLine": 463, "snippet": { "text": "\t\tsetCurrentAction(s, ERROR_ACTION);\n\t\tue2.printStackTrace();\n\t }\n\t catch (Exception e)\n\t {\n\t\t// All other errors send the user to the generic error page\n\t\tSystem.out.println(\"handleRequest() error\");\n\t\te.printStackTrace();\n\t\tsetCurrentAction(s, ERROR_ACTION);\n\t }\n\t}\n\n\t// All this does for this lesson is ensure that a non-null content exists.\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 454, "startColumn": 6, "endLine": 460 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function handleRequest() in [ThreadSafetyProblem.java](1) might reveal system data or debugging information by calling printStackTrace() on line [217](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 12 }, "region": { "startLine": 217, "snippet": { "text": "\t e.printStackTrace(System.out);" } }, "contextRegion": { "startLine": 214, "endLine": 220, "snippet": { "text": "\tcatch (Exception e)\n\t{\n\t System.out.println(\"Exception caught: \" + e);\n\t e.printStackTrace(System.out);\n\t}\n }\n \n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 12 }, "region": { "startLine": 217, "snippet": { "text": "\t e.printStackTrace(System.out);" } }, "contextRegion": { "startLine": 214, "endLine": 220, "snippet": { "text": "\tcatch (Exception e)\n\t{\n\t System.out.println(\"Exception caught: \" + e);\n\t e.printStackTrace(System.out);\n\t}\n }\n \n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 12 }, "region": { "startLine": 217 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function createContent() in [WsSAXInjection.java](1) might reveal system data or debugging information by calling printStackTrace() on line [166](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 18 }, "region": { "startLine": 166, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 163, "endLine": 169, "snippet": { "text": "\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\n\t e.printStackTrace();\n\t}\n\treturn (ec);\n }\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 18 }, "region": { "startLine": 166, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 163, "endLine": 169, "snippet": { "text": "\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\n\t e.printStackTrace();\n\t}\n\treturn (ec);\n }\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 18 }, "region": { "startLine": 166 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 77, "level": "note", "message": { "text": "The method getResults() in [SoapRequest.java](1) ignores an exception on line [428](1), which could cause the program to overlook unexpected states and conditions.\r\nIgnoring an exception can cause the program to overlook unexpected states and conditions." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 130 }, "region": { "startLine": 428, "endLine": 429, "snippet": { "text": "\t catch (SQLException sqle)\r\n\t {}" } }, "contextRegion": { "startLine": 425, "endLine": 432, "snippet": { "text": "\t\t return results.getString(field);\n\t\t}\n\t }\n\t catch (SQLException sqle)\n\t {}\n\t}\n\tcatch (Exception e)\n\t{}\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 130 }, "region": { "startLine": 428, "endLine": 429, "snippet": { "text": "\t catch (SQLException sqle)\r\n\t {}" } }, "contextRegion": { "startLine": 425, "endLine": 432, "snippet": { "text": "\t\t return results.getString(field);\n\t\t}\n\t }\n\t catch (SQLException sqle)\n\t {}\n\t}\n\tcatch (Exception e)\n\t{}\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 130 }, "region": { "startLine": 428, "startColumn": 6, "endLine": 429 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 77, "level": "note", "message": { "text": "The method getResults() in [SoapRequest.java](1) ignores an exception on line [431](1), which could cause the program to overlook unexpected states and conditions.\r\nIgnoring an exception can cause the program to overlook unexpected states and conditions." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 130 }, "region": { "startLine": 431, "endLine": 432, "snippet": { "text": "\tcatch (Exception e)\r\n\t{}" } }, "contextRegion": { "startLine": 428, "endLine": 435, "snippet": { "text": "\t catch (SQLException sqle)\n\t {}\n\t}\n\tcatch (Exception e)\n\t{}\n\treturn null;\n }\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 130 }, "region": { "startLine": 431, "endLine": 432, "snippet": { "text": "\tcatch (Exception e)\r\n\t{}" } }, "contextRegion": { "startLine": 428, "endLine": 435, "snippet": { "text": "\t catch (SQLException sqle)\n\t {}\n\t}\n\tcatch (Exception e)\n\t{}\n\treturn null;\n }\n\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 130 }, "region": { "startLine": 431, "startColumn": 2, "endLine": 432 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 62, "level": "error", "message": { "text": "The method createContent() in [JavaScriptValidation.java](1) sends unvalidated data to a web browser on line [154](1), which can result in the browser executing malicious code.\r\nSending unvalidated data to a web browser can result in the browser executing malicious code." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 8 }, "region": { "startLine": 154, "snippet": { "text": "\t TextArea input4 = new TextArea(\"field4\", 1, 25).addElement(param4);" } }, "contextRegion": { "startLine": 151, "endLine": 157, "snippet": { "text": "\t TextArea input1 = new TextArea(\"field1\", 1, 25).addElement(param1);\n\t TextArea input2 = new TextArea(\"field2\", 1, 25).addElement(param2);\n\t TextArea input3 = new TextArea(\"field3\", 1, 25).addElement(param3);\n\t TextArea input4 = new TextArea(\"field4\", 1, 25).addElement(param4);\n\t TextArea input5 = new TextArea(\"field5\", 1, 25).addElement(param5);\n\t TextArea input6 = new TextArea(\"field6\", 1, 25).addElement(param6);\n\t TextArea input7 = new TextArea(\"field7\", 1, 25).addElement(param7);\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 0 }, { "index": 2 }, { "index": 3 }, { "index": 7 }, { "index": 10 }, { "index": 347 }, { "index": 348 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 8 }, "region": { "startLine": 154, "snippet": { "text": "\t TextArea input4 = new TextArea(\"field4\", 1, 25).addElement(param4);" } }, "contextRegion": { "startLine": 151, "endLine": 157, "snippet": { "text": "\t TextArea input1 = new TextArea(\"field1\", 1, 25).addElement(param1);\n\t TextArea input2 = new TextArea(\"field2\", 1, 25).addElement(param2);\n\t TextArea input3 = new TextArea(\"field3\", 1, 25).addElement(param3);\n\t TextArea input4 = new TextArea(\"field4\", 1, 25).addElement(param4);\n\t TextArea input5 = new TextArea(\"field5\", 1, 25).addElement(param5);\n\t TextArea input6 = new TextArea(\"field6\", 1, 25).addElement(param6);\n\t TextArea input7 = new TextArea(\"field7\", 1, 25).addElement(param7);\n" } } }, "message": { "text": "addElement(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 8 }, "region": { "startLine": 154, "startColumn": 65 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 28, "message": { "text": "The form post at [ViewProfile.jsp](1) line [118](1) must contain a user-specific secret in order to prevent an attacker from making unauthorized requests.\r\nForm posts must contain a user-specific secret in order to prevent an attacker from making unauthorized requests." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 16 }, "region": { "startLine": 118, "endLine": 121, "snippet": { "text": "\t\t\t\t\t\t
\">\r\n\t\t\t\t\t\t\t\" value=\"<%=employee.getId()%>\">\r\n\t\t\t\t\t\t\t\"/>\r\n\t\t\t\t\t\t
" } }, "contextRegion": { "startLine": 115, "endLine": 124, "snippet": { "text": "\t\t\t\t\tif (webSession.isAuthorizedInLesson(webSession.getUserIdInLesson(), CrossSiteScripting.EDITPROFILE_ACTION))\n\t\t\t\t\t{\n\t\t\t\t\t%>\n\t\t\t\t\t\t
\">\n\t\t\t\t\t\t\t\" value=\"<%=employee.getId()%>\">\n\t\t\t\t\t\t\t\"/>\n\t\t\t\t\t\t
\n\t\t\t\t\t<% \n\t\t\t\t\t}\n\t\t\t\t\t%>\t\t\t\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 16 }, "region": { "startLine": 118, "endLine": 121, "snippet": { "text": "\t\t\t\t\t\t
\">\r\n\t\t\t\t\t\t\t\" value=\"<%=employee.getId()%>\">\r\n\t\t\t\t\t\t\t\"/>\r\n\t\t\t\t\t\t
" } }, "contextRegion": { "startLine": 115, "endLine": 124, "snippet": { "text": "\t\t\t\t\tif (webSession.isAuthorizedInLesson(webSession.getUserIdInLesson(), CrossSiteScripting.EDITPROFILE_ACTION))\n\t\t\t\t\t{\n\t\t\t\t\t%>\n\t\t\t\t\t\t
\">\n\t\t\t\t\t\t\t\" value=\"<%=employee.getId()%>\">\n\t\t\t\t\t\t\t\"/>\n\t\t\t\t\t\t
\n\t\t\t\t\t<% \n\t\t\t\t\t}\n\t\t\t\t\t%>\t\t\t\n" } } } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 16 }, "region": { "startLine": 118, "startColumn": 7, "endLine": 121 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 28, "message": { "text": "The form post at [ViewProfile.jsp](1) line [130](1) must contain a user-specific secret in order to prevent an attacker from making unauthorized requests.\r\nForm posts must contain a user-specific secret in order to prevent an attacker from making unauthorized requests." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 16 }, "region": { "startLine": 130, "endLine": 133, "snippet": { "text": "\t\t\t\t\t\t
\">\r\n\t\t\t\t\t\t\t\" value=\"<%=employee.getId()%>\">\r\n\t\t\t\t\t\t\t\"/>\r\n\t\t\t\t\t\t
" } }, "contextRegion": { "startLine": 127, "endLine": 136, "snippet": { "text": "\t\t\t\t\tif (webSession.isAuthorizedInLesson(webSession.getUserIdInLesson(), CrossSiteScripting.EDITPROFILE_ACTION))\n\t\t\t\t\t{\n\t\t\t\t\t%>\n\t\t\t\t\t\t
\">\n\t\t\t\t\t\t\t\" value=\"<%=employee.getId()%>\">\n\t\t\t\t\t\t\t\"/>\n\t\t\t\t\t\t
\n\t\t\t\t\t<% \n\t\t\t\t\t}\n\t\t\t\t\t%>\t\t\t\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 16 }, "region": { "startLine": 130, "endLine": 133, "snippet": { "text": "\t\t\t\t\t\t
\">\r\n\t\t\t\t\t\t\t\" value=\"<%=employee.getId()%>\">\r\n\t\t\t\t\t\t\t\"/>\r\n\t\t\t\t\t\t
" } }, "contextRegion": { "startLine": 127, "endLine": 136, "snippet": { "text": "\t\t\t\t\tif (webSession.isAuthorizedInLesson(webSession.getUserIdInLesson(), CrossSiteScripting.EDITPROFILE_ACTION))\n\t\t\t\t\t{\n\t\t\t\t\t%>\n\t\t\t\t\t\t
\">\n\t\t\t\t\t\t\t\" value=\"<%=employee.getId()%>\">\n\t\t\t\t\t\t\t\"/>\n\t\t\t\t\t\t
\n\t\t\t\t\t<% \n\t\t\t\t\t}\n\t\t\t\t\t%>\t\t\t\n" } } } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 16 }, "region": { "startLine": 130, "startColumn": 7, "endLine": 133 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 28, "message": { "text": "The form post at [ViewProfile.jsp](1) line [143](1) must contain a user-specific secret in order to prevent an attacker from making unauthorized requests.\r\nForm posts must contain a user-specific secret in order to prevent an attacker from making unauthorized requests." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 16 }, "region": { "startLine": 143, "endLine": 146, "snippet": { "text": "\t\t\t\t\t\t
\">\r\n\t\t\t\t\t\t\t\" value=\"<%=employee.getId()%>\">\r\n\t\t\t\t\t\t\t\"/>\r\n\t\t\t\t\t\t
" } }, "contextRegion": { "startLine": 140, "endLine": 149, "snippet": { "text": "\t\t\t\t\tif (webSession.isAuthorizedInLesson(webSession.getUserIdInLesson(), CrossSiteScripting.DELETEPROFILE_ACTION))\n\t\t\t\t\t{\n\t\t\t\t\t%>\n\t\t\t\t\t\t
\">\n\t\t\t\t\t\t\t\" value=\"<%=employee.getId()%>\">\n\t\t\t\t\t\t\t\"/>\n\t\t\t\t\t\t
\n\t\t\t\t\t<% \n\t\t\t\t\t}\n\t\t\t\t\t%>\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 16 }, "region": { "startLine": 143, "endLine": 146, "snippet": { "text": "\t\t\t\t\t\t
\">\r\n\t\t\t\t\t\t\t\" value=\"<%=employee.getId()%>\">\r\n\t\t\t\t\t\t\t\"/>\r\n\t\t\t\t\t\t
" } }, "contextRegion": { "startLine": 140, "endLine": 149, "snippet": { "text": "\t\t\t\t\tif (webSession.isAuthorizedInLesson(webSession.getUserIdInLesson(), CrossSiteScripting.DELETEPROFILE_ACTION))\n\t\t\t\t\t{\n\t\t\t\t\t%>\n\t\t\t\t\t\t
\">\n\t\t\t\t\t\t\t\" value=\"<%=employee.getId()%>\">\n\t\t\t\t\t\t\t\"/>\n\t\t\t\t\t\t
\n\t\t\t\t\t<% \n\t\t\t\t\t}\n\t\t\t\t\t%>\n" } } } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 16 }, "region": { "startLine": 143, "startColumn": 7, "endLine": 146 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 28, "message": { "text": "The form post at [ViewProfile.jsp](1) line [153](1) must contain a user-specific secret in order to prevent an attacker from making unauthorized requests.\r\nForm posts must contain a user-specific secret in order to prevent an attacker from making unauthorized requests." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 16 }, "region": { "startLine": 153, "endLine": 155, "snippet": { "text": "\t\t\t\t\t\t
\r\n\t\t\t\t\t\t\t\"/>\r\n\t\t\t\t\t\t
" } }, "contextRegion": { "startLine": 150, "endLine": 158, "snippet": { "text": "\t\t\t\t\t\n  \n \n\t\t\t\t\t\t
\n\t\t\t\t\t\t\t\"/>\n\t\t\t\t\t\t
\n\t\t\t\t\t\n\t\t\t\t\n \t\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 16 }, "region": { "startLine": 153, "endLine": 155, "snippet": { "text": "\t\t\t\t\t\t
\r\n\t\t\t\t\t\t\t\"/>\r\n\t\t\t\t\t\t
" } }, "contextRegion": { "startLine": 150, "endLine": 158, "snippet": { "text": "\t\t\t\t\t\n  \n \n\t\t\t\t\t\t
\n\t\t\t\t\t\t\t\"/>\n\t\t\t\t\t\t
\n\t\t\t\t\t\n\t\t\t\t\n \t\n" } } } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 16 }, "region": { "startLine": 153, "startColumn": 7, "endLine": 155 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 28, "message": { "text": "The form post at [ViewProfile.jsp](1) line [116](1) must contain a user-specific secret in order to prevent an attacker from making unauthorized requests.\r\nForm posts must contain a user-specific secret in order to prevent an attacker from making unauthorized requests." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 44 }, "region": { "startLine": 116, "endLine": 119, "snippet": { "text": "\t\t\t\t\t\t
\">\r\n\t\t\t\t\t\t\t\" value=\"<%=employee.getId()%>\">\r\n\t\t\t\t\t\t\t\"/>\r\n\t\t\t\t\t\t
" } }, "contextRegion": { "startLine": 113, "endLine": 122, "snippet": { "text": "\t\t\t\t\t if (webSession.isAuthorizedInLesson(webSession.getUserIdInLesson(), RoleBasedAccessControl.LISTSTAFF_ACTION))\n\t\t\t\t\t {\n\t\t\t\t\t %>\n\t\t\t\t\t\t
\">\n\t\t\t\t\t\t\t\" value=\"<%=employee.getId()%>\">\n\t\t\t\t\t\t\t\"/>\n\t\t\t\t\t\t
\n\t\t\t\t\t <%\n\t\t\t\t\t }%>\n\t\t\t\t\t \n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 44 }, "region": { "startLine": 116, "endLine": 119, "snippet": { "text": "\t\t\t\t\t\t
\">\r\n\t\t\t\t\t\t\t\" value=\"<%=employee.getId()%>\">\r\n\t\t\t\t\t\t\t\"/>\r\n\t\t\t\t\t\t
" } }, "contextRegion": { "startLine": 113, "endLine": 122, "snippet": { "text": "\t\t\t\t\t if (webSession.isAuthorizedInLesson(webSession.getUserIdInLesson(), RoleBasedAccessControl.LISTSTAFF_ACTION))\n\t\t\t\t\t {\n\t\t\t\t\t %>\n\t\t\t\t\t\t
\">\n\t\t\t\t\t\t\t\" value=\"<%=employee.getId()%>\">\n\t\t\t\t\t\t\t\"/>\n\t\t\t\t\t\t
\n\t\t\t\t\t <%\n\t\t\t\t\t }%>\n\t\t\t\t\t \n" } } } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 44 }, "region": { "startLine": 116, "startColumn": 7, "endLine": 119 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 28, "message": { "text": "The form post at [ViewProfile.jsp](1) line [128](1) must contain a user-specific secret in order to prevent an attacker from making unauthorized requests.\r\nForm posts must contain a user-specific secret in order to prevent an attacker from making unauthorized requests." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 44 }, "region": { "startLine": 128, "endLine": 131, "snippet": { "text": "\t\t\t\t\t\t
\">\r\n\t\t\t\t\t\t\t\" value=\"<%=employee.getId()%>\">\r\n\t\t\t\t\t\t\t\"/>\r\n\t\t\t\t\t\t
" } }, "contextRegion": { "startLine": 125, "endLine": 134, "snippet": { "text": "\t\t\t\t\t if (webSession.isAuthorizedInLesson(webSession.getUserIdInLesson(), RoleBasedAccessControl.EDITPROFILE_ACTION))\n\t\t\t\t\t {\n\t\t\t\t\t %>\n\t\t\t\t\t\t
\">\n\t\t\t\t\t\t\t\" value=\"<%=employee.getId()%>\">\n\t\t\t\t\t\t\t\"/>\n\t\t\t\t\t\t
\n\t\t\t\t\t<%\n\t\t\t\t\t}\n\t\t\t\t\t%>\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 44 }, "region": { "startLine": 128, "endLine": 131, "snippet": { "text": "\t\t\t\t\t\t
\">\r\n\t\t\t\t\t\t\t\" value=\"<%=employee.getId()%>\">\r\n\t\t\t\t\t\t\t\"/>\r\n\t\t\t\t\t\t
" } }, "contextRegion": { "startLine": 125, "endLine": 134, "snippet": { "text": "\t\t\t\t\t if (webSession.isAuthorizedInLesson(webSession.getUserIdInLesson(), RoleBasedAccessControl.EDITPROFILE_ACTION))\n\t\t\t\t\t {\n\t\t\t\t\t %>\n\t\t\t\t\t\t
\">\n\t\t\t\t\t\t\t\" value=\"<%=employee.getId()%>\">\n\t\t\t\t\t\t\t\"/>\n\t\t\t\t\t\t
\n\t\t\t\t\t<%\n\t\t\t\t\t}\n\t\t\t\t\t%>\n" } } } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 44 }, "region": { "startLine": 128, "startColumn": 7, "endLine": 131 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 28, "message": { "text": "The form post at [ViewProfile.jsp](1) line [141](1) must contain a user-specific secret in order to prevent an attacker from making unauthorized requests.\r\nForm posts must contain a user-specific secret in order to prevent an attacker from making unauthorized requests." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 44 }, "region": { "startLine": 141, "endLine": 144, "snippet": { "text": "\t\t\t\t\t\t
\">\r\n\t\t\t\t\t\t\t\" value=\"<%=employee.getId()%>\">\r\n\t\t\t\t\t\t\t\"/>\r\n\t\t\t\t\t\t
" } }, "contextRegion": { "startLine": 138, "endLine": 147, "snippet": { "text": "\t\t\t\t\tif (webSession.isAuthorizedInLesson(webSession.getUserIdInLesson(), RoleBasedAccessControl.DELETEPROFILE_ACTION))\n\t\t\t\t\t{\n\t\t\t\t\t%>\n\t\t\t\t\t\t
\">\n\t\t\t\t\t\t\t\" value=\"<%=employee.getId()%>\">\n\t\t\t\t\t\t\t\"/>\n\t\t\t\t\t\t
\n\t\t\t\t\t<%\n\t\t\t\t\t}\n\t\t\t\t\t%>\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 44 }, "region": { "startLine": 141, "endLine": 144, "snippet": { "text": "\t\t\t\t\t\t
\">\r\n\t\t\t\t\t\t\t\" value=\"<%=employee.getId()%>\">\r\n\t\t\t\t\t\t\t\"/>\r\n\t\t\t\t\t\t
" } }, "contextRegion": { "startLine": 138, "endLine": 147, "snippet": { "text": "\t\t\t\t\tif (webSession.isAuthorizedInLesson(webSession.getUserIdInLesson(), RoleBasedAccessControl.DELETEPROFILE_ACTION))\n\t\t\t\t\t{\n\t\t\t\t\t%>\n\t\t\t\t\t\t
\">\n\t\t\t\t\t\t\t\" value=\"<%=employee.getId()%>\">\n\t\t\t\t\t\t\t\"/>\n\t\t\t\t\t\t
\n\t\t\t\t\t<%\n\t\t\t\t\t}\n\t\t\t\t\t%>\n" } } } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 44 }, "region": { "startLine": 141, "startColumn": 7, "endLine": 144 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 28, "message": { "text": "The form post at [ViewProfile.jsp](1) line [151](1) must contain a user-specific secret in order to prevent an attacker from making unauthorized requests.\r\nForm posts must contain a user-specific secret in order to prevent an attacker from making unauthorized requests." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 44 }, "region": { "startLine": 151, "endLine": 153, "snippet": { "text": "\t\t\t\t\t\t
\r\n\t\t\t\t\t\t\t\"/>\r\n\t\t\t\t\t\t
" } }, "contextRegion": { "startLine": 148, "endLine": 156, "snippet": { "text": "\t\t\t\t\t\n  \n \n\t\t\t\t\t\t
\n\t\t\t\t\t\t\t\"/>\n\t\t\t\t\t\t
\n\t\t\t\t\t\n\t\t\t\t\n \t\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 44 }, "region": { "startLine": 151, "endLine": 153, "snippet": { "text": "\t\t\t\t\t\t
\r\n\t\t\t\t\t\t\t\"/>\r\n\t\t\t\t\t\t
" } }, "contextRegion": { "startLine": 148, "endLine": 156, "snippet": { "text": "\t\t\t\t\t\n  \n \n\t\t\t\t\t\t
\n\t\t\t\t\t\t\t\"/>\n\t\t\t\t\t\t
\n\t\t\t\t\t\n\t\t\t\t\n \t\n" } } } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 44 }, "region": { "startLine": 151, "startColumn": 7, "endLine": 153 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 28, "message": { "text": "The form post at [ViewProfile.jsp](1) line [112](1) must contain a user-specific secret in order to prevent an attacker from making unauthorized requests.\r\nForm posts must contain a user-specific secret in order to prevent an attacker from making unauthorized requests." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 27 }, "region": { "startLine": 112, "endLine": 115, "snippet": { "text": "\t\t\t\t\t\t
\">\r\n\t\t\t\t\t\t\t\" value=\"<%=employee.getId()%>\">\r\n\t\t\t\t\t\t\t\"/>\r\n\t\t\t\t\t\t
" } }, "contextRegion": { "startLine": 109, "endLine": 118, "snippet": { "text": "\t\t\t\t\t if (webSession.isAuthorizedInLesson(webSession.getUserIdInLesson(), SQLInjection.LISTSTAFF_ACTION))\n\t\t\t\t\t {\n\t\t\t\t\t %> \t\n\t\t\t\t\t\t
\">\n\t\t\t\t\t\t\t\" value=\"<%=employee.getId()%>\">\n\t\t\t\t\t\t\t\"/>\n\t\t\t\t\t\t
\n\t\t\t\t\t <%\n\t\t\t\t\t }\n\t\t\t\t\t %>\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 27 }, "region": { "startLine": 112, "endLine": 115, "snippet": { "text": "\t\t\t\t\t\t
\">\r\n\t\t\t\t\t\t\t\" value=\"<%=employee.getId()%>\">\r\n\t\t\t\t\t\t\t\"/>\r\n\t\t\t\t\t\t
" } }, "contextRegion": { "startLine": 109, "endLine": 118, "snippet": { "text": "\t\t\t\t\t if (webSession.isAuthorizedInLesson(webSession.getUserIdInLesson(), SQLInjection.LISTSTAFF_ACTION))\n\t\t\t\t\t {\n\t\t\t\t\t %> \t\n\t\t\t\t\t\t
\">\n\t\t\t\t\t\t\t\" value=\"<%=employee.getId()%>\">\n\t\t\t\t\t\t\t\"/>\n\t\t\t\t\t\t
\n\t\t\t\t\t <%\n\t\t\t\t\t }\n\t\t\t\t\t %>\n" } } } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 27 }, "region": { "startLine": 112, "startColumn": 7, "endLine": 115 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 28, "message": { "text": "The form post at [ViewProfile.jsp](1) line [125](1) must contain a user-specific secret in order to prevent an attacker from making unauthorized requests.\r\nForm posts must contain a user-specific secret in order to prevent an attacker from making unauthorized requests." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 27 }, "region": { "startLine": 125, "endLine": 128, "snippet": { "text": "\t\t\t\t\t\t
\">\r\n\t\t\t\t\t\t\t\" value=\"<%=employee.getId()%>\">\r\n\t\t\t\t\t\t\t\"/>\r\n\t\t\t\t\t\t
" } }, "contextRegion": { "startLine": 122, "endLine": 131, "snippet": { "text": "\t\t\t\t\t if (webSession.isAuthorizedInLesson(webSession.getUserIdInLesson(), SQLInjection.EDITPROFILE_ACTION))\n\t\t\t\t\t {\n\t\t\t\t\t %>\n\t\t\t\t\t\t
\">\n\t\t\t\t\t\t\t\" value=\"<%=employee.getId()%>\">\n\t\t\t\t\t\t\t\"/>\n\t\t\t\t\t\t
\n\t\t\t\t\t<%\n\t\t\t\t\t}\n\t\t\t\t\t%>\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 27 }, "region": { "startLine": 125, "endLine": 128, "snippet": { "text": "\t\t\t\t\t\t
\">\r\n\t\t\t\t\t\t\t\" value=\"<%=employee.getId()%>\">\r\n\t\t\t\t\t\t\t\"/>\r\n\t\t\t\t\t\t
" } }, "contextRegion": { "startLine": 122, "endLine": 131, "snippet": { "text": "\t\t\t\t\t if (webSession.isAuthorizedInLesson(webSession.getUserIdInLesson(), SQLInjection.EDITPROFILE_ACTION))\n\t\t\t\t\t {\n\t\t\t\t\t %>\n\t\t\t\t\t\t
\">\n\t\t\t\t\t\t\t\" value=\"<%=employee.getId()%>\">\n\t\t\t\t\t\t\t\"/>\n\t\t\t\t\t\t
\n\t\t\t\t\t<%\n\t\t\t\t\t}\n\t\t\t\t\t%>\n" } } } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 27 }, "region": { "startLine": 125, "startColumn": 7, "endLine": 128 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 28, "message": { "text": "The form post at [ViewProfile.jsp](1) line [138](1) must contain a user-specific secret in order to prevent an attacker from making unauthorized requests.\r\nForm posts must contain a user-specific secret in order to prevent an attacker from making unauthorized requests." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 27 }, "region": { "startLine": 138, "endLine": 141, "snippet": { "text": "\t\t\t\t\t\t
\">\r\n\t\t\t\t\t\t\t\" value=\"<%=employee.getId()%>\">\r\n\t\t\t\t\t\t\t\"/>\r\n\t\t\t\t\t\t
" } }, "contextRegion": { "startLine": 135, "endLine": 144, "snippet": { "text": "\t\t\t\t\tif (webSession.isAuthorizedInLesson(webSession.getUserIdInLesson(), SQLInjection.DELETEPROFILE_ACTION))\n\t\t\t\t\t{\n\t\t\t\t\t%>\n\t\t\t\t\t\t
\">\n\t\t\t\t\t\t\t\" value=\"<%=employee.getId()%>\">\n\t\t\t\t\t\t\t\"/>\n\t\t\t\t\t\t
\n\t\t\t\t\t<%\n\t\t\t\t\t}\n\t\t\t\t\t%>\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 27 }, "region": { "startLine": 138, "endLine": 141, "snippet": { "text": "\t\t\t\t\t\t
\">\r\n\t\t\t\t\t\t\t\" value=\"<%=employee.getId()%>\">\r\n\t\t\t\t\t\t\t\"/>\r\n\t\t\t\t\t\t
" } }, "contextRegion": { "startLine": 135, "endLine": 144, "snippet": { "text": "\t\t\t\t\tif (webSession.isAuthorizedInLesson(webSession.getUserIdInLesson(), SQLInjection.DELETEPROFILE_ACTION))\n\t\t\t\t\t{\n\t\t\t\t\t%>\n\t\t\t\t\t\t
\">\n\t\t\t\t\t\t\t\" value=\"<%=employee.getId()%>\">\n\t\t\t\t\t\t\t\"/>\n\t\t\t\t\t\t
\n\t\t\t\t\t<%\n\t\t\t\t\t}\n\t\t\t\t\t%>\n" } } } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 27 }, "region": { "startLine": 138, "startColumn": 7, "endLine": 141 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 28, "message": { "text": "The form post at [ViewProfile.jsp](1) line [148](1) must contain a user-specific secret in order to prevent an attacker from making unauthorized requests.\r\nForm posts must contain a user-specific secret in order to prevent an attacker from making unauthorized requests." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 27 }, "region": { "startLine": 148, "endLine": 150, "snippet": { "text": "\t\t\t\t\t\t
\r\n\t\t\t\t\t\t\t\"/>\r\n\t\t\t\t\t\t
" } }, "contextRegion": { "startLine": 145, "endLine": 153, "snippet": { "text": "\t\t\t\t\t\n  \n \n\t\t\t\t\t\t
\n\t\t\t\t\t\t\t\"/>\n\t\t\t\t\t\t
\n\t\t\t\t\t\n\t\t\t\t\n \t\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 27 }, "region": { "startLine": 148, "endLine": 150, "snippet": { "text": "\t\t\t\t\t\t
\r\n\t\t\t\t\t\t\t\"/>\r\n\t\t\t\t\t\t
" } }, "contextRegion": { "startLine": 145, "endLine": 153, "snippet": { "text": "\t\t\t\t\t\n  \n \n\t\t\t\t\t\t
\n\t\t\t\t\t\t\t\"/>\n\t\t\t\t\t\t
\n\t\t\t\t\t\n\t\t\t\t\n \t\n" } } } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 27 }, "region": { "startLine": 148, "startColumn": 7, "endLine": 150 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function handleRequest() in [SQLInjection.java](1) might reveal system data or debugging information by calling printStackTrace() on line [348](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 57 }, "region": { "startLine": 348, "snippet": { "text": "\t\tve.printStackTrace();" } }, "contextRegion": { "startLine": 345, "endLine": 351, "snippet": { "text": "\t catch (ValidationException ve)\n\t {\n\t\tSystem.out.println(\"Validation failed\");\n\t\tve.printStackTrace();\n\t\tsetCurrentAction(s, ERROR_ACTION);\n\t }\n\t catch (UnauthenticatedException ue)\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 57 }, "region": { "startLine": 348, "snippet": { "text": "\t\tve.printStackTrace();" } }, "contextRegion": { "startLine": 345, "endLine": 351, "snippet": { "text": "\t catch (ValidationException ve)\n\t {\n\t\tSystem.out.println(\"Validation failed\");\n\t\tve.printStackTrace();\n\t\tsetCurrentAction(s, ERROR_ACTION);\n\t }\n\t catch (UnauthenticatedException ue)\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 57 }, "region": { "startLine": 348 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 125, "level": "error", "message": { "text": "The method _jspService() in [EditProfile.jsp](1) mishandles confidential information, which can compromise user privacy and is often illegal.\r\nMishandling private information, such as customer passwords or social security numbers, can compromise user privacy and is often illegal." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 79 }, "region": { "startLine": 54, "snippet": { "text": "\t\t\t \t\t\" type=\"text\" value=\"<%=employee.getSsn()%>\"/> " } }, "contextRegion": { "startLine": 51, "endLine": 57, "snippet": { "text": "\t\t\t \t\tSSN: \n\t\t\t \t\n\t\t\t \t\n\t\t\t \t\t\" type=\"text\" value=\"<%=employee.getSsn()%>\"/> \n\t\t\t\t\t\n\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\tSalary: \n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 349 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 79 }, "region": { "startLine": 54, "snippet": { "text": "\t\t\t \t\t\" type=\"text\" value=\"<%=employee.getSsn()%>\"/> " } }, "contextRegion": { "startLine": 51, "endLine": 57, "snippet": { "text": "\t\t\t \t\tSSN: \n\t\t\t \t\n\t\t\t \t\n\t\t\t \t\t\" type=\"text\" value=\"<%=employee.getSsn()%>\"/> \n\t\t\t\t\t\n\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\tSalary: \n" } } }, "message": { "text": "print(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 79 }, "region": { "startLine": 54 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function getEmployeeProfile_BACKUP() in [ViewProfile.java](1) might reveal system data or debugging information by calling printStackTrace() on line [226](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 66 }, "region": { "startLine": 226, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 223, "endLine": 229, "snippet": { "text": "\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error getting employee profile\");\n\t e.printStackTrace();\n\t}\n\n\treturn profile;\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 66 }, "region": { "startLine": 226, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 223, "endLine": 229, "snippet": { "text": "\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error getting employee profile\");\n\t e.printStackTrace();\n\t}\n\n\treturn profile;\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 66 }, "region": { "startLine": 226 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function getEmployeeProfile() in [ViewProfile.java](1) might reveal system data or debugging information by calling printStackTrace() on line [152](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 38 }, "region": { "startLine": 152, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 149, "endLine": 155, "snippet": { "text": "\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error getting employee profile\");\n\t e.printStackTrace();\n\t}\n\n\treturn profile;\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 38 }, "region": { "startLine": 152, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 149, "endLine": 155, "snippet": { "text": "\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error getting employee profile\");\n\t e.printStackTrace();\n\t}\n\n\treturn profile;\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 38 }, "region": { "startLine": 152 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 17, "message": { "text": "The catch block at [RoleBasedAccessControl.java](1) line [360](1) handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program.\r\nThe catch block handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 360, "endLine": 366, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t // All other errors send the user to the generic error page\r\n\t System.out.println(\"handleRequest() error\");\r\n\t e.printStackTrace();\r\n\t setCurrentAction(s, ERROR_ACTION);\r\n\t}" } }, "contextRegion": { "startLine": 357, "endLine": 369, "snippet": { "text": "\t setCurrentAction(s, ERROR_ACTION);\n\t ue2.printStackTrace();\n\t}\n\tcatch (Exception e)\n\t{\n\t // All other errors send the user to the generic error page\n\t System.out.println(\"handleRequest() error\");\n\t e.printStackTrace();\n\t setCurrentAction(s, ERROR_ACTION);\n\t}\n\n\t// All this does for this lesson is ensure that a non-null content exists.\n\tsetContent(new ElementContainer());\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 360, "endLine": 366, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t // All other errors send the user to the generic error page\r\n\t System.out.println(\"handleRequest() error\");\r\n\t e.printStackTrace();\r\n\t setCurrentAction(s, ERROR_ACTION);\r\n\t}" } }, "contextRegion": { "startLine": 357, "endLine": 369, "snippet": { "text": "\t setCurrentAction(s, ERROR_ACTION);\n\t ue2.printStackTrace();\n\t}\n\tcatch (Exception e)\n\t{\n\t // All other errors send the user to the generic error page\n\t System.out.println(\"handleRequest() error\");\n\t e.printStackTrace();\n\t setCurrentAction(s, ERROR_ACTION);\n\t}\n\n\t// All this does for this lesson is ensure that a non-null content exists.\n\tsetContent(new ElementContainer());\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 360, "startColumn": 2, "endLine": 366 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 69, "message": { "text": "The declaration of equals() in Category fails to compare its parameter with null, which is a violation of the method's contract.\r\nThis function violates the contract that it must compare its parameter with null." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 31 }, "region": { "startLine": 83, "snippet": { "text": "\treturn getName().equals(((Category) obj).getName());" } }, "contextRegion": { "startLine": 80, "endLine": 86, "snippet": { "text": "\n public boolean equals(Object obj)\n {\n\treturn getName().equals(((Category) obj).getName());\n }\n\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 31 }, "region": { "startLine": 83, "snippet": { "text": "\treturn getName().equals(((Category) obj).getName());" } }, "contextRegion": { "startLine": 80, "endLine": 86, "snippet": { "text": "\n public boolean equals(Object obj)\n {\n\treturn getName().equals(((Category) obj).getName());\n }\n\n\n" } } }, "message": { "text": "obj.getName() : obj used without null check" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 31 }, "region": { "startLine": 83 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 53, "message": { "text": "The J2EE standard forbids the direct management of connections." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 17 }, "region": { "startLine": 105, "snippet": { "text": "\t\treturn DriverManager.getConnection(\"jdbc:idb:\" + dbName);" } }, "contextRegion": { "startLine": 102, "endLine": 108, "snippet": { "text": "\t {\n\t\tdbName = dbName.concat(\"database.prp\");\n\t\tClass.forName(\"org.enhydra.instantdb.jdbc.idbDriver\");\n\t\treturn DriverManager.getConnection(\"jdbc:idb:\" + dbName);\n\t }\n\t}\n\tcatch (Exception e)\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 17 }, "region": { "startLine": 105, "snippet": { "text": "\t\treturn DriverManager.getConnection(\"jdbc:idb:\" + dbName);" } }, "contextRegion": { "startLine": 102, "endLine": 108, "snippet": { "text": "\t {\n\t\tdbName = dbName.concat(\"database.prp\");\n\t\tClass.forName(\"org.enhydra.instantdb.jdbc.idbDriver\");\n\t\treturn DriverManager.getConnection(\"jdbc:idb:\" + dbName);\n\t }\n\t}\n\tcatch (Exception e)\n" } } }, "message": { "text": "getConnection()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 17 }, "region": { "startLine": 105 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 42, "message": { "text": "The method setSessionAttribute() in [DefaultLessonAction.java](1) commingles trusted and untrusted data in the same data structure, which encourages programmers to mistakenly trust unvalidated data.\r\nCommingling trusted and untrusted data in the same data structure encourages programmers to mistakenly trust unvalidated data." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 106 }, "region": { "startLine": 89, "snippet": { "text": "\t\ts.getRequest().getSession().setAttribute(name, value);" } }, "contextRegion": { "startLine": 86, "endLine": 92, "snippet": { "text": "\t\n\tpublic void setSessionAttribute(WebSession s, String name, Object value)\n\t{\n\t\ts.getRequest().getSession().setAttribute(name, value);\n\t}\n\t\n\tpublic void setRequestAttribute(WebSession s, String name, Object value)\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 350 }, { "index": 351 }, { "index": 352 }, { "index": 353 }, { "index": 355 }, { "index": 356 }, { "index": 357 }, { "index": 358 }, { "index": 359 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 106 }, "region": { "startLine": 89, "snippet": { "text": "\t\ts.getRequest().getSession().setAttribute(name, value);" } }, "contextRegion": { "startLine": 86, "endLine": 92, "snippet": { "text": "\t\n\tpublic void setSessionAttribute(WebSession s, String name, Object value)\n\t{\n\t\ts.getRequest().getSession().setAttribute(name, value);\n\t}\n\t\n\tpublic void setRequestAttribute(WebSession s, String name, Object value)\n" } } }, "message": { "text": "setAttribute(1)" } }, "kinds": [ "call", "function" ] } ] } ] }, { "threadFlows": [ { "locations": [ { "index": 350 }, { "index": 351 }, { "index": 360 }, { "index": 361 }, { "index": 355 }, { "index": 356 }, { "index": 363 }, { "index": 358 }, { "index": 359 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 106 }, "region": { "startLine": 89, "snippet": { "text": "\t\ts.getRequest().getSession().setAttribute(name, value);" } }, "contextRegion": { "startLine": 86, "endLine": 92, "snippet": { "text": "\t\n\tpublic void setSessionAttribute(WebSession s, String name, Object value)\n\t{\n\t\ts.getRequest().getSession().setAttribute(name, value);\n\t}\n\t\n\tpublic void setRequestAttribute(WebSession s, String name, Object value)\n" } } }, "message": { "text": "setAttribute(1)" } }, "kinds": [ "call", "function" ] } ] } ] }, { "threadFlows": [ { "locations": [ { "index": 350 }, { "index": 351 }, { "index": 364 }, { "index": 365 }, { "index": 355 }, { "index": 356 }, { "index": 367 }, { "index": 358 }, { "index": 359 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 106 }, "region": { "startLine": 89, "snippet": { "text": "\t\ts.getRequest().getSession().setAttribute(name, value);" } }, "contextRegion": { "startLine": 86, "endLine": 92, "snippet": { "text": "\t\n\tpublic void setSessionAttribute(WebSession s, String name, Object value)\n\t{\n\t\ts.getRequest().getSession().setAttribute(name, value);\n\t}\n\t\n\tpublic void setRequestAttribute(WebSession s, String name, Object value)\n" } } }, "message": { "text": "setAttribute(1)" } }, "kinds": [ "call", "function" ] } ] } ] }, { "threadFlows": [ { "locations": [ { "index": 350 }, { "index": 351 }, { "index": 364 }, { "index": 368 }, { "index": 355 }, { "index": 356 }, { "index": 369 }, { "index": 358 }, { "index": 359 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 106 }, "region": { "startLine": 89, "snippet": { "text": "\t\ts.getRequest().getSession().setAttribute(name, value);" } }, "contextRegion": { "startLine": 86, "endLine": 92, "snippet": { "text": "\t\n\tpublic void setSessionAttribute(WebSession s, String name, Object value)\n\t{\n\t\ts.getRequest().getSession().setAttribute(name, value);\n\t}\n\t\n\tpublic void setRequestAttribute(WebSession s, String name, Object value)\n" } } }, "message": { "text": "setAttribute(1)" } }, "kinds": [ "call", "function" ] } ] } ] }, { "threadFlows": [ { "locations": [ { "index": 350 }, { "index": 351 }, { "index": 370 }, { "index": 371 }, { "index": 355 }, { "index": 356 }, { "index": 372 }, { "index": 358 }, { "index": 359 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 106 }, "region": { "startLine": 89, "snippet": { "text": "\t\ts.getRequest().getSession().setAttribute(name, value);" } }, "contextRegion": { "startLine": 86, "endLine": 92, "snippet": { "text": "\t\n\tpublic void setSessionAttribute(WebSession s, String name, Object value)\n\t{\n\t\ts.getRequest().getSession().setAttribute(name, value);\n\t}\n\t\n\tpublic void setRequestAttribute(WebSession s, String name, Object value)\n" } } }, "message": { "text": "setAttribute(1)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 106 }, "region": { "startLine": 89, "startColumn": 50 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 17, "message": { "text": "The catch block at [PathBasedAccessControl.java](1) line [205](1) handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program.\r\nThe catch block handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 52 }, "region": { "startLine": 205, "endLine": 211, "snippet": { "text": "\t\tcatch (Exception e)\r\n\t\t{\r\n\t\t ec.addElement(new BR());\r\n\t\t ec\r\n\t\t\t .addElement(\"The following error occurred while accessing the file: <\");\r\n\t\t ec.addElement(e.getMessage());\r\n\t\t}" } }, "contextRegion": { "startLine": 202, "endLine": 214, "snippet": { "text": "\t\t\t\t \"
\\\\s
\", \"
\").replaceAll(\"<\\\\?\",\n\t\t\t\t \"<\").replaceAll(\"<(r|u|t)\", \"<$1\")));\n\t\t}\n\t\tcatch (Exception e)\n\t\t{\n\t\t ec.addElement(new BR());\n\t\t ec\n\t\t\t .addElement(\"The following error occurred while accessing the file: <\");\n\t\t ec.addElement(e.getMessage());\n\t\t}\n\t }\n\t}\n\tcatch (Exception e)\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 52 }, "region": { "startLine": 205, "endLine": 211, "snippet": { "text": "\t\tcatch (Exception e)\r\n\t\t{\r\n\t\t ec.addElement(new BR());\r\n\t\t ec\r\n\t\t\t .addElement(\"The following error occurred while accessing the file: <\");\r\n\t\t ec.addElement(e.getMessage());\r\n\t\t}" } }, "contextRegion": { "startLine": 202, "endLine": 214, "snippet": { "text": "\t\t\t\t \"
\\\\s
\", \"
\").replaceAll(\"<\\\\?\",\n\t\t\t\t \"<\").replaceAll(\"<(r|u|t)\", \"<$1\")));\n\t\t}\n\t\tcatch (Exception e)\n\t\t{\n\t\t ec.addElement(new BR());\n\t\t ec\n\t\t\t .addElement(\"The following error occurred while accessing the file: <\");\n\t\t ec.addElement(e.getMessage());\n\t\t}\n\t }\n\t}\n\tcatch (Exception e)\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 52 }, "region": { "startLine": 205, "startColumn": 3, "endLine": 211 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 17, "message": { "text": "The catch block at [PathBasedAccessControl.java](1) line [214](1) handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program.\r\nThe catch block handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 52 }, "region": { "startLine": 214, "endLine": 218, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\r\n\t e.printStackTrace();\r\n\t}" } }, "contextRegion": { "startLine": 211, "endLine": 221, "snippet": { "text": "\t\t}\n\t }\n\t}\n\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\n\t e.printStackTrace();\n\t}\n\n\treturn (ec);\n }\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 52 }, "region": { "startLine": 214, "endLine": 218, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\r\n\t e.printStackTrace();\r\n\t}" } }, "contextRegion": { "startLine": 211, "endLine": 221, "snippet": { "text": "\t\t}\n\t }\n\t}\n\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\n\t e.printStackTrace();\n\t}\n\n\treturn (ec);\n }\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 52 }, "region": { "startLine": 214, "startColumn": 2, "endLine": 218 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 77, "level": "note", "message": { "text": "The method createContent() in [LessonAdapter.java](1) ignores an exception on line [101](1), which could cause the program to overlook unexpected states and conditions.\r\nIgnoring an exception can cause the program to overlook unexpected states and conditions." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 116 }, "region": { "startLine": 101, "endLine": 102, "snippet": { "text": "\t catch (Exception e)\r\n\t {}" } }, "contextRegion": { "startLine": 98, "endLine": 105, "snippet": { "text": "\t\t}\n\t\tec.addElement(pre);\n\t }\n\t catch (Exception e)\n\t {}\n\t}\n\treturn (ec);\n }\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 116 }, "region": { "startLine": 101, "endLine": 102, "snippet": { "text": "\t catch (Exception e)\r\n\t {}" } }, "contextRegion": { "startLine": 98, "endLine": 105, "snippet": { "text": "\t\t}\n\t\tec.addElement(pre);\n\t }\n\t catch (Exception e)\n\t {}\n\t}\n\treturn (ec);\n }\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 116 }, "region": { "startLine": 101, "startColumn": 6, "endLine": 102 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 17, "message": { "text": "The catch block at [UpdateProfile.java](1) line [257](1) handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program.\r\nThe catch block handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 257, "endLine": 261, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t s.setMessage(\"Error updating employee profile\");\r\n\t e.printStackTrace();\r\n\t}" } }, "contextRegion": { "startLine": 254, "endLine": 264, "snippet": { "text": "\t }\n\n\t}\n\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error updating employee profile\");\n\t e.printStackTrace();\n\t}\n }\n\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 257, "endLine": 261, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t s.setMessage(\"Error updating employee profile\");\r\n\t e.printStackTrace();\r\n\t}" } }, "contextRegion": { "startLine": 254, "endLine": 264, "snippet": { "text": "\t }\n\n\t}\n\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error updating employee profile\");\n\t e.printStackTrace();\n\t}\n }\n\n\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 257, "startColumn": 2, "endLine": 261 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 137, "message": { "text": "Non-final public static fields can be changed by external classes." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 130 }, "region": { "startLine": 74, "snippet": { "text": " public static Connection connection = null;" } }, "contextRegion": { "startLine": 71, "endLine": 77, "snippet": { "text": " */\n\n //static boolean completed;\n public static Connection connection = null;\n\n public final static String firstName = \"getFirstName\";\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 130 }, "region": { "startLine": 74, "snippet": { "text": " public static Connection connection = null;" } }, "contextRegion": { "startLine": 71, "endLine": 77, "snippet": { "text": " */\n\n //static boolean completed;\n public static Connection connection = null;\n\n public final static String firstName = \"getFirstName\";\n\n" } } }, "message": { "text": "Field: connection" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 130 }, "region": { "startLine": 74 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 17, "message": { "text": "The catch block at [LessonAdapter.java](1) line [101](1) handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program.\r\nThe catch block handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 116 }, "region": { "startLine": 101, "endLine": 102, "snippet": { "text": "\t catch (Exception e)\r\n\t {}" } }, "contextRegion": { "startLine": 98, "endLine": 105, "snippet": { "text": "\t\t}\n\t\tec.addElement(pre);\n\t }\n\t catch (Exception e)\n\t {}\n\t}\n\treturn (ec);\n }\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 116 }, "region": { "startLine": 101, "endLine": 102, "snippet": { "text": "\t catch (Exception e)\r\n\t {}" } }, "contextRegion": { "startLine": 98, "endLine": 105, "snippet": { "text": "\t\t}\n\t\tec.addElement(pre);\n\t }\n\t catch (Exception e)\n\t {}\n\t}\n\treturn (ec);\n }\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 116 }, "region": { "startLine": 101, "startColumn": 6, "endLine": 102 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 125, "level": "error", "message": { "text": "The method _jspService() in [EditProfile.jsp](1) mishandles confidential information, which can compromise user privacy and is often illegal.\r\nMishandling private information, such as customer passwords or social security numbers, can compromise user privacy and is often illegal." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 42 }, "region": { "startLine": 73, "snippet": { "text": "\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getCcnLimit()%>\"/>" } }, "contextRegion": { "startLine": 70, "endLine": 76, "snippet": { "text": "\t\t\t\t\t\tCredit Card Limit: \n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getCcnLimit()%>\"/>\n\t\t\t\t\t\n\t\t\t\t\n\t\t\t\t\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 386 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 42 }, "region": { "startLine": 73, "snippet": { "text": "\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getCcnLimit()%>\"/>" } }, "contextRegion": { "startLine": 70, "endLine": 76, "snippet": { "text": "\t\t\t\t\t\tCredit Card Limit: \n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getCcnLimit()%>\"/>\n\t\t\t\t\t\n\t\t\t\t\n\t\t\t\t\n" } } }, "message": { "text": "print(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 42 }, "region": { "startLine": 73 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 62, "level": "error", "message": { "text": "The method makeUser() in [ReportCardScreen.java](1) sends unvalidated data to a web browser on line [295](1), which can result in the browser executing malicious code.\r\nSending unvalidated data to a web browser can result in the browser executing malicious code." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 55 }, "region": { "startLine": 295, "snippet": { "text": "\th2.addElement(new StringElement(\"Results for: \" + user + type));" } }, "contextRegion": { "startLine": 292, "endLine": 298, "snippet": { "text": "\t// FIXME: The session is the current session, not the session of the user we are reporting.\n\t//String type = s.isAdmin() ? \" [Administrative User]\" : s.isHackedAdmin() ? \" [Normal User - Hacked Admin Access]\" : \" [Normal User]\";\n\tString type = \"\";\n\th2.addElement(new StringElement(\"Results for: \" + user + type));\n\treturn h2;\n }\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 257 }, { "index": 258 }, { "index": 373 }, { "index": 374 }, { "index": 375 }, { "index": 376 }, { "index": 378 }, { "index": 379 }, { "index": 382 }, { "index": 383 }, { "index": 385 }, { "index": 387 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 55 }, "region": { "startLine": 295, "snippet": { "text": "\th2.addElement(new StringElement(\"Results for: \" + user + type));" } }, "contextRegion": { "startLine": 292, "endLine": 298, "snippet": { "text": "\t// FIXME: The session is the current session, not the session of the user we are reporting.\n\t//String type = s.isAdmin() ? \" [Administrative User]\" : s.isHackedAdmin() ? \" [Normal User - Hacked Admin Access]\" : \" [Normal User]\";\n\tString type = \"\";\n\th2.addElement(new StringElement(\"Results for: \" + user + type));\n\treturn h2;\n }\n\n" } } }, "message": { "text": "addElement(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 55 }, "region": { "startLine": 295, "startColumn": 16 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 63, "message": { "text": "The method parseResults() in [CommandInjection.java](1) ignores the value returned by replaceAll() on line [220](1), which could cause the program to overlook unexpected states and conditions.\r\nIgnoring a method's return value can cause the program to overlook unexpected states and conditions." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 220, "snippet": { "text": " \tresults.replaceAll(\"(?s).*Output...\\\\s\", \"\").replaceAll(\"(?s)Returncode.*\", \"\");" } }, "contextRegion": { "startLine": 217, "endLine": 223, "snippet": { "text": "\n private String parseResults(String results)\n {\n \tresults.replaceAll(\"(?s).*Output...\\\\s\", \"\").replaceAll(\"(?s)Returncode.*\", \"\");\n \tStringTokenizer st = new StringTokenizer(results, \"\\n\");\n \tStringBuffer modified = new StringBuffer();\n \t\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 220, "snippet": { "text": " \tresults.replaceAll(\"(?s).*Output...\\\\s\", \"\").replaceAll(\"(?s)Returncode.*\", \"\");" } }, "contextRegion": { "startLine": 217, "endLine": 223, "snippet": { "text": "\n private String parseResults(String results)\n {\n \tresults.replaceAll(\"(?s).*Output...\\\\s\", \"\").replaceAll(\"(?s)Returncode.*\", \"\");\n \tStringTokenizer st = new StringTokenizer(results, \"\\n\");\n \tStringBuffer modified = new StringBuffer();\n \t\n" } } }, "message": { "text": "replaceAll()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 220 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 17, "message": { "text": "The catch block at [UpdateProfile.java](1) line [185](1) handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program.\r\nThe catch block handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 101 }, "region": { "startLine": 185, "endLine": 189, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t s.setMessage(\"Error updating employee profile\");\r\n\t e.printStackTrace();\r\n\t}" } }, "contextRegion": { "startLine": 182, "endLine": 192, "snippet": { "text": "\t }\n\n\t}\n\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error updating employee profile\");\n\t e.printStackTrace();\n\t}\n }\n\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 101 }, "region": { "startLine": 185, "endLine": 189, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t s.setMessage(\"Error updating employee profile\");\r\n\t e.printStackTrace();\r\n\t}" } }, "contextRegion": { "startLine": 182, "endLine": 192, "snippet": { "text": "\t }\n\n\t}\n\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error updating employee profile\");\n\t e.printStackTrace();\n\t}\n }\n\n\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 101 }, "region": { "startLine": 185, "startColumn": 2, "endLine": 189 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function getAllEmployees() in [ListStaff.java](1) might reveal system data or debugging information by calling printStackTrace() on line [115](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 104 }, "region": { "startLine": 115, "snippet": { "text": "\t\tsqle.printStackTrace();" } }, "contextRegion": { "startLine": 112, "endLine": 118, "snippet": { "text": "\t catch (SQLException sqle)\n\t {\n\t\ts.setMessage(\"Error getting employees\");\n\t\tsqle.printStackTrace();\n\t }\n\t}\n\tcatch (Exception e)\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 104 }, "region": { "startLine": 115, "snippet": { "text": "\t\tsqle.printStackTrace();" } }, "contextRegion": { "startLine": 112, "endLine": 118, "snippet": { "text": "\t catch (SQLException sqle)\n\t {\n\t\ts.setMessage(\"Error getting employees\");\n\t\tsqle.printStackTrace();\n\t }\n\t}\n\tcatch (Exception e)\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 104 }, "region": { "startLine": 115 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 17, "message": { "text": "The catch block at [AbstractLesson.java](1) line [810](1) handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program.\r\nThe catch block handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 75 }, "region": { "startLine": 810, "endLine": 814, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t s.setMessage(\"Error authorizing\");\r\n\t e.printStackTrace();\r\n\t}" } }, "contextRegion": { "startLine": 807, "endLine": 817, "snippet": { "text": "\t\tsqle.printStackTrace();\n\t }\n\t}\n\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error authorizing\");\n\t e.printStackTrace();\n\t}\n\treturn authorized;\n }\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 75 }, "region": { "startLine": 810, "endLine": 814, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t s.setMessage(\"Error authorizing\");\r\n\t e.printStackTrace();\r\n\t}" } }, "contextRegion": { "startLine": 807, "endLine": 817, "snippet": { "text": "\t\tsqle.printStackTrace();\n\t }\n\t}\n\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error authorizing\");\n\t e.printStackTrace();\n\t}\n\treturn authorized;\n }\n\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 75 }, "region": { "startLine": 810, "startColumn": 2, "endLine": 814 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 42, "message": { "text": "The method setSessionAttribute() in [DefaultLessonAction.java](1) commingles trusted and untrusted data in the same data structure, which encourages programmers to mistakenly trust unvalidated data.\r\nCommingling trusted and untrusted data in the same data structure encourages programmers to mistakenly trust unvalidated data." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 106 }, "region": { "startLine": 89, "snippet": { "text": "\t\ts.getRequest().getSession().setAttribute(name, value);" } }, "contextRegion": { "startLine": 86, "endLine": 92, "snippet": { "text": "\t\n\tpublic void setSessionAttribute(WebSession s, String name, Object value)\n\t{\n\t\ts.getRequest().getSession().setAttribute(name, value);\n\t}\n\t\n\tpublic void setRequestAttribute(WebSession s, String name, Object value)\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 377 }, { "index": 380 }, { "index": 381 }, { "index": 384 }, { "index": 388 }, { "index": 389 }, { "index": 390 }, { "index": 391 }, { "index": 392 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 106 }, "region": { "startLine": 89, "snippet": { "text": "\t\ts.getRequest().getSession().setAttribute(name, value);" } }, "contextRegion": { "startLine": 86, "endLine": 92, "snippet": { "text": "\t\n\tpublic void setSessionAttribute(WebSession s, String name, Object value)\n\t{\n\t\ts.getRequest().getSession().setAttribute(name, value);\n\t}\n\t\n\tpublic void setRequestAttribute(WebSession s, String name, Object value)\n" } } }, "message": { "text": "setAttribute(1)" } }, "kinds": [ "call", "function" ] } ] } ] }, { "threadFlows": [ { "locations": [ { "index": 377 }, { "index": 380 }, { "index": 393 }, { "index": 394 }, { "index": 388 }, { "index": 389 }, { "index": 395 }, { "index": 391 }, { "index": 392 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 106 }, "region": { "startLine": 89, "snippet": { "text": "\t\ts.getRequest().getSession().setAttribute(name, value);" } }, "contextRegion": { "startLine": 86, "endLine": 92, "snippet": { "text": "\t\n\tpublic void setSessionAttribute(WebSession s, String name, Object value)\n\t{\n\t\ts.getRequest().getSession().setAttribute(name, value);\n\t}\n\t\n\tpublic void setRequestAttribute(WebSession s, String name, Object value)\n" } } }, "message": { "text": "setAttribute(1)" } }, "kinds": [ "call", "function" ] } ] } ] }, { "threadFlows": [ { "locations": [ { "index": 377 }, { "index": 380 }, { "index": 396 }, { "index": 397 }, { "index": 388 }, { "index": 389 }, { "index": 398 }, { "index": 391 }, { "index": 392 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 106 }, "region": { "startLine": 89, "snippet": { "text": "\t\ts.getRequest().getSession().setAttribute(name, value);" } }, "contextRegion": { "startLine": 86, "endLine": 92, "snippet": { "text": "\t\n\tpublic void setSessionAttribute(WebSession s, String name, Object value)\n\t{\n\t\ts.getRequest().getSession().setAttribute(name, value);\n\t}\n\t\n\tpublic void setRequestAttribute(WebSession s, String name, Object value)\n" } } }, "message": { "text": "setAttribute(1)" } }, "kinds": [ "call", "function" ] } ] } ] }, { "threadFlows": [ { "locations": [ { "index": 377 }, { "index": 380 }, { "index": 396 }, { "index": 399 }, { "index": 388 }, { "index": 389 }, { "index": 400 }, { "index": 391 }, { "index": 392 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 106 }, "region": { "startLine": 89, "snippet": { "text": "\t\ts.getRequest().getSession().setAttribute(name, value);" } }, "contextRegion": { "startLine": 86, "endLine": 92, "snippet": { "text": "\t\n\tpublic void setSessionAttribute(WebSession s, String name, Object value)\n\t{\n\t\ts.getRequest().getSession().setAttribute(name, value);\n\t}\n\t\n\tpublic void setRequestAttribute(WebSession s, String name, Object value)\n" } } }, "message": { "text": "setAttribute(1)" } }, "kinds": [ "call", "function" ] } ] } ] }, { "threadFlows": [ { "locations": [ { "index": 377 }, { "index": 380 }, { "index": 401 }, { "index": 402 }, { "index": 388 }, { "index": 389 }, { "index": 403 }, { "index": 391 }, { "index": 392 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 106 }, "region": { "startLine": 89, "snippet": { "text": "\t\ts.getRequest().getSession().setAttribute(name, value);" } }, "contextRegion": { "startLine": 86, "endLine": 92, "snippet": { "text": "\t\n\tpublic void setSessionAttribute(WebSession s, String name, Object value)\n\t{\n\t\ts.getRequest().getSession().setAttribute(name, value);\n\t}\n\t\n\tpublic void setRequestAttribute(WebSession s, String name, Object value)\n" } } }, "message": { "text": "setAttribute(1)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 106 }, "region": { "startLine": 89, "startColumn": 50 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 125, "level": "error", "message": { "text": "The method _jspService() in [EditProfile.jsp](1) mishandles confidential information, which can compromise user privacy and is often illegal.\r\nMishandling private information, such as customer passwords or social security numbers, can compromise user privacy and is often illegal." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 79 }, "region": { "startLine": 73, "snippet": { "text": "\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getCcnLimit()%>\"/>" } }, "contextRegion": { "startLine": 70, "endLine": 76, "snippet": { "text": "\t\t\t\t\t\tCredit Card Limit: \n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getCcnLimit()%>\"/>\n\t\t\t\t\t\n\t\t\t\t\n\t\t\t\t\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 404 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 79 }, "region": { "startLine": 73, "snippet": { "text": "\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getCcnLimit()%>\"/>" } }, "contextRegion": { "startLine": 70, "endLine": 76, "snippet": { "text": "\t\t\t\t\t\tCredit Card Limit: \n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getCcnLimit()%>\"/>\n\t\t\t\t\t\n\t\t\t\t\n\t\t\t\t\n" } } }, "message": { "text": "print(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 79 }, "region": { "startLine": 73 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 17, "message": { "text": "The catch block at [BasicAuthentication.java](1) line [157](1) handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program.\r\nThe catch block handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 56 }, "region": { "startLine": 157, "endLine": 161, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\r\n\t e.printStackTrace();\r\n\t}" } }, "contextRegion": { "startLine": 154, "endLine": 164, "snippet": { "text": "\t ec.addElement(b);\n\n\t}\n\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\n\t e.printStackTrace();\n\t}\n\n\treturn (ec);\n }\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 56 }, "region": { "startLine": 157, "endLine": 161, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\r\n\t e.printStackTrace();\r\n\t}" } }, "contextRegion": { "startLine": 154, "endLine": 164, "snippet": { "text": "\t ec.addElement(b);\n\n\t}\n\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\n\t e.printStackTrace();\n\t}\n\n\treturn (ec);\n }\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 56 }, "region": { "startLine": 157, "startColumn": 2, "endLine": 161 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 108, "level": "error", "message": { "text": "The method ParameterNotFoundException() in [ParameterNotFoundException.java](1) mishandles confidential information, which can compromise user privacy and is often illegal.\r\nMishandling private information, such as customer passwords or social security numbers, can compromise user privacy and is often illegal." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 77 }, "region": { "startLine": 54, "snippet": { "text": "\tsuper(s);" } }, "contextRegion": { "startLine": 51, "endLine": 57, "snippet": { "text": " */\n public ParameterNotFoundException(String s)\n {\n\tsuper(s);\n }\n}\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 405 }, { "index": 406 }, { "index": 335 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 77 }, "region": { "startLine": 54, "snippet": { "text": "\tsuper(s);" } }, "contextRegion": { "startLine": 51, "endLine": 57, "snippet": { "text": " */\n public ParameterNotFoundException(String s)\n {\n\tsuper(s);\n }\n}\n" } } }, "message": { "text": "Exception(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 77 }, "region": { "startLine": 54, "startColumn": 8 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 33, "level": "note", "message": { "text": "Using println() rather than a dedicated logging facility makes it difficult to monitor the behavior of the program.\r\nUsing `System.out` or `System.err` rather than a dedicated logging facility makes it difficult to monitor the behavior of the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 43 }, "region": { "startLine": 159, "snippet": { "text": "\t\tSystem.out.println( \"errorscreen createContent Error:\" + this.error + \" message:\" + this.message );" } }, "contextRegion": { "startLine": 156, "endLine": 162, "snippet": { "text": "\t */\n\tprotected Element createContent( WebSession s )\n\t{\n\t\tSystem.out.println( \"errorscreen createContent Error:\" + this.error + \" message:\" + this.message );\n\n\t\tElement content;\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 43 }, "region": { "startLine": 159, "snippet": { "text": "\t\tSystem.out.println( \"errorscreen createContent Error:\" + this.error + \" message:\" + this.message );" } }, "contextRegion": { "startLine": 156, "endLine": 162, "snippet": { "text": "\t */\n\tprotected Element createContent( WebSession s )\n\t{\n\t\tSystem.out.println( \"errorscreen createContent Error:\" + this.error + \" message:\" + this.message );\n\n\t\tElement content;\n\n" } } }, "message": { "text": "FunctionCall: println" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 43 }, "region": { "startLine": 159 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 28, "message": { "text": "The form post at [Login.jsp](1) line [9](1) must contain a user-specific secret in order to prevent an attacker from making unauthorized requests.\r\nForm posts must contain a user-specific secret in order to prevent an attacker from making unauthorized requests." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 127 }, "region": { "startLine": 9, "endLine": 26, "snippet": { "text": "\t\t\t
\">\r\n\t\t\t \t\n\t\t\t\t
\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 127 }, "region": { "startLine": 9, "endLine": 26, "snippet": { "text": "\t\t\t\">\r\n\t\t\t \t\n\t\t\t\t
\n" } } } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 127 }, "region": { "startLine": 9, "startColumn": 4, "endLine": 26 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 28, "message": { "text": "The form post at [Login.jsp](1) line [9](1) must contain a user-specific secret in order to prevent an attacker from making unauthorized requests.\r\nForm posts must contain a user-specific secret in order to prevent an attacker from making unauthorized requests." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 76 }, "region": { "startLine": 9, "endLine": 26, "snippet": { "text": "\t\t\t\">\r\n\t\t\t \t\n\t\t\t\t
\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 76 }, "region": { "startLine": 9, "endLine": 26, "snippet": { "text": "\t\t\t\">\r\n\t\t\t \t\n\t\t\t\t
\n" } } } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 76 }, "region": { "startLine": 9, "startColumn": 4, "endLine": 26 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 2, "message": { "text": "On line [200](1) of [HammerHead.java](1), the method is called after the stream has already been committed or obtained.\r\nAfter a servlet's output stream has already been committed, it is erroneous to reset the stream buffer or perform any other action that recommits to the stream. Likewise, it is erroneous to call `getWriter()` after calling `getOutputStream` or vice versa." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 200, "snippet": { "text": "\t\tthis.writeScreen(screen, response);" } }, "contextRegion": { "startLine": 197, "endLine": 203, "snippet": { "text": "\t{\n\t try\n\t {\n\t\tthis.writeScreen(screen, response);\n\t }\n\t catch (Throwable thr)\n\t {\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 136, "snippet": { "text": "\t if (response.isCommitted())" } }, "contextRegion": { "startLine": 133, "endLine": 139, "snippet": { "text": "\t // FIXME: If a response is written by updateSession(), do not\n\t // call makeScreen() and writeScreen()\n\t mySession = updateSession(request, response, context);\n\t if (response.isCommitted())\n\t\treturn;\n\n\t // Note: For the lesson to track the status, we need to update\n" } } }, "message": { "text": "Branch not taken" } }, "kinds": [ "branch", "false" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 148, "snippet": { "text": "\t if (response.isCommitted())" } }, "contextRegion": { "startLine": 145, "endLine": 151, "snippet": { "text": "\t // require the lesson to have memory.\n\t screen = makeScreen(mySession); // This calls the lesson's\n\t // handleRequest()\n\t if (response.isCommitted())\n\t\treturn;\n\n\t // if the screen parameter exists, the screen was visited via\n" } } }, "message": { "text": "Branch not taken" } }, "kinds": [ "branch", "false" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 187, "snippet": { "text": "\t request.getRequestDispatcher(getViewPage(mySession)).forward(" } }, "contextRegion": { "startLine": 184, "endLine": 190, "snippet": { "text": "\t request.getSession().setAttribute(\"websession\", mySession);\n\t request.getSession().setAttribute(\"course\", mySession.getCourse());\n\n\t request.getRequestDispatcher(getViewPage(mySession)).forward(\n\t\t request, response);\n\t}\n\tcatch (Throwable t)\n" } } }, "message": { "text": "forward(?, response)" } }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 200, "snippet": { "text": "\t\tthis.writeScreen(screen, response);" } }, "contextRegion": { "startLine": 197, "endLine": 203, "snippet": { "text": "\t{\n\t try\n\t {\n\t\tthis.writeScreen(screen, response);\n\t }\n\t catch (Throwable thr)\n\t {\n" } } }, "message": { "text": "?.writeScreen(?, response)" } }, "kinds": [ "call", "function", "return" ] } ] } ] }, { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 135, "snippet": { "text": "\t mySession = updateSession(request, response, context);" } }, "contextRegion": { "startLine": 132, "endLine": 138, "snippet": { "text": "\n\t // FIXME: If a response is written by updateSession(), do not\n\t // call makeScreen() and writeScreen()\n\t mySession = updateSession(request, response, context);\n\t if (response.isCommitted())\n\t\treturn;\n\n" } } }, "message": { "text": "?.updateSession(?, response, ?)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 135, "snippet": { "text": "\t mySession = updateSession(request, response, context);" } }, "contextRegion": { "startLine": 132, "endLine": 138, "snippet": { "text": "\n\t // FIXME: If a response is written by updateSession(), do not\n\t // call makeScreen() and writeScreen()\n\t mySession = updateSession(request, response, context);\n\t if (response.isCommitted())\n\t\treturn;\n\n" } } }, "message": { "text": "java.lang.Throwable thrown" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 200, "snippet": { "text": "\t\tthis.writeScreen(screen, response);" } }, "contextRegion": { "startLine": 197, "endLine": 203, "snippet": { "text": "\t{\n\t try\n\t {\n\t\tthis.writeScreen(screen, response);\n\t }\n\t catch (Throwable thr)\n\t {\n" } } }, "message": { "text": "?.writeScreen(?, response)" } }, "kinds": [ "call", "function", "return" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 200 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 28, "message": { "text": "The form post at [Login.jsp](1) line [9](1) must contain a user-specific secret in order to prevent an attacker from making unauthorized requests.\r\nForm posts must contain a user-specific secret in order to prevent an attacker from making unauthorized requests." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 26 }, "region": { "startLine": 9, "endLine": 26, "snippet": { "text": "\t\t\t\">\r\n\t\t\t \t\n\t\t\t\t
\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 26 }, "region": { "startLine": 9, "endLine": 26, "snippet": { "text": "\t\t\t\">\r\n\t\t\t \t\n\t\t\t\t
\n" } } } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 26 }, "region": { "startLine": 9, "startColumn": 4, "endLine": 26 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 62, "level": "error", "message": { "text": "The method createContent() in [Encoding.java](1) sends unvalidated data to a web browser on line [369](1), which can result in the browser executing malicious code.\r\nSending unvalidated data to a web browser can result in the browser executing malicious code." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 369, "snippet": { "text": "\t\t\tInput key = new Input( Input.TEXT, KEY, userKey );" } }, "contextRegion": { "startLine": 366, "endLine": 372, "snippet": { "text": "\n\t\t\ttr.addElement( new TD( \"Enter a password (optional): \" ) );\n\n\t\t\tInput key = new Input( Input.TEXT, KEY, userKey );\n\n\t\t\ttr.addElement( new TD().addElement( key ) );\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 67 }, { "index": 68 }, { "index": 69 }, { "index": 70 }, { "index": 76 }, { "index": 77 }, { "index": 136 }, { "index": 137 }, { "index": 407 }, { "index": 408 }, { "index": 409 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 369, "snippet": { "text": "\t\t\tInput key = new Input( Input.TEXT, KEY, userKey );" } }, "contextRegion": { "startLine": 366, "endLine": 372, "snippet": { "text": "\n\t\t\ttr.addElement( new TD( \"Enter a password (optional): \" ) );\n\n\t\t\tInput key = new Input( Input.TEXT, KEY, userKey );\n\n\t\t\ttr.addElement( new TD().addElement( key ) );\n\n" } } }, "message": { "text": "Input(2)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 369, "startColumn": 44 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 17, "message": { "text": "The catch block at [Encoding.java](1) line [913](1) handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program.\r\nThe catch block handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 913, "endLine": 916, "snippet": { "text": "\t\tcatch ( Exception e )\r\n\t\t{\r\n\t\t\treturn ( \"Encoding problem\" );\r\n\t\t}" } }, "contextRegion": { "startLine": 910, "endLine": 919, "snippet": { "text": "\t\t\tByteBuffer bbuf = encoder.encode( CharBuffer.wrap( str ) );\n\t\t\treturn ( new String( bbuf.array() ) );\n\t\t}\n\t\tcatch ( Exception e )\n\t\t{\n\t\t\treturn ( \"Encoding problem\" );\n\t\t}\n\t}\n\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 913, "endLine": 916, "snippet": { "text": "\t\tcatch ( Exception e )\r\n\t\t{\r\n\t\t\treturn ( \"Encoding problem\" );\r\n\t\t}" } }, "contextRegion": { "startLine": 910, "endLine": 919, "snippet": { "text": "\t\t\tByteBuffer bbuf = encoder.encode( CharBuffer.wrap( str ) );\n\t\t\treturn ( new String( bbuf.array() ) );\n\t\t}\n\t\tcatch ( Exception e )\n\t\t{\n\t\t\treturn ( \"Encoding problem\" );\n\t\t}\n\t}\n\n\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 913, "startColumn": 3, "endLine": 916 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 17, "message": { "text": "The catch block at [CSRF.java](1) line [199](1) handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program.\r\nThe catch block handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 103 }, "region": { "startLine": 199, "endLine": 202, "snippet": { "text": "\t\tcatch ( Exception e )\r\n\t\t{\r\n\t\t\ts.setMessage( \"Error while getting message list.\" );\r\n\t\t}" } }, "contextRegion": { "startLine": 196, "endLine": 205, "snippet": { "text": "\t\t\t\t}\n\t\t\t}\n\t\t}\n\t\tcatch ( Exception e )\n\t\t{\n\t\t\ts.setMessage( \"Error while getting message list.\" );\n\t\t}\n\n\t\tElementContainer ec = new ElementContainer();\n\t\tec.addElement( new H1( \"Message List\" ) );\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 103 }, "region": { "startLine": 199, "endLine": 202, "snippet": { "text": "\t\tcatch ( Exception e )\r\n\t\t{\r\n\t\t\ts.setMessage( \"Error while getting message list.\" );\r\n\t\t}" } }, "contextRegion": { "startLine": 196, "endLine": 205, "snippet": { "text": "\t\t\t\t}\n\t\t\t}\n\t\t}\n\t\tcatch ( Exception e )\n\t\t{\n\t\t\ts.setMessage( \"Error while getting message list.\" );\n\t\t}\n\n\t\tElementContainer ec = new ElementContainer();\n\t\tec.addElement( new H1( \"Message List\" ) );\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 103 }, "region": { "startLine": 199, "startColumn": 3, "endLine": 202 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 124, "message": { "text": "The iteration count used by a password-based key derivation function is too low." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 539, "snippet": { "text": "\t\t\tSecretKey k = kf.generateSecret( new javax.crypto.spec.PBEKeySpec( pass ) );" } }, "contextRegion": { "startLine": 536, "endLine": 542, "snippet": { "text": "\n\t\t\tchar[] pass = pw.toCharArray();\n\n\t\t\tSecretKey k = kf.generateSecret( new javax.crypto.spec.PBEKeySpec( pass ) );\n\n\t\t\tpasswordEncryptCipher.init( Cipher.ENCRYPT_MODE, k, ps );\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 539, "snippet": { "text": "\t\t\tSecretKey k = kf.generateSecret( new javax.crypto.spec.PBEKeySpec( pass ) );" } }, "contextRegion": { "startLine": 536, "endLine": 542, "snippet": { "text": "\n\t\t\tchar[] pass = pw.toCharArray();\n\n\t\t\tSecretKey k = kf.generateSecret( new javax.crypto.spec.PBEKeySpec( pass ) );\n\n\t\t\tpasswordEncryptCipher.init( Cipher.ENCRYPT_MODE, k, ps );\n\n" } } }, "message": { "text": "PBEKeySpec()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 539 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function createEmployeeProfile() in [UpdateProfile.java](1) might reveal system data or debugging information by calling printStackTrace() on line [345](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 345, "snippet": { "text": "\t\tsqle.printStackTrace();" } }, "contextRegion": { "startLine": 342, "endLine": 348, "snippet": { "text": "\t catch (SQLException sqle)\n\t {\n\t\ts.setMessage(\"Error updating employee profile\");\n\t\tsqle.printStackTrace();\n\t }\n\t}\n\tcatch (Exception e)\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 345, "snippet": { "text": "\t\tsqle.printStackTrace();" } }, "contextRegion": { "startLine": 342, "endLine": 348, "snippet": { "text": "\t catch (SQLException sqle)\n\t {\n\t\ts.setMessage(\"Error updating employee profile\");\n\t\tsqle.printStackTrace();\n\t }\n\t}\n\tcatch (Exception e)\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 345 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 44, "message": { "text": "The call to getInstance() at [Encoding.java](1) line [491](1) uses a weak encryption algorithm that cannot guarantee the confidentiality of sensitive data.\r\nThe identified call uses a weak encryption algorithm that cannot guarantee the confidentiality of sensitive data." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 491, "snippet": { "text": "\t\t\tCipher passwordDecryptCipher = Cipher.getInstance( \"PBEWithMD5AndDES/CBC/PKCS5Padding\" );" } }, "contextRegion": { "startLine": 488, "endLine": 494, "snippet": { "text": "\n\t\t\tSecretKeyFactory kf = SecretKeyFactory.getInstance( \"PBEWithMD5AndDES\" );\n\n\t\t\tCipher passwordDecryptCipher = Cipher.getInstance( \"PBEWithMD5AndDES/CBC/PKCS5Padding\" );\n\n\t\t\tchar[] pass = pw.toCharArray();\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 491, "snippet": { "text": "\t\t\tCipher passwordDecryptCipher = Cipher.getInstance( \"PBEWithMD5AndDES/CBC/PKCS5Padding\" );" } }, "contextRegion": { "startLine": 488, "endLine": 494, "snippet": { "text": "\n\t\t\tSecretKeyFactory kf = SecretKeyFactory.getInstance( \"PBEWithMD5AndDES\" );\n\n\t\t\tCipher passwordDecryptCipher = Cipher.getInstance( \"PBEWithMD5AndDES/CBC/PKCS5Padding\" );\n\n\t\t\tchar[] pass = pw.toCharArray();\n\n" } } }, "message": { "text": "getInstance()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 491 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 17, "message": { "text": "The catch block at [FindProfile.java](1) line [216](1) handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program.\r\nThe catch block handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 51 }, "region": { "startLine": 216, "endLine": 220, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t s.setMessage(\"Error finding employee profile\");\r\n\t e.printStackTrace();\r\n\t}" } }, "contextRegion": { "startLine": 213, "endLine": 223, "snippet": { "text": "\t\tsqle.printStackTrace();\n\t }\n\t}\n\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error finding employee profile\");\n\t e.printStackTrace();\n\t}\n\n\treturn profile;\n }\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 51 }, "region": { "startLine": 216, "endLine": 220, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t s.setMessage(\"Error finding employee profile\");\r\n\t e.printStackTrace();\r\n\t}" } }, "contextRegion": { "startLine": 213, "endLine": 223, "snippet": { "text": "\t\tsqle.printStackTrace();\n\t }\n\t}\n\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error finding employee profile\");\n\t e.printStackTrace();\n\t}\n\n\treturn profile;\n }\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 51 }, "region": { "startLine": 216, "startColumn": 2, "endLine": 220 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 62, "level": "error", "message": { "text": "The method createContent() in [ReflectedXSS.java](1) sends unvalidated data to a web browser on line [206](1), which can result in the browser executing malicious code.\r\nSending unvalidated data to a web browser can result in the browser executing malicious code." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 137 }, "region": { "startLine": 206, "snippet": { "text": "\t\t param1)));" } }, "contextRegion": { "startLine": 203, "endLine": 209, "snippet": { "text": "\t tr.addElement(new TD()\n\t\t .addElement(\"Enter your three digit access code:\"));\n\t tr.addElement(new TD().addElement(new Input(Input.TEXT, \"field1\",\n\t\t param1)));\n\t t.addElement(tr);\n\n\t Element b = ECSFactory.makeButton(\"Purchase\");\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 0 }, { "index": 2 }, { "index": 3 }, { "index": 7 }, { "index": 10 }, { "index": 410 }, { "index": 411 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 137 }, "region": { "startLine": 206, "snippet": { "text": "\t\t param1)));" } }, "contextRegion": { "startLine": 203, "endLine": 209, "snippet": { "text": "\t tr.addElement(new TD()\n\t\t .addElement(\"Enter your three digit access code:\"));\n\t tr.addElement(new TD().addElement(new Input(Input.TEXT, \"field1\",\n\t\t param1)));\n\t t.addElement(tr);\n\n\t Element b = ECSFactory.makeButton(\"Purchase\");\n" } } }, "message": { "text": "Input(2)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 137 }, "region": { "startLine": 206, "startColumn": 7 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function handleRequest() in [UpdateProfile.java](1) might reveal system data or debugging information by calling printStackTrace() on line [115](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 115, "snippet": { "text": "\t\tue2.printStackTrace();" } }, "contextRegion": { "startLine": 112, "endLine": 118, "snippet": { "text": "\t catch (UnauthorizedException ue2)\n\t {\n\t\tSystem.out.println(\"Internal server error\");\n\t\tue2.printStackTrace();\n\t }\n\t}\n\telse\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 115, "snippet": { "text": "\t\tue2.printStackTrace();" } }, "contextRegion": { "startLine": 112, "endLine": 118, "snippet": { "text": "\t catch (UnauthorizedException ue2)\n\t {\n\t\tSystem.out.println(\"Internal server error\");\n\t\tue2.printStackTrace();\n\t }\n\t}\n\telse\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 115 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 17, "message": { "text": "The catch block at [LessonTracker.java](1) line [251](1) handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program.\r\nThe catch block handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 14 }, "region": { "startLine": 251, "endLine": 255, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t System.out.println(\"Failed to load lesson state for \" + screen);\r\n\t e.printStackTrace();\r\n\t}" } }, "contextRegion": { "startLine": 248, "endLine": 258, "snippet": { "text": "\t{\n\t // Normal if the lesson has not been accessed yet.\n\t}\n\tcatch (Exception e)\n\t{\n\t System.out.println(\"Failed to load lesson state for \" + screen);\n\t e.printStackTrace();\n\t}\n\tfinally\n\t{\n\t try\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 14 }, "region": { "startLine": 251, "endLine": 255, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t System.out.println(\"Failed to load lesson state for \" + screen);\r\n\t e.printStackTrace();\r\n\t}" } }, "contextRegion": { "startLine": 248, "endLine": 258, "snippet": { "text": "\t{\n\t // Normal if the lesson has not been accessed yet.\n\t}\n\tcatch (Exception e)\n\t{\n\t System.out.println(\"Failed to load lesson state for \" + screen);\n\t e.printStackTrace();\n\t}\n\tfinally\n\t{\n\t try\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 14 }, "region": { "startLine": 251, "startColumn": 2, "endLine": 255 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 17, "message": { "text": "The catch block at [LessonTracker.java](1) line [262](1) handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program.\r\nThe catch block handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 14 }, "region": { "startLine": 262, "endLine": 263, "snippet": { "text": "\t catch (Exception e)\r\n\t {}" } }, "contextRegion": { "startLine": 259, "endLine": 266, "snippet": { "text": "\t {\n\t\tin.close();\n\t }\n\t catch (Exception e)\n\t {}\n\t}\n\n\treturn screen.createLessonTracker();\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 14 }, "region": { "startLine": 262, "endLine": 263, "snippet": { "text": "\t catch (Exception e)\r\n\t {}" } }, "contextRegion": { "startLine": 259, "endLine": 266, "snippet": { "text": "\t {\n\t\tin.close();\n\t }\n\t catch (Exception e)\n\t {}\n\t}\n\n\treturn screen.createLessonTracker();\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 14 }, "region": { "startLine": 262, "startColumn": 6, "endLine": 263 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 33, "level": "note", "message": { "text": "Using println() rather than a dedicated logging facility makes it difficult to monitor the behavior of the program.\r\nUsing `System.out` or `System.err` rather than a dedicated logging facility makes it difficult to monitor the behavior of the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 40 }, "region": { "startLine": 240, "snippet": { "text": "\t System.out.println(\"Error dropping user admin database\");" } }, "contextRegion": { "startLine": 237, "endLine": 243, "snippet": { "text": "\t}\n\tcatch (SQLException e)\n\t{\n\t System.out.println(\"Error dropping user admin database\");\n\t}\n\n\t// Create the new table\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 40 }, "region": { "startLine": 240, "snippet": { "text": "\t System.out.println(\"Error dropping user admin database\");" } }, "contextRegion": { "startLine": 237, "endLine": 243, "snippet": { "text": "\t}\n\tcatch (SQLException e)\n\t{\n\t System.out.println(\"Error dropping user admin database\");\n\t}\n\n\t// Create the new table\n" } } }, "message": { "text": "FunctionCall: println" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 40 }, "region": { "startLine": 240 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 33, "level": "note", "message": { "text": "Using println() rather than a dedicated logging facility makes it difficult to monitor the behavior of the program.\r\nUsing `System.out` or `System.err` rather than a dedicated logging facility makes it difficult to monitor the behavior of the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 40 }, "region": { "startLine": 254, "snippet": { "text": "\t System.out.println(\"Error creating user admin database\");" } }, "contextRegion": { "startLine": 251, "endLine": 257, "snippet": { "text": "\t}\n\tcatch (SQLException e)\n\t{\n\t System.out.println(\"Error creating user admin database\");\n\t e.printStackTrace();\n\t}\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 40 }, "region": { "startLine": 254, "snippet": { "text": "\t System.out.println(\"Error creating user admin database\");" } }, "contextRegion": { "startLine": 251, "endLine": 257, "snippet": { "text": "\t}\n\tcatch (SQLException e)\n\t{\n\t System.out.println(\"Error creating user admin database\");\n\t e.printStackTrace();\n\t}\n\n" } } }, "message": { "text": "FunctionCall: println" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 40 }, "region": { "startLine": 254 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 17, "message": { "text": "The catch block at [UpdateProfile.java](1) line [319](1) handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program.\r\nThe catch block handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 101 }, "region": { "startLine": 319, "endLine": 323, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t e.printStackTrace();\r\n\t s.setMessage(\"Error updating employee profile\");\r\n\t}" } }, "contextRegion": { "startLine": 316, "endLine": 326, "snippet": { "text": "\t\ts.setMessage(\"Error updating employee profile\");\n\t }\n\t}\n\tcatch (Exception e)\n\t{\n\t e.printStackTrace();\n\t s.setMessage(\"Error updating employee profile\");\n\t}\n }\n}\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 101 }, "region": { "startLine": 319, "endLine": 323, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t e.printStackTrace();\r\n\t s.setMessage(\"Error updating employee profile\");\r\n\t}" } }, "contextRegion": { "startLine": 316, "endLine": 326, "snippet": { "text": "\t\ts.setMessage(\"Error updating employee profile\");\n\t }\n\t}\n\tcatch (Exception e)\n\t{\n\t e.printStackTrace();\n\t s.setMessage(\"Error updating employee profile\");\n\t}\n }\n}\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 101 }, "region": { "startLine": 319, "startColumn": 2, "endLine": 323 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function findEmployeeProfile() in [FindProfile.java](1) might reveal system data or debugging information by calling printStackTrace() on line [219](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 51 }, "region": { "startLine": 219, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 216, "endLine": 222, "snippet": { "text": "\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error finding employee profile\");\n\t e.printStackTrace();\n\t}\n\n\treturn profile;\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 51 }, "region": { "startLine": 219, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 216, "endLine": 222, "snippet": { "text": "\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error finding employee profile\");\n\t e.printStackTrace();\n\t}\n\n\treturn profile;\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 51 }, "region": { "startLine": 219 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 12, "level": "note", "message": { "text": "On line [162](1) of [DOS_Login.java](1), the method createContent() invokes a SQL query built using input potentially coming from an untrusted source. This call could allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands.\r\nConstructing a dynamic SQL statement with input coming from an untrusted source could allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 45 }, "region": { "startLine": 162, "snippet": { "text": "\t\t results = statement.executeQuery(query);" } }, "contextRegion": { "startLine": 159, "endLine": 165, "snippet": { "text": "\t\t // check the total count of logins\n\t\t query = \"SELECT * FROM user_login WHERE webgoat_user = '\"\n\t\t\t + s.getUserName() + \"'\";\n\t\t results = statement.executeQuery(query);\n\t\t results.last();\n\t\t ec.addElement(new H2(\"Successfull login count: \"\n\t\t\t + results.getRow()));\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 45 }, "region": { "startLine": 162, "snippet": { "text": "\t\t results = statement.executeQuery(query);" } }, "contextRegion": { "startLine": 159, "endLine": 165, "snippet": { "text": "\t\t // check the total count of logins\n\t\t query = \"SELECT * FROM user_login WHERE webgoat_user = '\"\n\t\t\t + s.getUserName() + \"'\";\n\t\t results = statement.executeQuery(query);\n\t\t results.last();\n\t\t ec.addElement(new H2(\"Successfull login count: \"\n\t\t\t + results.getRow()));\n" } } }, "message": { "text": "executeQuery()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 45 }, "region": { "startLine": 162 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 12, "level": "note", "message": { "text": "On line [139](1) of [DOS_Login.java](1), the method createContent() invokes a SQL query built using input potentially coming from an untrusted source. This call could allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands.\r\nConstructing a dynamic SQL statement with input coming from an untrusted source could allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 45 }, "region": { "startLine": 139, "snippet": { "text": "\t\t\tresults = statement.executeQuery(query);" } }, "contextRegion": { "startLine": 136, "endLine": 142, "snippet": { "text": "\t\t\t// check the total count of logins\n\t\t\tquery = \"SELECT * FROM user_login WHERE webgoat_user = '\"\n\t\t\t\t+ s.getUserName() + \"'\";\n\t\t\tresults = statement.executeQuery(query);\n\t\t\tresults.last();\n\t\t\t// If they get back more than one user they succeeded\n\t\t\tif (results.getRow() >= 3)\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 45 }, "region": { "startLine": 139, "snippet": { "text": "\t\t\tresults = statement.executeQuery(query);" } }, "contextRegion": { "startLine": 136, "endLine": 142, "snippet": { "text": "\t\t\t// check the total count of logins\n\t\t\tquery = \"SELECT * FROM user_login WHERE webgoat_user = '\"\n\t\t\t\t+ s.getUserName() + \"'\";\n\t\t\tresults = statement.executeQuery(query);\n\t\t\tresults.last();\n\t\t\t// If they get back more than one user they succeeded\n\t\t\tif (results.getRow() >= 3)\n" } } }, "message": { "text": "executeQuery()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 45 }, "region": { "startLine": 139 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 33, "level": "note", "message": { "text": "Using println() rather than a dedicated logging facility makes it difficult to monitor the behavior of the program.\r\nUsing `System.out` or `System.err` rather than a dedicated logging facility makes it difficult to monitor the behavior of the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 63 }, "region": { "startLine": 71, "snippet": { "text": "\t\t System.out.println(\"Error loading WebGoat properties\");" } }, "contextRegion": { "startLine": 68, "endLine": 74, "snippet": { "text": "\t\t}\n\t\tcatch (IOException e)\n\t\t{\n\t\t System.out.println(\"Error loading WebGoat properties\");\n\t\t e.printStackTrace();\n\t\t}\n }\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 63 }, "region": { "startLine": 71, "snippet": { "text": "\t\t System.out.println(\"Error loading WebGoat properties\");" } }, "contextRegion": { "startLine": 68, "endLine": 74, "snippet": { "text": "\t\t}\n\t\tcatch (IOException e)\n\t\t{\n\t\t System.out.println(\"Error loading WebGoat properties\");\n\t\t e.printStackTrace();\n\t\t}\n }\n" } } }, "message": { "text": "FunctionCall: println" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 63 }, "region": { "startLine": 71 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 33, "level": "note", "message": { "text": "Using println() rather than a dedicated logging facility makes it difficult to monitor the behavior of the program.\r\nUsing `System.out` or `System.err` rather than a dedicated logging facility makes it difficult to monitor the behavior of the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 75 }, "region": { "startLine": 960, "snippet": { "text": "\t System.out.println(\"reading file EXCEPTION: \" + filename);" } }, "contextRegion": { "startLine": 957, "endLine": 963, "snippet": { "text": "\t}\n\tcatch (IOException e)\n\t{\n\t System.out.println(\"reading file EXCEPTION: \" + filename);\n\t s.setMessage(\"Could not find source file\");\n\t}\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 75 }, "region": { "startLine": 960, "snippet": { "text": "\t System.out.println(\"reading file EXCEPTION: \" + filename);" } }, "contextRegion": { "startLine": 957, "endLine": 963, "snippet": { "text": "\t}\n\tcatch (IOException e)\n\t{\n\t System.out.println(\"reading file EXCEPTION: \" + filename);\n\t s.setMessage(\"Could not find source file\");\n\t}\n\n" } } }, "message": { "text": "FunctionCall: println" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 75 }, "region": { "startLine": 960 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 33, "level": "note", "message": { "text": "Using println() rather than a dedicated logging facility makes it difficult to monitor the behavior of the program.\r\nUsing `System.out` or `System.err` rather than a dedicated logging facility makes it difficult to monitor the behavior of the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 14 }, "region": { "startLine": 253, "snippet": { "text": "\t System.out.println(\"Failed to load lesson state for \" + screen);" } }, "contextRegion": { "startLine": 250, "endLine": 256, "snippet": { "text": "\t}\n\tcatch (Exception e)\n\t{\n\t System.out.println(\"Failed to load lesson state for \" + screen);\n\t e.printStackTrace();\n\t}\n\tfinally\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 14 }, "region": { "startLine": 253, "snippet": { "text": "\t System.out.println(\"Failed to load lesson state for \" + screen);" } }, "contextRegion": { "startLine": 250, "endLine": 256, "snippet": { "text": "\t}\n\tcatch (Exception e)\n\t{\n\t System.out.println(\"Failed to load lesson state for \" + screen);\n\t e.printStackTrace();\n\t}\n\tfinally\n" } } }, "message": { "text": "FunctionCall: println" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 14 }, "region": { "startLine": 253 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 125, "level": "error", "message": { "text": "The method _jspService() in [ViewProfile.jsp](1) mishandles confidential information, which can compromise user privacy and is often illegal.\r\nMishandling private information, such as customer passwords or social security numbers, can compromise user privacy and is often illegal." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 27 }, "region": { "startLine": 67, "snippet": { "text": "\t\t\t\t\t\t<%=employee.getCcn()%>" } }, "contextRegion": { "startLine": 64, "endLine": 70, "snippet": { "text": "\t\t\t\t\t\tCredit Card: \n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t\t<%=employee.getCcn()%>\n\t\t\t\t\t\n\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\tCredit Card Limit: \n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 421 }, { "index": 422 }, { "index": 423 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 27 }, "region": { "startLine": 67, "snippet": { "text": "\t\t\t\t\t\t<%=employee.getCcn()%>" } }, "contextRegion": { "startLine": 64, "endLine": 70, "snippet": { "text": "\t\t\t\t\t\tCredit Card: \n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t\t<%=employee.getCcn()%>\n\t\t\t\t\t\n\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\tCredit Card Limit: \n" } } }, "message": { "text": "print(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 27 }, "region": { "startLine": 67 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function handleRequest() in [RoleBasedAccessControl.java](1) might reveal system data or debugging information by calling printStackTrace() on line [344](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 344, "snippet": { "text": "\t ve.printStackTrace();" } }, "contextRegion": { "startLine": 341, "endLine": 347, "snippet": { "text": "\tcatch (ValidationException ve)\n\t{\n\t System.out.println(\"Validation failed\");\n\t ve.printStackTrace();\n\t setCurrentAction(s, ERROR_ACTION);\n\t}\n\tcatch (UnauthenticatedException ue)\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 344, "snippet": { "text": "\t ve.printStackTrace();" } }, "contextRegion": { "startLine": 341, "endLine": 347, "snippet": { "text": "\tcatch (ValidationException ve)\n\t{\n\t System.out.println(\"Validation failed\");\n\t ve.printStackTrace();\n\t setCurrentAction(s, ERROR_ACTION);\n\t}\n\tcatch (UnauthenticatedException ue)\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 344 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 89, "level": "note", "message": { "text": "The function log() in [HammerHead.java](1) might reveal system data or debugging information by calling log() on line [306](1). The information revealed by log() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 306, "snippet": { "text": "\tlog(output);" } }, "contextRegion": { "startLine": 303, "endLine": 309, "snippet": { "text": " {\n\tString output = new Date() + \" | \" + request.getRemoteHost() + \":\"\n\t\t+ request.getRemoteAddr() + \" | \" + message;\n\tlog(output);\n\tSystem.out.println(output);\n }\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 424 }, { "index": 425 }, { "index": 426 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 306, "snippet": { "text": "\tlog(output);" } }, "contextRegion": { "startLine": 303, "endLine": 309, "snippet": { "text": " {\n\tString output = new Date() + \" | \" + request.getRemoteHost() + \":\"\n\t\t+ request.getRemoteAddr() + \" | \" + message;\n\tlog(output);\n\tSystem.out.println(output);\n }\n\n" } } }, "message": { "text": "log(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 306, "startColumn": 6 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 43, "message": { "text": "Weak cryptographic hashes cannot guarantee data integrity and should not be used in security-critical contexts." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 640, "snippet": { "text": "\t\t\tmd = MessageDigest.getInstance( \"MD5\" );" } }, "contextRegion": { "startLine": 637, "endLine": 643, "snippet": { "text": "\n\t\ttry\n\t\t{\n\t\t\tmd = MessageDigest.getInstance( \"MD5\" );\n\t\t\tmd.update( b );\n\t\t}\n\t\tcatch ( NoSuchAlgorithmException e )\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 640, "snippet": { "text": "\t\t\tmd = MessageDigest.getInstance( \"MD5\" );" } }, "contextRegion": { "startLine": 637, "endLine": 643, "snippet": { "text": "\n\t\ttry\n\t\t{\n\t\t\tmd = MessageDigest.getInstance( \"MD5\" );\n\t\t\tmd.update( b );\n\t\t}\n\t\tcatch ( NoSuchAlgorithmException e )\n" } } }, "message": { "text": "getInstance()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 640 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 31, "message": { "text": "The class Exec contains debug code, which can create unintended entry points in a deployed web application.\r\nDebug code can create unintended entry points in a deployed web application." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 74 }, "region": { "startLine": 502, "snippet": { "text": " public static void main(String[] args)" } }, "contextRegion": { "startLine": 499, "endLine": 505, "snippet": { "text": " *\n * @param args The command line arguments\n */\n public static void main(String[] args)\n {\n\tExecResults results;\n\tString sep = System.getProperty(\"line.separator\");\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 74 }, "region": { "startLine": 502, "snippet": { "text": " public static void main(String[] args)" } }, "contextRegion": { "startLine": 499, "endLine": 505, "snippet": { "text": " *\n * @param args The command line arguments\n */\n public static void main(String[] args)\n {\n\tExecResults results;\n\tString sep = System.getProperty(\"line.separator\");\n" } } }, "message": { "text": "Function: main" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 74 }, "region": { "startLine": 502 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 108, "level": "error", "message": { "text": "The method getRawParameter() in [ParameterParser.java](1) mishandles confidential information, which can compromise user privacy and is often illegal.\r\nMishandling private information, such as customer passwords or social security numbers, can compromise user privacy and is often illegal." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 635, "snippet": { "text": "\t throw new ParameterNotFoundException(name + \" was empty\");" } }, "contextRegion": { "startLine": 632, "endLine": 638, "snippet": { "text": "\t}\n\telse if (values[0].length() == 0)\n\t{\n\t throw new ParameterNotFoundException(name + \" was empty\");\n\t}\n\n\treturn (values[0]);\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 427 }, { "index": 428 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 635, "snippet": { "text": "\t throw new ParameterNotFoundException(name + \" was empty\");" } }, "contextRegion": { "startLine": 632, "endLine": 638, "snippet": { "text": "\t}\n\telse if (values[0].length() == 0)\n\t{\n\t throw new ParameterNotFoundException(name + \" was empty\");\n\t}\n\n\treturn (values[0]);\n" } } }, "message": { "text": "ParameterNotFoundException(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 635 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 105, "message": { "text": "A web application must define default error pages in order to prevent attackers from mining information from the application container's built-in error response." }, "codeFlows": [ { "threadFlows": [ { "locations": [] } ] } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function handleRequest_BACKUP() in [RoleBasedAccessControl.java](1) might reveal system data or debugging information by calling printStackTrace() on line [432](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 432, "snippet": { "text": "\t\tpnfe.printStackTrace();" } }, "contextRegion": { "startLine": 429, "endLine": 435, "snippet": { "text": "\t catch (ParameterNotFoundException pnfe)\n\t {\n\t\tSystem.out.println(\"Missing parameter\");\n\t\tpnfe.printStackTrace();\n\t\tsetCurrentAction(s, ERROR_ACTION);\n\t }\n\t catch (ValidationException ve)\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 432, "snippet": { "text": "\t\tpnfe.printStackTrace();" } }, "contextRegion": { "startLine": 429, "endLine": 435, "snippet": { "text": "\t catch (ParameterNotFoundException pnfe)\n\t {\n\t\tSystem.out.println(\"Missing parameter\");\n\t\tpnfe.printStackTrace();\n\t\tsetCurrentAction(s, ERROR_ACTION);\n\t }\n\t catch (ValidationException ve)\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 432 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 17, "message": { "text": "The catch block at [EditProfile.java](1) line [128](1) handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program.\r\nThe catch block handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 138 }, "region": { "startLine": 128, "endLine": 132, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t s.setMessage(\"Error getting employee profile\");\r\n\t e.printStackTrace();\r\n\t}" } }, "contextRegion": { "startLine": 125, "endLine": 135, "snippet": { "text": "\t\tsqle.printStackTrace();\n\t }\n\t}\n\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error getting employee profile\");\n\t e.printStackTrace();\n\t}\n\n\treturn profile;\n }\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 138 }, "region": { "startLine": 128, "endLine": 132, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t s.setMessage(\"Error getting employee profile\");\r\n\t e.printStackTrace();\r\n\t}" } }, "contextRegion": { "startLine": 125, "endLine": 135, "snippet": { "text": "\t\tsqle.printStackTrace();\n\t }\n\t}\n\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error getting employee profile\");\n\t e.printStackTrace();\n\t}\n\n\treturn profile;\n }\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 138 }, "region": { "startLine": 128, "startColumn": 2, "endLine": 132 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 88, "level": "error", "message": { "text": "On line [135](1) of [Interceptor.java](1), the method doFilter() invokes a server side forward using a path built with unvalidated input. This could allow an attacker to download application binaries or view arbitrary files within protected directories.\r\nConstructing a server-side redirect path with user input could allow an attacker to download application binaries (including application classes or jar files) or view arbitrary files within protected directories." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 39 }, "region": { "startLine": 135, "snippet": { "text": "\tRequestDispatcher disp = req.getRequestDispatcher(url.substring(url" } }, "contextRegion": { "startLine": 132, "endLine": 138, "snippet": { "text": "\n\tString url = req.getRequestURL().toString();\n\n\tRequestDispatcher disp = req.getRequestDispatcher(url.substring(url\n\t\t.lastIndexOf(\"WebGoat/\")\n\t\t+ \"WebGoat\".length()));\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 417 }, { "index": 418 }, { "index": 419 }, { "index": 420 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 39 }, "region": { "startLine": 135, "snippet": { "text": "\tRequestDispatcher disp = req.getRequestDispatcher(url.substring(url" } }, "contextRegion": { "startLine": 132, "endLine": 138, "snippet": { "text": "\n\tString url = req.getRequestURL().toString();\n\n\tRequestDispatcher disp = req.getRequestDispatcher(url.substring(url\n\t\t.lastIndexOf(\"WebGoat/\")\n\t\t+ \"WebGoat\".length()));\n\n" } } }, "message": { "text": "getRequestDispatcher(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 39 }, "region": { "startLine": 135 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 116, "level": "error", "message": { "text": "The function getResults() in [SoapRequest.java](1) sometimes fails to release a system resource allocated by makeConnection() on line 412.\r\nThe program can potentially fail to release a database connection." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 130 }, "region": { "startLine": 422, "snippet": { "text": "\t\tResultSet results = ps.executeQuery();" } }, "contextRegion": { "startLine": 419, "endLine": 425, "snippet": { "text": "\t ps.setInt(1, id);\n\t try\n\t {\n\t\tResultSet results = ps.executeQuery();\n\t\tif ((results != null) && (results.next() == true))\n\t\t{\n\t\t return results.getString(field);\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 130 }, "region": { "startLine": 412, "snippet": { "text": "\t Connection connection = DatabaseUtilities.makeConnection();" } }, "contextRegion": { "startLine": 409, "endLine": 415, "snippet": { "text": " {\n\ttry\n\t{\n\t Connection connection = DatabaseUtilities.makeConnection();\n\t if (connection == null)\n\t {\n\t\treturn null;\n" } } }, "message": { "text": "connection = makeConnection()" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 130 }, "region": { "startLine": 413, "snippet": { "text": "\t if (connection == null)" } }, "contextRegion": { "startLine": 410, "endLine": 416, "snippet": { "text": "\ttry\n\t{\n\t Connection connection = DatabaseUtilities.makeConnection();\n\t if (connection == null)\n\t {\n\t\treturn null;\n\t }\n" } } }, "message": { "text": "Branch not taken" } }, "kinds": [ "branch", "false" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 130 }, "region": { "startLine": 418, "snippet": { "text": "" } }, "contextRegion": { "startLine": 415, "endLine": 420, "snippet": { "text": "\t\treturn null;\n\t }\n\t PreparedStatement ps = connection\n\t\t .prepareStatement(\"SELECT * FROM user_data WHERE userid = ?\");\n\t ps.setInt(1, id);\n\t try\n" } } }, "message": { "text": "ps = connection.prepareStatement(...)" }, "annotations": [ { "startLine": 417, "startColumn": 6, "message": { "text": "ps refers to a database command" } } ] }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 130 }, "region": { "startLine": 422, "snippet": { "text": "\t\tResultSet results = ps.executeQuery();" } }, "contextRegion": { "startLine": 419, "endLine": 425, "snippet": { "text": "\t ps.setInt(1, id);\n\t try\n\t {\n\t\tResultSet results = ps.executeQuery();\n\t\tif ((results != null) && (results.next() == true))\n\t\t{\n\t\t return results.getString(field);\n" } } }, "message": { "text": "results = ps.executeQuery()" }, "annotations": [ { "startLine": 422, "startColumn": 3, "message": { "text": "results refers to a database reader" } } ] }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 130 }, "region": { "startLine": 423, "snippet": { "text": "\t\tif ((results != null) && (results.next() == true))" } }, "contextRegion": { "startLine": 420, "endLine": 426, "snippet": { "text": "\t try\n\t {\n\t\tResultSet results = ps.executeQuery();\n\t\tif ((results != null) && (results.next() == true))\n\t\t{\n\t\t return results.getString(field);\n\t\t}\n" } } }, "message": { "text": "Branch taken" } }, "kinds": [ "branch", "true" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 130 }, "region": { "startLine": 423, "snippet": { "text": "\t\tif ((results != null) && (results.next() == true))" } }, "contextRegion": { "startLine": 420, "endLine": 426, "snippet": { "text": "\t try\n\t {\n\t\tResultSet results = ps.executeQuery();\n\t\tif ((results != null) && (results.next() == true))\n\t\t{\n\t\t return results.getString(field);\n\t\t}\n" } } }, "message": { "text": "Branch taken" } }, "kinds": [ "branch", "true" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 130 }, "region": { "startLine": 425, "snippet": { "text": "\t\t return results.getString(field);" } }, "contextRegion": { "startLine": 422, "endLine": 428, "snippet": { "text": "\t\tResultSet results = ps.executeQuery();\n\t\tif ((results != null) && (results.next() == true))\n\t\t{\n\t\t return results.getString(field);\n\t\t}\n\t }\n\t catch (SQLException sqle)\n" } } }, "message": { "text": "return" } }, "kinds": [ "return", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 130 }, "region": { "startLine": 425, "snippet": { "text": "\t\t return results.getString(field);" } }, "contextRegion": { "startLine": 422, "endLine": 428, "snippet": { "text": "\t\tResultSet results = ps.executeQuery();\n\t\tif ((results != null) && (results.next() == true))\n\t\t{\n\t\t return results.getString(field);\n\t\t}\n\t }\n\t catch (SQLException sqle)\n" } } }, "message": { "text": "results no longer refers to a database reader" } }, "kinds": [ "exit", "scope" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 130 }, "region": { "startLine": 425, "snippet": { "text": "\t\t return results.getString(field);" } }, "contextRegion": { "startLine": 422, "endLine": 428, "snippet": { "text": "\t\tResultSet results = ps.executeQuery();\n\t\tif ((results != null) && (results.next() == true))\n\t\t{\n\t\t return results.getString(field);\n\t\t}\n\t }\n\t catch (SQLException sqle)\n" } } }, "message": { "text": "results no longer refers to a database reader" } }, "kinds": [ "exit", "scope" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 130 }, "region": { "startLine": 425, "snippet": { "text": "\t\t return results.getString(field);" } }, "contextRegion": { "startLine": 422, "endLine": 428, "snippet": { "text": "\t\tResultSet results = ps.executeQuery();\n\t\tif ((results != null) && (results.next() == true))\n\t\t{\n\t\t return results.getString(field);\n\t\t}\n\t }\n\t catch (SQLException sqle)\n" } } }, "message": { "text": "results end scope" } }, "kinds": [ "exit", "scope" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 130 }, "region": { "startLine": 425, "snippet": { "text": "\t\t return results.getString(field);" } }, "contextRegion": { "startLine": 422, "endLine": 428, "snippet": { "text": "\t\tResultSet results = ps.executeQuery();\n\t\tif ((results != null) && (results.next() == true))\n\t\t{\n\t\t return results.getString(field);\n\t\t}\n\t }\n\t catch (SQLException sqle)\n" } } }, "message": { "text": "connection end scope : Database resource leaked" } }, "kinds": [ "exit", "scope" ] } ] } ] }, { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 130 }, "region": { "startLine": 412, "snippet": { "text": "\t Connection connection = DatabaseUtilities.makeConnection();" } }, "contextRegion": { "startLine": 409, "endLine": 415, "snippet": { "text": " {\n\ttry\n\t{\n\t Connection connection = DatabaseUtilities.makeConnection();\n\t if (connection == null)\n\t {\n\t\treturn null;\n" } } }, "message": { "text": "connection = makeConnection()" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 130 }, "region": { "startLine": 413, "snippet": { "text": "\t if (connection == null)" } }, "contextRegion": { "startLine": 410, "endLine": 416, "snippet": { "text": "\ttry\n\t{\n\t Connection connection = DatabaseUtilities.makeConnection();\n\t if (connection == null)\n\t {\n\t\treturn null;\n\t }\n" } } }, "message": { "text": "Branch not taken" } }, "kinds": [ "branch", "false" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 130 }, "region": { "startLine": 418, "snippet": { "text": "" } }, "contextRegion": { "startLine": 415, "endLine": 420, "snippet": { "text": "\t\treturn null;\n\t }\n\t PreparedStatement ps = connection\n\t\t .prepareStatement(\"SELECT * FROM user_data WHERE userid = ?\");\n\t ps.setInt(1, id);\n\t try\n" } } }, "message": { "text": "ps = connection.prepareStatement(...)" }, "annotations": [ { "startLine": 417, "startColumn": 6, "message": { "text": "ps refers to a database command" } } ] }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 130 }, "region": { "startLine": 422, "snippet": { "text": "\t\tResultSet results = ps.executeQuery();" } }, "contextRegion": { "startLine": 419, "endLine": 425, "snippet": { "text": "\t ps.setInt(1, id);\n\t try\n\t {\n\t\tResultSet results = ps.executeQuery();\n\t\tif ((results != null) && (results.next() == true))\n\t\t{\n\t\t return results.getString(field);\n" } } }, "message": { "text": "results = ps.executeQuery()" }, "annotations": [ { "startLine": 422, "startColumn": 3, "message": { "text": "results refers to a database reader" } } ] }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 130 }, "region": { "startLine": 423, "snippet": { "text": "\t\tif ((results != null) && (results.next() == true))" } }, "contextRegion": { "startLine": 420, "endLine": 426, "snippet": { "text": "\t try\n\t {\n\t\tResultSet results = ps.executeQuery();\n\t\tif ((results != null) && (results.next() == true))\n\t\t{\n\t\t return results.getString(field);\n\t\t}\n" } } }, "message": { "text": "Branch taken" } }, "kinds": [ "branch", "true" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 130 }, "region": { "startLine": 423, "snippet": { "text": "\t\tif ((results != null) && (results.next() == true))" } }, "contextRegion": { "startLine": 420, "endLine": 426, "snippet": { "text": "\t try\n\t {\n\t\tResultSet results = ps.executeQuery();\n\t\tif ((results != null) && (results.next() == true))\n\t\t{\n\t\t return results.getString(field);\n\t\t}\n" } } }, "message": { "text": "Branch not taken" } }, "kinds": [ "branch", "false" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 130 }, "region": { "startLine": 427, "snippet": { "text": "\t }" } }, "contextRegion": { "startLine": 424, "endLine": 430, "snippet": { "text": "\t\t{\n\t\t return results.getString(field);\n\t\t}\n\t }\n\t catch (SQLException sqle)\n\t {}\n\t}\n" } } }, "message": { "text": "results no longer refers to a database reader" } }, "kinds": [ "exit", "scope" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 130 }, "region": { "startLine": 427, "snippet": { "text": "\t }" } }, "contextRegion": { "startLine": 424, "endLine": 430, "snippet": { "text": "\t\t{\n\t\t return results.getString(field);\n\t\t}\n\t }\n\t catch (SQLException sqle)\n\t {}\n\t}\n" } } }, "message": { "text": "results no longer refers to a database reader" } }, "kinds": [ "exit", "scope" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 130 }, "region": { "startLine": 427, "snippet": { "text": "\t }" } }, "contextRegion": { "startLine": 424, "endLine": 430, "snippet": { "text": "\t\t{\n\t\t return results.getString(field);\n\t\t}\n\t }\n\t catch (SQLException sqle)\n\t {}\n\t}\n" } } }, "message": { "text": "results end scope" } }, "kinds": [ "exit", "scope" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 130 }, "region": { "startLine": 430, "snippet": { "text": "\t}" } }, "contextRegion": { "startLine": 427, "endLine": 433, "snippet": { "text": "\t }\n\t catch (SQLException sqle)\n\t {}\n\t}\n\tcatch (Exception e)\n\t{}\n\treturn null;\n" } } }, "message": { "text": "connection end scope : Database resource leaked" } }, "kinds": [ "exit", "scope" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 130 }, "region": { "startLine": 422 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 24, "level": "error", "message": { "text": "The method makeCurrent() in [StoredXss.java](1) sends unvalidated data to a web browser on line [233](1), which can result in the browser executing malicious code.\r\nSending unvalidated data to a web browser can result in the browser executing malicious code." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 60 }, "region": { "startLine": 233, "snippet": { "text": "\t\trow1.addElement(new TD(new StringElement(results" } }, "contextRegion": { "startLine": 230, "endLine": 236, "snippet": { "text": "\t\tTable t = new Table(0).setCellSpacing(0).setCellPadding(0)\n\t\t\t.setBorder(0);\n\t\tTR row1 = new TR(new TD(new B(new StringElement(\"Title:\"))));\n\t\trow1.addElement(new TD(new StringElement(results\n\t\t\t.getString(TITLE_COL))));\n\t\tt.addElement(row1);\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 429 }, { "index": 430 }, { "index": 431 }, { "index": 432 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 60 }, "region": { "startLine": 233, "snippet": { "text": "\t\trow1.addElement(new TD(new StringElement(results" } }, "contextRegion": { "startLine": 230, "endLine": 236, "snippet": { "text": "\t\tTable t = new Table(0).setCellSpacing(0).setCellPadding(0)\n\t\t\t.setBorder(0);\n\t\tTR row1 = new TR(new TD(new B(new StringElement(\"Title:\"))));\n\t\trow1.addElement(new TD(new StringElement(results\n\t\t\t.getString(TITLE_COL))));\n\t\tt.addElement(row1);\n\n" } } }, "message": { "text": "TD(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 60 }, "region": { "startLine": 233, "startColumn": 26 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 24, "level": "error", "message": { "text": "The method makeCurrent() in [StoredXss.java](1) sends unvalidated data to a web browser on line [239](1), which can result in the browser executing malicious code.\r\nSending unvalidated data to a web browser can result in the browser executing malicious code." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 60 }, "region": { "startLine": 239, "snippet": { "text": "\t\trow2.addElement(new TD(new StringElement(messageData)));" } }, "contextRegion": { "startLine": 236, "endLine": 242, "snippet": { "text": "\n\t\tString messageData = results.getString(MESSAGE_COL);\n\t\tTR row2 = new TR(new TD(new B(new StringElement(\"Message:\"))));\n\t\trow2.addElement(new TD(new StringElement(messageData)));\n\t\tt.addElement(row2);\n\n\t\t// Edited by Chuck Willis - added display of the user who posted the message, so that\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 429 }, { "index": 430 }, { "index": 433 }, { "index": 434 }, { "index": 435 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 60 }, "region": { "startLine": 239, "snippet": { "text": "\t\trow2.addElement(new TD(new StringElement(messageData)));" } }, "contextRegion": { "startLine": 236, "endLine": 242, "snippet": { "text": "\n\t\tString messageData = results.getString(MESSAGE_COL);\n\t\tTR row2 = new TR(new TD(new B(new StringElement(\"Message:\"))));\n\t\trow2.addElement(new TD(new StringElement(messageData)));\n\t\tt.addElement(row2);\n\n\t\t// Edited by Chuck Willis - added display of the user who posted the message, so that\n" } } }, "message": { "text": "TD(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 60 }, "region": { "startLine": 239, "startColumn": 26 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 24, "level": "error", "message": { "text": "The method makeCurrent() in [StoredXss.java](1) sends unvalidated data to a web browser on line [247](1), which can result in the browser executing malicious code.\r\nSending unvalidated data to a web browser can result in the browser executing malicious code." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 60 }, "region": { "startLine": 247, "snippet": { "text": "\t\trow3.addElement(new TD(new StringElement(results" } }, "contextRegion": { "startLine": 244, "endLine": 250, "snippet": { "text": "\t\t// they can see that the message is attributed to that user\n\n\t\tTR row3 = new TR(new TD(new StringElement(\"Posted By:\")));\n\t\trow3.addElement(new TD(new StringElement(results\n\t\t\t.getString(USER_COL))));\n\t\tt.addElement(row3);\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 429 }, { "index": 430 }, { "index": 436 }, { "index": 437 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 60 }, "region": { "startLine": 247, "snippet": { "text": "\t\trow3.addElement(new TD(new StringElement(results" } }, "contextRegion": { "startLine": 244, "endLine": 250, "snippet": { "text": "\t\t// they can see that the message is attributed to that user\n\n\t\tTR row3 = new TR(new TD(new StringElement(\"Posted By:\")));\n\t\trow3.addElement(new TD(new StringElement(results\n\t\t\t.getString(USER_COL))));\n\t\tt.addElement(row3);\n\n" } } }, "message": { "text": "TD(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 60 }, "region": { "startLine": 247, "startColumn": 26 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 17, "message": { "text": "The catch block at [UserTracker.java](1) line [133](1) handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program.\r\nThe catch block handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 98 }, "region": { "startLine": 133, "endLine": 134, "snippet": { "text": "\t catch (Exception e)\r\n\t {}" } }, "contextRegion": { "startLine": 130, "endLine": 137, "snippet": { "text": "\t\t}\n\t\tusersDB.close();\n\t }\n\t catch (Exception e)\n\t {}\n\t return allUsers;\n\t}\n }\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 98 }, "region": { "startLine": 133, "endLine": 134, "snippet": { "text": "\t catch (Exception e)\r\n\t {}" } }, "contextRegion": { "startLine": 130, "endLine": 137, "snippet": { "text": "\t\t}\n\t\tusersDB.close();\n\t }\n\t catch (Exception e)\n\t {}\n\t return allUsers;\n\t}\n }\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 98 }, "region": { "startLine": 133, "startColumn": 6, "endLine": 134 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 12, "level": "note", "message": { "text": "On line [144](1) of [DeleteProfile.java](1), the method deleteEmployeeProfile_BACKUP() invokes a SQL query built using input potentially coming from an untrusted source. This call could allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands.\r\nConstructing a dynamic SQL statement with input coming from an untrusted source could allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 73 }, "region": { "startLine": 144, "snippet": { "text": "\t\tstatement.executeUpdate(query);" } }, "contextRegion": { "startLine": 141, "endLine": 147, "snippet": { "text": "\t\tStatement statement = WebSession.getConnection(s)\n\t\t\t.createStatement(ResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tstatement.executeUpdate(query);\n\t }\n\t catch (SQLException sqle)\n\t {\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 73 }, "region": { "startLine": 144, "snippet": { "text": "\t\tstatement.executeUpdate(query);" } }, "contextRegion": { "startLine": 141, "endLine": 147, "snippet": { "text": "\t\tStatement statement = WebSession.getConnection(s)\n\t\t\t.createStatement(ResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tstatement.executeUpdate(query);\n\t }\n\t catch (SQLException sqle)\n\t {\n" } } }, "message": { "text": "executeUpdate()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 73 }, "region": { "startLine": 144 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 109, "level": "note", "message": { "text": "A hidden form field is used in [ViewProfile.jsp](1) at line [119](1).\r\nA hidden form field is used." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 16 }, "region": { "startLine": 119, "snippet": { "text": "\t\t\t\t\t\t\t\" value=\"<%=employee.getId()%>\">" } }, "contextRegion": { "startLine": 116, "endLine": 122, "snippet": { "text": "\t\t\t\t\t{\n\t\t\t\t\t%>\n\t\t\t\t\t\t\">\n\t\t\t\t\t\t\t\" value=\"<%=employee.getId()%>\">\n\t\t\t\t\t\t\t\"/>\n\t\t\t\t\t\t\n\t\t\t\t\t<% \n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 16 }, "region": { "startLine": 119, "snippet": { "text": "\t\t\t\t\t\t\t\" value=\"<%=employee.getId()%>\">" } }, "contextRegion": { "startLine": 116, "endLine": 122, "snippet": { "text": "\t\t\t\t\t{\n\t\t\t\t\t%>\n\t\t\t\t\t\t
\">\n\t\t\t\t\t\t\t\" value=\"<%=employee.getId()%>\">\n\t\t\t\t\t\t\t\"/>\n\t\t\t\t\t\t
\n\t\t\t\t\t<% \n" } } } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 16 }, "region": { "startLine": 119, "startColumn": 8 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 109, "level": "note", "message": { "text": "A hidden form field is used in [ViewProfile.jsp](1) at line [131](1).\r\nA hidden form field is used." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 16 }, "region": { "startLine": 131, "snippet": { "text": "\t\t\t\t\t\t\t\" value=\"<%=employee.getId()%>\">" } }, "contextRegion": { "startLine": 128, "endLine": 134, "snippet": { "text": "\t\t\t\t\t{\n\t\t\t\t\t%>\n\t\t\t\t\t\t
\">\n\t\t\t\t\t\t\t\" value=\"<%=employee.getId()%>\">\n\t\t\t\t\t\t\t\"/>\n\t\t\t\t\t\t
\n\t\t\t\t\t<% \n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 16 }, "region": { "startLine": 131, "snippet": { "text": "\t\t\t\t\t\t\t\" value=\"<%=employee.getId()%>\">" } }, "contextRegion": { "startLine": 128, "endLine": 134, "snippet": { "text": "\t\t\t\t\t{\n\t\t\t\t\t%>\n\t\t\t\t\t\t
\">\n\t\t\t\t\t\t\t\" value=\"<%=employee.getId()%>\">\n\t\t\t\t\t\t\t\"/>\n\t\t\t\t\t\t
\n\t\t\t\t\t<% \n" } } } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 16 }, "region": { "startLine": 131, "startColumn": 8 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 109, "level": "note", "message": { "text": "A hidden form field is used in [ViewProfile.jsp](1) at line [144](1).\r\nA hidden form field is used." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 16 }, "region": { "startLine": 144, "snippet": { "text": "\t\t\t\t\t\t\t\" value=\"<%=employee.getId()%>\">" } }, "contextRegion": { "startLine": 141, "endLine": 147, "snippet": { "text": "\t\t\t\t\t{\n\t\t\t\t\t%>\n\t\t\t\t\t\t
\">\n\t\t\t\t\t\t\t\" value=\"<%=employee.getId()%>\">\n\t\t\t\t\t\t\t\"/>\n\t\t\t\t\t\t
\n\t\t\t\t\t<% \n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 16 }, "region": { "startLine": 144, "snippet": { "text": "\t\t\t\t\t\t\t\" value=\"<%=employee.getId()%>\">" } }, "contextRegion": { "startLine": 141, "endLine": 147, "snippet": { "text": "\t\t\t\t\t{\n\t\t\t\t\t%>\n\t\t\t\t\t\t
\">\n\t\t\t\t\t\t\t\" value=\"<%=employee.getId()%>\">\n\t\t\t\t\t\t\t\"/>\n\t\t\t\t\t\t
\n\t\t\t\t\t<% \n" } } } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 16 }, "region": { "startLine": 144, "startColumn": 8 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 109, "level": "note", "message": { "text": "A hidden form field is used in [ViewProfile.jsp](1) at line [117](1).\r\nA hidden form field is used." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 44 }, "region": { "startLine": 117, "snippet": { "text": "\t\t\t\t\t\t\t\" value=\"<%=employee.getId()%>\">" } }, "contextRegion": { "startLine": 114, "endLine": 120, "snippet": { "text": "\t\t\t\t\t {\n\t\t\t\t\t %>\n\t\t\t\t\t\t
\">\n\t\t\t\t\t\t\t\" value=\"<%=employee.getId()%>\">\n\t\t\t\t\t\t\t\"/>\n\t\t\t\t\t\t
\n\t\t\t\t\t <%\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 44 }, "region": { "startLine": 117, "snippet": { "text": "\t\t\t\t\t\t\t\" value=\"<%=employee.getId()%>\">" } }, "contextRegion": { "startLine": 114, "endLine": 120, "snippet": { "text": "\t\t\t\t\t {\n\t\t\t\t\t %>\n\t\t\t\t\t\t
\">\n\t\t\t\t\t\t\t\" value=\"<%=employee.getId()%>\">\n\t\t\t\t\t\t\t\"/>\n\t\t\t\t\t\t
\n\t\t\t\t\t <%\n" } } } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 44 }, "region": { "startLine": 117, "startColumn": 8 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 109, "level": "note", "message": { "text": "A hidden form field is used in [ViewProfile.jsp](1) at line [129](1).\r\nA hidden form field is used." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 44 }, "region": { "startLine": 129, "snippet": { "text": "\t\t\t\t\t\t\t\" value=\"<%=employee.getId()%>\">" } }, "contextRegion": { "startLine": 126, "endLine": 132, "snippet": { "text": "\t\t\t\t\t {\n\t\t\t\t\t %>\n\t\t\t\t\t\t
\">\n\t\t\t\t\t\t\t\" value=\"<%=employee.getId()%>\">\n\t\t\t\t\t\t\t\"/>\n\t\t\t\t\t\t
\n\t\t\t\t\t<%\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 44 }, "region": { "startLine": 129, "snippet": { "text": "\t\t\t\t\t\t\t\" value=\"<%=employee.getId()%>\">" } }, "contextRegion": { "startLine": 126, "endLine": 132, "snippet": { "text": "\t\t\t\t\t {\n\t\t\t\t\t %>\n\t\t\t\t\t\t
\">\n\t\t\t\t\t\t\t\" value=\"<%=employee.getId()%>\">\n\t\t\t\t\t\t\t\"/>\n\t\t\t\t\t\t
\n\t\t\t\t\t<%\n" } } } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 44 }, "region": { "startLine": 129, "startColumn": 8 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 109, "level": "note", "message": { "text": "A hidden form field is used in [ViewProfile.jsp](1) at line [142](1).\r\nA hidden form field is used." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 44 }, "region": { "startLine": 142, "snippet": { "text": "\t\t\t\t\t\t\t\" value=\"<%=employee.getId()%>\">" } }, "contextRegion": { "startLine": 139, "endLine": 145, "snippet": { "text": "\t\t\t\t\t{\n\t\t\t\t\t%>\n\t\t\t\t\t\t
\">\n\t\t\t\t\t\t\t\" value=\"<%=employee.getId()%>\">\n\t\t\t\t\t\t\t\"/>\n\t\t\t\t\t\t
\n\t\t\t\t\t<%\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 44 }, "region": { "startLine": 142, "snippet": { "text": "\t\t\t\t\t\t\t\" value=\"<%=employee.getId()%>\">" } }, "contextRegion": { "startLine": 139, "endLine": 145, "snippet": { "text": "\t\t\t\t\t{\n\t\t\t\t\t%>\n\t\t\t\t\t\t
\">\n\t\t\t\t\t\t\t\" value=\"<%=employee.getId()%>\">\n\t\t\t\t\t\t\t\"/>\n\t\t\t\t\t\t
\n\t\t\t\t\t<%\n" } } } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 44 }, "region": { "startLine": 142, "startColumn": 8 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 109, "level": "note", "message": { "text": "A hidden form field is used in [ViewProfile.jsp](1) at line [113](1).\r\nA hidden form field is used." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 27 }, "region": { "startLine": 113, "snippet": { "text": "\t\t\t\t\t\t\t\" value=\"<%=employee.getId()%>\">" } }, "contextRegion": { "startLine": 110, "endLine": 116, "snippet": { "text": "\t\t\t\t\t {\n\t\t\t\t\t %> \t\n\t\t\t\t\t\t
\">\n\t\t\t\t\t\t\t\" value=\"<%=employee.getId()%>\">\n\t\t\t\t\t\t\t\"/>\n\t\t\t\t\t\t
\n\t\t\t\t\t <%\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 27 }, "region": { "startLine": 113, "snippet": { "text": "\t\t\t\t\t\t\t\" value=\"<%=employee.getId()%>\">" } }, "contextRegion": { "startLine": 110, "endLine": 116, "snippet": { "text": "\t\t\t\t\t {\n\t\t\t\t\t %> \t\n\t\t\t\t\t\t
\">\n\t\t\t\t\t\t\t\" value=\"<%=employee.getId()%>\">\n\t\t\t\t\t\t\t\"/>\n\t\t\t\t\t\t
\n\t\t\t\t\t <%\n" } } } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 27 }, "region": { "startLine": 113, "startColumn": 8 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 109, "level": "note", "message": { "text": "A hidden form field is used in [ViewProfile.jsp](1) at line [126](1).\r\nA hidden form field is used." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 27 }, "region": { "startLine": 126, "snippet": { "text": "\t\t\t\t\t\t\t\" value=\"<%=employee.getId()%>\">" } }, "contextRegion": { "startLine": 123, "endLine": 129, "snippet": { "text": "\t\t\t\t\t {\n\t\t\t\t\t %>\n\t\t\t\t\t\t
\">\n\t\t\t\t\t\t\t\" value=\"<%=employee.getId()%>\">\n\t\t\t\t\t\t\t\"/>\n\t\t\t\t\t\t
\n\t\t\t\t\t<%\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 27 }, "region": { "startLine": 126, "snippet": { "text": "\t\t\t\t\t\t\t\" value=\"<%=employee.getId()%>\">" } }, "contextRegion": { "startLine": 123, "endLine": 129, "snippet": { "text": "\t\t\t\t\t {\n\t\t\t\t\t %>\n\t\t\t\t\t\t
\">\n\t\t\t\t\t\t\t\" value=\"<%=employee.getId()%>\">\n\t\t\t\t\t\t\t\"/>\n\t\t\t\t\t\t
\n\t\t\t\t\t<%\n" } } } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 27 }, "region": { "startLine": 126, "startColumn": 8 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 138, "level": "error", "message": { "text": "Without proper access control, the method getEmployeeProfile() in [ViewProfile.java](1) can execute a SQL statement on line [112](1) that contains an attacker-controlled primary key, thereby allowing the attacker to access unauthorized records.\r\nWithout proper access control, executing a SQL statement that contains a user-controlled primary key can allow an attacker to view unauthorized records." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 53 }, "region": { "startLine": 112, "snippet": { "text": "\t\tResultSet answer_results = answer_statement.executeQuery(query);" } }, "contextRegion": { "startLine": 109, "endLine": 115, "snippet": { "text": "\t\tStatement answer_statement = WebSession.getConnection(s)\n\t\t\t.createStatement(ResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tResultSet answer_results = answer_statement.executeQuery(query);\n\t\tif (answer_results.next())\n\t\t{\n\t\t // Note: Do NOT get the password field.\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 67 }, { "index": 68 }, { "index": 69 }, { "index": 70 }, { "index": 76 }, { "index": 77 }, { "index": 78 }, { "index": 79 }, { "index": 80 }, { "index": 412 }, { "index": 82 }, { "index": 413 }, { "index": 414 }, { "index": 415 }, { "index": 416 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 53 }, "region": { "startLine": 112, "snippet": { "text": "\t\tResultSet answer_results = answer_statement.executeQuery(query);" } }, "contextRegion": { "startLine": 109, "endLine": 115, "snippet": { "text": "\t\tStatement answer_statement = WebSession.getConnection(s)\n\t\t\t.createStatement(ResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tResultSet answer_results = answer_statement.executeQuery(query);\n\t\tif (answer_results.next())\n\t\t{\n\t\t // Note: Do NOT get the password field.\n" } } }, "message": { "text": "executeQuery(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 53 }, "region": { "startLine": 112, "startColumn": 60 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 109, "level": "note", "message": { "text": "A hidden form field is used in [ViewProfile.jsp](1) at line [139](1).\r\nA hidden form field is used." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 27 }, "region": { "startLine": 139, "snippet": { "text": "\t\t\t\t\t\t\t\" value=\"<%=employee.getId()%>\">" } }, "contextRegion": { "startLine": 136, "endLine": 142, "snippet": { "text": "\t\t\t\t\t{\n\t\t\t\t\t%>\n\t\t\t\t\t\t
\">\n\t\t\t\t\t\t\t\" value=\"<%=employee.getId()%>\">\n\t\t\t\t\t\t\t\"/>\n\t\t\t\t\t\t
\n\t\t\t\t\t<%\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 27 }, "region": { "startLine": 139, "snippet": { "text": "\t\t\t\t\t\t\t\" value=\"<%=employee.getId()%>\">" } }, "contextRegion": { "startLine": 136, "endLine": 142, "snippet": { "text": "\t\t\t\t\t{\n\t\t\t\t\t%>\n\t\t\t\t\t\t
\">\n\t\t\t\t\t\t\t\" value=\"<%=employee.getId()%>\">\n\t\t\t\t\t\t\t\"/>\n\t\t\t\t\t\t
\n\t\t\t\t\t<%\n" } } } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 27 }, "region": { "startLine": 139, "startColumn": 8 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 24, "level": "error", "message": { "text": "The method concept1() in [BackDoors.java](1) sends unvalidated data to a web browser on line [128](1), which can result in the browser executing malicious code.\r\nSending unvalidated data to a web browser can result in the browser executing malicious code." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 110 }, "region": { "startLine": 128, "snippet": { "text": "\t\t tr.addElement(new TD(rs.getString(\"salary\")));" } }, "contextRegion": { "startLine": 125, "endLine": 131, "snippet": { "text": "\t\t tr.addElement(new TD(rs.getString(\"userid\")));\n\t\t tr.addElement(new TD(rs.getString(\"password\")));\n\t\t tr.addElement(new TD(rs.getString(\"ssn\")));\n\t\t tr.addElement(new TD(rs.getString(\"salary\")));\n\t\t t.addElement(tr);\n\t\t ec.addElement(t);\n\t\t}\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 438 }, { "index": 439 }, { "index": 440 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 110 }, "region": { "startLine": 128, "snippet": { "text": "\t\t tr.addElement(new TD(rs.getString(\"salary\")));" } }, "contextRegion": { "startLine": 125, "endLine": 131, "snippet": { "text": "\t\t tr.addElement(new TD(rs.getString(\"userid\")));\n\t\t tr.addElement(new TD(rs.getString(\"password\")));\n\t\t tr.addElement(new TD(rs.getString(\"ssn\")));\n\t\t tr.addElement(new TD(rs.getString(\"salary\")));\n\t\t t.addElement(tr);\n\t\t ec.addElement(t);\n\t\t}\n" } } }, "message": { "text": "TD(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 110 }, "region": { "startLine": 128, "startColumn": 31 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 34, "message": { "text": "The program calls the method getDoubleParameter() that parses doubles in [ParameterParser.java](1) on line [280](1) and can cause the thread to hang.\r\nThe program calls a method that parses doubles and can cause the thread to hang." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 280, "snippet": { "text": "\treturn new Double(getStringParameter(name)).doubleValue();" } }, "contextRegion": { "startLine": 277, "endLine": 283, "snippet": { "text": " public double getDoubleParameter(String name)\n\t throws ParameterNotFoundException, NumberFormatException\n {\n\treturn new Double(getStringParameter(name)).doubleValue();\n }\n\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 67 }, { "index": 68 }, { "index": 69 }, { "index": 70 }, { "index": 76 }, { "index": 77 }, { "index": 441 }, { "index": 442 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 280, "snippet": { "text": "\treturn new Double(getStringParameter(name)).doubleValue();" } }, "contextRegion": { "startLine": 277, "endLine": 283, "snippet": { "text": " public double getDoubleParameter(String name)\n\t throws ParameterNotFoundException, NumberFormatException\n {\n\treturn new Double(getStringParameter(name)).doubleValue();\n }\n\n\n" } } }, "message": { "text": "doubleValue(this)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 280, "startColumn": 9 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function makeCurrent() in [StoredXss.java](1) might reveal system data or debugging information by calling printStackTrace() on line [274](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 60 }, "region": { "startLine": 274, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 271, "endLine": 277, "snippet": { "text": "\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\n\t e.printStackTrace();\n\t}\n\n\treturn (ec);\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 60 }, "region": { "startLine": 274, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 271, "endLine": 277, "snippet": { "text": "\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\n\t e.printStackTrace();\n\t}\n\n\treturn (ec);\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 60 }, "region": { "startLine": 274 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 142, "message": { "text": "The call to equals() on line [100](1) causes portability problems because it has different locales which may lead to unexpected output. This may also circumvent custom validation routines.\r\nUnexpected portability problems can be found when the locale is not specified." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 100, "snippet": { "text": "\t\t\t.equals(\"ipconfig\")))" } }, "contextRegion": { "startLine": 97, "endLine": 103, "snippet": { "text": "\t\t\t|| helpFile.substring(index, helpFileLen).trim()\n\t\t\t\t.toLowerCase().equals(\"ifconfig\") || helpFile\n\t\t\t.substring(index, helpFileLen).trim().toLowerCase()\n\t\t\t.equals(\"ipconfig\")))\n\t\t\t|| (helpFile.substring(index, helpFileLen).trim()\n\t\t\t\t.toLowerCase().equals(\"netstat -a #\")\n\t\t\t\t|| helpFile.substring(index, helpFileLen)\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 77, "snippet": { "text": "\t if (s.isDefuseOSCommands()" } }, "contextRegion": { "startLine": 74, "endLine": 80, "snippet": { "text": "\t String helpFile = s.getParser().getRawParameter(HELP_FILE,\n\t\t \"BasicAuthentication.help\");\n\t String safeDirName;\n\t if (s.isDefuseOSCommands()\n\t\t && (helpFile.indexOf('&') != -1 || helpFile.indexOf(';') != -1))\n\t {\n\t\tint index = helpFile.indexOf('&');\n" } } }, "message": { "text": "Branch taken" } }, "kinds": [ "branch", "true" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 78, "snippet": { "text": "\t\t && (helpFile.indexOf('&') != -1 || helpFile.indexOf(';') != -1))" } }, "contextRegion": { "startLine": 75, "endLine": 81, "snippet": { "text": "\t\t \"BasicAuthentication.help\");\n\t String safeDirName;\n\t if (s.isDefuseOSCommands()\n\t\t && (helpFile.indexOf('&') != -1 || helpFile.indexOf(';') != -1))\n\t {\n\t\tint index = helpFile.indexOf('&');\n\t\tif (index == -1)\n" } } }, "message": { "text": "Branch taken" } }, "kinds": [ "branch", "true" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 90, "snippet": { "text": "\t\tif ((osName.indexOf(\"Windows\") != -1 && (helpFile.substring(" } }, "contextRegion": { "startLine": 87, "endLine": 93, "snippet": { "text": "\t\tSystem.out.println(\"Command = [\"\n\t\t\t+ helpFile.substring(index, helpFileLen).trim()\n\t\t\t\t.toLowerCase() + \"]\");\n\t\tif ((osName.indexOf(\"Windows\") != -1 && (helpFile.substring(\n\t\t\tindex, helpFileLen).trim().toLowerCase().equals(\n\t\t\t\"netstat -a\")\n\t\t\t|| helpFile.substring(index, helpFileLen).trim()\n" } } }, "message": { "text": "Branch taken" } }, "kinds": [ "branch", "true" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 91, "snippet": { "text": "\t\t\tindex, helpFileLen).trim().toLowerCase().equals(" } }, "contextRegion": { "startLine": 88, "endLine": 94, "snippet": { "text": "\t\t\t+ helpFile.substring(index, helpFileLen).trim()\n\t\t\t\t.toLowerCase() + \"]\");\n\t\tif ((osName.indexOf(\"Windows\") != -1 && (helpFile.substring(\n\t\t\tindex, helpFileLen).trim().toLowerCase().equals(\n\t\t\t\"netstat -a\")\n\t\t\t|| helpFile.substring(index, helpFileLen).trim()\n\t\t\t\t.toLowerCase().equals(\"dir\")\n" } } }, "message": { "text": "Branch not taken" } }, "kinds": [ "branch", "false" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 94, "snippet": { "text": "\t\t\t\t.toLowerCase().equals(\"dir\")" } }, "contextRegion": { "startLine": 91, "endLine": 97, "snippet": { "text": "\t\t\tindex, helpFileLen).trim().toLowerCase().equals(\n\t\t\t\"netstat -a\")\n\t\t\t|| helpFile.substring(index, helpFileLen).trim()\n\t\t\t\t.toLowerCase().equals(\"dir\")\n\t\t\t|| helpFile.substring(index, helpFileLen).trim()\n\t\t\t\t.toLowerCase().equals(\"ls\")\n\t\t\t|| helpFile.substring(index, helpFileLen).trim()\n" } } }, "message": { "text": "Branch not taken" } }, "kinds": [ "branch", "false" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 96, "snippet": { "text": "\t\t\t\t.toLowerCase().equals(\"ls\")" } }, "contextRegion": { "startLine": 93, "endLine": 99, "snippet": { "text": "\t\t\t|| helpFile.substring(index, helpFileLen).trim()\n\t\t\t\t.toLowerCase().equals(\"dir\")\n\t\t\t|| helpFile.substring(index, helpFileLen).trim()\n\t\t\t\t.toLowerCase().equals(\"ls\")\n\t\t\t|| helpFile.substring(index, helpFileLen).trim()\n\t\t\t\t.toLowerCase().equals(\"ifconfig\") || helpFile\n\t\t\t.substring(index, helpFileLen).trim().toLowerCase()\n" } } }, "message": { "text": "Branch not taken" } }, "kinds": [ "branch", "false" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 98, "snippet": { "text": "\t\t\t\t.toLowerCase().equals(\"ifconfig\") || helpFile" } }, "contextRegion": { "startLine": 95, "endLine": 101, "snippet": { "text": "\t\t\t|| helpFile.substring(index, helpFileLen).trim()\n\t\t\t\t.toLowerCase().equals(\"ls\")\n\t\t\t|| helpFile.substring(index, helpFileLen).trim()\n\t\t\t\t.toLowerCase().equals(\"ifconfig\") || helpFile\n\t\t\t.substring(index, helpFileLen).trim().toLowerCase()\n\t\t\t.equals(\"ipconfig\")))\n\t\t\t|| (helpFile.substring(index, helpFileLen).trim()\n" } } }, "message": { "text": "Branch not taken" } }, "kinds": [ "branch", "false" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 99, "snippet": { "text": "\t\t\t.substring(index, helpFileLen).trim().toLowerCase()" } }, "contextRegion": { "startLine": 96, "endLine": 102, "snippet": { "text": "\t\t\t\t.toLowerCase().equals(\"ls\")\n\t\t\t|| helpFile.substring(index, helpFileLen).trim()\n\t\t\t\t.toLowerCase().equals(\"ifconfig\") || helpFile\n\t\t\t.substring(index, helpFileLen).trim().toLowerCase()\n\t\t\t.equals(\"ipconfig\")))\n\t\t\t|| (helpFile.substring(index, helpFileLen).trim()\n\t\t\t\t.toLowerCase().equals(\"netstat -a #\")\n" } } }, "message": { "text": "toLowerCase() : Case changed using default locale" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 100, "snippet": { "text": "\t\t\t.equals(\"ipconfig\")))" } }, "contextRegion": { "startLine": 97, "endLine": 103, "snippet": { "text": "\t\t\t|| helpFile.substring(index, helpFileLen).trim()\n\t\t\t\t.toLowerCase().equals(\"ifconfig\") || helpFile\n\t\t\t.substring(index, helpFileLen).trim().toLowerCase()\n\t\t\t.equals(\"ipconfig\")))\n\t\t\t|| (helpFile.substring(index, helpFileLen).trim()\n\t\t\t\t.toLowerCase().equals(\"netstat -a #\")\n\t\t\t\t|| helpFile.substring(index, helpFileLen)\n" } } }, "message": { "text": "helpFile.substring(index, helpFileLen).trim().toLowerCase().equals(...) : Comparison without checking locale" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 100 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function getEmployeeProfile_BACKUP() in [ViewProfile.java](1) might reveal system data or debugging information by calling printStackTrace() on line [206](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 53 }, "region": { "startLine": 206, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 203, "endLine": 209, "snippet": { "text": "\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error getting employee profile\");\n\t e.printStackTrace();\n\t}\n\n\treturn profile;\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 53 }, "region": { "startLine": 206, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 203, "endLine": 209, "snippet": { "text": "\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error getting employee profile\");\n\t e.printStackTrace();\n\t}\n\n\treturn profile;\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 53 }, "region": { "startLine": 206 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 54, "message": { "text": "Hardcoded passwords may compromise system security in a way that cannot be easily remedied." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 132 }, "region": { "startLine": 133, "snippet": { "text": "\t if (username.equals(\"webgoat\") && password.equals(\"webgoat\"))" } }, "contextRegion": { "startLine": 130, "endLine": 136, "snippet": { "text": "\t{\n\t String loginID = \"\";\n\n\t if (username.equals(\"webgoat\") && password.equals(\"webgoat\"))\n\t {\n\t\tloginID = encode(\"webgoat12345\");\n\t }\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 132 }, "region": { "startLine": 133, "snippet": { "text": "\t if (username.equals(\"webgoat\") && password.equals(\"webgoat\"))" } }, "contextRegion": { "startLine": 130, "endLine": 136, "snippet": { "text": "\t{\n\t String loginID = \"\";\n\n\t if (username.equals(\"webgoat\") && password.equals(\"webgoat\"))\n\t {\n\t\tloginID = encode(\"webgoat12345\");\n\t }\n" } } }, "message": { "text": "FunctionCall: equals" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 132 }, "region": { "startLine": 133 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 54, "message": { "text": "Hardcoded passwords may compromise system security in a way that cannot be easily remedied." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 132 }, "region": { "startLine": 137, "snippet": { "text": "\t else if (username.equals(\"aspect\") && password.equals(\"aspect\"))" } }, "contextRegion": { "startLine": 134, "endLine": 140, "snippet": { "text": "\t {\n\t\tloginID = encode(\"webgoat12345\");\n\t }\n\t else if (username.equals(\"aspect\") && password.equals(\"aspect\"))\n\t {\n\t\tloginID = encode(\"aspect12345\");\n\t }\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 132 }, "region": { "startLine": 137, "snippet": { "text": "\t else if (username.equals(\"aspect\") && password.equals(\"aspect\"))" } }, "contextRegion": { "startLine": 134, "endLine": 140, "snippet": { "text": "\t {\n\t\tloginID = encode(\"webgoat12345\");\n\t }\n\t else if (username.equals(\"aspect\") && password.equals(\"aspect\"))\n\t {\n\t\tloginID = encode(\"aspect12345\");\n\t }\n" } } }, "message": { "text": "FunctionCall: equals" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 132 }, "region": { "startLine": 137 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 64, "message": { "text": "Hardcoded passwords may compromise system security in a way that cannot be easily remedied." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 5 }, "region": { "startLine": 79, "snippet": { "text": " private final static String PASSWORD = \"Password\";" } }, "contextRegion": { "startLine": 76, "endLine": 82, "snippet": { "text": "\n private final static String USERNAME = \"Username\";\n\n private final static String PASSWORD = \"Password\";\n\n private final static IMG MAC_LOGO = new IMG(\"images/logos/macadamian.gif\").setAlt(\n \"Macadamian Technologies\").setBorder(0).setHspace(0).setVspace(0);\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 5 }, "region": { "startLine": 79, "snippet": { "text": " private final static String PASSWORD = \"Password\";" } }, "contextRegion": { "startLine": 76, "endLine": 82, "snippet": { "text": "\n private final static String USERNAME = \"Username\";\n\n private final static String PASSWORD = \"Password\";\n\n private final static IMG MAC_LOGO = new IMG(\"images/logos/macadamian.gif\").setAlt(\n \"Macadamian Technologies\").setBorder(0).setHspace(0).setVspace(0);\n" } } }, "message": { "text": "FieldAccess: PASSWORD" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 5 }, "region": { "startLine": 79, "snippet": { "text": " private final static String PASSWORD = \"Password\";" } }, "contextRegion": { "startLine": 76, "endLine": 82, "snippet": { "text": "\n private final static String USERNAME = \"Username\";\n\n private final static String PASSWORD = \"Password\";\n\n private final static IMG MAC_LOGO = new IMG(\"images/logos/macadamian.gif\").setAlt(\n \"Macadamian Technologies\").setBorder(0).setHspace(0).setVspace(0);\n" } } }, "message": { "text": "Field: PASSWORD" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 5 }, "region": { "startLine": 79 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 77, "level": "note", "message": { "text": "The method updateLessonStatus() in [Login.java](1) ignores an exception on line [297](1), which could cause the program to overlook unexpected states and conditions.\r\nIgnoring an exception can cause the program to overlook unexpected states and conditions." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 88 }, "region": { "startLine": 297, "endLine": 298, "snippet": { "text": "\tcatch (ParameterNotFoundException pnfe)\r\n\t{}" } }, "contextRegion": { "startLine": 294, "endLine": 301, "snippet": { "text": "\t\t break;\n\t }\n\t}\n\tcatch (ParameterNotFoundException pnfe)\n\t{}\n }\n\n}\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 88 }, "region": { "startLine": 297, "endLine": 298, "snippet": { "text": "\tcatch (ParameterNotFoundException pnfe)\r\n\t{}" } }, "contextRegion": { "startLine": 294, "endLine": 301, "snippet": { "text": "\t\t break;\n\t }\n\t}\n\tcatch (ParameterNotFoundException pnfe)\n\t{}\n }\n\n}\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 88 }, "region": { "startLine": 297, "startColumn": 2, "endLine": 298 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 62, "level": "error", "message": { "text": "The method makeLogin() in [WeakSessionID.java](1) sends unvalidated data to a web browser on line [262](1), which can result in the browser executing malicious code.\r\nSending unvalidated data to a web browser can result in the browser executing malicious code." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 128 }, "region": { "startLine": 262, "snippet": { "text": "\tInput input3 = new Input(Input.HIDDEN, SESSIONID, weakid);" } }, "contextRegion": { "startLine": 259, "endLine": 265, "snippet": { "text": "\n\tInput input1 = new Input(Input.TEXT, USERNAME, \"\");\n\tInput input2 = new Input(Input.PASSWORD, PASSWORD, \"\");\n\tInput input3 = new Input(Input.HIDDEN, SESSIONID, weakid);\n\trow1.addElement(new TD(input1));\n\trow2.addElement(new TD(input2));\n\tt.addElement(row1);\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 340 }, { "index": 341 }, { "index": 342 }, { "index": 343 }, { "index": 443 }, { "index": 444 }, { "index": 445 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 128 }, "region": { "startLine": 262, "snippet": { "text": "\tInput input3 = new Input(Input.HIDDEN, SESSIONID, weakid);" } }, "contextRegion": { "startLine": 259, "endLine": 265, "snippet": { "text": "\n\tInput input1 = new Input(Input.TEXT, USERNAME, \"\");\n\tInput input2 = new Input(Input.PASSWORD, PASSWORD, \"\");\n\tInput input3 = new Input(Input.HIDDEN, SESSIONID, weakid);\n\trow1.addElement(new TD(input1));\n\trow2.addElement(new TD(input2));\n\tt.addElement(row1);\n" } } }, "message": { "text": "Input(2)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 128 }, "region": { "startLine": 262, "startColumn": 52 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 70, "message": { "text": "The call to String() on line [911](1) of [Encoding.java](1) converts a byte array into a `String`, which may lead to data loss.\r\nConverting a byte array into a `String` may lead to data loss." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 911, "snippet": { "text": "\t\t\treturn ( new String( bbuf.array() ) );" } }, "contextRegion": { "startLine": 908, "endLine": 914, "snippet": { "text": "\t\t\tCharset charset = Charset.forName( \"ISO-8859-1\" );\n\t\t\tCharsetEncoder encoder = charset.newEncoder();\n\t\t\tByteBuffer bbuf = encoder.encode( CharBuffer.wrap( str ) );\n\t\t\treturn ( new String( bbuf.array() ) );\n\t\t}\n\t\tcatch ( Exception e )\n\t\t{\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 911, "snippet": { "text": "\t\t\treturn ( new String( bbuf.array() ) );" } }, "contextRegion": { "startLine": 908, "endLine": 914, "snippet": { "text": "\t\t\tCharset charset = Charset.forName( \"ISO-8859-1\" );\n\t\t\tCharsetEncoder encoder = charset.newEncoder();\n\t\t\tByteBuffer bbuf = encoder.encode( CharBuffer.wrap( str ) );\n\t\t\treturn ( new String( bbuf.array() ) );\n\t\t}\n\t\tcatch ( Exception e )\n\t\t{\n" } } }, "message": { "text": "String()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 911 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 17, "message": { "text": "The catch block at [WeakAuthenticationCookie.java](1) line [194](1) handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program.\r\nThe catch block handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 132 }, "region": { "startLine": 194, "endLine": 198, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\r\n\t e.printStackTrace();\r\n\t}" } }, "contextRegion": { "startLine": 191, "endLine": 201, "snippet": { "text": "\t\treturn (makeUser(s, user, \"PARAMETERS\"));\n\t }\n\t}\n\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\n\t e.printStackTrace();\n\t}\n\n\treturn (makeLogin(s));\n }\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 132 }, "region": { "startLine": 194, "endLine": 198, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\r\n\t e.printStackTrace();\r\n\t}" } }, "contextRegion": { "startLine": 191, "endLine": 201, "snippet": { "text": "\t\treturn (makeUser(s, user, \"PARAMETERS\"));\n\t }\n\t}\n\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\n\t e.printStackTrace();\n\t}\n\n\treturn (makeLogin(s));\n }\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 132 }, "region": { "startLine": 194, "startColumn": 2, "endLine": 198 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 47, "level": "note", "message": { "text": "The method concept2() in [BackDoors.java](1) throws a generic exception making it harder for callers to do a good job of error handling and recovery.\r\nThe method throws a generic exception making it harder for callers to do a good job of error handling and recovery." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 110 }, "region": { "startLine": 142, "snippet": { "text": " protected Element concept2(WebSession s) throws Exception" } }, "contextRegion": { "startLine": 139, "endLine": 145, "snippet": { "text": " }\n\n\n protected Element concept2(WebSession s) throws Exception\n {\n\tElementContainer ec = new ElementContainer();\n\tec.addElement(makeUsername(s));\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 110 }, "region": { "startLine": 142, "snippet": { "text": " protected Element concept2(WebSession s) throws Exception" } }, "contextRegion": { "startLine": 139, "endLine": 145, "snippet": { "text": " }\n\n\n protected Element concept2(WebSession s) throws Exception\n {\n\tElementContainer ec = new ElementContainer();\n\tec.addElement(makeUsername(s));\n" } } }, "message": { "text": "Function: concept2" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 110 }, "region": { "startLine": 142 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 137, "message": { "text": "Non-final public static fields can be changed by external classes." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 83 }, "region": { "startLine": 82, "snippet": { "text": " public static Connection connection = null;" } }, "contextRegion": { "startLine": 79, "endLine": 85, "snippet": { "text": "\n static boolean beenRestartedYet = false;\n\n public static Connection connection = null;\n\n public final static String firstName = \"getFirstName\";\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 83 }, "region": { "startLine": 82, "snippet": { "text": " public static Connection connection = null;" } }, "contextRegion": { "startLine": 79, "endLine": 85, "snippet": { "text": "\n static boolean beenRestartedYet = false;\n\n public static Connection connection = null;\n\n public final static String firstName = \"getFirstName\";\n\n" } } }, "message": { "text": "Field: connection" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 83 }, "region": { "startLine": 82 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 17, "message": { "text": "The catch block at [SqlNumericInjection.java](1) line [398](1) handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program.\r\nThe catch block handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 65 }, "region": { "startLine": 398, "endLine": 402, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t System.out.println(\"Exception caught: \" + e);\r\n\t e.printStackTrace(System.out);\r\n\t}" } }, "contextRegion": { "startLine": 395, "endLine": 405, "snippet": { "text": "\t\tconnection = DatabaseUtilities.makeConnection(s);\n\t }\n\t}\n\tcatch (Exception e)\n\t{\n\t System.out.println(\"Exception caught: \" + e);\n\t e.printStackTrace(System.out);\n\t}\n }\n}\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 65 }, "region": { "startLine": 398, "endLine": 402, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t System.out.println(\"Exception caught: \" + e);\r\n\t e.printStackTrace(System.out);\r\n\t}" } }, "contextRegion": { "startLine": 395, "endLine": 405, "snippet": { "text": "\t\tconnection = DatabaseUtilities.makeConnection(s);\n\t }\n\t}\n\tcatch (Exception e)\n\t{\n\t System.out.println(\"Exception caught: \" + e);\n\t e.printStackTrace(System.out);\n\t}\n }\n}\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 65 }, "region": { "startLine": 398, "startColumn": 2, "endLine": 402 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 108, "level": "error", "message": { "text": "The method getStringParameter() in [ParameterParser.java](1) mishandles confidential information, which can compromise user privacy and is often illegal.\r\nMishandling private information, such as customer passwords or social security numbers, can compromise user privacy and is often illegal." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 695, "snippet": { "text": "\t throw new ParameterNotFoundException(name + \" not found\");" } }, "contextRegion": { "startLine": 692, "endLine": 698, "snippet": { "text": "\n\tif (values == null)\n\t{\n\t throw new ParameterNotFoundException(name + \" not found\");\n\t}\n\telse if (values[0].length() == 0)\n\t{\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 162 }, { "index": 163 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 695, "snippet": { "text": "\t throw new ParameterNotFoundException(name + \" not found\");" } }, "contextRegion": { "startLine": 692, "endLine": 698, "snippet": { "text": "\n\tif (values == null)\n\t{\n\t throw new ParameterNotFoundException(name + \" not found\");\n\t}\n\telse if (values[0].length() == 0)\n\t{\n" } } }, "message": { "text": "ParameterNotFoundException(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 695 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 108, "level": "error", "message": { "text": "The method getStringParameter() in [ParameterParser.java](1) mishandles confidential information, which can compromise user privacy and is often illegal.\r\nMishandling private information, such as customer passwords or social security numbers, can compromise user privacy and is often illegal." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 695, "snippet": { "text": "\t throw new ParameterNotFoundException(name + \" not found\");" } }, "contextRegion": { "startLine": 692, "endLine": 698, "snippet": { "text": "\n\tif (values == null)\n\t{\n\t throw new ParameterNotFoundException(name + \" not found\");\n\t}\n\telse if (values[0].length() == 0)\n\t{\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 139 }, { "index": 140 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 695, "snippet": { "text": "\t throw new ParameterNotFoundException(name + \" not found\");" } }, "contextRegion": { "startLine": 692, "endLine": 698, "snippet": { "text": "\n\tif (values == null)\n\t{\n\t throw new ParameterNotFoundException(name + \" not found\");\n\t}\n\telse if (values[0].length() == 0)\n\t{\n" } } }, "message": { "text": "ParameterNotFoundException(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 695 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 62, "level": "error", "message": { "text": "The method createContent() in [JavaScriptValidation.java](1) sends unvalidated data to a web browser on line [157](1), which can result in the browser executing malicious code.\r\nSending unvalidated data to a web browser can result in the browser executing malicious code." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 8 }, "region": { "startLine": 157, "snippet": { "text": "\t TextArea input7 = new TextArea(\"field7\", 1, 25).addElement(param7);" } }, "contextRegion": { "startLine": 154, "endLine": 160, "snippet": { "text": "\t TextArea input4 = new TextArea(\"field4\", 1, 25).addElement(param4);\n\t TextArea input5 = new TextArea(\"field5\", 1, 25).addElement(param5);\n\t TextArea input6 = new TextArea(\"field6\", 1, 25).addElement(param6);\n\t TextArea input7 = new TextArea(\"field7\", 1, 25).addElement(param7);\n\n\t Input b = new Input();\n\t b.setType(Input.BUTTON);\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 0 }, { "index": 2 }, { "index": 3 }, { "index": 7 }, { "index": 10 }, { "index": 446 }, { "index": 447 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 8 }, "region": { "startLine": 157, "snippet": { "text": "\t TextArea input7 = new TextArea(\"field7\", 1, 25).addElement(param7);" } }, "contextRegion": { "startLine": 154, "endLine": 160, "snippet": { "text": "\t TextArea input4 = new TextArea(\"field4\", 1, 25).addElement(param4);\n\t TextArea input5 = new TextArea(\"field5\", 1, 25).addElement(param5);\n\t TextArea input6 = new TextArea(\"field6\", 1, 25).addElement(param6);\n\t TextArea input7 = new TextArea(\"field7\", 1, 25).addElement(param7);\n\n\t Input b = new Input();\n\t b.setType(Input.BUTTON);\n" } } }, "message": { "text": "addElement(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 8 }, "region": { "startLine": 157, "startColumn": 65 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 66, "message": { "text": "The method log() in [HammerHead.java](1) writes unvalidated user input to the log on line [306](1). An attacker could take advantage of this behavior to forge log entries or inject malicious content into the log.\r\nWriting unvalidated user input to log files can allow an attacker to forge log entries or inject malicious content into the logs." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 306, "snippet": { "text": "\tlog(output);" } }, "contextRegion": { "startLine": 303, "endLine": 309, "snippet": { "text": " {\n\tString output = new Date() + \" | \" + request.getRemoteHost() + \":\"\n\t\t+ request.getRemoteAddr() + \" | \" + message;\n\tlog(output);\n\tSystem.out.println(output);\n }\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 285 }, { "index": 286 }, { "index": 448 }, { "index": 449 }, { "index": 450 }, { "index": 451 }, { "index": 452 }, { "index": 453 }, { "index": 426 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 306, "snippet": { "text": "\tlog(output);" } }, "contextRegion": { "startLine": 303, "endLine": 309, "snippet": { "text": " {\n\tString output = new Date() + \" | \" + request.getRemoteHost() + \":\"\n\t\t+ request.getRemoteAddr() + \" | \" + message;\n\tlog(output);\n\tSystem.out.println(output);\n }\n\n" } } }, "message": { "text": "log(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 306, "startColumn": 6 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 54, "message": { "text": "Hardcoded passwords may compromise system security in a way that cannot be easily remedied." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 136 }, "region": { "startLine": 83, "snippet": { "text": "\treturn (username.equals(\"admin\") && password.equals(\"adminpw\"));" } }, "contextRegion": { "startLine": 80, "endLine": 86, "snippet": { "text": "\tString password = s.getParser().getRawParameter(PASSWORD, \"\");\n\n\t//\n\treturn (username.equals(\"admin\") && password.equals(\"adminpw\"));\n\t//\n }\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 136 }, "region": { "startLine": 83, "snippet": { "text": "\treturn (username.equals(\"admin\") && password.equals(\"adminpw\"));" } }, "contextRegion": { "startLine": 80, "endLine": 86, "snippet": { "text": "\tString password = s.getParser().getRawParameter(PASSWORD, \"\");\n\n\t//\n\treturn (username.equals(\"admin\") && password.equals(\"adminpw\"));\n\t//\n }\n\n" } } }, "message": { "text": "FunctionCall: equals" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 136 }, "region": { "startLine": 83 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 41, "message": { "text": "The iteration count used by a password-based key derivation function is too low." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 531, "snippet": { "text": "\t\t\tPBEParameterSpec ps = new javax.crypto.spec.PBEParameterSpec( salt, 20 );" } }, "contextRegion": { "startLine": 528, "endLine": 534, "snippet": { "text": "\t\ttry\n\t\t{\n\n\t\t\tPBEParameterSpec ps = new javax.crypto.spec.PBEParameterSpec( salt, 20 );\n\n\t\t\tSecretKeyFactory kf = SecretKeyFactory.getInstance( \"PBEWithMD5AndDES\" );\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 531, "snippet": { "text": "\t\t\tPBEParameterSpec ps = new javax.crypto.spec.PBEParameterSpec( salt, 20 );" } }, "contextRegion": { "startLine": 528, "endLine": 534, "snippet": { "text": "\t\ttry\n\t\t{\n\n\t\t\tPBEParameterSpec ps = new javax.crypto.spec.PBEParameterSpec( salt, 20 );\n\n\t\t\tSecretKeyFactory kf = SecretKeyFactory.getInstance( \"PBEWithMD5AndDES\" );\n\n" } } }, "message": { "text": "PBEParameterSpec()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 531 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function isAuthorizedForEmployee() in [DefaultLessonAction.java](1) might reveal system data or debugging information by calling printStackTrace() on line [320](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 106 }, "region": { "startLine": 320, "snippet": { "text": "\t\t\t\tsqle.printStackTrace();" } }, "contextRegion": { "startLine": 317, "endLine": 323, "snippet": { "text": "\t\t\tcatch ( SQLException sqle )\n\t\t\t{\n\t\t\t\ts.setMessage( \"Error authorizing\" );\n\t\t\t\tsqle.printStackTrace();\n\t\t\t}\n\t\t}\n\t\tcatch ( Exception e )\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 106 }, "region": { "startLine": 320, "snippet": { "text": "\t\t\t\tsqle.printStackTrace();" } }, "contextRegion": { "startLine": 317, "endLine": 323, "snippet": { "text": "\t\t\tcatch ( SQLException sqle )\n\t\t\t{\n\t\t\t\ts.setMessage( \"Error authorizing\" );\n\t\t\t\tsqle.printStackTrace();\n\t\t\t}\n\t\t}\n\t\tcatch ( Exception e )\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 106 }, "region": { "startLine": 320 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 33, "level": "note", "message": { "text": "Using println() rather than a dedicated logging facility makes it difficult to monitor the behavior of the program.\r\nUsing `System.out` or `System.err` rather than a dedicated logging facility makes it difficult to monitor the behavior of the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 46 }, "region": { "startLine": 283, "snippet": { "text": "\t\tSystem.out.println(\"Context Path: \" + DatabaseUtilities.servletContextRealPath);" } }, "contextRegion": { "startLine": 280, "endLine": 286, "snippet": { "text": "\n\t\t// FIXME: hack to save context for web service calls\n\t\tDatabaseUtilities.servletContextRealPath = context.getRealPath(\"/\");\n\t\tSystem.out.println(\"Context Path: \" + DatabaseUtilities.servletContextRealPath);\n\t\t// FIXME: need to solve concurrency problem here -- make tables for this user\n\t\tif ( !databaseBuilt )\n\t\t{\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 46 }, "region": { "startLine": 283, "snippet": { "text": "\t\tSystem.out.println(\"Context Path: \" + DatabaseUtilities.servletContextRealPath);" } }, "contextRegion": { "startLine": 280, "endLine": 286, "snippet": { "text": "\n\t\t// FIXME: hack to save context for web service calls\n\t\tDatabaseUtilities.servletContextRealPath = context.getRealPath(\"/\");\n\t\tSystem.out.println(\"Context Path: \" + DatabaseUtilities.servletContextRealPath);\n\t\t// FIXME: need to solve concurrency problem here -- make tables for this user\n\t\tif ( !databaseBuilt )\n\t\t{\n" } } }, "message": { "text": "FunctionCall: println" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 46 }, "region": { "startLine": 283 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function createWeatherDataTable() in [CreateDB.java](1) might reveal system data or debugging information by calling printStackTrace() on line [406](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 40 }, "region": { "startLine": 406, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 403, "endLine": 409, "snippet": { "text": "\tcatch (SQLException e)\n\t{\n\t System.out.println(\"Error creating weather database\");\n\t e.printStackTrace();\n\t}\n\n\t// Populate it\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 40 }, "region": { "startLine": 406, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 403, "endLine": 409, "snippet": { "text": "\tcatch (SQLException e)\n\t{\n\t System.out.println(\"Error creating weather database\");\n\t e.printStackTrace();\n\t}\n\n\t// Populate it\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 40 }, "region": { "startLine": 406 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function createEmployeeProfile() in [UpdateProfile.java](1) might reveal system data or debugging information by calling printStackTrace() on line [351](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 351, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 348, "endLine": 354, "snippet": { "text": "\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error updating employee profile\");\n\t e.printStackTrace();\n\t}\n }\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 351, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 348, "endLine": 354, "snippet": { "text": "\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error updating employee profile\");\n\t e.printStackTrace();\n\t}\n }\n\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 351 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 102, "level": "error", "message": { "text": "On line [340](1) of [UpdateProfile.java](1), the method createEmployeeProfile() invokes a SQL query built using input coming from an untrusted source. This call could allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands.\r\nConstructing a dynamic SQL statement with input coming from an untrusted source could allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 340, "snippet": { "text": "\t\tstatement.executeUpdate(query);" } }, "contextRegion": { "startLine": 337, "endLine": 343, "snippet": { "text": "\t {\n\t\tStatement statement = WebSession.getConnection(s)\n\t\t\t.createStatement();\n\t\tstatement.executeUpdate(query);\n\t }\n\t catch (SQLException sqle)\n\t {\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 454 }, { "index": 455 }, { "index": 456 }, { "index": 90 }, { "index": 91 }, { "index": 458 }, { "index": 93 }, { "index": 459 }, { "index": 460 }, { "index": 97 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 340, "snippet": { "text": "\t\tstatement.executeUpdate(query);" } }, "contextRegion": { "startLine": 337, "endLine": 343, "snippet": { "text": "\t {\n\t\tStatement statement = WebSession.getConnection(s)\n\t\t\t.createStatement();\n\t\tstatement.executeUpdate(query);\n\t }\n\t catch (SQLException sqle)\n\t {\n" } } }, "message": { "text": "executeUpdate(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 340, "startColumn": 27 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 64, "message": { "text": "Hardcoded passwords may compromise system security in a way that cannot be easily remedied." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 18 }, "region": { "startLine": 69, "snippet": { "text": " private final static String PASSWORD = \"password\";" } }, "contextRegion": { "startLine": 66, "endLine": 72, "snippet": { "text": "public class WsSAXInjection extends LessonAdapter\n{\n\n private final static String PASSWORD = \"password\";\n\n private String password;\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 18 }, "region": { "startLine": 69, "snippet": { "text": " private final static String PASSWORD = \"password\";" } }, "contextRegion": { "startLine": 66, "endLine": 72, "snippet": { "text": "public class WsSAXInjection extends LessonAdapter\n{\n\n private final static String PASSWORD = \"password\";\n\n private String password;\n\n" } } }, "message": { "text": "FieldAccess: PASSWORD" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 18 }, "region": { "startLine": 69, "snippet": { "text": " private final static String PASSWORD = \"password\";" } }, "contextRegion": { "startLine": 66, "endLine": 72, "snippet": { "text": "public class WsSAXInjection extends LessonAdapter\n{\n\n private final static String PASSWORD = \"password\";\n\n private String password;\n\n" } } }, "message": { "text": "Field: PASSWORD" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 18 }, "region": { "startLine": 69 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 66, "message": { "text": "The method log() in [HammerHead.java](1) writes unvalidated user input to the log on line [306](1). An attacker could take advantage of this behavior to forge log entries or inject malicious content into the log.\r\nWriting unvalidated user input to log files can allow an attacker to forge log entries or inject malicious content into the logs." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 306, "snippet": { "text": "\tlog(output);" } }, "contextRegion": { "startLine": 303, "endLine": 309, "snippet": { "text": " {\n\tString output = new Date() + \" | \" + request.getRemoteHost() + \":\"\n\t\t+ request.getRemoteAddr() + \" | \" + message;\n\tlog(output);\n\tSystem.out.println(output);\n }\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 257 }, { "index": 258 }, { "index": 461 }, { "index": 462 }, { "index": 463 }, { "index": 464 }, { "index": 465 }, { "index": 449 }, { "index": 450 }, { "index": 451 }, { "index": 452 }, { "index": 453 }, { "index": 426 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 306, "snippet": { "text": "\tlog(output);" } }, "contextRegion": { "startLine": 303, "endLine": 309, "snippet": { "text": " {\n\tString output = new Date() + \" | \" + request.getRemoteHost() + \":\"\n\t\t+ request.getRemoteAddr() + \" | \" + message;\n\tlog(output);\n\tSystem.out.println(output);\n }\n\n" } } }, "message": { "text": "log(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 306, "startColumn": 6 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 17, "message": { "text": "The catch block at [DeleteProfile.java](1) line [123](1) handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program.\r\nThe catch block handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 73 }, "region": { "startLine": 123, "endLine": 127, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t s.setMessage(\"Error deleting employee profile\");\r\n\t e.printStackTrace();\r\n\t}" } }, "contextRegion": { "startLine": 120, "endLine": 130, "snippet": { "text": "\t\tsqle.printStackTrace();\n\t }\n\t}\n\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error deleting employee profile\");\n\t e.printStackTrace();\n\t}\n }\n\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 73 }, "region": { "startLine": 123, "endLine": 127, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t s.setMessage(\"Error deleting employee profile\");\r\n\t e.printStackTrace();\r\n\t}" } }, "contextRegion": { "startLine": 120, "endLine": 130, "snippet": { "text": "\t\tsqle.printStackTrace();\n\t }\n\t}\n\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error deleting employee profile\");\n\t e.printStackTrace();\n\t}\n }\n\n\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 73 }, "region": { "startLine": 123, "startColumn": 2, "endLine": 127 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 133, "message": { "text": "The function createContent() in [XPATHInjection.java](1) sometimes fails to release a system resource allocated by FileInputStream() on line 155.\r\nThe program can potentially fail to release a system resource." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 5 }, "region": { "startLine": 155, "snippet": { "text": "\t InputSource inputSource = new InputSource(new FileInputStream(d));" } }, "contextRegion": { "startLine": 152, "endLine": 158, "snippet": { "text": "\t File d = new File(dir);\n\t XPathFactory factory = XPathFactory.newInstance();\n\t XPath xPath = factory.newXPath();\n\t InputSource inputSource = new InputSource(new FileInputStream(d));\n\t String expression = \"/employees/employee[loginID/text()='\"\n\t\t + username + \"' and passwd/text()='\" + password + \"']\";\n\t nodes = (NodeList) xPath.evaluate(expression, inputSource,\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 5 }, "region": { "startLine": 135, "snippet": { "text": "\t if (username == null || username.length() == 0)" } }, "contextRegion": { "startLine": 132, "endLine": 138, "snippet": { "text": "\t ec.addElement(t1);\n\n\t String username = s.getParser().getRawParameter(USERNAME, \"\");\n\t if (username == null || username.length() == 0)\n\t {\n\t\tec.addElement(new P().addElement(new StringElement(\n\t\t\t\"Username is a required field\")));\n" } } }, "message": { "text": "Branch not taken" } }, "kinds": [ "branch", "false" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 5 }, "region": { "startLine": 135, "snippet": { "text": "\t if (username == null || username.length() == 0)" } }, "contextRegion": { "startLine": 132, "endLine": 138, "snippet": { "text": "\t ec.addElement(t1);\n\n\t String username = s.getParser().getRawParameter(USERNAME, \"\");\n\t if (username == null || username.length() == 0)\n\t {\n\t\tec.addElement(new P().addElement(new StringElement(\n\t\t\t\"Username is a required field\")));\n" } } }, "message": { "text": "Branch not taken" } }, "kinds": [ "branch", "false" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 5 }, "region": { "startLine": 143, "snippet": { "text": "\t if (password == null || password.length() == 0)" } }, "contextRegion": { "startLine": 140, "endLine": 146, "snippet": { "text": "\t }\n\n\t String password = s.getParser().getRawParameter(PASSWORD, \"\");\n\t if (password == null || password.length() == 0)\n\t {\n\t\tec.addElement(new P().addElement(new StringElement(\n\t\t\t\"Password is a required field\")));\n" } } }, "message": { "text": "Branch not taken" } }, "kinds": [ "branch", "false" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 5 }, "region": { "startLine": 143, "snippet": { "text": "\t if (password == null || password.length() == 0)" } }, "contextRegion": { "startLine": 140, "endLine": 146, "snippet": { "text": "\t }\n\n\t String password = s.getParser().getRawParameter(PASSWORD, \"\");\n\t if (password == null || password.length() == 0)\n\t {\n\t\tec.addElement(new P().addElement(new StringElement(\n\t\t\t\"Password is a required field\")));\n" } } }, "message": { "text": "Branch not taken" } }, "kinds": [ "branch", "false" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 5 }, "region": { "startLine": 155, "snippet": { "text": "\t InputSource inputSource = new InputSource(new FileInputStream(d));" } }, "contextRegion": { "startLine": 152, "endLine": 158, "snippet": { "text": "\t File d = new File(dir);\n\t XPathFactory factory = XPathFactory.newInstance();\n\t XPath xPath = factory.newXPath();\n\t InputSource inputSource = new InputSource(new FileInputStream(d));\n\t String expression = \"/employees/employee[loginID/text()='\"\n\t\t + username + \"' and passwd/text()='\" + password + \"']\";\n\t nodes = (NodeList) xPath.evaluate(expression, inputSource,\n" } } }, "message": { "text": "new FileInputStream(...)" }, "annotations": [ { "startLine": 155, "startColumn": 48, "message": { "text": " refers to an allocated resource" } } ] }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 5 }, "region": { "startLine": 159, "snippet": { "text": "\t\t XPathConstants.NODESET);" } }, "contextRegion": { "startLine": 156, "endLine": 162, "snippet": { "text": "\t String expression = \"/employees/employee[loginID/text()='\"\n\t\t + username + \"' and passwd/text()='\" + password + \"']\";\n\t nodes = (NodeList) xPath.evaluate(expression, inputSource,\n\t\t XPathConstants.NODESET);\n\t int nodesLength = nodes.getLength();\n\n\t Table t2 = null;\n" } } }, "message": { "text": "javax.xml.xpath.XPathExpressionException thrown" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 5 }, "region": { "startLine": 159, "snippet": { "text": "\t\t XPathConstants.NODESET);" } }, "contextRegion": { "startLine": 156, "endLine": 162, "snippet": { "text": "\t String expression = \"/employees/employee[loginID/text()='\"\n\t\t + username + \"' and passwd/text()='\" + password + \"']\";\n\t nodes = (NodeList) xPath.evaluate(expression, inputSource,\n\t\t XPathConstants.NODESET);\n\t int nodesLength = nodes.getLength();\n\n\t Table t2 = null;\n" } } }, "message": { "text": " no longer refers to an allocated resource" } }, "kinds": [ "exit", "scope" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 5 }, "region": { "startLine": 159, "snippet": { "text": "\t\t XPathConstants.NODESET);" } }, "contextRegion": { "startLine": 156, "endLine": 162, "snippet": { "text": "\t String expression = \"/employees/employee[loginID/text()='\"\n\t\t + username + \"' and passwd/text()='\" + password + \"']\";\n\t nodes = (NodeList) xPath.evaluate(expression, inputSource,\n\t\t XPathConstants.NODESET);\n\t int nodesLength = nodes.getLength();\n\n\t Table t2 = null;\n" } } }, "message": { "text": "end scope : Resource leaked : javax.xml.xpath.XPathExpressionException thrown" } }, "kinds": [ "exit", "scope" ] } ] } ] }, { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 5 }, "region": { "startLine": 135, "snippet": { "text": "\t if (username == null || username.length() == 0)" } }, "contextRegion": { "startLine": 132, "endLine": 138, "snippet": { "text": "\t ec.addElement(t1);\n\n\t String username = s.getParser().getRawParameter(USERNAME, \"\");\n\t if (username == null || username.length() == 0)\n\t {\n\t\tec.addElement(new P().addElement(new StringElement(\n\t\t\t\"Username is a required field\")));\n" } } }, "message": { "text": "Branch not taken" } }, "kinds": [ "branch", "false" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 5 }, "region": { "startLine": 135, "snippet": { "text": "\t if (username == null || username.length() == 0)" } }, "contextRegion": { "startLine": 132, "endLine": 138, "snippet": { "text": "\t ec.addElement(t1);\n\n\t String username = s.getParser().getRawParameter(USERNAME, \"\");\n\t if (username == null || username.length() == 0)\n\t {\n\t\tec.addElement(new P().addElement(new StringElement(\n\t\t\t\"Username is a required field\")));\n" } } }, "message": { "text": "Branch not taken" } }, "kinds": [ "branch", "false" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 5 }, "region": { "startLine": 143, "snippet": { "text": "\t if (password == null || password.length() == 0)" } }, "contextRegion": { "startLine": 140, "endLine": 146, "snippet": { "text": "\t }\n\n\t String password = s.getParser().getRawParameter(PASSWORD, \"\");\n\t if (password == null || password.length() == 0)\n\t {\n\t\tec.addElement(new P().addElement(new StringElement(\n\t\t\t\"Password is a required field\")));\n" } } }, "message": { "text": "Branch not taken" } }, "kinds": [ "branch", "false" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 5 }, "region": { "startLine": 143, "snippet": { "text": "\t if (password == null || password.length() == 0)" } }, "contextRegion": { "startLine": 140, "endLine": 146, "snippet": { "text": "\t }\n\n\t String password = s.getParser().getRawParameter(PASSWORD, \"\");\n\t if (password == null || password.length() == 0)\n\t {\n\t\tec.addElement(new P().addElement(new StringElement(\n\t\t\t\"Password is a required field\")));\n" } } }, "message": { "text": "Branch not taken" } }, "kinds": [ "branch", "false" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 5 }, "region": { "startLine": 155, "snippet": { "text": "\t InputSource inputSource = new InputSource(new FileInputStream(d));" } }, "contextRegion": { "startLine": 152, "endLine": 158, "snippet": { "text": "\t File d = new File(dir);\n\t XPathFactory factory = XPathFactory.newInstance();\n\t XPath xPath = factory.newXPath();\n\t InputSource inputSource = new InputSource(new FileInputStream(d));\n\t String expression = \"/employees/employee[loginID/text()='\"\n\t\t + username + \"' and passwd/text()='\" + password + \"']\";\n\t nodes = (NodeList) xPath.evaluate(expression, inputSource,\n" } } }, "message": { "text": "new FileInputStream(...)" }, "annotations": [ { "startLine": 155, "startColumn": 48, "message": { "text": " refers to an allocated resource" } } ] }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 5 }, "region": { "startLine": 198, "snippet": { "text": "\t}" } }, "contextRegion": { "startLine": 195, "endLine": 201, "snippet": { "text": "\t\tec.addElement(t2);\n\t }\n\n\t}\n\tcatch (IOException e)\n\t{\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\n" } } }, "message": { "text": " no longer refers to an allocated resource" } }, "kinds": [ "exit", "scope" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 5 }, "region": { "startLine": 198, "snippet": { "text": "\t}" } }, "contextRegion": { "startLine": 195, "endLine": 201, "snippet": { "text": "\t\tec.addElement(t2);\n\t }\n\n\t}\n\tcatch (IOException e)\n\t{\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\n" } } }, "message": { "text": "end scope : Resource leaked" } }, "kinds": [ "exit", "scope" ] } ] } ] }, { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 5 }, "region": { "startLine": 135, "snippet": { "text": "\t if (username == null || username.length() == 0)" } }, "contextRegion": { "startLine": 132, "endLine": 138, "snippet": { "text": "\t ec.addElement(t1);\n\n\t String username = s.getParser().getRawParameter(USERNAME, \"\");\n\t if (username == null || username.length() == 0)\n\t {\n\t\tec.addElement(new P().addElement(new StringElement(\n\t\t\t\"Username is a required field\")));\n" } } }, "message": { "text": "Branch not taken" } }, "kinds": [ "branch", "false" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 5 }, "region": { "startLine": 135, "snippet": { "text": "\t if (username == null || username.length() == 0)" } }, "contextRegion": { "startLine": 132, "endLine": 138, "snippet": { "text": "\t ec.addElement(t1);\n\n\t String username = s.getParser().getRawParameter(USERNAME, \"\");\n\t if (username == null || username.length() == 0)\n\t {\n\t\tec.addElement(new P().addElement(new StringElement(\n\t\t\t\"Username is a required field\")));\n" } } }, "message": { "text": "Branch not taken" } }, "kinds": [ "branch", "false" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 5 }, "region": { "startLine": 143, "snippet": { "text": "\t if (password == null || password.length() == 0)" } }, "contextRegion": { "startLine": 140, "endLine": 146, "snippet": { "text": "\t }\n\n\t String password = s.getParser().getRawParameter(PASSWORD, \"\");\n\t if (password == null || password.length() == 0)\n\t {\n\t\tec.addElement(new P().addElement(new StringElement(\n\t\t\t\"Password is a required field\")));\n" } } }, "message": { "text": "Branch not taken" } }, "kinds": [ "branch", "false" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 5 }, "region": { "startLine": 143, "snippet": { "text": "\t if (password == null || password.length() == 0)" } }, "contextRegion": { "startLine": 140, "endLine": 146, "snippet": { "text": "\t }\n\n\t String password = s.getParser().getRawParameter(PASSWORD, \"\");\n\t if (password == null || password.length() == 0)\n\t {\n\t\tec.addElement(new P().addElement(new StringElement(\n\t\t\t\"Password is a required field\")));\n" } } }, "message": { "text": "Branch not taken" } }, "kinds": [ "branch", "false" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 5 }, "region": { "startLine": 155, "snippet": { "text": "\t InputSource inputSource = new InputSource(new FileInputStream(d));" } }, "contextRegion": { "startLine": 152, "endLine": 158, "snippet": { "text": "\t File d = new File(dir);\n\t XPathFactory factory = XPathFactory.newInstance();\n\t XPath xPath = factory.newXPath();\n\t InputSource inputSource = new InputSource(new FileInputStream(d));\n\t String expression = \"/employees/employee[loginID/text()='\"\n\t\t + username + \"' and passwd/text()='\" + password + \"']\";\n\t nodes = (NodeList) xPath.evaluate(expression, inputSource,\n" } } }, "message": { "text": "new FileInputStream(...)" }, "annotations": [ { "startLine": 155, "startColumn": 48, "message": { "text": " refers to an allocated resource" } } ] }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 5 }, "region": { "startLine": 175, "snippet": { "text": "\t for (int i = 0; i < nodesLength; i++)" } }, "contextRegion": { "startLine": 172, "endLine": 178, "snippet": { "text": "\t\tt2.addElement(tr);\n\t }\n\n\t for (int i = 0; i < nodesLength; i++)\n\t {\n\t\tNode node = nodes.item(i);\n\t\tString[] arrTokens = node.getTextContent()\n" } } }, "message": { "text": "Branch taken" } }, "kinds": [ "branch", "true" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 5 }, "region": { "startLine": 178, "snippet": { "text": "\t\tString[] arrTokens = node.getTextContent()" } }, "contextRegion": { "startLine": 175, "endLine": 181, "snippet": { "text": "\t for (int i = 0; i < nodesLength; i++)\n\t {\n\t\tNode node = nodes.item(i);\n\t\tString[] arrTokens = node.getTextContent()\n\t\t\t.split(\"[\\\\t\\\\s\\\\n]+\");\n\n\t\ttr = new TR();\n" } } }, "message": { "text": "org.w3c.dom.DOMException thrown" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 5 }, "region": { "startLine": 178, "snippet": { "text": "\t\tString[] arrTokens = node.getTextContent()" } }, "contextRegion": { "startLine": 175, "endLine": 181, "snippet": { "text": "\t for (int i = 0; i < nodesLength; i++)\n\t {\n\t\tNode node = nodes.item(i);\n\t\tString[] arrTokens = node.getTextContent()\n\t\t\t.split(\"[\\\\t\\\\s\\\\n]+\");\n\n\t\ttr = new TR();\n" } } }, "message": { "text": "throw" } }, "kinds": [ "return", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 5 }, "region": { "startLine": 178, "snippet": { "text": "\t\tString[] arrTokens = node.getTextContent()" } }, "contextRegion": { "startLine": 175, "endLine": 181, "snippet": { "text": "\t for (int i = 0; i < nodesLength; i++)\n\t {\n\t\tNode node = nodes.item(i);\n\t\tString[] arrTokens = node.getTextContent()\n\t\t\t.split(\"[\\\\t\\\\s\\\\n]+\");\n\n\t\ttr = new TR();\n" } } }, "message": { "text": " no longer refers to an allocated resource" } }, "kinds": [ "exit", "scope" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 5 }, "region": { "startLine": 178, "snippet": { "text": "\t\tString[] arrTokens = node.getTextContent()" } }, "contextRegion": { "startLine": 175, "endLine": 181, "snippet": { "text": "\t for (int i = 0; i < nodesLength; i++)\n\t {\n\t\tNode node = nodes.item(i);\n\t\tString[] arrTokens = node.getTextContent()\n\t\t\t.split(\"[\\\\t\\\\s\\\\n]+\");\n\n\t\ttr = new TR();\n" } } }, "message": { "text": "end scope : Resource leaked : org.w3c.dom.DOMException thrown" } }, "kinds": [ "exit", "scope" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 5 }, "region": { "startLine": 155 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 33, "level": "note", "message": { "text": "Using println() rather than a dedicated logging facility makes it difficult to monitor the behavior of the program.\r\nUsing `System.out` or `System.err` rather than a dedicated logging facility makes it difficult to monitor the behavior of the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 337, "snippet": { "text": "\t System.out.println(\"Missing parameter\");" } }, "contextRegion": { "startLine": 334, "endLine": 340, "snippet": { "text": "\t}\n\tcatch (ParameterNotFoundException pnfe)\n\t{\n\t System.out.println(\"Missing parameter\");\n\t pnfe.printStackTrace();\n\t setCurrentAction(s, ERROR_ACTION);\n\t}\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 337, "snippet": { "text": "\t System.out.println(\"Missing parameter\");" } }, "contextRegion": { "startLine": 334, "endLine": 340, "snippet": { "text": "\t}\n\tcatch (ParameterNotFoundException pnfe)\n\t{\n\t System.out.println(\"Missing parameter\");\n\t pnfe.printStackTrace();\n\t setCurrentAction(s, ERROR_ACTION);\n\t}\n" } } }, "message": { "text": "FunctionCall: println" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 337 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 33, "level": "note", "message": { "text": "Using println() rather than a dedicated logging facility makes it difficult to monitor the behavior of the program.\r\nUsing `System.out` or `System.err` rather than a dedicated logging facility makes it difficult to monitor the behavior of the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 343, "snippet": { "text": "\t System.out.println(\"Validation failed\");" } }, "contextRegion": { "startLine": 340, "endLine": 346, "snippet": { "text": "\t}\n\tcatch (ValidationException ve)\n\t{\n\t System.out.println(\"Validation failed\");\n\t ve.printStackTrace();\n\t setCurrentAction(s, ERROR_ACTION);\n\t}\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 343, "snippet": { "text": "\t System.out.println(\"Validation failed\");" } }, "contextRegion": { "startLine": 340, "endLine": 346, "snippet": { "text": "\t}\n\tcatch (ValidationException ve)\n\t{\n\t System.out.println(\"Validation failed\");\n\t ve.printStackTrace();\n\t setCurrentAction(s, ERROR_ACTION);\n\t}\n" } } }, "message": { "text": "FunctionCall: println" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 343 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 33, "level": "note", "message": { "text": "Using println() rather than a dedicated logging facility makes it difficult to monitor the behavior of the program.\r\nUsing `System.out` or `System.err` rather than a dedicated logging facility makes it difficult to monitor the behavior of the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 350, "snippet": { "text": "\t System.out.println(\"Authentication failure\");" } }, "contextRegion": { "startLine": 347, "endLine": 353, "snippet": { "text": "\tcatch (UnauthenticatedException ue)\n\t{\n\t s.setMessage(\"Login failed\");\n\t System.out.println(\"Authentication failure\");\n\t ue.printStackTrace();\n\t}\n\tcatch (UnauthorizedException ue2)\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 350, "snippet": { "text": "\t System.out.println(\"Authentication failure\");" } }, "contextRegion": { "startLine": 347, "endLine": 353, "snippet": { "text": "\tcatch (UnauthenticatedException ue)\n\t{\n\t s.setMessage(\"Login failed\");\n\t System.out.println(\"Authentication failure\");\n\t ue.printStackTrace();\n\t}\n\tcatch (UnauthorizedException ue2)\n" } } }, "message": { "text": "FunctionCall: println" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 350 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 33, "level": "note", "message": { "text": "Using println() rather than a dedicated logging facility makes it difficult to monitor the behavior of the program.\r\nUsing `System.out` or `System.err` rather than a dedicated logging facility makes it difficult to monitor the behavior of the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 356, "snippet": { "text": "\t System.out.println(\"Authorization failure\");" } }, "contextRegion": { "startLine": 353, "endLine": 359, "snippet": { "text": "\tcatch (UnauthorizedException ue2)\n\t{\n\t s.setMessage(\"You are not authorized to perform this function\");\n\t System.out.println(\"Authorization failure\");\n\t setCurrentAction(s, ERROR_ACTION);\n\t ue2.printStackTrace();\n\t}\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 356, "snippet": { "text": "\t System.out.println(\"Authorization failure\");" } }, "contextRegion": { "startLine": 353, "endLine": 359, "snippet": { "text": "\tcatch (UnauthorizedException ue2)\n\t{\n\t s.setMessage(\"You are not authorized to perform this function\");\n\t System.out.println(\"Authorization failure\");\n\t setCurrentAction(s, ERROR_ACTION);\n\t ue2.printStackTrace();\n\t}\n" } } }, "message": { "text": "FunctionCall: println" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 356 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 33, "level": "note", "message": { "text": "Using println() rather than a dedicated logging facility makes it difficult to monitor the behavior of the program.\r\nUsing `System.out` or `System.err` rather than a dedicated logging facility makes it difficult to monitor the behavior of the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 363, "snippet": { "text": "\t System.out.println(\"handleRequest() error\");" } }, "contextRegion": { "startLine": 360, "endLine": 366, "snippet": { "text": "\tcatch (Exception e)\n\t{\n\t // All other errors send the user to the generic error page\n\t System.out.println(\"handleRequest() error\");\n\t e.printStackTrace();\n\t setCurrentAction(s, ERROR_ACTION);\n\t}\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 363, "snippet": { "text": "\t System.out.println(\"handleRequest() error\");" } }, "contextRegion": { "startLine": 360, "endLine": 366, "snippet": { "text": "\tcatch (Exception e)\n\t{\n\t // All other errors send the user to the generic error page\n\t System.out.println(\"handleRequest() error\");\n\t e.printStackTrace();\n\t setCurrentAction(s, ERROR_ACTION);\n\t}\n" } } }, "message": { "text": "FunctionCall: println" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 363 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function sendMessage() in [Challenge2Screen.java](1) might reveal system data or debugging information by calling printStackTrace() on line [729](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 729, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 726, "endLine": 732, "snippet": { "text": "\tcatch (Exception e)\n\t{\n\t System.out.println(\"Couldn't write \" + message + \" to \" + s);\n\t e.printStackTrace();\n\t}\n }\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 729, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 726, "endLine": 732, "snippet": { "text": "\tcatch (Exception e)\n\t{\n\t System.out.println(\"Couldn't write \" + message + \" to \" + s);\n\t e.printStackTrace();\n\t}\n }\n\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 729 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function getEmployeeProfile_BACKUP() in [ViewProfile.java](1) might reveal system data or debugging information by calling printStackTrace() on line [200](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 53 }, "region": { "startLine": 200, "snippet": { "text": "\t\tsqle.printStackTrace();" } }, "contextRegion": { "startLine": 197, "endLine": 203, "snippet": { "text": "\t catch (SQLException sqle)\n\t {\n\t\ts.setMessage(\"Error getting employee profile\");\n\t\tsqle.printStackTrace();\n\t }\n\t}\n\tcatch (Exception e)\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 53 }, "region": { "startLine": 200, "snippet": { "text": "\t\tsqle.printStackTrace();" } }, "contextRegion": { "startLine": 197, "endLine": 203, "snippet": { "text": "\t catch (SQLException sqle)\n\t {\n\t\ts.setMessage(\"Error getting employee profile\");\n\t\tsqle.printStackTrace();\n\t }\n\t}\n\tcatch (Exception e)\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 53 }, "region": { "startLine": 200 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 33, "level": "note", "message": { "text": "Using println() rather than a dedicated logging facility makes it difficult to monitor the behavior of the program.\r\nUsing `System.out` or `System.err` rather than a dedicated logging facility makes it difficult to monitor the behavior of the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 285, "snippet": { "text": "\tSystem.out.println(\"Executing OS command: \" + Arrays.asList(command));" } }, "contextRegion": { "startLine": 282, "endLine": 288, "snippet": { "text": " */\n private String exec(WebSession s, String[] command)\n {\n\tSystem.out.println(\"Executing OS command: \" + Arrays.asList(command));\n\tExecResults er = Exec.execSimple(command);\n\tif (!er.getError())\n\t{\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 285, "snippet": { "text": "\tSystem.out.println(\"Executing OS command: \" + Arrays.asList(command));" } }, "contextRegion": { "startLine": 282, "endLine": 288, "snippet": { "text": " */\n private String exec(WebSession s, String[] command)\n {\n\tSystem.out.println(\"Executing OS command: \" + Arrays.asList(command));\n\tExecResults er = Exec.execSimple(command);\n\tif (!er.getError())\n\t{\n" } } }, "message": { "text": "FunctionCall: println" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 285 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 47, "level": "note", "message": { "text": "The method doStage3() in [LessonAdapter.java](1) throws a generic exception making it harder for callers to do a good job of error handling and recovery.\r\nThe method throws a generic exception making it harder for callers to do a good job of error handling and recovery." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 116 }, "region": { "startLine": 160, "snippet": { "text": " protected Element doStage3(WebSession s) throws Exception" } }, "contextRegion": { "startLine": 157, "endLine": 163, "snippet": { "text": " }\n\n\n protected Element doStage3(WebSession s) throws Exception\n {\n\tElementContainer ec = new ElementContainer();\n\tec.addElement(\"Stage 3 Stub\");\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 116 }, "region": { "startLine": 160, "snippet": { "text": " protected Element doStage3(WebSession s) throws Exception" } }, "contextRegion": { "startLine": 157, "endLine": 163, "snippet": { "text": " }\n\n\n protected Element doStage3(WebSession s) throws Exception\n {\n\tElementContainer ec = new ElementContainer();\n\tec.addElement(\"Stage 3 Stub\");\n" } } }, "message": { "text": "Function: doStage3" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 116 }, "region": { "startLine": 160 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function getUserName() in [DefaultLessonAction.java](1) might reveal system data or debugging information by calling printStackTrace() on line [216](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 106 }, "region": { "startLine": 216, "snippet": { "text": "\t\t\te.printStackTrace();" } }, "contextRegion": { "startLine": 213, "endLine": 219, "snippet": { "text": "\t\tcatch ( Exception e )\n\t\t{\n\t\t\ts.setMessage( \"Error getting user name\" );\n\t\t\te.printStackTrace();\n\t\t}\n\n\t\treturn name;\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 106 }, "region": { "startLine": 216, "snippet": { "text": "\t\t\te.printStackTrace();" } }, "contextRegion": { "startLine": 213, "endLine": 219, "snippet": { "text": "\t\tcatch ( Exception e )\n\t\t{\n\t\t\ts.setMessage( \"Error getting user name\" );\n\t\t\te.printStackTrace();\n\t\t}\n\n\t\treturn name;\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 106 }, "region": { "startLine": 216 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 17, "message": { "text": "The catch block at [Encoding.java](1) line [506](1) handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program.\r\nThe catch block handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 506, "endLine": 510, "snippet": { "text": "\t\tcatch ( Exception e )\r\n\t\t{\r\n\r\n\t\t\treturn ( \"This is not an encrypted string\" );\r\n\t\t}" } }, "contextRegion": { "startLine": 503, "endLine": 513, "snippet": { "text": "\t\t\treturn new String( utf8, \"UTF-8\" );\n\t\t}\n\n\t\tcatch ( Exception e )\n\t\t{\n\n\t\t\treturn ( \"This is not an encrypted string\" );\n\t\t}\n\n\t}\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 506, "endLine": 510, "snippet": { "text": "\t\tcatch ( Exception e )\r\n\t\t{\r\n\r\n\t\t\treturn ( \"This is not an encrypted string\" );\r\n\t\t}" } }, "contextRegion": { "startLine": 503, "endLine": 513, "snippet": { "text": "\t\t\treturn new String( utf8, \"UTF-8\" );\n\t\t}\n\n\t\tcatch ( Exception e )\n\t\t{\n\n\t\t\treturn ( \"This is not an encrypted string\" );\n\t\t}\n\n\t}\n\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 506, "startColumn": 3, "endLine": 510 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 62, "level": "error", "message": { "text": "The method createContent() in [TraceXSS.java](1) sends unvalidated data to a web browser on line [137](1), which can result in the browser executing malicious code.\r\nSending unvalidated data to a web browser can result in the browser executing malicious code." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 62 }, "region": { "startLine": 137, "snippet": { "text": "\t\t\t .getStringParameter(\"QTY2\", \"1\")))" } }, "contextRegion": { "startLine": 134, "endLine": 140, "snippet": { "text": "\t tr.addElement(new TD().addElement(\"27.99\").setAlign(\"right\"));\n\t tr.addElement(new TD().addElement(\n\t\t new Input(Input.TEXT, \"QTY2\", s.getParser()\n\t\t\t .getStringParameter(\"QTY2\", \"1\")))\n\t\t .setAlign(\"right\"));\n\t quantity = s.getParser().getFloatParameter(\"QTY2\", 1.0f);\n\t total = quantity * 27.99f;\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 67 }, { "index": 68 }, { "index": 69 }, { "index": 70 }, { "index": 76 }, { "index": 77 }, { "index": 136 }, { "index": 137 }, { "index": 466 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 62 }, "region": { "startLine": 137, "snippet": { "text": "\t\t\t .getStringParameter(\"QTY2\", \"1\")))" } }, "contextRegion": { "startLine": 134, "endLine": 140, "snippet": { "text": "\t tr.addElement(new TD().addElement(\"27.99\").setAlign(\"right\"));\n\t tr.addElement(new TD().addElement(\n\t\t new Input(Input.TEXT, \"QTY2\", s.getParser()\n\t\t\t .getStringParameter(\"QTY2\", \"1\")))\n\t\t .setAlign(\"right\"));\n\t quantity = s.getParser().getFloatParameter(\"QTY2\", 1.0f);\n\t total = quantity * 27.99f;\n" } } }, "message": { "text": "Input(2)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 62 }, "region": { "startLine": 137 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 140, "level": "error", "message": { "text": "The function getResults() in [WsSqlInjection.java](1) sometimes fails to release a system resource allocated by makeConnection() on line 229.\r\nThe program can potentially fail to release a database connection." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 99 }, "region": { "startLine": 237, "snippet": { "text": "\t\tStatement statement = connection.createStatement(" } }, "contextRegion": { "startLine": 234, "endLine": 240, "snippet": { "text": "\t String query = \"SELECT * FROM user_data WHERE userid = \" + id;\n\t try\n\t {\n\t\tStatement statement = connection.createStatement(\n\t\t\tResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tResultSet results = statement.executeQuery(query);\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 99 }, "region": { "startLine": 229, "snippet": { "text": "\t Connection connection = DatabaseUtilities.makeConnection();" } }, "contextRegion": { "startLine": 226, "endLine": 232, "snippet": { "text": " {\n\ttry\n\t{\n\t Connection connection = DatabaseUtilities.makeConnection();\n\t if (connection == null)\n\t {\n\t\treturn null;\n" } } }, "message": { "text": "connection = makeConnection()" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 99 }, "region": { "startLine": 230, "snippet": { "text": "\t if (connection == null)" } }, "contextRegion": { "startLine": 227, "endLine": 233, "snippet": { "text": "\ttry\n\t{\n\t Connection connection = DatabaseUtilities.makeConnection();\n\t if (connection == null)\n\t {\n\t\treturn null;\n\t }\n" } } }, "message": { "text": "Branch not taken" } }, "kinds": [ "branch", "false" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 99 }, "region": { "startLine": 237, "snippet": { "text": "\t\tStatement statement = connection.createStatement(" } }, "contextRegion": { "startLine": 234, "endLine": 240, "snippet": { "text": "\t String query = \"SELECT * FROM user_data WHERE userid = \" + id;\n\t try\n\t {\n\t\tStatement statement = connection.createStatement(\n\t\t\tResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tResultSet results = statement.executeQuery(query);\n" } } }, "message": { "text": "statement = connection.createStatement(...)" }, "annotations": [ { "startLine": 237, "startColumn": 3, "message": { "text": "statement refers to a database command" } } ] }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 99 }, "region": { "startLine": 241, "snippet": { "text": "\t\treturn results;" } }, "contextRegion": { "startLine": 238, "endLine": 244, "snippet": { "text": "\t\t\tResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tResultSet results = statement.executeQuery(query);\n\t\treturn results;\n\t }\n\t catch (SQLException sqle)\n\t {}\n" } } }, "message": { "text": "return" } }, "kinds": [ "return", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 99 }, "region": { "startLine": 241, "snippet": { "text": "\t\treturn results;" } }, "contextRegion": { "startLine": 238, "endLine": 244, "snippet": { "text": "\t\t\tResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tResultSet results = statement.executeQuery(query);\n\t\treturn results;\n\t }\n\t catch (SQLException sqle)\n\t {}\n" } } }, "message": { "text": "statement no longer refers to a database command" } }, "kinds": [ "exit", "scope" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 99 }, "region": { "startLine": 241, "snippet": { "text": "\t\treturn results;" } }, "contextRegion": { "startLine": 238, "endLine": 244, "snippet": { "text": "\t\t\tResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tResultSet results = statement.executeQuery(query);\n\t\treturn results;\n\t }\n\t catch (SQLException sqle)\n\t {}\n" } } }, "message": { "text": "statement no longer refers to a database command" } }, "kinds": [ "exit", "scope" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 99 }, "region": { "startLine": 241, "snippet": { "text": "\t\treturn results;" } }, "contextRegion": { "startLine": 238, "endLine": 244, "snippet": { "text": "\t\t\tResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tResultSet results = statement.executeQuery(query);\n\t\treturn results;\n\t }\n\t catch (SQLException sqle)\n\t {}\n" } } }, "message": { "text": "statement end scope" } }, "kinds": [ "exit", "scope" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 99 }, "region": { "startLine": 241, "snippet": { "text": "\t\treturn results;" } }, "contextRegion": { "startLine": 238, "endLine": 244, "snippet": { "text": "\t\t\tResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tResultSet results = statement.executeQuery(query);\n\t\treturn results;\n\t }\n\t catch (SQLException sqle)\n\t {}\n" } } }, "message": { "text": "connection end scope : Database resource leaked" } }, "kinds": [ "exit", "scope" ] } ] } ] }, { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 99 }, "region": { "startLine": 229, "snippet": { "text": "\t Connection connection = DatabaseUtilities.makeConnection();" } }, "contextRegion": { "startLine": 226, "endLine": 232, "snippet": { "text": " {\n\ttry\n\t{\n\t Connection connection = DatabaseUtilities.makeConnection();\n\t if (connection == null)\n\t {\n\t\treturn null;\n" } } }, "message": { "text": "connection = makeConnection()" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 99 }, "region": { "startLine": 230, "snippet": { "text": "\t if (connection == null)" } }, "contextRegion": { "startLine": 227, "endLine": 233, "snippet": { "text": "\ttry\n\t{\n\t Connection connection = DatabaseUtilities.makeConnection();\n\t if (connection == null)\n\t {\n\t\treturn null;\n\t }\n" } } }, "message": { "text": "Branch not taken" } }, "kinds": [ "branch", "false" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 99 }, "region": { "startLine": 237, "snippet": { "text": "\t\tStatement statement = connection.createStatement(" } }, "contextRegion": { "startLine": 234, "endLine": 240, "snippet": { "text": "\t String query = \"SELECT * FROM user_data WHERE userid = \" + id;\n\t try\n\t {\n\t\tStatement statement = connection.createStatement(\n\t\t\tResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tResultSet results = statement.executeQuery(query);\n" } } }, "message": { "text": "statement = connection.createStatement(...)" }, "annotations": [ { "startLine": 237, "startColumn": 3, "message": { "text": "statement refers to a database command" } } ] }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 99 }, "region": { "startLine": 240, "snippet": { "text": "\t\tResultSet results = statement.executeQuery(query);" } }, "contextRegion": { "startLine": 237, "endLine": 243, "snippet": { "text": "\t\tStatement statement = connection.createStatement(\n\t\t\tResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tResultSet results = statement.executeQuery(query);\n\t\treturn results;\n\t }\n\t catch (SQLException sqle)\n" } } }, "message": { "text": "java.sql.SQLException thrown" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 99 }, "region": { "startLine": 240, "snippet": { "text": "\t\tResultSet results = statement.executeQuery(query);" } }, "contextRegion": { "startLine": 237, "endLine": 243, "snippet": { "text": "\t\tStatement statement = connection.createStatement(\n\t\t\tResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tResultSet results = statement.executeQuery(query);\n\t\treturn results;\n\t }\n\t catch (SQLException sqle)\n" } } }, "message": { "text": "statement no longer refers to a database command" } }, "kinds": [ "exit", "scope" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 99 }, "region": { "startLine": 240, "snippet": { "text": "\t\tResultSet results = statement.executeQuery(query);" } }, "contextRegion": { "startLine": 237, "endLine": 243, "snippet": { "text": "\t\tStatement statement = connection.createStatement(\n\t\t\tResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tResultSet results = statement.executeQuery(query);\n\t\treturn results;\n\t }\n\t catch (SQLException sqle)\n" } } }, "message": { "text": "statement no longer refers to a database command" } }, "kinds": [ "exit", "scope" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 99 }, "region": { "startLine": 240, "snippet": { "text": "\t\tResultSet results = statement.executeQuery(query);" } }, "contextRegion": { "startLine": 237, "endLine": 243, "snippet": { "text": "\t\tStatement statement = connection.createStatement(\n\t\t\tResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tResultSet results = statement.executeQuery(query);\n\t\treturn results;\n\t }\n\t catch (SQLException sqle)\n" } } }, "message": { "text": "statement end scope : java.sql.SQLException thrown" } }, "kinds": [ "exit", "scope" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 99 }, "region": { "startLine": 245, "snippet": { "text": "\t}" } }, "contextRegion": { "startLine": 242, "endLine": 248, "snippet": { "text": "\t }\n\t catch (SQLException sqle)\n\t {}\n\t}\n\tcatch (Exception e)\n\t{}\n\treturn null;\n" } } }, "message": { "text": "connection end scope : Database resource leaked" } }, "kinds": [ "exit", "scope" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 99 }, "region": { "startLine": 237, "endLine": 239 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 24, "level": "error", "message": { "text": "The method concept1() in [BackDoors.java](1) sends unvalidated data to a web browser on line [126](1), which can result in the browser executing malicious code.\r\nSending unvalidated data to a web browser can result in the browser executing malicious code." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 110 }, "region": { "startLine": 126, "snippet": { "text": "\t\t tr.addElement(new TD(rs.getString(\"password\")));" } }, "contextRegion": { "startLine": 123, "endLine": 129, "snippet": { "text": "\t\t t.addElement(tr);\n\t\t tr = new TR();\n\t\t tr.addElement(new TD(rs.getString(\"userid\")));\n\t\t tr.addElement(new TD(rs.getString(\"password\")));\n\t\t tr.addElement(new TD(rs.getString(\"ssn\")));\n\t\t tr.addElement(new TD(rs.getString(\"salary\")));\n\t\t t.addElement(tr);\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 438 }, { "index": 439 }, { "index": 467 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 110 }, "region": { "startLine": 126, "snippet": { "text": "\t\t tr.addElement(new TD(rs.getString(\"password\")));" } }, "contextRegion": { "startLine": 123, "endLine": 129, "snippet": { "text": "\t\t t.addElement(tr);\n\t\t tr = new TR();\n\t\t tr.addElement(new TD(rs.getString(\"userid\")));\n\t\t tr.addElement(new TD(rs.getString(\"password\")));\n\t\t tr.addElement(new TD(rs.getString(\"ssn\")));\n\t\t tr.addElement(new TD(rs.getString(\"salary\")));\n\t\t t.addElement(tr);\n" } } }, "message": { "text": "TD(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 110 }, "region": { "startLine": 126, "startColumn": 31 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 84, "message": { "text": "The method doFilter() in [Interceptor.java](1) calls Socket(). Socket-based communication in web applications is prone to error.\r\nSocket-based communication in web applications is prone to error." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 39 }, "region": { "startLine": 93, "snippet": { "text": "\t\tosgSocket = new Socket(osgServerName, Integer" } }, "contextRegion": { "startLine": 90, "endLine": 96, "snippet": { "text": "\t if (osgServerName != null && osgServerName.length() != 0\n\t\t && osgServerPort != null && osgServerPort.length() != 0)\n\t {\n\t\tosgSocket = new Socket(osgServerName, Integer\n\t\t\t.parseInt(osgServerPort));\n\t\tif (osgSocket != null)\n\t\t{\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 39 }, "region": { "startLine": 93, "snippet": { "text": "\t\tosgSocket = new Socket(osgServerName, Integer" } }, "contextRegion": { "startLine": 90, "endLine": 96, "snippet": { "text": "\t if (osgServerName != null && osgServerName.length() != 0\n\t\t && osgServerPort != null && osgServerPort.length() != 0)\n\t {\n\t\tosgSocket = new Socket(osgServerName, Integer\n\t\t\t.parseInt(osgServerPort));\n\t\tif (osgSocket != null)\n\t\t{\n" } } }, "message": { "text": "Socket()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 39 }, "region": { "startLine": 93 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 108, "level": "error", "message": { "text": "The method getStringParameter() in [ParameterParser.java](1) mishandles confidential information, which can compromise user privacy and is often illegal.\r\nMishandling private information, such as customer passwords or social security numbers, can compromise user privacy and is often illegal." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 695, "snippet": { "text": "\t throw new ParameterNotFoundException(name + \" not found\");" } }, "contextRegion": { "startLine": 692, "endLine": 698, "snippet": { "text": "\n\tif (values == null)\n\t{\n\t throw new ParameterNotFoundException(name + \" not found\");\n\t}\n\telse if (values[0].length() == 0)\n\t{\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 468 }, { "index": 469 }, { "index": 470 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 695, "snippet": { "text": "\t throw new ParameterNotFoundException(name + \" not found\");" } }, "contextRegion": { "startLine": 692, "endLine": 698, "snippet": { "text": "\n\tif (values == null)\n\t{\n\t throw new ParameterNotFoundException(name + \" not found\");\n\t}\n\telse if (values[0].length() == 0)\n\t{\n" } } }, "message": { "text": "ParameterNotFoundException(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 695 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 1, "message": { "text": "A security constraint that does not specify a user data constraint cannot guarantee that restricted resources will be protected at the transport layer." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 86 }, "region": { "startLine": 274, "snippet": { "text": "\t" } }, "contextRegion": { "startLine": 271, "endLine": 277, "snippet": { "text": "\t\n\n\t\n\t\n\t \n\t WebGoat Application\n\t /*\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 86 }, "region": { "startLine": 274, "snippet": { "text": "\t" } }, "contextRegion": { "startLine": 271, "endLine": 277, "snippet": { "text": "\t\n\n\t\n\t\n\t \n\t WebGoat Application\n\t /*\n" } } } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 86 }, "region": { "startLine": 274 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 1, "message": { "text": "A security constraint that does not specify a user data constraint cannot guarantee that restricted resources will be protected at the transport layer." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 86 }, "region": { "startLine": 286, "snippet": { "text": "\t" } }, "contextRegion": { "startLine": 283, "endLine": 289, "snippet": { "text": "\t \n\t\n\t\n\t\n\t \n\t WebGoat Application Source\n\t /JavaSource/*\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 86 }, "region": { "startLine": 286, "snippet": { "text": "\t" } }, "contextRegion": { "startLine": 283, "endLine": 289, "snippet": { "text": "\t \n\t\n\t\n\t\n\t \n\t WebGoat Application Source\n\t /JavaSource/*\n" } } } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 86 }, "region": { "startLine": 286 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 47, "level": "note", "message": { "text": "The method makeUser() in [HtmlClues.java](1) throws a generic exception making it harder for callers to do a good job of error handling and recovery.\r\nThe method throws a generic exception making it harder for callers to do a good job of error handling and recovery." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 136 }, "region": { "startLine": 135, "snippet": { "text": " protected Element makeUser(WebSession s, String user, String method)" } }, "contextRegion": { "startLine": 132, "endLine": 138, "snippet": { "text": " * @return Description of the Return Value\n * @exception Exception Description of the Exception\n */\n protected Element makeUser(WebSession s, String user, String method)\n\t throws Exception\n {\n\tElementContainer ec = new ElementContainer();\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 136 }, "region": { "startLine": 135, "snippet": { "text": " protected Element makeUser(WebSession s, String user, String method)" } }, "contextRegion": { "startLine": 132, "endLine": 138, "snippet": { "text": " * @return Description of the Return Value\n * @exception Exception Description of the Exception\n */\n protected Element makeUser(WebSession s, String user, String method)\n\t throws Exception\n {\n\tElementContainer ec = new ElementContainer();\n" } } }, "message": { "text": "Function: makeUser" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 136 }, "region": { "startLine": 135 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 17, "message": { "text": "The catch block at [LessonAdapter.java](1) line [307](1) handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program.\r\nThe catch block handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 116 }, "region": { "startLine": 307, "endLine": 308, "snippet": { "text": "\tcatch (Exception e)\r\n\t{}" } }, "contextRegion": { "startLine": 304, "endLine": 311, "snippet": { "text": "\t\t}\n\t }\n\t}\n\tcatch (Exception e)\n\t{}\n\n\treturn buff.toString();\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 116 }, "region": { "startLine": 307, "endLine": 308, "snippet": { "text": "\tcatch (Exception e)\r\n\t{}" } }, "contextRegion": { "startLine": 304, "endLine": 311, "snippet": { "text": "\t\t}\n\t }\n\t}\n\tcatch (Exception e)\n\t{}\n\n\treturn buff.toString();\n\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 116 }, "region": { "startLine": 307, "startColumn": 2, "endLine": 308 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 31, "message": { "text": "The class Encoding contains debug code, which can create unintended entry points in a deployed web application.\r\nDebug code can create unintended entry points in a deployed web application." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 740, "snippet": { "text": "\tpublic static void main( String[] args )" } }, "contextRegion": { "startLine": 737, "endLine": 743, "snippet": { "text": "\t * @param args The command line arguments\n\t */\n\n\tpublic static void main( String[] args )\n\t{\n\t\ttry\n\t\t{\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 740, "snippet": { "text": "\tpublic static void main( String[] args )" } }, "contextRegion": { "startLine": 737, "endLine": 743, "snippet": { "text": "\t * @param args The command line arguments\n\t */\n\n\tpublic static void main( String[] args )\n\t{\n\t\ttry\n\t\t{\n" } } }, "message": { "text": "Function: main" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 740 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 17, "message": { "text": "The catch block at [RefreshDBScreen.java](1) line [165](1) handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program.\r\nThe catch block handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 36 }, "region": { "startLine": 165, "endLine": 170, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t s.setMessage(\"Error refreshing database \"\r\n\t\t + this.getClass().getName());\r\n\t e.printStackTrace();\r\n\t}" } }, "contextRegion": { "startLine": 162, "endLine": 173, "snippet": { "text": "\t db.makeDB(connection);\n\t System.out.println(\"Successfully refreshed the database.\");\n\t}\n\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error refreshing database \"\n\t\t + this.getClass().getName());\n\t e.printStackTrace();\n\t}\n }\n}\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 36 }, "region": { "startLine": 165, "endLine": 170, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t s.setMessage(\"Error refreshing database \"\r\n\t\t + this.getClass().getName());\r\n\t e.printStackTrace();\r\n\t}" } }, "contextRegion": { "startLine": 162, "endLine": 173, "snippet": { "text": "\t db.makeDB(connection);\n\t System.out.println(\"Successfully refreshed the database.\");\n\t}\n\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error refreshing database \"\n\t\t + this.getClass().getName());\n\t e.printStackTrace();\n\t}\n }\n}\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 36 }, "region": { "startLine": 165, "startColumn": 2, "endLine": 170 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function findEmployeeProfile() in [FindProfile.java](1) might reveal system data or debugging information by calling printStackTrace() on line [181](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 93 }, "region": { "startLine": 181, "snippet": { "text": "\t\tsqle.printStackTrace();" } }, "contextRegion": { "startLine": 178, "endLine": 184, "snippet": { "text": "\t catch (SQLException sqle)\n\t {\n\t\ts.setMessage(\"Error finding employee profile\");\n\t\tsqle.printStackTrace();\n\t }\n\t}\n\tcatch (Exception e)\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 93 }, "region": { "startLine": 181, "snippet": { "text": "\t\tsqle.printStackTrace();" } }, "contextRegion": { "startLine": 178, "endLine": 184, "snippet": { "text": "\t catch (SQLException sqle)\n\t {\n\t\ts.setMessage(\"Error finding employee profile\");\n\t\tsqle.printStackTrace();\n\t }\n\t}\n\tcatch (Exception e)\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 93 }, "region": { "startLine": 181 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 33, "level": "note", "message": { "text": "Using println() rather than a dedicated logging facility makes it difficult to monitor the behavior of the program.\r\nUsing `System.out` or `System.err` rather than a dedicated logging facility makes it difficult to monitor the behavior of the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 51 }, "region": { "startLine": 120, "snippet": { "text": "\t\t System.out.println(\"Internal server error\");" } }, "contextRegion": { "startLine": 117, "endLine": 123, "snippet": { "text": "\t\t}\n\t\tcatch (UnauthenticatedException ue1)\n\t\t{\n\t\t System.out.println(\"Internal server error\");\n\t\t ue1.printStackTrace();\n\t\t}\n\t\tcatch (UnauthorizedException ue2)\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 51 }, "region": { "startLine": 120, "snippet": { "text": "\t\t System.out.println(\"Internal server error\");" } }, "contextRegion": { "startLine": 117, "endLine": 123, "snippet": { "text": "\t\t}\n\t\tcatch (UnauthenticatedException ue1)\n\t\t{\n\t\t System.out.println(\"Internal server error\");\n\t\t ue1.printStackTrace();\n\t\t}\n\t\tcatch (UnauthorizedException ue2)\n" } } }, "message": { "text": "FunctionCall: println" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 51 }, "region": { "startLine": 120 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 136, "level": "error", "message": { "text": "The random number generator implemented by random() cannot withstand a cryptographic attack.\r\nStandard pseudorandom number generators cannot withstand cryptographic attacks." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 128 }, "region": { "startLine": 77, "snippet": { "text": " protected static long seq = Math.round(Math.random() * 10240) + 10000;" } }, "contextRegion": { "startLine": 74, "endLine": 80, "snippet": { "text": "\n protected static List sessionList = new ArrayList();\n\n protected static long seq = Math.round(Math.random() * 10240) + 10000;\n\n protected static long lastTime = System.currentTimeMillis();\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 128 }, "region": { "startLine": 77, "snippet": { "text": " protected static long seq = Math.round(Math.random() * 10240) + 10000;" } }, "contextRegion": { "startLine": 74, "endLine": 80, "snippet": { "text": "\n protected static List sessionList = new ArrayList();\n\n protected static long seq = Math.round(Math.random() * 10240) + 10000;\n\n protected static long lastTime = System.currentTimeMillis();\n\n" } } }, "message": { "text": "random()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 128 }, "region": { "startLine": 77 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 33, "level": "note", "message": { "text": "Using println() rather than a dedicated logging facility makes it difficult to monitor the behavior of the program.\r\nUsing `System.out` or `System.err` rather than a dedicated logging facility makes it difficult to monitor the behavior of the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 51 }, "region": { "startLine": 125, "snippet": { "text": "\t\t System.out.println(\"Internal server error\");" } }, "contextRegion": { "startLine": 122, "endLine": 128, "snippet": { "text": "\t\t}\n\t\tcatch (UnauthorizedException ue2)\n\t\t{\n\t\t System.out.println(\"Internal server error\");\n\t\t ue2.printStackTrace();\n\t\t}\n\t }\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 51 }, "region": { "startLine": 125, "snippet": { "text": "\t\t System.out.println(\"Internal server error\");" } }, "contextRegion": { "startLine": 122, "endLine": 128, "snippet": { "text": "\t\t}\n\t\tcatch (UnauthorizedException ue2)\n\t\t{\n\t\t System.out.println(\"Internal server error\");\n\t\t ue2.printStackTrace();\n\t\t}\n\t }\n" } } }, "message": { "text": "FunctionCall: println" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 51 }, "region": { "startLine": 125 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 68, "message": { "text": "Without proper access control, the method createEmployeeProfile() in [UpdateProfile.java](1) can execute a SQL statement on line [340](1) that contains an attacker-controlled primary key, thereby allowing the attacker to access unauthorized records.\r\nWithout proper access control, executing a SQL statement that contains a user-controlled primary key can allow an attacker to view unauthorized records." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 340, "snippet": { "text": "\t\tstatement.executeUpdate(query);" } }, "contextRegion": { "startLine": 337, "endLine": 343, "snippet": { "text": "\t {\n\t\tStatement statement = WebSession.getConnection(s)\n\t\t\t.createStatement();\n\t\tstatement.executeUpdate(query);\n\t }\n\t catch (SQLException sqle)\n\t {\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 471 }, { "index": 472 }, { "index": 473 }, { "index": 474 }, { "index": 90 }, { "index": 91 }, { "index": 476 }, { "index": 93 }, { "index": 477 }, { "index": 478 }, { "index": 82 }, { "index": 97 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 340, "snippet": { "text": "\t\tstatement.executeUpdate(query);" } }, "contextRegion": { "startLine": 337, "endLine": 343, "snippet": { "text": "\t {\n\t\tStatement statement = WebSession.getConnection(s)\n\t\t\t.createStatement();\n\t\tstatement.executeUpdate(query);\n\t }\n\t catch (SQLException sqle)\n\t {\n" } } }, "message": { "text": "executeUpdate(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 340, "startColumn": 27 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 108, "level": "error", "message": { "text": "The method getStringParameter() in [ParameterParser.java](1) mishandles confidential information, which can compromise user privacy and is often illegal.\r\nMishandling private information, such as customer passwords or social security numbers, can compromise user privacy and is often illegal." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 699, "snippet": { "text": "\t throw new ParameterNotFoundException(name + \" was empty\");" } }, "contextRegion": { "startLine": 696, "endLine": 702, "snippet": { "text": "\t}\n\telse if (values[0].length() == 0)\n\t{\n\t throw new ParameterNotFoundException(name + \" was empty\");\n\t}\n\telse\n\t{\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 162 }, { "index": 163 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 699, "snippet": { "text": "\t throw new ParameterNotFoundException(name + \" was empty\");" } }, "contextRegion": { "startLine": 696, "endLine": 702, "snippet": { "text": "\t}\n\telse if (values[0].length() == 0)\n\t{\n\t throw new ParameterNotFoundException(name + \" was empty\");\n\t}\n\telse\n\t{\n" } } }, "message": { "text": "ParameterNotFoundException(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 699 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 16, "message": { "text": "Storing passwords or password details in plaintext anywhere in the system or system code may compromise system security in a way that cannot be easily remedied." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 89 }, "region": { "startLine": 100, "snippet": { "text": "\t\t // Note: Do NOT get the password field." } }, "contextRegion": { "startLine": 97, "endLine": 103, "snippet": { "text": "\t\tResultSet answer_results = answer_statement.executeQuery();\n\t\tif (answer_results.next())\n\t\t{\n\t\t // Note: Do NOT get the password field.\n\t\t profile = new Employee(answer_results.getInt(\"userid\"),\n\t\t\t answer_results.getString(\"first_name\"),\n\t\t\t answer_results.getString(\"last_name\"),\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 89 }, "region": { "startLine": 100, "snippet": { "text": "\t\t // Note: Do NOT get the password field." } }, "contextRegion": { "startLine": 97, "endLine": 103, "snippet": { "text": "\t\tResultSet answer_results = answer_statement.executeQuery();\n\t\tif (answer_results.next())\n\t\t{\n\t\t // Note: Do NOT get the password field.\n\t\t profile = new Employee(answer_results.getInt(\"userid\"),\n\t\t\t answer_results.getString(\"first_name\"),\n\t\t\t answer_results.getString(\"last_name\"),\n" } } }, "message": { "text": "Comment" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 89 }, "region": { "startLine": 100, "startColumn": 7 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 16, "message": { "text": "Storing passwords or password details in plaintext anywhere in the system or system code may compromise system security in a way that cannot be easily remedied." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 89 }, "region": { "startLine": 158, "snippet": { "text": "\t\t // Note: Do NOT get the password field." } }, "contextRegion": { "startLine": 155, "endLine": 161, "snippet": { "text": "\t\tResultSet answer_results = answer_statement.executeQuery();\n\t\tif (answer_results.next())\n\t\t{\n\t\t // Note: Do NOT get the password field.\n\t\t profile = new Employee(answer_results.getInt(\"userid\"),\n\t\t\t answer_results.getString(\"first_name\"),\n\t\t\t answer_results.getString(\"last_name\"),\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 89 }, "region": { "startLine": 158, "snippet": { "text": "\t\t // Note: Do NOT get the password field." } }, "contextRegion": { "startLine": 155, "endLine": 161, "snippet": { "text": "\t\tResultSet answer_results = answer_statement.executeQuery();\n\t\tif (answer_results.next())\n\t\t{\n\t\t // Note: Do NOT get the password field.\n\t\t profile = new Employee(answer_results.getInt(\"userid\"),\n\t\t\t answer_results.getString(\"first_name\"),\n\t\t\t answer_results.getString(\"last_name\"),\n" } } }, "message": { "text": "Comment" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 89 }, "region": { "startLine": 158, "startColumn": 7 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 16, "message": { "text": "Storing passwords or password details in plaintext anywhere in the system or system code may compromise system security in a way that cannot be easily remedied." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 51 }, "region": { "startLine": 184, "snippet": { "text": "\t\t // Note: Do NOT get the password field." } }, "contextRegion": { "startLine": 181, "endLine": 187, "snippet": { "text": "\t\tif (answer_results.next())\n\t\t{\n\t\t int id = answer_results.getInt(\"userid\");\n\t\t // Note: Do NOT get the password field.\n\t\t profile = new Employee(id, answer_results\n\t\t\t .getString(\"first_name\"), answer_results\n\t\t\t .getString(\"last_name\"), answer_results\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 51 }, "region": { "startLine": 184, "snippet": { "text": "\t\t // Note: Do NOT get the password field." } }, "contextRegion": { "startLine": 181, "endLine": 187, "snippet": { "text": "\t\tif (answer_results.next())\n\t\t{\n\t\t int id = answer_results.getInt(\"userid\");\n\t\t // Note: Do NOT get the password field.\n\t\t profile = new Employee(id, answer_results\n\t\t\t .getString(\"first_name\"), answer_results\n\t\t\t .getString(\"last_name\"), answer_results\n" } } }, "message": { "text": "Comment" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 51 }, "region": { "startLine": 184, "startColumn": 7 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 16, "message": { "text": "Storing passwords or password details in plaintext anywhere in the system or system code may compromise system security in a way that cannot be easily remedied." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 53 }, "region": { "startLine": 115, "snippet": { "text": "\t\t // Note: Do NOT get the password field." } }, "contextRegion": { "startLine": 112, "endLine": 118, "snippet": { "text": "\t\tResultSet answer_results = answer_statement.executeQuery(query);\n\t\tif (answer_results.next())\n\t\t{\n\t\t // Note: Do NOT get the password field.\n\t\t profile = new Employee(answer_results.getInt(\"userid\"),\n\t\t\t answer_results.getString(\"first_name\"),\n\t\t\t answer_results.getString(\"last_name\"),\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 53 }, "region": { "startLine": 115, "snippet": { "text": "\t\t // Note: Do NOT get the password field." } }, "contextRegion": { "startLine": 112, "endLine": 118, "snippet": { "text": "\t\tResultSet answer_results = answer_statement.executeQuery(query);\n\t\tif (answer_results.next())\n\t\t{\n\t\t // Note: Do NOT get the password field.\n\t\t profile = new Employee(answer_results.getInt(\"userid\"),\n\t\t\t answer_results.getString(\"first_name\"),\n\t\t\t answer_results.getString(\"last_name\"),\n" } } }, "message": { "text": "Comment" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 53 }, "region": { "startLine": 115, "startColumn": 7 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 16, "message": { "text": "Storing passwords or password details in plaintext anywhere in the system or system code may compromise system security in a way that cannot be easily remedied." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 53 }, "region": { "startLine": 175, "snippet": { "text": "\t\t // Note: Do NOT get the password field." } }, "contextRegion": { "startLine": 172, "endLine": 178, "snippet": { "text": "\t\tResultSet answer_results = answer_statement.executeQuery(query);\n\t\tif (answer_results.next())\n\t\t{\n\t\t // Note: Do NOT get the password field.\n\t\t profile = new Employee(answer_results.getInt(\"userid\"),\n\t\t\t answer_results.getString(\"first_name\"),\n\t\t\t answer_results.getString(\"last_name\"),\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 53 }, "region": { "startLine": 175, "snippet": { "text": "\t\t // Note: Do NOT get the password field." } }, "contextRegion": { "startLine": 172, "endLine": 178, "snippet": { "text": "\t\tResultSet answer_results = answer_statement.executeQuery(query);\n\t\tif (answer_results.next())\n\t\t{\n\t\t // Note: Do NOT get the password field.\n\t\t profile = new Employee(answer_results.getInt(\"userid\"),\n\t\t\t answer_results.getString(\"first_name\"),\n\t\t\t answer_results.getString(\"last_name\"),\n" } } }, "message": { "text": "Comment" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 53 }, "region": { "startLine": 175, "startColumn": 7 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 16, "message": { "text": "Storing passwords or password details in plaintext anywhere in the system or system code may compromise system security in a way that cannot be easily remedied." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 138 }, "region": { "startLine": 100, "snippet": { "text": "\t\t // Note: Do NOT get the password field." } }, "contextRegion": { "startLine": 97, "endLine": 103, "snippet": { "text": "\t\tResultSet answer_results = answer_statement.executeQuery();\n\t\tif (answer_results.next())\n\t\t{\n\t\t // Note: Do NOT get the password field.\n\t\t profile = new Employee(answer_results.getInt(\"userid\"),\n\t\t\t answer_results.getString(\"first_name\"),\n\t\t\t answer_results.getString(\"last_name\"),\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 138 }, "region": { "startLine": 100, "snippet": { "text": "\t\t // Note: Do NOT get the password field." } }, "contextRegion": { "startLine": 97, "endLine": 103, "snippet": { "text": "\t\tResultSet answer_results = answer_statement.executeQuery();\n\t\tif (answer_results.next())\n\t\t{\n\t\t // Note: Do NOT get the password field.\n\t\t profile = new Employee(answer_results.getInt(\"userid\"),\n\t\t\t answer_results.getString(\"first_name\"),\n\t\t\t answer_results.getString(\"last_name\"),\n" } } }, "message": { "text": "Comment" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 138 }, "region": { "startLine": 100, "startColumn": 7 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 16, "message": { "text": "Storing passwords or password details in plaintext anywhere in the system or system code may compromise system security in a way that cannot be easily remedied." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 138 }, "region": { "startLine": 161, "snippet": { "text": "\t\t // Note: Do NOT get the password field." } }, "contextRegion": { "startLine": 158, "endLine": 164, "snippet": { "text": "\t\tResultSet answer_results = answer_statement.executeQuery();\n\t\tif (answer_results.next())\n\t\t{\n\t\t // Note: Do NOT get the password field.\n\t\t profile = new Employee(answer_results.getInt(\"userid\"),\n\t\t\t answer_results.getString(\"first_name\"),\n\t\t\t answer_results.getString(\"last_name\"),\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 138 }, "region": { "startLine": 161, "snippet": { "text": "\t\t // Note: Do NOT get the password field." } }, "contextRegion": { "startLine": 158, "endLine": 164, "snippet": { "text": "\t\tResultSet answer_results = answer_statement.executeQuery();\n\t\tif (answer_results.next())\n\t\t{\n\t\t // Note: Do NOT get the password field.\n\t\t profile = new Employee(answer_results.getInt(\"userid\"),\n\t\t\t answer_results.getString(\"first_name\"),\n\t\t\t answer_results.getString(\"last_name\"),\n" } } }, "message": { "text": "Comment" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 138 }, "region": { "startLine": 161, "startColumn": 7 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 16, "message": { "text": "Storing passwords or password details in plaintext anywhere in the system or system code may compromise system security in a way that cannot be easily remedied." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 93 }, "region": { "startLine": 152, "snippet": { "text": "\t\t // Note: Do NOT get the password field." } }, "contextRegion": { "startLine": 149, "endLine": 155, "snippet": { "text": "\t\tif (answer_results.next())\n\t\t{\n\t\t int id = answer_results.getInt(\"userid\");\n\t\t // Note: Do NOT get the password field.\n\t\t profile = new Employee(id, answer_results\n\t\t\t .getString(\"first_name\"), answer_results\n\t\t\t .getString(\"last_name\"), answer_results\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 93 }, "region": { "startLine": 152, "snippet": { "text": "\t\t // Note: Do NOT get the password field." } }, "contextRegion": { "startLine": 149, "endLine": 155, "snippet": { "text": "\t\tif (answer_results.next())\n\t\t{\n\t\t int id = answer_results.getInt(\"userid\");\n\t\t // Note: Do NOT get the password field.\n\t\t profile = new Employee(id, answer_results\n\t\t\t .getString(\"first_name\"), answer_results\n\t\t\t .getString(\"last_name\"), answer_results\n" } } }, "message": { "text": "Comment" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 93 }, "region": { "startLine": 152, "startColumn": 7 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 16, "message": { "text": "Storing passwords or password details in plaintext anywhere in the system or system code may compromise system security in a way that cannot be easily remedied." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 66 }, "region": { "startLine": 135, "snippet": { "text": "\t\t // Note: Do NOT get the password field." } }, "contextRegion": { "startLine": 132, "endLine": 138, "snippet": { "text": "\t\tResultSet answer_results = answer_statement.executeQuery(query);\n\t\tif (answer_results.next())\n\t\t{\n\t\t // Note: Do NOT get the password field.\n\t\t profile = new Employee(answer_results.getInt(\"userid\"),\n\t\t\t answer_results.getString(\"first_name\"),\n\t\t\t answer_results.getString(\"last_name\"),\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 66 }, "region": { "startLine": 135, "snippet": { "text": "\t\t // Note: Do NOT get the password field." } }, "contextRegion": { "startLine": 132, "endLine": 138, "snippet": { "text": "\t\tResultSet answer_results = answer_statement.executeQuery(query);\n\t\tif (answer_results.next())\n\t\t{\n\t\t // Note: Do NOT get the password field.\n\t\t profile = new Employee(answer_results.getInt(\"userid\"),\n\t\t\t answer_results.getString(\"first_name\"),\n\t\t\t answer_results.getString(\"last_name\"),\n" } } }, "message": { "text": "Comment" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 66 }, "region": { "startLine": 135, "startColumn": 7 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 16, "message": { "text": "Storing passwords or password details in plaintext anywhere in the system or system code may compromise system security in a way that cannot be easily remedied." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 66 }, "region": { "startLine": 195, "snippet": { "text": "\t\t // Note: Do NOT get the password field." } }, "contextRegion": { "startLine": 192, "endLine": 198, "snippet": { "text": "\t\tResultSet answer_results = answer_statement.executeQuery(query);\n\t\tif (answer_results.next())\n\t\t{\n\t\t // Note: Do NOT get the password field.\n\t\t profile = new Employee(answer_results.getInt(\"userid\"),\n\t\t\t answer_results.getString(\"first_name\"),\n\t\t\t answer_results.getString(\"last_name\"),\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 66 }, "region": { "startLine": 195, "snippet": { "text": "\t\t // Note: Do NOT get the password field." } }, "contextRegion": { "startLine": 192, "endLine": 198, "snippet": { "text": "\t\tResultSet answer_results = answer_statement.executeQuery(query);\n\t\tif (answer_results.next())\n\t\t{\n\t\t // Note: Do NOT get the password field.\n\t\t profile = new Employee(answer_results.getInt(\"userid\"),\n\t\t\t answer_results.getString(\"first_name\"),\n\t\t\t answer_results.getString(\"last_name\"),\n" } } }, "message": { "text": "Comment" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 66 }, "region": { "startLine": 195, "startColumn": 7 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 16, "message": { "text": "Storing passwords or password details in plaintext anywhere in the system or system code may compromise system security in a way that cannot be easily remedied." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 38 }, "region": { "startLine": 121, "snippet": { "text": "\t\t // Note: Do NOT get the password field." } }, "contextRegion": { "startLine": 118, "endLine": 124, "snippet": { "text": "\t\tResultSet answer_results = answer_statement.executeQuery(query);\n\t\tif (answer_results.next())\n\t\t{\n\t\t // Note: Do NOT get the password field.\n\t\t profile = new Employee(answer_results.getInt(\"userid\"),\n\t\t\t answer_results.getString(\"first_name\"),\n\t\t\t answer_results.getString(\"last_name\"),\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 38 }, "region": { "startLine": 121, "snippet": { "text": "\t\t // Note: Do NOT get the password field." } }, "contextRegion": { "startLine": 118, "endLine": 124, "snippet": { "text": "\t\tResultSet answer_results = answer_statement.executeQuery(query);\n\t\tif (answer_results.next())\n\t\t{\n\t\t // Note: Do NOT get the password field.\n\t\t profile = new Employee(answer_results.getInt(\"userid\"),\n\t\t\t answer_results.getString(\"first_name\"),\n\t\t\t answer_results.getString(\"last_name\"),\n" } } }, "message": { "text": "Comment" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 38 }, "region": { "startLine": 121, "startColumn": 7 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 16, "message": { "text": "Storing passwords or password details in plaintext anywhere in the system or system code may compromise system security in a way that cannot be easily remedied." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 38 }, "region": { "startLine": 181, "snippet": { "text": "\t\t // Note: Do NOT get the password field." } }, "contextRegion": { "startLine": 178, "endLine": 184, "snippet": { "text": "\t\tResultSet answer_results = answer_statement.executeQuery(query);\n\t\tif (answer_results.next())\n\t\t{\n\t\t // Note: Do NOT get the password field.\n\t\t profile = new Employee(answer_results.getInt(\"userid\"),\n\t\t\t answer_results.getString(\"first_name\"),\n\t\t\t answer_results.getString(\"last_name\"),\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 38 }, "region": { "startLine": 181, "snippet": { "text": "\t\t // Note: Do NOT get the password field." } }, "contextRegion": { "startLine": 178, "endLine": 184, "snippet": { "text": "\t\tResultSet answer_results = answer_statement.executeQuery(query);\n\t\tif (answer_results.next())\n\t\t{\n\t\t // Note: Do NOT get the password field.\n\t\t profile = new Employee(answer_results.getInt(\"userid\"),\n\t\t\t answer_results.getString(\"first_name\"),\n\t\t\t answer_results.getString(\"last_name\"),\n" } } }, "message": { "text": "Comment" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 38 }, "region": { "startLine": 181, "startColumn": 7 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 133, "message": { "text": "The function showDefaceAttempt() in [Challenge2Screen.java](1) sometimes fails to release a system resource allocated by FileReader() on line 406.\r\nThe program can potentially fail to release a system resource." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 406, "snippet": { "text": "\tString origText = getFileText(new BufferedReader(new FileReader(s" } }, "contextRegion": { "startLine": 403, "endLine": 409, "snippet": { "text": "\t\tWEBGOAT_CHALLENGE + \"_\" + s.getUserName() + JSP);\n\tString defaced = getFileText(new BufferedReader(\n\t\tnew FileReader(origpath)), false);\n\tString origText = getFileText(new BufferedReader(new FileReader(s\n\t\t.getContext().getRealPath(WEBGOAT_CHALLENGE_JSP))), false);\n\n\t// show webgoat.jsp text\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 406, "snippet": { "text": "\tString origText = getFileText(new BufferedReader(new FileReader(s" } }, "contextRegion": { "startLine": 403, "endLine": 409, "snippet": { "text": "\t\tWEBGOAT_CHALLENGE + \"_\" + s.getUserName() + JSP);\n\tString defaced = getFileText(new BufferedReader(\n\t\tnew FileReader(origpath)), false);\n\tString origText = getFileText(new BufferedReader(new FileReader(s\n\t\t.getContext().getRealPath(WEBGOAT_CHALLENGE_JSP))), false);\n\n\t// show webgoat.jsp text\n" } } }, "message": { "text": "new FileReader(...)" }, "annotations": [ { "startLine": 406, "startColumn": 51, "message": { "text": " refers to an allocated resource" } } ] }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 406, "snippet": { "text": "\tString origText = getFileText(new BufferedReader(new FileReader(s" } }, "contextRegion": { "startLine": 403, "endLine": 409, "snippet": { "text": "\t\tWEBGOAT_CHALLENGE + \"_\" + s.getUserName() + JSP);\n\tString defaced = getFileText(new BufferedReader(\n\t\tnew FileReader(origpath)), false);\n\tString origText = getFileText(new BufferedReader(new FileReader(s\n\t\t.getContext().getRealPath(WEBGOAT_CHALLENGE_JSP))), false);\n\n\t// show webgoat.jsp text\n" } } }, "message": { "text": "new BufferedReader(new java.io.FileReader())" }, "annotations": [ { "startLine": 406, "startColumn": 32, "message": { "text": " refers to an allocated resource" } } ] }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 406, "snippet": { "text": "\tString origText = getFileText(new BufferedReader(new FileReader(s" } }, "contextRegion": { "startLine": 403, "endLine": 409, "snippet": { "text": "\t\tWEBGOAT_CHALLENGE + \"_\" + s.getUserName() + JSP);\n\tString defaced = getFileText(new BufferedReader(\n\t\tnew FileReader(origpath)), false);\n\tString origText = getFileText(new BufferedReader(new FileReader(s\n\t\t.getContext().getRealPath(WEBGOAT_CHALLENGE_JSP))), false);\n\n\t// show webgoat.jsp text\n" } } }, "message": { "text": "getFileText(new java.io.BufferedReader(), ?)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 417, "snippet": { "text": "\treturn ec;" } }, "contextRegion": { "startLine": 414, "endLine": 420, "snippet": { "text": "\tec.addElement(new P().addElement(defaced));\n\tec.addElement(new HR());\n\n\treturn ec;\n }\n\n\n" } } }, "message": { "text": " no longer refers to an allocated resource" } }, "kinds": [ "exit", "scope" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 417, "snippet": { "text": "\treturn ec;" } }, "contextRegion": { "startLine": 414, "endLine": 420, "snippet": { "text": "\tec.addElement(new P().addElement(defaced));\n\tec.addElement(new HR());\n\n\treturn ec;\n }\n\n\n" } } }, "message": { "text": " no longer refers to an allocated resource" } }, "kinds": [ "exit", "scope" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 417, "snippet": { "text": "\treturn ec;" } }, "contextRegion": { "startLine": 414, "endLine": 420, "snippet": { "text": "\tec.addElement(new P().addElement(defaced));\n\tec.addElement(new HR());\n\n\treturn ec;\n }\n\n\n" } } }, "message": { "text": "end scope : Resource leaked" } }, "kinds": [ "exit", "scope" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 406 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 17, "message": { "text": "The catch block at [Challenge2Screen.java](1) line [265](1) handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program.\r\nThe catch block handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 265, "endLine": 268, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t s.setMessage(\"An error occurred in the woods\");\r\n\t}" } }, "contextRegion": { "startLine": 262, "endLine": 271, "snippet": { "text": "\t\tec.addElement(input);\n\t }\n\t}\n\tcatch (Exception e)\n\t{\n\t s.setMessage(\"An error occurred in the woods\");\n\t}\n\n\treturn (ec);\n\t//\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 265, "endLine": 268, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t s.setMessage(\"An error occurred in the woods\");\r\n\t}" } }, "contextRegion": { "startLine": 262, "endLine": 271, "snippet": { "text": "\t\tec.addElement(input);\n\t }\n\t}\n\tcatch (Exception e)\n\t{\n\t s.setMessage(\"An error occurred in the woods\");\n\t}\n\n\treturn (ec);\n\t//\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 265, "startColumn": 2, "endLine": 268 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 17, "message": { "text": "The catch block at [XMLInjection.java](1) line [126](1) handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program.\r\nThe catch block handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 33 }, "region": { "startLine": 126, "endLine": 129, "snippet": { "text": "\tcatch (Exception ex)\r\n\t{\r\n\t ex.printStackTrace();\r\n\t}" } }, "contextRegion": { "startLine": 123, "endLine": 132, "snippet": { "text": "\t\t}\n\t }\n\t}\n\tcatch (Exception ex)\n\t{\n\t ex.printStackTrace();\n\t}\n\n\tForm form = new Form(getFormAction(), Form.POST).setName(\"form\")\n\t\t.setEncType(\"\");\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 33 }, "region": { "startLine": 126, "endLine": 129, "snippet": { "text": "\tcatch (Exception ex)\r\n\t{\r\n\t ex.printStackTrace();\r\n\t}" } }, "contextRegion": { "startLine": 123, "endLine": 132, "snippet": { "text": "\t\t}\n\t }\n\t}\n\tcatch (Exception ex)\n\t{\n\t ex.printStackTrace();\n\t}\n\n\tForm form = new Form(getFormAction(), Form.POST).setName(\"form\")\n\t\t.setEncType(\"\");\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 33 }, "region": { "startLine": 126, "startColumn": 2, "endLine": 129 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function handleRequest() in [XMLInjection.java](1) might reveal system data or debugging information by calling printStackTrace() on line [128](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 33 }, "region": { "startLine": 128, "snippet": { "text": "\t ex.printStackTrace();" } }, "contextRegion": { "startLine": 125, "endLine": 131, "snippet": { "text": "\t}\n\tcatch (Exception ex)\n\t{\n\t ex.printStackTrace();\n\t}\n\n\tForm form = new Form(getFormAction(), Form.POST).setName(\"form\")\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 33 }, "region": { "startLine": 128, "snippet": { "text": "\t ex.printStackTrace();" } }, "contextRegion": { "startLine": 125, "endLine": 131, "snippet": { "text": "\t}\n\tcatch (Exception ex)\n\t{\n\t ex.printStackTrace();\n\t}\n\n\tForm form = new Form(getFormAction(), Form.POST).setName(\"form\")\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 33 }, "region": { "startLine": 128 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 133, "message": { "text": "The function showDefaceAttempt() in [Challenge2Screen.java](1) sometimes fails to release a system resource allocated by FileReader() on line 405.\r\nThe program can potentially fail to release a system resource." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 404, "snippet": { "text": "\tString defaced = getFileText(new BufferedReader(" } }, "contextRegion": { "startLine": 401, "endLine": 407, "snippet": { "text": "\t// get current text and compare to the new text\n\tString origpath = s.getContext().getRealPath(\n\t\tWEBGOAT_CHALLENGE + \"_\" + s.getUserName() + JSP);\n\tString defaced = getFileText(new BufferedReader(\n\t\tnew FileReader(origpath)), false);\n\tString origText = getFileText(new BufferedReader(new FileReader(s\n\t\t.getContext().getRealPath(WEBGOAT_CHALLENGE_JSP))), false);\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 405, "snippet": { "text": "\t\tnew FileReader(origpath)), false);" } }, "contextRegion": { "startLine": 402, "endLine": 408, "snippet": { "text": "\tString origpath = s.getContext().getRealPath(\n\t\tWEBGOAT_CHALLENGE + \"_\" + s.getUserName() + JSP);\n\tString defaced = getFileText(new BufferedReader(\n\t\tnew FileReader(origpath)), false);\n\tString origText = getFileText(new BufferedReader(new FileReader(s\n\t\t.getContext().getRealPath(WEBGOAT_CHALLENGE_JSP))), false);\n\n" } } }, "message": { "text": "new FileReader(...)" }, "annotations": [ { "startLine": 405, "startColumn": 3, "message": { "text": " refers to an allocated resource" } } ] }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 404, "snippet": { "text": "\tString defaced = getFileText(new BufferedReader(" } }, "contextRegion": { "startLine": 401, "endLine": 407, "snippet": { "text": "\t// get current text and compare to the new text\n\tString origpath = s.getContext().getRealPath(\n\t\tWEBGOAT_CHALLENGE + \"_\" + s.getUserName() + JSP);\n\tString defaced = getFileText(new BufferedReader(\n\t\tnew FileReader(origpath)), false);\n\tString origText = getFileText(new BufferedReader(new FileReader(s\n\t\t.getContext().getRealPath(WEBGOAT_CHALLENGE_JSP))), false);\n" } } }, "message": { "text": "new BufferedReader(new java.io.FileReader())" }, "annotations": [ { "startLine": 404, "startColumn": 31, "message": { "text": " refers to an allocated resource" } } ] }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 404, "snippet": { "text": "\tString defaced = getFileText(new BufferedReader(" } }, "contextRegion": { "startLine": 401, "endLine": 407, "snippet": { "text": "\t// get current text and compare to the new text\n\tString origpath = s.getContext().getRealPath(\n\t\tWEBGOAT_CHALLENGE + \"_\" + s.getUserName() + JSP);\n\tString defaced = getFileText(new BufferedReader(\n\t\tnew FileReader(origpath)), false);\n\tString origText = getFileText(new BufferedReader(new FileReader(s\n\t\t.getContext().getRealPath(WEBGOAT_CHALLENGE_JSP))), false);\n" } } }, "message": { "text": "getFileText(new java.io.BufferedReader(), ?)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 406, "snippet": { "text": "\tString origText = getFileText(new BufferedReader(new FileReader(s" } }, "contextRegion": { "startLine": 403, "endLine": 409, "snippet": { "text": "\t\tWEBGOAT_CHALLENGE + \"_\" + s.getUserName() + JSP);\n\tString defaced = getFileText(new BufferedReader(\n\t\tnew FileReader(origpath)), false);\n\tString origText = getFileText(new BufferedReader(new FileReader(s\n\t\t.getContext().getRealPath(WEBGOAT_CHALLENGE_JSP))), false);\n\n\t// show webgoat.jsp text\n" } } }, "message": { "text": "java.io.FileNotFoundException thrown" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 406, "snippet": { "text": "\tString origText = getFileText(new BufferedReader(new FileReader(s" } }, "contextRegion": { "startLine": 403, "endLine": 409, "snippet": { "text": "\t\tWEBGOAT_CHALLENGE + \"_\" + s.getUserName() + JSP);\n\tString defaced = getFileText(new BufferedReader(\n\t\tnew FileReader(origpath)), false);\n\tString origText = getFileText(new BufferedReader(new FileReader(s\n\t\t.getContext().getRealPath(WEBGOAT_CHALLENGE_JSP))), false);\n\n\t// show webgoat.jsp text\n" } } }, "message": { "text": "throw" } }, "kinds": [ "return", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 406, "snippet": { "text": "\tString origText = getFileText(new BufferedReader(new FileReader(s" } }, "contextRegion": { "startLine": 403, "endLine": 409, "snippet": { "text": "\t\tWEBGOAT_CHALLENGE + \"_\" + s.getUserName() + JSP);\n\tString defaced = getFileText(new BufferedReader(\n\t\tnew FileReader(origpath)), false);\n\tString origText = getFileText(new BufferedReader(new FileReader(s\n\t\t.getContext().getRealPath(WEBGOAT_CHALLENGE_JSP))), false);\n\n\t// show webgoat.jsp text\n" } } }, "message": { "text": " no longer refers to an allocated resource" } }, "kinds": [ "exit", "scope" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 406, "snippet": { "text": "\tString origText = getFileText(new BufferedReader(new FileReader(s" } }, "contextRegion": { "startLine": 403, "endLine": 409, "snippet": { "text": "\t\tWEBGOAT_CHALLENGE + \"_\" + s.getUserName() + JSP);\n\tString defaced = getFileText(new BufferedReader(\n\t\tnew FileReader(origpath)), false);\n\tString origText = getFileText(new BufferedReader(new FileReader(s\n\t\t.getContext().getRealPath(WEBGOAT_CHALLENGE_JSP))), false);\n\n\t// show webgoat.jsp text\n" } } }, "message": { "text": " no longer refers to an allocated resource" } }, "kinds": [ "exit", "scope" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 406, "snippet": { "text": "\tString origText = getFileText(new BufferedReader(new FileReader(s" } }, "contextRegion": { "startLine": 403, "endLine": 409, "snippet": { "text": "\t\tWEBGOAT_CHALLENGE + \"_\" + s.getUserName() + JSP);\n\tString defaced = getFileText(new BufferedReader(\n\t\tnew FileReader(origpath)), false);\n\tString origText = getFileText(new BufferedReader(new FileReader(s\n\t\t.getContext().getRealPath(WEBGOAT_CHALLENGE_JSP))), false);\n\n\t// show webgoat.jsp text\n" } } }, "message": { "text": "end scope : Resource leaked : java.io.FileNotFoundException thrown" } }, "kinds": [ "exit", "scope" ] } ] } ] }, { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 405, "snippet": { "text": "\t\tnew FileReader(origpath)), false);" } }, "contextRegion": { "startLine": 402, "endLine": 408, "snippet": { "text": "\tString origpath = s.getContext().getRealPath(\n\t\tWEBGOAT_CHALLENGE + \"_\" + s.getUserName() + JSP);\n\tString defaced = getFileText(new BufferedReader(\n\t\tnew FileReader(origpath)), false);\n\tString origText = getFileText(new BufferedReader(new FileReader(s\n\t\t.getContext().getRealPath(WEBGOAT_CHALLENGE_JSP))), false);\n\n" } } }, "message": { "text": "new FileReader(...)" }, "annotations": [ { "startLine": 405, "startColumn": 3, "message": { "text": " refers to an allocated resource" } } ] }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 404, "snippet": { "text": "\tString defaced = getFileText(new BufferedReader(" } }, "contextRegion": { "startLine": 401, "endLine": 407, "snippet": { "text": "\t// get current text and compare to the new text\n\tString origpath = s.getContext().getRealPath(\n\t\tWEBGOAT_CHALLENGE + \"_\" + s.getUserName() + JSP);\n\tString defaced = getFileText(new BufferedReader(\n\t\tnew FileReader(origpath)), false);\n\tString origText = getFileText(new BufferedReader(new FileReader(s\n\t\t.getContext().getRealPath(WEBGOAT_CHALLENGE_JSP))), false);\n" } } }, "message": { "text": "new BufferedReader(new java.io.FileReader())" }, "annotations": [ { "startLine": 404, "startColumn": 31, "message": { "text": " refers to an allocated resource" } } ] }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 404, "snippet": { "text": "\tString defaced = getFileText(new BufferedReader(" } }, "contextRegion": { "startLine": 401, "endLine": 407, "snippet": { "text": "\t// get current text and compare to the new text\n\tString origpath = s.getContext().getRealPath(\n\t\tWEBGOAT_CHALLENGE + \"_\" + s.getUserName() + JSP);\n\tString defaced = getFileText(new BufferedReader(\n\t\tnew FileReader(origpath)), false);\n\tString origText = getFileText(new BufferedReader(new FileReader(s\n\t\t.getContext().getRealPath(WEBGOAT_CHALLENGE_JSP))), false);\n" } } }, "message": { "text": "getFileText(new java.io.BufferedReader(), ?)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 417, "snippet": { "text": "\treturn ec;" } }, "contextRegion": { "startLine": 414, "endLine": 420, "snippet": { "text": "\tec.addElement(new P().addElement(defaced));\n\tec.addElement(new HR());\n\n\treturn ec;\n }\n\n\n" } } }, "message": { "text": " no longer refers to an allocated resource" } }, "kinds": [ "exit", "scope" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 417, "snippet": { "text": "\treturn ec;" } }, "contextRegion": { "startLine": 414, "endLine": 420, "snippet": { "text": "\tec.addElement(new P().addElement(defaced));\n\tec.addElement(new HR());\n\n\treturn ec;\n }\n\n\n" } } }, "message": { "text": " no longer refers to an allocated resource" } }, "kinds": [ "exit", "scope" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 417, "snippet": { "text": "\treturn ec;" } }, "contextRegion": { "startLine": 414, "endLine": 420, "snippet": { "text": "\tec.addElement(new P().addElement(defaced));\n\tec.addElement(new HR());\n\n\treturn ec;\n }\n\n\n" } } }, "message": { "text": "end scope : Resource leaked" } }, "kinds": [ "exit", "scope" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 404 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 133, "message": { "text": "The function resetWebPage() in [Challenge2Screen.java](1) sometimes fails to release a system resource allocated by FileWriter() on line 433.\r\nThe program can potentially fail to release a system resource." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 433, "snippet": { "text": "\t FileWriter fw = new FileWriter(usersFile);" } }, "contextRegion": { "startLine": 430, "endLine": 436, "snippet": { "text": "\n\t // replace the defaced text with the original\n\t File usersFile = new File(defacedpath);\n\t FileWriter fw = new FileWriter(usersFile);\n\t fw.write(getFileText(new BufferedReader(new FileReader(\n\t\t masterFilePath)), false));\n\t fw.close();\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 433, "snippet": { "text": "\t FileWriter fw = new FileWriter(usersFile);" } }, "contextRegion": { "startLine": 430, "endLine": 436, "snippet": { "text": "\n\t // replace the defaced text with the original\n\t File usersFile = new File(defacedpath);\n\t FileWriter fw = new FileWriter(usersFile);\n\t fw.write(getFileText(new BufferedReader(new FileReader(\n\t\t masterFilePath)), false));\n\t fw.close();\n" } } }, "message": { "text": "fw = new FileWriter(...)" }, "annotations": [ { "startLine": 433, "startColumn": 6, "message": { "text": "fw refers to an allocated resource" } } ] }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 435, "snippet": { "text": "\t\t masterFilePath)), false));" } }, "contextRegion": { "startLine": 432, "endLine": 438, "snippet": { "text": "\t File usersFile = new File(defacedpath);\n\t FileWriter fw = new FileWriter(usersFile);\n\t fw.write(getFileText(new BufferedReader(new FileReader(\n\t\t masterFilePath)), false));\n\t fw.close();\n\t //\t\t\tSystem.out.println(\"webgoat_guest replaced: \" + getFileText( new BufferedReader( new FileReader( defacedpath ) ), false ) );\n\t}\n" } } }, "message": { "text": "java.lang.Exception thrown" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 435, "snippet": { "text": "\t\t masterFilePath)), false));" } }, "contextRegion": { "startLine": 432, "endLine": 438, "snippet": { "text": "\t File usersFile = new File(defacedpath);\n\t FileWriter fw = new FileWriter(usersFile);\n\t fw.write(getFileText(new BufferedReader(new FileReader(\n\t\t masterFilePath)), false));\n\t fw.close();\n\t //\t\t\tSystem.out.println(\"webgoat_guest replaced: \" + getFileText( new BufferedReader( new FileReader( defacedpath ) ), false ) );\n\t}\n" } } }, "message": { "text": "fw no longer refers to an allocated resource" } }, "kinds": [ "exit", "scope" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 435, "snippet": { "text": "\t\t masterFilePath)), false));" } }, "contextRegion": { "startLine": 432, "endLine": 438, "snippet": { "text": "\t File usersFile = new File(defacedpath);\n\t FileWriter fw = new FileWriter(usersFile);\n\t fw.write(getFileText(new BufferedReader(new FileReader(\n\t\t masterFilePath)), false));\n\t fw.close();\n\t //\t\t\tSystem.out.println(\"webgoat_guest replaced: \" + getFileText( new BufferedReader( new FileReader( defacedpath ) ), false ) );\n\t}\n" } } }, "message": { "text": "fw no longer refers to an allocated resource" } }, "kinds": [ "exit", "scope" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 435, "snippet": { "text": "\t\t masterFilePath)), false));" } }, "contextRegion": { "startLine": 432, "endLine": 438, "snippet": { "text": "\t File usersFile = new File(defacedpath);\n\t FileWriter fw = new FileWriter(usersFile);\n\t fw.write(getFileText(new BufferedReader(new FileReader(\n\t\t masterFilePath)), false));\n\t fw.close();\n\t //\t\t\tSystem.out.println(\"webgoat_guest replaced: \" + getFileText( new BufferedReader( new FileReader( defacedpath ) ), false ) );\n\t}\n" } } }, "message": { "text": "fw end scope : Resource leaked : java.lang.Exception thrown" } }, "kinds": [ "exit", "scope" ] } ] } ] }, { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 433, "snippet": { "text": "\t FileWriter fw = new FileWriter(usersFile);" } }, "contextRegion": { "startLine": 430, "endLine": 436, "snippet": { "text": "\n\t // replace the defaced text with the original\n\t File usersFile = new File(defacedpath);\n\t FileWriter fw = new FileWriter(usersFile);\n\t fw.write(getFileText(new BufferedReader(new FileReader(\n\t\t masterFilePath)), false));\n\t fw.close();\n" } } }, "message": { "text": "fw = new FileWriter(...)" }, "annotations": [ { "startLine": 433, "startColumn": 6, "message": { "text": "fw refers to an allocated resource" } } ] }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 434, "snippet": { "text": "\t fw.write(getFileText(new BufferedReader(new FileReader(" } }, "contextRegion": { "startLine": 431, "endLine": 437, "snippet": { "text": "\t // replace the defaced text with the original\n\t File usersFile = new File(defacedpath);\n\t FileWriter fw = new FileWriter(usersFile);\n\t fw.write(getFileText(new BufferedReader(new FileReader(\n\t\t masterFilePath)), false));\n\t fw.close();\n\t //\t\t\tSystem.out.println(\"webgoat_guest replaced: \" + getFileText( new BufferedReader( new FileReader( defacedpath ) ), false ) );\n" } } }, "message": { "text": "java.lang.Exception thrown" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 434, "snippet": { "text": "\t fw.write(getFileText(new BufferedReader(new FileReader(" } }, "contextRegion": { "startLine": 431, "endLine": 437, "snippet": { "text": "\t // replace the defaced text with the original\n\t File usersFile = new File(defacedpath);\n\t FileWriter fw = new FileWriter(usersFile);\n\t fw.write(getFileText(new BufferedReader(new FileReader(\n\t\t masterFilePath)), false));\n\t fw.close();\n\t //\t\t\tSystem.out.println(\"webgoat_guest replaced: \" + getFileText( new BufferedReader( new FileReader( defacedpath ) ), false ) );\n" } } }, "message": { "text": "fw no longer refers to an allocated resource" } }, "kinds": [ "exit", "scope" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 434, "snippet": { "text": "\t fw.write(getFileText(new BufferedReader(new FileReader(" } }, "contextRegion": { "startLine": 431, "endLine": 437, "snippet": { "text": "\t // replace the defaced text with the original\n\t File usersFile = new File(defacedpath);\n\t FileWriter fw = new FileWriter(usersFile);\n\t fw.write(getFileText(new BufferedReader(new FileReader(\n\t\t masterFilePath)), false));\n\t fw.close();\n\t //\t\t\tSystem.out.println(\"webgoat_guest replaced: \" + getFileText( new BufferedReader( new FileReader( defacedpath ) ), false ) );\n" } } }, "message": { "text": "fw no longer refers to an allocated resource" } }, "kinds": [ "exit", "scope" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 434, "snippet": { "text": "\t fw.write(getFileText(new BufferedReader(new FileReader(" } }, "contextRegion": { "startLine": 431, "endLine": 437, "snippet": { "text": "\t // replace the defaced text with the original\n\t File usersFile = new File(defacedpath);\n\t FileWriter fw = new FileWriter(usersFile);\n\t fw.write(getFileText(new BufferedReader(new FileReader(\n\t\t masterFilePath)), false));\n\t fw.close();\n\t //\t\t\tSystem.out.println(\"webgoat_guest replaced: \" + getFileText( new BufferedReader( new FileReader( defacedpath ) ), false ) );\n" } } }, "message": { "text": "fw end scope : Resource leaked : java.lang.Exception thrown" } }, "kinds": [ "exit", "scope" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 433 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 137, "message": { "text": "Non-final public static fields can be changed by external classes." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 85, "snippet": { "text": " public static String propertiesPath = null;" } }, "contextRegion": { "startLine": 82, "endLine": 88, "snippet": { "text": " /**\n * Properties file path\n */\n public static String propertiesPath = null;\n\n\n /**\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 85, "snippet": { "text": " public static String propertiesPath = null;" } }, "contextRegion": { "startLine": 82, "endLine": 88, "snippet": { "text": " /**\n * Properties file path\n */\n public static String propertiesPath = null;\n\n\n /**\n" } } }, "message": { "text": "Field: propertiesPath" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 85 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 108, "level": "error", "message": { "text": "The method getRawParameter() in [ParameterParser.java](1) mishandles confidential information, which can compromise user privacy and is often illegal.\r\nMishandling private information, such as customer passwords or social security numbers, can compromise user privacy and is often illegal." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 631, "snippet": { "text": "\t throw new ParameterNotFoundException(name + \" not found\");" } }, "contextRegion": { "startLine": 628, "endLine": 634, "snippet": { "text": "\n\tif (values == null)\n\t{\n\t throw new ParameterNotFoundException(name + \" not found\");\n\t}\n\telse if (values[0].length() == 0)\n\t{\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 405 }, { "index": 406 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 631, "snippet": { "text": "\t throw new ParameterNotFoundException(name + \" not found\");" } }, "contextRegion": { "startLine": 628, "endLine": 634, "snippet": { "text": "\n\tif (values == null)\n\t{\n\t throw new ParameterNotFoundException(name + \" not found\");\n\t}\n\telse if (values[0].length() == 0)\n\t{\n" } } }, "message": { "text": "ParameterNotFoundException(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 631 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 102, "level": "error", "message": { "text": "On line [248](1) of [UpdateProfile.java](1), the method changeEmployeeProfile() invokes a SQL query built using input coming from an untrusted source. This call could allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands.\r\nConstructing a dynamic SQL statement with input coming from an untrusted source could allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 248, "snippet": { "text": "\t\tanswer_statement.executeUpdate(query);" } }, "contextRegion": { "startLine": 245, "endLine": 251, "snippet": { "text": "\t\tStatement answer_statement = WebSession.getConnection(s)\n\t\t\t.createStatement(ResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tanswer_statement.executeUpdate(query);\n\t }\n\t catch (SQLException sqle)\n\t {\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 454 }, { "index": 455 }, { "index": 456 }, { "index": 90 }, { "index": 91 }, { "index": 458 }, { "index": 93 }, { "index": 485 }, { "index": 486 }, { "index": 149 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 248, "snippet": { "text": "\t\tanswer_statement.executeUpdate(query);" } }, "contextRegion": { "startLine": 245, "endLine": 251, "snippet": { "text": "\t\tStatement answer_statement = WebSession.getConnection(s)\n\t\t\t.createStatement(ResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tanswer_statement.executeUpdate(query);\n\t }\n\t catch (SQLException sqle)\n\t {\n" } } }, "message": { "text": "executeUpdate(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 248, "startColumn": 34 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function handleRequest() in [RoleBasedAccessControl.java](1) might reveal system data or debugging information by calling printStackTrace() on line [338](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 338, "snippet": { "text": "\t pnfe.printStackTrace();" } }, "contextRegion": { "startLine": 335, "endLine": 341, "snippet": { "text": "\tcatch (ParameterNotFoundException pnfe)\n\t{\n\t System.out.println(\"Missing parameter\");\n\t pnfe.printStackTrace();\n\t setCurrentAction(s, ERROR_ACTION);\n\t}\n\tcatch (ValidationException ve)\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 338, "snippet": { "text": "\t pnfe.printStackTrace();" } }, "contextRegion": { "startLine": 335, "endLine": 341, "snippet": { "text": "\tcatch (ParameterNotFoundException pnfe)\n\t{\n\t System.out.println(\"Missing parameter\");\n\t pnfe.printStackTrace();\n\t setCurrentAction(s, ERROR_ACTION);\n\t}\n\tcatch (ValidationException ve)\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 338 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 126, "level": "error", "message": { "text": "On line [122](1) of [BlindSqlInjection.java](1), the method createContent() invokes a SQL query built using input coming from an untrusted source. This call could allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands.\r\nConstructing a dynamic SQL statement with input coming from an untrusted source could allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 70 }, "region": { "startLine": 122, "snippet": { "text": "\t\t ResultSet results = statement.executeQuery(query);" } }, "contextRegion": { "startLine": 119, "endLine": 125, "snippet": { "text": "\t\t Statement statement = connection.createStatement(\n\t\t\t ResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\t ResultSet.CONCUR_READ_ONLY);\n\t\t ResultSet results = statement.executeQuery(query);\n\n\t\t if ((results != null) && (results.first() == true))\n\t\t {\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 0 }, { "index": 2 }, { "index": 3 }, { "index": 7 }, { "index": 10 }, { "index": 487 }, { "index": 488 }, { "index": 489 }, { "index": 490 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 70 }, "region": { "startLine": 122, "snippet": { "text": "\t\t ResultSet results = statement.executeQuery(query);" } }, "contextRegion": { "startLine": 119, "endLine": 125, "snippet": { "text": "\t\t Statement statement = connection.createStatement(\n\t\t\t ResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\t ResultSet.CONCUR_READ_ONLY);\n\t\t ResultSet results = statement.executeQuery(query);\n\n\t\t if ((results != null) && (results.first() == true))\n\t\t {\n" } } }, "message": { "text": "executeQuery(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 70 }, "region": { "startLine": 122, "startColumn": 50 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 31, "message": { "text": "The class CreateDB contains debug code, which can create unintended entry points in a deployed web application.\r\nDebug code can create unintended entry points in a deployed web application." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 40 }, "region": { "startLine": 50, "snippet": { "text": " public static void main(String[] args)" } }, "contextRegion": { "startLine": 47, "endLine": 53, "snippet": { "text": " *\n * @param args The command line arguments\n */\n public static void main(String[] args)\n {\n\n\tCreateDB db = new CreateDB();\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 40 }, "region": { "startLine": 50, "snippet": { "text": " public static void main(String[] args)" } }, "contextRegion": { "startLine": 47, "endLine": 53, "snippet": { "text": " *\n * @param args The command line arguments\n */\n public static void main(String[] args)\n {\n\n\tCreateDB db = new CreateDB();\n" } } }, "message": { "text": "Function: main" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 40 }, "region": { "startLine": 50 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 33, "level": "note", "message": { "text": "Using println() rather than a dedicated logging facility makes it difficult to monitor the behavior of the program.\r\nUsing `System.out` or `System.err` rather than a dedicated logging facility makes it difficult to monitor the behavior of the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 14 }, "region": { "startLine": 394, "snippet": { "text": "\t System.out.println(\"Warning User data for \" + s.getUserName()" } }, "contextRegion": { "startLine": 391, "endLine": 397, "snippet": { "text": "\tcatch (Exception e)\n\t{\n\t // what do we want to do, I think nothing.\n\t System.out.println(\"Warning User data for \" + s.getUserName()\n\t\t + \" will not persist\");\n\t}\n\tfinally\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 14 }, "region": { "startLine": 394, "snippet": { "text": "\t System.out.println(\"Warning User data for \" + s.getUserName()" } }, "contextRegion": { "startLine": 391, "endLine": 397, "snippet": { "text": "\tcatch (Exception e)\n\t{\n\t // what do we want to do, I think nothing.\n\t System.out.println(\"Warning User data for \" + s.getUserName()\n\t\t + \" will not persist\");\n\t}\n\tfinally\n" } } }, "message": { "text": "FunctionCall: println" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 14 }, "region": { "startLine": 394 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 33, "level": "note", "message": { "text": "Using println() rather than a dedicated logging facility makes it difficult to monitor the behavior of the program.\r\nUsing `System.out` or `System.err` rather than a dedicated logging facility makes it difficult to monitor the behavior of the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 109, "snippet": { "text": "\t\tSystem.out.println(\"Internal server error\");" } }, "contextRegion": { "startLine": 106, "endLine": 112, "snippet": { "text": "\t }\n\t catch (UnauthenticatedException ue1)\n\t {\n\t\tSystem.out.println(\"Internal server error\");\n\t\tue1.printStackTrace();\n\t }\n\t catch (UnauthorizedException ue2)\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 109, "snippet": { "text": "\t\tSystem.out.println(\"Internal server error\");" } }, "contextRegion": { "startLine": 106, "endLine": 112, "snippet": { "text": "\t }\n\t catch (UnauthenticatedException ue1)\n\t {\n\t\tSystem.out.println(\"Internal server error\");\n\t\tue1.printStackTrace();\n\t }\n\t catch (UnauthorizedException ue2)\n" } } }, "message": { "text": "FunctionCall: println" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 109 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 33, "level": "note", "message": { "text": "Using println() rather than a dedicated logging facility makes it difficult to monitor the behavior of the program.\r\nUsing `System.out` or `System.err` rather than a dedicated logging facility makes it difficult to monitor the behavior of the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 114, "snippet": { "text": "\t\tSystem.out.println(\"Internal server error\");" } }, "contextRegion": { "startLine": 111, "endLine": 117, "snippet": { "text": "\t }\n\t catch (UnauthorizedException ue2)\n\t {\n\t\tSystem.out.println(\"Internal server error\");\n\t\tue2.printStackTrace();\n\t }\n\t}\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 114, "snippet": { "text": "\t\tSystem.out.println(\"Internal server error\");" } }, "contextRegion": { "startLine": 111, "endLine": 117, "snippet": { "text": "\t }\n\t catch (UnauthorizedException ue2)\n\t {\n\t\tSystem.out.println(\"Internal server error\");\n\t\tue2.printStackTrace();\n\t }\n\t}\n" } } }, "message": { "text": "FunctionCall: println" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 114 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 118, "message": { "text": "A cookie is created without the `secure` flag set to `true`." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 132 }, "region": { "startLine": 146, "snippet": { "text": "\t\ts.getResponse().addCookie(newCookie);" } }, "contextRegion": { "startLine": 143, "endLine": 149, "snippet": { "text": "\t {\n\t\tCookie newCookie = new Cookie(AUTHCOOKIE, loginID);\n\t\ts.setMessage(\"Your identity has been remembered\");\n\t\ts.getResponse().addCookie(newCookie);\n\n\t\treturn (username);\n\t }\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 132 }, "region": { "startLine": 129, "snippet": { "text": "\tif ((username.length() > 0) && (password.length() > 0))" } }, "contextRegion": { "startLine": 126, "endLine": 132, "snippet": { "text": "\tString username = s.getParser().getStringParameter(USERNAME, \"\");\n\tString password = s.getParser().getStringParameter(PASSWORD, \"\");\n\n\tif ((username.length() > 0) && (password.length() > 0))\n\t{\n\t String loginID = \"\";\n\n" } } }, "message": { "text": "Branch taken" } }, "kinds": [ "branch", "true" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 132 }, "region": { "startLine": 129, "snippet": { "text": "\tif ((username.length() > 0) && (password.length() > 0))" } }, "contextRegion": { "startLine": 126, "endLine": 132, "snippet": { "text": "\tString username = s.getParser().getStringParameter(USERNAME, \"\");\n\tString password = s.getParser().getStringParameter(PASSWORD, \"\");\n\n\tif ((username.length() > 0) && (password.length() > 0))\n\t{\n\t String loginID = \"\";\n\n" } } }, "message": { "text": "Branch taken" } }, "kinds": [ "branch", "true" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 132 }, "region": { "startLine": 142, "snippet": { "text": "\t if (loginID != \"\")" } }, "contextRegion": { "startLine": 139, "endLine": 145, "snippet": { "text": "\t\tloginID = encode(\"aspect12345\");\n\t }\n\n\t if (loginID != \"\")\n\t {\n\t\tCookie newCookie = new Cookie(AUTHCOOKIE, loginID);\n\t\ts.setMessage(\"Your identity has been remembered\");\n" } } }, "message": { "text": "Branch taken" } }, "kinds": [ "branch", "true" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 132 }, "region": { "startLine": 144, "snippet": { "text": "\t\tCookie newCookie = new Cookie(AUTHCOOKIE, loginID);" } }, "contextRegion": { "startLine": 141, "endLine": 147, "snippet": { "text": "\n\t if (loginID != \"\")\n\t {\n\t\tCookie newCookie = new Cookie(AUTHCOOKIE, loginID);\n\t\ts.setMessage(\"Your identity has been remembered\");\n\t\ts.getResponse().addCookie(newCookie);\n\n" } } }, "message": { "text": "newCookie = new Cookie(...)" } }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 132 }, "region": { "startLine": 146, "snippet": { "text": "\t\ts.getResponse().addCookie(newCookie);" } }, "contextRegion": { "startLine": 143, "endLine": 149, "snippet": { "text": "\t {\n\t\tCookie newCookie = new Cookie(AUTHCOOKIE, loginID);\n\t\ts.setMessage(\"Your identity has been remembered\");\n\t\ts.getResponse().addCookie(newCookie);\n\n\t\treturn (username);\n\t }\n" } } }, "message": { "text": "addCookie(newCookie)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 132 }, "region": { "startLine": 146 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function doFilter() in [Interceptor.java](1) might reveal system data or debugging information by calling printStackTrace() on line [115](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 39 }, "region": { "startLine": 115, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 112, "endLine": 118, "snippet": { "text": "\t}\n\tcatch (IOException e)\n\t{\n\t e.printStackTrace();\n\t}\n\tfinally\n\t{\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 39 }, "region": { "startLine": 115, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 112, "endLine": 118, "snippet": { "text": "\t}\n\tcatch (IOException e)\n\t{\n\t e.printStackTrace();\n\t}\n\tfinally\n\t{\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 39 }, "region": { "startLine": 115 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function doFilter() in [Interceptor.java](1) might reveal system data or debugging information by calling printStackTrace() on line [110](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 39 }, "region": { "startLine": 110, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 107, "endLine": 113, "snippet": { "text": "\t}\n\tcatch (UnknownHostException e)\n\t{\n\t e.printStackTrace();\n\n\t}\n\tcatch (IOException e)\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 39 }, "region": { "startLine": 110, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 107, "endLine": 113, "snippet": { "text": "\t}\n\tcatch (UnknownHostException e)\n\t{\n\t e.printStackTrace();\n\n\t}\n\tcatch (IOException e)\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 39 }, "region": { "startLine": 110 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 108, "level": "error", "message": { "text": "The method ParameterNotFoundException() in [ParameterNotFoundException.java](1) mishandles confidential information, which can compromise user privacy and is often illegal.\r\nMishandling private information, such as customer passwords or social security numbers, can compromise user privacy and is often illegal." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 77 }, "region": { "startLine": 54, "snippet": { "text": "\tsuper(s);" } }, "contextRegion": { "startLine": 51, "endLine": 57, "snippet": { "text": " */\n public ParameterNotFoundException(String s)\n {\n\tsuper(s);\n }\n}\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 4 }, { "index": 5 }, { "index": 335 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 77 }, "region": { "startLine": 54, "snippet": { "text": "\tsuper(s);" } }, "contextRegion": { "startLine": 51, "endLine": 57, "snippet": { "text": " */\n public ParameterNotFoundException(String s)\n {\n\tsuper(s);\n }\n}\n" } } }, "message": { "text": "Exception(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 77 }, "region": { "startLine": 54, "startColumn": 8 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 33, "level": "note", "message": { "text": "Using println() rather than a dedicated logging facility makes it difficult to monitor the behavior of the program.\r\nUsing `System.out` or `System.err` rather than a dedicated logging facility makes it difficult to monitor the behavior of the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 75 }, "region": { "startLine": 1044, "snippet": { "text": "\t System.out.println(e);" } }, "contextRegion": { "startLine": 1041, "endLine": 1047, "snippet": { "text": "\t}\n\tcatch (Exception e)\n\t{\n\t System.out.println(e);\n\t e.printStackTrace();\n\t}\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 75 }, "region": { "startLine": 1044, "snippet": { "text": "\t System.out.println(e);" } }, "contextRegion": { "startLine": 1041, "endLine": 1047, "snippet": { "text": "\t}\n\tcatch (Exception e)\n\t{\n\t System.out.println(e);\n\t e.printStackTrace();\n\t}\n\n" } } }, "message": { "text": "FunctionCall: println" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 75 }, "region": { "startLine": 1044 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 126, "level": "error", "message": { "text": "On line [118](1) of [ViewProfile.java](1), the method getEmployeeProfile() invokes a SQL query built using input coming from an untrusted source. This call could allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands.\r\nConstructing a dynamic SQL statement with input coming from an untrusted source could allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 38 }, "region": { "startLine": 118, "snippet": { "text": "\t\tResultSet answer_results = answer_statement.executeQuery(query);" } }, "contextRegion": { "startLine": 115, "endLine": 121, "snippet": { "text": "\t\tStatement answer_statement = WebSession.getConnection(s)\n\t\t\t.createStatement(ResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tResultSet answer_results = answer_statement.executeQuery(query);\n\t\tif (answer_results.next())\n\t\t{\n\t\t // Note: Do NOT get the password field.\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 0 }, { "index": 2 }, { "index": 3 }, { "index": 480 }, { "index": 481 }, { "index": 482 }, { "index": 483 }, { "index": 484 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 38 }, "region": { "startLine": 118, "snippet": { "text": "\t\tResultSet answer_results = answer_statement.executeQuery(query);" } }, "contextRegion": { "startLine": 115, "endLine": 121, "snippet": { "text": "\t\tStatement answer_statement = WebSession.getConnection(s)\n\t\t\t.createStatement(ResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tResultSet answer_results = answer_statement.executeQuery(query);\n\t\tif (answer_results.next())\n\t\t{\n\t\t // Note: Do NOT get the password field.\n" } } }, "message": { "text": "executeQuery(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 38 }, "region": { "startLine": 118, "startColumn": 60 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function getStations() in [SqlNumericInjection.java](1) might reveal system data or debugging information by calling printStackTrace() on line [323](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 65 }, "region": { "startLine": 323, "snippet": { "text": "\t sqle.printStackTrace();" } }, "contextRegion": { "startLine": 320, "endLine": 326, "snippet": { "text": "\t}\n\tcatch (SQLException sqle)\n\t{\n\t sqle.printStackTrace();\n\t}\n\n\treturn stations;\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 65 }, "region": { "startLine": 323, "snippet": { "text": "\t sqle.printStackTrace();" } }, "contextRegion": { "startLine": 320, "endLine": 326, "snippet": { "text": "\t}\n\tcatch (SQLException sqle)\n\t{\n\t sqle.printStackTrace();\n\t}\n\n\treturn stations;\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 65 }, "region": { "startLine": 323 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 17, "message": { "text": "The catch block at [SilentTransactions.java](1) line [115](1) handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program.\r\nThe catch block handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 10 }, "region": { "startLine": 115, "endLine": 118, "snippet": { "text": "\tcatch (Exception ex)\r\n\t{\r\n\t ex.printStackTrace();\r\n\t}" } }, "contextRegion": { "startLine": 112, "endLine": 121, "snippet": { "text": "\t\t}\n\t }\n\t}\n\tcatch (Exception ex)\n\t{\n\t ex.printStackTrace();\n\t}\n\n\tForm form = new Form(getFormAction(), Form.POST).setName(\"form\")\n\t\t.setEncType(\"\");\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 10 }, "region": { "startLine": 115, "endLine": 118, "snippet": { "text": "\tcatch (Exception ex)\r\n\t{\r\n\t ex.printStackTrace();\r\n\t}" } }, "contextRegion": { "startLine": 112, "endLine": 121, "snippet": { "text": "\t\t}\n\t }\n\t}\n\tcatch (Exception ex)\n\t{\n\t ex.printStackTrace();\n\t}\n\n\tForm form = new Form(getFormAction(), Form.POST).setName(\"form\")\n\t\t.setEncType(\"\");\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 10 }, "region": { "startLine": 115, "startColumn": 2, "endLine": 118 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 102, "level": "error", "message": { "text": "On line [248](1) of [UpdateProfile.java](1), the method changeEmployeeProfile() invokes a SQL query built using input coming from an untrusted source. This call could allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands.\r\nConstructing a dynamic SQL statement with input coming from an untrusted source could allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 248, "snippet": { "text": "\t\tanswer_statement.executeUpdate(query);" } }, "contextRegion": { "startLine": 245, "endLine": 251, "snippet": { "text": "\t\tStatement answer_statement = WebSession.getConnection(s)\n\t\t\t.createStatement(ResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tanswer_statement.executeUpdate(query);\n\t }\n\t catch (SQLException sqle)\n\t {\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 491 }, { "index": 492 }, { "index": 493 }, { "index": 90 }, { "index": 91 }, { "index": 494 }, { "index": 93 }, { "index": 495 }, { "index": 496 }, { "index": 149 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 248, "snippet": { "text": "\t\tanswer_statement.executeUpdate(query);" } }, "contextRegion": { "startLine": 245, "endLine": 251, "snippet": { "text": "\t\tStatement answer_statement = WebSession.getConnection(s)\n\t\t\t.createStatement(ResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tanswer_statement.executeUpdate(query);\n\t }\n\t catch (SQLException sqle)\n\t {\n" } } }, "message": { "text": "executeUpdate(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 248, "startColumn": 34 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 93, "message": { "text": "The method htmlEncode() in [WebSession.java](1) determines an object's type based its class name on line [1197](1). This practice can lead to unexpected behavior or allow an attacker to inject a malicious class.\r\nDetermining an object's type based on its class name can lead to unexpected behavior or allow an attacker to inject a malicious class." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 46 }, "region": { "startLine": 1197, "snippet": { "text": "\t\tif (getCurrentLesson().getName().equals(\"CrossSiteScripting\"))" } }, "contextRegion": { "startLine": 1194, "endLine": 1200, "snippet": { "text": "\tpublic String htmlEncode(String s)\n\t{\n\t\t//System.out.println(\"Testing for stage 4 completion in lesson \" + getCurrentLesson().getName());\n\t\tif (getCurrentLesson().getName().equals(\"CrossSiteScripting\"))\n\t\t{\n\t\t\tif (getCurrentLesson().getStage(this) == 4 && \n\t\t\t\t\ts.indexOf(\"\") > -1)\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 498 }, { "index": 499 }, { "index": 500 }, { "index": 501 }, { "index": 502 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 46 }, "region": { "startLine": 1197, "snippet": { "text": "\t\tif (getCurrentLesson().getName().equals(\"CrossSiteScripting\"))" } }, "contextRegion": { "startLine": 1194, "endLine": 1200, "snippet": { "text": "\tpublic String htmlEncode(String s)\n\t{\n\t\t//System.out.println(\"Testing for stage 4 completion in lesson \" + getCurrentLesson().getName());\n\t\tif (getCurrentLesson().getName().equals(\"CrossSiteScripting\"))\n\t\t{\n\t\t\tif (getCurrentLesson().getStage(this) == 4 && \n\t\t\t\t\ts.indexOf(\"\") > -1)\n" } } }, "message": { "text": "equals(this)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 46 }, "region": { "startLine": 1197 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 33, "level": "note", "message": { "text": "Using println() rather than a dedicated logging facility makes it difficult to monitor the behavior of the program.\r\nUsing `System.out` or `System.err` rather than a dedicated logging facility makes it difficult to monitor the behavior of the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 120 }, "region": { "startLine": 49, "snippet": { "text": "\t\t .println(\"Warning: Unable to open webgoat.properties file\");" } }, "contextRegion": { "startLine": 46, "endLine": 52, "snippet": { "text": "\tcatch (IOException e)\n\t{\n\t System.out\n\t\t .println(\"Warning: Unable to open webgoat.properties file\");\n\t}\n }\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 120 }, "region": { "startLine": 49, "snippet": { "text": "\t\t .println(\"Warning: Unable to open webgoat.properties file\");" } }, "contextRegion": { "startLine": 46, "endLine": 52, "snippet": { "text": "\tcatch (IOException e)\n\t{\n\t System.out\n\t\t .println(\"Warning: Unable to open webgoat.properties file\");\n\t}\n }\n\n" } } }, "message": { "text": "FunctionCall: println" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 120 }, "region": { "startLine": 49 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 108, "level": "error", "message": { "text": "The method getRawParameter() in [ParameterParser.java](1) mishandles confidential information, which can compromise user privacy and is often illegal.\r\nMishandling private information, such as customer passwords or social security numbers, can compromise user privacy and is often illegal." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 631, "snippet": { "text": "\t throw new ParameterNotFoundException(name + \" not found\");" } }, "contextRegion": { "startLine": 628, "endLine": 634, "snippet": { "text": "\n\tif (values == null)\n\t{\n\t throw new ParameterNotFoundException(name + \" not found\");\n\t}\n\telse if (values[0].length() == 0)\n\t{\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 126 }, { "index": 127 }, { "index": 128 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 631, "snippet": { "text": "\t throw new ParameterNotFoundException(name + \" not found\");" } }, "contextRegion": { "startLine": 628, "endLine": 634, "snippet": { "text": "\n\tif (values == null)\n\t{\n\t throw new ParameterNotFoundException(name + \" not found\");\n\t}\n\telse if (values[0].length() == 0)\n\t{\n" } } }, "message": { "text": "ParameterNotFoundException(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 631 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function login_BACKUP() in [Login.java](1) might reveal system data or debugging information by calling printStackTrace() on line [211](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 88 }, "region": { "startLine": 211, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 208, "endLine": 214, "snippet": { "text": "\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error logging in\");\n\t e.printStackTrace();\n\t}\n\n\t//System.out.println(\"Lesson login result: \" + authenticated);\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 88 }, "region": { "startLine": 211, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 208, "endLine": 214, "snippet": { "text": "\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error logging in\");\n\t e.printStackTrace();\n\t}\n\n\t//System.out.println(\"Lesson login result: \" + authenticated);\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 88 }, "region": { "startLine": 211 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 40, "message": { "text": "The method handleReadAction() in [HttpOnly.java](1) can dereference a null pointer on line 302 because it does not check the return value of getParameter(), which might return null.\r\nThe program can dereference a null pointer because it does not check the return value of a function that might return null." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 11 }, "region": { "startLine": 299, "snippet": { "text": "\t\tString displayed = s.getRequest().getParameter(READ_RESULT);" } }, "contextRegion": { "startLine": 296, "endLine": 302, "snippet": { "text": "\t\n\tprivate void handleReadAction(WebSession s) {\n\t\t\n\t\tString displayed = s.getRequest().getParameter(READ_RESULT);\n\t\t\n\t\tif(httpOnly == true) {\n\t\t\tif(displayed.indexOf(UNIQUE2U) != -1) {\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 11 }, "region": { "startLine": 299, "snippet": { "text": "\t\tString displayed = s.getRequest().getParameter(READ_RESULT);" } }, "contextRegion": { "startLine": 296, "endLine": 302, "snippet": { "text": "\t\n\tprivate void handleReadAction(WebSession s) {\n\t\t\n\t\tString displayed = s.getRequest().getParameter(READ_RESULT);\n\t\t\n\t\tif(httpOnly == true) {\n\t\t\tif(displayed.indexOf(UNIQUE2U) != -1) {\n" } } }, "message": { "text": "displayed = getParameter(...) : ServletRequest.getParameter may return NULL" }, "annotations": [ { "startLine": 299, "startColumn": 3, "message": { "text": "displayed may be null" } } ] }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 11 }, "region": { "startLine": 301, "snippet": { "text": "\t\tif(httpOnly == true) {" } }, "contextRegion": { "startLine": 298, "endLine": 304, "snippet": { "text": "\t\t\n\t\tString displayed = s.getRequest().getParameter(READ_RESULT);\n\t\t\n\t\tif(httpOnly == true) {\n\t\t\tif(displayed.indexOf(UNIQUE2U) != -1) {\n\t\t\t\ts.setMessage(\"FAILURE: Your browser did not enforce the HTTPOnly flag properly for the '\" + UNIQUE2U \n\t\t\t\t\t\t+ \"' cookie. It allowed direct client side read access to this cookie.\");\n" } } }, "message": { "text": "Branch taken" } }, "kinds": [ "branch", "true" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 11 }, "region": { "startLine": 302, "snippet": { "text": "\t\t\tif(displayed.indexOf(UNIQUE2U) != -1) {" } }, "contextRegion": { "startLine": 299, "endLine": 305, "snippet": { "text": "\t\tString displayed = s.getRequest().getParameter(READ_RESULT);\n\t\t\n\t\tif(httpOnly == true) {\n\t\t\tif(displayed.indexOf(UNIQUE2U) != -1) {\n\t\t\t\ts.setMessage(\"FAILURE: Your browser did not enforce the HTTPOnly flag properly for the '\" + UNIQUE2U \n\t\t\t\t\t\t+ \"' cookie. It allowed direct client side read access to this cookie.\");\n\t\t\t} else {\n" } } }, "message": { "text": "displayed.indexOf(...) : displayed used without null check" } }, "kinds": [ "call", "function" ] } ] } ] }, { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 11 }, "region": { "startLine": 299, "snippet": { "text": "\t\tString displayed = s.getRequest().getParameter(READ_RESULT);" } }, "contextRegion": { "startLine": 296, "endLine": 302, "snippet": { "text": "\t\n\tprivate void handleReadAction(WebSession s) {\n\t\t\n\t\tString displayed = s.getRequest().getParameter(READ_RESULT);\n\t\t\n\t\tif(httpOnly == true) {\n\t\t\tif(displayed.indexOf(UNIQUE2U) != -1) {\n" } } }, "message": { "text": "displayed = getParameter(...) : ServletRequest.getParameter may return NULL" }, "annotations": [ { "startLine": 299, "startColumn": 3, "message": { "text": "displayed may be null" } } ] }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 11 }, "region": { "startLine": 301, "snippet": { "text": "\t\tif(httpOnly == true) {" } }, "contextRegion": { "startLine": 298, "endLine": 304, "snippet": { "text": "\t\t\n\t\tString displayed = s.getRequest().getParameter(READ_RESULT);\n\t\t\n\t\tif(httpOnly == true) {\n\t\t\tif(displayed.indexOf(UNIQUE2U) != -1) {\n\t\t\t\ts.setMessage(\"FAILURE: Your browser did not enforce the HTTPOnly flag properly for the '\" + UNIQUE2U \n\t\t\t\t\t\t+ \"' cookie. It allowed direct client side read access to this cookie.\");\n" } } }, "message": { "text": "Branch not taken" } }, "kinds": [ "branch", "false" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 11 }, "region": { "startLine": 321, "snippet": { "text": "\t\t} else if(displayed.indexOf(UNIQUE2U) != -1) {" } }, "contextRegion": { "startLine": 318, "endLine": 324, "snippet": { "text": "\t\t\t\t\t}\n\t\t\t\t}\n\t\t\t}\n\t\t} else if(displayed.indexOf(UNIQUE2U) != -1) {\n\t\t\ts.setMessage(\"Since HTTPOnly was not enabled, the '\" + UNIQUE2U + \"' cookie was displayed in the alert dialog.\");\n\t\t} else {\n\t\t\ts.setMessage(\"Since HTTPOnly was not enabled, the '\" + UNIQUE2U \n" } } }, "message": { "text": "displayed.indexOf(...) : displayed used without null check" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 11 }, "region": { "startLine": 299 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 17, "message": { "text": "The catch block at [Challenge2Screen.java](1) line [388](1) handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program.\r\nThe catch block handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 388, "endLine": 391, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t e.printStackTrace();\r\n\t}" } }, "contextRegion": { "startLine": 385, "endLine": 394, "snippet": { "text": "\n\t defaced = (!origText.equals(defacedText));\n\t}\n\tcatch (Exception e)\n\t{\n\t e.printStackTrace();\n\t}\n\treturn defaced;\n\t//\n }\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 388, "endLine": 391, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t e.printStackTrace();\r\n\t}" } }, "contextRegion": { "startLine": 385, "endLine": 394, "snippet": { "text": "\n\t defaced = (!origText.equals(defacedText));\n\t}\n\tcatch (Exception e)\n\t{\n\t e.printStackTrace();\n\t}\n\treturn defaced;\n\t//\n }\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 388, "startColumn": 2, "endLine": 391 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function createContent() in [AccessControlMatrix.java](1) might reveal system data or debugging information by calling printStackTrace() on line [114](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 105 }, "region": { "startLine": 114, "snippet": { "text": "\t\t e.printStackTrace();" } }, "contextRegion": { "startLine": 111, "endLine": 117, "snippet": { "text": "\t\tcatch (Exception e)\n\t\t{\n\t\t s.setMessage(\"Error generating \" + this.getClass().getName());\n\t\t e.printStackTrace();\n\t\t}\n\t\n\t\treturn (ec);\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 105 }, "region": { "startLine": 114, "snippet": { "text": "\t\t e.printStackTrace();" } }, "contextRegion": { "startLine": 111, "endLine": 117, "snippet": { "text": "\t\tcatch (Exception e)\n\t\t{\n\t\t s.setMessage(\"Error generating \" + this.getClass().getName());\n\t\t e.printStackTrace();\n\t\t}\n\t\n\t\treturn (ec);\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 105 }, "region": { "startLine": 114 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 125, "level": "error", "message": { "text": "The method _jspService() in [ViewProfile.jsp](1) mishandles confidential information, which can compromise user privacy and is often illegal.\r\nMishandling private information, such as customer passwords or social security numbers, can compromise user privacy and is often illegal." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 44 }, "region": { "startLine": 54, "snippet": { "text": "\t\t\t \t\t<%=employee.getSsn()%>" } }, "contextRegion": { "startLine": 51, "endLine": 57, "snippet": { "text": "\t\t\t \t\tSSN: \n\t\t\t \t\n\t\t\t \t\n\t\t\t \t\t<%=employee.getSsn()%>\n\t\t\t\t\t\n\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\tSalary: \n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 497 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 44 }, "region": { "startLine": 54, "snippet": { "text": "\t\t\t \t\t<%=employee.getSsn()%>" } }, "contextRegion": { "startLine": 51, "endLine": 57, "snippet": { "text": "\t\t\t \t\tSSN: \n\t\t\t \t\n\t\t\t \t\n\t\t\t \t\t<%=employee.getSsn()%>\n\t\t\t\t\t\n\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\tSalary: \n" } } }, "message": { "text": "print(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 44 }, "region": { "startLine": 54 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function hashSHA() in [Encoding.java](1) might reveal system data or debugging information by calling printStackTrace() on line [672](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 672, "snippet": { "text": "\t\t\te.printStackTrace();" } }, "contextRegion": { "startLine": 669, "endLine": 675, "snippet": { "text": "\t\tcatch ( NoSuchAlgorithmException e )\n\t\t{\n\t\t\t// it's got to be there\n\t\t\te.printStackTrace();\n\t\t}\n\t\treturn ( base64Encode( md.digest() ) );\n\t}\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 672, "snippet": { "text": "\t\t\te.printStackTrace();" } }, "contextRegion": { "startLine": 669, "endLine": 675, "snippet": { "text": "\t\tcatch ( NoSuchAlgorithmException e )\n\t\t{\n\t\t\t// it's got to be there\n\t\t\te.printStackTrace();\n\t\t}\n\t\treturn ( base64Encode( md.digest() ) );\n\t}\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 672 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function getEmployeeProfile() in [ViewProfile.java](1) might reveal system data or debugging information by calling printStackTrace() on line [140](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 53 }, "region": { "startLine": 140, "snippet": { "text": "\t\tsqle.printStackTrace();" } }, "contextRegion": { "startLine": 137, "endLine": 143, "snippet": { "text": "\t catch (SQLException sqle)\n\t {\n\t\ts.setMessage(\"Error getting employee profile\");\n\t\tsqle.printStackTrace();\n\t }\n\t}\n\tcatch (Exception e)\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 53 }, "region": { "startLine": 140, "snippet": { "text": "\t\tsqle.printStackTrace();" } }, "contextRegion": { "startLine": 137, "endLine": 143, "snippet": { "text": "\t catch (SQLException sqle)\n\t {\n\t\ts.setMessage(\"Error getting employee profile\");\n\t\tsqle.printStackTrace();\n\t }\n\t}\n\tcatch (Exception e)\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 53 }, "region": { "startLine": 140 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 42, "message": { "text": "The method doPost() in [HammerHead.java](1) commingles trusted and untrusted data in the same data structure, which encourages programmers to mistakenly trust unvalidated data.\r\nCommingling trusted and untrusted data in the same data structure encourages programmers to mistakenly trust unvalidated data." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 184, "snippet": { "text": "\t request.getSession().setAttribute(\"websession\", mySession);" } }, "contextRegion": { "startLine": 181, "endLine": 187, "snippet": { "text": "\t\tclientBrowser = userAgent;\n\t }\n\t request.setAttribute(\"client.browser\", clientBrowser);\n\t request.getSession().setAttribute(\"websession\", mySession);\n\t request.getSession().setAttribute(\"course\", mySession.getCourse());\n\n\t request.getRequestDispatcher(getViewPage(mySession)).forward(\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 503 }, { "index": 504 }, { "index": 505 }, { "index": 135 }, { "index": 157 }, { "index": 506 }, { "index": 159 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 184, "snippet": { "text": "\t request.getSession().setAttribute(\"websession\", mySession);" } }, "contextRegion": { "startLine": 181, "endLine": 187, "snippet": { "text": "\t\tclientBrowser = userAgent;\n\t }\n\t request.setAttribute(\"client.browser\", clientBrowser);\n\t request.getSession().setAttribute(\"websession\", mySession);\n\t request.getSession().setAttribute(\"course\", mySession.getCourse());\n\n\t request.getRequestDispatcher(getViewPage(mySession)).forward(\n" } } }, "message": { "text": "setAttribute(1)" } }, "kinds": [ "call", "function" ] } ] } ] }, { "threadFlows": [ { "locations": [ { "index": 503 }, { "index": 504 }, { "index": 505 }, { "index": 135 }, { "index": 179 }, { "index": 180 }, { "index": 181 }, { "index": 182 }, { "index": 183 }, { "index": 157 }, { "index": 506 }, { "index": 159 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 184, "snippet": { "text": "\t request.getSession().setAttribute(\"websession\", mySession);" } }, "contextRegion": { "startLine": 181, "endLine": 187, "snippet": { "text": "\t\tclientBrowser = userAgent;\n\t }\n\t request.setAttribute(\"client.browser\", clientBrowser);\n\t request.getSession().setAttribute(\"websession\", mySession);\n\t request.getSession().setAttribute(\"course\", mySession.getCourse());\n\n\t request.getRequestDispatcher(getViewPage(mySession)).forward(\n" } } }, "message": { "text": "setAttribute(1)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 184 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 17, "message": { "text": "The catch block at [ParameterParser.java](1) line [298](1) handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program.\r\nThe catch block handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 298, "endLine": 301, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t return def;\r\n\t}" } }, "contextRegion": { "startLine": 295, "endLine": 304, "snippet": { "text": "\t{\n\t return getDoubleParameter(name);\n\t}\n\tcatch (Exception e)\n\t{\n\t return def;\n\t}\n }\n\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 298, "endLine": 301, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t return def;\r\n\t}" } }, "contextRegion": { "startLine": 295, "endLine": 304, "snippet": { "text": "\t{\n\t return getDoubleParameter(name);\n\t}\n\tcatch (Exception e)\n\t{\n\t return def;\n\t}\n }\n\n\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 298, "startColumn": 2, "endLine": 301 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 17, "message": { "text": "The catch block at [UserTracker.java](1) line [161](1) handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program.\r\nThe catch block handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 98 }, "region": { "startLine": 161, "endLine": 162, "snippet": { "text": "\t catch (Exception e)\r\n\t {}" } }, "contextRegion": { "startLine": 158, "endLine": 165, "snippet": { "text": "\t\tusersDB.close();\n\n\t }\n\t catch (Exception e)\n\t {}\n\t}\n }\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 98 }, "region": { "startLine": 161, "endLine": 162, "snippet": { "text": "\t catch (Exception e)\r\n\t {}" } }, "contextRegion": { "startLine": 158, "endLine": 165, "snippet": { "text": "\t\tusersDB.close();\n\n\t }\n\t catch (Exception e)\n\t {}\n\t}\n }\n\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 98 }, "region": { "startLine": 161, "startColumn": 6, "endLine": 162 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function deleteEmployeeProfile() in [DeleteProfile.java](1) might reveal system data or debugging information by calling printStackTrace() on line [120](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 73 }, "region": { "startLine": 120, "snippet": { "text": "\t\tsqle.printStackTrace();" } }, "contextRegion": { "startLine": 117, "endLine": 123, "snippet": { "text": "\t catch (SQLException sqle)\n\t {\n\t\ts.setMessage(\"Error deleting employee profile\");\n\t\tsqle.printStackTrace();\n\t }\n\t}\n\tcatch (Exception e)\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 73 }, "region": { "startLine": 120, "snippet": { "text": "\t\tsqle.printStackTrace();" } }, "contextRegion": { "startLine": 117, "endLine": 123, "snippet": { "text": "\t catch (SQLException sqle)\n\t {\n\t\ts.setMessage(\"Error deleting employee profile\");\n\t\tsqle.printStackTrace();\n\t }\n\t}\n\tcatch (Exception e)\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 73 }, "region": { "startLine": 120 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function isAuthorized() in [AbstractLesson.java](1) might reveal system data or debugging information by calling printStackTrace() on line [813](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 75 }, "region": { "startLine": 813, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 810, "endLine": 816, "snippet": { "text": "\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error authorizing\");\n\t e.printStackTrace();\n\t}\n\treturn authorized;\n }\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 75 }, "region": { "startLine": 813, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 810, "endLine": 816, "snippet": { "text": "\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error authorizing\");\n\t e.printStackTrace();\n\t}\n\treturn authorized;\n }\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 75 }, "region": { "startLine": 813 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 17, "message": { "text": "The catch block at [SqlStringInjection.java](1) line [219](1) handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program.\r\nThe catch block handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 13 }, "region": { "startLine": 219, "endLine": 223, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\r\n\t e.printStackTrace();\r\n\t}" } }, "contextRegion": { "startLine": 216, "endLine": 226, "snippet": { "text": "\t\tec.addElement(new P().addElement(sqle.getMessage()));\n\t }\n\t}\n\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\n\t e.printStackTrace();\n\t}\n\n\treturn (ec);\n }\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 13 }, "region": { "startLine": 219, "endLine": 223, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\r\n\t e.printStackTrace();\r\n\t}" } }, "contextRegion": { "startLine": 216, "endLine": 226, "snippet": { "text": "\t\tec.addElement(new P().addElement(sqle.getMessage()));\n\t }\n\t}\n\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\n\t e.printStackTrace();\n\t}\n\n\treturn (ec);\n }\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 13 }, "region": { "startLine": 219, "startColumn": 2, "endLine": 223 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 24, "level": "error", "message": { "text": "The method writeTable() in [DatabaseUtilities.java](1) sends unvalidated data to a web browser on line [154](1), which can result in the browser executing malicious code.\r\nSending unvalidated data to a web browser can result in the browser executing malicious code." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 17 }, "region": { "startLine": 154, "snippet": { "text": "\t\t row.addElement(new TD(results.getString(i).replaceAll(\" \"," } }, "contextRegion": { "startLine": 151, "endLine": 157, "snippet": { "text": "\n\t\tfor (int i = 1; i < (numColumns + 1); i++)\n\t\t{\n\t\t row.addElement(new TD(results.getString(i).replaceAll(\" \",\n\t\t\t \" \")));\n\t\t}\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 513 }, { "index": 514 }, { "index": 515 }, { "index": 65 }, { "index": 66 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 17 }, "region": { "startLine": 154, "snippet": { "text": "\t\t row.addElement(new TD(results.getString(i).replaceAll(\" \"," } }, "contextRegion": { "startLine": 151, "endLine": 157, "snippet": { "text": "\n\t\tfor (int i = 1; i < (numColumns + 1); i++)\n\t\t{\n\t\t row.addElement(new TD(results.getString(i).replaceAll(\" \",\n\t\t\t \" \")));\n\t\t}\n\n" } } }, "message": { "text": "TD(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 17 }, "region": { "startLine": 154 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 62, "level": "error", "message": { "text": "The method createContent() in [BlindSqlInjection.java](1) sends unvalidated data to a web browser on line [83](1), which can result in the browser executing malicious code.\r\nSending unvalidated data to a web browser can result in the browser executing malicious code." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 70 }, "region": { "startLine": 83, "snippet": { "text": "\t\t .toString());" } }, "contextRegion": { "startLine": 80, "endLine": 86, "snippet": { "text": "\t String accountNumber = s.getParser().getRawParameter(ACCT_NUM,\n\t\t \"101\");\n\t Input input = new Input(Input.TEXT, ACCT_NUM, accountNumber\n\t\t .toString());\n\t ec.addElement(input);\n\n\t Element b = ECSFactory.makeButton(\"Go!\");\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 0 }, { "index": 2 }, { "index": 3 }, { "index": 7 }, { "index": 10 }, { "index": 487 }, { "index": 488 }, { "index": 489 }, { "index": 522 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 70 }, "region": { "startLine": 83, "snippet": { "text": "\t\t .toString());" } }, "contextRegion": { "startLine": 80, "endLine": 86, "snippet": { "text": "\t String accountNumber = s.getParser().getRawParameter(ACCT_NUM,\n\t\t \"101\");\n\t Input input = new Input(Input.TEXT, ACCT_NUM, accountNumber\n\t\t .toString());\n\t ec.addElement(input);\n\n\t Element b = ECSFactory.makeButton(\"Go!\");\n" } } }, "message": { "text": "Input(2)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 70 }, "region": { "startLine": 83 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function parameterizedQuery() in [SqlNumericInjection.java](1) might reveal system data or debugging information by calling printStackTrace() on line [242](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 65 }, "region": { "startLine": 242, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 239, "endLine": 245, "snippet": { "text": "\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\n\t e.printStackTrace();\n\t}\n\n\treturn (ec);\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 65 }, "region": { "startLine": 242, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 239, "endLine": 245, "snippet": { "text": "\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\n\t e.printStackTrace();\n\t}\n\n\treturn (ec);\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 65 }, "region": { "startLine": 242 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 108, "level": "error", "message": { "text": "The method getStringParameter() in [ParameterParser.java](1) mishandles confidential information, which can compromise user privacy and is often illegal.\r\nMishandling private information, such as customer passwords or social security numbers, can compromise user privacy and is often illegal." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 699, "snippet": { "text": "\t throw new ParameterNotFoundException(name + \" was empty\");" } }, "contextRegion": { "startLine": 696, "endLine": 702, "snippet": { "text": "\t}\n\telse if (values[0].length() == 0)\n\t{\n\t throw new ParameterNotFoundException(name + \" was empty\");\n\t}\n\telse\n\t{\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 1 }, { "index": 8 }, { "index": 9 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 699, "snippet": { "text": "\t throw new ParameterNotFoundException(name + \" was empty\");" } }, "contextRegion": { "startLine": 696, "endLine": 702, "snippet": { "text": "\t}\n\telse if (values[0].length() == 0)\n\t{\n\t throw new ParameterNotFoundException(name + \" was empty\");\n\t}\n\telse\n\t{\n" } } }, "message": { "text": "ParameterNotFoundException(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 699 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 100, "message": { "text": "The servlet Controller fails to catch all exceptions in doPost(). If a Servlet fails to catch all exceptions, it might reveal debugging information that will help an adversary form a plan of attack.\r\nIf a Servlet fails to catch all exceptions, it might reveal debugging information that will help an adversary form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 61 }, "region": { "startLine": 60, "snippet": { "text": " protected void doPost(HttpServletRequest request," } }, "contextRegion": { "startLine": 57, "endLine": 63, "snippet": { "text": " }\n\n\n protected void doPost(HttpServletRequest request,\n\t HttpServletResponse response) throws ServletException, IOException\n\n {\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 61 }, "region": { "startLine": 60, "snippet": { "text": " protected void doPost(HttpServletRequest request," } }, "contextRegion": { "startLine": 57, "endLine": 63, "snippet": { "text": " }\n\n\n protected void doPost(HttpServletRequest request,\n\t HttpServletResponse response) throws ServletException, IOException\n\n {\n" } } }, "message": { "text": "Function: doPost" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 61 }, "region": { "startLine": 60 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function handleRequest() in [Logout.java](1) might reveal system data or debugging information by calling printStackTrace() on line [71](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 9 }, "region": { "startLine": 71, "snippet": { "text": "\t ue1.printStackTrace();" } }, "contextRegion": { "startLine": 68, "endLine": 74, "snippet": { "text": "\tcatch (UnauthenticatedException ue1)\n\t{\n\t System.out.println(\"Internal server error\");\n\t ue1.printStackTrace();\n\t}\n\tcatch (UnauthorizedException ue2)\n\t{\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 9 }, "region": { "startLine": 71, "snippet": { "text": "\t ue1.printStackTrace();" } }, "contextRegion": { "startLine": 68, "endLine": 74, "snippet": { "text": "\tcatch (UnauthenticatedException ue1)\n\t{\n\t System.out.println(\"Internal server error\");\n\t ue1.printStackTrace();\n\t}\n\tcatch (UnauthorizedException ue2)\n\t{\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 9 }, "region": { "startLine": 71 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 47, "level": "note", "message": { "text": "The method checkCookie() in [WeakAuthenticationCookie.java](1) throws a generic exception making it harder for callers to do a good job of error handling and recovery.\r\nThe method throws a generic exception making it harder for callers to do a good job of error handling and recovery." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 132 }, "region": { "startLine": 85, "snippet": { "text": " protected String checkCookie(WebSession s) throws Exception" } }, "contextRegion": { "startLine": 82, "endLine": 88, "snippet": { "text": " * @return Description of the Return Value\n * @exception Exception Description of the Exception\n */\n protected String checkCookie(WebSession s) throws Exception\n {\n\tString cookie = getCookie(s);\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 132 }, "region": { "startLine": 85, "snippet": { "text": " protected String checkCookie(WebSession s) throws Exception" } }, "contextRegion": { "startLine": 82, "endLine": 88, "snippet": { "text": " * @return Description of the Return Value\n * @exception Exception Description of the Exception\n */\n protected String checkCookie(WebSession s) throws Exception\n {\n\tString cookie = getCookie(s);\n\n" } } }, "message": { "text": "Function: checkCookie" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 132 }, "region": { "startLine": 85 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 32, "level": "note", "message": { "text": "The class UserTracker contains a field and a method both named instance, which is confusing.\r\nThe class contains a field and a method with the same name." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 98 }, "region": { "startLine": 49, "snippet": { "text": " private static UserTracker instance;" } }, "contextRegion": { "startLine": 46, "endLine": 52, "snippet": { "text": "public class UserTracker\n{\n\n private static UserTracker instance;\n\n // FIXME: persist this somehow!\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 98 }, "region": { "startLine": 49, "snippet": { "text": " private static UserTracker instance;" } }, "contextRegion": { "startLine": 46, "endLine": 52, "snippet": { "text": "public class UserTracker\n{\n\n private static UserTracker instance;\n\n // FIXME: persist this somehow!\n\n" } } }, "message": { "text": "Field: instance" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 98 }, "region": { "startLine": 240, "snippet": { "text": " public static synchronized UserTracker instance()" } }, "contextRegion": { "startLine": 237, "endLine": 243, "snippet": { "text": " *\n * @return Description of the Return Value\n */\n public static synchronized UserTracker instance()\n {\n\n\tif (instance == null)\n" } } }, "message": { "text": "Function: instance" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 98 }, "region": { "startLine": 49 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 47, "level": "note", "message": { "text": "The method doStage2() in [LessonAdapter.java](1) throws a generic exception making it harder for callers to do a good job of error handling and recovery.\r\nThe method throws a generic exception making it harder for callers to do a good job of error handling and recovery." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 116 }, "region": { "startLine": 152, "snippet": { "text": " protected Element doStage2(WebSession s) throws Exception" } }, "contextRegion": { "startLine": 149, "endLine": 155, "snippet": { "text": " }\n\n\n protected Element doStage2(WebSession s) throws Exception\n {\n\tElementContainer ec = new ElementContainer();\n\tec.addElement(\"Stage 2 Stub\");\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 116 }, "region": { "startLine": 152, "snippet": { "text": " protected Element doStage2(WebSession s) throws Exception" } }, "contextRegion": { "startLine": 149, "endLine": 155, "snippet": { "text": " }\n\n\n protected Element doStage2(WebSession s) throws Exception\n {\n\tElementContainer ec = new ElementContainer();\n\tec.addElement(\"Stage 2 Stub\");\n" } } }, "message": { "text": "Function: doStage2" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 116 }, "region": { "startLine": 152 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 62, "level": "error", "message": { "text": "The method makeRequestDump_DELETEME() in [AbstractLesson.java](1) sends unvalidated data to a web browser on line [920](1), which can result in the browser executing malicious code.\r\nSending unvalidated data to a web browser can result in the browser executing malicious code." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 75 }, "region": { "startLine": 920, "snippet": { "text": "\t\tec)));" } }, "contextRegion": { "startLine": 917, "endLine": 923, "snippet": { "text": "\t}\n\n\tt.addElement(new TR().addElement(new TD().setVAlign(\"TOP\").addElement(\n\t\tec)));\n\n\treturn (t);\n }\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 529 }, { "index": 530 }, { "index": 538 }, { "index": 539 }, { "index": 540 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 75 }, "region": { "startLine": 920, "snippet": { "text": "\t\tec)));" } }, "contextRegion": { "startLine": 917, "endLine": 923, "snippet": { "text": "\t}\n\n\tt.addElement(new TR().addElement(new TD().setVAlign(\"TOP\").addElement(\n\t\tec)));\n\n\treturn (t);\n }\n" } } }, "message": { "text": "addElement(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 75 }, "region": { "startLine": 920, "startColumn": 3 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function getAllEmployees() in [Login.java](1) might reveal system data or debugging information by calling printStackTrace() on line [216](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 37 }, "region": { "startLine": 216, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 213, "endLine": 219, "snippet": { "text": "\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error getting employees\");\n\t e.printStackTrace();\n\t}\n\n\treturn employees;\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 37 }, "region": { "startLine": 216, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 213, "endLine": 219, "snippet": { "text": "\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error getting employees\");\n\t e.printStackTrace();\n\t}\n\n\treturn employees;\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 37 }, "region": { "startLine": 216 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 108, "level": "error", "message": { "text": "The method getRawParameter() in [ParameterParser.java](1) mishandles confidential information, which can compromise user privacy and is often illegal.\r\nMishandling private information, such as customer passwords or social security numbers, can compromise user privacy and is often illegal." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 631, "snippet": { "text": "\t throw new ParameterNotFoundException(name + \" not found\");" } }, "contextRegion": { "startLine": 628, "endLine": 634, "snippet": { "text": "\n\tif (values == null)\n\t{\n\t throw new ParameterNotFoundException(name + \" not found\");\n\t}\n\telse if (values[0].length() == 0)\n\t{\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 541 }, { "index": 542 }, { "index": 128 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 631, "snippet": { "text": "\t throw new ParameterNotFoundException(name + \" not found\");" } }, "contextRegion": { "startLine": 628, "endLine": 634, "snippet": { "text": "\n\tif (values == null)\n\t{\n\t throw new ParameterNotFoundException(name + \" not found\");\n\t}\n\telse if (values[0].length() == 0)\n\t{\n" } } }, "message": { "text": "ParameterNotFoundException(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 631 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 99, "message": { "text": "Without proper access control, the method findEmployeeProfile() in [FindProfile.java](1) can execute a SQL statement on line [145](1) that contains an attacker-controlled primary key, thereby allowing the attacker to access unauthorized records.\r\nWithout proper access control, executing a SQL statement that contains a user-controlled primary key can allow an attacker to view unauthorized records." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 93 }, "region": { "startLine": 145, "snippet": { "text": "\t\tanswer_statement.setString(2, \"%\" + pattern + \"%\");" } }, "contextRegion": { "startLine": 142, "endLine": 148, "snippet": { "text": "\t\t\t\tResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tanswer_statement.setString(1, \"%\" + pattern + \"%\");\n\t\tanswer_statement.setString(2, \"%\" + pattern + \"%\");\n\t\tResultSet answer_results = answer_statement.executeQuery();\n\n\t\t// Just use the first hit.\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 0 }, { "index": 2 }, { "index": 3 }, { "index": 525 }, { "index": 526 }, { "index": 527 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 93 }, "region": { "startLine": 145, "snippet": { "text": "\t\tanswer_statement.setString(2, \"%\" + pattern + \"%\");" } }, "contextRegion": { "startLine": 142, "endLine": 148, "snippet": { "text": "\t\t\t\tResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tanswer_statement.setString(1, \"%\" + pattern + \"%\");\n\t\tanswer_statement.setString(2, \"%\" + pattern + \"%\");\n\t\tResultSet answer_results = answer_statement.executeQuery();\n\n\t\t// Just use the first hit.\n" } } }, "message": { "text": "setString(1)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 93 }, "region": { "startLine": 145 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function getUserName() in [DefaultLessonAction.java](1) might reveal system data or debugging information by calling printStackTrace() on line [210](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 106 }, "region": { "startLine": 210, "snippet": { "text": "\t\t\t\tsqle.printStackTrace();" } }, "contextRegion": { "startLine": 207, "endLine": 213, "snippet": { "text": "\t\t\tcatch ( SQLException sqle )\n\t\t\t{\n\t\t\t\ts.setMessage( \"Error getting user name\" );\n\t\t\t\tsqle.printStackTrace();\n\t\t\t}\n\t\t}\n\t\tcatch ( Exception e )\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 106 }, "region": { "startLine": 210, "snippet": { "text": "\t\t\t\tsqle.printStackTrace();" } }, "contextRegion": { "startLine": 207, "endLine": 213, "snippet": { "text": "\t\t\tcatch ( SQLException sqle )\n\t\t\t{\n\t\t\t\ts.setMessage( \"Error getting user name\" );\n\t\t\t\tsqle.printStackTrace();\n\t\t\t}\n\t\t}\n\t\tcatch ( Exception e )\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 106 }, "region": { "startLine": 210 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 25, "message": { "text": "Untrusted data is passed to the application and used as a regular expression. This can cause the thread to over-consume CPU resources." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 135 }, "region": { "startLine": 100, "snippet": { "text": "\t\t\tlineSep);" } }, "contextRegion": { "startLine": 97, "endLine": 103, "snippet": { "text": "\t\t//Split by the line separator line.separator is platform independant\n\t\tString lineSep = System.getProperty(\"line.separator\");\n\t\tString[] arrTokens = lang.toString().toUpperCase().split(\n\t\t\tlineSep);\n\n\t\t//Check if the user ended the first request and wrote the second malacious reply\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 544 }, { "index": 545 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 135 }, "region": { "startLine": 100, "snippet": { "text": "\t\t\tlineSep);" } }, "contextRegion": { "startLine": 97, "endLine": 103, "snippet": { "text": "\t\t//Split by the line separator line.separator is platform independant\n\t\tString lineSep = System.getProperty(\"line.separator\");\n\t\tString[] arrTokens = lang.toString().toUpperCase().split(\n\t\t\tlineSep);\n\n\t\t//Check if the user ended the first request and wrote the second malacious reply\n\n" } } }, "message": { "text": "split(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 135 }, "region": { "startLine": 100, "startColumn": 4 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 17, "message": { "text": "The catch block at [ParameterParser.java](1) line [120](1) handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program.\r\nThe catch block handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 120, "endLine": 123, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t return def;\r\n\t}" } }, "contextRegion": { "startLine": 117, "endLine": 126, "snippet": { "text": "\t{\n\t return getBooleanParameter(name);\n\t}\n\tcatch (Exception e)\n\t{\n\t return def;\n\t}\n }\n\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 120, "endLine": 123, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t return def;\r\n\t}" } }, "contextRegion": { "startLine": 117, "endLine": 126, "snippet": { "text": "\t{\n\t return getBooleanParameter(name);\n\t}\n\tcatch (Exception e)\n\t{\n\t return def;\n\t}\n }\n\n\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 120, "startColumn": 2, "endLine": 123 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 138, "level": "error", "message": { "text": "Without proper access control, the method getEmployeeProfile() in [ViewProfile.java](1) can execute a SQL statement on line [132](1) that contains an attacker-controlled primary key, thereby allowing the attacker to access unauthorized records.\r\nWithout proper access control, executing a SQL statement that contains a user-controlled primary key can allow an attacker to view unauthorized records." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 66 }, "region": { "startLine": 132, "snippet": { "text": "\t\tResultSet answer_results = answer_statement.executeQuery(query);" } }, "contextRegion": { "startLine": 129, "endLine": 135, "snippet": { "text": "\t\tStatement answer_statement = WebSession.getConnection(s)\n\t\t\t.createStatement(ResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tResultSet answer_results = answer_statement.executeQuery(query);\n\t\tif (answer_results.next())\n\t\t{\n\t\t // Note: Do NOT get the password field.\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 67 }, { "index": 68 }, { "index": 69 }, { "index": 70 }, { "index": 76 }, { "index": 77 }, { "index": 78 }, { "index": 79 }, { "index": 80 }, { "index": 546 }, { "index": 82 }, { "index": 547 }, { "index": 548 }, { "index": 549 }, { "index": 550 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 66 }, "region": { "startLine": 132, "snippet": { "text": "\t\tResultSet answer_results = answer_statement.executeQuery(query);" } }, "contextRegion": { "startLine": 129, "endLine": 135, "snippet": { "text": "\t\tStatement answer_statement = WebSession.getConnection(s)\n\t\t\t.createStatement(ResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tResultSet answer_results = answer_statement.executeQuery(query);\n\t\tif (answer_results.next())\n\t\t{\n\t\t // Note: Do NOT get the password field.\n" } } }, "message": { "text": "executeQuery(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 66 }, "region": { "startLine": 132, "startColumn": 60 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 42, "message": { "text": "The method updateSession() in [HammerHead.java](1) commingles trusted and untrusted data in the same data structure, which encourages programmers to mistakenly trust unvalidated data.\r\nCommingling trusted and untrusted data in the same data structure encourages programmers to mistakenly trust unvalidated data." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 495, "snippet": { "text": "\t hs.setAttribute(WebSession.SESSION, session);" } }, "contextRegion": { "startLine": 492, "endLine": 498, "snippet": { "text": "\t // Create new custom session and save it in the HTTP session\n\t // System.out.println( \"HH Creating new WebSession: \" );\n\t session = new WebSession(this, context);\n\t hs.setAttribute(WebSession.SESSION, session);\n\t // reset timeout\n\t hs.setMaxInactiveInterval(sessionTimeoutSeconds);\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 551 }, { "index": 552 }, { "index": 553 }, { "index": 135 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 495, "snippet": { "text": "\t hs.setAttribute(WebSession.SESSION, session);" } }, "contextRegion": { "startLine": 492, "endLine": 498, "snippet": { "text": "\t // Create new custom session and save it in the HTTP session\n\t // System.out.println( \"HH Creating new WebSession: \" );\n\t session = new WebSession(this, context);\n\t hs.setAttribute(WebSession.SESSION, session);\n\t // reset timeout\n\t hs.setMaxInactiveInterval(sessionTimeoutSeconds);\n\n" } } }, "message": { "text": "setAttribute(1)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 495, "startColumn": 42 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 142, "message": { "text": "The call to equals() on line [110](1) causes portability problems because it has different locales which may lead to unexpected output. This may also circumvent custom validation routines.\r\nUnexpected portability problems can be found when the locale is not specified." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 110, "snippet": { "text": "\t\t\t\t\t.trim().toLowerCase().equals(" } }, "contextRegion": { "startLine": 107, "endLine": 113, "snippet": { "text": "\t\t\t\t|| helpFile.substring(index, helpFileLen)\n\t\t\t\t\t.trim().toLowerCase().equals(\"ls -l #\")\n\t\t\t\t|| helpFile.substring(index, helpFileLen)\n\t\t\t\t\t.trim().toLowerCase().equals(\n\t\t\t\t\t\t\"ifconfig #\") || helpFile\n\t\t\t\t.substring(index, helpFileLen).trim()\n\t\t\t\t.toLowerCase().equals(\"ipconfig #\")))\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 77, "snippet": { "text": "\t if (s.isDefuseOSCommands()" } }, "contextRegion": { "startLine": 74, "endLine": 80, "snippet": { "text": "\t String helpFile = s.getParser().getRawParameter(HELP_FILE,\n\t\t \"BasicAuthentication.help\");\n\t String safeDirName;\n\t if (s.isDefuseOSCommands()\n\t\t && (helpFile.indexOf('&') != -1 || helpFile.indexOf(';') != -1))\n\t {\n\t\tint index = helpFile.indexOf('&');\n" } } }, "message": { "text": "Branch taken" } }, "kinds": [ "branch", "true" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 78, "snippet": { "text": "\t\t && (helpFile.indexOf('&') != -1 || helpFile.indexOf(';') != -1))" } }, "contextRegion": { "startLine": 75, "endLine": 81, "snippet": { "text": "\t\t \"BasicAuthentication.help\");\n\t String safeDirName;\n\t if (s.isDefuseOSCommands()\n\t\t && (helpFile.indexOf('&') != -1 || helpFile.indexOf(';') != -1))\n\t {\n\t\tint index = helpFile.indexOf('&');\n\t\tif (index == -1)\n" } } }, "message": { "text": "Branch taken" } }, "kinds": [ "branch", "true" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 90, "snippet": { "text": "\t\tif ((osName.indexOf(\"Windows\") != -1 && (helpFile.substring(" } }, "contextRegion": { "startLine": 87, "endLine": 93, "snippet": { "text": "\t\tSystem.out.println(\"Command = [\"\n\t\t\t+ helpFile.substring(index, helpFileLen).trim()\n\t\t\t\t.toLowerCase() + \"]\");\n\t\tif ((osName.indexOf(\"Windows\") != -1 && (helpFile.substring(\n\t\t\tindex, helpFileLen).trim().toLowerCase().equals(\n\t\t\t\"netstat -a\")\n\t\t\t|| helpFile.substring(index, helpFileLen).trim()\n" } } }, "message": { "text": "Branch not taken" } }, "kinds": [ "branch", "false" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 102, "snippet": { "text": "\t\t\t\t.toLowerCase().equals(\"netstat -a #\")" } }, "contextRegion": { "startLine": 99, "endLine": 105, "snippet": { "text": "\t\t\t.substring(index, helpFileLen).trim().toLowerCase()\n\t\t\t.equals(\"ipconfig\")))\n\t\t\t|| (helpFile.substring(index, helpFileLen).trim()\n\t\t\t\t.toLowerCase().equals(\"netstat -a #\")\n\t\t\t\t|| helpFile.substring(index, helpFileLen)\n\t\t\t\t\t.trim().toLowerCase().equals(\"dir #\")\n\t\t\t\t|| helpFile.substring(index, helpFileLen)\n" } } }, "message": { "text": "Branch not taken" } }, "kinds": [ "branch", "false" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 104, "snippet": { "text": "\t\t\t\t\t.trim().toLowerCase().equals(\"dir #\")" } }, "contextRegion": { "startLine": 101, "endLine": 107, "snippet": { "text": "\t\t\t|| (helpFile.substring(index, helpFileLen).trim()\n\t\t\t\t.toLowerCase().equals(\"netstat -a #\")\n\t\t\t\t|| helpFile.substring(index, helpFileLen)\n\t\t\t\t\t.trim().toLowerCase().equals(\"dir #\")\n\t\t\t\t|| helpFile.substring(index, helpFileLen)\n\t\t\t\t\t.trim().toLowerCase().equals(\"ls #\")\n\t\t\t\t|| helpFile.substring(index, helpFileLen)\n" } } }, "message": { "text": "Branch not taken" } }, "kinds": [ "branch", "false" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 106, "snippet": { "text": "\t\t\t\t\t.trim().toLowerCase().equals(\"ls #\")" } }, "contextRegion": { "startLine": 103, "endLine": 109, "snippet": { "text": "\t\t\t\t|| helpFile.substring(index, helpFileLen)\n\t\t\t\t\t.trim().toLowerCase().equals(\"dir #\")\n\t\t\t\t|| helpFile.substring(index, helpFileLen)\n\t\t\t\t\t.trim().toLowerCase().equals(\"ls #\")\n\t\t\t\t|| helpFile.substring(index, helpFileLen)\n\t\t\t\t\t.trim().toLowerCase().equals(\"ls -l #\")\n\t\t\t\t|| helpFile.substring(index, helpFileLen)\n" } } }, "message": { "text": "Branch not taken" } }, "kinds": [ "branch", "false" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 108, "snippet": { "text": "\t\t\t\t\t.trim().toLowerCase().equals(\"ls -l #\")" } }, "contextRegion": { "startLine": 105, "endLine": 111, "snippet": { "text": "\t\t\t\t|| helpFile.substring(index, helpFileLen)\n\t\t\t\t\t.trim().toLowerCase().equals(\"ls #\")\n\t\t\t\t|| helpFile.substring(index, helpFileLen)\n\t\t\t\t\t.trim().toLowerCase().equals(\"ls -l #\")\n\t\t\t\t|| helpFile.substring(index, helpFileLen)\n\t\t\t\t\t.trim().toLowerCase().equals(\n\t\t\t\t\t\t\"ifconfig #\") || helpFile\n" } } }, "message": { "text": "Branch not taken" } }, "kinds": [ "branch", "false" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 110, "snippet": { "text": "\t\t\t\t\t.trim().toLowerCase().equals(" } }, "contextRegion": { "startLine": 107, "endLine": 113, "snippet": { "text": "\t\t\t\t|| helpFile.substring(index, helpFileLen)\n\t\t\t\t\t.trim().toLowerCase().equals(\"ls -l #\")\n\t\t\t\t|| helpFile.substring(index, helpFileLen)\n\t\t\t\t\t.trim().toLowerCase().equals(\n\t\t\t\t\t\t\"ifconfig #\") || helpFile\n\t\t\t\t.substring(index, helpFileLen).trim()\n\t\t\t\t.toLowerCase().equals(\"ipconfig #\")))\n" } } }, "message": { "text": "toLowerCase() : Case changed using default locale" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 110, "snippet": { "text": "\t\t\t\t\t.trim().toLowerCase().equals(" } }, "contextRegion": { "startLine": 107, "endLine": 113, "snippet": { "text": "\t\t\t\t|| helpFile.substring(index, helpFileLen)\n\t\t\t\t\t.trim().toLowerCase().equals(\"ls -l #\")\n\t\t\t\t|| helpFile.substring(index, helpFileLen)\n\t\t\t\t\t.trim().toLowerCase().equals(\n\t\t\t\t\t\t\"ifconfig #\") || helpFile\n\t\t\t\t.substring(index, helpFileLen).trim()\n\t\t\t\t.toLowerCase().equals(\"ipconfig #\")))\n" } } }, "message": { "text": "helpFile.substring(index, helpFileLen).trim().toLowerCase().equals(...) : Comparison without checking locale" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 110 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function createProductTable() in [CreateDB.java](1) might reveal system data or debugging information by calling printStackTrace() on line [203](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 40 }, "region": { "startLine": 203, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 200, "endLine": 206, "snippet": { "text": "\tcatch (SQLException e)\n\t{\n\t System.out.println(\"Error creating product database\");\n\t e.printStackTrace();\n\t}\n\n\t// Populate\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 40 }, "region": { "startLine": 203, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 200, "endLine": 206, "snippet": { "text": "\tcatch (SQLException e)\n\t{\n\t System.out.println(\"Error creating product database\");\n\t e.printStackTrace();\n\t}\n\n\t// Populate\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 40 }, "region": { "startLine": 203 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function doHTTPSplitting() in [HttpSplitting.java](1) might reveal system data or debugging information by calling printStackTrace() on line [137](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 135 }, "region": { "startLine": 137, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 134, "endLine": 140, "snippet": { "text": "\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\n\t e.printStackTrace();\n\t}\n\treturn (ec);\n }\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 135 }, "region": { "startLine": 137, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 134, "endLine": 140, "snippet": { "text": "\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\n\t e.printStackTrace();\n\t}\n\treturn (ec);\n }\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 135 }, "region": { "startLine": 137 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 103, "message": { "text": "The method execOptions() in [Exec.java](1) calls Thread() on line [303](1). Thread management in a web application is forbidden in some circumstances and is always highly error prone.\r\nThread management in a web application is forbidden in some circumstances and is always highly error prone." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 74 }, "region": { "startLine": 303, "snippet": { "text": "\t\tnew Thread(watcher).start();" } }, "contextRegion": { "startLine": 300, "endLine": 306, "snippet": { "text": "\t if (timeout > 0)\n\t {\n\t\twatcher = new ThreadWatcher(child, interrupted, timeout);\n\t\tnew Thread(watcher).start();\n\t }\n\n\t // Write to the child process' input stream\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 74 }, "region": { "startLine": 303, "snippet": { "text": "\t\tnew Thread(watcher).start();" } }, "contextRegion": { "startLine": 300, "endLine": 306, "snippet": { "text": "\t if (timeout > 0)\n\t {\n\t\twatcher = new ThreadWatcher(child, interrupted, timeout);\n\t\tnew Thread(watcher).start();\n\t }\n\n\t // Write to the child process' input stream\n" } } }, "message": { "text": "Thread()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 74 }, "region": { "startLine": 303 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 103, "message": { "text": "The method execOptions() in [Exec.java](1) calls Thread() on line [114](1). Thread management in a web application is forbidden in some circumstances and is always highly error prone.\r\nThread management in a web application is forbidden in some circumstances and is always highly error prone." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 74 }, "region": { "startLine": 114, "snippet": { "text": "\t\tnew Thread(watcher).start();" } }, "contextRegion": { "startLine": 111, "endLine": 117, "snippet": { "text": "\t if (timeout > 0)\n\t {\n\t\twatcher = new ThreadWatcher(child, interrupted, timeout);\n\t\tnew Thread(watcher).start();\n\t }\n\n\t // Write to the child process' input stream\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 74 }, "region": { "startLine": 114, "snippet": { "text": "\t\tnew Thread(watcher).start();" } }, "contextRegion": { "startLine": 111, "endLine": 117, "snippet": { "text": "\t if (timeout > 0)\n\t {\n\t\twatcher = new ThreadWatcher(child, interrupted, timeout);\n\t\tnew Thread(watcher).start();\n\t }\n\n\t // Write to the child process' input stream\n" } } }, "message": { "text": "Thread()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 74 }, "region": { "startLine": 114 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 127, "message": { "text": "The method run() in [ThreadWatcher.java](1) calls sleep() on line [108](1). Thread management in a web application is forbidden in some circumstances and is always highly error prone.\r\nThread management in a web application is forbidden in some circumstances and is always highly error prone." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 41 }, "region": { "startLine": 108, "snippet": { "text": "\t Thread.sleep(myTimeout);" } }, "contextRegion": { "startLine": 105, "endLine": 111, "snippet": { "text": " {\n\ttry\n\t{\n\t Thread.sleep(myTimeout);\n\t}\n\tcatch (InterruptedException e)\n\t{\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 41 }, "region": { "startLine": 108, "snippet": { "text": "\t Thread.sleep(myTimeout);" } }, "contextRegion": { "startLine": 105, "endLine": 111, "snippet": { "text": " {\n\ttry\n\t{\n\t Thread.sleep(myTimeout);\n\t}\n\tcatch (InterruptedException e)\n\t{\n" } } }, "message": { "text": "sleep()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 41 }, "region": { "startLine": 108 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 33, "level": "note", "message": { "text": "Using println() rather than a dedicated logging facility makes it difficult to monitor the behavior of the program.\r\nUsing `System.out` or `System.err` rather than a dedicated logging facility makes it difficult to monitor the behavior of the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 746, "snippet": { "text": "\t\t\tSystem.out.println( \"Working with: \" + userInput );" } }, "contextRegion": { "startLine": 743, "endLine": 749, "snippet": { "text": "\t\t{\n\t\t\tString userInput = args[0];\n\t\t\tString userKey = args[1];\n\t\t\tSystem.out.println( \"Working with: \" + userInput );\n\t\t\tSystem.out.print( \"Base64 encoding: \" );\n\t\t\tSystem.out.println( base64Encode( userInput ) + \" : \" + base64Decode( userInput ) );\n\t\t\tSystem.out.print( \"Entity encoding: \" );\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 746, "snippet": { "text": "\t\t\tSystem.out.println( \"Working with: \" + userInput );" } }, "contextRegion": { "startLine": 743, "endLine": 749, "snippet": { "text": "\t\t{\n\t\t\tString userInput = args[0];\n\t\t\tString userKey = args[1];\n\t\t\tSystem.out.println( \"Working with: \" + userInput );\n\t\t\tSystem.out.print( \"Base64 encoding: \" );\n\t\t\tSystem.out.println( base64Encode( userInput ) + \" : \" + base64Decode( userInput ) );\n\t\t\tSystem.out.print( \"Entity encoding: \" );\n" } } }, "message": { "text": "FunctionCall: println" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 746 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 33, "level": "note", "message": { "text": "Using print() rather than a dedicated logging facility makes it difficult to monitor the behavior of the program.\r\nUsing `System.out` or `System.err` rather than a dedicated logging facility makes it difficult to monitor the behavior of the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 747, "snippet": { "text": "\t\t\tSystem.out.print( \"Base64 encoding: \" );" } }, "contextRegion": { "startLine": 744, "endLine": 750, "snippet": { "text": "\t\t\tString userInput = args[0];\n\t\t\tString userKey = args[1];\n\t\t\tSystem.out.println( \"Working with: \" + userInput );\n\t\t\tSystem.out.print( \"Base64 encoding: \" );\n\t\t\tSystem.out.println( base64Encode( userInput ) + \" : \" + base64Decode( userInput ) );\n\t\t\tSystem.out.print( \"Entity encoding: \" );\n\t\t\tSystem.out.println( HtmlEncoder.encode( userInput ) + \" : \" + HtmlEncoder.decode( userInput ) );\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 747, "snippet": { "text": "\t\t\tSystem.out.print( \"Base64 encoding: \" );" } }, "contextRegion": { "startLine": 744, "endLine": 750, "snippet": { "text": "\t\t\tString userInput = args[0];\n\t\t\tString userKey = args[1];\n\t\t\tSystem.out.println( \"Working with: \" + userInput );\n\t\t\tSystem.out.print( \"Base64 encoding: \" );\n\t\t\tSystem.out.println( base64Encode( userInput ) + \" : \" + base64Decode( userInput ) );\n\t\t\tSystem.out.print( \"Entity encoding: \" );\n\t\t\tSystem.out.println( HtmlEncoder.encode( userInput ) + \" : \" + HtmlEncoder.decode( userInput ) );\n" } } }, "message": { "text": "FunctionCall: print" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 747 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 33, "level": "note", "message": { "text": "Using println() rather than a dedicated logging facility makes it difficult to monitor the behavior of the program.\r\nUsing `System.out` or `System.err` rather than a dedicated logging facility makes it difficult to monitor the behavior of the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 748, "snippet": { "text": "\t\t\tSystem.out.println( base64Encode( userInput ) + \" : \" + base64Decode( userInput ) );" } }, "contextRegion": { "startLine": 745, "endLine": 751, "snippet": { "text": "\t\t\tString userKey = args[1];\n\t\t\tSystem.out.println( \"Working with: \" + userInput );\n\t\t\tSystem.out.print( \"Base64 encoding: \" );\n\t\t\tSystem.out.println( base64Encode( userInput ) + \" : \" + base64Decode( userInput ) );\n\t\t\tSystem.out.print( \"Entity encoding: \" );\n\t\t\tSystem.out.println( HtmlEncoder.encode( userInput ) + \" : \" + HtmlEncoder.decode( userInput ) );\n\t\t\tSystem.out.print( \"Password based encryption (PBE): \" );\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 748, "snippet": { "text": "\t\t\tSystem.out.println( base64Encode( userInput ) + \" : \" + base64Decode( userInput ) );" } }, "contextRegion": { "startLine": 745, "endLine": 751, "snippet": { "text": "\t\t\tString userKey = args[1];\n\t\t\tSystem.out.println( \"Working with: \" + userInput );\n\t\t\tSystem.out.print( \"Base64 encoding: \" );\n\t\t\tSystem.out.println( base64Encode( userInput ) + \" : \" + base64Decode( userInput ) );\n\t\t\tSystem.out.print( \"Entity encoding: \" );\n\t\t\tSystem.out.println( HtmlEncoder.encode( userInput ) + \" : \" + HtmlEncoder.decode( userInput ) );\n\t\t\tSystem.out.print( \"Password based encryption (PBE): \" );\n" } } }, "message": { "text": "FunctionCall: println" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 748 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 33, "level": "note", "message": { "text": "Using print() rather than a dedicated logging facility makes it difficult to monitor the behavior of the program.\r\nUsing `System.out` or `System.err` rather than a dedicated logging facility makes it difficult to monitor the behavior of the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 749, "snippet": { "text": "\t\t\tSystem.out.print( \"Entity encoding: \" );" } }, "contextRegion": { "startLine": 746, "endLine": 752, "snippet": { "text": "\t\t\tSystem.out.println( \"Working with: \" + userInput );\n\t\t\tSystem.out.print( \"Base64 encoding: \" );\n\t\t\tSystem.out.println( base64Encode( userInput ) + \" : \" + base64Decode( userInput ) );\n\t\t\tSystem.out.print( \"Entity encoding: \" );\n\t\t\tSystem.out.println( HtmlEncoder.encode( userInput ) + \" : \" + HtmlEncoder.decode( userInput ) );\n\t\t\tSystem.out.print( \"Password based encryption (PBE): \" );\n\t\t\tSystem.out.println( encryptString( userInput, userKey ) + \" : \" + decryptString( userInput, userKey ) );\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 749, "snippet": { "text": "\t\t\tSystem.out.print( \"Entity encoding: \" );" } }, "contextRegion": { "startLine": 746, "endLine": 752, "snippet": { "text": "\t\t\tSystem.out.println( \"Working with: \" + userInput );\n\t\t\tSystem.out.print( \"Base64 encoding: \" );\n\t\t\tSystem.out.println( base64Encode( userInput ) + \" : \" + base64Decode( userInput ) );\n\t\t\tSystem.out.print( \"Entity encoding: \" );\n\t\t\tSystem.out.println( HtmlEncoder.encode( userInput ) + \" : \" + HtmlEncoder.decode( userInput ) );\n\t\t\tSystem.out.print( \"Password based encryption (PBE): \" );\n\t\t\tSystem.out.println( encryptString( userInput, userKey ) + \" : \" + decryptString( userInput, userKey ) );\n" } } }, "message": { "text": "FunctionCall: print" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 749 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 33, "level": "note", "message": { "text": "Using println() rather than a dedicated logging facility makes it difficult to monitor the behavior of the program.\r\nUsing `System.out` or `System.err` rather than a dedicated logging facility makes it difficult to monitor the behavior of the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 750, "snippet": { "text": "\t\t\tSystem.out.println( HtmlEncoder.encode( userInput ) + \" : \" + HtmlEncoder.decode( userInput ) );" } }, "contextRegion": { "startLine": 747, "endLine": 753, "snippet": { "text": "\t\t\tSystem.out.print( \"Base64 encoding: \" );\n\t\t\tSystem.out.println( base64Encode( userInput ) + \" : \" + base64Decode( userInput ) );\n\t\t\tSystem.out.print( \"Entity encoding: \" );\n\t\t\tSystem.out.println( HtmlEncoder.encode( userInput ) + \" : \" + HtmlEncoder.decode( userInput ) );\n\t\t\tSystem.out.print( \"Password based encryption (PBE): \" );\n\t\t\tSystem.out.println( encryptString( userInput, userKey ) + \" : \" + decryptString( userInput, userKey ) );\n\t\t\tSystem.out.print( \"MD5 hash: \" );\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 750, "snippet": { "text": "\t\t\tSystem.out.println( HtmlEncoder.encode( userInput ) + \" : \" + HtmlEncoder.decode( userInput ) );" } }, "contextRegion": { "startLine": 747, "endLine": 753, "snippet": { "text": "\t\t\tSystem.out.print( \"Base64 encoding: \" );\n\t\t\tSystem.out.println( base64Encode( userInput ) + \" : \" + base64Decode( userInput ) );\n\t\t\tSystem.out.print( \"Entity encoding: \" );\n\t\t\tSystem.out.println( HtmlEncoder.encode( userInput ) + \" : \" + HtmlEncoder.decode( userInput ) );\n\t\t\tSystem.out.print( \"Password based encryption (PBE): \" );\n\t\t\tSystem.out.println( encryptString( userInput, userKey ) + \" : \" + decryptString( userInput, userKey ) );\n\t\t\tSystem.out.print( \"MD5 hash: \" );\n" } } }, "message": { "text": "FunctionCall: println" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 750 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 33, "level": "note", "message": { "text": "Using print() rather than a dedicated logging facility makes it difficult to monitor the behavior of the program.\r\nUsing `System.out` or `System.err` rather than a dedicated logging facility makes it difficult to monitor the behavior of the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 751, "snippet": { "text": "\t\t\tSystem.out.print( \"Password based encryption (PBE): \" );" } }, "contextRegion": { "startLine": 748, "endLine": 754, "snippet": { "text": "\t\t\tSystem.out.println( base64Encode( userInput ) + \" : \" + base64Decode( userInput ) );\n\t\t\tSystem.out.print( \"Entity encoding: \" );\n\t\t\tSystem.out.println( HtmlEncoder.encode( userInput ) + \" : \" + HtmlEncoder.decode( userInput ) );\n\t\t\tSystem.out.print( \"Password based encryption (PBE): \" );\n\t\t\tSystem.out.println( encryptString( userInput, userKey ) + \" : \" + decryptString( userInput, userKey ) );\n\t\t\tSystem.out.print( \"MD5 hash: \" );\n\t\t\tSystem.out.println( hashMD5( userInput ) + \" : \" + \"Cannot reverse a hash\" );\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 751, "snippet": { "text": "\t\t\tSystem.out.print( \"Password based encryption (PBE): \" );" } }, "contextRegion": { "startLine": 748, "endLine": 754, "snippet": { "text": "\t\t\tSystem.out.println( base64Encode( userInput ) + \" : \" + base64Decode( userInput ) );\n\t\t\tSystem.out.print( \"Entity encoding: \" );\n\t\t\tSystem.out.println( HtmlEncoder.encode( userInput ) + \" : \" + HtmlEncoder.decode( userInput ) );\n\t\t\tSystem.out.print( \"Password based encryption (PBE): \" );\n\t\t\tSystem.out.println( encryptString( userInput, userKey ) + \" : \" + decryptString( userInput, userKey ) );\n\t\t\tSystem.out.print( \"MD5 hash: \" );\n\t\t\tSystem.out.println( hashMD5( userInput ) + \" : \" + \"Cannot reverse a hash\" );\n" } } }, "message": { "text": "FunctionCall: print" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 751 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 33, "level": "note", "message": { "text": "Using println() rather than a dedicated logging facility makes it difficult to monitor the behavior of the program.\r\nUsing `System.out` or `System.err` rather than a dedicated logging facility makes it difficult to monitor the behavior of the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 752, "snippet": { "text": "\t\t\tSystem.out.println( encryptString( userInput, userKey ) + \" : \" + decryptString( userInput, userKey ) );" } }, "contextRegion": { "startLine": 749, "endLine": 755, "snippet": { "text": "\t\t\tSystem.out.print( \"Entity encoding: \" );\n\t\t\tSystem.out.println( HtmlEncoder.encode( userInput ) + \" : \" + HtmlEncoder.decode( userInput ) );\n\t\t\tSystem.out.print( \"Password based encryption (PBE): \" );\n\t\t\tSystem.out.println( encryptString( userInput, userKey ) + \" : \" + decryptString( userInput, userKey ) );\n\t\t\tSystem.out.print( \"MD5 hash: \" );\n\t\t\tSystem.out.println( hashMD5( userInput ) + \" : \" + \"Cannot reverse a hash\" );\n\t\t\tSystem.out.print( \"SHA-256 hash: \" );\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 752, "snippet": { "text": "\t\t\tSystem.out.println( encryptString( userInput, userKey ) + \" : \" + decryptString( userInput, userKey ) );" } }, "contextRegion": { "startLine": 749, "endLine": 755, "snippet": { "text": "\t\t\tSystem.out.print( \"Entity encoding: \" );\n\t\t\tSystem.out.println( HtmlEncoder.encode( userInput ) + \" : \" + HtmlEncoder.decode( userInput ) );\n\t\t\tSystem.out.print( \"Password based encryption (PBE): \" );\n\t\t\tSystem.out.println( encryptString( userInput, userKey ) + \" : \" + decryptString( userInput, userKey ) );\n\t\t\tSystem.out.print( \"MD5 hash: \" );\n\t\t\tSystem.out.println( hashMD5( userInput ) + \" : \" + \"Cannot reverse a hash\" );\n\t\t\tSystem.out.print( \"SHA-256 hash: \" );\n" } } }, "message": { "text": "FunctionCall: println" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 752 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 33, "level": "note", "message": { "text": "Using print() rather than a dedicated logging facility makes it difficult to monitor the behavior of the program.\r\nUsing `System.out` or `System.err` rather than a dedicated logging facility makes it difficult to monitor the behavior of the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 753, "snippet": { "text": "\t\t\tSystem.out.print( \"MD5 hash: \" );" } }, "contextRegion": { "startLine": 750, "endLine": 756, "snippet": { "text": "\t\t\tSystem.out.println( HtmlEncoder.encode( userInput ) + \" : \" + HtmlEncoder.decode( userInput ) );\n\t\t\tSystem.out.print( \"Password based encryption (PBE): \" );\n\t\t\tSystem.out.println( encryptString( userInput, userKey ) + \" : \" + decryptString( userInput, userKey ) );\n\t\t\tSystem.out.print( \"MD5 hash: \" );\n\t\t\tSystem.out.println( hashMD5( userInput ) + \" : \" + \"Cannot reverse a hash\" );\n\t\t\tSystem.out.print( \"SHA-256 hash: \" );\n\t\t\tSystem.out.println( hashSHA( userInput ) + \" : \" + \"Cannot reverse a hash\" );\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 753, "snippet": { "text": "\t\t\tSystem.out.print( \"MD5 hash: \" );" } }, "contextRegion": { "startLine": 750, "endLine": 756, "snippet": { "text": "\t\t\tSystem.out.println( HtmlEncoder.encode( userInput ) + \" : \" + HtmlEncoder.decode( userInput ) );\n\t\t\tSystem.out.print( \"Password based encryption (PBE): \" );\n\t\t\tSystem.out.println( encryptString( userInput, userKey ) + \" : \" + decryptString( userInput, userKey ) );\n\t\t\tSystem.out.print( \"MD5 hash: \" );\n\t\t\tSystem.out.println( hashMD5( userInput ) + \" : \" + \"Cannot reverse a hash\" );\n\t\t\tSystem.out.print( \"SHA-256 hash: \" );\n\t\t\tSystem.out.println( hashSHA( userInput ) + \" : \" + \"Cannot reverse a hash\" );\n" } } }, "message": { "text": "FunctionCall: print" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 753 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 33, "level": "note", "message": { "text": "Using println() rather than a dedicated logging facility makes it difficult to monitor the behavior of the program.\r\nUsing `System.out` or `System.err` rather than a dedicated logging facility makes it difficult to monitor the behavior of the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 754, "snippet": { "text": "\t\t\tSystem.out.println( hashMD5( userInput ) + \" : \" + \"Cannot reverse a hash\" );" } }, "contextRegion": { "startLine": 751, "endLine": 757, "snippet": { "text": "\t\t\tSystem.out.print( \"Password based encryption (PBE): \" );\n\t\t\tSystem.out.println( encryptString( userInput, userKey ) + \" : \" + decryptString( userInput, userKey ) );\n\t\t\tSystem.out.print( \"MD5 hash: \" );\n\t\t\tSystem.out.println( hashMD5( userInput ) + \" : \" + \"Cannot reverse a hash\" );\n\t\t\tSystem.out.print( \"SHA-256 hash: \" );\n\t\t\tSystem.out.println( hashSHA( userInput ) + \" : \" + \"Cannot reverse a hash\" );\n\t\t\tSystem.out.print( \"Unicode encoding: \" );\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 754, "snippet": { "text": "\t\t\tSystem.out.println( hashMD5( userInput ) + \" : \" + \"Cannot reverse a hash\" );" } }, "contextRegion": { "startLine": 751, "endLine": 757, "snippet": { "text": "\t\t\tSystem.out.print( \"Password based encryption (PBE): \" );\n\t\t\tSystem.out.println( encryptString( userInput, userKey ) + \" : \" + decryptString( userInput, userKey ) );\n\t\t\tSystem.out.print( \"MD5 hash: \" );\n\t\t\tSystem.out.println( hashMD5( userInput ) + \" : \" + \"Cannot reverse a hash\" );\n\t\t\tSystem.out.print( \"SHA-256 hash: \" );\n\t\t\tSystem.out.println( hashSHA( userInput ) + \" : \" + \"Cannot reverse a hash\" );\n\t\t\tSystem.out.print( \"Unicode encoding: \" );\n" } } }, "message": { "text": "FunctionCall: println" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 754 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 33, "level": "note", "message": { "text": "Using print() rather than a dedicated logging facility makes it difficult to monitor the behavior of the program.\r\nUsing `System.out` or `System.err` rather than a dedicated logging facility makes it difficult to monitor the behavior of the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 755, "snippet": { "text": "\t\t\tSystem.out.print( \"SHA-256 hash: \" );" } }, "contextRegion": { "startLine": 752, "endLine": 758, "snippet": { "text": "\t\t\tSystem.out.println( encryptString( userInput, userKey ) + \" : \" + decryptString( userInput, userKey ) );\n\t\t\tSystem.out.print( \"MD5 hash: \" );\n\t\t\tSystem.out.println( hashMD5( userInput ) + \" : \" + \"Cannot reverse a hash\" );\n\t\t\tSystem.out.print( \"SHA-256 hash: \" );\n\t\t\tSystem.out.println( hashSHA( userInput ) + \" : \" + \"Cannot reverse a hash\" );\n\t\t\tSystem.out.print( \"Unicode encoding: \" );\n\t\t\tSystem.out.println( \"Not Implemented\" + \" : \" + \"Not Implemented\" );\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 755, "snippet": { "text": "\t\t\tSystem.out.print( \"SHA-256 hash: \" );" } }, "contextRegion": { "startLine": 752, "endLine": 758, "snippet": { "text": "\t\t\tSystem.out.println( encryptString( userInput, userKey ) + \" : \" + decryptString( userInput, userKey ) );\n\t\t\tSystem.out.print( \"MD5 hash: \" );\n\t\t\tSystem.out.println( hashMD5( userInput ) + \" : \" + \"Cannot reverse a hash\" );\n\t\t\tSystem.out.print( \"SHA-256 hash: \" );\n\t\t\tSystem.out.println( hashSHA( userInput ) + \" : \" + \"Cannot reverse a hash\" );\n\t\t\tSystem.out.print( \"Unicode encoding: \" );\n\t\t\tSystem.out.println( \"Not Implemented\" + \" : \" + \"Not Implemented\" );\n" } } }, "message": { "text": "FunctionCall: print" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 755 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 33, "level": "note", "message": { "text": "Using println() rather than a dedicated logging facility makes it difficult to monitor the behavior of the program.\r\nUsing `System.out` or `System.err` rather than a dedicated logging facility makes it difficult to monitor the behavior of the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 756, "snippet": { "text": "\t\t\tSystem.out.println( hashSHA( userInput ) + \" : \" + \"Cannot reverse a hash\" );" } }, "contextRegion": { "startLine": 753, "endLine": 759, "snippet": { "text": "\t\t\tSystem.out.print( \"MD5 hash: \" );\n\t\t\tSystem.out.println( hashMD5( userInput ) + \" : \" + \"Cannot reverse a hash\" );\n\t\t\tSystem.out.print( \"SHA-256 hash: \" );\n\t\t\tSystem.out.println( hashSHA( userInput ) + \" : \" + \"Cannot reverse a hash\" );\n\t\t\tSystem.out.print( \"Unicode encoding: \" );\n\t\t\tSystem.out.println( \"Not Implemented\" + \" : \" + \"Not Implemented\" );\n\t\t\tSystem.out.print( \"URL encoding: \" );\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 756, "snippet": { "text": "\t\t\tSystem.out.println( hashSHA( userInput ) + \" : \" + \"Cannot reverse a hash\" );" } }, "contextRegion": { "startLine": 753, "endLine": 759, "snippet": { "text": "\t\t\tSystem.out.print( \"MD5 hash: \" );\n\t\t\tSystem.out.println( hashMD5( userInput ) + \" : \" + \"Cannot reverse a hash\" );\n\t\t\tSystem.out.print( \"SHA-256 hash: \" );\n\t\t\tSystem.out.println( hashSHA( userInput ) + \" : \" + \"Cannot reverse a hash\" );\n\t\t\tSystem.out.print( \"Unicode encoding: \" );\n\t\t\tSystem.out.println( \"Not Implemented\" + \" : \" + \"Not Implemented\" );\n\t\t\tSystem.out.print( \"URL encoding: \" );\n" } } }, "message": { "text": "FunctionCall: println" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 756 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 33, "level": "note", "message": { "text": "Using print() rather than a dedicated logging facility makes it difficult to monitor the behavior of the program.\r\nUsing `System.out` or `System.err` rather than a dedicated logging facility makes it difficult to monitor the behavior of the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 757, "snippet": { "text": "\t\t\tSystem.out.print( \"Unicode encoding: \" );" } }, "contextRegion": { "startLine": 754, "endLine": 760, "snippet": { "text": "\t\t\tSystem.out.println( hashMD5( userInput ) + \" : \" + \"Cannot reverse a hash\" );\n\t\t\tSystem.out.print( \"SHA-256 hash: \" );\n\t\t\tSystem.out.println( hashSHA( userInput ) + \" : \" + \"Cannot reverse a hash\" );\n\t\t\tSystem.out.print( \"Unicode encoding: \" );\n\t\t\tSystem.out.println( \"Not Implemented\" + \" : \" + \"Not Implemented\" );\n\t\t\tSystem.out.print( \"URL encoding: \" );\n\t\t\tSystem.out.println( urlEncode( userInput ) + \" : \" + urlDecode( userInput ) );\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 757, "snippet": { "text": "\t\t\tSystem.out.print( \"Unicode encoding: \" );" } }, "contextRegion": { "startLine": 754, "endLine": 760, "snippet": { "text": "\t\t\tSystem.out.println( hashMD5( userInput ) + \" : \" + \"Cannot reverse a hash\" );\n\t\t\tSystem.out.print( \"SHA-256 hash: \" );\n\t\t\tSystem.out.println( hashSHA( userInput ) + \" : \" + \"Cannot reverse a hash\" );\n\t\t\tSystem.out.print( \"Unicode encoding: \" );\n\t\t\tSystem.out.println( \"Not Implemented\" + \" : \" + \"Not Implemented\" );\n\t\t\tSystem.out.print( \"URL encoding: \" );\n\t\t\tSystem.out.println( urlEncode( userInput ) + \" : \" + urlDecode( userInput ) );\n" } } }, "message": { "text": "FunctionCall: print" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 757 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 33, "level": "note", "message": { "text": "Using println() rather than a dedicated logging facility makes it difficult to monitor the behavior of the program.\r\nUsing `System.out` or `System.err` rather than a dedicated logging facility makes it difficult to monitor the behavior of the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 758, "snippet": { "text": "\t\t\tSystem.out.println( \"Not Implemented\" + \" : \" + \"Not Implemented\" );" } }, "contextRegion": { "startLine": 755, "endLine": 761, "snippet": { "text": "\t\t\tSystem.out.print( \"SHA-256 hash: \" );\n\t\t\tSystem.out.println( hashSHA( userInput ) + \" : \" + \"Cannot reverse a hash\" );\n\t\t\tSystem.out.print( \"Unicode encoding: \" );\n\t\t\tSystem.out.println( \"Not Implemented\" + \" : \" + \"Not Implemented\" );\n\t\t\tSystem.out.print( \"URL encoding: \" );\n\t\t\tSystem.out.println( urlEncode( userInput ) + \" : \" + urlDecode( userInput ) );\n\t\t\tSystem.out.print( \"Hex encoding: \" );\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 758, "snippet": { "text": "\t\t\tSystem.out.println( \"Not Implemented\" + \" : \" + \"Not Implemented\" );" } }, "contextRegion": { "startLine": 755, "endLine": 761, "snippet": { "text": "\t\t\tSystem.out.print( \"SHA-256 hash: \" );\n\t\t\tSystem.out.println( hashSHA( userInput ) + \" : \" + \"Cannot reverse a hash\" );\n\t\t\tSystem.out.print( \"Unicode encoding: \" );\n\t\t\tSystem.out.println( \"Not Implemented\" + \" : \" + \"Not Implemented\" );\n\t\t\tSystem.out.print( \"URL encoding: \" );\n\t\t\tSystem.out.println( urlEncode( userInput ) + \" : \" + urlDecode( userInput ) );\n\t\t\tSystem.out.print( \"Hex encoding: \" );\n" } } }, "message": { "text": "FunctionCall: println" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 758 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 33, "level": "note", "message": { "text": "Using print() rather than a dedicated logging facility makes it difficult to monitor the behavior of the program.\r\nUsing `System.out` or `System.err` rather than a dedicated logging facility makes it difficult to monitor the behavior of the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 759, "snippet": { "text": "\t\t\tSystem.out.print( \"URL encoding: \" );" } }, "contextRegion": { "startLine": 756, "endLine": 762, "snippet": { "text": "\t\t\tSystem.out.println( hashSHA( userInput ) + \" : \" + \"Cannot reverse a hash\" );\n\t\t\tSystem.out.print( \"Unicode encoding: \" );\n\t\t\tSystem.out.println( \"Not Implemented\" + \" : \" + \"Not Implemented\" );\n\t\t\tSystem.out.print( \"URL encoding: \" );\n\t\t\tSystem.out.println( urlEncode( userInput ) + \" : \" + urlDecode( userInput ) );\n\t\t\tSystem.out.print( \"Hex encoding: \" );\n\t\t\tSystem.out.println( hexEncode( userInput ) + \" : \" + hexDecode( userInput ) );\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 759, "snippet": { "text": "\t\t\tSystem.out.print( \"URL encoding: \" );" } }, "contextRegion": { "startLine": 756, "endLine": 762, "snippet": { "text": "\t\t\tSystem.out.println( hashSHA( userInput ) + \" : \" + \"Cannot reverse a hash\" );\n\t\t\tSystem.out.print( \"Unicode encoding: \" );\n\t\t\tSystem.out.println( \"Not Implemented\" + \" : \" + \"Not Implemented\" );\n\t\t\tSystem.out.print( \"URL encoding: \" );\n\t\t\tSystem.out.println( urlEncode( userInput ) + \" : \" + urlDecode( userInput ) );\n\t\t\tSystem.out.print( \"Hex encoding: \" );\n\t\t\tSystem.out.println( hexEncode( userInput ) + \" : \" + hexDecode( userInput ) );\n" } } }, "message": { "text": "FunctionCall: print" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 759 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 36, "level": "error", "message": { "text": "The method _jspService() in [ListStaff.jsp](1) sends unvalidated data to a web browser on line [8](1), which can result in the browser executing malicious code.\r\nSending unvalidated data to a web browser can result in the browser executing malicious code." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 119 }, "region": { "startLine": 8, "snippet": { "text": "\t
Welcome Back <%=webSession.getUserNameInLesson()%> - Staff Listing Page
" } }, "contextRegion": { "startLine": 5, "endLine": 11, "snippet": { "text": "\tWebSession webSession = ((WebSession)session.getAttribute(\"websession\"));\n\tint myUserId = webSession.getUserIdInLesson();\n%>\n\t
Welcome Back <%=webSession.getUserNameInLesson()%> - Staff Listing Page
\n\t\t
\n\t\t
\n\t\t
\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 507 }, { "index": 508 }, { "index": 509 }, { "index": 510 }, { "index": 511 }, { "index": 512 }, { "index": 516 }, { "index": 517 }, { "index": 518 }, { "index": 528 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 119 }, "region": { "startLine": 8, "snippet": { "text": "\t
Welcome Back <%=webSession.getUserNameInLesson()%> - Staff Listing Page
" } }, "contextRegion": { "startLine": 5, "endLine": 11, "snippet": { "text": "\tWebSession webSession = ((WebSession)session.getAttribute(\"websession\"));\n\tint myUserId = webSession.getUserIdInLesson();\n%>\n\t
Welcome Back <%=webSession.getUserNameInLesson()%> - Staff Listing Page
\n\t\t
\n\t\t
\n\t\t
\n" } } }, "message": { "text": "print(0)" } }, "kinds": [ "call", "function" ] } ] } ] }, { "threadFlows": [ { "locations": [ { "index": 507 }, { "index": 508 }, { "index": 509 }, { "index": 510 }, { "index": 511 }, { "index": 520 }, { "index": 521 }, { "index": 517 }, { "index": 518 }, { "index": 528 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 119 }, "region": { "startLine": 8, "snippet": { "text": "\t
Welcome Back <%=webSession.getUserNameInLesson()%> - Staff Listing Page
" } }, "contextRegion": { "startLine": 5, "endLine": 11, "snippet": { "text": "\tWebSession webSession = ((WebSession)session.getAttribute(\"websession\"));\n\tint myUserId = webSession.getUserIdInLesson();\n%>\n\t
Welcome Back <%=webSession.getUserNameInLesson()%> - Staff Listing Page
\n\t\t
\n\t\t
\n\t\t
\n" } } }, "message": { "text": "print(0)" } }, "kinds": [ "call", "function" ] } ] } ] }, { "threadFlows": [ { "locations": [ { "index": 507 }, { "index": 508 }, { "index": 509 }, { "index": 510 }, { "index": 511 }, { "index": 523 }, { "index": 524 }, { "index": 517 }, { "index": 518 }, { "index": 528 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 119 }, "region": { "startLine": 8, "snippet": { "text": "\t
Welcome Back <%=webSession.getUserNameInLesson()%> - Staff Listing Page
" } }, "contextRegion": { "startLine": 5, "endLine": 11, "snippet": { "text": "\tWebSession webSession = ((WebSession)session.getAttribute(\"websession\"));\n\tint myUserId = webSession.getUserIdInLesson();\n%>\n\t
Welcome Back <%=webSession.getUserNameInLesson()%> - Staff Listing Page
\n\t\t
\n\t\t
\n\t\t
\n" } } }, "message": { "text": "print(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 119 }, "region": { "startLine": 8 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "3.2166665" } }, { "ruleIndex": 33, "level": "note", "message": { "text": "Using print() rather than a dedicated logging facility makes it difficult to monitor the behavior of the program.\r\nUsing `System.out` or `System.err` rather than a dedicated logging facility makes it difficult to monitor the behavior of the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 761, "snippet": { "text": "\t\t\tSystem.out.print( \"Hex encoding: \" );" } }, "contextRegion": { "startLine": 758, "endLine": 764, "snippet": { "text": "\t\t\tSystem.out.println( \"Not Implemented\" + \" : \" + \"Not Implemented\" );\n\t\t\tSystem.out.print( \"URL encoding: \" );\n\t\t\tSystem.out.println( urlEncode( userInput ) + \" : \" + urlDecode( userInput ) );\n\t\t\tSystem.out.print( \"Hex encoding: \" );\n\t\t\tSystem.out.println( hexEncode( userInput ) + \" : \" + hexDecode( userInput ) );\n\t\t\tSystem.out.print( \"Rot13 encoding: \" );\n\t\t\tSystem.out.println( rot13( userInput ) + \" : \" + rot13( userInput ) );\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 761, "snippet": { "text": "\t\t\tSystem.out.print( \"Hex encoding: \" );" } }, "contextRegion": { "startLine": 758, "endLine": 764, "snippet": { "text": "\t\t\tSystem.out.println( \"Not Implemented\" + \" : \" + \"Not Implemented\" );\n\t\t\tSystem.out.print( \"URL encoding: \" );\n\t\t\tSystem.out.println( urlEncode( userInput ) + \" : \" + urlDecode( userInput ) );\n\t\t\tSystem.out.print( \"Hex encoding: \" );\n\t\t\tSystem.out.println( hexEncode( userInput ) + \" : \" + hexDecode( userInput ) );\n\t\t\tSystem.out.print( \"Rot13 encoding: \" );\n\t\t\tSystem.out.println( rot13( userInput ) + \" : \" + rot13( userInput ) );\n" } } }, "message": { "text": "FunctionCall: print" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 761 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 33, "level": "note", "message": { "text": "Using println() rather than a dedicated logging facility makes it difficult to monitor the behavior of the program.\r\nUsing `System.out` or `System.err` rather than a dedicated logging facility makes it difficult to monitor the behavior of the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 762, "snippet": { "text": "\t\t\tSystem.out.println( hexEncode( userInput ) + \" : \" + hexDecode( userInput ) );" } }, "contextRegion": { "startLine": 759, "endLine": 765, "snippet": { "text": "\t\t\tSystem.out.print( \"URL encoding: \" );\n\t\t\tSystem.out.println( urlEncode( userInput ) + \" : \" + urlDecode( userInput ) );\n\t\t\tSystem.out.print( \"Hex encoding: \" );\n\t\t\tSystem.out.println( hexEncode( userInput ) + \" : \" + hexDecode( userInput ) );\n\t\t\tSystem.out.print( \"Rot13 encoding: \" );\n\t\t\tSystem.out.println( rot13( userInput ) + \" : \" + rot13( userInput ) );\n\t\t\tSystem.out.print( \"XOR with password: \" );\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 762, "snippet": { "text": "\t\t\tSystem.out.println( hexEncode( userInput ) + \" : \" + hexDecode( userInput ) );" } }, "contextRegion": { "startLine": 759, "endLine": 765, "snippet": { "text": "\t\t\tSystem.out.print( \"URL encoding: \" );\n\t\t\tSystem.out.println( urlEncode( userInput ) + \" : \" + urlDecode( userInput ) );\n\t\t\tSystem.out.print( \"Hex encoding: \" );\n\t\t\tSystem.out.println( hexEncode( userInput ) + \" : \" + hexDecode( userInput ) );\n\t\t\tSystem.out.print( \"Rot13 encoding: \" );\n\t\t\tSystem.out.println( rot13( userInput ) + \" : \" + rot13( userInput ) );\n\t\t\tSystem.out.print( \"XOR with password: \" );\n" } } }, "message": { "text": "FunctionCall: println" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 762 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 33, "level": "note", "message": { "text": "Using print() rather than a dedicated logging facility makes it difficult to monitor the behavior of the program.\r\nUsing `System.out` or `System.err` rather than a dedicated logging facility makes it difficult to monitor the behavior of the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 763, "snippet": { "text": "\t\t\tSystem.out.print( \"Rot13 encoding: \" );" } }, "contextRegion": { "startLine": 760, "endLine": 766, "snippet": { "text": "\t\t\tSystem.out.println( urlEncode( userInput ) + \" : \" + urlDecode( userInput ) );\n\t\t\tSystem.out.print( \"Hex encoding: \" );\n\t\t\tSystem.out.println( hexEncode( userInput ) + \" : \" + hexDecode( userInput ) );\n\t\t\tSystem.out.print( \"Rot13 encoding: \" );\n\t\t\tSystem.out.println( rot13( userInput ) + \" : \" + rot13( userInput ) );\n\t\t\tSystem.out.print( \"XOR with password: \" );\n\t\t\tSystem.out.println( xorEncode( userInput, userKey ) + \" : \" + xorDecode( userInput, userKey ) );\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 763, "snippet": { "text": "\t\t\tSystem.out.print( \"Rot13 encoding: \" );" } }, "contextRegion": { "startLine": 760, "endLine": 766, "snippet": { "text": "\t\t\tSystem.out.println( urlEncode( userInput ) + \" : \" + urlDecode( userInput ) );\n\t\t\tSystem.out.print( \"Hex encoding: \" );\n\t\t\tSystem.out.println( hexEncode( userInput ) + \" : \" + hexDecode( userInput ) );\n\t\t\tSystem.out.print( \"Rot13 encoding: \" );\n\t\t\tSystem.out.println( rot13( userInput ) + \" : \" + rot13( userInput ) );\n\t\t\tSystem.out.print( \"XOR with password: \" );\n\t\t\tSystem.out.println( xorEncode( userInput, userKey ) + \" : \" + xorDecode( userInput, userKey ) );\n" } } }, "message": { "text": "FunctionCall: print" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 763 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 33, "level": "note", "message": { "text": "Using println() rather than a dedicated logging facility makes it difficult to monitor the behavior of the program.\r\nUsing `System.out` or `System.err` rather than a dedicated logging facility makes it difficult to monitor the behavior of the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 764, "snippet": { "text": "\t\t\tSystem.out.println( rot13( userInput ) + \" : \" + rot13( userInput ) );" } }, "contextRegion": { "startLine": 761, "endLine": 767, "snippet": { "text": "\t\t\tSystem.out.print( \"Hex encoding: \" );\n\t\t\tSystem.out.println( hexEncode( userInput ) + \" : \" + hexDecode( userInput ) );\n\t\t\tSystem.out.print( \"Rot13 encoding: \" );\n\t\t\tSystem.out.println( rot13( userInput ) + \" : \" + rot13( userInput ) );\n\t\t\tSystem.out.print( \"XOR with password: \" );\n\t\t\tSystem.out.println( xorEncode( userInput, userKey ) + \" : \" + xorDecode( userInput, userKey ) );\n\t\t\tSystem.out.print( \"Double unicode encoding is...\" );\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 764, "snippet": { "text": "\t\t\tSystem.out.println( rot13( userInput ) + \" : \" + rot13( userInput ) );" } }, "contextRegion": { "startLine": 761, "endLine": 767, "snippet": { "text": "\t\t\tSystem.out.print( \"Hex encoding: \" );\n\t\t\tSystem.out.println( hexEncode( userInput ) + \" : \" + hexDecode( userInput ) );\n\t\t\tSystem.out.print( \"Rot13 encoding: \" );\n\t\t\tSystem.out.println( rot13( userInput ) + \" : \" + rot13( userInput ) );\n\t\t\tSystem.out.print( \"XOR with password: \" );\n\t\t\tSystem.out.println( xorEncode( userInput, userKey ) + \" : \" + xorDecode( userInput, userKey ) );\n\t\t\tSystem.out.print( \"Double unicode encoding is...\" );\n" } } }, "message": { "text": "FunctionCall: println" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 764 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 33, "level": "note", "message": { "text": "Using print() rather than a dedicated logging facility makes it difficult to monitor the behavior of the program.\r\nUsing `System.out` or `System.err` rather than a dedicated logging facility makes it difficult to monitor the behavior of the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 765, "snippet": { "text": "\t\t\tSystem.out.print( \"XOR with password: \" );" } }, "contextRegion": { "startLine": 762, "endLine": 768, "snippet": { "text": "\t\t\tSystem.out.println( hexEncode( userInput ) + \" : \" + hexDecode( userInput ) );\n\t\t\tSystem.out.print( \"Rot13 encoding: \" );\n\t\t\tSystem.out.println( rot13( userInput ) + \" : \" + rot13( userInput ) );\n\t\t\tSystem.out.print( \"XOR with password: \" );\n\t\t\tSystem.out.println( xorEncode( userInput, userKey ) + \" : \" + xorDecode( userInput, userKey ) );\n\t\t\tSystem.out.print( \"Double unicode encoding is...\" );\n\t\t\tSystem.out.println( \"Not Implemented\" + \" : \" + \"Not Implemented\" );\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 765, "snippet": { "text": "\t\t\tSystem.out.print( \"XOR with password: \" );" } }, "contextRegion": { "startLine": 762, "endLine": 768, "snippet": { "text": "\t\t\tSystem.out.println( hexEncode( userInput ) + \" : \" + hexDecode( userInput ) );\n\t\t\tSystem.out.print( \"Rot13 encoding: \" );\n\t\t\tSystem.out.println( rot13( userInput ) + \" : \" + rot13( userInput ) );\n\t\t\tSystem.out.print( \"XOR with password: \" );\n\t\t\tSystem.out.println( xorEncode( userInput, userKey ) + \" : \" + xorDecode( userInput, userKey ) );\n\t\t\tSystem.out.print( \"Double unicode encoding is...\" );\n\t\t\tSystem.out.println( \"Not Implemented\" + \" : \" + \"Not Implemented\" );\n" } } }, "message": { "text": "FunctionCall: print" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 765 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 33, "level": "note", "message": { "text": "Using println() rather than a dedicated logging facility makes it difficult to monitor the behavior of the program.\r\nUsing `System.out` or `System.err` rather than a dedicated logging facility makes it difficult to monitor the behavior of the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 766, "snippet": { "text": "\t\t\tSystem.out.println( xorEncode( userInput, userKey ) + \" : \" + xorDecode( userInput, userKey ) );" } }, "contextRegion": { "startLine": 763, "endLine": 769, "snippet": { "text": "\t\t\tSystem.out.print( \"Rot13 encoding: \" );\n\t\t\tSystem.out.println( rot13( userInput ) + \" : \" + rot13( userInput ) );\n\t\t\tSystem.out.print( \"XOR with password: \" );\n\t\t\tSystem.out.println( xorEncode( userInput, userKey ) + \" : \" + xorDecode( userInput, userKey ) );\n\t\t\tSystem.out.print( \"Double unicode encoding is...\" );\n\t\t\tSystem.out.println( \"Not Implemented\" + \" : \" + \"Not Implemented\" );\n\t\t\tSystem.out.print( \"Double URL encoding: \" );\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 766, "snippet": { "text": "\t\t\tSystem.out.println( xorEncode( userInput, userKey ) + \" : \" + xorDecode( userInput, userKey ) );" } }, "contextRegion": { "startLine": 763, "endLine": 769, "snippet": { "text": "\t\t\tSystem.out.print( \"Rot13 encoding: \" );\n\t\t\tSystem.out.println( rot13( userInput ) + \" : \" + rot13( userInput ) );\n\t\t\tSystem.out.print( \"XOR with password: \" );\n\t\t\tSystem.out.println( xorEncode( userInput, userKey ) + \" : \" + xorDecode( userInput, userKey ) );\n\t\t\tSystem.out.print( \"Double unicode encoding is...\" );\n\t\t\tSystem.out.println( \"Not Implemented\" + \" : \" + \"Not Implemented\" );\n\t\t\tSystem.out.print( \"Double URL encoding: \" );\n" } } }, "message": { "text": "FunctionCall: println" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 766 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 33, "level": "note", "message": { "text": "Using print() rather than a dedicated logging facility makes it difficult to monitor the behavior of the program.\r\nUsing `System.out` or `System.err` rather than a dedicated logging facility makes it difficult to monitor the behavior of the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 767, "snippet": { "text": "\t\t\tSystem.out.print( \"Double unicode encoding is...\" );" } }, "contextRegion": { "startLine": 764, "endLine": 770, "snippet": { "text": "\t\t\tSystem.out.println( rot13( userInput ) + \" : \" + rot13( userInput ) );\n\t\t\tSystem.out.print( \"XOR with password: \" );\n\t\t\tSystem.out.println( xorEncode( userInput, userKey ) + \" : \" + xorDecode( userInput, userKey ) );\n\t\t\tSystem.out.print( \"Double unicode encoding is...\" );\n\t\t\tSystem.out.println( \"Not Implemented\" + \" : \" + \"Not Implemented\" );\n\t\t\tSystem.out.print( \"Double URL encoding: \" );\n\t\t\tSystem.out.println( urlEncode( urlEncode( userInput ) ) + \" : \" + urlDecode( urlDecode( userInput ) ) );\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 767, "snippet": { "text": "\t\t\tSystem.out.print( \"Double unicode encoding is...\" );" } }, "contextRegion": { "startLine": 764, "endLine": 770, "snippet": { "text": "\t\t\tSystem.out.println( rot13( userInput ) + \" : \" + rot13( userInput ) );\n\t\t\tSystem.out.print( \"XOR with password: \" );\n\t\t\tSystem.out.println( xorEncode( userInput, userKey ) + \" : \" + xorDecode( userInput, userKey ) );\n\t\t\tSystem.out.print( \"Double unicode encoding is...\" );\n\t\t\tSystem.out.println( \"Not Implemented\" + \" : \" + \"Not Implemented\" );\n\t\t\tSystem.out.print( \"Double URL encoding: \" );\n\t\t\tSystem.out.println( urlEncode( urlEncode( userInput ) ) + \" : \" + urlDecode( urlDecode( userInput ) ) );\n" } } }, "message": { "text": "FunctionCall: print" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 767 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 33, "level": "note", "message": { "text": "Using println() rather than a dedicated logging facility makes it difficult to monitor the behavior of the program.\r\nUsing `System.out` or `System.err` rather than a dedicated logging facility makes it difficult to monitor the behavior of the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 768, "snippet": { "text": "\t\t\tSystem.out.println( \"Not Implemented\" + \" : \" + \"Not Implemented\" );" } }, "contextRegion": { "startLine": 765, "endLine": 771, "snippet": { "text": "\t\t\tSystem.out.print( \"XOR with password: \" );\n\t\t\tSystem.out.println( xorEncode( userInput, userKey ) + \" : \" + xorDecode( userInput, userKey ) );\n\t\t\tSystem.out.print( \"Double unicode encoding is...\" );\n\t\t\tSystem.out.println( \"Not Implemented\" + \" : \" + \"Not Implemented\" );\n\t\t\tSystem.out.print( \"Double URL encoding: \" );\n\t\t\tSystem.out.println( urlEncode( urlEncode( userInput ) ) + \" : \" + urlDecode( urlDecode( userInput ) ) );\n\t\t}\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 768, "snippet": { "text": "\t\t\tSystem.out.println( \"Not Implemented\" + \" : \" + \"Not Implemented\" );" } }, "contextRegion": { "startLine": 765, "endLine": 771, "snippet": { "text": "\t\t\tSystem.out.print( \"XOR with password: \" );\n\t\t\tSystem.out.println( xorEncode( userInput, userKey ) + \" : \" + xorDecode( userInput, userKey ) );\n\t\t\tSystem.out.print( \"Double unicode encoding is...\" );\n\t\t\tSystem.out.println( \"Not Implemented\" + \" : \" + \"Not Implemented\" );\n\t\t\tSystem.out.print( \"Double URL encoding: \" );\n\t\t\tSystem.out.println( urlEncode( urlEncode( userInput ) ) + \" : \" + urlDecode( urlDecode( userInput ) ) );\n\t\t}\n" } } }, "message": { "text": "FunctionCall: println" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 768 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 33, "level": "note", "message": { "text": "Using print() rather than a dedicated logging facility makes it difficult to monitor the behavior of the program.\r\nUsing `System.out` or `System.err` rather than a dedicated logging facility makes it difficult to monitor the behavior of the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 769, "snippet": { "text": "\t\t\tSystem.out.print( \"Double URL encoding: \" );" } }, "contextRegion": { "startLine": 766, "endLine": 772, "snippet": { "text": "\t\t\tSystem.out.println( xorEncode( userInput, userKey ) + \" : \" + xorDecode( userInput, userKey ) );\n\t\t\tSystem.out.print( \"Double unicode encoding is...\" );\n\t\t\tSystem.out.println( \"Not Implemented\" + \" : \" + \"Not Implemented\" );\n\t\t\tSystem.out.print( \"Double URL encoding: \" );\n\t\t\tSystem.out.println( urlEncode( urlEncode( userInput ) ) + \" : \" + urlDecode( urlDecode( userInput ) ) );\n\t\t}\n\t\tcatch ( Exception e )\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 769, "snippet": { "text": "\t\t\tSystem.out.print( \"Double URL encoding: \" );" } }, "contextRegion": { "startLine": 766, "endLine": 772, "snippet": { "text": "\t\t\tSystem.out.println( xorEncode( userInput, userKey ) + \" : \" + xorDecode( userInput, userKey ) );\n\t\t\tSystem.out.print( \"Double unicode encoding is...\" );\n\t\t\tSystem.out.println( \"Not Implemented\" + \" : \" + \"Not Implemented\" );\n\t\t\tSystem.out.print( \"Double URL encoding: \" );\n\t\t\tSystem.out.println( urlEncode( urlEncode( userInput ) ) + \" : \" + urlDecode( urlDecode( userInput ) ) );\n\t\t}\n\t\tcatch ( Exception e )\n" } } }, "message": { "text": "FunctionCall: print" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 769 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 33, "level": "note", "message": { "text": "Using println() rather than a dedicated logging facility makes it difficult to monitor the behavior of the program.\r\nUsing `System.out` or `System.err` rather than a dedicated logging facility makes it difficult to monitor the behavior of the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 770, "snippet": { "text": "\t\t\tSystem.out.println( urlEncode( urlEncode( userInput ) ) + \" : \" + urlDecode( urlDecode( userInput ) ) );" } }, "contextRegion": { "startLine": 767, "endLine": 773, "snippet": { "text": "\t\t\tSystem.out.print( \"Double unicode encoding is...\" );\n\t\t\tSystem.out.println( \"Not Implemented\" + \" : \" + \"Not Implemented\" );\n\t\t\tSystem.out.print( \"Double URL encoding: \" );\n\t\t\tSystem.out.println( urlEncode( urlEncode( userInput ) ) + \" : \" + urlDecode( urlDecode( userInput ) ) );\n\t\t}\n\t\tcatch ( Exception e )\n\t\t{\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 770, "snippet": { "text": "\t\t\tSystem.out.println( urlEncode( urlEncode( userInput ) ) + \" : \" + urlDecode( urlDecode( userInput ) ) );" } }, "contextRegion": { "startLine": 767, "endLine": 773, "snippet": { "text": "\t\t\tSystem.out.print( \"Double unicode encoding is...\" );\n\t\t\tSystem.out.println( \"Not Implemented\" + \" : \" + \"Not Implemented\" );\n\t\t\tSystem.out.print( \"Double URL encoding: \" );\n\t\t\tSystem.out.println( urlEncode( urlEncode( userInput ) ) + \" : \" + urlDecode( urlDecode( userInput ) ) );\n\t\t}\n\t\tcatch ( Exception e )\n\t\t{\n" } } }, "message": { "text": "FunctionCall: println" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 770 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 36, "level": "error", "message": { "text": "The method _jspService() in [ViewProfile.jsp](1) sends unvalidated data to a web browser on line [11](1), which can result in the browser executing malicious code.\r\nSending unvalidated data to a web browser can result in the browser executing malicious code." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 16 }, "region": { "startLine": 11, "snippet": { "text": "\t\t
Welcome Back <%=webSession.getUserNameInLesson()%>
" } }, "contextRegion": { "startLine": 8, "endLine": 14, "snippet": { "text": "\tEmployee employee = (Employee) session.getAttribute(\"CrossSiteScripting.\" + CrossSiteScripting.EMPLOYEE_ATTRIBUTE_KEY);\n//\tint myUserId = getIntSessionAttribute(webSession, \"CrossSiteScripting.\" + CrossSiteScripting.USER_ID);\n%>\n\t\t
Welcome Back <%=webSession.getUserNameInLesson()%>
\n\t\t
\n\t\t\t\t\n\t\t\t\t
\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 507 }, { "index": 508 }, { "index": 509 }, { "index": 510 }, { "index": 511 }, { "index": 512 }, { "index": 516 }, { "index": 517 }, { "index": 518 }, { "index": 519 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 16 }, "region": { "startLine": 11, "snippet": { "text": "\t\t
Welcome Back <%=webSession.getUserNameInLesson()%>
" } }, "contextRegion": { "startLine": 8, "endLine": 14, "snippet": { "text": "\tEmployee employee = (Employee) session.getAttribute(\"CrossSiteScripting.\" + CrossSiteScripting.EMPLOYEE_ATTRIBUTE_KEY);\n//\tint myUserId = getIntSessionAttribute(webSession, \"CrossSiteScripting.\" + CrossSiteScripting.USER_ID);\n%>\n\t\t
Welcome Back <%=webSession.getUserNameInLesson()%>
\n\t\t
\n\t\t\t\t\n\t\t\t\t
\n" } } }, "message": { "text": "print(0)" } }, "kinds": [ "call", "function" ] } ] } ] }, { "threadFlows": [ { "locations": [ { "index": 507 }, { "index": 508 }, { "index": 509 }, { "index": 510 }, { "index": 511 }, { "index": 520 }, { "index": 521 }, { "index": 517 }, { "index": 518 }, { "index": 519 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 16 }, "region": { "startLine": 11, "snippet": { "text": "\t\t
Welcome Back <%=webSession.getUserNameInLesson()%>
" } }, "contextRegion": { "startLine": 8, "endLine": 14, "snippet": { "text": "\tEmployee employee = (Employee) session.getAttribute(\"CrossSiteScripting.\" + CrossSiteScripting.EMPLOYEE_ATTRIBUTE_KEY);\n//\tint myUserId = getIntSessionAttribute(webSession, \"CrossSiteScripting.\" + CrossSiteScripting.USER_ID);\n%>\n\t\t
Welcome Back <%=webSession.getUserNameInLesson()%>
\n\t\t
\n\t\t\t\t\n\t\t\t\t
\n" } } }, "message": { "text": "print(0)" } }, "kinds": [ "call", "function" ] } ] } ] }, { "threadFlows": [ { "locations": [ { "index": 507 }, { "index": 508 }, { "index": 509 }, { "index": 510 }, { "index": 511 }, { "index": 523 }, { "index": 524 }, { "index": 517 }, { "index": 518 }, { "index": 519 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 16 }, "region": { "startLine": 11, "snippet": { "text": "\t\t
Welcome Back <%=webSession.getUserNameInLesson()%>
" } }, "contextRegion": { "startLine": 8, "endLine": 14, "snippet": { "text": "\tEmployee employee = (Employee) session.getAttribute(\"CrossSiteScripting.\" + CrossSiteScripting.EMPLOYEE_ATTRIBUTE_KEY);\n//\tint myUserId = getIntSessionAttribute(webSession, \"CrossSiteScripting.\" + CrossSiteScripting.USER_ID);\n%>\n\t\t
Welcome Back <%=webSession.getUserNameInLesson()%>
\n\t\t
\n\t\t\t\t\n\t\t\t\t
\n" } } }, "message": { "text": "print(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 16 }, "region": { "startLine": 11 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "3.2166665" } }, { "ruleIndex": 17, "message": { "text": "The catch block at [ReflectedXSS.java](1) line [219](1) handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program.\r\nThe catch block handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 137 }, "region": { "startLine": 219, "endLine": 223, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\r\n\t e.printStackTrace();\r\n\t}" } }, "contextRegion": { "startLine": 216, "endLine": 226, "snippet": { "text": "\t ec.addElement(new BR());\n\t ec.addElement(new HR().setWidth(\"90%\"));\n\t}\n\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\n\t e.printStackTrace();\n\t}\n\treturn (ec);\n }\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 137 }, "region": { "startLine": 219, "endLine": 223, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\r\n\t e.printStackTrace();\r\n\t}" } }, "contextRegion": { "startLine": 216, "endLine": 226, "snippet": { "text": "\t ec.addElement(new BR());\n\t ec.addElement(new HR().setWidth(\"90%\"));\n\t}\n\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\n\t e.printStackTrace();\n\t}\n\treturn (ec);\n }\n\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 137 }, "region": { "startLine": 219, "startColumn": 2, "endLine": 223 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 17, "message": { "text": "The catch block at [ThreadSafetyProblem.java](1) line [214](1) handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program.\r\nThe catch block handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 12 }, "region": { "startLine": 214, "endLine": 218, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t System.out.println(\"Exception caught: \" + e);\r\n\t e.printStackTrace(System.out);\r\n\t}" } }, "contextRegion": { "startLine": 211, "endLine": 221, "snippet": { "text": "\t\tconnection = DatabaseUtilities.makeConnection(s);\n\t }\n\t}\n\tcatch (Exception e)\n\t{\n\t System.out.println(\"Exception caught: \" + e);\n\t e.printStackTrace(System.out);\n\t}\n }\n \n public Element getCredits()\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 12 }, "region": { "startLine": 214, "endLine": 218, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t System.out.println(\"Exception caught: \" + e);\r\n\t e.printStackTrace(System.out);\r\n\t}" } }, "contextRegion": { "startLine": 211, "endLine": 221, "snippet": { "text": "\t\tconnection = DatabaseUtilities.makeConnection(s);\n\t }\n\t}\n\tcatch (Exception e)\n\t{\n\t System.out.println(\"Exception caught: \" + e);\n\t e.printStackTrace(System.out);\n\t}\n }\n \n public Element getCredits()\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 12 }, "region": { "startLine": 214, "startColumn": 2, "endLine": 218 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 68, "message": { "text": "Without proper access control, the method changeEmployeeProfile() in [UpdateProfile.java](1) can execute a SQL statement on line [248](1) that contains an attacker-controlled primary key, thereby allowing the attacker to access unauthorized records.\r\nWithout proper access control, executing a SQL statement that contains a user-controlled primary key can allow an attacker to view unauthorized records." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 248, "snippet": { "text": "\t\tanswer_statement.executeUpdate(query);" } }, "contextRegion": { "startLine": 245, "endLine": 251, "snippet": { "text": "\t\tStatement answer_statement = WebSession.getConnection(s)\n\t\t\t.createStatement(ResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tanswer_statement.executeUpdate(query);\n\t }\n\t catch (SQLException sqle)\n\t {\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 234 }, { "index": 235 }, { "index": 236 }, { "index": 237 }, { "index": 90 }, { "index": 91 }, { "index": 239 }, { "index": 93 }, { "index": 554 }, { "index": 555 }, { "index": 82 }, { "index": 149 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 248, "snippet": { "text": "\t\tanswer_statement.executeUpdate(query);" } }, "contextRegion": { "startLine": 245, "endLine": 251, "snippet": { "text": "\t\tStatement answer_statement = WebSession.getConnection(s)\n\t\t\t.createStatement(ResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tanswer_statement.executeUpdate(query);\n\t }\n\t catch (SQLException sqle)\n\t {\n" } } }, "message": { "text": "executeUpdate(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 248, "startColumn": 34 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 108, "level": "error", "message": { "text": "The method ParameterNotFoundException() in [ParameterNotFoundException.java](1) mishandles confidential information, which can compromise user privacy and is often illegal.\r\nMishandling private information, such as customer passwords or social security numbers, can compromise user privacy and is often illegal." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 77 }, "region": { "startLine": 54, "snippet": { "text": "\tsuper(s);" } }, "contextRegion": { "startLine": 51, "endLine": 57, "snippet": { "text": " */\n public ParameterNotFoundException(String s)\n {\n\tsuper(s);\n }\n}\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 60 }, { "index": 61 }, { "index": 164 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 77 }, "region": { "startLine": 54, "snippet": { "text": "\tsuper(s);" } }, "contextRegion": { "startLine": 51, "endLine": 57, "snippet": { "text": " */\n public ParameterNotFoundException(String s)\n {\n\tsuper(s);\n }\n}\n" } } }, "message": { "text": "Exception(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 77 }, "region": { "startLine": 54, "startColumn": 8 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 16, "message": { "text": "Storing passwords or password details in plaintext anywhere in the system or system code may compromise system security in a way that cannot be easily remedied." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 48 }, "region": { "startLine": 98, "snippet": { "text": "\t // Don't let the fail open pass with a blank password." } }, "contextRegion": { "startLine": 95, "endLine": 101, "snippet": { "text": "\t\t}\n\t }\n\n\t // Don't let the fail open pass with a blank password.\n\t if (password.length() == 0)\n\t {\n\t\t// We make sure the username was submitted to avoid telling the user an invalid\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 48 }, "region": { "startLine": 98, "snippet": { "text": "\t // Don't let the fail open pass with a blank password." } }, "contextRegion": { "startLine": 95, "endLine": 101, "snippet": { "text": "\t\t}\n\t }\n\n\t // Don't let the fail open pass with a blank password.\n\t if (password.length() == 0)\n\t {\n\t\t// We make sure the username was submitted to avoid telling the user an invalid\n" } } }, "message": { "text": "Comment" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 48 }, "region": { "startLine": 98, "startColumn": 6 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function getDatabaseConnectionString() in [WebSession.java](1) might reveal system data or debugging information by calling printStackTrace() on line [448](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 46 }, "region": { "startLine": 448, "snippet": { "text": "\t\t\te.printStackTrace();" } }, "contextRegion": { "startLine": 445, "endLine": 451, "snippet": { "text": "\t\tcatch ( Exception e )\n\t\t{\n\t\t\tSystem.out.println( \"Couldn't open database: check web.xml database parameters\" );\n\t\t\te.printStackTrace();\n\t\t}\n\n\t\treturn null;\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 46 }, "region": { "startLine": 448, "snippet": { "text": "\t\t\te.printStackTrace();" } }, "contextRegion": { "startLine": 445, "endLine": 451, "snippet": { "text": "\t\tcatch ( Exception e )\n\t\t{\n\t\t\tSystem.out.println( \"Couldn't open database: check web.xml database parameters\" );\n\t\t\te.printStackTrace();\n\t\t}\n\n\t\treturn null;\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 46 }, "region": { "startLine": 448 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 17, "message": { "text": "The catch block at [Login.java](1) line [166](1) handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program.\r\nThe catch block handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 37 }, "region": { "startLine": 166, "endLine": 170, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t s.setMessage(\"Error logging in\");\r\n\t e.printStackTrace();\r\n\t}" } }, "contextRegion": { "startLine": 163, "endLine": 173, "snippet": { "text": "\t\tsqle.printStackTrace();\n\t }\n\t}\n\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error logging in\");\n\t e.printStackTrace();\n\t}\n\n\t//System.out.println(\"Lesson login result: \" + authenticated);\n\treturn authenticated;\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 37 }, "region": { "startLine": 166, "endLine": 170, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t s.setMessage(\"Error logging in\");\r\n\t e.printStackTrace();\r\n\t}" } }, "contextRegion": { "startLine": 163, "endLine": 173, "snippet": { "text": "\t\tsqle.printStackTrace();\n\t }\n\t}\n\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error logging in\");\n\t e.printStackTrace();\n\t}\n\n\t//System.out.println(\"Lesson login result: \" + authenticated);\n\treturn authenticated;\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 37 }, "region": { "startLine": 166, "startColumn": 2, "endLine": 170 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 33, "level": "note", "message": { "text": "Using println() rather than a dedicated logging facility makes it difficult to monitor the behavior of the program.\r\nUsing `System.out` or `System.err` rather than a dedicated logging facility makes it difficult to monitor the behavior of the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 760, "snippet": { "text": "\t\t\tSystem.out.println( urlEncode( userInput ) + \" : \" + urlDecode( userInput ) );" } }, "contextRegion": { "startLine": 757, "endLine": 763, "snippet": { "text": "\t\t\tSystem.out.print( \"Unicode encoding: \" );\n\t\t\tSystem.out.println( \"Not Implemented\" + \" : \" + \"Not Implemented\" );\n\t\t\tSystem.out.print( \"URL encoding: \" );\n\t\t\tSystem.out.println( urlEncode( userInput ) + \" : \" + urlDecode( userInput ) );\n\t\t\tSystem.out.print( \"Hex encoding: \" );\n\t\t\tSystem.out.println( hexEncode( userInput ) + \" : \" + hexDecode( userInput ) );\n\t\t\tSystem.out.print( \"Rot13 encoding: \" );\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 760, "snippet": { "text": "\t\t\tSystem.out.println( urlEncode( userInput ) + \" : \" + urlDecode( userInput ) );" } }, "contextRegion": { "startLine": 757, "endLine": 763, "snippet": { "text": "\t\t\tSystem.out.print( \"Unicode encoding: \" );\n\t\t\tSystem.out.println( \"Not Implemented\" + \" : \" + \"Not Implemented\" );\n\t\t\tSystem.out.print( \"URL encoding: \" );\n\t\t\tSystem.out.println( urlEncode( userInput ) + \" : \" + urlDecode( userInput ) );\n\t\t\tSystem.out.print( \"Hex encoding: \" );\n\t\t\tSystem.out.println( hexEncode( userInput ) + \" : \" + hexDecode( userInput ) );\n\t\t\tSystem.out.print( \"Rot13 encoding: \" );\n" } } }, "message": { "text": "FunctionCall: println" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 760 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 17, "message": { "text": "The catch block at [LessonTracker.java](1) line [391](1) handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program.\r\nThe catch block handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 14 }, "region": { "startLine": 391, "endLine": 396, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t // what do we want to do, I think nothing.\r\n\t System.out.println(\"Warning User data for \" + s.getUserName()\r\n\t\t + \" will not persist\");\r\n\t}" } }, "contextRegion": { "startLine": 388, "endLine": 399, "snippet": { "text": "\t out = new FileOutputStream(fileName);\n\t lessonProperties.store(out, s.getUserName());\n\t}\n\tcatch (Exception e)\n\t{\n\t // what do we want to do, I think nothing.\n\t System.out.println(\"Warning User data for \" + s.getUserName()\n\t\t + \" will not persist\");\n\t}\n\tfinally\n\t{\n\t try\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 14 }, "region": { "startLine": 391, "endLine": 396, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t // what do we want to do, I think nothing.\r\n\t System.out.println(\"Warning User data for \" + s.getUserName()\r\n\t\t + \" will not persist\");\r\n\t}" } }, "contextRegion": { "startLine": 388, "endLine": 399, "snippet": { "text": "\t out = new FileOutputStream(fileName);\n\t lessonProperties.store(out, s.getUserName());\n\t}\n\tcatch (Exception e)\n\t{\n\t // what do we want to do, I think nothing.\n\t System.out.println(\"Warning User data for \" + s.getUserName()\n\t\t + \" will not persist\");\n\t}\n\tfinally\n\t{\n\t try\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 14 }, "region": { "startLine": 391, "startColumn": 2, "endLine": 396 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 17, "message": { "text": "The catch block at [LessonTracker.java](1) line [403](1) handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program.\r\nThe catch block handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 14 }, "region": { "startLine": 403, "endLine": 404, "snippet": { "text": "\t catch (Exception e)\r\n\t {}" } }, "contextRegion": { "startLine": 400, "endLine": 407, "snippet": { "text": "\t {\n\t\tout.close();\n\t }\n\t catch (Exception e)\n\t {}\n\t}\n\n }\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 14 }, "region": { "startLine": 403, "endLine": 404, "snippet": { "text": "\t catch (Exception e)\r\n\t {}" } }, "contextRegion": { "startLine": 400, "endLine": 407, "snippet": { "text": "\t {\n\t\tout.close();\n\t }\n\t catch (Exception e)\n\t {}\n\t}\n\n }\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 14 }, "region": { "startLine": 403, "startColumn": 6, "endLine": 404 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function createContent() in [UncheckedEmail.java](1) might reveal system data or debugging information by calling printStackTrace() on line [196](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 91 }, "region": { "startLine": 196, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 193, "endLine": 199, "snippet": { "text": "\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\n\t e.printStackTrace();\n\t}\n\treturn (ec);\n }\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 91 }, "region": { "startLine": 196, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 193, "endLine": 199, "snippet": { "text": "\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\n\t e.printStackTrace();\n\t}\n\treturn (ec);\n }\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 91 }, "region": { "startLine": 196 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 102, "level": "error", "message": { "text": "On line [134](1) of [DOS_Login.java](1), the method createContent() invokes a SQL query built using input coming from an untrusted source. This call could allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands.\r\nConstructing a dynamic SQL statement with input coming from an untrusted source could allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 45 }, "region": { "startLine": 134, "snippet": { "text": "\t\t\t statement.executeUpdate(insertData1);" } }, "contextRegion": { "startLine": 131, "endLine": 137, "snippet": { "text": "\t\t\t\t + \"', '\"\n\t\t\t\t + s.getUserName()\n\t\t\t\t + \"' )\";\n\t\t\t statement.executeUpdate(insertData1);\n\t\t\t}\n\t\t\t// check the total count of logins\n\t\t\tquery = \"SELECT * FROM user_login WHERE webgoat_user = '\"\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 0 }, { "index": 2 }, { "index": 3 }, { "index": 556 }, { "index": 557 }, { "index": 558 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 45 }, "region": { "startLine": 134, "snippet": { "text": "\t\t\t statement.executeUpdate(insertData1);" } }, "contextRegion": { "startLine": 131, "endLine": 137, "snippet": { "text": "\t\t\t\t + \"', '\"\n\t\t\t\t + s.getUserName()\n\t\t\t\t + \"' )\";\n\t\t\t statement.executeUpdate(insertData1);\n\t\t\t}\n\t\t\t// check the total count of logins\n\t\t\tquery = \"SELECT * FROM user_login WHERE webgoat_user = '\"\n" } } }, "message": { "text": "executeUpdate(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 45 }, "region": { "startLine": 134, "startColumn": 32 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 42, "message": { "text": "The method doPost() in [HammerHead.java](1) commingles trusted and untrusted data in the same data structure, which encourages programmers to mistakenly trust unvalidated data.\r\nCommingling trusted and untrusted data in the same data structure encourages programmers to mistakenly trust unvalidated data." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 184, "snippet": { "text": "\t request.getSession().setAttribute(\"websession\", mySession);" } }, "contextRegion": { "startLine": 181, "endLine": 187, "snippet": { "text": "\t\tclientBrowser = userAgent;\n\t }\n\t request.setAttribute(\"client.browser\", clientBrowser);\n\t request.getSession().setAttribute(\"websession\", mySession);\n\t request.getSession().setAttribute(\"course\", mySession.getCourse());\n\n\t request.getRequestDispatcher(getViewPage(mySession)).forward(\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 551 }, { "index": 552 }, { "index": 553 }, { "index": 135 }, { "index": 157 }, { "index": 559 }, { "index": 159 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 184, "snippet": { "text": "\t request.getSession().setAttribute(\"websession\", mySession);" } }, "contextRegion": { "startLine": 181, "endLine": 187, "snippet": { "text": "\t\tclientBrowser = userAgent;\n\t }\n\t request.setAttribute(\"client.browser\", clientBrowser);\n\t request.getSession().setAttribute(\"websession\", mySession);\n\t request.getSession().setAttribute(\"course\", mySession.getCourse());\n\n\t request.getRequestDispatcher(getViewPage(mySession)).forward(\n" } } }, "message": { "text": "setAttribute(1)" } }, "kinds": [ "call", "function" ] } ] } ] }, { "threadFlows": [ { "locations": [ { "index": 551 }, { "index": 552 }, { "index": 553 }, { "index": 135 }, { "index": 179 }, { "index": 180 }, { "index": 181 }, { "index": 182 }, { "index": 183 }, { "index": 157 }, { "index": 559 }, { "index": 159 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 184, "snippet": { "text": "\t request.getSession().setAttribute(\"websession\", mySession);" } }, "contextRegion": { "startLine": 181, "endLine": 187, "snippet": { "text": "\t\tclientBrowser = userAgent;\n\t }\n\t request.setAttribute(\"client.browser\", clientBrowser);\n\t request.getSession().setAttribute(\"websession\", mySession);\n\t request.getSession().setAttribute(\"course\", mySession.getCourse());\n\n\t request.getRequestDispatcher(getViewPage(mySession)).forward(\n" } } }, "message": { "text": "setAttribute(1)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 184 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 104, "level": "note", "message": { "text": "The method createContent() in [TraceXSS.java](1) never uses the initial value it assigns to the variable quantity on line [77](1).\r\nThe variable's value is assigned but never used, making it a dead store." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 62 }, "region": { "startLine": 77, "snippet": { "text": "\t float quantity = 1.0f;" } }, "contextRegion": { "startLine": 74, "endLine": 80, "snippet": { "text": "\t String param1 = s.getParser().getRawParameter(\"field1\", \"111\");\n\t String param2 = HtmlEncoder.encode(s.getParser().getRawParameter(\n\t\t \"field2\", \"4128 3214 0002 1999\"));\n\t float quantity = 1.0f;\n\t float total = 0.0f;\n\t float runningTotal = 0.0f;\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 62 }, "region": { "startLine": 77, "snippet": { "text": "\t float quantity = 1.0f;" } }, "contextRegion": { "startLine": 74, "endLine": 80, "snippet": { "text": "\t String param1 = s.getParser().getRawParameter(\"field1\", \"111\");\n\t String param2 = HtmlEncoder.encode(s.getParser().getRawParameter(\n\t\t \"field2\", \"4128 3214 0002 1999\"));\n\t float quantity = 1.0f;\n\t float total = 0.0f;\n\t float runningTotal = 0.0f;\n\n" } } }, "message": { "text": "VariableAccess: quantity" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 62 }, "region": { "startLine": 77, "snippet": { "text": "\t float quantity = 1.0f;" } }, "contextRegion": { "startLine": 74, "endLine": 80, "snippet": { "text": "\t String param1 = s.getParser().getRawParameter(\"field1\", \"111\");\n\t String param2 = HtmlEncoder.encode(s.getParser().getRawParameter(\n\t\t \"field2\", \"4128 3214 0002 1999\"));\n\t float quantity = 1.0f;\n\t float total = 0.0f;\n\t float runningTotal = 0.0f;\n\n" } } }, "message": { "text": "Variable: quantity" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 62 }, "region": { "startLine": 77, "startColumn": 6 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 104, "level": "note", "message": { "text": "The method createContent() in [TraceXSS.java](1) never uses the initial value it assigns to the variable total on line [78](1).\r\nThe variable's value is assigned but never used, making it a dead store." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 62 }, "region": { "startLine": 78, "snippet": { "text": "\t float total = 0.0f;" } }, "contextRegion": { "startLine": 75, "endLine": 81, "snippet": { "text": "\t String param2 = HtmlEncoder.encode(s.getParser().getRawParameter(\n\t\t \"field2\", \"4128 3214 0002 1999\"));\n\t float quantity = 1.0f;\n\t float total = 0.0f;\n\t float runningTotal = 0.0f;\n\n\t // test input field1\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 62 }, "region": { "startLine": 78, "snippet": { "text": "\t float total = 0.0f;" } }, "contextRegion": { "startLine": 75, "endLine": 81, "snippet": { "text": "\t String param2 = HtmlEncoder.encode(s.getParser().getRawParameter(\n\t\t \"field2\", \"4128 3214 0002 1999\"));\n\t float quantity = 1.0f;\n\t float total = 0.0f;\n\t float runningTotal = 0.0f;\n\n\t // test input field1\n" } } }, "message": { "text": "VariableAccess: total" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 62 }, "region": { "startLine": 78, "snippet": { "text": "\t float total = 0.0f;" } }, "contextRegion": { "startLine": 75, "endLine": 81, "snippet": { "text": "\t String param2 = HtmlEncoder.encode(s.getParser().getRawParameter(\n\t\t \"field2\", \"4128 3214 0002 1999\"));\n\t float quantity = 1.0f;\n\t float total = 0.0f;\n\t float runningTotal = 0.0f;\n\n\t // test input field1\n" } } }, "message": { "text": "Variable: total" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 62 }, "region": { "startLine": 78, "startColumn": 6 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 70, "message": { "text": "The call to String() on line [266](1) of [Encoding.java](1) converts a byte array into a `String`, which may lead to data loss.\r\nConverting a byte array into a `String` may lead to data loss." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 266, "snippet": { "text": "\t\treturn ( new String( b ) );" } }, "contextRegion": { "startLine": 263, "endLine": 269, "snippet": { "text": "\n\t\tbyte[] b = decoder.decodeBuffer( str );\n\n\t\treturn ( new String( b ) );\n\t}\n\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 266, "snippet": { "text": "\t\treturn ( new String( b ) );" } }, "contextRegion": { "startLine": 263, "endLine": 269, "snippet": { "text": "\n\t\tbyte[] b = decoder.decodeBuffer( str );\n\n\t\treturn ( new String( b ) );\n\t}\n\n\n" } } }, "message": { "text": "String()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 266 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 72, "message": { "text": "The function doFilter() in [Interceptor.java](1) sometimes fails to release a socket allocated by Socket() on line 93.\r\nThe program can potentially fail to release a socket." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 39 }, "region": { "startLine": 97, "snippet": { "text": "\t\t out = new PrintWriter(osgSocket.getOutputStream(), true);" } }, "contextRegion": { "startLine": 94, "endLine": 100, "snippet": { "text": "\t\t\t.parseInt(osgServerPort));\n\t\tif (osgSocket != null)\n\t\t{\n\t\t out = new PrintWriter(osgSocket.getOutputStream(), true);\n\t\t in = new BufferedReader(new InputStreamReader(osgSocket\n\t\t\t .getInputStream()));\n\t\t //String message = \"HTTPRECEIVEHTTPREQUEST,-,DataValidation_SqlInjection_Basic.aspx\";\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 39 }, "region": { "startLine": 90, "snippet": { "text": "\t if (osgServerName != null && osgServerName.length() != 0" } }, "contextRegion": { "startLine": 87, "endLine": 93, "snippet": { "text": "\ttry\n\t{\n\t //If these parameters are not defined then no communication will happen with OSG\n\t if (osgServerName != null && osgServerName.length() != 0\n\t\t && osgServerPort != null && osgServerPort.length() != 0)\n\t {\n\t\tosgSocket = new Socket(osgServerName, Integer\n" } } }, "message": { "text": "Branch taken" } }, "kinds": [ "branch", "true" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 39 }, "region": { "startLine": 90, "snippet": { "text": "\t if (osgServerName != null && osgServerName.length() != 0" } }, "contextRegion": { "startLine": 87, "endLine": 93, "snippet": { "text": "\ttry\n\t{\n\t //If these parameters are not defined then no communication will happen with OSG\n\t if (osgServerName != null && osgServerName.length() != 0\n\t\t && osgServerPort != null && osgServerPort.length() != 0)\n\t {\n\t\tosgSocket = new Socket(osgServerName, Integer\n" } } }, "message": { "text": "Branch taken" } }, "kinds": [ "branch", "true" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 39 }, "region": { "startLine": 91, "snippet": { "text": "\t\t && osgServerPort != null && osgServerPort.length() != 0)" } }, "contextRegion": { "startLine": 88, "endLine": 94, "snippet": { "text": "\t{\n\t //If these parameters are not defined then no communication will happen with OSG\n\t if (osgServerName != null && osgServerName.length() != 0\n\t\t && osgServerPort != null && osgServerPort.length() != 0)\n\t {\n\t\tosgSocket = new Socket(osgServerName, Integer\n\t\t\t.parseInt(osgServerPort));\n" } } }, "message": { "text": "Branch taken" } }, "kinds": [ "branch", "true" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 39 }, "region": { "startLine": 91, "snippet": { "text": "\t\t && osgServerPort != null && osgServerPort.length() != 0)" } }, "contextRegion": { "startLine": 88, "endLine": 94, "snippet": { "text": "\t{\n\t //If these parameters are not defined then no communication will happen with OSG\n\t if (osgServerName != null && osgServerName.length() != 0\n\t\t && osgServerPort != null && osgServerPort.length() != 0)\n\t {\n\t\tosgSocket = new Socket(osgServerName, Integer\n\t\t\t.parseInt(osgServerPort));\n" } } }, "message": { "text": "Branch taken" } }, "kinds": [ "branch", "true" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 39 }, "region": { "startLine": 93, "snippet": { "text": "\t\tosgSocket = new Socket(osgServerName, Integer" } }, "contextRegion": { "startLine": 90, "endLine": 96, "snippet": { "text": "\t if (osgServerName != null && osgServerName.length() != 0\n\t\t && osgServerPort != null && osgServerPort.length() != 0)\n\t {\n\t\tosgSocket = new Socket(osgServerName, Integer\n\t\t\t.parseInt(osgServerPort));\n\t\tif (osgSocket != null)\n\t\t{\n" } } }, "message": { "text": "osgSocket = new Socket(...)" }, "annotations": [ { "startLine": 93, "startColumn": 3, "message": { "text": "osgSocket refers to an allocated resource" } } ] }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 39 }, "region": { "startLine": 95, "snippet": { "text": "\t\tif (osgSocket != null)" } }, "contextRegion": { "startLine": 92, "endLine": 98, "snippet": { "text": "\t {\n\t\tosgSocket = new Socket(osgServerName, Integer\n\t\t\t.parseInt(osgServerPort));\n\t\tif (osgSocket != null)\n\t\t{\n\t\t out = new PrintWriter(osgSocket.getOutputStream(), true);\n\t\t in = new BufferedReader(new InputStreamReader(osgSocket\n" } } }, "message": { "text": "Branch taken" } }, "kinds": [ "branch", "true" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 39 }, "region": { "startLine": 97, "snippet": { "text": "\t\t out = new PrintWriter(osgSocket.getOutputStream(), true);" } }, "contextRegion": { "startLine": 94, "endLine": 100, "snippet": { "text": "\t\t\t.parseInt(osgServerPort));\n\t\tif (osgSocket != null)\n\t\t{\n\t\t out = new PrintWriter(osgSocket.getOutputStream(), true);\n\t\t in = new BufferedReader(new InputStreamReader(osgSocket\n\t\t\t .getInputStream()));\n\t\t //String message = \"HTTPRECEIVEHTTPREQUEST,-,DataValidation_SqlInjection_Basic.aspx\";\n" } } }, "message": { "text": "osgSocket.getOutputStream()" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 39 }, "region": { "startLine": 97, "snippet": { "text": "\t\t out = new PrintWriter(osgSocket.getOutputStream(), true);" } }, "contextRegion": { "startLine": 94, "endLine": 100, "snippet": { "text": "\t\t\t.parseInt(osgServerPort));\n\t\tif (osgSocket != null)\n\t\t{\n\t\t out = new PrintWriter(osgSocket.getOutputStream(), true);\n\t\t in = new BufferedReader(new InputStreamReader(osgSocket\n\t\t\t .getInputStream()));\n\t\t //String message = \"HTTPRECEIVEHTTPREQUEST,-,DataValidation_SqlInjection_Basic.aspx\";\n" } } }, "message": { "text": "java.io.IOException thrown" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 39 }, "region": { "startLine": 97, "snippet": { "text": "\t\t out = new PrintWriter(osgSocket.getOutputStream(), true);" } }, "contextRegion": { "startLine": 94, "endLine": 100, "snippet": { "text": "\t\t\t.parseInt(osgServerPort));\n\t\tif (osgSocket != null)\n\t\t{\n\t\t out = new PrintWriter(osgSocket.getOutputStream(), true);\n\t\t in = new BufferedReader(new InputStreamReader(osgSocket\n\t\t\t .getInputStream()));\n\t\t //String message = \"HTTPRECEIVEHTTPREQUEST,-,DataValidation_SqlInjection_Basic.aspx\";\n" } } }, "message": { "text": "osgSocket no longer refers to an allocated resource" } }, "kinds": [ "exit", "scope" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 39 }, "region": { "startLine": 123, "snippet": { "text": "\t if (in != null)" } }, "contextRegion": { "startLine": 120, "endLine": 126, "snippet": { "text": "\t {\n\t\tout.close();\n\t }\n\t if (in != null)\n\t {\n\t\tin.close();\n\t }\n" } } }, "message": { "text": "Branch taken" } }, "kinds": [ "branch", "true" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 39 }, "region": { "startLine": 125, "snippet": { "text": "\t\tin.close();" } }, "contextRegion": { "startLine": 122, "endLine": 128, "snippet": { "text": "\t }\n\t if (in != null)\n\t {\n\t\tin.close();\n\t }\n\t if (osgSocket != null)\n\t {\n" } } }, "message": { "text": "java.io.IOException thrown" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 39 }, "region": { "startLine": 125, "snippet": { "text": "\t\tin.close();" } }, "contextRegion": { "startLine": 122, "endLine": 128, "snippet": { "text": "\t }\n\t if (in != null)\n\t {\n\t\tin.close();\n\t }\n\t if (osgSocket != null)\n\t {\n" } } }, "message": { "text": "throw" } }, "kinds": [ "return", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 39 }, "region": { "startLine": 125, "snippet": { "text": "\t\tin.close();" } }, "contextRegion": { "startLine": 122, "endLine": 128, "snippet": { "text": "\t }\n\t if (in != null)\n\t {\n\t\tin.close();\n\t }\n\t if (osgSocket != null)\n\t {\n" } } }, "message": { "text": "osgSocket no longer refers to an allocated resource" } }, "kinds": [ "exit", "scope" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 39 }, "region": { "startLine": 125, "snippet": { "text": "\t\tin.close();" } }, "contextRegion": { "startLine": 122, "endLine": 128, "snippet": { "text": "\t }\n\t if (in != null)\n\t {\n\t\tin.close();\n\t }\n\t if (osgSocket != null)\n\t {\n" } } }, "message": { "text": "osgSocket end scope : Resource leaked : java.io.IOException thrown" } }, "kinds": [ "exit", "scope" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 39 }, "region": { "startLine": 97 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 142, "message": { "text": "The call to equals() on line [104](1) causes portability problems because it has different locales which may lead to unexpected output. This may also circumvent custom validation routines.\r\nUnexpected portability problems can be found when the locale is not specified." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 104, "snippet": { "text": "\t\t\t\t\t.trim().toLowerCase().equals(\"dir #\")" } }, "contextRegion": { "startLine": 101, "endLine": 107, "snippet": { "text": "\t\t\t|| (helpFile.substring(index, helpFileLen).trim()\n\t\t\t\t.toLowerCase().equals(\"netstat -a #\")\n\t\t\t\t|| helpFile.substring(index, helpFileLen)\n\t\t\t\t\t.trim().toLowerCase().equals(\"dir #\")\n\t\t\t\t|| helpFile.substring(index, helpFileLen)\n\t\t\t\t\t.trim().toLowerCase().equals(\"ls #\")\n\t\t\t\t|| helpFile.substring(index, helpFileLen)\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 77, "snippet": { "text": "\t if (s.isDefuseOSCommands()" } }, "contextRegion": { "startLine": 74, "endLine": 80, "snippet": { "text": "\t String helpFile = s.getParser().getRawParameter(HELP_FILE,\n\t\t \"BasicAuthentication.help\");\n\t String safeDirName;\n\t if (s.isDefuseOSCommands()\n\t\t && (helpFile.indexOf('&') != -1 || helpFile.indexOf(';') != -1))\n\t {\n\t\tint index = helpFile.indexOf('&');\n" } } }, "message": { "text": "Branch taken" } }, "kinds": [ "branch", "true" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 78, "snippet": { "text": "\t\t && (helpFile.indexOf('&') != -1 || helpFile.indexOf(';') != -1))" } }, "contextRegion": { "startLine": 75, "endLine": 81, "snippet": { "text": "\t\t \"BasicAuthentication.help\");\n\t String safeDirName;\n\t if (s.isDefuseOSCommands()\n\t\t && (helpFile.indexOf('&') != -1 || helpFile.indexOf(';') != -1))\n\t {\n\t\tint index = helpFile.indexOf('&');\n\t\tif (index == -1)\n" } } }, "message": { "text": "Branch taken" } }, "kinds": [ "branch", "true" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 90, "snippet": { "text": "\t\tif ((osName.indexOf(\"Windows\") != -1 && (helpFile.substring(" } }, "contextRegion": { "startLine": 87, "endLine": 93, "snippet": { "text": "\t\tSystem.out.println(\"Command = [\"\n\t\t\t+ helpFile.substring(index, helpFileLen).trim()\n\t\t\t\t.toLowerCase() + \"]\");\n\t\tif ((osName.indexOf(\"Windows\") != -1 && (helpFile.substring(\n\t\t\tindex, helpFileLen).trim().toLowerCase().equals(\n\t\t\t\"netstat -a\")\n\t\t\t|| helpFile.substring(index, helpFileLen).trim()\n" } } }, "message": { "text": "Branch not taken" } }, "kinds": [ "branch", "false" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 102, "snippet": { "text": "\t\t\t\t.toLowerCase().equals(\"netstat -a #\")" } }, "contextRegion": { "startLine": 99, "endLine": 105, "snippet": { "text": "\t\t\t.substring(index, helpFileLen).trim().toLowerCase()\n\t\t\t.equals(\"ipconfig\")))\n\t\t\t|| (helpFile.substring(index, helpFileLen).trim()\n\t\t\t\t.toLowerCase().equals(\"netstat -a #\")\n\t\t\t\t|| helpFile.substring(index, helpFileLen)\n\t\t\t\t\t.trim().toLowerCase().equals(\"dir #\")\n\t\t\t\t|| helpFile.substring(index, helpFileLen)\n" } } }, "message": { "text": "Branch not taken" } }, "kinds": [ "branch", "false" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 104, "snippet": { "text": "\t\t\t\t\t.trim().toLowerCase().equals(\"dir #\")" } }, "contextRegion": { "startLine": 101, "endLine": 107, "snippet": { "text": "\t\t\t|| (helpFile.substring(index, helpFileLen).trim()\n\t\t\t\t.toLowerCase().equals(\"netstat -a #\")\n\t\t\t\t|| helpFile.substring(index, helpFileLen)\n\t\t\t\t\t.trim().toLowerCase().equals(\"dir #\")\n\t\t\t\t|| helpFile.substring(index, helpFileLen)\n\t\t\t\t\t.trim().toLowerCase().equals(\"ls #\")\n\t\t\t\t|| helpFile.substring(index, helpFileLen)\n" } } }, "message": { "text": "toLowerCase() : Case changed using default locale" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 104, "snippet": { "text": "\t\t\t\t\t.trim().toLowerCase().equals(\"dir #\")" } }, "contextRegion": { "startLine": 101, "endLine": 107, "snippet": { "text": "\t\t\t|| (helpFile.substring(index, helpFileLen).trim()\n\t\t\t\t.toLowerCase().equals(\"netstat -a #\")\n\t\t\t\t|| helpFile.substring(index, helpFileLen)\n\t\t\t\t\t.trim().toLowerCase().equals(\"dir #\")\n\t\t\t\t|| helpFile.substring(index, helpFileLen)\n\t\t\t\t\t.trim().toLowerCase().equals(\"ls #\")\n\t\t\t\t|| helpFile.substring(index, helpFileLen)\n" } } }, "message": { "text": "helpFile.substring(index, helpFileLen).trim().toLowerCase().equals(...) : Comparison without checking locale" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 104 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 17, "message": { "text": "The catch block at [ThreadSafetyProblem.java](1) line [125](1) handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program.\r\nThe catch block handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 12 }, "region": { "startLine": 125, "endLine": 129, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\r\n\t e.printStackTrace();\r\n\t}" } }, "contextRegion": { "startLine": 122, "endLine": 132, "snippet": { "text": "\t }\n\n\t}\n\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\n\t e.printStackTrace();\n\t}\n\n\treturn (ec);\n }\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 12 }, "region": { "startLine": 125, "endLine": 129, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\r\n\t e.printStackTrace();\r\n\t}" } }, "contextRegion": { "startLine": 122, "endLine": 132, "snippet": { "text": "\t }\n\n\t}\n\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\n\t e.printStackTrace();\n\t}\n\n\treturn (ec);\n }\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 12 }, "region": { "startLine": 125, "startColumn": 2, "endLine": 129 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function getEmployeeProfile_BACKUP() in [ViewProfile.java](1) might reveal system data or debugging information by calling printStackTrace() on line [220](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 66 }, "region": { "startLine": 220, "snippet": { "text": "\t\tsqle.printStackTrace();" } }, "contextRegion": { "startLine": 217, "endLine": 223, "snippet": { "text": "\t catch (SQLException sqle)\n\t {\n\t\ts.setMessage(\"Error getting employee profile\");\n\t\tsqle.printStackTrace();\n\t }\n\t}\n\tcatch (Exception e)\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 66 }, "region": { "startLine": 220, "snippet": { "text": "\t\tsqle.printStackTrace();" } }, "contextRegion": { "startLine": 217, "endLine": 223, "snippet": { "text": "\t catch (SQLException sqle)\n\t {\n\t\ts.setMessage(\"Error getting employee profile\");\n\t\tsqle.printStackTrace();\n\t }\n\t}\n\tcatch (Exception e)\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 66 }, "region": { "startLine": 220 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 36, "level": "error", "message": { "text": "The method _jspService() in [EditProfile.jsp](1) sends unvalidated data to a web browser on line [8](1), which can result in the browser executing malicious code.\r\nSending unvalidated data to a web browser can result in the browser executing malicious code." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 112 }, "region": { "startLine": 8, "snippet": { "text": "\t\t
Welcome Back <%=webSession.getUserNameInLesson()%> - Edit Profile Page
" } }, "contextRegion": { "startLine": 5, "endLine": 11, "snippet": { "text": "\tWebSession webSession = ((WebSession)session.getAttribute(\"websession\"));\n\tEmployee employee = (Employee) session.getAttribute(\"RoleBasedAccessControl.Employee\");\n%>\n\t\t
Welcome Back <%=webSession.getUserNameInLesson()%> - Edit Profile Page
\n\t\t
\n\t\t\t
\">\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 507 }, { "index": 508 }, { "index": 509 }, { "index": 510 }, { "index": 511 }, { "index": 512 }, { "index": 516 }, { "index": 517 }, { "index": 518 }, { "index": 560 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 112 }, "region": { "startLine": 8, "snippet": { "text": "\t\t
Welcome Back <%=webSession.getUserNameInLesson()%> - Edit Profile Page
" } }, "contextRegion": { "startLine": 5, "endLine": 11, "snippet": { "text": "\tWebSession webSession = ((WebSession)session.getAttribute(\"websession\"));\n\tEmployee employee = (Employee) session.getAttribute(\"RoleBasedAccessControl.Employee\");\n%>\n\t\t
Welcome Back <%=webSession.getUserNameInLesson()%> - Edit Profile Page
\n\t\t
\n\t\t\t\">\n
\n" } } }, "message": { "text": "print(0)" } }, "kinds": [ "call", "function" ] } ] } ] }, { "threadFlows": [ { "locations": [ { "index": 507 }, { "index": 508 }, { "index": 509 }, { "index": 510 }, { "index": 511 }, { "index": 520 }, { "index": 521 }, { "index": 517 }, { "index": 518 }, { "index": 560 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 112 }, "region": { "startLine": 8, "snippet": { "text": "\t\t
Welcome Back <%=webSession.getUserNameInLesson()%> - Edit Profile Page
" } }, "contextRegion": { "startLine": 5, "endLine": 11, "snippet": { "text": "\tWebSession webSession = ((WebSession)session.getAttribute(\"websession\"));\n\tEmployee employee = (Employee) session.getAttribute(\"RoleBasedAccessControl.Employee\");\n%>\n\t\t
Welcome Back <%=webSession.getUserNameInLesson()%> - Edit Profile Page
\n\t\t
\n\t\t\t\">\n
\n" } } }, "message": { "text": "print(0)" } }, "kinds": [ "call", "function" ] } ] } ] }, { "threadFlows": [ { "locations": [ { "index": 507 }, { "index": 508 }, { "index": 509 }, { "index": 510 }, { "index": 511 }, { "index": 523 }, { "index": 524 }, { "index": 517 }, { "index": 518 }, { "index": 560 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 112 }, "region": { "startLine": 8, "snippet": { "text": "\t\t
Welcome Back <%=webSession.getUserNameInLesson()%> - Edit Profile Page
" } }, "contextRegion": { "startLine": 5, "endLine": 11, "snippet": { "text": "\tWebSession webSession = ((WebSession)session.getAttribute(\"websession\"));\n\tEmployee employee = (Employee) session.getAttribute(\"RoleBasedAccessControl.Employee\");\n%>\n\t\t
Welcome Back <%=webSession.getUserNameInLesson()%> - Edit Profile Page
\n\t\t
\n\t\t\t\">\n
\n" } } }, "message": { "text": "print(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 112 }, "region": { "startLine": 8 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "3.2166665" } }, { "ruleIndex": 33, "level": "note", "message": { "text": "Using println() rather than a dedicated logging facility makes it difficult to monitor the behavior of the program.\r\nUsing `System.out` or `System.err` rather than a dedicated logging facility makes it difficult to monitor the behavior of the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 37 }, "region": { "startLine": 90, "snippet": { "text": "\t\t System.out.println(\"Internal server error\");" } }, "contextRegion": { "startLine": 87, "endLine": 93, "snippet": { "text": "\t\t}\n\t\tcatch (UnauthenticatedException ue1)\n\t\t{\n\t\t System.out.println(\"Internal server error\");\n\t\t ue1.printStackTrace();\n\t\t}\n\t\tcatch (UnauthorizedException ue2)\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 37 }, "region": { "startLine": 90, "snippet": { "text": "\t\t System.out.println(\"Internal server error\");" } }, "contextRegion": { "startLine": 87, "endLine": 93, "snippet": { "text": "\t\t}\n\t\tcatch (UnauthenticatedException ue1)\n\t\t{\n\t\t System.out.println(\"Internal server error\");\n\t\t ue1.printStackTrace();\n\t\t}\n\t\tcatch (UnauthorizedException ue2)\n" } } }, "message": { "text": "FunctionCall: println" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 37 }, "region": { "startLine": 90 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 107, "message": { "text": "A Servlet defined in `web.xml` cannot be accessed without a corresponding servlet mapping." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 86 }, "region": { "startLine": 79, "snippet": { "text": " " } }, "contextRegion": { "startLine": 76, "endLine": 82, "snippet": { "text": " \n \n \n \n AdminServlet\n Axis Admin Servlet\n \n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 86 }, "region": { "startLine": 79, "snippet": { "text": " " } }, "contextRegion": { "startLine": 76, "endLine": 82, "snippet": { "text": " \n \n \n \n AdminServlet\n Axis Admin Servlet\n \n" } } } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 86 }, "region": { "startLine": 79 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 33, "level": "note", "message": { "text": "Using println() rather than a dedicated logging facility makes it difficult to monitor the behavior of the program.\r\nUsing `System.out` or `System.err` rather than a dedicated logging facility makes it difficult to monitor the behavior of the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 37 }, "region": { "startLine": 95, "snippet": { "text": "\t\t System.out.println(\"Internal server error\");" } }, "contextRegion": { "startLine": 92, "endLine": 98, "snippet": { "text": "\t\t}\n\t\tcatch (UnauthorizedException ue2)\n\t\t{\n\t\t System.out.println(\"Internal server error\");\n\t\t ue2.printStackTrace();\n\t\t}\n\t }\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 37 }, "region": { "startLine": 95, "snippet": { "text": "\t\t System.out.println(\"Internal server error\");" } }, "contextRegion": { "startLine": 92, "endLine": 98, "snippet": { "text": "\t\t}\n\t\tcatch (UnauthorizedException ue2)\n\t\t{\n\t\t System.out.println(\"Internal server error\");\n\t\t ue2.printStackTrace();\n\t\t}\n\t }\n" } } }, "message": { "text": "FunctionCall: println" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 37 }, "region": { "startLine": 95 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 49, "level": "note", "message": { "text": "The function readFromURL() in [AbstractLesson.java](1) might reveal system data or debugging information by calling println() on line [1044](1). The information revealed by println() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 75 }, "region": { "startLine": 1044, "snippet": { "text": "\t System.out.println(e);" } }, "contextRegion": { "startLine": 1041, "endLine": 1047, "snippet": { "text": "\t}\n\tcatch (Exception e)\n\t{\n\t System.out.println(e);\n\t e.printStackTrace();\n\t}\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 561 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 75 }, "region": { "startLine": 1044, "snippet": { "text": "\t System.out.println(e);" } }, "contextRegion": { "startLine": 1041, "endLine": 1047, "snippet": { "text": "\t}\n\tcatch (Exception e)\n\t{\n\t System.out.println(e);\n\t e.printStackTrace();\n\t}\n\n" } } }, "message": { "text": "println(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 75 }, "region": { "startLine": 1044, "startColumn": 25 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 36, "level": "error", "message": { "text": "The method _jspService() in [EditProfile.jsp](1) sends unvalidated data to a web browser on line [8](1), which can result in the browser executing malicious code.\r\nSending unvalidated data to a web browser can result in the browser executing malicious code." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 42 }, "region": { "startLine": 8, "snippet": { "text": "\t\t
Welcome Back <%=webSession.getUserNameInLesson()%>
" } }, "contextRegion": { "startLine": 5, "endLine": 11, "snippet": { "text": "\tWebSession webSession = ((WebSession)session.getAttribute(\"websession\"));\n\tEmployee employee = (Employee) session.getAttribute(\"CrossSiteScripting.Employee\");\n%>\n\t\t
Welcome Back <%=webSession.getUserNameInLesson()%>
\n\t\t
\n\t\t\t\">\n\t\t\t\t
\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 507 }, { "index": 508 }, { "index": 509 }, { "index": 510 }, { "index": 511 }, { "index": 512 }, { "index": 516 }, { "index": 517 }, { "index": 518 }, { "index": 543 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 42 }, "region": { "startLine": 8, "snippet": { "text": "\t\t
Welcome Back <%=webSession.getUserNameInLesson()%>
" } }, "contextRegion": { "startLine": 5, "endLine": 11, "snippet": { "text": "\tWebSession webSession = ((WebSession)session.getAttribute(\"websession\"));\n\tEmployee employee = (Employee) session.getAttribute(\"CrossSiteScripting.Employee\");\n%>\n\t\t
Welcome Back <%=webSession.getUserNameInLesson()%>
\n\t\t
\n\t\t\t\">\n\t\t\t\t
\n" } } }, "message": { "text": "print(0)" } }, "kinds": [ "call", "function" ] } ] } ] }, { "threadFlows": [ { "locations": [ { "index": 507 }, { "index": 508 }, { "index": 509 }, { "index": 510 }, { "index": 511 }, { "index": 520 }, { "index": 521 }, { "index": 517 }, { "index": 518 }, { "index": 543 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 42 }, "region": { "startLine": 8, "snippet": { "text": "\t\t
Welcome Back <%=webSession.getUserNameInLesson()%>
" } }, "contextRegion": { "startLine": 5, "endLine": 11, "snippet": { "text": "\tWebSession webSession = ((WebSession)session.getAttribute(\"websession\"));\n\tEmployee employee = (Employee) session.getAttribute(\"CrossSiteScripting.Employee\");\n%>\n\t\t
Welcome Back <%=webSession.getUserNameInLesson()%>
\n\t\t
\n\t\t\t\">\n\t\t\t\t
\n" } } }, "message": { "text": "print(0)" } }, "kinds": [ "call", "function" ] } ] } ] }, { "threadFlows": [ { "locations": [ { "index": 507 }, { "index": 508 }, { "index": 509 }, { "index": 510 }, { "index": 511 }, { "index": 523 }, { "index": 524 }, { "index": 517 }, { "index": 518 }, { "index": 543 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 42 }, "region": { "startLine": 8, "snippet": { "text": "\t\t
Welcome Back <%=webSession.getUserNameInLesson()%>
" } }, "contextRegion": { "startLine": 5, "endLine": 11, "snippet": { "text": "\tWebSession webSession = ((WebSession)session.getAttribute(\"websession\"));\n\tEmployee employee = (Employee) session.getAttribute(\"CrossSiteScripting.Employee\");\n%>\n\t\t
Welcome Back <%=webSession.getUserNameInLesson()%>
\n\t\t
\n\t\t\t\">\n\t\t\t\t
\n" } } }, "message": { "text": "print(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 42 }, "region": { "startLine": 8 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "3.2166665" } }, { "ruleIndex": 16, "message": { "text": "Storing passwords or password details in plaintext anywhere in the system or system code may compromise system security in a way that cannot be easily remedied." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 221, "snippet": { "text": "\t // Note: The password field is ONLY set by ChangePassword" } }, "contextRegion": { "startLine": 218, "endLine": 224, "snippet": { "text": " {\n\ttry\n\t{\n\t // Note: The password field is ONLY set by ChangePassword\n\t String query = \"UPDATE employee SET first_name = '\"\n\t\t + employee.getFirstName() + \"', last_name = '\"\n\t\t + employee.getLastName() + \"', ssn = '\" + employee.getSsn()\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 221, "snippet": { "text": "\t // Note: The password field is ONLY set by ChangePassword" } }, "contextRegion": { "startLine": 218, "endLine": 224, "snippet": { "text": " {\n\ttry\n\t{\n\t // Note: The password field is ONLY set by ChangePassword\n\t String query = \"UPDATE employee SET first_name = '\"\n\t\t + employee.getFirstName() + \"', last_name = '\"\n\t\t + employee.getLastName() + \"', ssn = '\" + employee.getSsn()\n" } } }, "message": { "text": "Comment" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 221, "startColumn": 6 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 16, "message": { "text": "Storing passwords or password details in plaintext anywhere in the system or system code may compromise system security in a way that cannot be easily remedied." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 270, "snippet": { "text": "\t // Note: The password field is ONLY set by ChangePassword" } }, "contextRegion": { "startLine": 267, "endLine": 273, "snippet": { "text": " {\n\ttry\n\t{\n\t // Note: The password field is ONLY set by ChangePassword\n\t String query = \"UPDATE employee SET first_name = '\"\n\t\t + employee.getFirstName() + \"', last_name = '\"\n\t\t + employee.getLastName() + \"', ssn = '\" + employee.getSsn()\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 270, "snippet": { "text": "\t // Note: The password field is ONLY set by ChangePassword" } }, "contextRegion": { "startLine": 267, "endLine": 273, "snippet": { "text": " {\n\ttry\n\t{\n\t // Note: The password field is ONLY set by ChangePassword\n\t String query = \"UPDATE employee SET first_name = '\"\n\t\t + employee.getFirstName() + \"', last_name = '\"\n\t\t + employee.getLastName() + \"', ssn = '\" + employee.getSsn()\n" } } }, "message": { "text": "Comment" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 270, "startColumn": 6 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 16, "message": { "text": "Storing passwords or password details in plaintext anywhere in the system or system code may compromise system security in a way that cannot be easily remedied." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 73 }, "region": { "startLine": 107, "snippet": { "text": "\t // Note: The password field is ONLY set by ChangePassword" } }, "contextRegion": { "startLine": 104, "endLine": 110, "snippet": { "text": " {\n\ttry\n\t{\n\t // Note: The password field is ONLY set by ChangePassword\n\t String query = \"DELETE FROM employee WHERE userid = \" + employeeId;\n\t //System.out.println(\"Query: \" + query);\n\t try\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 73 }, "region": { "startLine": 107, "snippet": { "text": "\t // Note: The password field is ONLY set by ChangePassword" } }, "contextRegion": { "startLine": 104, "endLine": 110, "snippet": { "text": " {\n\ttry\n\t{\n\t // Note: The password field is ONLY set by ChangePassword\n\t String query = \"DELETE FROM employee WHERE userid = \" + employeeId;\n\t //System.out.println(\"Query: \" + query);\n\t try\n" } } }, "message": { "text": "Comment" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 73 }, "region": { "startLine": 107, "startColumn": 6 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 16, "message": { "text": "Storing passwords or password details in plaintext anywhere in the system or system code may compromise system security in a way that cannot be easily remedied." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 73 }, "region": { "startLine": 136, "snippet": { "text": "\t // Note: The password field is ONLY set by ChangePassword" } }, "contextRegion": { "startLine": 133, "endLine": 139, "snippet": { "text": " {\n\ttry\n\t{\n\t // Note: The password field is ONLY set by ChangePassword\n\t String query = \"DELETE FROM employee WHERE userid = \" + employeeId;\n\t //System.out.println(\"Query: \" + query);\n\t try\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 73 }, "region": { "startLine": 136, "snippet": { "text": "\t // Note: The password field is ONLY set by ChangePassword" } }, "contextRegion": { "startLine": 133, "endLine": 139, "snippet": { "text": " {\n\ttry\n\t{\n\t // Note: The password field is ONLY set by ChangePassword\n\t String query = \"DELETE FROM employee WHERE userid = \" + employeeId;\n\t //System.out.println(\"Query: \" + query);\n\t try\n" } } }, "message": { "text": "Comment" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 73 }, "region": { "startLine": 136, "startColumn": 6 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 16, "message": { "text": "Storing passwords or password details in plaintext anywhere in the system or system code may compromise system security in a way that cannot be easily remedied." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 101 }, "region": { "startLine": 149, "snippet": { "text": "\t // Note: The password field is ONLY set by ChangePassword" } }, "contextRegion": { "startLine": 146, "endLine": 152, "snippet": { "text": " {\n\ttry\n\t{\n\t // Note: The password field is ONLY set by ChangePassword\n\t String query = \"UPDATE employee SET first_name = '\"\n\t\t + employee.getFirstName() + \"', last_name = '\"\n\t\t + employee.getLastName() + \"', ssn = '\" + employee.getSsn()\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 101 }, "region": { "startLine": 149, "snippet": { "text": "\t // Note: The password field is ONLY set by ChangePassword" } }, "contextRegion": { "startLine": 146, "endLine": 152, "snippet": { "text": " {\n\ttry\n\t{\n\t // Note: The password field is ONLY set by ChangePassword\n\t String query = \"UPDATE employee SET first_name = '\"\n\t\t + employee.getFirstName() + \"', last_name = '\"\n\t\t + employee.getLastName() + \"', ssn = '\" + employee.getSsn()\n" } } }, "message": { "text": "Comment" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 101 }, "region": { "startLine": 149, "startColumn": 6 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 16, "message": { "text": "Storing passwords or password details in plaintext anywhere in the system or system code may compromise system security in a way that cannot be easily remedied." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 101 }, "region": { "startLine": 198, "snippet": { "text": "\t // Note: The password field is ONLY set by ChangePassword" } }, "contextRegion": { "startLine": 195, "endLine": 201, "snippet": { "text": " {\n\ttry\n\t{\n\t // Note: The password field is ONLY set by ChangePassword\n\t String query = \"UPDATE employee SET first_name = '\"\n\t\t + employee.getFirstName() + \"', last_name = '\"\n\t\t + employee.getLastName() + \"', ssn = '\" + employee.getSsn()\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 101 }, "region": { "startLine": 198, "snippet": { "text": "\t // Note: The password field is ONLY set by ChangePassword" } }, "contextRegion": { "startLine": 195, "endLine": 201, "snippet": { "text": " {\n\ttry\n\t{\n\t // Note: The password field is ONLY set by ChangePassword\n\t String query = \"UPDATE employee SET first_name = '\"\n\t\t + employee.getFirstName() + \"', last_name = '\"\n\t\t + employee.getLastName() + \"', ssn = '\" + employee.getSsn()\n" } } }, "message": { "text": "Comment" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 101 }, "region": { "startLine": 198, "startColumn": 6 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 25, "message": { "text": "Untrusted data is passed to the application and used as a regular expression. This can cause the thread to over-consume CPU resources." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 201, "snippet": { "text": "\t\t\tSystem.getProperty(\"line.separator\"), \"
\")" } }, "contextRegion": { "startLine": 198, "endLine": 204, "snippet": { "text": "\t\tec.addElement(new BR());\n\t\tec.addElement(new HR().setWidth(\"90%\"));\n\t\tec.addElement(new StringElement(fileData.replaceAll(\n\t\t\tSystem.getProperty(\"line.separator\"), \"
\")\n\t\t\t.replaceAll(\"(?s)\", \"\").replaceAll(\n\t\t\t\t\"

\", \"
\").replaceAll(\"
\\\\s
\",\n\t\t\t\t\"
\")));\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 562 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 201, "snippet": { "text": "\t\t\tSystem.getProperty(\"line.separator\"), \"
\")" } }, "contextRegion": { "startLine": 198, "endLine": 204, "snippet": { "text": "\t\tec.addElement(new BR());\n\t\tec.addElement(new HR().setWidth(\"90%\"));\n\t\tec.addElement(new StringElement(fileData.replaceAll(\n\t\t\tSystem.getProperty(\"line.separator\"), \"
\")\n\t\t\t.replaceAll(\"(?s)\", \"\").replaceAll(\n\t\t\t\t\"

\", \"
\").replaceAll(\"
\\\\s
\",\n\t\t\t\t\"
\")));\n" } } }, "message": { "text": "replaceAll(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 201 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function createEmployeeProfile() in [UpdateProfile.java](1) might reveal system data or debugging information by calling printStackTrace() on line [321](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 101 }, "region": { "startLine": 321, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 318, "endLine": 324, "snippet": { "text": "\t}\n\tcatch (Exception e)\n\t{\n\t e.printStackTrace();\n\t s.setMessage(\"Error updating employee profile\");\n\t}\n }\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 101 }, "region": { "startLine": 321, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 318, "endLine": 324, "snippet": { "text": "\t}\n\tcatch (Exception e)\n\t{\n\t e.printStackTrace();\n\t s.setMessage(\"Error updating employee profile\");\n\t}\n }\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 101 }, "region": { "startLine": 321 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 108, "level": "error", "message": { "text": "The method ParameterNotFoundException() in [ParameterNotFoundException.java](1) mishandles confidential information, which can compromise user privacy and is often illegal.\r\nMishandling private information, such as customer passwords or social security numbers, can compromise user privacy and is often illegal." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 77 }, "region": { "startLine": 54, "snippet": { "text": "\tsuper(s);" } }, "contextRegion": { "startLine": 51, "endLine": 57, "snippet": { "text": " */\n public ParameterNotFoundException(String s)\n {\n\tsuper(s);\n }\n}\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 563 }, { "index": 564 }, { "index": 128 }, { "index": 335 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 77 }, "region": { "startLine": 54, "snippet": { "text": "\tsuper(s);" } }, "contextRegion": { "startLine": 51, "endLine": 57, "snippet": { "text": " */\n public ParameterNotFoundException(String s)\n {\n\tsuper(s);\n }\n}\n" } } }, "message": { "text": "Exception(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 77 }, "region": { "startLine": 54, "startColumn": 8 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 17, "message": { "text": "The catch block at [SoapRequest.java](1) line [327](1) handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program.\r\nThe catch block handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 130 }, "region": { "startLine": 327, "endLine": 331, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\r\n\t e.printStackTrace();\r\n\t}" } }, "contextRegion": { "startLine": 324, "endLine": 334, "snippet": { "text": "\t //DEVNOTE: Eat the exception.\n\t // ec.addElement( new P().addElement( pnfe.getMessage() ) );\n\t}\n\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\n\t e.printStackTrace();\n\t}\n\n\t//DEVNOTE: Conditionally display Stage2 content depending on whether stage is completed or not\n\tif (getLessonTracker(s).getStage() == 2)\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 130 }, "region": { "startLine": 327, "endLine": 331, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\r\n\t e.printStackTrace();\r\n\t}" } }, "contextRegion": { "startLine": 324, "endLine": 334, "snippet": { "text": "\t //DEVNOTE: Eat the exception.\n\t // ec.addElement( new P().addElement( pnfe.getMessage() ) );\n\t}\n\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\n\t e.printStackTrace();\n\t}\n\n\t//DEVNOTE: Conditionally display Stage2 content depending on whether stage is completed or not\n\tif (getLessonTracker(s).getStage() == 2)\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 130 }, "region": { "startLine": 327, "startColumn": 2, "endLine": 331 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 101, "level": "note", "message": { "text": "Any information revealed in the HTML comment at [ViewProfile.jsp](1) line [84](1) could help an adversary learn about the system and form a plan of attack.\r\nAny information revealed in an HTML comment might help an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 16 }, "region": { "startLine": 84, "snippet": { "text": "\t\t\t\t\t\t" } }, "contextRegion": { "startLine": 81, "endLine": 87, "snippet": { "text": "\t\t\t\t\t\tComments: \n\t\t\t\t\t\n\t\t\t\t\t\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 16 }, "region": { "startLine": 84, "snippet": { "text": "\t\t\t\t\t\t" } }, "contextRegion": { "startLine": 81, "endLine": 87, "snippet": { "text": "\t\t\t\t\t\tComments: \n\t\t\t\t\t\n\t\t\t\t\t\n" } } }, "message": { "text": "Comment" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 16 }, "region": { "startLine": 84, "startColumn": 7 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 28, "message": { "text": "The form post at [EditProfile.jsp](1) line [10](1) must contain a user-specific secret in order to prevent an attacker from making unauthorized requests.\r\nForm posts must contain a user-specific secret in order to prevent an attacker from making unauthorized requests." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 42 }, "region": { "startLine": 10, "endLine": 87, "snippet": { "text": "\t\t\t\">\r\n\t\t\t\t
\n\t\t\t\t\t\t\n\n\t\t\t\t\t\t<%=webSession.htmlEncode(employee.getPersonalDescription())%>\n\t\t\t\t\t\n\t\t\t\t\t\t\n\n\t\t\t\t\t\t<%=webSession.htmlEncode(employee.getPersonalDescription())%>\n\t\t\t\t\t
\r\n\t\t\t\t\r\n\t\t\t\t\t\r\n\t\t\t\t\t\r\n\t\t\t\t\t\r\n\t\t\t\t\r\n\t\t\t\t\r\n\t\t\t\t\t\r\n\t\t\t\t\t\r\n\t\t\t\t\r\n\t\t\t\t\r\n\t\t\t\t\t\r\n\t\t\t\t\t\r\n\t\t\t\t\t\r\n\t\t\t\t\r\n\t\t\t\t\r\n\t\t\t \t\r\n\t\t\t\t\t\r\n\t\t\t\t\t\r\n\t\t\t\t\r\n\t\t\t\t\r\n\t\t\t\t\t\r\n\t\t\t\t\t\r\n\t\t\t\t\t\r\n\t\t\t\t\r\n\t\t\t\t\r\n\t\t\t\t\t\r\n\t\t\t\t\t\r\n\t\t\t\t\t
\r\n\t\t\t\t\t\tFirst Name:\r\n\t\t\t\t\t\r\n\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getFirstName()%>\"/>\r\n\t\t\t\t\t\t\t\t\t\r\n\t\t\t\t\t\tLast Name:\r\n\t\t\t\t\t\r\n\t\t\t\t\t \t\" type=\"text\" value=\"<%=employee.getLastName()%>\"/>\r\n\t\t\t\t\t
\t\t\t\t\r\n\t\t\t\t\t\tStreet: \r\n\t\t\t\t\t\r\n\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getAddress1()%>\"/>\r\n\t\t\t\t\t\t\t\t\t\r\n\t\t\t\t\t\tCity/State: \r\n\t\t\t\t\t\r\n\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getAddress2()%>\"/>\r\n\t\t\t\t\t
\r\n\t\t\t\t\t\tPhone: \r\n\t\t\t\t\t\r\n\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getPhoneNumber()%>\"/>\r\n\t\t\t\t\t\t\t\t\t\r\n\t\t\t\t\t\tStart Date: \r\n\t\t\t\t\t\r\n\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getStartDate()%>\"/>\r\n\t\t\t\t\t
\r\n\t\t\t \t\tSSN: \r\n\t\t\t \t\r\n\t\t\t \t\t\" type=\"text\" value=\"<%=employee.getSsn()%>\"/> \r\n\t\t\t\t\t\t\t\t\t\r\n\t\t\t\t\t\tSalary: \r\n\t\t\t\t\t\r\n\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getSalary()%>\"/>\r\n\t\t\t\t\t
\r\n\t\t\t\t\t\tCredit Card: \r\n\t\t\t\t\t\r\n\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getCcn()%>\"/>\r\n\t\t\t\t\t\t\t\t\t\r\n\t\t\t\t\t\tCredit Card Limit: \r\n\t\t\t\t\t\r\n\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getCcnLimit()%>\"/>\r\n\t\t\t\t\t
\r\n\t\t\t\t\t\tComments: \r\n\t\t\t\t\t\r\n\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getPersonalDescription()%>\"/>\r\n\t\t\t\t\t\t\t\t\t\r\n\t\t\t\t\t\tManager: \r\n\t\t\t\t\t\r\n\t\t\t\t\t\t\n\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\n\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\n\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\n\t\t\t\t\n\t\t\t \t\n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\n\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\n\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t
\n\t\t\t\t\t\tFirst Name:\n\t\t\t\t\t\n\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getFirstName()%>\"/>\n\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\tLast Name:\n\t\t\t\t\t\n\t\t\t\t\t \t\" type=\"text\" value=\"<%=employee.getLastName()%>\"/>\n\t\t\t\t\t
\t\t\t\t\n\t\t\t\t\t\tStreet: \n\t\t\t\t\t\n\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getAddress1()%>\"/>\n\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\tCity/State: \n\t\t\t\t\t\n\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getAddress2()%>\"/>\n\t\t\t\t\t
\n\t\t\t\t\t\tPhone: \n\t\t\t\t\t\n\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getPhoneNumber()%>\"/>\n\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\tStart Date: \n\t\t\t\t\t\n\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getStartDate()%>\"/>\n\t\t\t\t\t
\n\t\t\t \t\tSSN: \n\t\t\t \t\n\t\t\t \t\t\" type=\"text\" value=\"<%=employee.getSsn()%>\"/> \n\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\tSalary: \n\t\t\t\t\t\n\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getSalary()%>\"/>\n\t\t\t\t\t
\n\t\t\t\t\t\tCredit Card: \n\t\t\t\t\t\n\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getCcn()%>\"/>\n\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\tCredit Card Limit: \n\t\t\t\t\t\n\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getCcnLimit()%>\"/>\n\t\t\t\t\t
\n\t\t\t\t\t\tComments: \n\t\t\t\t\t\n\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getPersonalDescription()%>\"/>\n\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\tManager: \n\t\t\t\t\t\n\t\t\t\t\t\t\r\n\t\t\t\t\r\n\t\t\t\t\t\r\n\t\t\t\t\t\r\n\t\t\t\t\t\r\n\t\t\t\t\r\n\t\t\t\t\r\n\t\t\t\t\t\r\n\t\t\t\t\t\r\n\t\t\t\t\r\n\t\t\t\t\r\n\t\t\t\t\t\r\n\t\t\t\t\t\r\n\t\t\t\t\t\r\n\t\t\t\t\r\n\t\t\t\t\r\n\t\t\t \t\r\n\t\t\t\t\t\r\n\t\t\t\t\t\r\n\t\t\t\t\r\n\t\t\t\t\r\n\t\t\t\t\t\r\n\t\t\t\t\t\r\n\t\t\t\t\t\r\n\t\t\t\t\r\n\t\t\t\t\r\n\t\t\t\t\t\r\n\t\t\t\t\t\r\n\t\t\t\t\t
\r\n\t\t\t\t\t\tFirst Name:\r\n\t\t\t\t\t\r\n\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getFirstName()%>\"/>\r\n\t\t\t\t\t\t\t\t\t\r\n\t\t\t\t\t\tLast Name:\r\n\t\t\t\t\t\r\n\t\t\t\t\t \t\" type=\"text\" value=\"<%=employee.getLastName()%>\"/>\r\n\t\t\t\t\t
\t\t\t\t\r\n\t\t\t\t\t\tStreet: \r\n\t\t\t\t\t\r\n\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getAddress1()%>\"/>\r\n\t\t\t\t\t\t\t\t\t\r\n\t\t\t\t\t\tCity/State: \r\n\t\t\t\t\t\r\n\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getAddress2()%>\"/>\r\n\t\t\t\t\t
\r\n\t\t\t\t\t\tPhone: \r\n\t\t\t\t\t\r\n\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getPhoneNumber()%>\"/>\r\n\t\t\t\t\t\t\t\t\t\r\n\t\t\t\t\t\tStart Date: \r\n\t\t\t\t\t\r\n\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getStartDate()%>\"/>\r\n\t\t\t\t\t
\r\n\t\t\t \t\tSSN: \r\n\t\t\t \t\r\n\t\t\t \t\t\" type=\"text\" value=\"<%=employee.getSsn()%>\"/> \r\n\t\t\t\t\t\t\t\t\t\r\n\t\t\t\t\t\tSalary: \r\n\t\t\t\t\t\r\n\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getSalary()%>\"/>\r\n\t\t\t\t\t
\r\n\t\t\t\t\t\tCredit Card: \r\n\t\t\t\t\t\r\n\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getCcn()%>\"/>\r\n\t\t\t\t\t\t\t\t\t\r\n\t\t\t\t\t\tCredit Card Limit: \r\n\t\t\t\t\t\r\n\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getCcnLimit()%>\"/>\r\n\t\t\t\t\t
\r\n\t\t\t\t\t\tComments: \r\n\t\t\t\t\t\r\n\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getPersonalDescription()%>\"/>\r\n\t\t\t\t\t\t\t\t\t\r\n\t\t\t\t\t\tManager: \r\n\t\t\t\t\t\r\n\t\t\t\t\t\t\n\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\n\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\n\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\n\t\t\t\t\n\t\t\t \t\n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\n\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\n\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t
\n\t\t\t\t\t\tFirst Name:\n\t\t\t\t\t\n\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getFirstName()%>\"/>\n\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\tLast Name:\n\t\t\t\t\t\n\t\t\t\t\t \t\" type=\"text\" value=\"<%=employee.getLastName()%>\"/>\n\t\t\t\t\t
\t\t\t\t\n\t\t\t\t\t\tStreet: \n\t\t\t\t\t\n\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getAddress1()%>\"/>\n\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\tCity/State: \n\t\t\t\t\t\n\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getAddress2()%>\"/>\n\t\t\t\t\t
\n\t\t\t\t\t\tPhone: \n\t\t\t\t\t\n\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getPhoneNumber()%>\"/>\n\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\tStart Date: \n\t\t\t\t\t\n\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getStartDate()%>\"/>\n\t\t\t\t\t
\n\t\t\t \t\tSSN: \n\t\t\t \t\n\t\t\t \t\t\" type=\"text\" value=\"<%=employee.getSsn()%>\"/> \n\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\tSalary: \n\t\t\t\t\t\n\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getSalary()%>\"/>\n\t\t\t\t\t
\n\t\t\t\t\t\tCredit Card: \n\t\t\t\t\t\n\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getCcn()%>\"/>\n\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\tCredit Card Limit: \n\t\t\t\t\t\n\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getCcnLimit()%>\"/>\n\t\t\t\t\t
\n\t\t\t\t\t\tComments: \n\t\t\t\t\t\n\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getPersonalDescription()%>\"/>\n\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\tManager: \n\t\t\t\t\t\n\t\t\t\t\t\t\r\n\t\t\t\t\r\n\t\t\t\t\t\r\n\t\t\t\t\t\r\n\t\t\t\t\t\r\n\t\t\t\t\r\n\t\t\t\t\r\n\t\t\t\t\t\r\n\t\t\t\t\t\r\n\t\t\t\t\r\n\t\t\t\t\r\n\t\t\t\t\t\r\n\t\t\t\t\t\r\n\t\t\t\t\t\r\n\t\t\t\t\r\n\t\t\t\t\r\n\t\t\t \t\r\n\t\t\t\t\t\r\n\t\t\t\t\t\r\n\t\t\t\t\r\n\t\t\t\t\r\n\t\t\t\t\t\r\n\t\t\t\t\t\r\n\t\t\t\t\t\r\n\t\t\t\t\r\n\t\t\t\t\r\n\t\t\t\t\t\r\n\t\t\t\t\r\n\t\t\t\t\t\r\n\t\t\t\t\t\r\n\t\t\t\t\t\r\n\t\t\t\t\r\n\t\t\t\t\r\n\t\t\t\t\t\r\n\t\t\t\t\r\n\t\t\t\t\t\r\n\t\t\t\t\r\n\t\t\t\t\t
\r\n\t\t\t\t\t\tFirst Name:\r\n\t\t\t\t\t\r\n\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getFirstName()%>\"/>\r\n\t\t\t\t \t\t\t\t\r\n\t\t\t\t\t\tLast Name:\t\t\t\t\t\r\n\t\t\t\t\t \t\" type=\"text\" value=\"<%=employee.getLastName()%>\"/>\r\n\t\t\t\t
\t\t\t\t\r\n\t\t\t\t\t\tStreet: \r\n\t\t\t\t\t\r\n\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getAddress1()%>\"/>\r\n\t\t\t\t\t\t\t\t\t\r\n\t\t\t\t\t\tCity/State: \r\n\t\t\t\t\t\r\n\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getAddress2()%>\"/>\r\n\t\t\t\t\t
\r\n\t\t\t\t\t\tPhone: \r\n\t\t\t\t\t\r\n\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getPhoneNumber()%>\"/>\r\n\t\t\t\t\t\t\t\t\t\r\n\t\t\t\t\t\tStart Date: \r\n\t\t\t\t\t\r\n\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getStartDate()%>\"/>\r\n\t\t\t\t\t
\r\n\t\t\t \t\tSSN: \r\n\t\t\t \t\r\n\t\t\t \t\t\" type=\"text\" value=\"<%=employee.getSsn()%>\"/> \r\n\t\t\t\t\t\t\t\t\t\r\n\t\t\t\t\t\tSalary: \r\n\t\t\t\t\t\r\n\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getSalary()%>\"/>\r\n\t\t\t\t\t
\r\n\t\t\t\t\t\tCredit Card: \r\n\t\t\t\t\t\r\n\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getCcn()%>\"/>\r\n\t\t\t\t\t\t\t\t\t\r\n\t\t\t\t\t\tCredit Card Limit: \r\n\t\t\t\t\t\r\n\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getCcnLimit()%>\"/>\r\n\t\t\t\t\t
\r\n\t\t\t\t\t\tComments: \r\n\t\t\t\t\t\r\n\t\t\t\t\t\t\" type=\"text\" class=\"lesson_text_db\" value=\"<%=employee.getPersonalDescription()%>\" size=\"58\"/>\r\n\t\t\t\t\t
\t\t\t\t\r\n\t\t\t\t\t\tDisciplinary Explanation: \r\n\t\t\t\t\t\t\t\t\r\n\t\t\t\t\t\tDisc. Date:\r\n\t\t\t\t\t\t\t\t\r\n\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getDisciplinaryActionDate()%>\"/>\r\n\t\t\t\t\t
\r\n\t\t\t\t\t\t\r\n\t\t\t\t\t
\t\t\t\t\r\n\t\t\t\t\t\tManager: \r\n\t\t\t\t\t\r\n\t\t\t\t\t\t\n\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\n\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\n\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\n\t\t\t\t\n\t\t\t \t\n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\n\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\n\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\n\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\n\t\t\t\t\t
\n\t\t\t\t\t\tFirst Name:\n\t\t\t\t\t\n\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getFirstName()%>\"/>\n\t\t\t\t \t\t\t\t\n\t\t\t\t\t\tLast Name:\t\t\t\t\t\n\t\t\t\t\t \t\" type=\"text\" value=\"<%=employee.getLastName()%>\"/>\n\t\t\t\t
\t\t\t\t\n\t\t\t\t\t\tStreet: \n\t\t\t\t\t\n\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getAddress1()%>\"/>\n\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\tCity/State: \n\t\t\t\t\t\n\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getAddress2()%>\"/>\n\t\t\t\t\t
\n\t\t\t\t\t\tPhone: \n\t\t\t\t\t\n\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getPhoneNumber()%>\"/>\n\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\tStart Date: \n\t\t\t\t\t\n\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getStartDate()%>\"/>\n\t\t\t\t\t
\n\t\t\t \t\tSSN: \n\t\t\t \t\n\t\t\t \t\t\" type=\"text\" value=\"<%=employee.getSsn()%>\"/> \n\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\tSalary: \n\t\t\t\t\t\n\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getSalary()%>\"/>\n\t\t\t\t\t
\n\t\t\t\t\t\tCredit Card: \n\t\t\t\t\t\n\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getCcn()%>\"/>\n\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\tCredit Card Limit: \n\t\t\t\t\t\n\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getCcnLimit()%>\"/>\n\t\t\t\t\t
\n\t\t\t\t\t\tComments: \n\t\t\t\t\t\n\t\t\t\t\t\t\" type=\"text\" class=\"lesson_text_db\" value=\"<%=employee.getPersonalDescription()%>\" size=\"58\"/>\n\t\t\t\t\t
\t\t\t\t\n\t\t\t\t\t\tDisciplinary Explanation: \n\t\t\t\t\t\t\t\t\n\t\t\t\t\t\tDisc. Date:\n\t\t\t\t\t\t\t\t\n\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getDisciplinaryActionDate()%>\"/>\n\t\t\t\t\t
\n\t\t\t\t\t\t\n\t\t\t\t\t
\t\t\t\t\n\t\t\t\t\t\tManager: \n\t\t\t\t\t\n\t\t\t\t\t\t\r\n\t\t\t\t\r\n\t\t\t\t\t\r\n\t\t\t\t\t\r\n\t\t\t\t\t\r\n\t\t\t\t\r\n\t\t\t\t\r\n\t\t\t\t\t\r\n\t\t\t\t\t\r\n\t\t\t\t\r\n\t\t\t\t\r\n\t\t\t\t\t\r\n\t\t\t\t\t\r\n\t\t\t\t\t\r\n\t\t\t\t\r\n\t\t\t\t\r\n\t\t\t \t\r\n\t\t\t\t\t\r\n\t\t\t\t\t\r\n\t\t\t\t\r\n\t\t\t\t\r\n\t\t\t\t\t\r\n\t\t\t\t\t\r\n\t\t\t\t\t\r\n\t\t\t\t\r\n\t\t\t\t\r\n\t\t\t\t\t\r\n\t\t\t\t\r\n\t\t\t\t\t\r\n\t\t\t\t\t\r\n\t\t\t\t\t\r\n\t\t\t\t\r\n\t\t\t\t\r\n\t\t\t\t\t\r\n\t\t\t\t\r\n\t\t\t\t\t\r\n\t\t\t\t\r\n\t\t\t\t\t
\r\n\t\t\t\t\t\tFirst Name:\r\n\t\t\t\t\t\r\n\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getFirstName()%>\"/>\r\n\t\t\t\t \t\t\t\t\r\n\t\t\t\t\t\tLast Name:\t\t\t\t\t\r\n\t\t\t\t\t \t\" type=\"text\" value=\"<%=employee.getLastName()%>\"/>\r\n\t\t\t\t
\t\t\t\t\r\n\t\t\t\t\t\tStreet: \r\n\t\t\t\t\t\r\n\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getAddress1()%>\"/>\r\n\t\t\t\t\t\t\t\t\t\r\n\t\t\t\t\t\tCity/State: \r\n\t\t\t\t\t\r\n\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getAddress2()%>\"/>\r\n\t\t\t\t\t
\r\n\t\t\t\t\t\tPhone: \r\n\t\t\t\t\t\r\n\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getPhoneNumber()%>\"/>\r\n\t\t\t\t\t\t\t\t\t\r\n\t\t\t\t\t\tStart Date: \r\n\t\t\t\t\t\r\n\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getStartDate()%>\"/>\r\n\t\t\t\t\t
\r\n\t\t\t \t\tSSN: \r\n\t\t\t \t\r\n\t\t\t \t\t\" type=\"text\" value=\"<%=employee.getSsn()%>\"/> \r\n\t\t\t\t\t\t\t\t\t\r\n\t\t\t\t\t\tSalary: \r\n\t\t\t\t\t\r\n\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getSalary()%>\"/>\r\n\t\t\t\t\t
\r\n\t\t\t\t\t\tCredit Card: \r\n\t\t\t\t\t\r\n\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getCcn()%>\"/>\r\n\t\t\t\t\t\t\t\t\t\r\n\t\t\t\t\t\tCredit Card Limit: \r\n\t\t\t\t\t\r\n\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getCcnLimit()%>\"/>\r\n\t\t\t\t\t
\r\n\t\t\t\t\t\tComments: \r\n\t\t\t\t\t\r\n\t\t\t\t\t\t\" type=\"text\" class=\"lesson_text_db\" value=\"<%=employee.getPersonalDescription()%>\" size=\"58\"/>\r\n\t\t\t\t\t
\t\t\t\t\r\n\t\t\t\t\t\tDisciplinary Explanation: \r\n\t\t\t\t\t\t\t\t\r\n\t\t\t\t\t\tDisc. Date:\r\n\t\t\t\t\t\t\t\t\r\n\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getDisciplinaryActionDate()%>\"/>\r\n\t\t\t\t\t
\r\n\t\t\t\t\t\t\r\n\t\t\t\t\t
\t\t\t\t\r\n\t\t\t\t\t\tManager: \r\n\t\t\t\t\t\r\n\t\t\t\t\t\t\n\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\n\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\n\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\n\t\t\t\t\n\t\t\t \t\n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\n\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\n\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\n\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\n\t\t\t\t\t
\n\t\t\t\t\t\tFirst Name:\n\t\t\t\t\t\n\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getFirstName()%>\"/>\n\t\t\t\t \t\t\t\t\n\t\t\t\t\t\tLast Name:\t\t\t\t\t\n\t\t\t\t\t \t\" type=\"text\" value=\"<%=employee.getLastName()%>\"/>\n\t\t\t\t
\t\t\t\t\n\t\t\t\t\t\tStreet: \n\t\t\t\t\t\n\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getAddress1()%>\"/>\n\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\tCity/State: \n\t\t\t\t\t\n\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getAddress2()%>\"/>\n\t\t\t\t\t
\n\t\t\t\t\t\tPhone: \n\t\t\t\t\t\n\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getPhoneNumber()%>\"/>\n\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\tStart Date: \n\t\t\t\t\t\n\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getStartDate()%>\"/>\n\t\t\t\t\t
\n\t\t\t \t\tSSN: \n\t\t\t \t\n\t\t\t \t\t\" type=\"text\" value=\"<%=employee.getSsn()%>\"/> \n\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\tSalary: \n\t\t\t\t\t\n\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getSalary()%>\"/>\n\t\t\t\t\t
\n\t\t\t\t\t\tCredit Card: \n\t\t\t\t\t\n\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getCcn()%>\"/>\n\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\tCredit Card Limit: \n\t\t\t\t\t\n\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getCcnLimit()%>\"/>\n\t\t\t\t\t
\n\t\t\t\t\t\tComments: \n\t\t\t\t\t\n\t\t\t\t\t\t\" type=\"text\" class=\"lesson_text_db\" value=\"<%=employee.getPersonalDescription()%>\" size=\"58\"/>\n\t\t\t\t\t
\t\t\t\t\n\t\t\t\t\t\tDisciplinary Explanation: \n\t\t\t\t\t\t\t\t\n\t\t\t\t\t\tDisc. Date:\n\t\t\t\t\t\t\t\t\n\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getDisciplinaryActionDate()%>\"/>\n\t\t\t\t\t
\n\t\t\t\t\t\t\n\t\t\t\t\t
\t\t\t\t\n\t\t\t\t\t\tManager: \n\t\t\t\t\t\n\t\t\t\t\t\t\r\n\t\t\t\t\r\n\t\t\t\t\t\r\n\t\t\t\t\t\r\n\t\t\t\t\t\r\n\t\t\t\t\r\n\t\t\t\t\r\n\t\t\t\t\t\r\n\t\t\t\t\t\r\n\t\t\t\t\r\n\t\t\t\t\r\n\t\t\t\t\t\r\n\t\t\t\t\t\r\n\t\t\t\t\t\r\n\t\t\t\t\r\n\t\t\t\t\r\n\t\t\t \t\r\n\t\t\t\t\t\r\n\t\t\t\t\t\r\n\t\t\t\t\r\n\t\t\t\t\r\n\t\t\t\t\t\r\n\t\t\t\t\t\r\n\t\t\t\t\t\r\n\t\t\t\t\r\n\t\t\t\t\r\n\t\t\t\t\t\r\n\t\t\t\t\t\r\n\t\t\t\t\t
\r\n\t\t\t\t\t\tFirst Name:\r\n\t\t\t\t\t\r\n\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getFirstName()%>\"/>\r\n\t\t\t\t\t\t\t\t\t\r\n\t\t\t\t\t\tLast Name:\r\n\t\t\t\t\t\r\n\t\t\t\t\t \t\" type=\"text\" value=\"<%=employee.getLastName()%>\"/>\r\n\t\t\t\t\t
\t\t\t\t\r\n\t\t\t\t\t\tStreet: \r\n\t\t\t\t\t\r\n\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getAddress1()%>\"/>\r\n\t\t\t\t\t\t\t\t\t\r\n\t\t\t\t\t\tCity/State: \r\n\t\t\t\t\t\r\n\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getAddress2()%>\"/>\r\n\t\t\t\t\t
\r\n\t\t\t\t\t\tPhone: \r\n\t\t\t\t\t\r\n\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getPhoneNumber()%>\"/>\r\n\t\t\t\t\t\t\t\t\t\r\n\t\t\t\t\t\tStart Date: \r\n\t\t\t\t\t\r\n\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getStartDate()%>\"/>\r\n\t\t\t\t\t
\r\n\t\t\t \t\tSSN: \r\n\t\t\t \t\r\n\t\t\t \t\t\" type=\"text\" value=\"<%=employee.getSsn()%>\"/> \r\n\t\t\t\t\t\t\t\t\t\r\n\t\t\t\t\t\tSalary: \r\n\t\t\t\t\t\r\n\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getSalary()%>\"/>\r\n\t\t\t\t\t
\r\n\t\t\t\t\t\tCredit Card: \r\n\t\t\t\t\t\r\n\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getCcn()%>\"/>\r\n\t\t\t\t\t\t\t\t\t\r\n\t\t\t\t\t\tCredit Card Limit: \r\n\t\t\t\t\t\r\n\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getCcnLimit()%>\"/>\r\n\t\t\t\t\t
\r\n\t\t\t\t\t\tComments: \r\n\t\t\t\t\t\r\n\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getPersonalDescription()%>\"/>\r\n\t\t\t\t\t\t\t\t\t\r\n\t\t\t\t\t\tManager: \r\n\t\t\t\t\t\r\n\t\t\t\t\t\t\n\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\n\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\n\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\n\t\t\t\t\n\t\t\t \t\n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\n\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\n\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t
\n\t\t\t\t\t\tFirst Name:\n\t\t\t\t\t\n\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getFirstName()%>\"/>\n\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\tLast Name:\n\t\t\t\t\t\n\t\t\t\t\t \t\" type=\"text\" value=\"<%=employee.getLastName()%>\"/>\n\t\t\t\t\t
\t\t\t\t\n\t\t\t\t\t\tStreet: \n\t\t\t\t\t\n\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getAddress1()%>\"/>\n\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\tCity/State: \n\t\t\t\t\t\n\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getAddress2()%>\"/>\n\t\t\t\t\t
\n\t\t\t\t\t\tPhone: \n\t\t\t\t\t\n\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getPhoneNumber()%>\"/>\n\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\tStart Date: \n\t\t\t\t\t\n\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getStartDate()%>\"/>\n\t\t\t\t\t
\n\t\t\t \t\tSSN: \n\t\t\t \t\n\t\t\t \t\t\" type=\"text\" value=\"<%=employee.getSsn()%>\"/> \n\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\tSalary: \n\t\t\t\t\t\n\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getSalary()%>\"/>\n\t\t\t\t\t
\n\t\t\t\t\t\tCredit Card: \n\t\t\t\t\t\n\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getCcn()%>\"/>\n\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\tCredit Card Limit: \n\t\t\t\t\t\n\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getCcnLimit()%>\"/>\n\t\t\t\t\t
\n\t\t\t\t\t\tComments: \n\t\t\t\t\t\n\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getPersonalDescription()%>\"/>\n\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\tManager: \n\t\t\t\t\t\n\t\t\t\t\t\t\r\n\t\t\t\t\r\n\t\t\t\t\t\r\n\t\t\t\t\t\r\n\t\t\t\t\t\r\n\t\t\t\t\r\n\t\t\t\t\r\n\t\t\t\t\t\r\n\t\t\t\t\t\r\n\t\t\t\t\r\n\t\t\t\t\r\n\t\t\t\t\t\r\n\t\t\t\t\t\r\n\t\t\t\t\t\r\n\t\t\t\t\r\n\t\t\t\t\r\n\t\t\t \t\r\n\t\t\t\t\t\r\n\t\t\t\t\t\r\n\t\t\t\t\r\n\t\t\t\t\r\n\t\t\t\t\t\r\n\t\t\t\t\t\r\n\t\t\t\t\t\r\n\t\t\t\t\r\n\t\t\t\t\r\n\t\t\t\t\t\r\n\t\t\t\t\t\r\n\t\t\t\t\t
\r\n\t\t\t\t\t\tFirst Name:\r\n\t\t\t\t\t\r\n\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getFirstName()%>\"/>\r\n\t\t\t\t\t\t\t\t\t\r\n\t\t\t\t\t\tLast Name:\r\n\t\t\t\t\t\r\n\t\t\t\t\t \t\" type=\"text\" value=\"<%=employee.getLastName()%>\"/>\r\n\t\t\t\t\t
\t\t\t\t\r\n\t\t\t\t\t\tStreet: \r\n\t\t\t\t\t\r\n\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getAddress1()%>\"/>\r\n\t\t\t\t\t\t\t\t\t\r\n\t\t\t\t\t\tCity/State: \r\n\t\t\t\t\t\r\n\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getAddress2()%>\"/>\r\n\t\t\t\t\t
\r\n\t\t\t\t\t\tPhone: \r\n\t\t\t\t\t\r\n\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getPhoneNumber()%>\"/>\r\n\t\t\t\t\t\t\t\t\t\r\n\t\t\t\t\t\tStart Date: \r\n\t\t\t\t\t\r\n\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getStartDate()%>\"/>\r\n\t\t\t\t\t
\r\n\t\t\t \t\tSSN: \r\n\t\t\t \t\r\n\t\t\t \t\t\" type=\"text\" value=\"<%=employee.getSsn()%>\"/> \r\n\t\t\t\t\t\t\t\t\t\r\n\t\t\t\t\t\tSalary: \r\n\t\t\t\t\t\r\n\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getSalary()%>\"/>\r\n\t\t\t\t\t
\r\n\t\t\t\t\t\tCredit Card: \r\n\t\t\t\t\t\r\n\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getCcn()%>\"/>\r\n\t\t\t\t\t\t\t\t\t\r\n\t\t\t\t\t\tCredit Card Limit: \r\n\t\t\t\t\t\r\n\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getCcnLimit()%>\"/>\r\n\t\t\t\t\t
\r\n\t\t\t\t\t\tComments: \r\n\t\t\t\t\t\r\n\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getPersonalDescription()%>\"/>\r\n\t\t\t\t\t\t\t\t\t\r\n\t\t\t\t\t\tManager: \r\n\t\t\t\t\t\r\n\t\t\t\t\t\t\n\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\n\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\n\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\n\t\t\t\t\n\t\t\t \t\n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\n\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\n\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t
\n\t\t\t\t\t\tFirst Name:\n\t\t\t\t\t\n\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getFirstName()%>\"/>\n\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\tLast Name:\n\t\t\t\t\t\n\t\t\t\t\t \t\" type=\"text\" value=\"<%=employee.getLastName()%>\"/>\n\t\t\t\t\t
\t\t\t\t\n\t\t\t\t\t\tStreet: \n\t\t\t\t\t\n\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getAddress1()%>\"/>\n\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\tCity/State: \n\t\t\t\t\t\n\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getAddress2()%>\"/>\n\t\t\t\t\t
\n\t\t\t\t\t\tPhone: \n\t\t\t\t\t\n\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getPhoneNumber()%>\"/>\n\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\tStart Date: \n\t\t\t\t\t\n\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getStartDate()%>\"/>\n\t\t\t\t\t
\n\t\t\t \t\tSSN: \n\t\t\t \t\n\t\t\t \t\t\" type=\"text\" value=\"<%=employee.getSsn()%>\"/> \n\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\tSalary: \n\t\t\t\t\t\n\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getSalary()%>\"/>\n\t\t\t\t\t
\n\t\t\t\t\t\tCredit Card: \n\t\t\t\t\t\n\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getCcn()%>\"/>\n\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\tCredit Card Limit: \n\t\t\t\t\t\n\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getCcnLimit()%>\"/>\n\t\t\t\t\t
\n\t\t\t\t\t\tComments: \n\t\t\t\t\t\n\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getPersonalDescription()%>\"/>\n\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\tManager: \n\t\t\t\t\t\n\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getCcn()%>\"/>" } }, "contextRegion": { "startLine": 63, "endLine": 69, "snippet": { "text": "\t\t\t\t\t\tCredit Card: \n\t\t\t\t\t\n\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getCcn()%>\"/>\n\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\tCredit Card Limit: \n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 421 }, { "index": 422 }, { "index": 575 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 112 }, "region": { "startLine": 66, "snippet": { "text": "\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getCcn()%>\"/>" } }, "contextRegion": { "startLine": 63, "endLine": 69, "snippet": { "text": "\t\t\t\t\t\tCredit Card: \n\t\t\t\t\t\n\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getCcn()%>\"/>\n\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\tCredit Card Limit: \n" } } }, "message": { "text": "print(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 112 }, "region": { "startLine": 66 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 33, "level": "note", "message": { "text": "Using println() rather than a dedicated logging facility makes it difficult to monitor the behavior of the program.\r\nUsing `System.out` or `System.err` rather than a dedicated logging facility makes it difficult to monitor the behavior of the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 40 }, "region": { "startLine": 604, "snippet": { "text": "\t System.out.println(\"Error: unable to drop auth\");" } }, "contextRegion": { "startLine": 601, "endLine": 607, "snippet": { "text": "\t}\n\tcatch (SQLException e)\n\t{\n\t System.out.println(\"Error: unable to drop auth\");\n\t}\n\n\ttry\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 40 }, "region": { "startLine": 604, "snippet": { "text": "\t System.out.println(\"Error: unable to drop auth\");" } }, "contextRegion": { "startLine": 601, "endLine": 607, "snippet": { "text": "\t}\n\tcatch (SQLException e)\n\t{\n\t System.out.println(\"Error: unable to drop auth\");\n\t}\n\n\ttry\n" } } }, "message": { "text": "FunctionCall: println" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 40 }, "region": { "startLine": 604 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 24, "level": "error", "message": { "text": "The method makeStationList() in [SqlNumericInjection.java](1) sends unvalidated data to a web browser on line [265](1), which can result in the browser executing malicious code.\r\nSending unvalidated data to a web browser can result in the browser executing malicious code." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 65 }, "region": { "startLine": 265, "snippet": { "text": "\t\t .get(key)));" } }, "contextRegion": { "startLine": 262, "endLine": 268, "snippet": { "text": "\t{\n\t String key = (String) it.next();\n\t select.addElement(new Option(key).addElement((String) stations\n\t\t .get(key)));\n\t}\n\tec.addElement(select);\n\tec.addElement(new P());\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 576 }, { "index": 577 }, { "index": 578 }, { "index": 579 }, { "index": 580 }, { "index": 581 }, { "index": 582 }, { "index": 583 }, { "index": 584 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 65 }, "region": { "startLine": 265, "snippet": { "text": "\t\t .get(key)));" } }, "contextRegion": { "startLine": 262, "endLine": 268, "snippet": { "text": "\t{\n\t String key = (String) it.next();\n\t select.addElement(new Option(key).addElement((String) stations\n\t\t .get(key)));\n\t}\n\tec.addElement(select);\n\tec.addElement(new P());\n" } } }, "message": { "text": "addElement(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 65 }, "region": { "startLine": 265 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "2.96" } }, { "ruleIndex": 125, "level": "error", "message": { "text": "The method _jspService() in [EditProfile.jsp](1) mishandles confidential information, which can compromise user privacy and is often illegal.\r\nMishandling private information, such as customer passwords or social security numbers, can compromise user privacy and is often illegal." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 79 }, "region": { "startLine": 67, "snippet": { "text": "\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getCcn()%>\"/>" } }, "contextRegion": { "startLine": 64, "endLine": 70, "snippet": { "text": "\t\t\t\t\t\tCredit Card: \n\t\t\t\t\t\n\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getCcn()%>\"/>\n\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\tCredit Card Limit: \n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 585 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 79 }, "region": { "startLine": 67, "snippet": { "text": "\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getCcn()%>\"/>" } }, "contextRegion": { "startLine": 64, "endLine": 70, "snippet": { "text": "\t\t\t\t\t\tCredit Card: \n\t\t\t\t\t\n\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getCcn()%>\"/>\n\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\tCredit Card Limit: \n" } } }, "message": { "text": "print(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 79 }, "region": { "startLine": 67 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 108, "level": "error", "message": { "text": "The method getRawParameter() in [ParameterParser.java](1) mishandles confidential information, which can compromise user privacy and is often illegal.\r\nMishandling private information, such as customer passwords or social security numbers, can compromise user privacy and is often illegal." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 631, "snippet": { "text": "\t throw new ParameterNotFoundException(name + \" not found\");" } }, "contextRegion": { "startLine": 628, "endLine": 634, "snippet": { "text": "\n\tif (values == null)\n\t{\n\t throw new ParameterNotFoundException(name + \" not found\");\n\t}\n\telse if (values[0].length() == 0)\n\t{\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 563 }, { "index": 564 }, { "index": 128 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 631, "snippet": { "text": "\t throw new ParameterNotFoundException(name + \" not found\");" } }, "contextRegion": { "startLine": 628, "endLine": 634, "snippet": { "text": "\n\tif (values == null)\n\t{\n\t throw new ParameterNotFoundException(name + \" not found\");\n\t}\n\telse if (values[0].length() == 0)\n\t{\n" } } }, "message": { "text": "ParameterNotFoundException(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 631 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 62, "level": "error", "message": { "text": "The method makeUsername() in [BackDoors.java](1) sends unvalidated data to a web browser on line [235](1), which can result in the browser executing malicious code.\r\nSending unvalidated data to a web browser can result in the browser executing malicious code." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 110 }, "region": { "startLine": 235, "snippet": { "text": "\tec.addElement(new Div(SELECT_ST + formattedInput));" } }, "contextRegion": { "startLine": 232, "endLine": 238, "snippet": { "text": "\n\tString formattedInput = \"\" + userInput\n\t\t+ \"\";\n\tec.addElement(new Div(SELECT_ST + formattedInput));\n\n\tInput b = new Input();\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 0 }, { "index": 2 }, { "index": 3 }, { "index": 7 }, { "index": 10 }, { "index": 586 }, { "index": 587 }, { "index": 588 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 110 }, "region": { "startLine": 235, "snippet": { "text": "\tec.addElement(new Div(SELECT_ST + formattedInput));" } }, "contextRegion": { "startLine": 232, "endLine": 238, "snippet": { "text": "\n\tString formattedInput = \"\" + userInput\n\t\t+ \"\";\n\tec.addElement(new Div(SELECT_ST + formattedInput));\n\n\tInput b = new Input();\n\n" } } }, "message": { "text": "Div(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 110 }, "region": { "startLine": 235 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 62, "level": "error", "message": { "text": "The method makeContent() in [HttpOnly.java](1) sends unvalidated data to a web browser on line [233](1), which can result in the browser executing malicious code.\r\nSending unvalidated data to a web browser can result in the browser executing malicious code." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 11 }, "region": { "startLine": 233, "snippet": { "text": "\t\ttr.addElement(new TD(new StringElement(\"Your browser appears to be: \" + getBrowserType(s))));" } }, "contextRegion": { "startLine": 230, "endLine": 236, "snippet": { "text": "\t\t\n\t\ttr = new TR();\n\t\t\n\t\ttr.addElement(new TD(new StringElement(\"Your browser appears to be: \" + getBrowserType(s))));\n\t\tt.addElement(tr);\n\t\t\n\t\ttr = new TR();\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 589 }, { "index": 590 }, { "index": 591 }, { "index": 592 }, { "index": 593 }, { "index": 594 }, { "index": 595 }, { "index": 596 }, { "index": 597 }, { "index": 598 }, { "index": 599 }, { "index": 600 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 11 }, "region": { "startLine": 233, "snippet": { "text": "\t\ttr.addElement(new TD(new StringElement(\"Your browser appears to be: \" + getBrowserType(s))));" } }, "contextRegion": { "startLine": 230, "endLine": 236, "snippet": { "text": "\t\t\n\t\ttr = new TR();\n\t\t\n\t\ttr.addElement(new TD(new StringElement(\"Your browser appears to be: \" + getBrowserType(s))));\n\t\tt.addElement(tr);\n\t\t\n\t\ttr = new TR();\n" } } }, "message": { "text": "TD(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 11 }, "region": { "startLine": 233, "startColumn": 24 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 17, "message": { "text": "The catch block at [Encoding.java](1) line [550](1) handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program.\r\nThe catch block handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 550, "endLine": 554, "snippet": { "text": "\t\tcatch ( Exception e )\r\n\t\t{\r\n\r\n\t\t\treturn ( \"Encryption error\" );\r\n\t\t}" } }, "contextRegion": { "startLine": 547, "endLine": 557, "snippet": { "text": "\t\t\treturn encoder.encode( enc );\n\t\t}\n\n\t\tcatch ( Exception e )\n\t\t{\n\n\t\t\treturn ( \"Encryption error\" );\n\t\t}\n\n\t}\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 550, "endLine": 554, "snippet": { "text": "\t\tcatch ( Exception e )\r\n\t\t{\r\n\r\n\t\t\treturn ( \"Encryption error\" );\r\n\t\t}" } }, "contextRegion": { "startLine": 547, "endLine": 557, "snippet": { "text": "\t\t\treturn encoder.encode( enc );\n\t\t}\n\n\t\tcatch ( Exception e )\n\t\t{\n\n\t\t\treturn ( \"Encryption error\" );\n\t\t}\n\n\t}\n\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 550, "startColumn": 3, "endLine": 554 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 36, "level": "error", "message": { "text": "The method _jspService() in [ListStaff.jsp](1) sends unvalidated data to a web browser on line [8](1), which can result in the browser executing malicious code.\r\nSending unvalidated data to a web browser can result in the browser executing malicious code." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 90 }, "region": { "startLine": 8, "snippet": { "text": "\t
Welcome Back <%=webSession.getUserNameInLesson()%> - Staff Listing Page
" } }, "contextRegion": { "startLine": 5, "endLine": 11, "snippet": { "text": "\tWebSession webSession = ((WebSession)session.getAttribute(\"websession\"));\n\tint myUserId = webSession.getUserIdInLesson();\n%>\n\t
Welcome Back <%=webSession.getUserNameInLesson()%> - Staff Listing Page
\n\t\t
\n\t\t
\n\t\t
\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 507 }, { "index": 508 }, { "index": 509 }, { "index": 510 }, { "index": 511 }, { "index": 512 }, { "index": 516 }, { "index": 517 }, { "index": 518 }, { "index": 601 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 90 }, "region": { "startLine": 8, "snippet": { "text": "\t
Welcome Back <%=webSession.getUserNameInLesson()%> - Staff Listing Page
" } }, "contextRegion": { "startLine": 5, "endLine": 11, "snippet": { "text": "\tWebSession webSession = ((WebSession)session.getAttribute(\"websession\"));\n\tint myUserId = webSession.getUserIdInLesson();\n%>\n\t
Welcome Back <%=webSession.getUserNameInLesson()%> - Staff Listing Page
\n\t\t
\n\t\t
\n\t\t
\n" } } }, "message": { "text": "print(0)" } }, "kinds": [ "call", "function" ] } ] } ] }, { "threadFlows": [ { "locations": [ { "index": 507 }, { "index": 508 }, { "index": 509 }, { "index": 510 }, { "index": 511 }, { "index": 520 }, { "index": 521 }, { "index": 517 }, { "index": 518 }, { "index": 601 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 90 }, "region": { "startLine": 8, "snippet": { "text": "\t
Welcome Back <%=webSession.getUserNameInLesson()%> - Staff Listing Page
" } }, "contextRegion": { "startLine": 5, "endLine": 11, "snippet": { "text": "\tWebSession webSession = ((WebSession)session.getAttribute(\"websession\"));\n\tint myUserId = webSession.getUserIdInLesson();\n%>\n\t
Welcome Back <%=webSession.getUserNameInLesson()%> - Staff Listing Page
\n\t\t
\n\t\t
\n\t\t
\n" } } }, "message": { "text": "print(0)" } }, "kinds": [ "call", "function" ] } ] } ] }, { "threadFlows": [ { "locations": [ { "index": 507 }, { "index": 508 }, { "index": 509 }, { "index": 510 }, { "index": 511 }, { "index": 523 }, { "index": 524 }, { "index": 517 }, { "index": 518 }, { "index": 601 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 90 }, "region": { "startLine": 8, "snippet": { "text": "\t
Welcome Back <%=webSession.getUserNameInLesson()%> - Staff Listing Page
" } }, "contextRegion": { "startLine": 5, "endLine": 11, "snippet": { "text": "\tWebSession webSession = ((WebSession)session.getAttribute(\"websession\"));\n\tint myUserId = webSession.getUserIdInLesson();\n%>\n\t
Welcome Back <%=webSession.getUserNameInLesson()%> - Staff Listing Page
\n\t\t
\n\t\t
\n\t\t
\n" } } }, "message": { "text": "print(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 90 }, "region": { "startLine": 8 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "3.2166665" } }, { "ruleIndex": 133, "message": { "text": "The function getSource() in [AbstractLesson.java](1) sometimes fails to release a system resource allocated by FileReader() on line 670.\r\nThe program can potentially fail to release a system resource." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 75 }, "region": { "startLine": 669, "snippet": { "text": "\t src = convertMetacharsJavaCode(readFromFile(new BufferedReader(" } }, "contextRegion": { "startLine": 666, "endLine": 672, "snippet": { "text": "\t{\n\t // System.out.println(\"Loading source file: \" +\n\t // getSourceFileName());\n\t src = convertMetacharsJavaCode(readFromFile(new BufferedReader(\n\t\t new FileReader(s.getWebResource(getSourceFileName()))),\n\t\t true));\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 75 }, "region": { "startLine": 670, "snippet": { "text": "\t\t new FileReader(s.getWebResource(getSourceFileName())))," } }, "contextRegion": { "startLine": 667, "endLine": 673, "snippet": { "text": "\t // System.out.println(\"Loading source file: \" +\n\t // getSourceFileName());\n\t src = convertMetacharsJavaCode(readFromFile(new BufferedReader(\n\t\t new FileReader(s.getWebResource(getSourceFileName()))),\n\t\t true));\n\n\t // TODO: For styled line numbers and better memory efficiency,\n" } } }, "message": { "text": "new FileReader(...)" }, "annotations": [ { "startLine": 670, "startColumn": 7, "message": { "text": " refers to an allocated resource" } } ] }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 75 }, "region": { "startLine": 669, "snippet": { "text": "\t src = convertMetacharsJavaCode(readFromFile(new BufferedReader(" } }, "contextRegion": { "startLine": 666, "endLine": 672, "snippet": { "text": "\t{\n\t // System.out.println(\"Loading source file: \" +\n\t // getSourceFileName());\n\t src = convertMetacharsJavaCode(readFromFile(new BufferedReader(\n\t\t new FileReader(s.getWebResource(getSourceFileName()))),\n\t\t true));\n\n" } } }, "message": { "text": "new BufferedReader(new java.io.FileReader())" }, "annotations": [ { "startLine": 669, "startColumn": 50, "message": { "text": " refers to an allocated resource" } } ] }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 75 }, "region": { "startLine": 669, "snippet": { "text": "\t src = convertMetacharsJavaCode(readFromFile(new BufferedReader(" } }, "contextRegion": { "startLine": 666, "endLine": 672, "snippet": { "text": "\t{\n\t // System.out.println(\"Loading source file: \" +\n\t // getSourceFileName());\n\t src = convertMetacharsJavaCode(readFromFile(new BufferedReader(\n\t\t new FileReader(s.getWebResource(getSourceFileName()))),\n\t\t true));\n\n" } } }, "message": { "text": "readFromFile(new java.io.BufferedReader(), ?)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 75 }, "region": { "startLine": 678, "snippet": { "text": "\t}" } }, "contextRegion": { "startLine": 675, "endLine": 681, "snippet": { "text": "\t // that performs the convertMetacharsJavaCode() transform plus\n\t // optionally adds a styled\n\t // line number. Wouldn't color syntax be great too?\n\t}\n\tcatch (IOException e)\n\t{\n\t s.setMessage(\"Could not find source file\");\n" } } }, "message": { "text": " no longer refers to an allocated resource" } }, "kinds": [ "exit", "scope" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 75 }, "region": { "startLine": 678, "snippet": { "text": "\t}" } }, "contextRegion": { "startLine": 675, "endLine": 681, "snippet": { "text": "\t // that performs the convertMetacharsJavaCode() transform plus\n\t // optionally adds a styled\n\t // line number. Wouldn't color syntax be great too?\n\t}\n\tcatch (IOException e)\n\t{\n\t s.setMessage(\"Could not find source file\");\n" } } }, "message": { "text": " no longer refers to an allocated resource" } }, "kinds": [ "exit", "scope" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 75 }, "region": { "startLine": 678, "snippet": { "text": "\t}" } }, "contextRegion": { "startLine": 675, "endLine": 681, "snippet": { "text": "\t // that performs the convertMetacharsJavaCode() transform plus\n\t // optionally adds a styled\n\t // line number. Wouldn't color syntax be great too?\n\t}\n\tcatch (IOException e)\n\t{\n\t s.setMessage(\"Could not find source file\");\n" } } }, "message": { "text": "end scope : Resource leaked" } }, "kinds": [ "exit", "scope" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 75 }, "region": { "startLine": 669 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 108, "level": "error", "message": { "text": "The method getStringParameter() in [ParameterParser.java](1) mishandles confidential information, which can compromise user privacy and is often illegal.\r\nMishandling private information, such as customer passwords or social security numbers, can compromise user privacy and is often illegal." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 699, "snippet": { "text": "\t throw new ParameterNotFoundException(name + \" was empty\");" } }, "contextRegion": { "startLine": 696, "endLine": 702, "snippet": { "text": "\t}\n\telse if (values[0].length() == 0)\n\t{\n\t throw new ParameterNotFoundException(name + \" was empty\");\n\t}\n\telse\n\t{\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 602 }, { "index": 603 }, { "index": 470 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 699, "snippet": { "text": "\t throw new ParameterNotFoundException(name + \" was empty\");" } }, "contextRegion": { "startLine": 696, "endLine": 702, "snippet": { "text": "\t}\n\telse if (values[0].length() == 0)\n\t{\n\t throw new ParameterNotFoundException(name + \" was empty\");\n\t}\n\telse\n\t{\n" } } }, "message": { "text": "ParameterNotFoundException(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 699 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 95, "level": "error", "message": { "text": "Without proper access control, the method changeEmployeeProfile() in [UpdateProfile.java](1) can execute a SQL statement on line [248](1) that contains an attacker-controlled primary key, thereby allowing the attacker to access unauthorized records.\r\nWithout proper access control, executing a SQL statement that contains a user-controlled primary key can allow an attacker to view unauthorized records." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 248, "snippet": { "text": "\t\tanswer_statement.executeUpdate(query);" } }, "contextRegion": { "startLine": 245, "endLine": 251, "snippet": { "text": "\t\tStatement answer_statement = WebSession.getConnection(s)\n\t\t\t.createStatement(ResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tanswer_statement.executeUpdate(query);\n\t }\n\t catch (SQLException sqle)\n\t {\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 67 }, { "index": 68 }, { "index": 69 }, { "index": 70 }, { "index": 76 }, { "index": 77 }, { "index": 78 }, { "index": 79 }, { "index": 80 }, { "index": 246 }, { "index": 82 }, { "index": 247 }, { "index": 565 }, { "index": 82 }, { "index": 566 }, { "index": 567 }, { "index": 568 }, { "index": 149 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 248, "snippet": { "text": "\t\tanswer_statement.executeUpdate(query);" } }, "contextRegion": { "startLine": 245, "endLine": 251, "snippet": { "text": "\t\tStatement answer_statement = WebSession.getConnection(s)\n\t\t\t.createStatement(ResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tanswer_statement.executeUpdate(query);\n\t }\n\t catch (SQLException sqle)\n\t {\n" } } }, "message": { "text": "executeUpdate(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 248, "startColumn": 34 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 0, "message": { "text": "Attackers can control the filesystem path argument to FileInputStream() at [LessonTracker.java](1) line [238](1), which allows them to access or modify otherwise protected files.\r\nAllowing user input to control paths used in filesystem operations could enable an attacker to access or modify otherwise protected system resources." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 14 }, "region": { "startLine": 238, "snippet": { "text": "\t\tin = new FileInputStream(fileName);" } }, "contextRegion": { "startLine": 235, "endLine": 241, "snippet": { "text": "\t {\n\t\tProperties tempProps = new Properties();\n\t\t//System.out.println(\"Loading lesson state from: \" + fileName);\n\t\tin = new FileInputStream(fileName);\n\t\ttempProps.load(in);\n\t\t// allow the screen to use any custom properties it may have set\n\t\tLessonTracker tempLessonTracker = screen\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 257 }, { "index": 258 }, { "index": 373 }, { "index": 374 }, { "index": 375 }, { "index": 376 }, { "index": 378 }, { "index": 379 }, { "index": 382 }, { "index": 383 }, { "index": 604 }, { "index": 605 }, { "index": 606 }, { "index": 607 }, { "index": 609 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 14 }, "region": { "startLine": 238, "snippet": { "text": "\t\tin = new FileInputStream(fileName);" } }, "contextRegion": { "startLine": 235, "endLine": 241, "snippet": { "text": "\t {\n\t\tProperties tempProps = new Properties();\n\t\t//System.out.println(\"Loading lesson state from: \" + fileName);\n\t\tin = new FileInputStream(fileName);\n\t\ttempProps.load(in);\n\t\t// allow the screen to use any custom properties it may have set\n\t\tLessonTracker tempLessonTracker = screen\n" } } }, "message": { "text": "FileInputStream(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 14 }, "region": { "startLine": 238, "startColumn": 28 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 33, "level": "note", "message": { "text": "Using println() rather than a dedicated logging facility makes it difficult to monitor the behavior of the program.\r\nUsing `System.out` or `System.err` rather than a dedicated logging facility makes it difficult to monitor the behavior of the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 40 }, "region": { "startLine": 618, "snippet": { "text": "\t System.out.println(\"Error: unable to create auth table\");" } }, "contextRegion": { "startLine": 615, "endLine": 621, "snippet": { "text": "\t}\n\tcatch (SQLException e)\n\t{\n\t System.out.println(\"Error: unable to create auth table\");\n\t}\n\n\tString insertData1 = \"INSERT INTO auth VALUES('employee', 'Logout')\";\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 40 }, "region": { "startLine": 618, "snippet": { "text": "\t System.out.println(\"Error: unable to create auth table\");" } }, "contextRegion": { "startLine": 615, "endLine": 621, "snippet": { "text": "\t}\n\tcatch (SQLException e)\n\t{\n\t System.out.println(\"Error: unable to create auth table\");\n\t}\n\n\tString insertData1 = \"INSERT INTO auth VALUES('employee', 'Logout')\";\n" } } }, "message": { "text": "FunctionCall: println" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 40 }, "region": { "startLine": 618 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 62, "level": "error", "message": { "text": "The method createContent() in [ReflectedXSS.java](1) sends unvalidated data to a web browser on line [123](1), which can result in the browser executing malicious code.\r\nSending unvalidated data to a web browser can result in the browser executing malicious code." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 137 }, "region": { "startLine": 123, "snippet": { "text": "\t\t\t .getStringParameter(\"QTY1\", \"1\")))" } }, "contextRegion": { "startLine": 120, "endLine": 126, "snippet": { "text": "\t tr.addElement(new TD().addElement(\"69.99\").setAlign(\"right\"));\n\t tr.addElement(new TD().addElement(\n\t\t new Input(Input.TEXT, \"QTY1\", s.getParser()\n\t\t\t .getStringParameter(\"QTY1\", \"1\")))\n\t\t .setAlign(\"right\"));\n\t quantity = s.getParser().getFloatParameter(\"QTY1\", 1.0f);\n\t total = quantity * 69.99f;\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 67 }, { "index": 68 }, { "index": 69 }, { "index": 70 }, { "index": 76 }, { "index": 77 }, { "index": 136 }, { "index": 137 }, { "index": 569 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 137 }, "region": { "startLine": 123, "snippet": { "text": "\t\t\t .getStringParameter(\"QTY1\", \"1\")))" } }, "contextRegion": { "startLine": 120, "endLine": 126, "snippet": { "text": "\t tr.addElement(new TD().addElement(\"69.99\").setAlign(\"right\"));\n\t tr.addElement(new TD().addElement(\n\t\t new Input(Input.TEXT, \"QTY1\", s.getParser()\n\t\t\t .getStringParameter(\"QTY1\", \"1\")))\n\t\t .setAlign(\"right\"));\n\t quantity = s.getParser().getFloatParameter(\"QTY1\", 1.0f);\n\t total = quantity * 69.99f;\n" } } }, "message": { "text": "Input(2)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 137 }, "region": { "startLine": 123 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 18, "level": "error", "message": { "text": "The method _jspService() in [main.jsp](1) sends unvalidated data to a web browser on line [191](1), which can result in the browser executing malicious code.\r\nSending unvalidated data to a web browser can result in the browser executing malicious code." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 84 }, "region": { "startLine": 191, "snippet": { "text": "\t\t\t\t\t\tout.println(printCookies);" } }, "contextRegion": { "startLine": 188, "endLine": 194, "snippet": { "text": "\t\t\t\t\t{\n\t\t\t\t\t\tCookie c = (Cookie) i.next();\n\t\t\t\t\t\tprintCookies = \"
\" + c.getName() + \" \\\"\\\" \" + c.getValue() + \"

\";\n\t\t\t\t\t\tout.println(printCookies);\n\t\t\t\t\t}\n\t\t\t\t}%>\n\t\t\t\t
<%=currentLesson.getLessonPlan(webSession) %>\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 610 }, { "index": 611 }, { "index": 612 }, { "index": 613 }, { "index": 614 }, { "index": 615 }, { "index": 616 }, { "index": 618 }, { "index": 619 }, { "index": 620 }, { "index": 621 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 84 }, "region": { "startLine": 191, "snippet": { "text": "\t\t\t\t\t\tout.println(printCookies);" } }, "contextRegion": { "startLine": 188, "endLine": 194, "snippet": { "text": "\t\t\t\t\t{\n\t\t\t\t\t\tCookie c = (Cookie) i.next();\n\t\t\t\t\t\tprintCookies = \"
\" + c.getName() + \" \\\"\\\" \" + c.getValue() + \"

\";\n\t\t\t\t\t\tout.println(printCookies);\n\t\t\t\t\t}\n\t\t\t\t}%>\n\t\t\t\t
<%=currentLesson.getLessonPlan(webSession) %>\n" } } }, "message": { "text": "println(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 84 }, "region": { "startLine": 191 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 36, "level": "error", "message": { "text": "The method _jspService() in [ViewProfile.jsp](1) sends unvalidated data to a web browser on line [9](1), which can result in the browser executing malicious code.\r\nSending unvalidated data to a web browser can result in the browser executing malicious code." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 27 }, "region": { "startLine": 9, "snippet": { "text": "\t\t
Welcome Back <%=webSession.getUserNameInLesson()%>
" } }, "contextRegion": { "startLine": 6, "endLine": 12, "snippet": { "text": "\tEmployee employee = (Employee) session.getAttribute(\"SQLInjection.\" + SQLInjection.EMPLOYEE_ATTRIBUTE_KEY);\n//\tint myUserId = getIntSessionAttribute(webSession, \"SQLInjection.\" + SQLInjection.USER_ID);\n%>\n\t\t
Welcome Back <%=webSession.getUserNameInLesson()%>
\n\t\t
\n\t\t\t\t\n\t\t\t\t
\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 507 }, { "index": 508 }, { "index": 509 }, { "index": 510 }, { "index": 511 }, { "index": 512 }, { "index": 516 }, { "index": 517 }, { "index": 518 }, { "index": 617 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 27 }, "region": { "startLine": 9, "snippet": { "text": "\t\t
Welcome Back <%=webSession.getUserNameInLesson()%>
" } }, "contextRegion": { "startLine": 6, "endLine": 12, "snippet": { "text": "\tEmployee employee = (Employee) session.getAttribute(\"SQLInjection.\" + SQLInjection.EMPLOYEE_ATTRIBUTE_KEY);\n//\tint myUserId = getIntSessionAttribute(webSession, \"SQLInjection.\" + SQLInjection.USER_ID);\n%>\n\t\t
Welcome Back <%=webSession.getUserNameInLesson()%>
\n\t\t
\n\t\t\t\t\n\t\t\t\t
\n" } } }, "message": { "text": "print(0)" } }, "kinds": [ "call", "function" ] } ] } ] }, { "threadFlows": [ { "locations": [ { "index": 507 }, { "index": 508 }, { "index": 509 }, { "index": 510 }, { "index": 511 }, { "index": 520 }, { "index": 521 }, { "index": 517 }, { "index": 518 }, { "index": 617 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 27 }, "region": { "startLine": 9, "snippet": { "text": "\t\t
Welcome Back <%=webSession.getUserNameInLesson()%>
" } }, "contextRegion": { "startLine": 6, "endLine": 12, "snippet": { "text": "\tEmployee employee = (Employee) session.getAttribute(\"SQLInjection.\" + SQLInjection.EMPLOYEE_ATTRIBUTE_KEY);\n//\tint myUserId = getIntSessionAttribute(webSession, \"SQLInjection.\" + SQLInjection.USER_ID);\n%>\n\t\t
Welcome Back <%=webSession.getUserNameInLesson()%>
\n\t\t
\n\t\t\t\t\n\t\t\t\t
\n" } } }, "message": { "text": "print(0)" } }, "kinds": [ "call", "function" ] } ] } ] }, { "threadFlows": [ { "locations": [ { "index": 507 }, { "index": 508 }, { "index": 509 }, { "index": 510 }, { "index": 511 }, { "index": 523 }, { "index": 524 }, { "index": 517 }, { "index": 518 }, { "index": 617 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 27 }, "region": { "startLine": 9, "snippet": { "text": "\t\t
Welcome Back <%=webSession.getUserNameInLesson()%>
" } }, "contextRegion": { "startLine": 6, "endLine": 12, "snippet": { "text": "\tEmployee employee = (Employee) session.getAttribute(\"SQLInjection.\" + SQLInjection.EMPLOYEE_ATTRIBUTE_KEY);\n//\tint myUserId = getIntSessionAttribute(webSession, \"SQLInjection.\" + SQLInjection.USER_ID);\n%>\n\t\t
Welcome Back <%=webSession.getUserNameInLesson()%>
\n\t\t
\n\t\t\t\t\n\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t \t\n\t\t\t\t\t\n\t\t\t \t\n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t \t\n\t\t\t\t\t\n\t\t\t \t\n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t
\n" } } }, "message": { "text": "print(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 27 }, "region": { "startLine": 9 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "3.2166665" } }, { "ruleIndex": 145, "level": "note", "message": { "text": "The method exec() in [CommandInjection.java](1) is not reachable from any method outside the class. It is dead code. Dead code is defined as code that is never directly or indirectly executed by a public method.\r\nThis method is not reachable from any method outside the class." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 304, "snippet": { "text": " private Element exec(WebSession s, String command, String args)" } }, "contextRegion": { "startLine": 301, "endLine": 307, "snippet": { "text": " * @param s Description of the Parameter\n * @return Description of the Return Value\n */\n private Element exec(WebSession s, String command, String args)\n {\n\tSystem.out.println(\"Executing OS command: '\" + command\n\t\t+ \"' with args: '\" + args + \"'\");\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 304, "snippet": { "text": " private Element exec(WebSession s, String command, String args)" } }, "contextRegion": { "startLine": 301, "endLine": 307, "snippet": { "text": " * @param s Description of the Parameter\n * @return Description of the Return Value\n */\n private Element exec(WebSession s, String command, String args)\n {\n\tSystem.out.println(\"Executing OS command: '\" + command\n\t\t+ \"' with args: '\" + args + \"'\");\n" } } }, "message": { "text": "Function: exec" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 304 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 99, "message": { "text": "Without proper access control, the method findEmployeeProfile() in [FindProfile.java](1) can execute a SQL statement on line [144](1) that contains an attacker-controlled primary key, thereby allowing the attacker to access unauthorized records.\r\nWithout proper access control, executing a SQL statement that contains a user-controlled primary key can allow an attacker to view unauthorized records." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 93 }, "region": { "startLine": 144, "snippet": { "text": "\t\tanswer_statement.setString(1, \"%\" + pattern + \"%\");" } }, "contextRegion": { "startLine": 141, "endLine": 147, "snippet": { "text": "\t\t\t.getConnection(s).prepareStatement(query,\n\t\t\t\tResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tanswer_statement.setString(1, \"%\" + pattern + \"%\");\n\t\tanswer_statement.setString(2, \"%\" + pattern + \"%\");\n\t\tResultSet answer_results = answer_statement.executeQuery();\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 0 }, { "index": 2 }, { "index": 3 }, { "index": 525 }, { "index": 526 }, { "index": 527 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 93 }, "region": { "startLine": 144, "snippet": { "text": "\t\tanswer_statement.setString(1, \"%\" + pattern + \"%\");" } }, "contextRegion": { "startLine": 141, "endLine": 147, "snippet": { "text": "\t\t\t.getConnection(s).prepareStatement(query,\n\t\t\t\tResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tanswer_statement.setString(1, \"%\" + pattern + \"%\");\n\t\tanswer_statement.setString(2, \"%\" + pattern + \"%\");\n\t\tResultSet answer_results = answer_statement.executeQuery();\n\n" } } }, "message": { "text": "setString(1)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 93 }, "region": { "startLine": 144 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 108, "level": "error", "message": { "text": "The method ParameterNotFoundException() in [ParameterNotFoundException.java](1) mishandles confidential information, which can compromise user privacy and is often illegal.\r\nMishandling private information, such as customer passwords or social security numbers, can compromise user privacy and is often illegal." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 77 }, "region": { "startLine": 54, "snippet": { "text": "\tsuper(s);" } }, "contextRegion": { "startLine": 51, "endLine": 57, "snippet": { "text": " */\n public ParameterNotFoundException(String s)\n {\n\tsuper(s);\n }\n}\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 602 }, { "index": 603 }, { "index": 470 }, { "index": 164 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 77 }, "region": { "startLine": 54, "snippet": { "text": "\tsuper(s);" } }, "contextRegion": { "startLine": 51, "endLine": 57, "snippet": { "text": " */\n public ParameterNotFoundException(String s)\n {\n\tsuper(s);\n }\n}\n" } } }, "message": { "text": "Exception(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 77 }, "region": { "startLine": 54, "startColumn": 8 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function main() in [WebgoatProperties.java](1) might reveal system data or debugging information by calling printStackTrace() on line [122](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 120 }, "region": { "startLine": 122, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 119, "endLine": 125, "snippet": { "text": "\tcatch (IOException e)\n\t{\n\t System.out.println(\"Error loading properties\");\n\t e.printStackTrace();\n\t}\n\tSystem.out.println(properties.getProperty(\"CommandInjection.category\"));\n }\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 120 }, "region": { "startLine": 122, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 119, "endLine": 125, "snippet": { "text": "\tcatch (IOException e)\n\t{\n\t System.out.println(\"Error loading properties\");\n\t e.printStackTrace();\n\t}\n\tSystem.out.println(properties.getProperty(\"CommandInjection.category\"));\n }\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 120 }, "region": { "startLine": 122 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 17, "message": { "text": "The catch block at [DatabaseUtilities.java](1) line [108](1) handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program.\r\nThe catch block handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 17 }, "region": { "startLine": 108, "endLine": 112, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t e.printStackTrace();\r\n\t return null;\r\n\t}" } }, "contextRegion": { "startLine": 105, "endLine": 115, "snippet": { "text": "\t\treturn DriverManager.getConnection(\"jdbc:idb:\" + dbName);\n\t }\n\t}\n\tcatch (Exception e)\n\t{\n\t e.printStackTrace();\n\t return null;\n\t}\n }\n\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 17 }, "region": { "startLine": 108, "endLine": 112, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t e.printStackTrace();\r\n\t return null;\r\n\t}" } }, "contextRegion": { "startLine": 105, "endLine": 115, "snippet": { "text": "\t\treturn DriverManager.getConnection(\"jdbc:idb:\" + dbName);\n\t }\n\t}\n\tcatch (Exception e)\n\t{\n\t e.printStackTrace();\n\t return null;\n\t}\n }\n\n\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 17 }, "region": { "startLine": 108, "startColumn": 2, "endLine": 112 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 12, "level": "note", "message": { "text": "On line [98](1) of [ListStaff.java](1), the method getAllEmployees() invokes a SQL query built using input potentially coming from an untrusted source. This call could allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands.\r\nConstructing a dynamic SQL statement with input coming from an untrusted source could allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 108 }, "region": { "startLine": 98, "snippet": { "text": "\t\tResultSet answer_results = answer_statement.executeQuery(query);" } }, "contextRegion": { "startLine": 95, "endLine": 101, "snippet": { "text": "\t\tStatement answer_statement = WebSession.getConnection(s)\n\t\t\t.createStatement(ResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tResultSet answer_results = answer_statement.executeQuery(query);\n\t\tanswer_results.beforeFirst();\n\t\twhile (answer_results.next())\n\t\t{\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 108 }, "region": { "startLine": 98, "snippet": { "text": "\t\tResultSet answer_results = answer_statement.executeQuery(query);" } }, "contextRegion": { "startLine": 95, "endLine": 101, "snippet": { "text": "\t\tStatement answer_statement = WebSession.getConnection(s)\n\t\t\t.createStatement(ResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tResultSet answer_results = answer_statement.executeQuery(query);\n\t\tanswer_results.beforeFirst();\n\t\twhile (answer_results.next())\n\t\t{\n" } } }, "message": { "text": "executeQuery()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 108 }, "region": { "startLine": 98 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 62, "level": "error", "message": { "text": "The method createContent() in [TraceXSS.java](1) sends unvalidated data to a web browser on line [166](1), which can result in the browser executing malicious code.\r\nSending unvalidated data to a web browser can result in the browser executing malicious code." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 62 }, "region": { "startLine": 166, "snippet": { "text": "\t\t\t .getStringParameter(\"QTY4\", \"1\")))" } }, "contextRegion": { "startLine": 163, "endLine": 169, "snippet": { "text": "\n\t tr.addElement(new TD().addElement(\n\t\t new Input(Input.TEXT, \"QTY4\", s.getParser()\n\t\t\t .getStringParameter(\"QTY4\", \"1\")))\n\t\t .setAlign(\"right\"));\n\t quantity = s.getParser().getFloatParameter(\"QTY4\", 1.0f);\n\t total = quantity * 299.99f;\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 67 }, { "index": 68 }, { "index": 69 }, { "index": 70 }, { "index": 76 }, { "index": 77 }, { "index": 136 }, { "index": 137 }, { "index": 622 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 62 }, "region": { "startLine": 166, "snippet": { "text": "\t\t\t .getStringParameter(\"QTY4\", \"1\")))" } }, "contextRegion": { "startLine": 163, "endLine": 169, "snippet": { "text": "\n\t tr.addElement(new TD().addElement(\n\t\t new Input(Input.TEXT, \"QTY4\", s.getParser()\n\t\t\t .getStringParameter(\"QTY4\", \"1\")))\n\t\t .setAlign(\"right\"));\n\t quantity = s.getParser().getFloatParameter(\"QTY4\", 1.0f);\n\t total = quantity * 299.99f;\n" } } }, "message": { "text": "Input(2)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 62 }, "region": { "startLine": 166 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 102, "level": "error", "message": { "text": "On line [340](1) of [UpdateProfile.java](1), the method createEmployeeProfile() invokes a SQL query built using input coming from an untrusted source. This call could allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands.\r\nConstructing a dynamic SQL statement with input coming from an untrusted source could allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 340, "snippet": { "text": "\t\tstatement.executeUpdate(query);" } }, "contextRegion": { "startLine": 337, "endLine": 343, "snippet": { "text": "\t {\n\t\tStatement statement = WebSession.getConnection(s)\n\t\t\t.createStatement();\n\t\tstatement.executeUpdate(query);\n\t }\n\t catch (SQLException sqle)\n\t {\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 623 }, { "index": 624 }, { "index": 625 }, { "index": 90 }, { "index": 91 }, { "index": 627 }, { "index": 93 }, { "index": 628 }, { "index": 629 }, { "index": 97 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 340, "snippet": { "text": "\t\tstatement.executeUpdate(query);" } }, "contextRegion": { "startLine": 337, "endLine": 343, "snippet": { "text": "\t {\n\t\tStatement statement = WebSession.getConnection(s)\n\t\t\t.createStatement();\n\t\tstatement.executeUpdate(query);\n\t }\n\t catch (SQLException sqle)\n\t {\n" } } }, "message": { "text": "executeUpdate(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 340, "startColumn": 27 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 31, "message": { "text": "The class WebgoatProperties contains debug code, which can create unintended entry points in a deployed web application.\r\nDebug code can create unintended entry points in a deployed web application." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 120 }, "region": { "startLine": 112, "snippet": { "text": " public static void main(String[] args)" } }, "contextRegion": { "startLine": 109, "endLine": 115, "snippet": { "text": " }\n\n\n public static void main(String[] args)\n {\n\tWebgoatProperties properties = null;\n\ttry\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 120 }, "region": { "startLine": 112, "snippet": { "text": " public static void main(String[] args)" } }, "contextRegion": { "startLine": 109, "endLine": 115, "snippet": { "text": " }\n\n\n public static void main(String[] args)\n {\n\tWebgoatProperties properties = null;\n\ttry\n" } } }, "message": { "text": "Function: main" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 120 }, "region": { "startLine": 112 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 72, "message": { "text": "The function doFilter() in [Interceptor.java](1) sometimes fails to release a socket allocated by Socket() on line 93.\r\nThe program can potentially fail to release a socket." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 39 }, "region": { "startLine": 99 } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 39 }, "region": { "startLine": 90, "snippet": { "text": "\t if (osgServerName != null && osgServerName.length() != 0" } }, "contextRegion": { "startLine": 87, "endLine": 93, "snippet": { "text": "\ttry\n\t{\n\t //If these parameters are not defined then no communication will happen with OSG\n\t if (osgServerName != null && osgServerName.length() != 0\n\t\t && osgServerPort != null && osgServerPort.length() != 0)\n\t {\n\t\tosgSocket = new Socket(osgServerName, Integer\n" } } }, "message": { "text": "Branch taken" } }, "kinds": [ "branch", "true" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 39 }, "region": { "startLine": 90, "snippet": { "text": "\t if (osgServerName != null && osgServerName.length() != 0" } }, "contextRegion": { "startLine": 87, "endLine": 93, "snippet": { "text": "\ttry\n\t{\n\t //If these parameters are not defined then no communication will happen with OSG\n\t if (osgServerName != null && osgServerName.length() != 0\n\t\t && osgServerPort != null && osgServerPort.length() != 0)\n\t {\n\t\tosgSocket = new Socket(osgServerName, Integer\n" } } }, "message": { "text": "Branch taken" } }, "kinds": [ "branch", "true" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 39 }, "region": { "startLine": 91, "snippet": { "text": "\t\t && osgServerPort != null && osgServerPort.length() != 0)" } }, "contextRegion": { "startLine": 88, "endLine": 94, "snippet": { "text": "\t{\n\t //If these parameters are not defined then no communication will happen with OSG\n\t if (osgServerName != null && osgServerName.length() != 0\n\t\t && osgServerPort != null && osgServerPort.length() != 0)\n\t {\n\t\tosgSocket = new Socket(osgServerName, Integer\n\t\t\t.parseInt(osgServerPort));\n" } } }, "message": { "text": "Branch taken" } }, "kinds": [ "branch", "true" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 39 }, "region": { "startLine": 91, "snippet": { "text": "\t\t && osgServerPort != null && osgServerPort.length() != 0)" } }, "contextRegion": { "startLine": 88, "endLine": 94, "snippet": { "text": "\t{\n\t //If these parameters are not defined then no communication will happen with OSG\n\t if (osgServerName != null && osgServerName.length() != 0\n\t\t && osgServerPort != null && osgServerPort.length() != 0)\n\t {\n\t\tosgSocket = new Socket(osgServerName, Integer\n\t\t\t.parseInt(osgServerPort));\n" } } }, "message": { "text": "Branch taken" } }, "kinds": [ "branch", "true" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 39 }, "region": { "startLine": 93, "snippet": { "text": "\t\tosgSocket = new Socket(osgServerName, Integer" } }, "contextRegion": { "startLine": 90, "endLine": 96, "snippet": { "text": "\t if (osgServerName != null && osgServerName.length() != 0\n\t\t && osgServerPort != null && osgServerPort.length() != 0)\n\t {\n\t\tosgSocket = new Socket(osgServerName, Integer\n\t\t\t.parseInt(osgServerPort));\n\t\tif (osgSocket != null)\n\t\t{\n" } } }, "message": { "text": "osgSocket = new Socket(...)" }, "annotations": [ { "startLine": 93, "startColumn": 3, "message": { "text": "osgSocket refers to an allocated resource" } } ] }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 39 }, "region": { "startLine": 95, "snippet": { "text": "\t\tif (osgSocket != null)" } }, "contextRegion": { "startLine": 92, "endLine": 98, "snippet": { "text": "\t {\n\t\tosgSocket = new Socket(osgServerName, Integer\n\t\t\t.parseInt(osgServerPort));\n\t\tif (osgSocket != null)\n\t\t{\n\t\t out = new PrintWriter(osgSocket.getOutputStream(), true);\n\t\t in = new BufferedReader(new InputStreamReader(osgSocket\n" } } }, "message": { "text": "Branch taken" } }, "kinds": [ "branch", "true" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 39 }, "region": { "startLine": 97, "snippet": { "text": "\t\t out = new PrintWriter(osgSocket.getOutputStream(), true);" } }, "contextRegion": { "startLine": 94, "endLine": 100, "snippet": { "text": "\t\t\t.parseInt(osgServerPort));\n\t\tif (osgSocket != null)\n\t\t{\n\t\t out = new PrintWriter(osgSocket.getOutputStream(), true);\n\t\t in = new BufferedReader(new InputStreamReader(osgSocket\n\t\t\t .getInputStream()));\n\t\t //String message = \"HTTPRECEIVEHTTPREQUEST,-,DataValidation_SqlInjection_Basic.aspx\";\n" } } }, "message": { "text": "osgSocket.getOutputStream()" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 39 }, "region": { "startLine": 99, "snippet": { "text": "" } }, "contextRegion": { "startLine": 96, "endLine": 101, "snippet": { "text": "\t\t{\n\t\t out = new PrintWriter(osgSocket.getOutputStream(), true);\n\t\t in = new BufferedReader(new InputStreamReader(osgSocket\n\t\t\t .getInputStream()));\n\t\t //String message = \"HTTPRECEIVEHTTPREQUEST,-,DataValidation_SqlInjection_Basic.aspx\";\n\t\t //out.println(message);\n" } } }, "message": { "text": "osgSocket.getInputStream()" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 39 }, "region": { "startLine": 105, "snippet": { "text": "\t }" } }, "contextRegion": { "startLine": 102, "endLine": 108, "snippet": { "text": "\n\t\t //System.out.println(in.readLine());\n\t\t}\n\t }\n\n\t}\n\tcatch (UnknownHostException e)\n" } } }, "message": { "text": "osgSocket no longer refers to an allocated resource" } }, "kinds": [ "exit", "scope" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 39 }, "region": { "startLine": 123, "snippet": { "text": "\t if (in != null)" } }, "contextRegion": { "startLine": 120, "endLine": 126, "snippet": { "text": "\t {\n\t\tout.close();\n\t }\n\t if (in != null)\n\t {\n\t\tin.close();\n\t }\n" } } }, "message": { "text": "Branch taken" } }, "kinds": [ "branch", "true" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 39 }, "region": { "startLine": 125, "snippet": { "text": "\t\tin.close();" } }, "contextRegion": { "startLine": 122, "endLine": 128, "snippet": { "text": "\t }\n\t if (in != null)\n\t {\n\t\tin.close();\n\t }\n\t if (osgSocket != null)\n\t {\n" } } }, "message": { "text": "java.io.IOException thrown" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 39 }, "region": { "startLine": 125, "snippet": { "text": "\t\tin.close();" } }, "contextRegion": { "startLine": 122, "endLine": 128, "snippet": { "text": "\t }\n\t if (in != null)\n\t {\n\t\tin.close();\n\t }\n\t if (osgSocket != null)\n\t {\n" } } }, "message": { "text": "throw" } }, "kinds": [ "return", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 39 }, "region": { "startLine": 125, "snippet": { "text": "\t\tin.close();" } }, "contextRegion": { "startLine": 122, "endLine": 128, "snippet": { "text": "\t }\n\t if (in != null)\n\t {\n\t\tin.close();\n\t }\n\t if (osgSocket != null)\n\t {\n" } } }, "message": { "text": "osgSocket no longer refers to an allocated resource" } }, "kinds": [ "exit", "scope" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 39 }, "region": { "startLine": 125, "snippet": { "text": "\t\tin.close();" } }, "contextRegion": { "startLine": 122, "endLine": 128, "snippet": { "text": "\t }\n\t if (in != null)\n\t {\n\t\tin.close();\n\t }\n\t if (osgSocket != null)\n\t {\n" } } }, "message": { "text": "osgSocket end scope : Resource leaked : java.io.IOException thrown" } }, "kinds": [ "exit", "scope" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 39 }, "region": { "startLine": 99 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 51, "message": { "text": "The SOAP Monitor module allows attackers to sniff SOAP traffic." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 86 }, "region": { "startLine": 90, "snippet": { "text": " SOAPMonitorService" } }, "contextRegion": { "startLine": 87, "endLine": 93, "snippet": { "text": "\n \n SOAPMonitorService\n SOAPMonitorService\n \n org.apache.axis.monitor.SOAPMonitorService\n \n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 86 }, "region": { "startLine": 90, "snippet": { "text": " SOAPMonitorService" } }, "contextRegion": { "startLine": 87, "endLine": 93, "snippet": { "text": "\n \n SOAPMonitorService\n SOAPMonitorService\n \n org.apache.axis.monitor.SOAPMonitorService\n \n" } } } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 86 }, "region": { "startLine": 90 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 51, "message": { "text": "The SOAP Monitor module allows attackers to sniff SOAP traffic." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 86 }, "region": { "startLine": 91, "snippet": { "text": " " } }, "contextRegion": { "startLine": 88, "endLine": 94, "snippet": { "text": " \n SOAPMonitorService\n SOAPMonitorService\n \n org.apache.axis.monitor.SOAPMonitorService\n \n \n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 86 }, "region": { "startLine": 91, "snippet": { "text": " " } }, "contextRegion": { "startLine": 88, "endLine": 94, "snippet": { "text": " \n SOAPMonitorService\n SOAPMonitorService\n \n org.apache.axis.monitor.SOAPMonitorService\n \n \n" } } } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 86 }, "region": { "startLine": 91 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 51, "message": { "text": "The SOAP Monitor module allows attackers to sniff SOAP traffic." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 86 }, "region": { "startLine": 89, "snippet": { "text": " SOAPMonitorService" } }, "contextRegion": { "startLine": 86, "endLine": 92, "snippet": { "text": " \n\n \n SOAPMonitorService\n SOAPMonitorService\n \n org.apache.axis.monitor.SOAPMonitorService\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 86 }, "region": { "startLine": 89, "snippet": { "text": " SOAPMonitorService" } }, "contextRegion": { "startLine": 86, "endLine": 92, "snippet": { "text": " \n\n \n SOAPMonitorService\n SOAPMonitorService\n \n org.apache.axis.monitor.SOAPMonitorService\n" } } } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 86 }, "region": { "startLine": 89 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 51, "message": { "text": "The SOAP Monitor module allows attackers to sniff SOAP traffic." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 86 }, "region": { "startLine": 95, "snippet": { "text": " SOAPMonitorPort" } }, "contextRegion": { "startLine": 92, "endLine": 98, "snippet": { "text": " org.apache.axis.monitor.SOAPMonitorService\n \n \n SOAPMonitorPort\n 5001\n \n 100\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 86 }, "region": { "startLine": 95, "snippet": { "text": " SOAPMonitorPort" } }, "contextRegion": { "startLine": 92, "endLine": 98, "snippet": { "text": " org.apache.axis.monitor.SOAPMonitorService\n \n \n SOAPMonitorPort\n 5001\n \n 100\n" } } } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 86 }, "region": { "startLine": 95 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 51, "message": { "text": "The SOAP Monitor module allows attackers to sniff SOAP traffic." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 86 }, "region": { "startLine": 216, "snippet": { "text": " SOAPMonitorService" } }, "contextRegion": { "startLine": 213, "endLine": 219, "snippet": { "text": " \n \n \n SOAPMonitorService\n /SOAPMonitor\n \n \n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 86 }, "region": { "startLine": 216, "snippet": { "text": " SOAPMonitorService" } }, "contextRegion": { "startLine": 213, "endLine": 219, "snippet": { "text": " \n \n \n SOAPMonitorService\n /SOAPMonitor\n \n \n" } } } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 86 }, "region": { "startLine": 216 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 51, "message": { "text": "The SOAP Monitor module allows attackers to sniff SOAP traffic." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 86 }, "region": { "startLine": 217, "snippet": { "text": " /SOAPMonitor" } }, "contextRegion": { "startLine": 214, "endLine": 220, "snippet": { "text": " \n \n SOAPMonitorService\n /SOAPMonitor\n \n \n \n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 86 }, "region": { "startLine": 217, "snippet": { "text": " /SOAPMonitor" } }, "contextRegion": { "startLine": 214, "endLine": 220, "snippet": { "text": " \n \n SOAPMonitorService\n /SOAPMonitor\n \n \n \n" } } } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 86 }, "region": { "startLine": 217 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 102, "level": "error", "message": { "text": "On line [248](1) of [UpdateProfile.java](1), the method changeEmployeeProfile() invokes a SQL query built using input coming from an untrusted source. This call could allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands.\r\nConstructing a dynamic SQL statement with input coming from an untrusted source could allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 248, "snippet": { "text": "\t\tanswer_statement.executeUpdate(query);" } }, "contextRegion": { "startLine": 245, "endLine": 251, "snippet": { "text": "\t\tStatement answer_statement = WebSession.getConnection(s)\n\t\t\t.createStatement(ResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tanswer_statement.executeUpdate(query);\n\t }\n\t catch (SQLException sqle)\n\t {\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 86 }, { "index": 87 }, { "index": 88 }, { "index": 90 }, { "index": 91 }, { "index": 92 }, { "index": 93 }, { "index": 631 }, { "index": 632 }, { "index": 149 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 248, "snippet": { "text": "\t\tanswer_statement.executeUpdate(query);" } }, "contextRegion": { "startLine": 245, "endLine": 251, "snippet": { "text": "\t\tStatement answer_statement = WebSession.getConnection(s)\n\t\t\t.createStatement(ResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tanswer_statement.executeUpdate(query);\n\t }\n\t catch (SQLException sqle)\n\t {\n" } } }, "message": { "text": "executeUpdate(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 248, "startColumn": 34 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 126, "level": "error", "message": { "text": "On line [90](1) of [ViewDatabase.java](1), the method createContent() invokes a SQL query built using input coming from an untrusted source. This call could allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands.\r\nConstructing a dynamic SQL statement with input coming from an untrusted source could allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 114 }, "region": { "startLine": 90, "snippet": { "text": "\t\t\t.toString());" } }, "contextRegion": { "startLine": 87, "endLine": 93, "snippet": { "text": "\t\t\tResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tResultSet results = statement.executeQuery(sqlStatement\n\t\t\t.toString());\n\n\t\tif ((results != null) && (results.first() == true))\n\t\t{\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 0 }, { "index": 2 }, { "index": 3 }, { "index": 7 }, { "index": 10 }, { "index": 633 }, { "index": 634 }, { "index": 635 }, { "index": 636 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 114 }, "region": { "startLine": 90, "snippet": { "text": "\t\t\t.toString());" } }, "contextRegion": { "startLine": 87, "endLine": 93, "snippet": { "text": "\t\t\tResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tResultSet results = statement.executeQuery(sqlStatement\n\t\t\t.toString());\n\n\t\tif ((results != null) && (results.first() == true))\n\t\t{\n" } } }, "message": { "text": "executeQuery(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 114 }, "region": { "startLine": 90 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 125, "level": "error", "message": { "text": "The method _jspService() in [ViewProfile.jsp](1) mishandles confidential information, which can compromise user privacy and is often illegal.\r\nMishandling private information, such as customer passwords or social security numbers, can compromise user privacy and is often illegal." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 44 }, "region": { "startLine": 67, "snippet": { "text": "\t\t\t\t\t\t<%=employee.getCcn()%>" } }, "contextRegion": { "startLine": 64, "endLine": 70, "snippet": { "text": "\t\t\t\t\t\tCredit Card: \n\t\t\t\t\t\n\t\t\t\t\t\t<%=employee.getCcn()%>\n\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\tCredit Card Limit: \n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 421 }, { "index": 422 }, { "index": 637 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 44 }, "region": { "startLine": 67, "snippet": { "text": "\t\t\t\t\t\t<%=employee.getCcn()%>" } }, "contextRegion": { "startLine": 64, "endLine": 70, "snippet": { "text": "\t\t\t\t\t\tCredit Card: \n\t\t\t\t\t\n\t\t\t\t\t\t<%=employee.getCcn()%>\n\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\tCredit Card Limit: \n" } } }, "message": { "text": "print(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 44 }, "region": { "startLine": 67 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 35, "message": { "text": "The method store() in [LessonTracker.java](1) can crash the program by dereferencing a null pointer on line [401](1).\r\nThe program can potentially dereference a null pointer, thereby causing a null pointer exception." }, "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 14 }, "region": { "startLine": 388, "snippet": { "text": "\t out = new FileOutputStream(fileName);" } }, "contextRegion": { "startLine": 385, "endLine": 391, "snippet": { "text": "\t\tBoolean.toString(viewedSource));\n\ttry\n\t{\n\t out = new FileOutputStream(fileName);\n\t lessonProperties.store(out, s.getUserName());\n\t}\n\tcatch (Exception e)\n" } } }, "message": { "text": "java.lang.Exception thrown" }, "annotations": [ { "startLine": 401, "startColumn": 3, "message": { "text": "Dereferenced : out" } } ] }, "kinds": [ "unknown" ] } ] } ] } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 33, "level": "note", "message": { "text": "Using println() rather than a dedicated logging facility makes it difficult to monitor the behavior of the program.\r\nUsing `System.out` or `System.err` rather than a dedicated logging facility makes it difficult to monitor the behavior of the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 40 }, "region": { "startLine": 447, "snippet": { "text": "\t System.out.println(\"Error: unable to drop employee table\");" } }, "contextRegion": { "startLine": 444, "endLine": 450, "snippet": { "text": "\t}\n\tcatch (SQLException e)\n\t{\n\t System.out.println(\"Error: unable to drop employee table\");\n\t}\n\n\t// Create Table\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 40 }, "region": { "startLine": 447, "snippet": { "text": "\t System.out.println(\"Error: unable to drop employee table\");" } }, "contextRegion": { "startLine": 444, "endLine": 450, "snippet": { "text": "\t}\n\tcatch (SQLException e)\n\t{\n\t System.out.println(\"Error: unable to drop employee table\");\n\t}\n\n\t// Create Table\n" } } }, "message": { "text": "FunctionCall: println" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 40 }, "region": { "startLine": 447 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 33, "level": "note", "message": { "text": "Using println() rather than a dedicated logging facility makes it difficult to monitor the behavior of the program.\r\nUsing `System.out` or `System.err` rather than a dedicated logging facility makes it difficult to monitor the behavior of the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 40 }, "region": { "startLine": 472, "snippet": { "text": "\t System.out.println(\"Error: unable to create employee table\");" } }, "contextRegion": { "startLine": 469, "endLine": 475, "snippet": { "text": "\t}\n\tcatch (SQLException e)\n\t{\n\t System.out.println(\"Error: unable to create employee table\");\n\t}\n\n\tString insertData1 = \"INSERT INTO employee VALUES (101, 'Larry', 'Stooge', '386-09-5451', 'larry',\"\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 40 }, "region": { "startLine": 472, "snippet": { "text": "\t System.out.println(\"Error: unable to create employee table\");" } }, "contextRegion": { "startLine": 469, "endLine": 475, "snippet": { "text": "\t}\n\tcatch (SQLException e)\n\t{\n\t System.out.println(\"Error: unable to create employee table\");\n\t}\n\n\tString insertData1 = \"INSERT INTO employee VALUES (101, 'Larry', 'Stooge', '386-09-5451', 'larry',\"\n" } } }, "message": { "text": "FunctionCall: println" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 40 }, "region": { "startLine": 472 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function createContent() in [HttpBasics.java](1) might reveal system data or debugging information by calling printStackTrace() on line [78](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 21 }, "region": { "startLine": 78, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 75, "endLine": 81, "snippet": { "text": "\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\n\t e.printStackTrace();\n\t}\n\n\tif (!person.toString().equals(\"\")\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 21 }, "region": { "startLine": 78, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 75, "endLine": 81, "snippet": { "text": "\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\n\t e.printStackTrace();\n\t}\n\n\tif (!person.toString().equals(\"\")\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 21 }, "region": { "startLine": 78 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 58, "level": "note", "message": { "text": "The expression (or part of it) at [Exec.java](1) line [118](1) will always evaluate to `true`.\r\nThis expression (or part of it) will always evaluate to `true`." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 74 }, "region": { "startLine": 118, "snippet": { "text": "\t if ((input != null) && !input.equals(\"\"))" } }, "contextRegion": { "startLine": 115, "endLine": 121, "snippet": { "text": "\t }\n\n\t // Write to the child process' input stream\n\t if ((input != null) && !input.equals(\"\"))\n\t {\n\t\ttry\n\t\t{\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 74 }, "region": { "startLine": 118, "snippet": { "text": "\t if ((input != null) && !input.equals(\"\"))" } }, "contextRegion": { "startLine": 115, "endLine": 121, "snippet": { "text": "\t }\n\n\t // Write to the child process' input stream\n\t if ((input != null) && !input.equals(\"\"))\n\t {\n\t\ttry\n\t\t{\n" } } }, "message": { "text": "IfStatement" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 74 }, "region": { "startLine": 118, "snippet": { "text": "\t if ((input != null) && !input.equals(\"\"))" } }, "contextRegion": { "startLine": 115, "endLine": 121, "snippet": { "text": "\t }\n\n\t // Write to the child process' input stream\n\t if ((input != null) && !input.equals(\"\"))\n\t {\n\t\ttry\n\t\t{\n" } } }, "message": { "text": "Operation" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 74 }, "region": { "startLine": 118, "startColumn": 11 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 77, "level": "note", "message": { "text": "The method getResults() in [WSDLScanning.java](1) ignores an exception on line [290](1), which could cause the program to overlook unexpected states and conditions.\r\nIgnoring an exception can cause the program to overlook unexpected states and conditions." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 83 }, "region": { "startLine": 290, "endLine": 291, "snippet": { "text": "\t catch (SQLException sqle)\r\n\t {}" } }, "contextRegion": { "startLine": 287, "endLine": 294, "snippet": { "text": "\t\t return results.getString(field);\n\t\t}\n\t }\n\t catch (SQLException sqle)\n\t {}\n\t}\n\tcatch (Exception e)\n\t{}\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 83 }, "region": { "startLine": 290, "endLine": 291, "snippet": { "text": "\t catch (SQLException sqle)\r\n\t {}" } }, "contextRegion": { "startLine": 287, "endLine": 294, "snippet": { "text": "\t\t return results.getString(field);\n\t\t}\n\t }\n\t catch (SQLException sqle)\n\t {}\n\t}\n\tcatch (Exception e)\n\t{}\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 83 }, "region": { "startLine": 290, "startColumn": 6, "endLine": 291 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 77, "level": "note", "message": { "text": "The method getResults() in [WSDLScanning.java](1) ignores an exception on line [293](1), which could cause the program to overlook unexpected states and conditions.\r\nIgnoring an exception can cause the program to overlook unexpected states and conditions." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 83 }, "region": { "startLine": 293, "endLine": 294, "snippet": { "text": "\tcatch (Exception e)\r\n\t{}" } }, "contextRegion": { "startLine": 290, "endLine": 297, "snippet": { "text": "\t catch (SQLException sqle)\n\t {}\n\t}\n\tcatch (Exception e)\n\t{}\n\treturn null;\n }\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 83 }, "region": { "startLine": 293, "endLine": 294, "snippet": { "text": "\tcatch (Exception e)\r\n\t{}" } }, "contextRegion": { "startLine": 290, "endLine": 297, "snippet": { "text": "\t catch (SQLException sqle)\n\t {}\n\t}\n\tcatch (Exception e)\n\t{}\n\treturn null;\n }\n\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 83 }, "region": { "startLine": 293, "startColumn": 2, "endLine": 294 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 62, "level": "error", "message": { "text": "The method injectableQuery() in [SqlNumericInjection.java](1) sends unvalidated data to a web browser on line [115](1), which can result in the browser executing malicious code.\r\nSending unvalidated data to a web browser can result in the browser executing malicious code." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 65 }, "region": { "startLine": 115, "snippet": { "text": "\t ec.addElement(new PRE(query));" } }, "contextRegion": { "startLine": 112, "endLine": 118, "snippet": { "text": "\t\tquery = \"SELECT * FROM weather_data WHERE station = \" + station;\n\t }\n\n\t ec.addElement(new PRE(query));\n\n\t if (station == null)\n\t\treturn ec;\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 0 }, { "index": 2 }, { "index": 3 }, { "index": 7 }, { "index": 10 }, { "index": 638 }, { "index": 639 }, { "index": 640 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 65 }, "region": { "startLine": 115, "snippet": { "text": "\t ec.addElement(new PRE(query));" } }, "contextRegion": { "startLine": 112, "endLine": 118, "snippet": { "text": "\t\tquery = \"SELECT * FROM weather_data WHERE station = \" + station;\n\t }\n\n\t ec.addElement(new PRE(query));\n\n\t if (station == null)\n\t\treturn ec;\n" } } }, "message": { "text": "PRE(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 65 }, "region": { "startLine": 115, "startColumn": 28 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function doPost() in [LessonSource.java](1) might reveal system data or debugging information by calling printStackTrace() on line [93](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 117 }, "region": { "startLine": 93, "snippet": { "text": "\t t.printStackTrace();" } }, "contextRegion": { "startLine": 90, "endLine": 96, "snippet": { "text": "\t}\n\tcatch (Throwable t)\n\t{\n\t t.printStackTrace();\n\t log(\"ERROR: \" + t);\n\t}\n\tfinally\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 117 }, "region": { "startLine": 93, "snippet": { "text": "\t t.printStackTrace();" } }, "contextRegion": { "startLine": 90, "endLine": 96, "snippet": { "text": "\t}\n\tcatch (Throwable t)\n\t{\n\t t.printStackTrace();\n\t log(\"ERROR: \" + t);\n\t}\n\tfinally\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 117 }, "region": { "startLine": 93 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 127, "message": { "text": "The method execOptions() in [Exec.java](1) calls start() on line [303](1). Thread management in a web application is forbidden in some circumstances and is always highly error prone.\r\nThread management in a web application is forbidden in some circumstances and is always highly error prone." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 74 }, "region": { "startLine": 303, "snippet": { "text": "\t\tnew Thread(watcher).start();" } }, "contextRegion": { "startLine": 300, "endLine": 306, "snippet": { "text": "\t if (timeout > 0)\n\t {\n\t\twatcher = new ThreadWatcher(child, interrupted, timeout);\n\t\tnew Thread(watcher).start();\n\t }\n\n\t // Write to the child process' input stream\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 74 }, "region": { "startLine": 303, "snippet": { "text": "\t\tnew Thread(watcher).start();" } }, "contextRegion": { "startLine": 300, "endLine": 306, "snippet": { "text": "\t if (timeout > 0)\n\t {\n\t\twatcher = new ThreadWatcher(child, interrupted, timeout);\n\t\tnew Thread(watcher).start();\n\t }\n\n\t // Write to the child process' input stream\n" } } }, "message": { "text": "start()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 74 }, "region": { "startLine": 303 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 127, "message": { "text": "The method execOptions() in [Exec.java](1) calls start() on line [114](1). Thread management in a web application is forbidden in some circumstances and is always highly error prone.\r\nThread management in a web application is forbidden in some circumstances and is always highly error prone." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 74 }, "region": { "startLine": 114, "snippet": { "text": "\t\tnew Thread(watcher).start();" } }, "contextRegion": { "startLine": 111, "endLine": 117, "snippet": { "text": "\t if (timeout > 0)\n\t {\n\t\twatcher = new ThreadWatcher(child, interrupted, timeout);\n\t\tnew Thread(watcher).start();\n\t }\n\n\t // Write to the child process' input stream\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 74 }, "region": { "startLine": 114, "snippet": { "text": "\t\tnew Thread(watcher).start();" } }, "contextRegion": { "startLine": 111, "endLine": 117, "snippet": { "text": "\t if (timeout > 0)\n\t {\n\t\twatcher = new ThreadWatcher(child, interrupted, timeout);\n\t\tnew Thread(watcher).start();\n\t }\n\n\t // Write to the child process' input stream\n" } } }, "message": { "text": "start()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 74 }, "region": { "startLine": 114 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 42, "message": { "text": "The method setSessionAttribute() in [DefaultLessonAction.java](1) commingles trusted and untrusted data in the same data structure, which encourages programmers to mistakenly trust unvalidated data.\r\nCommingling trusted and untrusted data in the same data structure encourages programmers to mistakenly trust unvalidated data." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 106 }, "region": { "startLine": 89, "snippet": { "text": "\t\ts.getRequest().getSession().setAttribute(name, value);" } }, "contextRegion": { "startLine": 86, "endLine": 92, "snippet": { "text": "\t\n\tpublic void setSessionAttribute(WebSession s, String name, Object value)\n\t{\n\t\ts.getRequest().getSession().setAttribute(name, value);\n\t}\n\t\n\tpublic void setRequestAttribute(WebSession s, String name, Object value)\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 641 }, { "index": 642 }, { "index": 643 }, { "index": 644 }, { "index": 645 }, { "index": 646 }, { "index": 647 }, { "index": 648 }, { "index": 649 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 106 }, "region": { "startLine": 89, "snippet": { "text": "\t\ts.getRequest().getSession().setAttribute(name, value);" } }, "contextRegion": { "startLine": 86, "endLine": 92, "snippet": { "text": "\t\n\tpublic void setSessionAttribute(WebSession s, String name, Object value)\n\t{\n\t\ts.getRequest().getSession().setAttribute(name, value);\n\t}\n\t\n\tpublic void setRequestAttribute(WebSession s, String name, Object value)\n" } } }, "message": { "text": "setAttribute(1)" } }, "kinds": [ "call", "function" ] } ] } ] }, { "threadFlows": [ { "locations": [ { "index": 641 }, { "index": 642 }, { "index": 650 }, { "index": 651 }, { "index": 645 }, { "index": 646 }, { "index": 652 }, { "index": 648 }, { "index": 649 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 106 }, "region": { "startLine": 89, "snippet": { "text": "\t\ts.getRequest().getSession().setAttribute(name, value);" } }, "contextRegion": { "startLine": 86, "endLine": 92, "snippet": { "text": "\t\n\tpublic void setSessionAttribute(WebSession s, String name, Object value)\n\t{\n\t\ts.getRequest().getSession().setAttribute(name, value);\n\t}\n\t\n\tpublic void setRequestAttribute(WebSession s, String name, Object value)\n" } } }, "message": { "text": "setAttribute(1)" } }, "kinds": [ "call", "function" ] } ] } ] }, { "threadFlows": [ { "locations": [ { "index": 641 }, { "index": 642 }, { "index": 653 }, { "index": 654 }, { "index": 645 }, { "index": 646 }, { "index": 655 }, { "index": 648 }, { "index": 649 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 106 }, "region": { "startLine": 89, "snippet": { "text": "\t\ts.getRequest().getSession().setAttribute(name, value);" } }, "contextRegion": { "startLine": 86, "endLine": 92, "snippet": { "text": "\t\n\tpublic void setSessionAttribute(WebSession s, String name, Object value)\n\t{\n\t\ts.getRequest().getSession().setAttribute(name, value);\n\t}\n\t\n\tpublic void setRequestAttribute(WebSession s, String name, Object value)\n" } } }, "message": { "text": "setAttribute(1)" } }, "kinds": [ "call", "function" ] } ] } ] }, { "threadFlows": [ { "locations": [ { "index": 641 }, { "index": 642 }, { "index": 653 }, { "index": 656 }, { "index": 645 }, { "index": 646 }, { "index": 657 }, { "index": 648 }, { "index": 649 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 106 }, "region": { "startLine": 89, "snippet": { "text": "\t\ts.getRequest().getSession().setAttribute(name, value);" } }, "contextRegion": { "startLine": 86, "endLine": 92, "snippet": { "text": "\t\n\tpublic void setSessionAttribute(WebSession s, String name, Object value)\n\t{\n\t\ts.getRequest().getSession().setAttribute(name, value);\n\t}\n\t\n\tpublic void setRequestAttribute(WebSession s, String name, Object value)\n" } } }, "message": { "text": "setAttribute(1)" } }, "kinds": [ "call", "function" ] } ] } ] }, { "threadFlows": [ { "locations": [ { "index": 641 }, { "index": 642 }, { "index": 658 }, { "index": 660 }, { "index": 645 }, { "index": 646 }, { "index": 663 }, { "index": 648 }, { "index": 649 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 106 }, "region": { "startLine": 89, "snippet": { "text": "\t\ts.getRequest().getSession().setAttribute(name, value);" } }, "contextRegion": { "startLine": 86, "endLine": 92, "snippet": { "text": "\t\n\tpublic void setSessionAttribute(WebSession s, String name, Object value)\n\t{\n\t\ts.getRequest().getSession().setAttribute(name, value);\n\t}\n\t\n\tpublic void setRequestAttribute(WebSession s, String name, Object value)\n" } } }, "message": { "text": "setAttribute(1)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 106 }, "region": { "startLine": 89, "startColumn": 50 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 126, "level": "error", "message": { "text": "On line [220](1) of [Challenge2Screen.java](1), the method doStage2() invokes a SQL query built using input coming from an untrusted source. This call could allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands.\r\nConstructing a dynamic SQL statement with input coming from an untrusted source could allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 220, "snippet": { "text": "\t ResultSet results = statement3.executeQuery(query);" } }, "contextRegion": { "startLine": 217, "endLine": 223, "snippet": { "text": "\tVector v = new Vector();\n\ttry\n\t{\n\t ResultSet results = statement3.executeQuery(query);\n\n\t while (results.next())\n\t {\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 659 }, { "index": 661 }, { "index": 662 }, { "index": 664 }, { "index": 665 }, { "index": 666 }, { "index": 667 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 220, "snippet": { "text": "\t ResultSet results = statement3.executeQuery(query);" } }, "contextRegion": { "startLine": 217, "endLine": 223, "snippet": { "text": "\tVector v = new Vector();\n\ttry\n\t{\n\t ResultSet results = statement3.executeQuery(query);\n\n\t while (results.next())\n\t {\n" } } }, "message": { "text": "executeQuery(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 220, "startColumn": 50 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function parameterizedQuery() in [SqlStringInjection.java](1) might reveal system data or debugging information by calling printStackTrace() on line [222](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 13 }, "region": { "startLine": 222, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 219, "endLine": 225, "snippet": { "text": "\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\n\t e.printStackTrace();\n\t}\n\n\treturn (ec);\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 13 }, "region": { "startLine": 222, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 219, "endLine": 225, "snippet": { "text": "\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\n\t e.printStackTrace();\n\t}\n\n\treturn (ec);\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 13 }, "region": { "startLine": 222 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 33, "level": "note", "message": { "text": "Using println() rather than a dedicated logging facility makes it difficult to monitor the behavior of the program.\r\nUsing `System.out` or `System.err` rather than a dedicated logging facility makes it difficult to monitor the behavior of the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 40 }, "region": { "startLine": 150, "snippet": { "text": "\t System.out.println(\"Error dropping message database\");" } }, "contextRegion": { "startLine": 147, "endLine": 153, "snippet": { "text": "\t}\n\tcatch (SQLException e)\n\t{\n\t System.out.println(\"Error dropping message database\");\n\t}\n\n\t// Create the new table\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 40 }, "region": { "startLine": 150, "snippet": { "text": "\t System.out.println(\"Error dropping message database\");" } }, "contextRegion": { "startLine": 147, "endLine": 153, "snippet": { "text": "\t}\n\tcatch (SQLException e)\n\t{\n\t System.out.println(\"Error dropping message database\");\n\t}\n\n\t// Create the new table\n" } } }, "message": { "text": "FunctionCall: println" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 40 }, "region": { "startLine": 150 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 33, "level": "note", "message": { "text": "Using println() rather than a dedicated logging facility makes it difficult to monitor the behavior of the program.\r\nUsing `System.out` or `System.err` rather than a dedicated logging facility makes it difficult to monitor the behavior of the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 40 }, "region": { "startLine": 164, "snippet": { "text": "\t System.out.println(\"Error creating message database\");" } }, "contextRegion": { "startLine": 161, "endLine": 167, "snippet": { "text": "\t}\n\tcatch (SQLException e)\n\t{\n\t System.out.println(\"Error creating message database\");\n\t e.printStackTrace();\n\t}\n }\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 40 }, "region": { "startLine": 164, "snippet": { "text": "\t System.out.println(\"Error creating message database\");" } }, "contextRegion": { "startLine": 161, "endLine": 167, "snippet": { "text": "\t}\n\tcatch (SQLException e)\n\t{\n\t System.out.println(\"Error creating message database\");\n\t e.printStackTrace();\n\t}\n }\n" } } }, "message": { "text": "FunctionCall: println" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 40 }, "region": { "startLine": 164 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 62, "level": "error", "message": { "text": "The method createContent() in [JavaScriptValidation.java](1) sends unvalidated data to a web browser on line [151](1), which can result in the browser executing malicious code.\r\nSending unvalidated data to a web browser can result in the browser executing malicious code." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 8 }, "region": { "startLine": 151, "snippet": { "text": "\t TextArea input1 = new TextArea(\"field1\", 1, 25).addElement(param1);" } }, "contextRegion": { "startLine": 148, "endLine": 154, "snippet": { "text": "\t String param7 = s.getParser().getRawParameter(\"field7\",\n\t\t \"301-604-4882\");\n\t ec.addElement(new StringElement(script));\n\t TextArea input1 = new TextArea(\"field1\", 1, 25).addElement(param1);\n\t TextArea input2 = new TextArea(\"field2\", 1, 25).addElement(param2);\n\t TextArea input3 = new TextArea(\"field3\", 1, 25).addElement(param3);\n\t TextArea input4 = new TextArea(\"field4\", 1, 25).addElement(param4);\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 0 }, { "index": 2 }, { "index": 3 }, { "index": 7 }, { "index": 10 }, { "index": 668 }, { "index": 669 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 8 }, "region": { "startLine": 151, "snippet": { "text": "\t TextArea input1 = new TextArea(\"field1\", 1, 25).addElement(param1);" } }, "contextRegion": { "startLine": 148, "endLine": 154, "snippet": { "text": "\t String param7 = s.getParser().getRawParameter(\"field7\",\n\t\t \"301-604-4882\");\n\t ec.addElement(new StringElement(script));\n\t TextArea input1 = new TextArea(\"field1\", 1, 25).addElement(param1);\n\t TextArea input2 = new TextArea(\"field2\", 1, 25).addElement(param2);\n\t TextArea input3 = new TextArea(\"field3\", 1, 25).addElement(param3);\n\t TextArea input4 = new TextArea(\"field4\", 1, 25).addElement(param4);\n" } } }, "message": { "text": "addElement(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 8 }, "region": { "startLine": 151, "startColumn": 65 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 33, "level": "note", "message": { "text": "Using println() rather than a dedicated logging facility makes it difficult to monitor the behavior of the program.\r\nUsing `System.out` or `System.err` rather than a dedicated logging facility makes it difficult to monitor the behavior of the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 46 }, "region": { "startLine": 1112, "snippet": { "text": "\t\tSystem.out.println(\"Restarting lesson: \" + getLesson(lessonId));" } }, "contextRegion": { "startLine": 1109, "endLine": 1115, "snippet": { "text": "\t\n\tprivate void restartLesson(int lessonId)\n\t{\n\t\tSystem.out.println(\"Restarting lesson: \" + getLesson(lessonId));\n\t\tgetCurrentLesson().getLessonTracker( this ).setStage(1);\n\t\tgetCurrentLesson().getLessonTracker( this ).setCompleted(false);\n\t}\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 46 }, "region": { "startLine": 1112, "snippet": { "text": "\t\tSystem.out.println(\"Restarting lesson: \" + getLesson(lessonId));" } }, "contextRegion": { "startLine": 1109, "endLine": 1115, "snippet": { "text": "\t\n\tprivate void restartLesson(int lessonId)\n\t{\n\t\tSystem.out.println(\"Restarting lesson: \" + getLesson(lessonId));\n\t\tgetCurrentLesson().getLessonTracker( this ).setStage(1);\n\t\tgetCurrentLesson().getLessonTracker( this ).setCompleted(false);\n\t}\n" } } }, "message": { "text": "FunctionCall: println" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 46 }, "region": { "startLine": 1112 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 62, "level": "error", "message": { "text": "The method createContent() in [TraceXSS.java](1) sends unvalidated data to a web browser on line [124](1), which can result in the browser executing malicious code.\r\nSending unvalidated data to a web browser can result in the browser executing malicious code." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 62 }, "region": { "startLine": 124, "snippet": { "text": "\t\t\t .getStringParameter(\"QTY1\", \"1\")))" } }, "contextRegion": { "startLine": 121, "endLine": 127, "snippet": { "text": "\t tr.addElement(new TD().addElement(\"69.99\").setAlign(\"right\"));\n\t tr.addElement(new TD().addElement(\n\t\t new Input(Input.TEXT, \"QTY1\", s.getParser()\n\t\t\t .getStringParameter(\"QTY1\", \"1\")))\n\t\t .setAlign(\"right\"));\n\t quantity = s.getParser().getFloatParameter(\"QTY1\", 1.0f);\n\t total = quantity * 69.99f;\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 67 }, { "index": 68 }, { "index": 69 }, { "index": 70 }, { "index": 76 }, { "index": 77 }, { "index": 136 }, { "index": 137 }, { "index": 676 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 62 }, "region": { "startLine": 124, "snippet": { "text": "\t\t\t .getStringParameter(\"QTY1\", \"1\")))" } }, "contextRegion": { "startLine": 121, "endLine": 127, "snippet": { "text": "\t tr.addElement(new TD().addElement(\"69.99\").setAlign(\"right\"));\n\t tr.addElement(new TD().addElement(\n\t\t new Input(Input.TEXT, \"QTY1\", s.getParser()\n\t\t\t .getStringParameter(\"QTY1\", \"1\")))\n\t\t .setAlign(\"right\"));\n\t quantity = s.getParser().getFloatParameter(\"QTY1\", 1.0f);\n\t total = quantity * 69.99f;\n" } } }, "message": { "text": "Input(2)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 62 }, "region": { "startLine": 124 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 102, "level": "error", "message": { "text": "On line [340](1) of [UpdateProfile.java](1), the method createEmployeeProfile() invokes a SQL query built using input coming from an untrusted source. This call could allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands.\r\nConstructing a dynamic SQL statement with input coming from an untrusted source could allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 340, "snippet": { "text": "\t\tstatement.executeUpdate(query);" } }, "contextRegion": { "startLine": 337, "endLine": 343, "snippet": { "text": "\t {\n\t\tStatement statement = WebSession.getConnection(s)\n\t\t\t.createStatement();\n\t\tstatement.executeUpdate(query);\n\t }\n\t catch (SQLException sqle)\n\t {\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 670 }, { "index": 671 }, { "index": 672 }, { "index": 90 }, { "index": 91 }, { "index": 674 }, { "index": 93 }, { "index": 675 }, { "index": 677 }, { "index": 97 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 340, "snippet": { "text": "\t\tstatement.executeUpdate(query);" } }, "contextRegion": { "startLine": 337, "endLine": 343, "snippet": { "text": "\t {\n\t\tStatement statement = WebSession.getConnection(s)\n\t\t\t.createStatement();\n\t\tstatement.executeUpdate(query);\n\t }\n\t catch (SQLException sqle)\n\t {\n" } } }, "message": { "text": "executeUpdate(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 340, "startColumn": 27 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 108, "level": "error", "message": { "text": "The method getRawParameter() in [ParameterParser.java](1) mishandles confidential information, which can compromise user privacy and is often illegal.\r\nMishandling private information, such as customer passwords or social security numbers, can compromise user privacy and is often illegal." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 635, "snippet": { "text": "\t throw new ParameterNotFoundException(name + \" was empty\");" } }, "contextRegion": { "startLine": 632, "endLine": 638, "snippet": { "text": "\t}\n\telse if (values[0].length() == 0)\n\t{\n\t throw new ParameterNotFoundException(name + \" was empty\");\n\t}\n\n\treturn (values[0]);\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 405 }, { "index": 406 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 635, "snippet": { "text": "\t throw new ParameterNotFoundException(name + \" was empty\");" } }, "contextRegion": { "startLine": 632, "endLine": 638, "snippet": { "text": "\t}\n\telse if (values[0].length() == 0)\n\t{\n\t throw new ParameterNotFoundException(name + \" was empty\");\n\t}\n\n\treturn (values[0]);\n" } } }, "message": { "text": "ParameterNotFoundException(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 635 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 62, "level": "error", "message": { "text": "The method createContent() in [ReflectedXSS.java](1) sends unvalidated data to a web browser on line [200](1), which can result in the browser executing malicious code.\r\nSending unvalidated data to a web browser can result in the browser executing malicious code." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 137 }, "region": { "startLine": 200, "snippet": { "text": "\t\t param2)));" } }, "contextRegion": { "startLine": 197, "endLine": 203, "snippet": { "text": "\t\t .addElement(new TD()\n\t\t\t .addElement(\"Enter your credit card number:\"));\n\t tr.addElement(new TD().addElement(new Input(Input.TEXT, \"field2\",\n\t\t param2)));\n\t t.addElement(tr);\n\t tr = new TR();\n\t tr.addElement(new TD()\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 0 }, { "index": 2 }, { "index": 3 }, { "index": 7 }, { "index": 10 }, { "index": 679 }, { "index": 680 }, { "index": 686 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 137 }, "region": { "startLine": 200, "snippet": { "text": "\t\t param2)));" } }, "contextRegion": { "startLine": 197, "endLine": 203, "snippet": { "text": "\t\t .addElement(new TD()\n\t\t\t .addElement(\"Enter your credit card number:\"));\n\t tr.addElement(new TD().addElement(new Input(Input.TEXT, \"field2\",\n\t\t param2)));\n\t t.addElement(tr);\n\t tr = new TR();\n\t tr.addElement(new TD()\n" } } }, "message": { "text": "Input(2)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 137 }, "region": { "startLine": 200, "startColumn": 7 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 17, "message": { "text": "The catch block at [ParameterParser.java](1) line [484](1) handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program.\r\nThe catch block handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 484, "endLine": 487, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t return def;\r\n\t}" } }, "contextRegion": { "startLine": 481, "endLine": 490, "snippet": { "text": "\t{\n\t return getIntParameter(name);\n\t}\n\tcatch (Exception e)\n\t{\n\t return def;\n\t}\n }\n\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 484, "endLine": 487, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t return def;\r\n\t}" } }, "contextRegion": { "startLine": 481, "endLine": 490, "snippet": { "text": "\t{\n\t return getIntParameter(name);\n\t}\n\tcatch (Exception e)\n\t{\n\t return def;\n\t}\n }\n\n\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 484, "startColumn": 2, "endLine": 487 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 17, "message": { "text": "The catch block at [Exec.java](1) line [242](1) handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program.\r\nThe catch block handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 74 }, "region": { "startLine": 242, "endLine": 245, "snippet": { "text": "\tcatch (Throwable t)\r\n\t{\r\n\t results.setThrowable(t);\r\n\t}" } }, "contextRegion": { "startLine": 239, "endLine": 248, "snippet": { "text": "\t{\n\t results.setInterrupted();\n\t}\n\tcatch (Throwable t)\n\t{\n\t results.setThrowable(t);\n\t}\n\tfinally\n\t{\n\t if (child != null)\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 74 }, "region": { "startLine": 242, "endLine": 245, "snippet": { "text": "\tcatch (Throwable t)\r\n\t{\r\n\t results.setThrowable(t);\r\n\t}" } }, "contextRegion": { "startLine": 239, "endLine": 248, "snippet": { "text": "\t{\n\t results.setInterrupted();\n\t}\n\tcatch (Throwable t)\n\t{\n\t results.setThrowable(t);\n\t}\n\tfinally\n\t{\n\t if (child != null)\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 74 }, "region": { "startLine": 242, "startColumn": 2, "endLine": 245 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function createContent() in [XPATHInjection.java](1) might reveal system data or debugging information by calling printStackTrace() on line [207](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 5 }, "region": { "startLine": 207, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 204, "endLine": 210, "snippet": { "text": "\tcatch (IllegalArgumentException e)\n\t{\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\n\t e.printStackTrace();\n\t}\n\tcatch (XPathExpressionException e)\n\t{\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 5 }, "region": { "startLine": 207, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 204, "endLine": 210, "snippet": { "text": "\tcatch (IllegalArgumentException e)\n\t{\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\n\t e.printStackTrace();\n\t}\n\tcatch (XPathExpressionException e)\n\t{\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 5 }, "region": { "startLine": 207 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function createContent() in [XPATHInjection.java](1) might reveal system data or debugging information by calling printStackTrace() on line [202](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 5 }, "region": { "startLine": 202, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 199, "endLine": 205, "snippet": { "text": "\tcatch (IOException e)\n\t{\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\n\t e.printStackTrace();\n\t}\n\tcatch (IllegalArgumentException e)\n\t{\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 5 }, "region": { "startLine": 202, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 199, "endLine": 205, "snippet": { "text": "\tcatch (IOException e)\n\t{\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\n\t e.printStackTrace();\n\t}\n\tcatch (IllegalArgumentException e)\n\t{\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 5 }, "region": { "startLine": 202 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function getAllEmployees() in [Login.java](1) might reveal system data or debugging information by calling printStackTrace() on line [252](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 88 }, "region": { "startLine": 252, "snippet": { "text": "\t\tsqle.printStackTrace();" } }, "contextRegion": { "startLine": 249, "endLine": 255, "snippet": { "text": "\t catch (SQLException sqle)\n\t {\n\t\ts.setMessage(\"Error getting employees\");\n\t\tsqle.printStackTrace();\n\t }\n\t}\n\tcatch (Exception e)\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 88 }, "region": { "startLine": 252, "snippet": { "text": "\t\tsqle.printStackTrace();" } }, "contextRegion": { "startLine": 249, "endLine": 255, "snippet": { "text": "\t catch (SQLException sqle)\n\t {\n\t\ts.setMessage(\"Error getting employees\");\n\t\tsqle.printStackTrace();\n\t }\n\t}\n\tcatch (Exception e)\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 88 }, "region": { "startLine": 252 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 17, "message": { "text": "The catch block at [Encoding.java](1) line [955](1) handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program.\r\nThe catch block handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 955, "endLine": 958, "snippet": { "text": "\t\tcatch ( Exception e )\r\n\t\t{\r\n\t\t\treturn ( \"Encoding error\" );\r\n\t\t}" } }, "contextRegion": { "startLine": 952, "endLine": 961, "snippet": { "text": "\t\t{\n\t\t\treturn ( URLEncoder.encode( str, \"UTF-8\" ) );\n\t\t}\n\t\tcatch ( Exception e )\n\t\t{\n\t\t\treturn ( \"Encoding error\" );\n\t\t}\n\t}\n\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 955, "endLine": 958, "snippet": { "text": "\t\tcatch ( Exception e )\r\n\t\t{\r\n\t\t\treturn ( \"Encoding error\" );\r\n\t\t}" } }, "contextRegion": { "startLine": 952, "endLine": 961, "snippet": { "text": "\t\t{\n\t\t\treturn ( URLEncoder.encode( str, \"UTF-8\" ) );\n\t\t}\n\t\tcatch ( Exception e )\n\t\t{\n\t\t\treturn ( \"Encoding error\" );\n\t\t}\n\t}\n\n\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 955, "startColumn": 3, "endLine": 958 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 17, "message": { "text": "The catch block at [Course.java](1) line [377](1) handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program.\r\nThe catch block handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 63 }, "region": { "startLine": 377, "endLine": 380, "snippet": { "text": " \t\t\tcatch (Exception e)\r\n \t\t\t{\r\n \t\t\t\t//System.out.println(\"Warning: \" + e.getMessage());\r\n \t\t\t}" } }, "contextRegion": { "startLine": 374, "endLine": 383, "snippet": { "text": " \t\t\t\t\t}\n \t\t\t\t}\n \t\t\t}\n \t\t\tcatch (Exception e)\n \t\t\t{\n \t\t\t\t//System.out.println(\"Warning: \" + e.getMessage());\n \t\t\t}\n \t\t}\n \t}\n }\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 63 }, "region": { "startLine": 377, "endLine": 380, "snippet": { "text": " \t\t\tcatch (Exception e)\r\n \t\t\t{\r\n \t\t\t\t//System.out.println(\"Warning: \" + e.getMessage());\r\n \t\t\t}" } }, "contextRegion": { "startLine": 374, "endLine": 383, "snippet": { "text": " \t\t\t\t\t}\n \t\t\t\t}\n \t\t\t}\n \t\t\tcatch (Exception e)\n \t\t\t{\n \t\t\t\t//System.out.println(\"Warning: \" + e.getMessage());\n \t\t\t}\n \t\t}\n \t}\n }\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 63 }, "region": { "startLine": 377, "startColumn": 8, "endLine": 380 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 62, "level": "error", "message": { "text": "The method handleRequest() in [AbstractLesson.java](1) sends unvalidated data to a web browser on line [1086](1), which can result in the browser executing malicious code.\r\nSending unvalidated data to a web browser can result in the browser executing malicious code." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 75 }, "region": { "startLine": 1086, "snippet": { "text": "\tform.addElement(createContent(s));" } }, "contextRegion": { "startLine": 1083, "endLine": 1089, "snippet": { "text": "\tForm form = new Form(getFormAction(), Form.POST).setName(\"form\")\n\t\t.setEncType(\"\");\n\n\tform.addElement(createContent(s));\n\n\tsetContent(form);\n }\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 0 }, { "index": 2 }, { "index": 3 }, { "index": 7 }, { "index": 10 }, { "index": 312 }, { "index": 313 }, { "index": 687 }, { "index": 688 }, { "index": 689 }, { "index": 690 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 75 }, "region": { "startLine": 1086, "snippet": { "text": "\tform.addElement(createContent(s));" } }, "contextRegion": { "startLine": 1083, "endLine": 1089, "snippet": { "text": "\tForm form = new Form(getFormAction(), Form.POST).setName(\"form\")\n\t\t.setEncType(\"\");\n\n\tform.addElement(createContent(s));\n\n\tsetContent(form);\n }\n" } } }, "message": { "text": "addElement(0)" } }, "kinds": [ "call", "function" ] } ] } ] }, { "threadFlows": [ { "locations": [ { "index": 0 }, { "index": 2 }, { "index": 3 }, { "index": 7 }, { "index": 10 }, { "index": 691 }, { "index": 692 }, { "index": 693 }, { "index": 694 }, { "index": 695 }, { "index": 690 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 75 }, "region": { "startLine": 1086, "snippet": { "text": "\tform.addElement(createContent(s));" } }, "contextRegion": { "startLine": 1083, "endLine": 1089, "snippet": { "text": "\tForm form = new Form(getFormAction(), Form.POST).setName(\"form\")\n\t\t.setEncType(\"\");\n\n\tform.addElement(createContent(s));\n\n\tsetContent(form);\n }\n" } } }, "message": { "text": "addElement(0)" } }, "kinds": [ "call", "function" ] } ] } ] }, { "threadFlows": [ { "locations": [ { "index": 0 }, { "index": 2 }, { "index": 3 }, { "index": 7 }, { "index": 10 }, { "index": 696 }, { "index": 697 }, { "index": 698 }, { "index": 699 }, { "index": 700 }, { "index": 701 }, { "index": 690 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 75 }, "region": { "startLine": 1086, "snippet": { "text": "\tform.addElement(createContent(s));" } }, "contextRegion": { "startLine": 1083, "endLine": 1089, "snippet": { "text": "\tForm form = new Form(getFormAction(), Form.POST).setName(\"form\")\n\t\t.setEncType(\"\");\n\n\tform.addElement(createContent(s));\n\n\tsetContent(form);\n }\n" } } }, "message": { "text": "addElement(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 75 }, "region": { "startLine": 1086 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "2.6458335" } }, { "ruleIndex": 108, "level": "error", "message": { "text": "The method ParameterNotFoundException() in [ParameterNotFoundException.java](1) mishandles confidential information, which can compromise user privacy and is often illegal.\r\nMishandling private information, such as customer passwords or social security numbers, can compromise user privacy and is often illegal." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 77 }, "region": { "startLine": 54, "snippet": { "text": "\tsuper(s);" } }, "contextRegion": { "startLine": 51, "endLine": 57, "snippet": { "text": " */\n public ParameterNotFoundException(String s)\n {\n\tsuper(s);\n }\n}\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 282 }, { "index": 283 }, { "index": 164 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 77 }, "region": { "startLine": 54, "snippet": { "text": "\tsuper(s);" } }, "contextRegion": { "startLine": 51, "endLine": 57, "snippet": { "text": " */\n public ParameterNotFoundException(String s)\n {\n\tsuper(s);\n }\n}\n" } } }, "message": { "text": "Exception(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 77 }, "region": { "startLine": 54, "startColumn": 8 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 77, "level": "note", "message": { "text": "The method createContent() in [WSDLScanning.java](1) ignores an exception on line [232](1), which could cause the program to overlook unexpected states and conditions.\r\nIgnoring an exception can cause the program to overlook unexpected states and conditions." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 83 }, "region": { "startLine": 232, "endLine": 235, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\r\n\t}" } }, "contextRegion": { "startLine": 229, "endLine": 238, "snippet": { "text": "\t t.addElement(results);\n\t ec.addElement(new P().addElement(t));\n\t}\n\tcatch (Exception e)\n\t{\n\n\t}\n\ttry\n\t{\n\t A a = new A(\"services/WSDLScanning?WSDL\", \"WebGoat WSDL File\");\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 83 }, "region": { "startLine": 232, "endLine": 235, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\r\n\t}" } }, "contextRegion": { "startLine": 229, "endLine": 238, "snippet": { "text": "\t t.addElement(results);\n\t ec.addElement(new P().addElement(t));\n\t}\n\tcatch (Exception e)\n\t{\n\n\t}\n\ttry\n\t{\n\t A a = new A(\"services/WSDLScanning?WSDL\", \"WebGoat WSDL File\");\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 83 }, "region": { "startLine": 232, "startColumn": 2, "endLine": 235 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 118, "message": { "text": "A cookie is created without the `secure` flag set to `true`." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 193, "snippet": { "text": "\ts.getResponse().addCookie(newCookie);" } }, "contextRegion": { "startLine": 190, "endLine": 196, "snippet": { "text": "\t//\n\n\tCookie newCookie = new Cookie(USER_COOKIE, \"White\");\n\ts.getResponse().addCookie(newCookie);\n\n\tElementContainer ec = new ElementContainer();\n\tif (s.getParser().getStringParameter(Input.SUBMIT, \"\").equals(\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 192, "snippet": { "text": "\tCookie newCookie = new Cookie(USER_COOKIE, \"White\");" } }, "contextRegion": { "startLine": 189, "endLine": 195, "snippet": { "text": " {\n\t//\n\n\tCookie newCookie = new Cookie(USER_COOKIE, \"White\");\n\ts.getResponse().addCookie(newCookie);\n\n\tElementContainer ec = new ElementContainer();\n" } } }, "message": { "text": "newCookie = new Cookie(...)" } }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 193, "snippet": { "text": "\ts.getResponse().addCookie(newCookie);" } }, "contextRegion": { "startLine": 190, "endLine": 196, "snippet": { "text": "\t//\n\n\tCookie newCookie = new Cookie(USER_COOKIE, \"White\");\n\ts.getResponse().addCookie(newCookie);\n\n\tElementContainer ec = new ElementContainer();\n\tif (s.getParser().getStringParameter(Input.SUBMIT, \"\").equals(\n" } } }, "message": { "text": "addCookie(newCookie)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 193 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 17, "message": { "text": "The catch block at [StoredXss.java](1) line [110](1) handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program.\r\nThe catch block handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 60 }, "region": { "startLine": 110, "endLine": 119, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t // ignore the empty resultset on the insert. There are a few more SQL Injection errors\r\n\t // that could be trapped here but we will let them try. One error would be something\r\n\t // like \"Characters found after end of SQL statement.\" \r\n\t if (e.getMessage().indexOf(\"No ResultSet was produced\") == -1)\r\n\t {\r\n\t\ts.setMessage(\"Could not add message to database\");\r\n\t }\r\n\t}" } }, "contextRegion": { "startLine": 107, "endLine": 122, "snippet": { "text": "\t statement.setString(4, s.getUserName());\n\t statement.executeQuery();\n\t}\n\tcatch (Exception e)\n\t{\n\t // ignore the empty resultset on the insert. There are a few more SQL Injection errors\n\t // that could be trapped here but we will let them try. One error would be something\n\t // like \"Characters found after end of SQL statement.\" \n\t if (e.getMessage().indexOf(\"No ResultSet was produced\") == -1)\n\t {\n\t\ts.setMessage(\"Could not add message to database\");\n\t }\n\t}\n }\n\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 60 }, "region": { "startLine": 110, "endLine": 119, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t // ignore the empty resultset on the insert. There are a few more SQL Injection errors\r\n\t // that could be trapped here but we will let them try. One error would be something\r\n\t // like \"Characters found after end of SQL statement.\" \r\n\t if (e.getMessage().indexOf(\"No ResultSet was produced\") == -1)\r\n\t {\r\n\t\ts.setMessage(\"Could not add message to database\");\r\n\t }\r\n\t}" } }, "contextRegion": { "startLine": 107, "endLine": 122, "snippet": { "text": "\t statement.setString(4, s.getUserName());\n\t statement.executeQuery();\n\t}\n\tcatch (Exception e)\n\t{\n\t // ignore the empty resultset on the insert. There are a few more SQL Injection errors\n\t // that could be trapped here but we will let them try. One error would be something\n\t // like \"Characters found after end of SQL statement.\" \n\t if (e.getMessage().indexOf(\"No ResultSet was produced\") == -1)\n\t {\n\t\ts.setMessage(\"Could not add message to database\");\n\t }\n\t}\n }\n\n\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 60 }, "region": { "startLine": 110, "startColumn": 2, "endLine": 119 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function handleRequest() in [SQLInjection.java](1) might reveal system data or debugging information by calling printStackTrace() on line [367](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 57 }, "region": { "startLine": 367, "snippet": { "text": "\t\te.printStackTrace();" } }, "contextRegion": { "startLine": 364, "endLine": 370, "snippet": { "text": "\t {\n\t\t// All other errors send the user to the generic error page\n\t\tSystem.out.println(\"handleRequest() error\");\n\t\te.printStackTrace();\n\t\tsetCurrentAction(s, ERROR_ACTION);\n\t }\n\t}\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 57 }, "region": { "startLine": 367, "snippet": { "text": "\t\te.printStackTrace();" } }, "contextRegion": { "startLine": 364, "endLine": 370, "snippet": { "text": "\t {\n\t\t// All other errors send the user to the generic error page\n\t\tSystem.out.println(\"handleRequest() error\");\n\t\te.printStackTrace();\n\t\tsetCurrentAction(s, ERROR_ACTION);\n\t }\n\t}\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 57 }, "region": { "startLine": 367 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 77, "level": "note", "message": { "text": "The method isAuthenticated() in [DefaultLessonAction.java](1) ignores an exception on line [236](1), which could cause the program to overlook unexpected states and conditions.\r\nIgnoring an exception can cause the program to overlook unexpected states and conditions." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 106 }, "region": { "startLine": 236, "endLine": 238, "snippet": { "text": "\t\tcatch (ParameterNotFoundException e)\r\n\t\t{\t\r\n\t\t}" } }, "contextRegion": { "startLine": 233, "endLine": 241, "snippet": { "text": "\t\t{\n\t\t\tauthenticated = getBooleanSessionAttribute(s, getLessonName() + \".isAuthenticated\");\n\t\t}\n\t\tcatch (ParameterNotFoundException e)\n\t\t{\t\n\t\t}\n\t\t\n\t\treturn authenticated;\n\t}\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 106 }, "region": { "startLine": 236, "endLine": 238, "snippet": { "text": "\t\tcatch (ParameterNotFoundException e)\r\n\t\t{\t\r\n\t\t}" } }, "contextRegion": { "startLine": 233, "endLine": 241, "snippet": { "text": "\t\t{\n\t\t\tauthenticated = getBooleanSessionAttribute(s, getLessonName() + \".isAuthenticated\");\n\t\t}\n\t\tcatch (ParameterNotFoundException e)\n\t\t{\t\n\t\t}\n\t\t\n\t\treturn authenticated;\n\t}\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 106 }, "region": { "startLine": 236, "startColumn": 3, "endLine": 238 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 41, "message": { "text": "The iteration count used by a password-based key derivation function is too low." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 487, "snippet": { "text": "\t\t\tPBEParameterSpec ps = new javax.crypto.spec.PBEParameterSpec( salt, 20 );" } }, "contextRegion": { "startLine": 484, "endLine": 490, "snippet": { "text": "\t\ttry\n\t\t{\n\n\t\t\tPBEParameterSpec ps = new javax.crypto.spec.PBEParameterSpec( salt, 20 );\n\n\t\t\tSecretKeyFactory kf = SecretKeyFactory.getInstance( \"PBEWithMD5AndDES\" );\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 487, "snippet": { "text": "\t\t\tPBEParameterSpec ps = new javax.crypto.spec.PBEParameterSpec( salt, 20 );" } }, "contextRegion": { "startLine": 484, "endLine": 490, "snippet": { "text": "\t\ttry\n\t\t{\n\n\t\t\tPBEParameterSpec ps = new javax.crypto.spec.PBEParameterSpec( salt, 20 );\n\n\t\t\tSecretKeyFactory kf = SecretKeyFactory.getInstance( \"PBEWithMD5AndDES\" );\n\n" } } }, "message": { "text": "PBEParameterSpec()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 487 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 33, "level": "note", "message": { "text": "Using println() rather than a dedicated logging facility makes it difficult to monitor the behavior of the program.\r\nUsing `System.out` or `System.err` rather than a dedicated logging facility makes it difficult to monitor the behavior of the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 88 }, "region": { "startLine": 94, "snippet": { "text": "\t\t System.out.println(\"Internal server error\");" } }, "contextRegion": { "startLine": 91, "endLine": 97, "snippet": { "text": "\t\t}\n\t\tcatch (UnauthenticatedException ue1)\n\t\t{\n\t\t System.out.println(\"Internal server error\");\n\t\t ue1.printStackTrace();\n\t\t}\n\t\tcatch (UnauthorizedException ue2)\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 88 }, "region": { "startLine": 94, "snippet": { "text": "\t\t System.out.println(\"Internal server error\");" } }, "contextRegion": { "startLine": 91, "endLine": 97, "snippet": { "text": "\t\t}\n\t\tcatch (UnauthenticatedException ue1)\n\t\t{\n\t\t System.out.println(\"Internal server error\");\n\t\t ue1.printStackTrace();\n\t\t}\n\t\tcatch (UnauthorizedException ue2)\n" } } }, "message": { "text": "FunctionCall: println" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 88 }, "region": { "startLine": 94 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 33, "level": "note", "message": { "text": "Using println() rather than a dedicated logging facility makes it difficult to monitor the behavior of the program.\r\nUsing `System.out` or `System.err` rather than a dedicated logging facility makes it difficult to monitor the behavior of the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 88 }, "region": { "startLine": 99, "snippet": { "text": "\t\t System.out.println(\"Internal server error\");" } }, "contextRegion": { "startLine": 96, "endLine": 102, "snippet": { "text": "\t\t}\n\t\tcatch (UnauthorizedException ue2)\n\t\t{\n\t\t System.out.println(\"Internal server error\");\n\t\t ue2.printStackTrace();\n\t\t}\n\t }\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 88 }, "region": { "startLine": 99, "snippet": { "text": "\t\t System.out.println(\"Internal server error\");" } }, "contextRegion": { "startLine": 96, "endLine": 102, "snippet": { "text": "\t\t}\n\t\tcatch (UnauthorizedException ue2)\n\t\t{\n\t\t System.out.println(\"Internal server error\");\n\t\t ue2.printStackTrace();\n\t\t}\n\t }\n" } } }, "message": { "text": "FunctionCall: println" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 88 }, "region": { "startLine": 99 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 33, "level": "note", "message": { "text": "Using println() rather than a dedicated logging facility makes it difficult to monitor the behavior of the program.\r\nUsing `System.out` or `System.err` rather than a dedicated logging facility makes it difficult to monitor the behavior of the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 12 }, "region": { "startLine": 216, "snippet": { "text": "\t System.out.println(\"Exception caught: \" + e);" } }, "contextRegion": { "startLine": 213, "endLine": 219, "snippet": { "text": "\t}\n\tcatch (Exception e)\n\t{\n\t System.out.println(\"Exception caught: \" + e);\n\t e.printStackTrace(System.out);\n\t}\n }\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 12 }, "region": { "startLine": 216, "snippet": { "text": "\t System.out.println(\"Exception caught: \" + e);" } }, "contextRegion": { "startLine": 213, "endLine": 219, "snippet": { "text": "\t}\n\tcatch (Exception e)\n\t{\n\t System.out.println(\"Exception caught: \" + e);\n\t e.printStackTrace(System.out);\n\t}\n }\n" } } }, "message": { "text": "FunctionCall: println" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 12 }, "region": { "startLine": 216 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 122, "level": "error", "message": { "text": "The file [config.jsp](1) passes unvalidated data to an HTTP redirect function on line [12](1). Allowing unvalidated input to control the URL used in a redirect can aid phishing attacks.\r\nAllowing unvalidated input to control the URL used in a redirect can aid phishing attacks." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 78 }, "region": { "startLine": 12, "snippet": { "text": "\t\t \"&menu=\" + request.getParameter(\"menu\") +" } }, "contextRegion": { "startLine": 9, "endLine": 15, "snippet": { "text": "\n<% response.sendRedirect(\"/WebGoat/attack?\" +\n\t\t \"Screen=\" + request.getParameter(\"Screen\") +\n\t\t \"&menu=\" + request.getParameter(\"menu\") +\n\t\t \"&succeeded=yes\"); \n%>\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 702 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 78 }, "region": { "startLine": 12, "snippet": { "text": "\t\t \"&menu=\" + request.getParameter(\"menu\") +" } }, "contextRegion": { "startLine": 9, "endLine": 15, "snippet": { "text": "\n<% response.sendRedirect(\"/WebGoat/attack?\" +\n\t\t \"Screen=\" + request.getParameter(\"Screen\") +\n\t\t \"&menu=\" + request.getParameter(\"menu\") +\n\t\t \"&succeeded=yes\"); \n%>\n\n" } } }, "message": { "text": "sendRedirect(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 78 }, "region": { "startLine": 12 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 125, "level": "error", "message": { "text": "The method _jspService() in [ViewProfile.jsp](1) mishandles confidential information, which can compromise user privacy and is often illegal.\r\nMishandling private information, such as customer passwords or social security numbers, can compromise user privacy and is often illegal." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 16 }, "region": { "startLine": 58, "snippet": { "text": "\t\t\t \t\t<%=employee.getSsn()%>" } }, "contextRegion": { "startLine": 55, "endLine": 61, "snippet": { "text": "\t\t\t \t\tSSN: \n\t\t\t \t\n\t\t\t \t\t<%=employee.getSsn()%>\n\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\tSalary: \n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 15 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 16 }, "region": { "startLine": 58, "snippet": { "text": "\t\t\t \t\t<%=employee.getSsn()%>" } }, "contextRegion": { "startLine": 55, "endLine": 61, "snippet": { "text": "\t\t\t \t\tSSN: \n\t\t\t \t\n\t\t\t \t\t<%=employee.getSsn()%>\n\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\tSalary: \n" } } }, "message": { "text": "print(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 16 }, "region": { "startLine": 58 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 125, "level": "error", "message": { "text": "The method _jspService() in [EditProfile.jsp](1) mishandles confidential information, which can compromise user privacy and is often illegal.\r\nMishandling private information, such as customer passwords or social security numbers, can compromise user privacy and is often illegal." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 79 }, "region": { "startLine": 67, "snippet": { "text": "\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getCcn()%>\"/>" } }, "contextRegion": { "startLine": 64, "endLine": 70, "snippet": { "text": "\t\t\t\t\t\tCredit Card: \n\t\t\t\t\t\n\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getCcn()%>\"/>\n\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\tCredit Card Limit: \n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 421 }, { "index": 422 }, { "index": 705 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 79 }, "region": { "startLine": 67, "snippet": { "text": "\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getCcn()%>\"/>" } }, "contextRegion": { "startLine": 64, "endLine": 70, "snippet": { "text": "\t\t\t\t\t\tCredit Card: \n\t\t\t\t\t\n\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getCcn()%>\"/>\n\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\tCredit Card Limit: \n" } } }, "message": { "text": "print(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 79 }, "region": { "startLine": 67 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 42, "message": { "text": "The method doPost() in [HammerHead.java](1) commingles trusted and untrusted data in the same data structure, which encourages programmers to mistakenly trust unvalidated data.\r\nCommingling trusted and untrusted data in the same data structure encourages programmers to mistakenly trust unvalidated data." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 184, "snippet": { "text": "\t request.getSession().setAttribute(\"websession\", mySession);" } }, "contextRegion": { "startLine": 181, "endLine": 187, "snippet": { "text": "\t\tclientBrowser = userAgent;\n\t }\n\t request.setAttribute(\"client.browser\", clientBrowser);\n\t request.getSession().setAttribute(\"websession\", mySession);\n\t request.getSession().setAttribute(\"course\", mySession.getCourse());\n\n\t request.getRequestDispatcher(getViewPage(mySession)).forward(\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 703 }, { "index": 704 }, { "index": 706 }, { "index": 707 }, { "index": 708 }, { "index": 709 }, { "index": 710 }, { "index": 157 }, { "index": 711 }, { "index": 159 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 184, "snippet": { "text": "\t request.getSession().setAttribute(\"websession\", mySession);" } }, "contextRegion": { "startLine": 181, "endLine": 187, "snippet": { "text": "\t\tclientBrowser = userAgent;\n\t }\n\t request.setAttribute(\"client.browser\", clientBrowser);\n\t request.getSession().setAttribute(\"websession\", mySession);\n\t request.getSession().setAttribute(\"course\", mySession.getCourse());\n\n\t request.getRequestDispatcher(getViewPage(mySession)).forward(\n" } } }, "message": { "text": "setAttribute(1)" } }, "kinds": [ "call", "function" ] } ] } ] }, { "threadFlows": [ { "locations": [ { "index": 703 }, { "index": 704 }, { "index": 706 }, { "index": 707 }, { "index": 712 }, { "index": 713 }, { "index": 714 }, { "index": 715 }, { "index": 157 }, { "index": 716 }, { "index": 159 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 184, "snippet": { "text": "\t request.getSession().setAttribute(\"websession\", mySession);" } }, "contextRegion": { "startLine": 181, "endLine": 187, "snippet": { "text": "\t\tclientBrowser = userAgent;\n\t }\n\t request.setAttribute(\"client.browser\", clientBrowser);\n\t request.getSession().setAttribute(\"websession\", mySession);\n\t request.getSession().setAttribute(\"course\", mySession.getCourse());\n\n\t request.getRequestDispatcher(getViewPage(mySession)).forward(\n" } } }, "message": { "text": "setAttribute(1)" } }, "kinds": [ "call", "function" ] } ] } ] }, { "threadFlows": [ { "locations": [ { "index": 703 }, { "index": 704 }, { "index": 706 }, { "index": 707 }, { "index": 717 }, { "index": 718 }, { "index": 708 }, { "index": 709 }, { "index": 710 }, { "index": 157 }, { "index": 711 }, { "index": 159 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 184, "snippet": { "text": "\t request.getSession().setAttribute(\"websession\", mySession);" } }, "contextRegion": { "startLine": 181, "endLine": 187, "snippet": { "text": "\t\tclientBrowser = userAgent;\n\t }\n\t request.setAttribute(\"client.browser\", clientBrowser);\n\t request.getSession().setAttribute(\"websession\", mySession);\n\t request.getSession().setAttribute(\"course\", mySession.getCourse());\n\n\t request.getRequestDispatcher(getViewPage(mySession)).forward(\n" } } }, "message": { "text": "setAttribute(1)" } }, "kinds": [ "call", "function" ] } ] } ] }, { "threadFlows": [ { "locations": [ { "index": 703 }, { "index": 704 }, { "index": 706 }, { "index": 707 }, { "index": 719 }, { "index": 720 }, { "index": 721 }, { "index": 722 }, { "index": 715 }, { "index": 157 }, { "index": 716 }, { "index": 159 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 184, "snippet": { "text": "\t request.getSession().setAttribute(\"websession\", mySession);" } }, "contextRegion": { "startLine": 181, "endLine": 187, "snippet": { "text": "\t\tclientBrowser = userAgent;\n\t }\n\t request.setAttribute(\"client.browser\", clientBrowser);\n\t request.getSession().setAttribute(\"websession\", mySession);\n\t request.getSession().setAttribute(\"course\", mySession.getCourse());\n\n\t request.getRequestDispatcher(getViewPage(mySession)).forward(\n" } } }, "message": { "text": "setAttribute(1)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 184 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function handleRequest_BACKUP() in [RoleBasedAccessControl.java](1) might reveal system data or debugging information by calling printStackTrace() on line [445](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 445, "snippet": { "text": "\t\tue.printStackTrace();" } }, "contextRegion": { "startLine": 442, "endLine": 448, "snippet": { "text": "\t {\n\t\ts.setMessage(\"Login failed\");\n\t\tSystem.out.println(\"Authentication failure\");\n\t\tue.printStackTrace();\n\t }\n\t catch (UnauthorizedException ue2)\n\t {\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 445, "snippet": { "text": "\t\tue.printStackTrace();" } }, "contextRegion": { "startLine": 442, "endLine": 448, "snippet": { "text": "\t {\n\t\ts.setMessage(\"Login failed\");\n\t\tSystem.out.println(\"Authentication failure\");\n\t\tue.printStackTrace();\n\t }\n\t catch (UnauthorizedException ue2)\n\t {\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 445 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function handleRequest() in [Login.java](1) might reveal system data or debugging information by calling printStackTrace() on line [96](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 37 }, "region": { "startLine": 96, "snippet": { "text": "\t\t ue2.printStackTrace();" } }, "contextRegion": { "startLine": 93, "endLine": 99, "snippet": { "text": "\t\tcatch (UnauthorizedException ue2)\n\t\t{\n\t\t System.out.println(\"Internal server error\");\n\t\t ue2.printStackTrace();\n\t\t}\n\t }\n\t else\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 37 }, "region": { "startLine": 96, "snippet": { "text": "\t\t ue2.printStackTrace();" } }, "contextRegion": { "startLine": 93, "endLine": 99, "snippet": { "text": "\t\tcatch (UnauthorizedException ue2)\n\t\t{\n\t\t System.out.println(\"Internal server error\");\n\t\t ue2.printStackTrace();\n\t\t}\n\t }\n\t else\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 37 }, "region": { "startLine": 96 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 17, "message": { "text": "The catch block at [AbstractLesson.java](1) line [1042](1) handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program.\r\nThe catch block handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 75 }, "region": { "startLine": 1042, "endLine": 1046, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t System.out.println(e);\r\n\t e.printStackTrace();\r\n\t}" } }, "contextRegion": { "startLine": 1039, "endLine": 1049, "snippet": { "text": "\n\t reader.close();\n\t}\n\tcatch (Exception e)\n\t{\n\t System.out.println(e);\n\t e.printStackTrace();\n\t}\n\n\treturn (ec);\n }\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 75 }, "region": { "startLine": 1042, "endLine": 1046, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t System.out.println(e);\r\n\t e.printStackTrace();\r\n\t}" } }, "contextRegion": { "startLine": 1039, "endLine": 1049, "snippet": { "text": "\n\t reader.close();\n\t}\n\tcatch (Exception e)\n\t{\n\t System.out.println(e);\n\t e.printStackTrace();\n\t}\n\n\treturn (ec);\n }\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 75 }, "region": { "startLine": 1042, "startColumn": 2, "endLine": 1046 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function readFromURL() in [AbstractLesson.java](1) might reveal system data or debugging information by calling printStackTrace() on line [1045](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 75 }, "region": { "startLine": 1045, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 1042, "endLine": 1048, "snippet": { "text": "\tcatch (Exception e)\n\t{\n\t System.out.println(e);\n\t e.printStackTrace();\n\t}\n\n\treturn (ec);\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 75 }, "region": { "startLine": 1045, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 1042, "endLine": 1048, "snippet": { "text": "\tcatch (Exception e)\n\t{\n\t System.out.println(e);\n\t e.printStackTrace();\n\t}\n\n\treturn (ec);\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 75 }, "region": { "startLine": 1045 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 99, "message": { "text": "Without proper access control, the method addMessage() in [CSRF.java](1) can execute a SQL statement on line [96](1) that contains an attacker-controlled primary key, thereby allowing the attacker to access unauthorized records.\r\nWithout proper access control, executing a SQL statement that contains a user-controlled primary key can allow an attacker to view unauthorized records." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 103 }, "region": { "startLine": 96, "snippet": { "text": "\t\t\tstatement.setString(3, message);" } }, "contextRegion": { "startLine": 93, "endLine": 99, "snippet": { "text": "\t\t\tPreparedStatement statement = connection.prepareStatement( query, ResultSet.TYPE_SCROLL_INSENSITIVE, ResultSet.CONCUR_READ_ONLY );\n\t\t\tstatement.setInt(1, count++);\n\t\t\tstatement.setString(2, title);\n\t\t\tstatement.setString(3, message);\n\t\t\tstatement.setString(4, s.getUserName());\n\t\t\tstatement.executeQuery();\n\t\t}\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 0 }, { "index": 2 }, { "index": 3 }, { "index": 7 }, { "index": 10 }, { "index": 723 }, { "index": 724 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 103 }, "region": { "startLine": 96, "snippet": { "text": "\t\t\tstatement.setString(3, message);" } }, "contextRegion": { "startLine": 93, "endLine": 99, "snippet": { "text": "\t\t\tPreparedStatement statement = connection.prepareStatement( query, ResultSet.TYPE_SCROLL_INSENSITIVE, ResultSet.CONCUR_READ_ONLY );\n\t\t\tstatement.setInt(1, count++);\n\t\t\tstatement.setString(2, title);\n\t\t\tstatement.setString(3, message);\n\t\t\tstatement.setString(4, s.getUserName());\n\t\t\tstatement.executeQuery();\n\t\t}\n" } } }, "message": { "text": "setString(1)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 103 }, "region": { "startLine": 96, "startColumn": 27 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 142, "message": { "text": "The call to equals() on line [113](1) causes portability problems because it has different locales which may lead to unexpected output. This may also circumvent custom validation routines.\r\nUnexpected portability problems can be found when the locale is not specified." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 113, "snippet": { "text": "\t\t\t\t.toLowerCase().equals(\"ipconfig #\")))" } }, "contextRegion": { "startLine": 110, "endLine": 116, "snippet": { "text": "\t\t\t\t\t.trim().toLowerCase().equals(\n\t\t\t\t\t\t\"ifconfig #\") || helpFile\n\t\t\t\t.substring(index, helpFileLen).trim()\n\t\t\t\t.toLowerCase().equals(\"ipconfig #\")))\n\t\t{\n\t\t illegalCommand = false;\n\t\t}\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 77, "snippet": { "text": "\t if (s.isDefuseOSCommands()" } }, "contextRegion": { "startLine": 74, "endLine": 80, "snippet": { "text": "\t String helpFile = s.getParser().getRawParameter(HELP_FILE,\n\t\t \"BasicAuthentication.help\");\n\t String safeDirName;\n\t if (s.isDefuseOSCommands()\n\t\t && (helpFile.indexOf('&') != -1 || helpFile.indexOf(';') != -1))\n\t {\n\t\tint index = helpFile.indexOf('&');\n" } } }, "message": { "text": "Branch taken" } }, "kinds": [ "branch", "true" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 78, "snippet": { "text": "\t\t && (helpFile.indexOf('&') != -1 || helpFile.indexOf(';') != -1))" } }, "contextRegion": { "startLine": 75, "endLine": 81, "snippet": { "text": "\t\t \"BasicAuthentication.help\");\n\t String safeDirName;\n\t if (s.isDefuseOSCommands()\n\t\t && (helpFile.indexOf('&') != -1 || helpFile.indexOf(';') != -1))\n\t {\n\t\tint index = helpFile.indexOf('&');\n\t\tif (index == -1)\n" } } }, "message": { "text": "Branch taken" } }, "kinds": [ "branch", "true" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 90, "snippet": { "text": "\t\tif ((osName.indexOf(\"Windows\") != -1 && (helpFile.substring(" } }, "contextRegion": { "startLine": 87, "endLine": 93, "snippet": { "text": "\t\tSystem.out.println(\"Command = [\"\n\t\t\t+ helpFile.substring(index, helpFileLen).trim()\n\t\t\t\t.toLowerCase() + \"]\");\n\t\tif ((osName.indexOf(\"Windows\") != -1 && (helpFile.substring(\n\t\t\tindex, helpFileLen).trim().toLowerCase().equals(\n\t\t\t\"netstat -a\")\n\t\t\t|| helpFile.substring(index, helpFileLen).trim()\n" } } }, "message": { "text": "Branch not taken" } }, "kinds": [ "branch", "false" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 102, "snippet": { "text": "\t\t\t\t.toLowerCase().equals(\"netstat -a #\")" } }, "contextRegion": { "startLine": 99, "endLine": 105, "snippet": { "text": "\t\t\t.substring(index, helpFileLen).trim().toLowerCase()\n\t\t\t.equals(\"ipconfig\")))\n\t\t\t|| (helpFile.substring(index, helpFileLen).trim()\n\t\t\t\t.toLowerCase().equals(\"netstat -a #\")\n\t\t\t\t|| helpFile.substring(index, helpFileLen)\n\t\t\t\t\t.trim().toLowerCase().equals(\"dir #\")\n\t\t\t\t|| helpFile.substring(index, helpFileLen)\n" } } }, "message": { "text": "Branch not taken" } }, "kinds": [ "branch", "false" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 104, "snippet": { "text": "\t\t\t\t\t.trim().toLowerCase().equals(\"dir #\")" } }, "contextRegion": { "startLine": 101, "endLine": 107, "snippet": { "text": "\t\t\t|| (helpFile.substring(index, helpFileLen).trim()\n\t\t\t\t.toLowerCase().equals(\"netstat -a #\")\n\t\t\t\t|| helpFile.substring(index, helpFileLen)\n\t\t\t\t\t.trim().toLowerCase().equals(\"dir #\")\n\t\t\t\t|| helpFile.substring(index, helpFileLen)\n\t\t\t\t\t.trim().toLowerCase().equals(\"ls #\")\n\t\t\t\t|| helpFile.substring(index, helpFileLen)\n" } } }, "message": { "text": "Branch not taken" } }, "kinds": [ "branch", "false" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 106, "snippet": { "text": "\t\t\t\t\t.trim().toLowerCase().equals(\"ls #\")" } }, "contextRegion": { "startLine": 103, "endLine": 109, "snippet": { "text": "\t\t\t\t|| helpFile.substring(index, helpFileLen)\n\t\t\t\t\t.trim().toLowerCase().equals(\"dir #\")\n\t\t\t\t|| helpFile.substring(index, helpFileLen)\n\t\t\t\t\t.trim().toLowerCase().equals(\"ls #\")\n\t\t\t\t|| helpFile.substring(index, helpFileLen)\n\t\t\t\t\t.trim().toLowerCase().equals(\"ls -l #\")\n\t\t\t\t|| helpFile.substring(index, helpFileLen)\n" } } }, "message": { "text": "Branch not taken" } }, "kinds": [ "branch", "false" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 108, "snippet": { "text": "\t\t\t\t\t.trim().toLowerCase().equals(\"ls -l #\")" } }, "contextRegion": { "startLine": 105, "endLine": 111, "snippet": { "text": "\t\t\t\t|| helpFile.substring(index, helpFileLen)\n\t\t\t\t\t.trim().toLowerCase().equals(\"ls #\")\n\t\t\t\t|| helpFile.substring(index, helpFileLen)\n\t\t\t\t\t.trim().toLowerCase().equals(\"ls -l #\")\n\t\t\t\t|| helpFile.substring(index, helpFileLen)\n\t\t\t\t\t.trim().toLowerCase().equals(\n\t\t\t\t\t\t\"ifconfig #\") || helpFile\n" } } }, "message": { "text": "Branch not taken" } }, "kinds": [ "branch", "false" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 110, "snippet": { "text": "\t\t\t\t\t.trim().toLowerCase().equals(" } }, "contextRegion": { "startLine": 107, "endLine": 113, "snippet": { "text": "\t\t\t\t|| helpFile.substring(index, helpFileLen)\n\t\t\t\t\t.trim().toLowerCase().equals(\"ls -l #\")\n\t\t\t\t|| helpFile.substring(index, helpFileLen)\n\t\t\t\t\t.trim().toLowerCase().equals(\n\t\t\t\t\t\t\"ifconfig #\") || helpFile\n\t\t\t\t.substring(index, helpFileLen).trim()\n\t\t\t\t.toLowerCase().equals(\"ipconfig #\")))\n" } } }, "message": { "text": "Branch not taken" } }, "kinds": [ "branch", "false" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 113, "snippet": { "text": "\t\t\t\t.toLowerCase().equals(\"ipconfig #\")))" } }, "contextRegion": { "startLine": 110, "endLine": 116, "snippet": { "text": "\t\t\t\t\t.trim().toLowerCase().equals(\n\t\t\t\t\t\t\"ifconfig #\") || helpFile\n\t\t\t\t.substring(index, helpFileLen).trim()\n\t\t\t\t.toLowerCase().equals(\"ipconfig #\")))\n\t\t{\n\t\t illegalCommand = false;\n\t\t}\n" } } }, "message": { "text": "toLowerCase() : Case changed using default locale" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 113, "snippet": { "text": "\t\t\t\t.toLowerCase().equals(\"ipconfig #\")))" } }, "contextRegion": { "startLine": 110, "endLine": 116, "snippet": { "text": "\t\t\t\t\t.trim().toLowerCase().equals(\n\t\t\t\t\t\t\"ifconfig #\") || helpFile\n\t\t\t\t.substring(index, helpFileLen).trim()\n\t\t\t\t.toLowerCase().equals(\"ipconfig #\")))\n\t\t{\n\t\t illegalCommand = false;\n\t\t}\n" } } }, "message": { "text": "helpFile.substring(index, helpFileLen).trim().toLowerCase().equals(...) : Comparison without checking locale" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 113 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function getEmployeeProfile() in [ViewProfile.java](1) might reveal system data or debugging information by calling printStackTrace() on line [146](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 53 }, "region": { "startLine": 146, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 143, "endLine": 149, "snippet": { "text": "\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error getting employee profile\");\n\t e.printStackTrace();\n\t}\n\n\treturn profile;\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 53 }, "region": { "startLine": 146, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 143, "endLine": 149, "snippet": { "text": "\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error getting employee profile\");\n\t e.printStackTrace();\n\t}\n\n\treturn profile;\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 53 }, "region": { "startLine": 146 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function handleRequest_BACKUP() in [RoleBasedAccessControl.java](1) might reveal system data or debugging information by calling printStackTrace() on line [458](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 458, "snippet": { "text": "\t\te.printStackTrace();" } }, "contextRegion": { "startLine": 455, "endLine": 461, "snippet": { "text": "\t {\n\t\t// All other errors send the user to the generic error page\n\t\tSystem.out.println(\"handleRequest() error\");\n\t\te.printStackTrace();\n\t\tsetCurrentAction(s, ERROR_ACTION);\n\t }\n\t}\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 458, "snippet": { "text": "\t\te.printStackTrace();" } }, "contextRegion": { "startLine": 455, "endLine": 461, "snippet": { "text": "\t {\n\t\t// All other errors send the user to the generic error page\n\t\tSystem.out.println(\"handleRequest() error\");\n\t\te.printStackTrace();\n\t\tsetCurrentAction(s, ERROR_ACTION);\n\t }\n\t}\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 458 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 47, "level": "note", "message": { "text": "The method checkParams() in [WeakAuthenticationCookie.java](1) throws a generic exception making it harder for callers to do a good job of error handling and recovery.\r\nThe method throws a generic exception making it harder for callers to do a good job of error handling and recovery." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 132 }, "region": { "startLine": 124, "snippet": { "text": " protected String checkParams(WebSession s) throws Exception" } }, "contextRegion": { "startLine": 121, "endLine": 127, "snippet": { "text": " * @return Description of the Return Value\n * @exception Exception Description of the Exception\n */\n protected String checkParams(WebSession s) throws Exception\n {\n\tString username = s.getParser().getStringParameter(USERNAME, \"\");\n\tString password = s.getParser().getStringParameter(PASSWORD, \"\");\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 132 }, "region": { "startLine": 124, "snippet": { "text": " protected String checkParams(WebSession s) throws Exception" } }, "contextRegion": { "startLine": 121, "endLine": 127, "snippet": { "text": " * @return Description of the Return Value\n * @exception Exception Description of the Exception\n */\n protected String checkParams(WebSession s) throws Exception\n {\n\tString username = s.getParser().getStringParameter(USERNAME, \"\");\n\tString password = s.getParser().getStringParameter(PASSWORD, \"\");\n" } } }, "message": { "text": "Function: checkParams" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 132 }, "region": { "startLine": 124 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 77, "level": "note", "message": { "text": "The method getInstructions() in [LessonAdapter.java](1) ignores an exception on line [307](1), which could cause the program to overlook unexpected states and conditions.\r\nIgnoring an exception can cause the program to overlook unexpected states and conditions." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 116 }, "region": { "startLine": 307, "endLine": 308, "snippet": { "text": "\tcatch (Exception e)\r\n\t{}" } }, "contextRegion": { "startLine": 304, "endLine": 311, "snippet": { "text": "\t\t}\n\t }\n\t}\n\tcatch (Exception e)\n\t{}\n\n\treturn buff.toString();\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 116 }, "region": { "startLine": 307, "endLine": 308, "snippet": { "text": "\tcatch (Exception e)\r\n\t{}" } }, "contextRegion": { "startLine": 304, "endLine": 311, "snippet": { "text": "\t\t}\n\t }\n\t}\n\tcatch (Exception e)\n\t{}\n\n\treturn buff.toString();\n\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 116 }, "region": { "startLine": 307, "startColumn": 2, "endLine": 308 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 43, "message": { "text": "Weak cryptographic hashes cannot guarantee data integrity and should not be used in security-critical contexts." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 11 }, "region": { "startLine": 175, "snippet": { "text": "\t\t\tmd = MessageDigest.getInstance(\"SHA\");" } }, "contextRegion": { "startLine": 172, "endLine": 178, "snippet": { "text": "\t\tBASE64Encoder encoder = new BASE64Encoder();\n\t\t\n\t\ttry {\n\t\t\tmd = MessageDigest.getInstance(\"SHA\");\n\t\t\tbuffer = new Date().toString().getBytes();\n\t\t\t\n\t\t\tmd.update(buffer);\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 11 }, "region": { "startLine": 175, "snippet": { "text": "\t\t\tmd = MessageDigest.getInstance(\"SHA\");" } }, "contextRegion": { "startLine": 172, "endLine": 178, "snippet": { "text": "\t\tBASE64Encoder encoder = new BASE64Encoder();\n\t\t\n\t\ttry {\n\t\t\tmd = MessageDigest.getInstance(\"SHA\");\n\t\t\tbuffer = new Date().toString().getBytes();\n\t\t\t\n\t\t\tmd.update(buffer);\n" } } }, "message": { "text": "getInstance()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 11 }, "region": { "startLine": 175 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 17, "message": { "text": "The catch block at [Login.java](1) line [208](1) handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program.\r\nThe catch block handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 88 }, "region": { "startLine": 208, "endLine": 212, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t s.setMessage(\"Error logging in\");\r\n\t e.printStackTrace();\r\n\t}" } }, "contextRegion": { "startLine": 205, "endLine": 215, "snippet": { "text": "\t\tsqle.printStackTrace();\n\t }\n\t}\n\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error logging in\");\n\t e.printStackTrace();\n\t}\n\n\t//System.out.println(\"Lesson login result: \" + authenticated);\n\treturn authenticated;\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 88 }, "region": { "startLine": 208, "endLine": 212, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t s.setMessage(\"Error logging in\");\r\n\t e.printStackTrace();\r\n\t}" } }, "contextRegion": { "startLine": 205, "endLine": 215, "snippet": { "text": "\t\tsqle.printStackTrace();\n\t }\n\t}\n\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error logging in\");\n\t e.printStackTrace();\n\t}\n\n\t//System.out.println(\"Lesson login result: \" + authenticated);\n\treturn authenticated;\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 88 }, "region": { "startLine": 208, "startColumn": 2, "endLine": 212 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 126, "level": "error", "message": { "text": "On line [149](1) of [Login.java](1), the method login() invokes a SQL query built using input coming from an untrusted source. This call could allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands.\r\nConstructing a dynamic SQL statement with input coming from an untrusted source could allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 88 }, "region": { "startLine": 149, "snippet": { "text": "\t\tResultSet answer_results = answer_statement.executeQuery(query);" } }, "contextRegion": { "startLine": 146, "endLine": 152, "snippet": { "text": "\t\tStatement answer_statement = WebSession.getConnection(s)\n\t\t\t.createStatement(ResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tResultSet answer_results = answer_statement.executeQuery(query);\n\t\tif (answer_results.first())\n\t\t{\n\t\t setSessionAttribute(s,\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 67 }, { "index": 68 }, { "index": 69 }, { "index": 70 }, { "index": 76 }, { "index": 77 }, { "index": 729 }, { "index": 730 }, { "index": 731 }, { "index": 732 }, { "index": 339 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 88 }, "region": { "startLine": 149, "snippet": { "text": "\t\tResultSet answer_results = answer_statement.executeQuery(query);" } }, "contextRegion": { "startLine": 146, "endLine": 152, "snippet": { "text": "\t\tStatement answer_statement = WebSession.getConnection(s)\n\t\t\t.createStatement(ResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tResultSet answer_results = answer_statement.executeQuery(query);\n\t\tif (answer_results.first())\n\t\t{\n\t\t setSessionAttribute(s,\n" } } }, "message": { "text": "executeQuery(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 88 }, "region": { "startLine": 149, "startColumn": 60 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 126, "level": "error", "message": { "text": "On line [148](1) of [Login.java](1), the method login() invokes a SQL query built using input coming from an untrusted source. This call could allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands.\r\nConstructing a dynamic SQL statement with input coming from an untrusted source could allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 37 }, "region": { "startLine": 148, "snippet": { "text": "\t\tResultSet answer_results = answer_statement.executeQuery(query);" } }, "contextRegion": { "startLine": 145, "endLine": 151, "snippet": { "text": "\t\tStatement answer_statement = WebSession.getConnection(s)\n\t\t\t.createStatement(ResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tResultSet answer_results = answer_statement.executeQuery(query);\n\t\tif (answer_results.first())\n\t\t{\n\t\t setSessionAttribute(s,\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 67 }, { "index": 68 }, { "index": 69 }, { "index": 70 }, { "index": 76 }, { "index": 77 }, { "index": 725 }, { "index": 726 }, { "index": 727 }, { "index": 728 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 37 }, "region": { "startLine": 148, "snippet": { "text": "\t\tResultSet answer_results = answer_statement.executeQuery(query);" } }, "contextRegion": { "startLine": 145, "endLine": 151, "snippet": { "text": "\t\tStatement answer_statement = WebSession.getConnection(s)\n\t\t\t.createStatement(ResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tResultSet answer_results = answer_statement.executeQuery(query);\n\t\tif (answer_results.first())\n\t\t{\n\t\t setSessionAttribute(s,\n" } } }, "message": { "text": "executeQuery(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 37 }, "region": { "startLine": 148, "startColumn": 60 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 142, "message": { "text": "The call to equals() on line [96](1) causes portability problems because it has different locales which may lead to unexpected output. This may also circumvent custom validation routines.\r\nUnexpected portability problems can be found when the locale is not specified." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 96, "snippet": { "text": "\t\t\t\t.toLowerCase().equals(\"ls\")" } }, "contextRegion": { "startLine": 93, "endLine": 99, "snippet": { "text": "\t\t\t|| helpFile.substring(index, helpFileLen).trim()\n\t\t\t\t.toLowerCase().equals(\"dir\")\n\t\t\t|| helpFile.substring(index, helpFileLen).trim()\n\t\t\t\t.toLowerCase().equals(\"ls\")\n\t\t\t|| helpFile.substring(index, helpFileLen).trim()\n\t\t\t\t.toLowerCase().equals(\"ifconfig\") || helpFile\n\t\t\t.substring(index, helpFileLen).trim().toLowerCase()\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 77, "snippet": { "text": "\t if (s.isDefuseOSCommands()" } }, "contextRegion": { "startLine": 74, "endLine": 80, "snippet": { "text": "\t String helpFile = s.getParser().getRawParameter(HELP_FILE,\n\t\t \"BasicAuthentication.help\");\n\t String safeDirName;\n\t if (s.isDefuseOSCommands()\n\t\t && (helpFile.indexOf('&') != -1 || helpFile.indexOf(';') != -1))\n\t {\n\t\tint index = helpFile.indexOf('&');\n" } } }, "message": { "text": "Branch taken" } }, "kinds": [ "branch", "true" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 78, "snippet": { "text": "\t\t && (helpFile.indexOf('&') != -1 || helpFile.indexOf(';') != -1))" } }, "contextRegion": { "startLine": 75, "endLine": 81, "snippet": { "text": "\t\t \"BasicAuthentication.help\");\n\t String safeDirName;\n\t if (s.isDefuseOSCommands()\n\t\t && (helpFile.indexOf('&') != -1 || helpFile.indexOf(';') != -1))\n\t {\n\t\tint index = helpFile.indexOf('&');\n\t\tif (index == -1)\n" } } }, "message": { "text": "Branch taken" } }, "kinds": [ "branch", "true" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 90, "snippet": { "text": "\t\tif ((osName.indexOf(\"Windows\") != -1 && (helpFile.substring(" } }, "contextRegion": { "startLine": 87, "endLine": 93, "snippet": { "text": "\t\tSystem.out.println(\"Command = [\"\n\t\t\t+ helpFile.substring(index, helpFileLen).trim()\n\t\t\t\t.toLowerCase() + \"]\");\n\t\tif ((osName.indexOf(\"Windows\") != -1 && (helpFile.substring(\n\t\t\tindex, helpFileLen).trim().toLowerCase().equals(\n\t\t\t\"netstat -a\")\n\t\t\t|| helpFile.substring(index, helpFileLen).trim()\n" } } }, "message": { "text": "Branch taken" } }, "kinds": [ "branch", "true" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 91, "snippet": { "text": "\t\t\tindex, helpFileLen).trim().toLowerCase().equals(" } }, "contextRegion": { "startLine": 88, "endLine": 94, "snippet": { "text": "\t\t\t+ helpFile.substring(index, helpFileLen).trim()\n\t\t\t\t.toLowerCase() + \"]\");\n\t\tif ((osName.indexOf(\"Windows\") != -1 && (helpFile.substring(\n\t\t\tindex, helpFileLen).trim().toLowerCase().equals(\n\t\t\t\"netstat -a\")\n\t\t\t|| helpFile.substring(index, helpFileLen).trim()\n\t\t\t\t.toLowerCase().equals(\"dir\")\n" } } }, "message": { "text": "Branch not taken" } }, "kinds": [ "branch", "false" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 94, "snippet": { "text": "\t\t\t\t.toLowerCase().equals(\"dir\")" } }, "contextRegion": { "startLine": 91, "endLine": 97, "snippet": { "text": "\t\t\tindex, helpFileLen).trim().toLowerCase().equals(\n\t\t\t\"netstat -a\")\n\t\t\t|| helpFile.substring(index, helpFileLen).trim()\n\t\t\t\t.toLowerCase().equals(\"dir\")\n\t\t\t|| helpFile.substring(index, helpFileLen).trim()\n\t\t\t\t.toLowerCase().equals(\"ls\")\n\t\t\t|| helpFile.substring(index, helpFileLen).trim()\n" } } }, "message": { "text": "Branch not taken" } }, "kinds": [ "branch", "false" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 96, "snippet": { "text": "\t\t\t\t.toLowerCase().equals(\"ls\")" } }, "contextRegion": { "startLine": 93, "endLine": 99, "snippet": { "text": "\t\t\t|| helpFile.substring(index, helpFileLen).trim()\n\t\t\t\t.toLowerCase().equals(\"dir\")\n\t\t\t|| helpFile.substring(index, helpFileLen).trim()\n\t\t\t\t.toLowerCase().equals(\"ls\")\n\t\t\t|| helpFile.substring(index, helpFileLen).trim()\n\t\t\t\t.toLowerCase().equals(\"ifconfig\") || helpFile\n\t\t\t.substring(index, helpFileLen).trim().toLowerCase()\n" } } }, "message": { "text": "toLowerCase() : Case changed using default locale" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 96, "snippet": { "text": "\t\t\t\t.toLowerCase().equals(\"ls\")" } }, "contextRegion": { "startLine": 93, "endLine": 99, "snippet": { "text": "\t\t\t|| helpFile.substring(index, helpFileLen).trim()\n\t\t\t\t.toLowerCase().equals(\"dir\")\n\t\t\t|| helpFile.substring(index, helpFileLen).trim()\n\t\t\t\t.toLowerCase().equals(\"ls\")\n\t\t\t|| helpFile.substring(index, helpFileLen).trim()\n\t\t\t\t.toLowerCase().equals(\"ifconfig\") || helpFile\n\t\t\t.substring(index, helpFileLen).trim().toLowerCase()\n" } } }, "message": { "text": "helpFile.substring(index, helpFileLen).trim().toLowerCase().equals(...) : Comparison without checking locale" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 96 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 108, "level": "error", "message": { "text": "The method getStringParameter() in [ParameterParser.java](1) mishandles confidential information, which can compromise user privacy and is often illegal.\r\nMishandling private information, such as customer passwords or social security numbers, can compromise user privacy and is often illegal." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 699, "snippet": { "text": "\t throw new ParameterNotFoundException(name + \" was empty\");" } }, "contextRegion": { "startLine": 696, "endLine": 702, "snippet": { "text": "\t}\n\telse if (values[0].length() == 0)\n\t{\n\t throw new ParameterNotFoundException(name + \" was empty\");\n\t}\n\telse\n\t{\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 282 }, { "index": 283 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 699, "snippet": { "text": "\t throw new ParameterNotFoundException(name + \" was empty\");" } }, "contextRegion": { "startLine": 696, "endLine": 702, "snippet": { "text": "\t}\n\telse if (values[0].length() == 0)\n\t{\n\t throw new ParameterNotFoundException(name + \" was empty\");\n\t}\n\telse\n\t{\n" } } }, "message": { "text": "ParameterNotFoundException(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 699 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function findEmployeeProfile() in [FindProfile.java](1) might reveal system data or debugging information by calling printStackTrace() on line [213](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 51 }, "region": { "startLine": 213, "snippet": { "text": "\t\tsqle.printStackTrace();" } }, "contextRegion": { "startLine": 210, "endLine": 216, "snippet": { "text": "\t catch (SQLException sqle)\n\t {\n\t\ts.setMessage(\"Error finding employee profile\");\n\t\tsqle.printStackTrace();\n\t }\n\t}\n\tcatch (Exception e)\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 51 }, "region": { "startLine": 213, "snippet": { "text": "\t\tsqle.printStackTrace();" } }, "contextRegion": { "startLine": 210, "endLine": 216, "snippet": { "text": "\t catch (SQLException sqle)\n\t {\n\t\ts.setMessage(\"Error finding employee profile\");\n\t\tsqle.printStackTrace();\n\t }\n\t}\n\tcatch (Exception e)\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 51 }, "region": { "startLine": 213 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 17, "message": { "text": "The catch block at [WebSession.java](1) line [445](1) handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program.\r\nThe catch block handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 46 }, "region": { "startLine": 445, "endLine": 449, "snippet": { "text": "\t\tcatch ( Exception e )\r\n\t\t{\r\n\t\t\tSystem.out.println( \"Couldn't open database: check web.xml database parameters\" );\r\n\t\t\te.printStackTrace();\r\n\t\t}" } }, "contextRegion": { "startLine": 442, "endLine": 452, "snippet": { "text": "\n\t\t\treturn realConnectionString;\n\t\t}\n\t\tcatch ( Exception e )\n\t\t{\n\t\t\tSystem.out.println( \"Couldn't open database: check web.xml database parameters\" );\n\t\t\te.printStackTrace();\n\t\t}\n\n\t\treturn null;\n\t}\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 46 }, "region": { "startLine": 445, "endLine": 449, "snippet": { "text": "\t\tcatch ( Exception e )\r\n\t\t{\r\n\t\t\tSystem.out.println( \"Couldn't open database: check web.xml database parameters\" );\r\n\t\t\te.printStackTrace();\r\n\t\t}" } }, "contextRegion": { "startLine": 442, "endLine": 452, "snippet": { "text": "\n\t\t\treturn realConnectionString;\n\t\t}\n\t\tcatch ( Exception e )\n\t\t{\n\t\t\tSystem.out.println( \"Couldn't open database: check web.xml database parameters\" );\n\t\t\te.printStackTrace();\n\t\t}\n\n\t\treturn null;\n\t}\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 46 }, "region": { "startLine": 445, "startColumn": 3, "endLine": 449 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 125, "level": "error", "message": { "text": "The method _jspService() in [ViewProfile.jsp](1) mishandles confidential information, which can compromise user privacy and is often illegal.\r\nMishandling private information, such as customer passwords or social security numbers, can compromise user privacy and is often illegal." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 16 }, "region": { "startLine": 71, "snippet": { "text": "\t\t\t\t\t\t<%=employee.getCcn()%>" } }, "contextRegion": { "startLine": 68, "endLine": 74, "snippet": { "text": "\t\t\t\t\t\tCredit Card: \n\t\t\t\t\t\n\t\t\t\t\t\t<%=employee.getCcn()%>\n\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\tCredit Card Limit: \n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 421 }, { "index": 422 }, { "index": 256 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 16 }, "region": { "startLine": 71, "snippet": { "text": "\t\t\t\t\t\t<%=employee.getCcn()%>" } }, "contextRegion": { "startLine": 68, "endLine": 74, "snippet": { "text": "\t\t\t\t\t\tCredit Card: \n\t\t\t\t\t\n\t\t\t\t\t\t<%=employee.getCcn()%>\n\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\tCredit Card Limit: \n" } } }, "message": { "text": "print(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 16 }, "region": { "startLine": 71 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 125, "level": "error", "message": { "text": "The method _jspService() in [EditProfile.jsp](1) mishandles confidential information, which can compromise user privacy and is often illegal.\r\nMishandling private information, such as customer passwords or social security numbers, can compromise user privacy and is often illegal." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 79 }, "region": { "startLine": 54, "snippet": { "text": "\t\t\t \t\t\" type=\"text\" value=\"<%=employee.getSsn()%>\"/> " } }, "contextRegion": { "startLine": 51, "endLine": 57, "snippet": { "text": "\t\t\t \t\tSSN: \n\t\t\t \t\n\t\t\t \t\t\" type=\"text\" value=\"<%=employee.getSsn()%>\"/> \n\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\tSalary: \n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 13 }, { "index": 14 }, { "index": 346 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 79 }, "region": { "startLine": 54, "snippet": { "text": "\t\t\t \t\t\" type=\"text\" value=\"<%=employee.getSsn()%>\"/> " } }, "contextRegion": { "startLine": 51, "endLine": 57, "snippet": { "text": "\t\t\t \t\tSSN: \n\t\t\t \t\n\t\t\t \t\t\" type=\"text\" value=\"<%=employee.getSsn()%>\"/> \n\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\tSalary: \n" } } }, "message": { "text": "print(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 79 }, "region": { "startLine": 54 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 17, "message": { "text": "The catch block at [Encoding.java](1) line [888](1) handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program.\r\nThe catch block handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 888, "endLine": 891, "snippet": { "text": "\t\tcatch ( Exception e )\r\n\t\t{\r\n\t\t\treturn ( \"Encoding problem\" );\r\n\t\t}" } }, "contextRegion": { "startLine": 885, "endLine": 894, "snippet": { "text": "\t\t\tCharBuffer cbuf = decoder.decode( bbuf );\n\t\t\treturn ( cbuf.toString() );\n\t\t}\n\t\tcatch ( Exception e )\n\t\t{\n\t\t\treturn ( \"Encoding problem\" );\n\t\t}\n\t}\n\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 888, "endLine": 891, "snippet": { "text": "\t\tcatch ( Exception e )\r\n\t\t{\r\n\t\t\treturn ( \"Encoding problem\" );\r\n\t\t}" } }, "contextRegion": { "startLine": 885, "endLine": 894, "snippet": { "text": "\t\t\tCharBuffer cbuf = decoder.decode( bbuf );\n\t\t\treturn ( cbuf.toString() );\n\t\t}\n\t\tcatch ( Exception e )\n\t\t{\n\t\t\treturn ( \"Encoding problem\" );\n\t\t}\n\t}\n\n\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 888, "startColumn": 3, "endLine": 891 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 17, "message": { "text": "The catch block at [WsSAXInjection.java](1) line [163](1) handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program.\r\nThe catch block handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 18 }, "region": { "startLine": 163, "endLine": 167, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\r\n\t e.printStackTrace();\r\n\t}" } }, "contextRegion": { "startLine": 160, "endLine": 170, "snippet": { "text": "\t\tec.addElement(checkXML(s, xml));\n\t }\n\t}\n\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\n\t e.printStackTrace();\n\t}\n\treturn (ec);\n }\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 18 }, "region": { "startLine": 163, "endLine": 167, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\r\n\t e.printStackTrace();\r\n\t}" } }, "contextRegion": { "startLine": 160, "endLine": 170, "snippet": { "text": "\t\tec.addElement(checkXML(s, xml));\n\t }\n\t}\n\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\n\t e.printStackTrace();\n\t}\n\treturn (ec);\n }\n\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 18 }, "region": { "startLine": 163, "startColumn": 2, "endLine": 167 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 28, "message": { "text": "The form post at [error.jsp](1) line [10](1) must contain a user-specific secret in order to prevent an attacker from making unauthorized requests.\r\nForm posts must contain a user-specific secret in order to prevent an attacker from making unauthorized requests." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 24 }, "region": { "startLine": 10, "endLine": 13, "snippet": { "text": "\">\r\n\r\n \"/>\r\n" } }, "contextRegion": { "startLine": 7, "endLine": 16, "snippet": { "text": "%>\n


An error has occurred.\n


\n
\">\n\n \"/>\n
\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 24 }, "region": { "startLine": 10, "endLine": 13, "snippet": { "text": "
\">\r\n\r\n \"/>\r\n
" } }, "contextRegion": { "startLine": 7, "endLine": 16, "snippet": { "text": "%>\n


An error has occurred.\n


\n
\">\n\n \"/>\n
\n" } } } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 24 }, "region": { "startLine": 10, "startColumn": 1, "endLine": 13 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function injectableQuery() in [SqlStringInjection.java](1) might reveal system data or debugging information by calling printStackTrace() on line [152](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 13 }, "region": { "startLine": 152, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 149, "endLine": 155, "snippet": { "text": "\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\n\t e.printStackTrace();\n\t}\n\n\treturn (ec);\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 13 }, "region": { "startLine": 152, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 149, "endLine": 155, "snippet": { "text": "\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\n\t e.printStackTrace();\n\t}\n\n\treturn (ec);\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 13 }, "region": { "startLine": 152 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 49, "level": "note", "message": { "text": "The function handleRequest() in [SqlStringInjection.java](1) might reveal system data or debugging information by calling println() on line [316](1). The information revealed by println() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 13 }, "region": { "startLine": 316, "snippet": { "text": "\t System.out.println(\"Exception caught: \" + e);" } }, "contextRegion": { "startLine": 313, "endLine": 319, "snippet": { "text": "\t}\n\tcatch (Exception e)\n\t{\n\t System.out.println(\"Exception caught: \" + e);\n\t e.printStackTrace(System.out);\n\t}\n }\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 733 }, { "index": 734 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 13 }, "region": { "startLine": 316, "snippet": { "text": "\t System.out.println(\"Exception caught: \" + e);" } }, "contextRegion": { "startLine": 313, "endLine": 319, "snippet": { "text": "\t}\n\tcatch (Exception e)\n\t{\n\t System.out.println(\"Exception caught: \" + e);\n\t e.printStackTrace(System.out);\n\t}\n }\n" } } }, "message": { "text": "println(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 13 }, "region": { "startLine": 316 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 62, "level": "error", "message": { "text": "The method createContent() in [TraceXSS.java](1) sends unvalidated data to a web browser on line [207](1), which can result in the browser executing malicious code.\r\nSending unvalidated data to a web browser can result in the browser executing malicious code." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 62 }, "region": { "startLine": 207, "snippet": { "text": "\t\t param1)));" } }, "contextRegion": { "startLine": 204, "endLine": 210, "snippet": { "text": "\t tr.addElement(new TD()\n\t\t .addElement(\"Enter your three digit access code:\"));\n\t tr.addElement(new TD().addElement(new Input(Input.TEXT, \"field1\",\n\t\t param1)));\n\t t.addElement(tr);\n\n\t Element b = ECSFactory.makeButton(\"Purchase\");\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 0 }, { "index": 2 }, { "index": 3 }, { "index": 7 }, { "index": 10 }, { "index": 735 }, { "index": 736 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 62 }, "region": { "startLine": 207, "snippet": { "text": "\t\t param1)));" } }, "contextRegion": { "startLine": 204, "endLine": 210, "snippet": { "text": "\t tr.addElement(new TD()\n\t\t .addElement(\"Enter your three digit access code:\"));\n\t tr.addElement(new TD().addElement(new Input(Input.TEXT, \"field1\",\n\t\t param1)));\n\t t.addElement(tr);\n\n\t Element b = ECSFactory.makeButton(\"Purchase\");\n" } } }, "message": { "text": "Input(2)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 62 }, "region": { "startLine": 207, "startColumn": 7 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 47, "level": "note", "message": { "text": "The method doStage6() in [LessonAdapter.java](1) throws a generic exception making it harder for callers to do a good job of error handling and recovery.\r\nThe method throws a generic exception making it harder for callers to do a good job of error handling and recovery." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 116 }, "region": { "startLine": 184, "snippet": { "text": " protected Element doStage6(WebSession s) throws Exception" } }, "contextRegion": { "startLine": 181, "endLine": 187, "snippet": { "text": " }\n\n\n protected Element doStage6(WebSession s) throws Exception\n {\n\tElementContainer ec = new ElementContainer();\n\tec.addElement(\"Stage 6 Stub\");\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 116 }, "region": { "startLine": 184, "snippet": { "text": " protected Element doStage6(WebSession s) throws Exception" } }, "contextRegion": { "startLine": 181, "endLine": 187, "snippet": { "text": " }\n\n\n protected Element doStage6(WebSession s) throws Exception\n {\n\tElementContainer ec = new ElementContainer();\n\tec.addElement(\"Stage 6 Stub\");\n" } } }, "message": { "text": "Function: doStage6" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 116 }, "region": { "startLine": 184 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 102, "level": "error", "message": { "text": "On line [106](1) of [BackDoors.java](1), the method concept1() invokes a SQL query built using input coming from an untrusted source. This call could allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands.\r\nConstructing a dynamic SQL statement with input coming from an untrusted source could allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 110 }, "region": { "startLine": 106, "snippet": { "text": "\t\t statement.executeUpdate(arrSQL[1]);" } }, "contextRegion": { "startLine": 103, "endLine": 109, "snippet": { "text": "\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tif (arrSQL.length == 2)\n\t\t{\n\t\t statement.executeUpdate(arrSQL[1]);\n\n\t\t getLessonTracker(s).setStage(2);\n\t\t s\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 0 }, { "index": 2 }, { "index": 3 }, { "index": 7 }, { "index": 10 }, { "index": 570 }, { "index": 571 }, { "index": 572 }, { "index": 573 }, { "index": 574 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 110 }, "region": { "startLine": 106, "snippet": { "text": "\t\t statement.executeUpdate(arrSQL[1]);" } }, "contextRegion": { "startLine": 103, "endLine": 109, "snippet": { "text": "\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tif (arrSQL.length == 2)\n\t\t{\n\t\t statement.executeUpdate(arrSQL[1]);\n\n\t\t getLessonTracker(s).setStage(2);\n\t\t s\n" } } }, "message": { "text": "executeUpdate(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 110 }, "region": { "startLine": 106, "startColumn": 31 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 114, "message": { "text": "The method setHttpOnly() in [HttpOnly.java](1) includes unvalidated data in an HTTP response header on line [198](1). This enables attacks such as cache-poisoning, cross-site scripting, cross-user defacement, page hijacking, cookie manipulation or open redirect.\r\nIncluding unvalidated data in an HTTP response header can enable cache-poisoning, cross-site scripting, cross-user defacement, page hijacking, cookie manipulation or open redirect." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 11 }, "region": { "startLine": 198, "snippet": { "text": "\t\t\tresponse.setHeader(\"Set-Cookie\", UNIQUE2U + \"=\" + cookie + \"; HttpOnly\");" } }, "contextRegion": { "startLine": 195, "endLine": 201, "snippet": { "text": "\t\t\tresponse.setHeader(\"Set-Cookie\", UNIQUE2U + \"=\" + value + \"; HttpOnly\");\n\t\t\toriginal = value;\n\t\t} else {\n\t\t\tresponse.setHeader(\"Set-Cookie\", UNIQUE2U + \"=\" + cookie + \"; HttpOnly\");\n\t\t\toriginal = cookie;\n\t\t}\n\t}\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 340 }, { "index": 341 }, { "index": 342 }, { "index": 343 }, { "index": 739 }, { "index": 740 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 11 }, "region": { "startLine": 198, "snippet": { "text": "\t\t\tresponse.setHeader(\"Set-Cookie\", UNIQUE2U + \"=\" + cookie + \"; HttpOnly\");" } }, "contextRegion": { "startLine": 195, "endLine": 201, "snippet": { "text": "\t\t\tresponse.setHeader(\"Set-Cookie\", UNIQUE2U + \"=\" + value + \"; HttpOnly\");\n\t\t\toriginal = value;\n\t\t} else {\n\t\t\tresponse.setHeader(\"Set-Cookie\", UNIQUE2U + \"=\" + cookie + \"; HttpOnly\");\n\t\t\toriginal = cookie;\n\t\t}\n\t}\n" } } }, "message": { "text": "setHeader(1)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 11 }, "region": { "startLine": 198 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 62, "level": "error", "message": { "text": "The method createContent() in [Encoding.java](1) sends unvalidated data to a web browser on line [359](1), which can result in the browser executing malicious code.\r\nSending unvalidated data to a web browser can result in the browser executing malicious code." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 359, "snippet": { "text": "\t\t\tInput input = new Input( Input.TEXT, INPUT, userInput );" } }, "contextRegion": { "startLine": 356, "endLine": 362, "snippet": { "text": "\n\t\t\ttr.addElement( new TD( \"Enter a string: \" ) );\n\n\t\t\tInput input = new Input( Input.TEXT, INPUT, userInput );\n\n\t\t\ttr.addElement( new TD().addElement( input ) );\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 0 }, { "index": 2 }, { "index": 3 }, { "index": 7 }, { "index": 10 }, { "index": 737 }, { "index": 738 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 359, "snippet": { "text": "\t\t\tInput input = new Input( Input.TEXT, INPUT, userInput );" } }, "contextRegion": { "startLine": 356, "endLine": 362, "snippet": { "text": "\n\t\t\ttr.addElement( new TD( \"Enter a string: \" ) );\n\n\t\t\tInput input = new Input( Input.TEXT, INPUT, userInput );\n\n\t\t\ttr.addElement( new TD().addElement( input ) );\n\n" } } }, "message": { "text": "Input(2)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 359, "startColumn": 48 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 108, "level": "error", "message": { "text": "The method ParameterNotFoundException() in [ParameterNotFoundException.java](1) mishandles confidential information, which can compromise user privacy and is often illegal.\r\nMishandling private information, such as customer passwords or social security numbers, can compromise user privacy and is often illegal." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 77 }, "region": { "startLine": 54, "snippet": { "text": "\tsuper(s);" } }, "contextRegion": { "startLine": 51, "endLine": 57, "snippet": { "text": " */\n public ParameterNotFoundException(String s)\n {\n\tsuper(s);\n }\n}\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 165 }, { "index": 166 }, { "index": 335 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 77 }, "region": { "startLine": 54, "snippet": { "text": "\tsuper(s);" } }, "contextRegion": { "startLine": 51, "endLine": 57, "snippet": { "text": " */\n public ParameterNotFoundException(String s)\n {\n\tsuper(s);\n }\n}\n" } } }, "message": { "text": "Exception(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 77 }, "region": { "startLine": 54, "startColumn": 8 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 17, "message": { "text": "The catch block at [CommandInjection.java](1) line [208](1) handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program.\r\nThe catch block handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 208, "endLine": 212, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\r\n\t e.printStackTrace();\r\n\t}" } }, "contextRegion": { "startLine": 205, "endLine": 215, "snippet": { "text": "\n\t }\n\t}\n\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\n\t e.printStackTrace();\n\t}\n\n\treturn (ec);\n }\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 208, "endLine": 212, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\r\n\t e.printStackTrace();\r\n\t}" } }, "contextRegion": { "startLine": 205, "endLine": 215, "snippet": { "text": "\n\t }\n\t}\n\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\n\t e.printStackTrace();\n\t}\n\n\treturn (ec);\n }\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 208, "startColumn": 2, "endLine": 212 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function getAllEmployees_BACKUP() in [ListStaff.java](1) might reveal system data or debugging information by calling printStackTrace() on line [169](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 108 }, "region": { "startLine": 169, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 166, "endLine": 172, "snippet": { "text": "\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error getting employees\");\n\t e.printStackTrace();\n\t}\n\n\treturn employees;\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 108 }, "region": { "startLine": 169, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 166, "endLine": 172, "snippet": { "text": "\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error getting employees\");\n\t e.printStackTrace();\n\t}\n\n\treturn employees;\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 108 }, "region": { "startLine": 169 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 24, "level": "error", "message": { "text": "The method makeList() in [CSRF.java](1) sends unvalidated data to a web browser on line [193](1), which can result in the browser executing malicious code.\r\nSending unvalidated data to a web browser can result in the browser executing malicious code." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 103 }, "region": { "startLine": 193, "snippet": { "text": "\t\t\t\t\tTD td = new TD().addElement( link );" } }, "contextRegion": { "startLine": 190, "endLine": 196, "snippet": { "text": "\t\t\t \"&Screen=\" + String.valueOf(getScreenId()) +\n\t\t\t \"&menu=\" + getDefaultCategory().getRanking().toString() +\n\t\t\t \"' style='cursor:hand'>\" + results.getString( TITLE_COL ) + \"\";\n\t\t\t\t\tTD td = new TD().addElement( link );\n\t\t\t\t\tTR tr = new TR().addElement( td );\n\t\t\t\t\tt.addElement( tr );\n\t\t\t\t}\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 741 }, { "index": 742 }, { "index": 743 }, { "index": 744 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 103 }, "region": { "startLine": 193, "snippet": { "text": "\t\t\t\t\tTD td = new TD().addElement( link );" } }, "contextRegion": { "startLine": 190, "endLine": 196, "snippet": { "text": "\t\t\t \"&Screen=\" + String.valueOf(getScreenId()) +\n\t\t\t \"&menu=\" + getDefaultCategory().getRanking().toString() +\n\t\t\t \"' style='cursor:hand'>\" + results.getString( TITLE_COL ) + \"\";\n\t\t\t\t\tTD td = new TD().addElement( link );\n\t\t\t\t\tTR tr = new TR().addElement( td );\n\t\t\t\t\tt.addElement( tr );\n\t\t\t\t}\n" } } }, "message": { "text": "addElement(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 103 }, "region": { "startLine": 193, "startColumn": 35 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 33, "level": "note", "message": { "text": "Using println() rather than a dedicated logging facility makes it difficult to monitor the behavior of the program.\r\nUsing `System.out` or `System.err` rather than a dedicated logging facility makes it difficult to monitor the behavior of the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 120 }, "region": { "startLine": 121, "snippet": { "text": "\t System.out.println(\"Error loading properties\");" } }, "contextRegion": { "startLine": 118, "endLine": 124, "snippet": { "text": "\t}\n\tcatch (IOException e)\n\t{\n\t System.out.println(\"Error loading properties\");\n\t e.printStackTrace();\n\t}\n\tSystem.out.println(properties.getProperty(\"CommandInjection.category\"));\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 120 }, "region": { "startLine": 121, "snippet": { "text": "\t System.out.println(\"Error loading properties\");" } }, "contextRegion": { "startLine": 118, "endLine": 124, "snippet": { "text": "\t}\n\tcatch (IOException e)\n\t{\n\t System.out.println(\"Error loading properties\");\n\t e.printStackTrace();\n\t}\n\tSystem.out.println(properties.getProperty(\"CommandInjection.category\"));\n" } } }, "message": { "text": "FunctionCall: println" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 120 }, "region": { "startLine": 121 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 33, "level": "note", "message": { "text": "Using println() rather than a dedicated logging facility makes it difficult to monitor the behavior of the program.\r\nUsing `System.out` or `System.err` rather than a dedicated logging facility makes it difficult to monitor the behavior of the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 120 }, "region": { "startLine": 124, "snippet": { "text": "\tSystem.out.println(properties.getProperty(\"CommandInjection.category\"));" } }, "contextRegion": { "startLine": 121, "endLine": 127, "snippet": { "text": "\t System.out.println(\"Error loading properties\");\n\t e.printStackTrace();\n\t}\n\tSystem.out.println(properties.getProperty(\"CommandInjection.category\"));\n }\n\n}\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 120 }, "region": { "startLine": 124, "snippet": { "text": "\tSystem.out.println(properties.getProperty(\"CommandInjection.category\"));" } }, "contextRegion": { "startLine": 121, "endLine": 127, "snippet": { "text": "\t System.out.println(\"Error loading properties\");\n\t e.printStackTrace();\n\t}\n\tSystem.out.println(properties.getProperty(\"CommandInjection.category\"));\n }\n\n}\n" } } }, "message": { "text": "FunctionCall: println" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 120 }, "region": { "startLine": 124 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 17, "message": { "text": "The catch block at [ParameterParser.java](1) line [882](1) handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program.\r\nThe catch block handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 882, "endLine": 887, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t //System.out.println(\"Exception occured in defined pattern match\");\r\n\t //e.printStackTrace();\r\n\t return def;\r\n\t}" } }, "contextRegion": { "startLine": 879, "endLine": 890, "snippet": { "text": "\t{\n\t return getRegexParameter(name, regexpattern);\n\t}\n\tcatch (Exception e)\n\t{\n\t //System.out.println(\"Exception occured in defined pattern match\");\n\t //e.printStackTrace();\n\t return def;\n\t}\n }\n\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 882, "endLine": 887, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t //System.out.println(\"Exception occured in defined pattern match\");\r\n\t //e.printStackTrace();\r\n\t return def;\r\n\t}" } }, "contextRegion": { "startLine": 879, "endLine": 890, "snippet": { "text": "\t{\n\t return getRegexParameter(name, regexpattern);\n\t}\n\tcatch (Exception e)\n\t{\n\t //System.out.println(\"Exception occured in defined pattern match\");\n\t //e.printStackTrace();\n\t return def;\n\t}\n }\n\n\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 882, "startColumn": 2, "endLine": 887 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 17, "message": { "text": "The catch block at [CSRF.java](1) line [272](1) handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program.\r\nThe catch block handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 103 }, "region": { "startLine": 272, "endLine": 276, "snippet": { "text": "\t\tcatch ( Exception e )\r\n\t\t{\r\n\t\t\ts.setMessage( \"Error generating \" + this.getClass().getName() );\r\n\t\t\te.printStackTrace();\r\n\t\t}" } }, "contextRegion": { "startLine": 269, "endLine": 279, "snippet": { "text": "\t\t\t}\n\n\t\t}\n\t\tcatch ( Exception e )\n\t\t{\n\t\t\ts.setMessage( \"Error generating \" + this.getClass().getName() );\n\t\t\te.printStackTrace();\n\t\t}\n\n\t\treturn ( ec );\n\t}\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 103 }, "region": { "startLine": 272, "endLine": 276, "snippet": { "text": "\t\tcatch ( Exception e )\r\n\t\t{\r\n\t\t\ts.setMessage( \"Error generating \" + this.getClass().getName() );\r\n\t\t\te.printStackTrace();\r\n\t\t}" } }, "contextRegion": { "startLine": 269, "endLine": 279, "snippet": { "text": "\t\t\t}\n\n\t\t}\n\t\tcatch ( Exception e )\n\t\t{\n\t\t\ts.setMessage( \"Error generating \" + this.getClass().getName() );\n\t\t\te.printStackTrace();\n\t\t}\n\n\t\treturn ( ec );\n\t}\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 103 }, "region": { "startLine": 272, "startColumn": 3, "endLine": 276 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 53, "message": { "text": "The J2EE standard forbids the direct management of connections." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 17 }, "region": { "startLine": 98, "snippet": { "text": "\t\t\t.getConnection(\"jdbc:odbc:;DRIVER=Microsoft Access Driver (*.mdb);DBQ=\"" } }, "contextRegion": { "startLine": 95, "endLine": 101, "snippet": { "text": "\t\tSystem.out.println(\"DBName: \" + dbName);\n\t\tClass.forName(\"sun.jdbc.odbc.JdbcOdbcDriver\");\n\t\treturn DriverManager\n\t\t\t.getConnection(\"jdbc:odbc:;DRIVER=Microsoft Access Driver (*.mdb);DBQ=\"\n\t\t\t\t+ dbName + \";PWD=webgoat\");\n\t }\n\t else\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 17 }, "region": { "startLine": 98, "snippet": { "text": "\t\t\t.getConnection(\"jdbc:odbc:;DRIVER=Microsoft Access Driver (*.mdb);DBQ=\"" } }, "contextRegion": { "startLine": 95, "endLine": 101, "snippet": { "text": "\t\tSystem.out.println(\"DBName: \" + dbName);\n\t\tClass.forName(\"sun.jdbc.odbc.JdbcOdbcDriver\");\n\t\treturn DriverManager\n\t\t\t.getConnection(\"jdbc:odbc:;DRIVER=Microsoft Access Driver (*.mdb);DBQ=\"\n\t\t\t\t+ dbName + \";PWD=webgoat\");\n\t }\n\t else\n" } } }, "message": { "text": "getConnection()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 17 }, "region": { "startLine": 98 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 2, "message": { "text": "On line [187](1) of [HammerHead.java](1), the method is called after the stream has already been committed or obtained.\r\nAfter a servlet's output stream has already been committed, it is erroneous to reset the stream buffer or perform any other action that recommits to the stream. Likewise, it is erroneous to call `getWriter()` after calling `getOutputStream` or vice versa." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 187, "snippet": { "text": "\t request.getRequestDispatcher(getViewPage(mySession)).forward(" } }, "contextRegion": { "startLine": 184, "endLine": 190, "snippet": { "text": "\t request.getSession().setAttribute(\"websession\", mySession);\n\t request.getSession().setAttribute(\"course\", mySession.getCourse());\n\n\t request.getRequestDispatcher(getViewPage(mySession)).forward(\n\t\t request, response);\n\t}\n\tcatch (Throwable t)\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 135, "snippet": { "text": "\t mySession = updateSession(request, response, context);" } }, "contextRegion": { "startLine": 132, "endLine": 138, "snippet": { "text": "\n\t // FIXME: If a response is written by updateSession(), do not\n\t // call makeScreen() and writeScreen()\n\t mySession = updateSession(request, response, context);\n\t if (response.isCommitted())\n\t\treturn;\n\n" } } }, "message": { "text": "?.updateSession(?, response, ?)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 136, "snippet": { "text": "\t if (response.isCommitted())" } }, "contextRegion": { "startLine": 133, "endLine": 139, "snippet": { "text": "\t // FIXME: If a response is written by updateSession(), do not\n\t // call makeScreen() and writeScreen()\n\t mySession = updateSession(request, response, context);\n\t if (response.isCommitted())\n\t\treturn;\n\n\t // Note: For the lesson to track the status, we need to update\n" } } }, "message": { "text": "Branch not taken" } }, "kinds": [ "branch", "false" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 148, "snippet": { "text": "\t if (response.isCommitted())" } }, "contextRegion": { "startLine": 145, "endLine": 151, "snippet": { "text": "\t // require the lesson to have memory.\n\t screen = makeScreen(mySession); // This calls the lesson's\n\t // handleRequest()\n\t if (response.isCommitted())\n\t\treturn;\n\n\t // if the screen parameter exists, the screen was visited via\n" } } }, "message": { "text": "Branch not taken" } }, "kinds": [ "branch", "false" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 187, "snippet": { "text": "\t request.getRequestDispatcher(getViewPage(mySession)).forward(" } }, "contextRegion": { "startLine": 184, "endLine": 190, "snippet": { "text": "\t request.getSession().setAttribute(\"websession\", mySession);\n\t request.getSession().setAttribute(\"course\", mySession.getCourse());\n\n\t request.getRequestDispatcher(getViewPage(mySession)).forward(\n\t\t request, response);\n\t}\n\tcatch (Throwable t)\n" } } }, "message": { "text": "forward(?, response)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 187 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 17, "message": { "text": "The catch block at [DeleteProfile.java](1) line [152](1) handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program.\r\nThe catch block handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 73 }, "region": { "startLine": 152, "endLine": 156, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t s.setMessage(\"Error deleting employee profile\");\r\n\t e.printStackTrace();\r\n\t}" } }, "contextRegion": { "startLine": 149, "endLine": 159, "snippet": { "text": "\t\tsqle.printStackTrace();\n\t }\n\t}\n\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error deleting employee profile\");\n\t e.printStackTrace();\n\t}\n }\n\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 73 }, "region": { "startLine": 152, "endLine": 156, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t s.setMessage(\"Error deleting employee profile\");\r\n\t e.printStackTrace();\r\n\t}" } }, "contextRegion": { "startLine": 149, "endLine": 159, "snippet": { "text": "\t\tsqle.printStackTrace();\n\t }\n\t}\n\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error deleting employee profile\");\n\t e.printStackTrace();\n\t}\n }\n\n\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 73 }, "region": { "startLine": 152, "startColumn": 2, "endLine": 156 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function createContent() in [LogSpoofing.java](1) might reveal system data or debugging information by calling printStackTrace() on line [128](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 115 }, "region": { "startLine": 128, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 125, "endLine": 131, "snippet": { "text": "\tcatch (UnsupportedEncodingException e)\n\t{\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\n\t e.printStackTrace();\n\t}\n\treturn ec;\n }\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 115 }, "region": { "startLine": 128, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 125, "endLine": 131, "snippet": { "text": "\tcatch (UnsupportedEncodingException e)\n\t{\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\n\t e.printStackTrace();\n\t}\n\treturn ec;\n }\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 115 }, "region": { "startLine": 128 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 113, "message": { "text": "The call to getInstance() at [Encoding.java](1) line [533](1) uses a weak encryption algorithm that cannot guarantee the confidentiality of sensitive data.\r\nThe identified call uses a weak encryption algorithm that cannot guarantee the confidentiality of sensitive data." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 533, "snippet": { "text": "\t\t\tSecretKeyFactory kf = SecretKeyFactory.getInstance( \"PBEWithMD5AndDES\" );" } }, "contextRegion": { "startLine": 530, "endLine": 536, "snippet": { "text": "\n\t\t\tPBEParameterSpec ps = new javax.crypto.spec.PBEParameterSpec( salt, 20 );\n\n\t\t\tSecretKeyFactory kf = SecretKeyFactory.getInstance( \"PBEWithMD5AndDES\" );\n\n\t\t\tCipher passwordEncryptCipher = Cipher.getInstance( \"PBEWithMD5AndDES/CBC/PKCS5Padding\" );\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 533, "snippet": { "text": "\t\t\tSecretKeyFactory kf = SecretKeyFactory.getInstance( \"PBEWithMD5AndDES\" );" } }, "contextRegion": { "startLine": 530, "endLine": 536, "snippet": { "text": "\n\t\t\tPBEParameterSpec ps = new javax.crypto.spec.PBEParameterSpec( salt, 20 );\n\n\t\t\tSecretKeyFactory kf = SecretKeyFactory.getInstance( \"PBEWithMD5AndDES\" );\n\n\t\t\tCipher passwordEncryptCipher = Cipher.getInstance( \"PBEWithMD5AndDES/CBC/PKCS5Padding\" );\n\n" } } }, "message": { "text": "getInstance()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 533 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function isAuthorizedForEmployee() in [DefaultLessonAction.java](1) might reveal system data or debugging information by calling printStackTrace() on line [326](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 106 }, "region": { "startLine": 326, "snippet": { "text": "\t\t\te.printStackTrace();" } }, "contextRegion": { "startLine": 323, "endLine": 329, "snippet": { "text": "\t\tcatch ( Exception e )\n\t\t{\n\t\t\ts.setMessage( \"Error authorizing\" );\n\t\t\te.printStackTrace();\n\t\t}\n\t\t\n\t\t// Update lesson status if necessary.\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 106 }, "region": { "startLine": 326, "snippet": { "text": "\t\t\te.printStackTrace();" } }, "contextRegion": { "startLine": 323, "endLine": 329, "snippet": { "text": "\t\tcatch ( Exception e )\n\t\t{\n\t\t\ts.setMessage( \"Error authorizing\" );\n\t\t\te.printStackTrace();\n\t\t}\n\t\t\n\t\t// Update lesson status if necessary.\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 106 }, "region": { "startLine": 326 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 24, "level": "error", "message": { "text": "The method writeTable() in [DatabaseUtilities.java](1) sends unvalidated data to a web browser on line [154](1), which can result in the browser executing malicious code.\r\nSending unvalidated data to a web browser can result in the browser executing malicious code." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 17 }, "region": { "startLine": 154, "snippet": { "text": "\t\t row.addElement(new TD(results.getString(i).replaceAll(\" \"," } }, "contextRegion": { "startLine": 151, "endLine": 157, "snippet": { "text": "\n\t\tfor (int i = 1; i < (numColumns + 1); i++)\n\t\t{\n\t\t row.addElement(new TD(results.getString(i).replaceAll(\" \",\n\t\t\t \" \")));\n\t\t}\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 745 }, { "index": 747 }, { "index": 750 }, { "index": 65 }, { "index": 66 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 17 }, "region": { "startLine": 154, "snippet": { "text": "\t\t row.addElement(new TD(results.getString(i).replaceAll(\" \"," } }, "contextRegion": { "startLine": 151, "endLine": 157, "snippet": { "text": "\n\t\tfor (int i = 1; i < (numColumns + 1); i++)\n\t\t{\n\t\t row.addElement(new TD(results.getString(i).replaceAll(\" \",\n\t\t\t \" \")));\n\t\t}\n\n" } } }, "message": { "text": "TD(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 17 }, "region": { "startLine": 154 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 66, "message": { "text": "The method doPost() in [HammerHead.java](1) writes unvalidated user input to the log on line [205](1). An attacker could take advantage of this behavior to forge log entries or inject malicious content into the log.\r\nWriting unvalidated user input to log files can allow an attacker to forge log entries or inject malicious content into the logs." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 205, "snippet": { "text": "\t\tlog(request, \"Could not write error screen: \"" } }, "contextRegion": { "startLine": 202, "endLine": 208, "snippet": { "text": "\t catch (Throwable thr)\n\t {\n\t\tthr.printStackTrace();\n\t\tlog(request, \"Could not write error screen: \"\n\t\t\t+ thr.getMessage());\n\t }\n\t // System.out.println( \"HH Leaving doPost: \" );\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 703 }, { "index": 704 }, { "index": 706 }, { "index": 707 }, { "index": 754 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 205, "snippet": { "text": "\t\tlog(request, \"Could not write error screen: \"" } }, "contextRegion": { "startLine": 202, "endLine": 208, "snippet": { "text": "\t catch (Throwable thr)\n\t {\n\t\tthr.printStackTrace();\n\t\tlog(request, \"Could not write error screen: \"\n\t\t\t+ thr.getMessage());\n\t }\n\t // System.out.println( \"HH Leaving doPost: \" );\n" } } }, "message": { "text": "log(0)" } }, "kinds": [ "call", "function" ] } ] } ] }, { "threadFlows": [ { "locations": [ { "index": 703 }, { "index": 704 }, { "index": 706 }, { "index": 707 }, { "index": 717 }, { "index": 718 }, { "index": 754 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 205, "snippet": { "text": "\t\tlog(request, \"Could not write error screen: \"" } }, "contextRegion": { "startLine": 202, "endLine": 208, "snippet": { "text": "\t catch (Throwable thr)\n\t {\n\t\tthr.printStackTrace();\n\t\tlog(request, \"Could not write error screen: \"\n\t\t\t+ thr.getMessage());\n\t }\n\t // System.out.println( \"HH Leaving doPost: \" );\n" } } }, "message": { "text": "log(0)" } }, "kinds": [ "call", "function" ] } ] } ] }, { "threadFlows": [ { "locations": [ { "index": 703 }, { "index": 704 }, { "index": 706 }, { "index": 707 }, { "index": 307 }, { "index": 308 }, { "index": 309 }, { "index": 310 }, { "index": 754 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 205, "snippet": { "text": "\t\tlog(request, \"Could not write error screen: \"" } }, "contextRegion": { "startLine": 202, "endLine": 208, "snippet": { "text": "\t catch (Throwable thr)\n\t {\n\t\tthr.printStackTrace();\n\t\tlog(request, \"Could not write error screen: \"\n\t\t\t+ thr.getMessage());\n\t }\n\t // System.out.println( \"HH Leaving doPost: \" );\n" } } }, "message": { "text": "log(0)" } }, "kinds": [ "call", "function" ] } ] } ] }, { "threadFlows": [ { "locations": [ { "index": 703 }, { "index": 704 }, { "index": 706 }, { "index": 707 }, { "index": 717 }, { "index": 718 }, { "index": 307 }, { "index": 308 }, { "index": 309 }, { "index": 310 }, { "index": 754 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 205, "snippet": { "text": "\t\tlog(request, \"Could not write error screen: \"" } }, "contextRegion": { "startLine": 202, "endLine": 208, "snippet": { "text": "\t catch (Throwable thr)\n\t {\n\t\tthr.printStackTrace();\n\t\tlog(request, \"Could not write error screen: \"\n\t\t\t+ thr.getMessage());\n\t }\n\t // System.out.println( \"HH Leaving doPost: \" );\n" } } }, "message": { "text": "log(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 205, "startColumn": 7 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 24, "level": "error", "message": { "text": "The method makePulldown() in [ECSFactory.java](1) sends unvalidated data to a web browser on line [450](1), which can result in the browser executing malicious code.\r\nSending unvalidated data to a web browser can result in the browser executing malicious code." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 102 }, "region": { "startLine": 450, "snippet": { "text": "\ts.addElement((String[]) options.toArray(new String[options.size()]));" } }, "contextRegion": { "startLine": 447, "endLine": 453, "snippet": { "text": "\n\tSelect s = new Select(name);\n\n\ts.addElement((String[]) options.toArray(new String[options.size()]));\n\n\treturn (s);\n }\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 746 }, { "index": 748 }, { "index": 749 }, { "index": 751 }, { "index": 752 }, { "index": 753 }, { "index": 755 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 102 }, "region": { "startLine": 450, "snippet": { "text": "\ts.addElement((String[]) options.toArray(new String[options.size()]));" } }, "contextRegion": { "startLine": 447, "endLine": 453, "snippet": { "text": "\n\tSelect s = new Select(name);\n\n\ts.addElement((String[]) options.toArray(new String[options.size()]));\n\n\treturn (s);\n }\n" } } }, "message": { "text": "addElement(0)" } }, "kinds": [ "call", "function" ] } ] } ] }, { "threadFlows": [ { "locations": [ { "index": 746 }, { "index": 748 }, { "index": 756 }, { "index": 757 }, { "index": 758 }, { "index": 752 }, { "index": 753 }, { "index": 755 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 102 }, "region": { "startLine": 450, "snippet": { "text": "\ts.addElement((String[]) options.toArray(new String[options.size()]));" } }, "contextRegion": { "startLine": 447, "endLine": 453, "snippet": { "text": "\n\tSelect s = new Select(name);\n\n\ts.addElement((String[]) options.toArray(new String[options.size()]));\n\n\treturn (s);\n }\n" } } }, "message": { "text": "addElement(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 102 }, "region": { "startLine": 450 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function handleRequest() in [UpdateProfile.java](1) might reveal system data or debugging information by calling printStackTrace() on line [110](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 110, "snippet": { "text": "\t\tue1.printStackTrace();" } }, "contextRegion": { "startLine": 107, "endLine": 113, "snippet": { "text": "\t catch (UnauthenticatedException ue1)\n\t {\n\t\tSystem.out.println(\"Internal server error\");\n\t\tue1.printStackTrace();\n\t }\n\t catch (UnauthorizedException ue2)\n\t {\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 110, "snippet": { "text": "\t\tue1.printStackTrace();" } }, "contextRegion": { "startLine": 107, "endLine": 113, "snippet": { "text": "\t catch (UnauthenticatedException ue1)\n\t {\n\t\tSystem.out.println(\"Internal server error\");\n\t\tue1.printStackTrace();\n\t }\n\t catch (UnauthorizedException ue2)\n\t {\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 110 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 134, "message": { "text": "The method checkParams() in [WeakAuthenticationCookie.java](1) should compare strings with the `equals()` method, not `==` or `!=`.\r\nStrings should be compared with the `equals()` method, not `==` or `!=`." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 132 }, "region": { "startLine": 142, "snippet": { "text": "\t if (loginID != \"\")" } }, "contextRegion": { "startLine": 139, "endLine": 145, "snippet": { "text": "\t\tloginID = encode(\"aspect12345\");\n\t }\n\n\t if (loginID != \"\")\n\t {\n\t\tCookie newCookie = new Cookie(AUTHCOOKIE, loginID);\n\t\ts.setMessage(\"Your identity has been remembered\");\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 132 }, "region": { "startLine": 142, "snippet": { "text": "\t if (loginID != \"\")" } }, "contextRegion": { "startLine": 139, "endLine": 145, "snippet": { "text": "\t\tloginID = encode(\"aspect12345\");\n\t }\n\n\t if (loginID != \"\")\n\t {\n\t\tCookie newCookie = new Cookie(AUTHCOOKIE, loginID);\n\t\ts.setMessage(\"Your identity has been remembered\");\n" } } }, "message": { "text": "Operation" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 132 }, "region": { "startLine": 142 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 111, "message": { "text": "The call to readLine() at [AbstractLesson.java](1) line [1035](1) might allow an attacker to crash the program or otherwise make it unavailable to legitimate users.\r\nAn attacker could cause the program to crash or otherwise become unavailable to legitimate users." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 75 }, "region": { "startLine": 1035, "snippet": { "text": "\t while ((line = reader.readLine()) != null)" } }, "contextRegion": { "startLine": 1032, "endLine": 1038, "snippet": { "text": "\t\t huc.getInputStream()));\n\t String line;\n\n\t while ((line = reader.readLine()) != null)\n\t {\n\t\tec.addElement(new StringElement(line));\n\t }\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 75 }, "region": { "startLine": 1035, "snippet": { "text": "\t while ((line = reader.readLine()) != null)" } }, "contextRegion": { "startLine": 1032, "endLine": 1038, "snippet": { "text": "\t\t huc.getInputStream()));\n\t String line;\n\n\t while ((line = reader.readLine()) != null)\n\t {\n\t\tec.addElement(new StringElement(line));\n\t }\n" } } }, "message": { "text": "readLine()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 75 }, "region": { "startLine": 1035 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 29, "level": "error", "message": { "text": "The function getResults() in [WsSqlInjection.java](1) sometimes fails to release a system resource allocated by makeConnection() on line 229.\r\nThe program can potentially fail to release a database connection." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 99 }, "region": { "startLine": 229, "snippet": { "text": "\t Connection connection = DatabaseUtilities.makeConnection();" } }, "contextRegion": { "startLine": 226, "endLine": 232, "snippet": { "text": " {\n\ttry\n\t{\n\t Connection connection = DatabaseUtilities.makeConnection();\n\t if (connection == null)\n\t {\n\t\treturn null;\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 99 }, "region": { "startLine": 229, "snippet": { "text": "\t Connection connection = DatabaseUtilities.makeConnection();" } }, "contextRegion": { "startLine": 226, "endLine": 232, "snippet": { "text": " {\n\ttry\n\t{\n\t Connection connection = DatabaseUtilities.makeConnection();\n\t if (connection == null)\n\t {\n\t\treturn null;\n" } } }, "message": { "text": "connection = makeConnection()" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 99 }, "region": { "startLine": 230, "snippet": { "text": "\t if (connection == null)" } }, "contextRegion": { "startLine": 227, "endLine": 233, "snippet": { "text": "\ttry\n\t{\n\t Connection connection = DatabaseUtilities.makeConnection();\n\t if (connection == null)\n\t {\n\t\treturn null;\n\t }\n" } } }, "message": { "text": "Branch not taken" } }, "kinds": [ "branch", "false" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 99 }, "region": { "startLine": 241, "snippet": { "text": "\t\treturn results;" } }, "contextRegion": { "startLine": 238, "endLine": 244, "snippet": { "text": "\t\t\tResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tResultSet results = statement.executeQuery(query);\n\t\treturn results;\n\t }\n\t catch (SQLException sqle)\n\t {}\n" } } }, "message": { "text": "return" } }, "kinds": [ "return", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 99 }, "region": { "startLine": 241, "snippet": { "text": "\t\treturn results;" } }, "contextRegion": { "startLine": 238, "endLine": 244, "snippet": { "text": "\t\t\tResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tResultSet results = statement.executeQuery(query);\n\t\treturn results;\n\t }\n\t catch (SQLException sqle)\n\t {}\n" } } }, "message": { "text": "connection no longer refers to a database connection" } }, "kinds": [ "exit", "scope" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 99 }, "region": { "startLine": 241, "snippet": { "text": "\t\treturn results;" } }, "contextRegion": { "startLine": 238, "endLine": 244, "snippet": { "text": "\t\t\tResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tResultSet results = statement.executeQuery(query);\n\t\treturn results;\n\t }\n\t catch (SQLException sqle)\n\t {}\n" } } }, "message": { "text": "connection end scope : Database resource leaked" } }, "kinds": [ "exit", "scope" ] } ] } ] }, { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 99 }, "region": { "startLine": 229, "snippet": { "text": "\t Connection connection = DatabaseUtilities.makeConnection();" } }, "contextRegion": { "startLine": 226, "endLine": 232, "snippet": { "text": " {\n\ttry\n\t{\n\t Connection connection = DatabaseUtilities.makeConnection();\n\t if (connection == null)\n\t {\n\t\treturn null;\n" } } }, "message": { "text": "connection = makeConnection()" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 99 }, "region": { "startLine": 230, "snippet": { "text": "\t if (connection == null)" } }, "contextRegion": { "startLine": 227, "endLine": 233, "snippet": { "text": "\ttry\n\t{\n\t Connection connection = DatabaseUtilities.makeConnection();\n\t if (connection == null)\n\t {\n\t\treturn null;\n\t }\n" } } }, "message": { "text": "Branch not taken" } }, "kinds": [ "branch", "false" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 99 }, "region": { "startLine": 239, "snippet": { "text": "\t\t\tResultSet.CONCUR_READ_ONLY);" } }, "contextRegion": { "startLine": 236, "endLine": 242, "snippet": { "text": "\t {\n\t\tStatement statement = connection.createStatement(\n\t\t\tResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tResultSet results = statement.executeQuery(query);\n\t\treturn results;\n\t }\n" } } }, "message": { "text": "java.sql.SQLException thrown" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 99 }, "region": { "startLine": 245, "snippet": { "text": "\t}" } }, "contextRegion": { "startLine": 242, "endLine": 248, "snippet": { "text": "\t }\n\t catch (SQLException sqle)\n\t {}\n\t}\n\tcatch (Exception e)\n\t{}\n\treturn null;\n" } } }, "message": { "text": "connection no longer refers to a database connection" } }, "kinds": [ "exit", "scope" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 99 }, "region": { "startLine": 245, "snippet": { "text": "\t}" } }, "contextRegion": { "startLine": 242, "endLine": 248, "snippet": { "text": "\t }\n\t catch (SQLException sqle)\n\t {}\n\t}\n\tcatch (Exception e)\n\t{}\n\treturn null;\n" } } }, "message": { "text": "connection end scope : Database resource leaked" } }, "kinds": [ "exit", "scope" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 99 }, "region": { "startLine": 229 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 68, "message": { "text": "Without proper access control, the method createEmployeeProfile() in [UpdateProfile.java](1) can execute a SQL statement on line [340](1) that contains an attacker-controlled primary key, thereby allowing the attacker to access unauthorized records.\r\nWithout proper access control, executing a SQL statement that contains a user-controlled primary key can allow an attacker to view unauthorized records." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 340, "snippet": { "text": "\t\tstatement.executeUpdate(query);" } }, "contextRegion": { "startLine": 337, "endLine": 343, "snippet": { "text": "\t {\n\t\tStatement statement = WebSession.getConnection(s)\n\t\t\t.createStatement();\n\t\tstatement.executeUpdate(query);\n\t }\n\t catch (SQLException sqle)\n\t {\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 759 }, { "index": 760 }, { "index": 761 }, { "index": 762 }, { "index": 90 }, { "index": 91 }, { "index": 764 }, { "index": 93 }, { "index": 765 }, { "index": 766 }, { "index": 82 }, { "index": 97 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 340, "snippet": { "text": "\t\tstatement.executeUpdate(query);" } }, "contextRegion": { "startLine": 337, "endLine": 343, "snippet": { "text": "\t {\n\t\tStatement statement = WebSession.getConnection(s)\n\t\t\t.createStatement();\n\t\tstatement.executeUpdate(query);\n\t }\n\t catch (SQLException sqle)\n\t {\n" } } }, "message": { "text": "executeUpdate(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 340, "startColumn": 27 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 123, "message": { "text": "The method doPost() in [HammerHead.java](1) commingles trusted and untrusted data in the same data structure, which encourages programmers to mistakenly trust unvalidated data.\r\nCommingling trusted and untrusted data in the same data structure encourages programmers to mistakenly trust unvalidated data." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 183, "snippet": { "text": "\t request.setAttribute(\"client.browser\", clientBrowser);" } }, "contextRegion": { "startLine": 180, "endLine": 186, "snippet": { "text": "\t {\n\t\tclientBrowser = userAgent;\n\t }\n\t request.setAttribute(\"client.browser\", clientBrowser);\n\t request.getSession().setAttribute(\"websession\", mySession);\n\t request.getSession().setAttribute(\"course\", mySession.getCourse());\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 703 }, { "index": 704 }, { "index": 706 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 183, "snippet": { "text": "\t request.setAttribute(\"client.browser\", clientBrowser);" } }, "contextRegion": { "startLine": 180, "endLine": 186, "snippet": { "text": "\t {\n\t\tclientBrowser = userAgent;\n\t }\n\t request.setAttribute(\"client.browser\", clientBrowser);\n\t request.getSession().setAttribute(\"websession\", mySession);\n\t request.getSession().setAttribute(\"course\", mySession.getCourse());\n\n" } } }, "message": { "text": "setAttribute(1)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 183, "startColumn": 45 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 62, "level": "error", "message": { "text": "The method makeUser() in [ReportCardScreen.java](1) sends unvalidated data to a web browser on line [295](1), which can result in the browser executing malicious code.\r\nSending unvalidated data to a web browser can result in the browser executing malicious code." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 55 }, "region": { "startLine": 295, "snippet": { "text": "\th2.addElement(new StringElement(\"Results for: \" + user + type));" } }, "contextRegion": { "startLine": 292, "endLine": 298, "snippet": { "text": "\t// FIXME: The session is the current session, not the session of the user we are reporting.\n\t//String type = s.isAdmin() ? \" [Administrative User]\" : s.isHackedAdmin() ? \" [Normal User - Hacked Admin Access]\" : \" [Normal User]\";\n\tString type = \"\";\n\th2.addElement(new StringElement(\"Results for: \" + user + type));\n\treturn h2;\n }\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 0 }, { "index": 2 }, { "index": 3 }, { "index": 769 }, { "index": 770 }, { "index": 772 }, { "index": 385 }, { "index": 387 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 55 }, "region": { "startLine": 295, "snippet": { "text": "\th2.addElement(new StringElement(\"Results for: \" + user + type));" } }, "contextRegion": { "startLine": 292, "endLine": 298, "snippet": { "text": "\t// FIXME: The session is the current session, not the session of the user we are reporting.\n\t//String type = s.isAdmin() ? \" [Administrative User]\" : s.isHackedAdmin() ? \" [Normal User - Hacked Admin Access]\" : \" [Normal User]\";\n\tString type = \"\";\n\th2.addElement(new StringElement(\"Results for: \" + user + type));\n\treturn h2;\n }\n\n" } } }, "message": { "text": "addElement(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 55 }, "region": { "startLine": 295, "startColumn": 16 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 23, "level": "error", "message": { "text": "Without proper access control, the method makeCurrent() in [CSRF.java](1) can execute a SQL statement on line [240](1) that contains an attacker-controlled primary key, thereby allowing the attacker to access unauthorized records.\r\nWithout proper access control, executing a SQL statement that contains a user-controlled primary key can allow an attacker to view unauthorized records." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 103 }, "region": { "startLine": 240, "snippet": { "text": "\t\t\tstatement.setInt(2, messageNum);" } }, "contextRegion": { "startLine": 237, "endLine": 243, "snippet": { "text": "\t\t\tString query = \"SELECT * FROM messages WHERE user_name LIKE ? and num = ?\";\n\t\t\tPreparedStatement statement = connection.prepareStatement( query, ResultSet.TYPE_SCROLL_INSENSITIVE, ResultSet.CONCUR_READ_ONLY );\n\t\t\tstatement.setString(1, getNameroot( s.getUserName() ) + \"%\");\n\t\t\tstatement.setInt(2, messageNum);\n\t\t\tResultSet results = statement.executeQuery();\n\n\t\t\tif ( ( results != null ) && results.first() )\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 67 }, { "index": 68 }, { "index": 69 }, { "index": 70 }, { "index": 76 }, { "index": 77 }, { "index": 78 }, { "index": 79 }, { "index": 80 }, { "index": 246 }, { "index": 82 }, { "index": 247 }, { "index": 768 }, { "index": 82 }, { "index": 771 }, { "index": 773 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 103 }, "region": { "startLine": 240, "snippet": { "text": "\t\t\tstatement.setInt(2, messageNum);" } }, "contextRegion": { "startLine": 237, "endLine": 243, "snippet": { "text": "\t\t\tString query = \"SELECT * FROM messages WHERE user_name LIKE ? and num = ?\";\n\t\t\tPreparedStatement statement = connection.prepareStatement( query, ResultSet.TYPE_SCROLL_INSENSITIVE, ResultSet.CONCUR_READ_ONLY );\n\t\t\tstatement.setString(1, getNameroot( s.getUserName() ) + \"%\");\n\t\t\tstatement.setInt(2, messageNum);\n\t\t\tResultSet results = statement.executeQuery();\n\n\t\t\tif ( ( results != null ) && results.first() )\n" } } }, "message": { "text": "setInt(1)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 103 }, "region": { "startLine": 240, "startColumn": 24 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 12, "level": "note", "message": { "text": "On line [311](1) of [UpdateProfile.java](1), the method createEmployeeProfile() invokes a SQL query built using input potentially coming from an untrusted source. This call could allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands.\r\nConstructing a dynamic SQL statement with input coming from an untrusted source could allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 101 }, "region": { "startLine": 311, "snippet": { "text": "\t\tstatement.executeUpdate(query);" } }, "contextRegion": { "startLine": 308, "endLine": 314, "snippet": { "text": "\t {\n\t\tStatement statement = WebSession.getConnection(s)\n\t\t\t.createStatement();\n\t\tstatement.executeUpdate(query);\n\t }\n\t catch (SQLException sqle)\n\t {\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 101 }, "region": { "startLine": 311, "snippet": { "text": "\t\tstatement.executeUpdate(query);" } }, "contextRegion": { "startLine": 308, "endLine": 314, "snippet": { "text": "\t {\n\t\tStatement statement = WebSession.getConnection(s)\n\t\t\t.createStatement();\n\t\tstatement.executeUpdate(query);\n\t }\n\t catch (SQLException sqle)\n\t {\n" } } }, "message": { "text": "executeUpdate()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 101 }, "region": { "startLine": 311 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 17, "message": { "text": "The catch block at [TraceXSS.java](1) line [220](1) handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program.\r\nThe catch block handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 62 }, "region": { "startLine": 220, "endLine": 224, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\r\n\t e.printStackTrace();\r\n\t}" } }, "contextRegion": { "startLine": 217, "endLine": 227, "snippet": { "text": "\t ec.addElement(new BR());\n\t ec.addElement(new HR().setWidth(\"90%\"));\n\t}\n\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\n\t e.printStackTrace();\n\t}\n\treturn (ec);\n }\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 62 }, "region": { "startLine": 220, "endLine": 224, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\r\n\t e.printStackTrace();\r\n\t}" } }, "contextRegion": { "startLine": 217, "endLine": 227, "snippet": { "text": "\t ec.addElement(new BR());\n\t ec.addElement(new HR().setWidth(\"90%\"));\n\t}\n\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\n\t e.printStackTrace();\n\t}\n\treturn (ec);\n }\n\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 62 }, "region": { "startLine": 220, "startColumn": 2, "endLine": 224 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 17, "message": { "text": "The catch block at [ParameterParser.java](1) line [356](1) handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program.\r\nThe catch block handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 356, "endLine": 359, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t return def;\r\n\t}" } }, "contextRegion": { "startLine": 353, "endLine": 362, "snippet": { "text": "\t{\n\t return getIPParameter(name);\n\t}\n\tcatch (Exception e)\n\t{\n\t return def;\n\t}\n }\n\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 356, "endLine": 359, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t return def;\r\n\t}" } }, "contextRegion": { "startLine": 353, "endLine": 362, "snippet": { "text": "\t{\n\t return getIPParameter(name);\n\t}\n\tcatch (Exception e)\n\t{\n\t return def;\n\t}\n }\n\n\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 356, "startColumn": 2, "endLine": 359 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 17, "message": { "text": "The catch block at [HttpOnly.java](1) line [135](1) handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program.\r\nThe catch block handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 11 }, "region": { "startLine": 135, "endLine": 139, "snippet": { "text": "\t\tcatch ( Exception e )\r\n\t\t{\r\n\t\t\ts.setMessage( \"Error generating \" + this.getClass().getName() );\r\n\t\t\te.printStackTrace();\r\n\t\t}" } }, "contextRegion": { "startLine": 132, "endLine": 142, "snippet": { "text": "\t\t{\n\t\t\tec.addElement(makeContent(s));\n\t\t}\n\t\tcatch ( Exception e )\n\t\t{\n\t\t\ts.setMessage( \"Error generating \" + this.getClass().getName() );\n\t\t\te.printStackTrace();\n\t\t}\n\n\t\treturn ( ec );\n\t}\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 11 }, "region": { "startLine": 135, "endLine": 139, "snippet": { "text": "\t\tcatch ( Exception e )\r\n\t\t{\r\n\t\t\ts.setMessage( \"Error generating \" + this.getClass().getName() );\r\n\t\t\te.printStackTrace();\r\n\t\t}" } }, "contextRegion": { "startLine": 132, "endLine": 142, "snippet": { "text": "\t\t{\n\t\t\tec.addElement(makeContent(s));\n\t\t}\n\t\tcatch ( Exception e )\n\t\t{\n\t\t\ts.setMessage( \"Error generating \" + this.getClass().getName() );\n\t\t\te.printStackTrace();\n\t\t}\n\n\t\treturn ( ec );\n\t}\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 11 }, "region": { "startLine": 135, "startColumn": 3, "endLine": 139 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 16, "message": { "text": "Storing passwords or password details in plaintext anywhere in the system or system code may compromise system security in a way that cannot be easily remedied." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 63 }, "region": { "startLine": 76, "endLine": 83, "snippet": { "text": " /**\r\n * Take an absolute file and return the filename.\r\n * \r\n * Ex. /etc/password becomes password\r\n * \r\n * @param s\r\n * @return the file name\r\n */" } }, "contextRegion": { "startLine": 73, "endLine": 86, "snippet": { "text": "\t\t}\n }\n \n /**\n * Take an absolute file and return the filename.\n * \n * Ex. /etc/password becomes password\n * \n * @param s\n * @return the file name\n */\n private static String getFileName(String s)\n {\n \tString fileName = new File(s).getName();\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 63 }, "region": { "startLine": 76, "endLine": 83, "snippet": { "text": " /**\r\n * Take an absolute file and return the filename.\r\n * \r\n * Ex. /etc/password becomes password\r\n * \r\n * @param s\r\n * @return the file name\r\n */" } }, "contextRegion": { "startLine": 73, "endLine": 86, "snippet": { "text": "\t\t}\n }\n \n /**\n * Take an absolute file and return the filename.\n * \n * Ex. /etc/password becomes password\n * \n * @param s\n * @return the file name\n */\n private static String getFileName(String s)\n {\n \tString fileName = new File(s).getName();\n" } } }, "message": { "text": "Comment" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 63 }, "region": { "startLine": 76, "startColumn": 5, "endLine": 83 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 17, "message": { "text": "The catch block at [SqlStringInjection.java](1) line [149](1) handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program.\r\nThe catch block handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 13 }, "region": { "startLine": 149, "endLine": 153, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\r\n\t e.printStackTrace();\r\n\t}" } }, "contextRegion": { "startLine": 146, "endLine": 156, "snippet": { "text": "\t\tec.addElement(new P().addElement(sqle.getMessage()));\n\t }\n\t}\n\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\n\t e.printStackTrace();\n\t}\n\n\treturn (ec);\n }\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 13 }, "region": { "startLine": 149, "endLine": 153, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\r\n\t e.printStackTrace();\r\n\t}" } }, "contextRegion": { "startLine": 146, "endLine": 156, "snippet": { "text": "\t\tec.addElement(new P().addElement(sqle.getMessage()));\n\t }\n\t}\n\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\n\t e.printStackTrace();\n\t}\n\n\treturn (ec);\n }\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 13 }, "region": { "startLine": 149, "startColumn": 2, "endLine": 153 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 44, "message": { "text": "The call to getInstance() at [Encoding.java](1) line [535](1) uses a weak encryption algorithm that cannot guarantee the confidentiality of sensitive data.\r\nThe identified call uses a weak encryption algorithm that cannot guarantee the confidentiality of sensitive data." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 535, "snippet": { "text": "\t\t\tCipher passwordEncryptCipher = Cipher.getInstance( \"PBEWithMD5AndDES/CBC/PKCS5Padding\" );" } }, "contextRegion": { "startLine": 532, "endLine": 538, "snippet": { "text": "\n\t\t\tSecretKeyFactory kf = SecretKeyFactory.getInstance( \"PBEWithMD5AndDES\" );\n\n\t\t\tCipher passwordEncryptCipher = Cipher.getInstance( \"PBEWithMD5AndDES/CBC/PKCS5Padding\" );\n\n\t\t\tchar[] pass = pw.toCharArray();\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 535, "snippet": { "text": "\t\t\tCipher passwordEncryptCipher = Cipher.getInstance( \"PBEWithMD5AndDES/CBC/PKCS5Padding\" );" } }, "contextRegion": { "startLine": 532, "endLine": 538, "snippet": { "text": "\n\t\t\tSecretKeyFactory kf = SecretKeyFactory.getInstance( \"PBEWithMD5AndDES\" );\n\n\t\t\tCipher passwordEncryptCipher = Cipher.getInstance( \"PBEWithMD5AndDES/CBC/PKCS5Padding\" );\n\n\t\t\tchar[] pass = pw.toCharArray();\n\n" } } }, "message": { "text": "getInstance()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 535 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 17, "message": { "text": "The catch block at [SqlStringInjection.java](1) line [314](1) handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program.\r\nThe catch block handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 13 }, "region": { "startLine": 314, "endLine": 318, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t System.out.println(\"Exception caught: \" + e);\r\n\t e.printStackTrace(System.out);\r\n\t}" } }, "contextRegion": { "startLine": 311, "endLine": 321, "snippet": { "text": "\t\tconnection = DatabaseUtilities.makeConnection(s);\n\t }\n\t}\n\tcatch (Exception e)\n\t{\n\t System.out.println(\"Exception caught: \" + e);\n\t e.printStackTrace(System.out);\n\t}\n }\n}\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 13 }, "region": { "startLine": 314, "endLine": 318, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t System.out.println(\"Exception caught: \" + e);\r\n\t e.printStackTrace(System.out);\r\n\t}" } }, "contextRegion": { "startLine": 311, "endLine": 321, "snippet": { "text": "\t\tconnection = DatabaseUtilities.makeConnection(s);\n\t }\n\t}\n\tcatch (Exception e)\n\t{\n\t System.out.println(\"Exception caught: \" + e);\n\t e.printStackTrace(System.out);\n\t}\n }\n}\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 13 }, "region": { "startLine": 314, "startColumn": 2, "endLine": 318 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 125, "level": "error", "message": { "text": "The method _jspService() in [EditProfile.jsp](1) mishandles confidential information, which can compromise user privacy and is often illegal.\r\nMishandling private information, such as customer passwords or social security numbers, can compromise user privacy and is often illegal." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 112 }, "region": { "startLine": 66, "snippet": { "text": "\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getCcn()%>\"/>" } }, "contextRegion": { "startLine": 63, "endLine": 69, "snippet": { "text": "\t\t\t\t\t\tCredit Card: \n\t\t\t\t\t		\n\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getCcn()%>\"/>\n\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\tCredit Card Limit: \n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 575 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 112 }, "region": { "startLine": 66, "snippet": { "text": "\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getCcn()%>\"/>" } }, "contextRegion": { "startLine": 63, "endLine": 69, "snippet": { "text": "\t\t\t\t\t\tCredit Card: \n\t\t\t\t\t\n\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getCcn()%>\"/>\n\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\tCredit Card Limit: \n" } } }, "message": { "text": "print(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 112 }, "region": { "startLine": 66 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 77, "level": "note", "message": { "text": "The method getCreditCard() in [WsSqlInjection.java](1) ignores an exception on line [273](1), which could cause the program to overlook unexpected states and conditions.\r\nIgnoring an exception can cause the program to overlook unexpected states and conditions." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 99 }, "region": { "startLine": 273, "endLine": 274, "snippet": { "text": "\t catch (SQLException sqle)\r\n\t {}" } }, "contextRegion": { "startLine": 270, "endLine": 277, "snippet": { "text": "\t\t}\n\t\treturn users;\n\t }\n\t catch (SQLException sqle)\n\t {}\n\t}\n\treturn null;\n }\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 99 }, "region": { "startLine": 273, "endLine": 274, "snippet": { "text": "\t catch (SQLException sqle)\r\n\t {}" } }, "contextRegion": { "startLine": 270, "endLine": 277, "snippet": { "text": "\t\t}\n\t\treturn users;\n\t }\n\t catch (SQLException sqle)\n\t {}\n\t}\n\treturn null;\n }\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 99 }, "region": { "startLine": 273, "startColumn": 6, "endLine": 274 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 105, "message": { "text": "A web application must define default error pages in order to prevent attackers from mining information from the application container's built-in error response." }, "codeFlows": [ { "threadFlows": [ { "locations": [] } ] } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 18, "level": "error", "message": { "text": "The method _jspService() in [SearchStaff.jsp](1) sends unvalidated data to a web browser on line [11](1), which can result in the browser executing malicious code.\r\nSending unvalidated data to a web browser can result in the browser executing malicious code." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 94 }, "region": { "startLine": 11, "snippet": { "text": "\t\t\t\tEmployee <%=searchedName%> not found." } }, "contextRegion": { "startLine": 8, "endLine": 14, "snippet": { "text": "\t\t\tif (searchedName != null)\n\t\t\t{\n\t\t\t%>\n\t\t\t\tEmployee <%=searchedName%> not found.\n\t\t\t<%\n\t\t\t}\n\t\t\t%>\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 774 }, { "index": 775 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 94 }, "region": { "startLine": 11, "snippet": { "text": "\t\t\t\tEmployee <%=searchedName%> not found." } }, "contextRegion": { "startLine": 8, "endLine": 14, "snippet": { "text": "\t\t\tif (searchedName != null)\n\t\t\t{\n\t\t\t%>\n\t\t\t\tEmployee <%=searchedName%> not found.\n\t\t\t<%\n\t\t\t}\n\t\t\t%>\n" } } }, "message": { "text": "print(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 94 }, "region": { "startLine": 11 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 64, "message": { "text": "Hardcoded passwords may compromise system security in a way that cannot be easily remedied." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 132 }, "region": { "startLine": 70, "snippet": { "text": " protected final static String PASSWORD = \"Password\";" } }, "contextRegion": { "startLine": 67, "endLine": 73, "snippet": { "text": " /**\n * Description of the Field\n */\n protected final static String PASSWORD = \"Password\";\n\n /**\n * Description of the Field\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 132 }, "region": { "startLine": 70, "snippet": { "text": " protected final static String PASSWORD = \"Password\";" } }, "contextRegion": { "startLine": 67, "endLine": 73, "snippet": { "text": " /**\n * Description of the Field\n */\n protected final static String PASSWORD = \"Password\";\n\n /**\n * Description of the Field\n" } } }, "message": { "text": "FieldAccess: PASSWORD" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 132 }, "region": { "startLine": 70, "snippet": { "text": " protected final static String PASSWORD = \"Password\";" } }, "contextRegion": { "startLine": 67, "endLine": 73, "snippet": { "text": " /**\n * Description of the Field\n */\n protected final static String PASSWORD = \"Password\";\n\n /**\n * Description of the Field\n" } } }, "message": { "text": "Field: PASSWORD" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 132 }, "region": { "startLine": 70 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 36, "level": "error", "message": { "text": "The method _jspService() in [EditProfile.jsp](1) sends unvalidated data to a web browser on line [8](1), which can result in the browser executing malicious code.\r\nSending unvalidated data to a web browser can result in the browser executing malicious code." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 79 }, "region": { "startLine": 8, "snippet": { "text": "\t\t
Welcome Back <%=webSession.getUserNameInLesson()%>
" } }, "contextRegion": { "startLine": 5, "endLine": 11, "snippet": { "text": "\tWebSession webSession = ((WebSession)session.getAttribute(\"websession\"));\n\tEmployee employee = (Employee) session.getAttribute(\"SQLInjection.Employee\");\n%>\n\t\t
Welcome Back <%=webSession.getUserNameInLesson()%>
\n\t\t
\n\t\t\t
\">\n\t\t\t\t\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 507 }, { "index": 508 }, { "index": 509 }, { "index": 510 }, { "index": 511 }, { "index": 512 }, { "index": 516 }, { "index": 517 }, { "index": 518 }, { "index": 776 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 79 }, "region": { "startLine": 8, "snippet": { "text": "\t\t
Welcome Back <%=webSession.getUserNameInLesson()%>
" } }, "contextRegion": { "startLine": 5, "endLine": 11, "snippet": { "text": "\tWebSession webSession = ((WebSession)session.getAttribute(\"websession\"));\n\tEmployee employee = (Employee) session.getAttribute(\"SQLInjection.Employee\");\n%>\n\t\t
Welcome Back <%=webSession.getUserNameInLesson()%>
\n\t\t
\n\t\t\t\">\n\t\t\t\t
\n" } } }, "message": { "text": "print(0)" } }, "kinds": [ "call", "function" ] } ] } ] }, { "threadFlows": [ { "locations": [ { "index": 507 }, { "index": 508 }, { "index": 509 }, { "index": 510 }, { "index": 511 }, { "index": 520 }, { "index": 521 }, { "index": 517 }, { "index": 518 }, { "index": 776 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 79 }, "region": { "startLine": 8, "snippet": { "text": "\t\t
Welcome Back <%=webSession.getUserNameInLesson()%>
" } }, "contextRegion": { "startLine": 5, "endLine": 11, "snippet": { "text": "\tWebSession webSession = ((WebSession)session.getAttribute(\"websession\"));\n\tEmployee employee = (Employee) session.getAttribute(\"SQLInjection.Employee\");\n%>\n\t\t
Welcome Back <%=webSession.getUserNameInLesson()%>
\n\t\t
\n\t\t\t\">\n\t\t\t\t
\n" } } }, "message": { "text": "print(0)" } }, "kinds": [ "call", "function" ] } ] } ] }, { "threadFlows": [ { "locations": [ { "index": 507 }, { "index": 508 }, { "index": 509 }, { "index": 510 }, { "index": 511 }, { "index": 523 }, { "index": 524 }, { "index": 517 }, { "index": 518 }, { "index": 776 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 79 }, "region": { "startLine": 8, "snippet": { "text": "\t\t
Welcome Back <%=webSession.getUserNameInLesson()%>
" } }, "contextRegion": { "startLine": 5, "endLine": 11, "snippet": { "text": "\tWebSession webSession = ((WebSession)session.getAttribute(\"websession\"));\n\tEmployee employee = (Employee) session.getAttribute(\"SQLInjection.Employee\");\n%>\n\t\t
Welcome Back <%=webSession.getUserNameInLesson()%>
\n\t\t
\n\t\t\t\">\n\t\t\t\t
\n" } } }, "message": { "text": "print(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 79 }, "region": { "startLine": 8 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "3.2166665" } }, { "ruleIndex": 126, "level": "error", "message": { "text": "On line [112](1) of [SqlStringInjection.java](1), the method injectableQuery() invokes a SQL query built using input coming from an untrusted source. This call could allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands.\r\nConstructing a dynamic SQL statement with input coming from an untrusted source could allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 13 }, "region": { "startLine": 112, "snippet": { "text": "\t\tResultSet results = statement.executeQuery(query);" } }, "contextRegion": { "startLine": 109, "endLine": 115, "snippet": { "text": "\t\tStatement statement = connection.createStatement(\n\t\t\tResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tResultSet results = statement.executeQuery(query);\n\n\t\tif ((results != null) && (results.first() == true))\n\t\t{\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 0 }, { "index": 2 }, { "index": 3 }, { "index": 7 }, { "index": 10 }, { "index": 777 }, { "index": 778 }, { "index": 779 }, { "index": 780 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 13 }, "region": { "startLine": 112, "snippet": { "text": "\t\tResultSet results = statement.executeQuery(query);" } }, "contextRegion": { "startLine": 109, "endLine": 115, "snippet": { "text": "\t\tStatement statement = connection.createStatement(\n\t\t\tResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tResultSet results = statement.executeQuery(query);\n\n\t\tif ((results != null) && (results.first() == true))\n\t\t{\n" } } }, "message": { "text": "executeQuery(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 13 }, "region": { "startLine": 112, "startColumn": 46 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 26, "message": { "text": "A constructor of SQLInjection in [SQLInjection.java](1) at line [160](1) calls a function that can be overridden by an attacker.\r\nA constructor of the class calls a function that can be overridden." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 57 }, "region": { "startLine": 160, "snippet": { "text": "\tregisterAction(new ListStaff(this, myClassName, LISTSTAFF_ACTION));" } }, "contextRegion": { "startLine": 157, "endLine": 163, "snippet": { "text": " public SQLInjection()\n {\n\tString myClassName = parseClassName(this.getClass().getName());\n\tregisterAction(new ListStaff(this, myClassName, LISTSTAFF_ACTION));\n\tregisterAction(new SearchStaff(this, myClassName, SEARCHSTAFF_ACTION));\n\tregisterAction(new ViewProfile(this, myClassName, VIEWPROFILE_ACTION));\n\tregisterAction(new EditProfile(this, myClassName, EDITPROFILE_ACTION));\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 57 }, "region": { "startLine": 160, "snippet": { "text": "\tregisterAction(new ListStaff(this, myClassName, LISTSTAFF_ACTION));" } }, "contextRegion": { "startLine": 157, "endLine": 163, "snippet": { "text": " public SQLInjection()\n {\n\tString myClassName = parseClassName(this.getClass().getName());\n\tregisterAction(new ListStaff(this, myClassName, LISTSTAFF_ACTION));\n\tregisterAction(new SearchStaff(this, myClassName, SEARCHSTAFF_ACTION));\n\tregisterAction(new ViewProfile(this, myClassName, VIEWPROFILE_ACTION));\n\tregisterAction(new EditProfile(this, myClassName, EDITPROFILE_ACTION));\n" } } }, "message": { "text": "FunctionCall: registerAction" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 57 }, "region": { "startLine": 157, "snippet": { "text": " public SQLInjection()" } }, "contextRegion": { "startLine": 154, "endLine": 160, "snippet": { "text": " }\n\n\n public SQLInjection()\n {\n\tString myClassName = parseClassName(this.getClass().getName());\n\tregisterAction(new ListStaff(this, myClassName, LISTSTAFF_ACTION));\n" } } }, "message": { "text": "Function: SQLInjection" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 57 }, "region": { "startLine": 192, "snippet": { "text": " protected void registerAction(LessonAction action)" } }, "contextRegion": { "startLine": 189, "endLine": 195, "snippet": { "text": " }\n\n\n protected void registerAction(LessonAction action)\n {\n\tlessonFunctions.put(action.getActionName(), action);\n }\n" } } }, "message": { "text": "Function: registerAction" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 57 }, "region": { "startLine": 160 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 26, "message": { "text": "A constructor of SQLInjection in [SQLInjection.java](1) at line [161](1) calls a function that can be overridden by an attacker.\r\nA constructor of the class calls a function that can be overridden." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 57 }, "region": { "startLine": 161, "snippet": { "text": "\tregisterAction(new SearchStaff(this, myClassName, SEARCHSTAFF_ACTION));" } }, "contextRegion": { "startLine": 158, "endLine": 164, "snippet": { "text": " {\n\tString myClassName = parseClassName(this.getClass().getName());\n\tregisterAction(new ListStaff(this, myClassName, LISTSTAFF_ACTION));\n\tregisterAction(new SearchStaff(this, myClassName, SEARCHSTAFF_ACTION));\n\tregisterAction(new ViewProfile(this, myClassName, VIEWPROFILE_ACTION));\n\tregisterAction(new EditProfile(this, myClassName, EDITPROFILE_ACTION));\n\tregisterAction(new EditProfile(this, myClassName, CREATEPROFILE_ACTION));\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 57 }, "region": { "startLine": 161, "snippet": { "text": "\tregisterAction(new SearchStaff(this, myClassName, SEARCHSTAFF_ACTION));" } }, "contextRegion": { "startLine": 158, "endLine": 164, "snippet": { "text": " {\n\tString myClassName = parseClassName(this.getClass().getName());\n\tregisterAction(new ListStaff(this, myClassName, LISTSTAFF_ACTION));\n\tregisterAction(new SearchStaff(this, myClassName, SEARCHSTAFF_ACTION));\n\tregisterAction(new ViewProfile(this, myClassName, VIEWPROFILE_ACTION));\n\tregisterAction(new EditProfile(this, myClassName, EDITPROFILE_ACTION));\n\tregisterAction(new EditProfile(this, myClassName, CREATEPROFILE_ACTION));\n" } } }, "message": { "text": "FunctionCall: registerAction" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 57 }, "region": { "startLine": 157, "snippet": { "text": " public SQLInjection()" } }, "contextRegion": { "startLine": 154, "endLine": 160, "snippet": { "text": " }\n\n\n public SQLInjection()\n {\n\tString myClassName = parseClassName(this.getClass().getName());\n\tregisterAction(new ListStaff(this, myClassName, LISTSTAFF_ACTION));\n" } } }, "message": { "text": "Function: SQLInjection" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 57 }, "region": { "startLine": 192, "snippet": { "text": " protected void registerAction(LessonAction action)" } }, "contextRegion": { "startLine": 189, "endLine": 195, "snippet": { "text": " }\n\n\n protected void registerAction(LessonAction action)\n {\n\tlessonFunctions.put(action.getActionName(), action);\n }\n" } } }, "message": { "text": "Function: registerAction" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 57 }, "region": { "startLine": 161 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 26, "message": { "text": "A constructor of SQLInjection in [SQLInjection.java](1) at line [162](1) calls a function that can be overridden by an attacker.\r\nA constructor of the class calls a function that can be overridden." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 57 }, "region": { "startLine": 162, "snippet": { "text": "\tregisterAction(new ViewProfile(this, myClassName, VIEWPROFILE_ACTION));" } }, "contextRegion": { "startLine": 159, "endLine": 165, "snippet": { "text": "\tString myClassName = parseClassName(this.getClass().getName());\n\tregisterAction(new ListStaff(this, myClassName, LISTSTAFF_ACTION));\n\tregisterAction(new SearchStaff(this, myClassName, SEARCHSTAFF_ACTION));\n\tregisterAction(new ViewProfile(this, myClassName, VIEWPROFILE_ACTION));\n\tregisterAction(new EditProfile(this, myClassName, EDITPROFILE_ACTION));\n\tregisterAction(new EditProfile(this, myClassName, CREATEPROFILE_ACTION));\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 57 }, "region": { "startLine": 162, "snippet": { "text": "\tregisterAction(new ViewProfile(this, myClassName, VIEWPROFILE_ACTION));" } }, "contextRegion": { "startLine": 159, "endLine": 165, "snippet": { "text": "\tString myClassName = parseClassName(this.getClass().getName());\n\tregisterAction(new ListStaff(this, myClassName, LISTSTAFF_ACTION));\n\tregisterAction(new SearchStaff(this, myClassName, SEARCHSTAFF_ACTION));\n\tregisterAction(new ViewProfile(this, myClassName, VIEWPROFILE_ACTION));\n\tregisterAction(new EditProfile(this, myClassName, EDITPROFILE_ACTION));\n\tregisterAction(new EditProfile(this, myClassName, CREATEPROFILE_ACTION));\n\n" } } }, "message": { "text": "FunctionCall: registerAction" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 57 }, "region": { "startLine": 157, "snippet": { "text": " public SQLInjection()" } }, "contextRegion": { "startLine": 154, "endLine": 160, "snippet": { "text": " }\n\n\n public SQLInjection()\n {\n\tString myClassName = parseClassName(this.getClass().getName());\n\tregisterAction(new ListStaff(this, myClassName, LISTSTAFF_ACTION));\n" } } }, "message": { "text": "Function: SQLInjection" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 57 }, "region": { "startLine": 192, "snippet": { "text": " protected void registerAction(LessonAction action)" } }, "contextRegion": { "startLine": 189, "endLine": 195, "snippet": { "text": " }\n\n\n protected void registerAction(LessonAction action)\n {\n\tlessonFunctions.put(action.getActionName(), action);\n }\n" } } }, "message": { "text": "Function: registerAction" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 57 }, "region": { "startLine": 162 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 26, "message": { "text": "A constructor of SQLInjection in [SQLInjection.java](1) at line [163](1) calls a function that can be overridden by an attacker.\r\nA constructor of the class calls a function that can be overridden." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 57 }, "region": { "startLine": 163, "snippet": { "text": "\tregisterAction(new EditProfile(this, myClassName, EDITPROFILE_ACTION));" } }, "contextRegion": { "startLine": 160, "endLine": 166, "snippet": { "text": "\tregisterAction(new ListStaff(this, myClassName, LISTSTAFF_ACTION));\n\tregisterAction(new SearchStaff(this, myClassName, SEARCHSTAFF_ACTION));\n\tregisterAction(new ViewProfile(this, myClassName, VIEWPROFILE_ACTION));\n\tregisterAction(new EditProfile(this, myClassName, EDITPROFILE_ACTION));\n\tregisterAction(new EditProfile(this, myClassName, CREATEPROFILE_ACTION));\n\n\t// These actions are special in that they chain to other actions.\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 57 }, "region": { "startLine": 163, "snippet": { "text": "\tregisterAction(new EditProfile(this, myClassName, EDITPROFILE_ACTION));" } }, "contextRegion": { "startLine": 160, "endLine": 166, "snippet": { "text": "\tregisterAction(new ListStaff(this, myClassName, LISTSTAFF_ACTION));\n\tregisterAction(new SearchStaff(this, myClassName, SEARCHSTAFF_ACTION));\n\tregisterAction(new ViewProfile(this, myClassName, VIEWPROFILE_ACTION));\n\tregisterAction(new EditProfile(this, myClassName, EDITPROFILE_ACTION));\n\tregisterAction(new EditProfile(this, myClassName, CREATEPROFILE_ACTION));\n\n\t// These actions are special in that they chain to other actions.\n" } } }, "message": { "text": "FunctionCall: registerAction" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 57 }, "region": { "startLine": 157, "snippet": { "text": " public SQLInjection()" } }, "contextRegion": { "startLine": 154, "endLine": 160, "snippet": { "text": " }\n\n\n public SQLInjection()\n {\n\tString myClassName = parseClassName(this.getClass().getName());\n\tregisterAction(new ListStaff(this, myClassName, LISTSTAFF_ACTION));\n" } } }, "message": { "text": "Function: SQLInjection" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 57 }, "region": { "startLine": 192, "snippet": { "text": " protected void registerAction(LessonAction action)" } }, "contextRegion": { "startLine": 189, "endLine": 195, "snippet": { "text": " }\n\n\n protected void registerAction(LessonAction action)\n {\n\tlessonFunctions.put(action.getActionName(), action);\n }\n" } } }, "message": { "text": "Function: registerAction" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 57 }, "region": { "startLine": 163 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 26, "message": { "text": "A constructor of SQLInjection in [SQLInjection.java](1) at line [164](1) calls a function that can be overridden by an attacker.\r\nA constructor of the class calls a function that can be overridden." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 57 }, "region": { "startLine": 164, "snippet": { "text": "\tregisterAction(new EditProfile(this, myClassName, CREATEPROFILE_ACTION));" } }, "contextRegion": { "startLine": 161, "endLine": 167, "snippet": { "text": "\tregisterAction(new SearchStaff(this, myClassName, SEARCHSTAFF_ACTION));\n\tregisterAction(new ViewProfile(this, myClassName, VIEWPROFILE_ACTION));\n\tregisterAction(new EditProfile(this, myClassName, EDITPROFILE_ACTION));\n\tregisterAction(new EditProfile(this, myClassName, CREATEPROFILE_ACTION));\n\n\t// These actions are special in that they chain to other actions.\n\tregisterAction(new Login(this, myClassName, LOGIN_ACTION,\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 57 }, "region": { "startLine": 164, "snippet": { "text": "\tregisterAction(new EditProfile(this, myClassName, CREATEPROFILE_ACTION));" } }, "contextRegion": { "startLine": 161, "endLine": 167, "snippet": { "text": "\tregisterAction(new SearchStaff(this, myClassName, SEARCHSTAFF_ACTION));\n\tregisterAction(new ViewProfile(this, myClassName, VIEWPROFILE_ACTION));\n\tregisterAction(new EditProfile(this, myClassName, EDITPROFILE_ACTION));\n\tregisterAction(new EditProfile(this, myClassName, CREATEPROFILE_ACTION));\n\n\t// These actions are special in that they chain to other actions.\n\tregisterAction(new Login(this, myClassName, LOGIN_ACTION,\n" } } }, "message": { "text": "FunctionCall: registerAction" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 57 }, "region": { "startLine": 157, "snippet": { "text": " public SQLInjection()" } }, "contextRegion": { "startLine": 154, "endLine": 160, "snippet": { "text": " }\n\n\n public SQLInjection()\n {\n\tString myClassName = parseClassName(this.getClass().getName());\n\tregisterAction(new ListStaff(this, myClassName, LISTSTAFF_ACTION));\n" } } }, "message": { "text": "Function: SQLInjection" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 57 }, "region": { "startLine": 192, "snippet": { "text": " protected void registerAction(LessonAction action)" } }, "contextRegion": { "startLine": 189, "endLine": 195, "snippet": { "text": " }\n\n\n protected void registerAction(LessonAction action)\n {\n\tlessonFunctions.put(action.getActionName(), action);\n }\n" } } }, "message": { "text": "Function: registerAction" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 57 }, "region": { "startLine": 164 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 26, "message": { "text": "A constructor of SQLInjection in [SQLInjection.java](1) at line [167](1) calls a function that can be overridden by an attacker.\r\nA constructor of the class calls a function that can be overridden." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 57 }, "region": { "startLine": 167, "snippet": { "text": "\tregisterAction(new Login(this, myClassName, LOGIN_ACTION," } }, "contextRegion": { "startLine": 164, "endLine": 170, "snippet": { "text": "\tregisterAction(new EditProfile(this, myClassName, CREATEPROFILE_ACTION));\n\n\t// These actions are special in that they chain to other actions.\n\tregisterAction(new Login(this, myClassName, LOGIN_ACTION,\n\t\tgetAction(LISTSTAFF_ACTION)));\n\tregisterAction(new Logout(this, myClassName, LOGOUT_ACTION,\n\t\tgetAction(LOGIN_ACTION)));\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 57 }, "region": { "startLine": 167, "snippet": { "text": "\tregisterAction(new Login(this, myClassName, LOGIN_ACTION," } }, "contextRegion": { "startLine": 164, "endLine": 170, "snippet": { "text": "\tregisterAction(new EditProfile(this, myClassName, CREATEPROFILE_ACTION));\n\n\t// These actions are special in that they chain to other actions.\n\tregisterAction(new Login(this, myClassName, LOGIN_ACTION,\n\t\tgetAction(LISTSTAFF_ACTION)));\n\tregisterAction(new Logout(this, myClassName, LOGOUT_ACTION,\n\t\tgetAction(LOGIN_ACTION)));\n" } } }, "message": { "text": "FunctionCall: registerAction" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 57 }, "region": { "startLine": 157, "snippet": { "text": " public SQLInjection()" } }, "contextRegion": { "startLine": 154, "endLine": 160, "snippet": { "text": " }\n\n\n public SQLInjection()\n {\n\tString myClassName = parseClassName(this.getClass().getName());\n\tregisterAction(new ListStaff(this, myClassName, LISTSTAFF_ACTION));\n" } } }, "message": { "text": "Function: SQLInjection" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 57 }, "region": { "startLine": 192, "snippet": { "text": " protected void registerAction(LessonAction action)" } }, "contextRegion": { "startLine": 189, "endLine": 195, "snippet": { "text": " }\n\n\n protected void registerAction(LessonAction action)\n {\n\tlessonFunctions.put(action.getActionName(), action);\n }\n" } } }, "message": { "text": "Function: registerAction" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 57 }, "region": { "startLine": 167 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 26, "message": { "text": "A constructor of SQLInjection in [SQLInjection.java](1) at line [168](1) calls a function that can be overridden by an attacker.\r\nA constructor of the class calls a function that can be overridden." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 57 }, "region": { "startLine": 168, "snippet": { "text": "\t\tgetAction(LISTSTAFF_ACTION)));" } }, "contextRegion": { "startLine": 165, "endLine": 171, "snippet": { "text": "\n\t// These actions are special in that they chain to other actions.\n\tregisterAction(new Login(this, myClassName, LOGIN_ACTION,\n\t\tgetAction(LISTSTAFF_ACTION)));\n\tregisterAction(new Logout(this, myClassName, LOGOUT_ACTION,\n\t\tgetAction(LOGIN_ACTION)));\n\tregisterAction(new FindProfile(this, myClassName, FINDPROFILE_ACTION,\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 57 }, "region": { "startLine": 168, "snippet": { "text": "\t\tgetAction(LISTSTAFF_ACTION)));" } }, "contextRegion": { "startLine": 165, "endLine": 171, "snippet": { "text": "\n\t// These actions are special in that they chain to other actions.\n\tregisterAction(new Login(this, myClassName, LOGIN_ACTION,\n\t\tgetAction(LISTSTAFF_ACTION)));\n\tregisterAction(new Logout(this, myClassName, LOGOUT_ACTION,\n\t\tgetAction(LOGIN_ACTION)));\n\tregisterAction(new FindProfile(this, myClassName, FINDPROFILE_ACTION,\n" } } }, "message": { "text": "FunctionCall: getAction" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 57 }, "region": { "startLine": 157, "snippet": { "text": " public SQLInjection()" } }, "contextRegion": { "startLine": 154, "endLine": 160, "snippet": { "text": " }\n\n\n public SQLInjection()\n {\n\tString myClassName = parseClassName(this.getClass().getName());\n\tregisterAction(new ListStaff(this, myClassName, LISTSTAFF_ACTION));\n" } } }, "message": { "text": "Function: SQLInjection" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 57 }, "region": { "startLine": 299, "snippet": { "text": " protected LessonAction getAction(String actionName)" } }, "contextRegion": { "startLine": 296, "endLine": 302, "snippet": { "text": " }\n\n\n protected LessonAction getAction(String actionName)\n {\n\treturn (LessonAction) lessonFunctions.get(actionName);\n }\n" } } }, "message": { "text": "Function: getAction" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 57 }, "region": { "startLine": 168 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 26, "message": { "text": "A constructor of SQLInjection in [SQLInjection.java](1) at line [169](1) calls a function that can be overridden by an attacker.\r\nA constructor of the class calls a function that can be overridden." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 57 }, "region": { "startLine": 169, "snippet": { "text": "\tregisterAction(new Logout(this, myClassName, LOGOUT_ACTION," } }, "contextRegion": { "startLine": 166, "endLine": 172, "snippet": { "text": "\t// These actions are special in that they chain to other actions.\n\tregisterAction(new Login(this, myClassName, LOGIN_ACTION,\n\t\tgetAction(LISTSTAFF_ACTION)));\n\tregisterAction(new Logout(this, myClassName, LOGOUT_ACTION,\n\t\tgetAction(LOGIN_ACTION)));\n\tregisterAction(new FindProfile(this, myClassName, FINDPROFILE_ACTION,\n\t\tgetAction(VIEWPROFILE_ACTION)));\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 57 }, "region": { "startLine": 169, "snippet": { "text": "\tregisterAction(new Logout(this, myClassName, LOGOUT_ACTION," } }, "contextRegion": { "startLine": 166, "endLine": 172, "snippet": { "text": "\t// These actions are special in that they chain to other actions.\n\tregisterAction(new Login(this, myClassName, LOGIN_ACTION,\n\t\tgetAction(LISTSTAFF_ACTION)));\n\tregisterAction(new Logout(this, myClassName, LOGOUT_ACTION,\n\t\tgetAction(LOGIN_ACTION)));\n\tregisterAction(new FindProfile(this, myClassName, FINDPROFILE_ACTION,\n\t\tgetAction(VIEWPROFILE_ACTION)));\n" } } }, "message": { "text": "FunctionCall: registerAction" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 57 }, "region": { "startLine": 157, "snippet": { "text": " public SQLInjection()" } }, "contextRegion": { "startLine": 154, "endLine": 160, "snippet": { "text": " }\n\n\n public SQLInjection()\n {\n\tString myClassName = parseClassName(this.getClass().getName());\n\tregisterAction(new ListStaff(this, myClassName, LISTSTAFF_ACTION));\n" } } }, "message": { "text": "Function: SQLInjection" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 57 }, "region": { "startLine": 192, "snippet": { "text": " protected void registerAction(LessonAction action)" } }, "contextRegion": { "startLine": 189, "endLine": 195, "snippet": { "text": " }\n\n\n protected void registerAction(LessonAction action)\n {\n\tlessonFunctions.put(action.getActionName(), action);\n }\n" } } }, "message": { "text": "Function: registerAction" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 57 }, "region": { "startLine": 169 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 26, "message": { "text": "A constructor of SQLInjection in [SQLInjection.java](1) at line [170](1) calls a function that can be overridden by an attacker.\r\nA constructor of the class calls a function that can be overridden." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 57 }, "region": { "startLine": 170, "snippet": { "text": "\t\tgetAction(LOGIN_ACTION)));" } }, "contextRegion": { "startLine": 167, "endLine": 173, "snippet": { "text": "\tregisterAction(new Login(this, myClassName, LOGIN_ACTION,\n\t\tgetAction(LISTSTAFF_ACTION)));\n\tregisterAction(new Logout(this, myClassName, LOGOUT_ACTION,\n\t\tgetAction(LOGIN_ACTION)));\n\tregisterAction(new FindProfile(this, myClassName, FINDPROFILE_ACTION,\n\t\tgetAction(VIEWPROFILE_ACTION)));\n\tregisterAction(new UpdateProfile(this, myClassName,\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 57 }, "region": { "startLine": 170, "snippet": { "text": "\t\tgetAction(LOGIN_ACTION)));" } }, "contextRegion": { "startLine": 167, "endLine": 173, "snippet": { "text": "\tregisterAction(new Login(this, myClassName, LOGIN_ACTION,\n\t\tgetAction(LISTSTAFF_ACTION)));\n\tregisterAction(new Logout(this, myClassName, LOGOUT_ACTION,\n\t\tgetAction(LOGIN_ACTION)));\n\tregisterAction(new FindProfile(this, myClassName, FINDPROFILE_ACTION,\n\t\tgetAction(VIEWPROFILE_ACTION)));\n\tregisterAction(new UpdateProfile(this, myClassName,\n" } } }, "message": { "text": "FunctionCall: getAction" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 57 }, "region": { "startLine": 157, "snippet": { "text": " public SQLInjection()" } }, "contextRegion": { "startLine": 154, "endLine": 160, "snippet": { "text": " }\n\n\n public SQLInjection()\n {\n\tString myClassName = parseClassName(this.getClass().getName());\n\tregisterAction(new ListStaff(this, myClassName, LISTSTAFF_ACTION));\n" } } }, "message": { "text": "Function: SQLInjection" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 57 }, "region": { "startLine": 299, "snippet": { "text": " protected LessonAction getAction(String actionName)" } }, "contextRegion": { "startLine": 296, "endLine": 302, "snippet": { "text": " }\n\n\n protected LessonAction getAction(String actionName)\n {\n\treturn (LessonAction) lessonFunctions.get(actionName);\n }\n" } } }, "message": { "text": "Function: getAction" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 57 }, "region": { "startLine": 170 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 26, "message": { "text": "A constructor of SQLInjection in [SQLInjection.java](1) at line [171](1) calls a function that can be overridden by an attacker.\r\nA constructor of the class calls a function that can be overridden." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 57 }, "region": { "startLine": 171, "snippet": { "text": "\tregisterAction(new FindProfile(this, myClassName, FINDPROFILE_ACTION," } }, "contextRegion": { "startLine": 168, "endLine": 174, "snippet": { "text": "\t\tgetAction(LISTSTAFF_ACTION)));\n\tregisterAction(new Logout(this, myClassName, LOGOUT_ACTION,\n\t\tgetAction(LOGIN_ACTION)));\n\tregisterAction(new FindProfile(this, myClassName, FINDPROFILE_ACTION,\n\t\tgetAction(VIEWPROFILE_ACTION)));\n\tregisterAction(new UpdateProfile(this, myClassName,\n\t\tUPDATEPROFILE_ACTION, getAction(VIEWPROFILE_ACTION)));\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 57 }, "region": { "startLine": 171, "snippet": { "text": "\tregisterAction(new FindProfile(this, myClassName, FINDPROFILE_ACTION," } }, "contextRegion": { "startLine": 168, "endLine": 174, "snippet": { "text": "\t\tgetAction(LISTSTAFF_ACTION)));\n\tregisterAction(new Logout(this, myClassName, LOGOUT_ACTION,\n\t\tgetAction(LOGIN_ACTION)));\n\tregisterAction(new FindProfile(this, myClassName, FINDPROFILE_ACTION,\n\t\tgetAction(VIEWPROFILE_ACTION)));\n\tregisterAction(new UpdateProfile(this, myClassName,\n\t\tUPDATEPROFILE_ACTION, getAction(VIEWPROFILE_ACTION)));\n" } } }, "message": { "text": "FunctionCall: registerAction" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 57 }, "region": { "startLine": 157, "snippet": { "text": " public SQLInjection()" } }, "contextRegion": { "startLine": 154, "endLine": 160, "snippet": { "text": " }\n\n\n public SQLInjection()\n {\n\tString myClassName = parseClassName(this.getClass().getName());\n\tregisterAction(new ListStaff(this, myClassName, LISTSTAFF_ACTION));\n" } } }, "message": { "text": "Function: SQLInjection" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 57 }, "region": { "startLine": 192, "snippet": { "text": " protected void registerAction(LessonAction action)" } }, "contextRegion": { "startLine": 189, "endLine": 195, "snippet": { "text": " }\n\n\n protected void registerAction(LessonAction action)\n {\n\tlessonFunctions.put(action.getActionName(), action);\n }\n" } } }, "message": { "text": "Function: registerAction" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 57 }, "region": { "startLine": 171 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 26, "message": { "text": "A constructor of SQLInjection in [SQLInjection.java](1) at line [172](1) calls a function that can be overridden by an attacker.\r\nA constructor of the class calls a function that can be overridden." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 57 }, "region": { "startLine": 172, "snippet": { "text": "\t\tgetAction(VIEWPROFILE_ACTION)));" } }, "contextRegion": { "startLine": 169, "endLine": 175, "snippet": { "text": "\tregisterAction(new Logout(this, myClassName, LOGOUT_ACTION,\n\t\tgetAction(LOGIN_ACTION)));\n\tregisterAction(new FindProfile(this, myClassName, FINDPROFILE_ACTION,\n\t\tgetAction(VIEWPROFILE_ACTION)));\n\tregisterAction(new UpdateProfile(this, myClassName,\n\t\tUPDATEPROFILE_ACTION, getAction(VIEWPROFILE_ACTION)));\n\tregisterAction(new DeleteProfile(this, myClassName,\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 57 }, "region": { "startLine": 172, "snippet": { "text": "\t\tgetAction(VIEWPROFILE_ACTION)));" } }, "contextRegion": { "startLine": 169, "endLine": 175, "snippet": { "text": "\tregisterAction(new Logout(this, myClassName, LOGOUT_ACTION,\n\t\tgetAction(LOGIN_ACTION)));\n\tregisterAction(new FindProfile(this, myClassName, FINDPROFILE_ACTION,\n\t\tgetAction(VIEWPROFILE_ACTION)));\n\tregisterAction(new UpdateProfile(this, myClassName,\n\t\tUPDATEPROFILE_ACTION, getAction(VIEWPROFILE_ACTION)));\n\tregisterAction(new DeleteProfile(this, myClassName,\n" } } }, "message": { "text": "FunctionCall: getAction" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 57 }, "region": { "startLine": 157, "snippet": { "text": " public SQLInjection()" } }, "contextRegion": { "startLine": 154, "endLine": 160, "snippet": { "text": " }\n\n\n public SQLInjection()\n {\n\tString myClassName = parseClassName(this.getClass().getName());\n\tregisterAction(new ListStaff(this, myClassName, LISTSTAFF_ACTION));\n" } } }, "message": { "text": "Function: SQLInjection" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 57 }, "region": { "startLine": 299, "snippet": { "text": " protected LessonAction getAction(String actionName)" } }, "contextRegion": { "startLine": 296, "endLine": 302, "snippet": { "text": " }\n\n\n protected LessonAction getAction(String actionName)\n {\n\treturn (LessonAction) lessonFunctions.get(actionName);\n }\n" } } }, "message": { "text": "Function: getAction" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 57 }, "region": { "startLine": 172 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 26, "message": { "text": "A constructor of SQLInjection in [SQLInjection.java](1) at line [173](1) calls a function that can be overridden by an attacker.\r\nA constructor of the class calls a function that can be overridden." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 57 }, "region": { "startLine": 173, "snippet": { "text": "\tregisterAction(new UpdateProfile(this, myClassName," } }, "contextRegion": { "startLine": 170, "endLine": 176, "snippet": { "text": "\t\tgetAction(LOGIN_ACTION)));\n\tregisterAction(new FindProfile(this, myClassName, FINDPROFILE_ACTION,\n\t\tgetAction(VIEWPROFILE_ACTION)));\n\tregisterAction(new UpdateProfile(this, myClassName,\n\t\tUPDATEPROFILE_ACTION, getAction(VIEWPROFILE_ACTION)));\n\tregisterAction(new DeleteProfile(this, myClassName,\n\t\tDELETEPROFILE_ACTION, getAction(LISTSTAFF_ACTION)));\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 57 }, "region": { "startLine": 173, "snippet": { "text": "\tregisterAction(new UpdateProfile(this, myClassName," } }, "contextRegion": { "startLine": 170, "endLine": 176, "snippet": { "text": "\t\tgetAction(LOGIN_ACTION)));\n\tregisterAction(new FindProfile(this, myClassName, FINDPROFILE_ACTION,\n\t\tgetAction(VIEWPROFILE_ACTION)));\n\tregisterAction(new UpdateProfile(this, myClassName,\n\t\tUPDATEPROFILE_ACTION, getAction(VIEWPROFILE_ACTION)));\n\tregisterAction(new DeleteProfile(this, myClassName,\n\t\tDELETEPROFILE_ACTION, getAction(LISTSTAFF_ACTION)));\n" } } }, "message": { "text": "FunctionCall: registerAction" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 57 }, "region": { "startLine": 157, "snippet": { "text": " public SQLInjection()" } }, "contextRegion": { "startLine": 154, "endLine": 160, "snippet": { "text": " }\n\n\n public SQLInjection()\n {\n\tString myClassName = parseClassName(this.getClass().getName());\n\tregisterAction(new ListStaff(this, myClassName, LISTSTAFF_ACTION));\n" } } }, "message": { "text": "Function: SQLInjection" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 57 }, "region": { "startLine": 192, "snippet": { "text": " protected void registerAction(LessonAction action)" } }, "contextRegion": { "startLine": 189, "endLine": 195, "snippet": { "text": " }\n\n\n protected void registerAction(LessonAction action)\n {\n\tlessonFunctions.put(action.getActionName(), action);\n }\n" } } }, "message": { "text": "Function: registerAction" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 57 }, "region": { "startLine": 173 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 26, "message": { "text": "A constructor of SQLInjection in [SQLInjection.java](1) at line [174](1) calls a function that can be overridden by an attacker.\r\nA constructor of the class calls a function that can be overridden." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 57 }, "region": { "startLine": 174, "snippet": { "text": "\t\tUPDATEPROFILE_ACTION, getAction(VIEWPROFILE_ACTION)));" } }, "contextRegion": { "startLine": 171, "endLine": 177, "snippet": { "text": "\tregisterAction(new FindProfile(this, myClassName, FINDPROFILE_ACTION,\n\t\tgetAction(VIEWPROFILE_ACTION)));\n\tregisterAction(new UpdateProfile(this, myClassName,\n\t\tUPDATEPROFILE_ACTION, getAction(VIEWPROFILE_ACTION)));\n\tregisterAction(new DeleteProfile(this, myClassName,\n\t\tDELETEPROFILE_ACTION, getAction(LISTSTAFF_ACTION)));\n }\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 57 }, "region": { "startLine": 174, "snippet": { "text": "\t\tUPDATEPROFILE_ACTION, getAction(VIEWPROFILE_ACTION)));" } }, "contextRegion": { "startLine": 171, "endLine": 177, "snippet": { "text": "\tregisterAction(new FindProfile(this, myClassName, FINDPROFILE_ACTION,\n\t\tgetAction(VIEWPROFILE_ACTION)));\n\tregisterAction(new UpdateProfile(this, myClassName,\n\t\tUPDATEPROFILE_ACTION, getAction(VIEWPROFILE_ACTION)));\n\tregisterAction(new DeleteProfile(this, myClassName,\n\t\tDELETEPROFILE_ACTION, getAction(LISTSTAFF_ACTION)));\n }\n" } } }, "message": { "text": "FunctionCall: getAction" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 57 }, "region": { "startLine": 157, "snippet": { "text": " public SQLInjection()" } }, "contextRegion": { "startLine": 154, "endLine": 160, "snippet": { "text": " }\n\n\n public SQLInjection()\n {\n\tString myClassName = parseClassName(this.getClass().getName());\n\tregisterAction(new ListStaff(this, myClassName, LISTSTAFF_ACTION));\n" } } }, "message": { "text": "Function: SQLInjection" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 57 }, "region": { "startLine": 299, "snippet": { "text": " protected LessonAction getAction(String actionName)" } }, "contextRegion": { "startLine": 296, "endLine": 302, "snippet": { "text": " }\n\n\n protected LessonAction getAction(String actionName)\n {\n\treturn (LessonAction) lessonFunctions.get(actionName);\n }\n" } } }, "message": { "text": "Function: getAction" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 57 }, "region": { "startLine": 174 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 26, "message": { "text": "A constructor of SQLInjection in [SQLInjection.java](1) at line [175](1) calls a function that can be overridden by an attacker.\r\nA constructor of the class calls a function that can be overridden." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 57 }, "region": { "startLine": 175, "snippet": { "text": "\tregisterAction(new DeleteProfile(this, myClassName," } }, "contextRegion": { "startLine": 172, "endLine": 178, "snippet": { "text": "\t\tgetAction(VIEWPROFILE_ACTION)));\n\tregisterAction(new UpdateProfile(this, myClassName,\n\t\tUPDATEPROFILE_ACTION, getAction(VIEWPROFILE_ACTION)));\n\tregisterAction(new DeleteProfile(this, myClassName,\n\t\tDELETEPROFILE_ACTION, getAction(LISTSTAFF_ACTION)));\n }\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 57 }, "region": { "startLine": 175, "snippet": { "text": "\tregisterAction(new DeleteProfile(this, myClassName," } }, "contextRegion": { "startLine": 172, "endLine": 178, "snippet": { "text": "\t\tgetAction(VIEWPROFILE_ACTION)));\n\tregisterAction(new UpdateProfile(this, myClassName,\n\t\tUPDATEPROFILE_ACTION, getAction(VIEWPROFILE_ACTION)));\n\tregisterAction(new DeleteProfile(this, myClassName,\n\t\tDELETEPROFILE_ACTION, getAction(LISTSTAFF_ACTION)));\n }\n\n" } } }, "message": { "text": "FunctionCall: registerAction" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 57 }, "region": { "startLine": 157, "snippet": { "text": " public SQLInjection()" } }, "contextRegion": { "startLine": 154, "endLine": 160, "snippet": { "text": " }\n\n\n public SQLInjection()\n {\n\tString myClassName = parseClassName(this.getClass().getName());\n\tregisterAction(new ListStaff(this, myClassName, LISTSTAFF_ACTION));\n" } } }, "message": { "text": "Function: SQLInjection" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 57 }, "region": { "startLine": 192, "snippet": { "text": " protected void registerAction(LessonAction action)" } }, "contextRegion": { "startLine": 189, "endLine": 195, "snippet": { "text": " }\n\n\n protected void registerAction(LessonAction action)\n {\n\tlessonFunctions.put(action.getActionName(), action);\n }\n" } } }, "message": { "text": "Function: registerAction" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 57 }, "region": { "startLine": 175 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 26, "message": { "text": "A constructor of SQLInjection in [SQLInjection.java](1) at line [176](1) calls a function that can be overridden by an attacker.\r\nA constructor of the class calls a function that can be overridden." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 57 }, "region": { "startLine": 176, "snippet": { "text": "\t\tDELETEPROFILE_ACTION, getAction(LISTSTAFF_ACTION)));" } }, "contextRegion": { "startLine": 173, "endLine": 179, "snippet": { "text": "\tregisterAction(new UpdateProfile(this, myClassName,\n\t\tUPDATEPROFILE_ACTION, getAction(VIEWPROFILE_ACTION)));\n\tregisterAction(new DeleteProfile(this, myClassName,\n\t\tDELETEPROFILE_ACTION, getAction(LISTSTAFF_ACTION)));\n }\n\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 57 }, "region": { "startLine": 176, "snippet": { "text": "\t\tDELETEPROFILE_ACTION, getAction(LISTSTAFF_ACTION)));" } }, "contextRegion": { "startLine": 173, "endLine": 179, "snippet": { "text": "\tregisterAction(new UpdateProfile(this, myClassName,\n\t\tUPDATEPROFILE_ACTION, getAction(VIEWPROFILE_ACTION)));\n\tregisterAction(new DeleteProfile(this, myClassName,\n\t\tDELETEPROFILE_ACTION, getAction(LISTSTAFF_ACTION)));\n }\n\n\n" } } }, "message": { "text": "FunctionCall: getAction" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 57 }, "region": { "startLine": 157, "snippet": { "text": " public SQLInjection()" } }, "contextRegion": { "startLine": 154, "endLine": 160, "snippet": { "text": " }\n\n\n public SQLInjection()\n {\n\tString myClassName = parseClassName(this.getClass().getName());\n\tregisterAction(new ListStaff(this, myClassName, LISTSTAFF_ACTION));\n" } } }, "message": { "text": "Function: SQLInjection" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 57 }, "region": { "startLine": 299, "snippet": { "text": " protected LessonAction getAction(String actionName)" } }, "contextRegion": { "startLine": 296, "endLine": 302, "snippet": { "text": " }\n\n\n protected LessonAction getAction(String actionName)\n {\n\treturn (LessonAction) lessonFunctions.get(actionName);\n }\n" } } }, "message": { "text": "Function: getAction" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 57 }, "region": { "startLine": 176 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 98, "level": "note", "message": { "text": "The class AbstractLesson overrides only one of `equals()` and `hashCode()`.\r\nThis class overrides only one of `equals()` and `hashCode()`." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 75 }, "region": { "startLine": 317, "snippet": { "text": " public boolean equals(Object obj)" } }, "contextRegion": { "startLine": 314, "endLine": 320, "snippet": { "text": " * Description of the Parameter\n * @return Description of the Return Value\n */\n public boolean equals(Object obj)\n {\n\treturn this.getScreenId() == ((AbstractLesson) obj).getScreenId();\n }\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 75 }, "region": { "startLine": 317, "snippet": { "text": " public boolean equals(Object obj)" } }, "contextRegion": { "startLine": 314, "endLine": 320, "snippet": { "text": " * Description of the Parameter\n * @return Description of the Return Value\n */\n public boolean equals(Object obj)\n {\n\treturn this.getScreenId() == ((AbstractLesson) obj).getScreenId();\n }\n" } } }, "message": { "text": "Function: equals" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 75 }, "region": { "startLine": 317 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function handleRequest() in [DeleteProfile.java](1) might reveal system data or debugging information by calling printStackTrace() on line [81](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 73 }, "region": { "startLine": 81, "snippet": { "text": "\t\tue1.printStackTrace();" } }, "contextRegion": { "startLine": 78, "endLine": 84, "snippet": { "text": "\t catch (UnauthenticatedException ue1)\n\t {\n\t\tSystem.out.println(\"Internal server error\");\n\t\tue1.printStackTrace();\n\t }\n\t catch (UnauthorizedException ue2)\n\t {\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 73 }, "region": { "startLine": 81, "snippet": { "text": "\t\tue1.printStackTrace();" } }, "contextRegion": { "startLine": 78, "endLine": 84, "snippet": { "text": "\t catch (UnauthenticatedException ue1)\n\t {\n\t\tSystem.out.println(\"Internal server error\");\n\t\tue1.printStackTrace();\n\t }\n\t catch (UnauthorizedException ue2)\n\t {\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 73 }, "region": { "startLine": 81 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function getEmployeeProfile_BACKUP() in [EditProfile.java](1) might reveal system data or debugging information by calling printStackTrace() on line [186](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 138 }, "region": { "startLine": 186, "snippet": { "text": "\t\tsqle.printStackTrace();" } }, "contextRegion": { "startLine": 183, "endLine": 189, "snippet": { "text": "\t catch (SQLException sqle)\n\t {\n\t\ts.setMessage(\"Error getting employee profile\");\n\t\tsqle.printStackTrace();\n\t }\n\t}\n\tcatch (Exception e)\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 138 }, "region": { "startLine": 186, "snippet": { "text": "\t\tsqle.printStackTrace();" } }, "contextRegion": { "startLine": 183, "endLine": 189, "snippet": { "text": "\t catch (SQLException sqle)\n\t {\n\t\ts.setMessage(\"Error getting employee profile\");\n\t\tsqle.printStackTrace();\n\t }\n\t}\n\tcatch (Exception e)\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 138 }, "region": { "startLine": 186 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 25, "message": { "text": "Untrusted data is passed to the application and used as a regular expression. This can cause the thread to over-consume CPU resources." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 28 }, "region": { "startLine": 331, "snippet": { "text": "\t replacedString = replacedString.replaceAll(metaChar[mci]," } }, "contextRegion": { "startLine": 328, "endLine": 334, "snippet": { "text": "\tString replacedString = token;\n\tfor (; mci < metaChar.length; mci += 1)\n\t{\n\t replacedString = replacedString.replaceAll(metaChar[mci],\n\t\t htmlCode[mci]);\n\t}\n\treturn (replacedString);\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 802 }, { "index": 803 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 28 }, "region": { "startLine": 331, "snippet": { "text": "\t replacedString = replacedString.replaceAll(metaChar[mci]," } }, "contextRegion": { "startLine": 328, "endLine": 334, "snippet": { "text": "\tString replacedString = token;\n\tfor (; mci < metaChar.length; mci += 1)\n\t{\n\t replacedString = replacedString.replaceAll(metaChar[mci],\n\t\t htmlCode[mci]);\n\t}\n\treturn (replacedString);\n" } } }, "message": { "text": "replaceAll(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 28 }, "region": { "startLine": 331, "startColumn": 49 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 42, "message": { "text": "The method doPost() in [HammerHead.java](1) commingles trusted and untrusted data in the same data structure, which encourages programmers to mistakenly trust unvalidated data.\r\nCommingling trusted and untrusted data in the same data structure encourages programmers to mistakenly trust unvalidated data." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 184, "snippet": { "text": "\t request.getSession().setAttribute(\"websession\", mySession);" } }, "contextRegion": { "startLine": 181, "endLine": 187, "snippet": { "text": "\t\tclientBrowser = userAgent;\n\t }\n\t request.setAttribute(\"client.browser\", clientBrowser);\n\t request.getSession().setAttribute(\"websession\", mySession);\n\t request.getSession().setAttribute(\"course\", mySession.getCourse());\n\n\t request.getRequestDispatcher(getViewPage(mySession)).forward(\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 300 }, { "index": 301 }, { "index": 302 }, { "index": 303 }, { "index": 708 }, { "index": 709 }, { "index": 710 }, { "index": 157 }, { "index": 711 }, { "index": 159 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 184, "snippet": { "text": "\t request.getSession().setAttribute(\"websession\", mySession);" } }, "contextRegion": { "startLine": 181, "endLine": 187, "snippet": { "text": "\t\tclientBrowser = userAgent;\n\t }\n\t request.setAttribute(\"client.browser\", clientBrowser);\n\t request.getSession().setAttribute(\"websession\", mySession);\n\t request.getSession().setAttribute(\"course\", mySession.getCourse());\n\n\t request.getRequestDispatcher(getViewPage(mySession)).forward(\n" } } }, "message": { "text": "setAttribute(1)" } }, "kinds": [ "call", "function" ] } ] } ] }, { "threadFlows": [ { "locations": [ { "index": 300 }, { "index": 301 }, { "index": 302 }, { "index": 303 }, { "index": 712 }, { "index": 713 }, { "index": 714 }, { "index": 715 }, { "index": 157 }, { "index": 716 }, { "index": 159 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 184, "snippet": { "text": "\t request.getSession().setAttribute(\"websession\", mySession);" } }, "contextRegion": { "startLine": 181, "endLine": 187, "snippet": { "text": "\t\tclientBrowser = userAgent;\n\t }\n\t request.setAttribute(\"client.browser\", clientBrowser);\n\t request.getSession().setAttribute(\"websession\", mySession);\n\t request.getSession().setAttribute(\"course\", mySession.getCourse());\n\n\t request.getRequestDispatcher(getViewPage(mySession)).forward(\n" } } }, "message": { "text": "setAttribute(1)" } }, "kinds": [ "call", "function" ] } ] } ] }, { "threadFlows": [ { "locations": [ { "index": 300 }, { "index": 301 }, { "index": 302 }, { "index": 303 }, { "index": 305 }, { "index": 306 }, { "index": 708 }, { "index": 709 }, { "index": 710 }, { "index": 157 }, { "index": 711 }, { "index": 159 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 184, "snippet": { "text": "\t request.getSession().setAttribute(\"websession\", mySession);" } }, "contextRegion": { "startLine": 181, "endLine": 187, "snippet": { "text": "\t\tclientBrowser = userAgent;\n\t }\n\t request.setAttribute(\"client.browser\", clientBrowser);\n\t request.getSession().setAttribute(\"websession\", mySession);\n\t request.getSession().setAttribute(\"course\", mySession.getCourse());\n\n\t request.getRequestDispatcher(getViewPage(mySession)).forward(\n" } } }, "message": { "text": "setAttribute(1)" } }, "kinds": [ "call", "function" ] } ] } ] }, { "threadFlows": [ { "locations": [ { "index": 300 }, { "index": 301 }, { "index": 302 }, { "index": 303 }, { "index": 719 }, { "index": 720 }, { "index": 721 }, { "index": 722 }, { "index": 715 }, { "index": 157 }, { "index": 716 }, { "index": 159 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 184, "snippet": { "text": "\t request.getSession().setAttribute(\"websession\", mySession);" } }, "contextRegion": { "startLine": 181, "endLine": 187, "snippet": { "text": "\t\tclientBrowser = userAgent;\n\t }\n\t request.setAttribute(\"client.browser\", clientBrowser);\n\t request.getSession().setAttribute(\"websession\", mySession);\n\t request.getSession().setAttribute(\"course\", mySession.getCourse());\n\n\t request.getRequestDispatcher(getViewPage(mySession)).forward(\n" } } }, "message": { "text": "setAttribute(1)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 184 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 47, "level": "note", "message": { "text": "The method doCachePoisining() in [HttpSplitting.java](1) throws a generic exception making it harder for callers to do a good job of error handling and recovery.\r\nThe method throws a generic exception making it harder for callers to do a good job of error handling and recovery." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 135 }, "region": { "startLine": 191, "snippet": { "text": " protected Element doCachePoisining(WebSession s) throws Exception" } }, "contextRegion": { "startLine": 188, "endLine": 194, "snippet": { "text": " }\n\n\n protected Element doCachePoisining(WebSession s) throws Exception\n {\n\tElementContainer ec = new ElementContainer();\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 135 }, "region": { "startLine": 191, "snippet": { "text": " protected Element doCachePoisining(WebSession s) throws Exception" } }, "contextRegion": { "startLine": 188, "endLine": 194, "snippet": { "text": " }\n\n\n protected Element doCachePoisining(WebSession s) throws Exception\n {\n\tElementContainer ec = new ElementContainer();\n\n" } } }, "message": { "text": "Function: doCachePoisining" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 135 }, "region": { "startLine": 191 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function createEmployeeProfile() in [UpdateProfile.java](1) might reveal system data or debugging information by calling printStackTrace() on line [315](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 101 }, "region": { "startLine": 315, "snippet": { "text": "\t\tsqle.printStackTrace();" } }, "contextRegion": { "startLine": 312, "endLine": 318, "snippet": { "text": "\t }\n\t catch (SQLException sqle)\n\t {\n\t\tsqle.printStackTrace();\n\t\ts.setMessage(\"Error updating employee profile\");\n\t }\n\t}\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 101 }, "region": { "startLine": 315, "snippet": { "text": "\t\tsqle.printStackTrace();" } }, "contextRegion": { "startLine": 312, "endLine": 318, "snippet": { "text": "\t }\n\t catch (SQLException sqle)\n\t {\n\t\tsqle.printStackTrace();\n\t\ts.setMessage(\"Error updating employee profile\");\n\t }\n\t}\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 101 }, "region": { "startLine": 315 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function createEmployeeProfile() in [UpdateProfile.java](1) might reveal system data or debugging information by calling printStackTrace() on line [299](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 101 }, "region": { "startLine": 299, "snippet": { "text": "\t\tsqle.printStackTrace();" } }, "contextRegion": { "startLine": 296, "endLine": 302, "snippet": { "text": "\t }\n\t catch (SQLException sqle)\n\t {\n\t\tsqle.printStackTrace();\n\t\ts.setMessage(\"Error updating employee profile\");\n\t }\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 101 }, "region": { "startLine": 299, "snippet": { "text": "\t\tsqle.printStackTrace();" } }, "contextRegion": { "startLine": 296, "endLine": 302, "snippet": { "text": "\t }\n\t catch (SQLException sqle)\n\t {\n\t\tsqle.printStackTrace();\n\t\ts.setMessage(\"Error updating employee profile\");\n\t }\n\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 101 }, "region": { "startLine": 299 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function getAllEmployees() in [ListStaff.java](1) might reveal system data or debugging information by calling printStackTrace() on line [121](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 108 }, "region": { "startLine": 121, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 118, "endLine": 124, "snippet": { "text": "\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error getting employees\");\n\t e.printStackTrace();\n\t}\n\n\treturn employees;\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 108 }, "region": { "startLine": 121, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 118, "endLine": 124, "snippet": { "text": "\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error getting employees\");\n\t e.printStackTrace();\n\t}\n\n\treturn employees;\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 108 }, "region": { "startLine": 121 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 133, "message": { "text": "The function getLessonPlan() in [AbstractLesson.java](1) sometimes fails to release a system resource allocated by FileReader() on line 567.\r\nThe program can potentially fail to release a system resource." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 75 }, "region": { "startLine": 567, "snippet": { "text": "\t src = readFromFile(new BufferedReader(new FileReader(s" } }, "contextRegion": { "startLine": 564, "endLine": 570, "snippet": { "text": "\t{\n\t // System.out.println(\"Loading lesson plan file: \" +\n\t // getLessonPlanFileName());\n\t src = readFromFile(new BufferedReader(new FileReader(s\n\t\t .getWebResource(getLessonPlanFileName()))), false);\n\n\t}\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 75 }, "region": { "startLine": 567, "snippet": { "text": "\t src = readFromFile(new BufferedReader(new FileReader(s" } }, "contextRegion": { "startLine": 564, "endLine": 570, "snippet": { "text": "\t{\n\t // System.out.println(\"Loading lesson plan file: \" +\n\t // getLessonPlanFileName());\n\t src = readFromFile(new BufferedReader(new FileReader(s\n\t\t .getWebResource(getLessonPlanFileName()))), false);\n\n\t}\n" } } }, "message": { "text": "new FileReader(...)" }, "annotations": [ { "startLine": 567, "startColumn": 44, "message": { "text": " refers to an allocated resource" } } ] }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 75 }, "region": { "startLine": 567, "snippet": { "text": "\t src = readFromFile(new BufferedReader(new FileReader(s" } }, "contextRegion": { "startLine": 564, "endLine": 570, "snippet": { "text": "\t{\n\t // System.out.println(\"Loading lesson plan file: \" +\n\t // getLessonPlanFileName());\n\t src = readFromFile(new BufferedReader(new FileReader(s\n\t\t .getWebResource(getLessonPlanFileName()))), false);\n\n\t}\n" } } }, "message": { "text": "new BufferedReader(new java.io.FileReader())" }, "annotations": [ { "startLine": 567, "startColumn": 25, "message": { "text": " refers to an allocated resource" } } ] }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 75 }, "region": { "startLine": 567, "snippet": { "text": "\t src = readFromFile(new BufferedReader(new FileReader(s" } }, "contextRegion": { "startLine": 564, "endLine": 570, "snippet": { "text": "\t{\n\t // System.out.println(\"Loading lesson plan file: \" +\n\t // getLessonPlanFileName());\n\t src = readFromFile(new BufferedReader(new FileReader(s\n\t\t .getWebResource(getLessonPlanFileName()))), false);\n\n\t}\n" } } }, "message": { "text": "readFromFile(new java.io.BufferedReader(), ?)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 75 }, "region": { "startLine": 570, "snippet": { "text": "\t}" } }, "contextRegion": { "startLine": 567, "endLine": 573, "snippet": { "text": "\t src = readFromFile(new BufferedReader(new FileReader(s\n\t\t .getWebResource(getLessonPlanFileName()))), false);\n\n\t}\n\tcatch (Exception e)\n\t{\n\t // s.setMessage( \"Could not find lesson plan for \" +\n" } } }, "message": { "text": " no longer refers to an allocated resource" } }, "kinds": [ "exit", "scope" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 75 }, "region": { "startLine": 570, "snippet": { "text": "\t}" } }, "contextRegion": { "startLine": 567, "endLine": 573, "snippet": { "text": "\t src = readFromFile(new BufferedReader(new FileReader(s\n\t\t .getWebResource(getLessonPlanFileName()))), false);\n\n\t}\n\tcatch (Exception e)\n\t{\n\t // s.setMessage( \"Could not find lesson plan for \" +\n" } } }, "message": { "text": " no longer refers to an allocated resource" } }, "kinds": [ "exit", "scope" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 75 }, "region": { "startLine": 570, "snippet": { "text": "\t}" } }, "contextRegion": { "startLine": 567, "endLine": 573, "snippet": { "text": "\t src = readFromFile(new BufferedReader(new FileReader(s\n\t\t .getWebResource(getLessonPlanFileName()))), false);\n\n\t}\n\tcatch (Exception e)\n\t{\n\t // s.setMessage( \"Could not find lesson plan for \" +\n" } } }, "message": { "text": "end scope : Resource leaked" } }, "kinds": [ "exit", "scope" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 75 }, "region": { "startLine": 567 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 35, "message": { "text": "The method hashSHA() in [Encoding.java](1) can crash the program by dereferencing a null pointer on line [674](1).\r\nThe program can potentially dereference a null pointer, thereby causing a null pointer exception." }, "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 666, "snippet": { "text": "\t\t\tmd = MessageDigest.getInstance( \"SHA-256\" );" } }, "contextRegion": { "startLine": 663, "endLine": 669, "snippet": { "text": "\t\tMessageDigest md = null;\n\t\ttry\n\t\t{\n\t\t\tmd = MessageDigest.getInstance( \"SHA-256\" );\n\t\t\tmd.update( b );\n\t\t}\n\t\tcatch ( NoSuchAlgorithmException e )\n" } } }, "message": { "text": "java.security.NoSuchAlgorithmException thrown" }, "annotations": [ { "startLine": 674, "startColumn": 26, "message": { "text": "Dereferenced : md" } } ] }, "kinds": [ "unknown" ] } ] } ] } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 42, "message": { "text": "The method setSessionAttribute() in [DefaultLessonAction.java](1) commingles trusted and untrusted data in the same data structure, which encourages programmers to mistakenly trust unvalidated data.\r\nCommingling trusted and untrusted data in the same data structure encourages programmers to mistakenly trust unvalidated data." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 106 }, "region": { "startLine": 89, "snippet": { "text": "\t\ts.getRequest().getSession().setAttribute(name, value);" } }, "contextRegion": { "startLine": 86, "endLine": 92, "snippet": { "text": "\t\n\tpublic void setSessionAttribute(WebSession s, String name, Object value)\n\t{\n\t\ts.getRequest().getSession().setAttribute(name, value);\n\t}\n\t\n\tpublic void setRequestAttribute(WebSession s, String name, Object value)\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 67 }, { "index": 68 }, { "index": 69 }, { "index": 70 }, { "index": 76 }, { "index": 77 }, { "index": 729 }, { "index": 730 }, { "index": 731 }, { "index": 732 }, { "index": 805 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 106 }, "region": { "startLine": 89, "snippet": { "text": "\t\ts.getRequest().getSession().setAttribute(name, value);" } }, "contextRegion": { "startLine": 86, "endLine": 92, "snippet": { "text": "\t\n\tpublic void setSessionAttribute(WebSession s, String name, Object value)\n\t{\n\t\ts.getRequest().getSession().setAttribute(name, value);\n\t}\n\t\n\tpublic void setRequestAttribute(WebSession s, String name, Object value)\n" } } }, "message": { "text": "setAttribute(1)" } }, "kinds": [ "call", "function" ] } ] } ] }, { "threadFlows": [ { "locations": [ { "index": 67 }, { "index": 68 }, { "index": 69 }, { "index": 70 }, { "index": 76 }, { "index": 77 }, { "index": 807 }, { "index": 808 }, { "index": 809 }, { "index": 810 }, { "index": 811 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 106 }, "region": { "startLine": 89, "snippet": { "text": "\t\ts.getRequest().getSession().setAttribute(name, value);" } }, "contextRegion": { "startLine": 86, "endLine": 92, "snippet": { "text": "\t\n\tpublic void setSessionAttribute(WebSession s, String name, Object value)\n\t{\n\t\ts.getRequest().getSession().setAttribute(name, value);\n\t}\n\t\n\tpublic void setRequestAttribute(WebSession s, String name, Object value)\n" } } }, "message": { "text": "setAttribute(1)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 106 }, "region": { "startLine": 89, "startColumn": 50 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 17, "message": { "text": "The catch block at [SummaryReportCardScreen.java](1) line [99](1) handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program.\r\nThe catch block handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 133 }, "region": { "startLine": 99, "endLine": 102, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t e.printStackTrace();\r\n\t}" } }, "contextRegion": { "startLine": 96, "endLine": 105, "snippet": { "text": "\t\t}\n\t }\n\t}\n\tcatch (Exception e)\n\t{\n\t e.printStackTrace();\n\t}\n\n\tec.addElement(new Center().addElement(makeSummary(s)));\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 133 }, "region": { "startLine": 99, "endLine": 102, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t e.printStackTrace();\r\n\t}" } }, "contextRegion": { "startLine": 96, "endLine": 105, "snippet": { "text": "\t\t}\n\t }\n\t}\n\tcatch (Exception e)\n\t{\n\t e.printStackTrace();\n\t}\n\n\tec.addElement(new Center().addElement(makeSummary(s)));\n\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 133 }, "region": { "startLine": 99, "startColumn": 2, "endLine": 102 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 62, "level": "error", "message": { "text": "The method makeRow() in [Encoding.java](1) sends unvalidated data to a web browser on line [794](1), which can result in the browser executing malicious code.\r\nSending unvalidated data to a web browser can result in the browser executing malicious code." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 794, "snippet": { "text": "\t\tTD val2 = new TD().addElement( value2 ).setBgColor( \"#dddddd\" );" } }, "contextRegion": { "startLine": 791, "endLine": 797, "snippet": { "text": "\n\t\tTD desc = new TD().addElement( description ).setBgColor( \"#bbbbbb\" );\n\t\tTD val1 = new TD().addElement( value1 ).setBgColor( \"#dddddd\" );\n\t\tTD val2 = new TD().addElement( value2 ).setBgColor( \"#dddddd\" );\n\t\tTR tr = new TR();\n\n\t\ttr.addElement( desc );\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 0 }, { "index": 2 }, { "index": 3 }, { "index": 7 }, { "index": 10 }, { "index": 737 }, { "index": 738 }, { "index": 781 }, { "index": 787 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 794, "snippet": { "text": "\t\tTD val2 = new TD().addElement( value2 ).setBgColor( \"#dddddd\" );" } }, "contextRegion": { "startLine": 791, "endLine": 797, "snippet": { "text": "\n\t\tTD desc = new TD().addElement( description ).setBgColor( \"#bbbbbb\" );\n\t\tTD val1 = new TD().addElement( value1 ).setBgColor( \"#dddddd\" );\n\t\tTD val2 = new TD().addElement( value2 ).setBgColor( \"#dddddd\" );\n\t\tTR tr = new TR();\n\n\t\ttr.addElement( desc );\n" } } }, "message": { "text": "addElement(0)" } }, "kinds": [ "call", "function" ] } ] } ] }, { "threadFlows": [ { "locations": [ { "index": 0 }, { "index": 2 }, { "index": 3 }, { "index": 7 }, { "index": 10 }, { "index": 737 }, { "index": 738 }, { "index": 788 }, { "index": 804 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 794, "snippet": { "text": "\t\tTD val2 = new TD().addElement( value2 ).setBgColor( \"#dddddd\" );" } }, "contextRegion": { "startLine": 791, "endLine": 797, "snippet": { "text": "\n\t\tTD desc = new TD().addElement( description ).setBgColor( \"#bbbbbb\" );\n\t\tTD val1 = new TD().addElement( value1 ).setBgColor( \"#dddddd\" );\n\t\tTD val2 = new TD().addElement( value2 ).setBgColor( \"#dddddd\" );\n\t\tTR tr = new TR();\n\n\t\ttr.addElement( desc );\n" } } }, "message": { "text": "addElement(0)" } }, "kinds": [ "call", "function" ] } ] } ] }, { "threadFlows": [ { "locations": [ { "index": 0 }, { "index": 2 }, { "index": 3 }, { "index": 7 }, { "index": 10 }, { "index": 737 }, { "index": 738 }, { "index": 806 }, { "index": 806 }, { "index": 814 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 794, "snippet": { "text": "\t\tTD val2 = new TD().addElement( value2 ).setBgColor( \"#dddddd\" );" } }, "contextRegion": { "startLine": 791, "endLine": 797, "snippet": { "text": "\n\t\tTD desc = new TD().addElement( description ).setBgColor( \"#bbbbbb\" );\n\t\tTD val1 = new TD().addElement( value1 ).setBgColor( \"#dddddd\" );\n\t\tTD val2 = new TD().addElement( value2 ).setBgColor( \"#dddddd\" );\n\t\tTR tr = new TR();\n\n\t\ttr.addElement( desc );\n" } } }, "message": { "text": "addElement(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 794, "startColumn": 34 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function handleRequest() in [Logout.java](1) might reveal system data or debugging information by calling printStackTrace() on line [76](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 9 }, "region": { "startLine": 76, "snippet": { "text": "\t ue2.printStackTrace();" } }, "contextRegion": { "startLine": 73, "endLine": 79, "snippet": { "text": "\tcatch (UnauthorizedException ue2)\n\t{\n\t System.out.println(\"Internal server error\");\n\t ue2.printStackTrace();\n\t}\n\n }\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 9 }, "region": { "startLine": 76, "snippet": { "text": "\t ue2.printStackTrace();" } }, "contextRegion": { "startLine": 73, "endLine": 79, "snippet": { "text": "\tcatch (UnauthorizedException ue2)\n\t{\n\t System.out.println(\"Internal server error\");\n\t ue2.printStackTrace();\n\t}\n\n }\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 9 }, "region": { "startLine": 76 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function doChangeEmployeeProfile_BACKUP() in [UpdateProfile.java](1) might reveal system data or debugging information by calling printStackTrace() on line [302](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 302, "snippet": { "text": "\t\tsqle.printStackTrace();" } }, "contextRegion": { "startLine": 299, "endLine": 305, "snippet": { "text": "\t catch (SQLException sqle)\n\t {\n\t\ts.setMessage(\"Error updating employee profile\");\n\t\tsqle.printStackTrace();\n\t }\n\n\t}\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 302, "snippet": { "text": "\t\tsqle.printStackTrace();" } }, "contextRegion": { "startLine": 299, "endLine": 305, "snippet": { "text": "\t catch (SQLException sqle)\n\t {\n\t\ts.setMessage(\"Error updating employee profile\");\n\t\tsqle.printStackTrace();\n\t }\n\n\t}\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 302 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function login() in [Login.java](1) might reveal system data or debugging information by calling printStackTrace() on line [162](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 88 }, "region": { "startLine": 162, "snippet": { "text": "\t\tsqle.printStackTrace();" } }, "contextRegion": { "startLine": 159, "endLine": 165, "snippet": { "text": "\t catch (SQLException sqle)\n\t {\n\t\ts.setMessage(\"Error logging in\");\n\t\tsqle.printStackTrace();\n\t }\n\t}\n\tcatch (Exception e)\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 88 }, "region": { "startLine": 162, "snippet": { "text": "\t\tsqle.printStackTrace();" } }, "contextRegion": { "startLine": 159, "endLine": 165, "snippet": { "text": "\t catch (SQLException sqle)\n\t {\n\t\ts.setMessage(\"Error logging in\");\n\t\tsqle.printStackTrace();\n\t }\n\t}\n\tcatch (Exception e)\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 88 }, "region": { "startLine": 162 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function createContent() in [Encoding.java](1) might reveal system data or debugging information by calling printStackTrace() on line [459](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 459, "snippet": { "text": "\t\t\te.printStackTrace();" } }, "contextRegion": { "startLine": 456, "endLine": 462, "snippet": { "text": "\n\t\t\ts.setMessage( \"Error generating \" + this.getClass().getName() );\n\n\t\t\te.printStackTrace();\n\n\t\t}\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 459, "snippet": { "text": "\t\t\te.printStackTrace();" } }, "contextRegion": { "startLine": 456, "endLine": 462, "snippet": { "text": "\n\t\t\ts.setMessage( \"Error generating \" + this.getClass().getName() );\n\n\t\t\te.printStackTrace();\n\n\t\t}\n\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 459 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 108, "level": "error", "message": { "text": "The method ParameterNotFoundException() in [ParameterNotFoundException.java](1) mishandles confidential information, which can compromise user privacy and is often illegal.\r\nMishandling private information, such as customer passwords or social security numbers, can compromise user privacy and is often illegal." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 77 }, "region": { "startLine": 54, "snippet": { "text": "\tsuper(s);" } }, "contextRegion": { "startLine": 51, "endLine": 57, "snippet": { "text": " */\n public ParameterNotFoundException(String s)\n {\n\tsuper(s);\n }\n}\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 1 }, { "index": 8 }, { "index": 9 }, { "index": 164 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 77 }, "region": { "startLine": 54, "snippet": { "text": "\tsuper(s);" } }, "contextRegion": { "startLine": 51, "endLine": 57, "snippet": { "text": " */\n public ParameterNotFoundException(String s)\n {\n\tsuper(s);\n }\n}\n" } } }, "message": { "text": "Exception(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 77 }, "region": { "startLine": 54, "startColumn": 8 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 26, "message": { "text": "A constructor of ErrorScreen in [ErrorScreen.java](1) at line [78](1) calls a function that can be overridden by an attacker.\r\nA constructor of the class calls a function that can be overridden." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 43 }, "region": { "startLine": 78, "snippet": { "text": "\t\tfixCurrentScreen( s );" } }, "contextRegion": { "startLine": 75, "endLine": 81, "snippet": { "text": "\tpublic ErrorScreen( WebSession s, Throwable t )\n\t{\n\t\tthis.error = t;\n\t\tfixCurrentScreen( s );\n\t\tsetup( s );\n\t}\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 43 }, "region": { "startLine": 78, "snippet": { "text": "\t\tfixCurrentScreen( s );" } }, "contextRegion": { "startLine": 75, "endLine": 81, "snippet": { "text": "\tpublic ErrorScreen( WebSession s, Throwable t )\n\t{\n\t\tthis.error = t;\n\t\tfixCurrentScreen( s );\n\t\tsetup( s );\n\t}\n\n" } } }, "message": { "text": "FunctionCall: fixCurrentScreen" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 43 }, "region": { "startLine": 75, "snippet": { "text": "\tpublic ErrorScreen( WebSession s, Throwable t )" } }, "contextRegion": { "startLine": 72, "endLine": 78, "snippet": { "text": "\t * @param s Description of the Parameter\n\t * @param t Description of the Parameter\n\t */\n\tpublic ErrorScreen( WebSession s, Throwable t )\n\t{\n\t\tthis.error = t;\n\t\tfixCurrentScreen( s );\n" } } }, "message": { "text": "Function: ErrorScreen" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 43 }, "region": { "startLine": 97, "snippet": { "text": "\tpublic void fixCurrentScreen( WebSession s )" } }, "contextRegion": { "startLine": 94, "endLine": 100, "snippet": { "text": "\t}\n\n\n\tpublic void fixCurrentScreen( WebSession s )\n\t{\n\t\t// So the user can't get stuck on the error screen, reset the\n\t\t// current screen to something known\n" } } }, "message": { "text": "Function: fixCurrentScreen" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 43 }, "region": { "startLine": 78 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 26, "message": { "text": "A constructor of ErrorScreen in [ErrorScreen.java](1) at line [79](1) calls a function that can be overridden by an attacker.\r\nA constructor of the class calls a function that can be overridden." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 43 }, "region": { "startLine": 79, "snippet": { "text": "\t\tsetup( s );" } }, "contextRegion": { "startLine": 76, "endLine": 82, "snippet": { "text": "\t{\n\t\tthis.error = t;\n\t\tfixCurrentScreen( s );\n\t\tsetup( s );\n\t}\n\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 43 }, "region": { "startLine": 79, "snippet": { "text": "\t\tsetup( s );" } }, "contextRegion": { "startLine": 76, "endLine": 82, "snippet": { "text": "\t{\n\t\tthis.error = t;\n\t\tfixCurrentScreen( s );\n\t\tsetup( s );\n\t}\n\n\n" } } }, "message": { "text": "FunctionCall: setup" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 43 }, "region": { "startLine": 75, "snippet": { "text": "\tpublic ErrorScreen( WebSession s, Throwable t )" } }, "contextRegion": { "startLine": 72, "endLine": 78, "snippet": { "text": "\t * @param s Description of the Parameter\n\t * @param t Description of the Parameter\n\t */\n\tpublic ErrorScreen( WebSession s, Throwable t )\n\t{\n\t\tthis.error = t;\n\t\tfixCurrentScreen( s );\n" } } }, "message": { "text": "Function: ErrorScreen" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 43 }, "region": { "startLine": 115, "snippet": { "text": "\tpublic void setup( WebSession s )" } }, "contextRegion": { "startLine": 112, "endLine": 118, "snippet": { "text": "\t}\n\n\t\n\tpublic void setup( WebSession s )\n\t{\n\t\t// call createContent first so messages will go somewhere\n\n" } } }, "message": { "text": "Function: setup" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 43 }, "region": { "startLine": 79 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 64, "message": { "text": "Hardcoded passwords may compromise system security in a way that cannot be easily remedied." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 128 }, "region": { "startLine": 68, "snippet": { "text": " protected final static String PASSWORD = \"Password\";" } }, "contextRegion": { "startLine": 65, "endLine": 71, "snippet": { "text": " /**\n * Description of the Field\n */\n protected final static String PASSWORD = \"Password\";\n\n /**\n * Description of the Field\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 128 }, "region": { "startLine": 68, "snippet": { "text": " protected final static String PASSWORD = \"Password\";" } }, "contextRegion": { "startLine": 65, "endLine": 71, "snippet": { "text": " /**\n * Description of the Field\n */\n protected final static String PASSWORD = \"Password\";\n\n /**\n * Description of the Field\n" } } }, "message": { "text": "FieldAccess: PASSWORD" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 128 }, "region": { "startLine": 68, "snippet": { "text": " protected final static String PASSWORD = \"Password\";" } }, "contextRegion": { "startLine": 65, "endLine": 71, "snippet": { "text": " /**\n * Description of the Field\n */\n protected final static String PASSWORD = \"Password\";\n\n /**\n * Description of the Field\n" } } }, "message": { "text": "Field: PASSWORD" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 128 }, "region": { "startLine": 68 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function getStackTrace() in [ErrorScreen.java](1) might reveal system data or debugging information by calling printStackTrace() on line [258](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 43 }, "region": { "startLine": 258, "snippet": { "text": "\t\tt.printStackTrace( writer );" } }, "contextRegion": { "startLine": 255, "endLine": 261, "snippet": { "text": "\t{\n\t\tByteArrayOutputStream bytes = new ByteArrayOutputStream();\n\t\tPrintWriter writer = new PrintWriter( bytes, true );\n\t\tt.printStackTrace( writer );\n\n\t\treturn ( bytes.toString() );\n\t}\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 43 }, "region": { "startLine": 258, "snippet": { "text": "\t\tt.printStackTrace( writer );" } }, "contextRegion": { "startLine": 255, "endLine": 261, "snippet": { "text": "\t{\n\t\tByteArrayOutputStream bytes = new ByteArrayOutputStream();\n\t\tPrintWriter writer = new PrintWriter( bytes, true );\n\t\tt.printStackTrace( writer );\n\n\t\treturn ( bytes.toString() );\n\t}\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 43 }, "region": { "startLine": 258 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 77, "level": "note", "message": { "text": "The method foundEmployee() in [FindProfile.java](1) ignores an exception on line [118](1), which could cause the program to overlook unexpected states and conditions.\r\nIgnoring an exception can cause the program to overlook unexpected states and conditions." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 93 }, "region": { "startLine": 118, "endLine": 119, "snippet": { "text": "\tcatch (ParameterNotFoundException e)\r\n\t{}" } }, "contextRegion": { "startLine": 115, "endLine": 122, "snippet": { "text": "\t\t + RoleBasedAccessControl.EMPLOYEE_ID);\n\t found = true;\n\t}\n\tcatch (ParameterNotFoundException e)\n\t{}\n\n\treturn found;\n }\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 93 }, "region": { "startLine": 118, "endLine": 119, "snippet": { "text": "\tcatch (ParameterNotFoundException e)\r\n\t{}" } }, "contextRegion": { "startLine": 115, "endLine": 122, "snippet": { "text": "\t\t + RoleBasedAccessControl.EMPLOYEE_ID);\n\t found = true;\n\t}\n\tcatch (ParameterNotFoundException e)\n\t{}\n\n\treturn found;\n }\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 93 }, "region": { "startLine": 118, "startColumn": 2, "endLine": 119 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 12, "level": "note", "message": { "text": "On line [181](1) of [CSRF.java](1), the method makeList() invokes a SQL query built using input potentially coming from an untrusted source. This call could allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands.\r\nConstructing a dynamic SQL statement with input coming from an untrusted source could allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 103 }, "region": { "startLine": 181, "snippet": { "text": "\t\t\tResultSet results = statement.executeQuery( STANDARD_QUERY + \" WHERE user_name LIKE '\" + getNameroot( s.getUserName() ) + \"%'\" );" } }, "contextRegion": { "startLine": 178, "endLine": 184, "snippet": { "text": "\n\t\t\tStatement statement = connection.createStatement( ResultSet.TYPE_SCROLL_INSENSITIVE, ResultSet.CONCUR_READ_ONLY );\n\t\t\t\n\t\t\tResultSet results = statement.executeQuery( STANDARD_QUERY + \" WHERE user_name LIKE '\" + getNameroot( s.getUserName() ) + \"%'\" );\n\n\t\t\tif ( ( results != null ) && ( results.first() == true ) )\n\t\t\t{\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 103 }, "region": { "startLine": 181, "snippet": { "text": "\t\t\tResultSet results = statement.executeQuery( STANDARD_QUERY + \" WHERE user_name LIKE '\" + getNameroot( s.getUserName() ) + \"%'\" );" } }, "contextRegion": { "startLine": 178, "endLine": 184, "snippet": { "text": "\n\t\t\tStatement statement = connection.createStatement( ResultSet.TYPE_SCROLL_INSENSITIVE, ResultSet.CONCUR_READ_ONLY );\n\t\t\t\n\t\t\tResultSet results = statement.executeQuery( STANDARD_QUERY + \" WHERE user_name LIKE '\" + getNameroot( s.getUserName() ) + \"%'\" );\n\n\t\t\tif ( ( results != null ) && ( results.first() == true ) )\n\t\t\t{\n" } } }, "message": { "text": "executeQuery()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 103 }, "region": { "startLine": 181 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function changeEmployeeProfile() in [UpdateProfile.java](1) might reveal system data or debugging information by calling printStackTrace() on line [188](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 101 }, "region": { "startLine": 188, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 185, "endLine": 191, "snippet": { "text": "\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error updating employee profile\");\n\t e.printStackTrace();\n\t}\n }\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 101 }, "region": { "startLine": 188, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 185, "endLine": 191, "snippet": { "text": "\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error updating employee profile\");\n\t e.printStackTrace();\n\t}\n }\n\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 101 }, "region": { "startLine": 188 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 33, "level": "note", "message": { "text": "Using println() rather than a dedicated logging facility makes it difficult to monitor the behavior of the program.\r\nUsing `System.out` or `System.err` rather than a dedicated logging facility makes it difficult to monitor the behavior of the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 70 }, "region": { "startLine": 343, "snippet": { "text": "\t System.out.println(\"Exception caught: \" + e);" } }, "contextRegion": { "startLine": 340, "endLine": 346, "snippet": { "text": "\t}\n\tcatch (Exception e)\n\t{\n\t System.out.println(\"Exception caught: \" + e);\n\t e.printStackTrace(System.out);\n\t}\n }\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 70 }, "region": { "startLine": 343, "snippet": { "text": "\t System.out.println(\"Exception caught: \" + e);" } }, "contextRegion": { "startLine": 340, "endLine": 346, "snippet": { "text": "\t}\n\tcatch (Exception e)\n\t{\n\t System.out.println(\"Exception caught: \" + e);\n\t e.printStackTrace(System.out);\n\t}\n }\n" } } }, "message": { "text": "FunctionCall: println" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 70 }, "region": { "startLine": 343 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 77, "level": "note", "message": { "text": "The method makeLogin() in [WeakSessionID.java](1) ignores an exception on line [234](1), which could cause the program to overlook unexpected states and conditions.\r\nIgnoring an exception can cause the program to overlook unexpected states and conditions." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 128 }, "region": { "startLine": 234, "endLine": 235, "snippet": { "text": "\tcatch (ParameterNotFoundException pnfe)\r\n\t{}" } }, "contextRegion": { "startLine": 231, "endLine": 238, "snippet": { "text": "\t{\n\t password = s.getParser().getStringParameter(PASSWORD);\n\t}\n\tcatch (ParameterNotFoundException pnfe)\n\t{}\n\n\tif (username != null || password != null)\n\t{\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 128 }, "region": { "startLine": 234, "endLine": 235, "snippet": { "text": "\tcatch (ParameterNotFoundException pnfe)\r\n\t{}" } }, "contextRegion": { "startLine": 231, "endLine": 238, "snippet": { "text": "\t{\n\t password = s.getParser().getStringParameter(PASSWORD);\n\t}\n\tcatch (ParameterNotFoundException pnfe)\n\t{}\n\n\tif (username != null || password != null)\n\t{\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 128 }, "region": { "startLine": 234, "startColumn": 2, "endLine": 235 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 77, "level": "note", "message": { "text": "The method makeLogin() in [WeakSessionID.java](1) ignores an exception on line [228](1), which could cause the program to overlook unexpected states and conditions.\r\nIgnoring an exception can cause the program to overlook unexpected states and conditions." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 128 }, "region": { "startLine": 228, "endLine": 229, "snippet": { "text": "\tcatch (ParameterNotFoundException pnfe)\r\n\t{}" } }, "contextRegion": { "startLine": 225, "endLine": 232, "snippet": { "text": "\t{\n\t username = s.getParser().getStringParameter(USERNAME);\n\t}\n\tcatch (ParameterNotFoundException pnfe)\n\t{}\n\ttry\n\t{\n\t password = s.getParser().getStringParameter(PASSWORD);\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 128 }, "region": { "startLine": 228, "endLine": 229, "snippet": { "text": "\tcatch (ParameterNotFoundException pnfe)\r\n\t{}" } }, "contextRegion": { "startLine": 225, "endLine": 232, "snippet": { "text": "\t{\n\t username = s.getParser().getStringParameter(USERNAME);\n\t}\n\tcatch (ParameterNotFoundException pnfe)\n\t{}\n\ttry\n\t{\n\t password = s.getParser().getStringParameter(PASSWORD);\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 128 }, "region": { "startLine": 228, "startColumn": 2, "endLine": 229 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 99, "message": { "text": "Without proper access control, the method findEmployeeProfile() in [FindProfile.java](1) can execute a SQL statement on line [176](1) that contains an attacker-controlled primary key, thereby allowing the attacker to access unauthorized records.\r\nWithout proper access control, executing a SQL statement that contains a user-controlled primary key can allow an attacker to view unauthorized records." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 51 }, "region": { "startLine": 176, "snippet": { "text": "\t\tanswer_statement.setString(1, \"%\" + pattern + \"%\");" } }, "contextRegion": { "startLine": 173, "endLine": 179, "snippet": { "text": "\t\t\t.getConnection(s).prepareStatement(query,\n\t\t\t\tResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tanswer_statement.setString(1, \"%\" + pattern + \"%\");\n\t\tanswer_statement.setString(2, \"%\" + pattern + \"%\");\n\t\tResultSet answer_results = answer_statement.executeQuery();\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 0 }, { "index": 2 }, { "index": 3 }, { "index": 815 }, { "index": 816 }, { "index": 817 }, { "index": 818 }, { "index": 819 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 51 }, "region": { "startLine": 176, "snippet": { "text": "\t\tanswer_statement.setString(1, \"%\" + pattern + \"%\");" } }, "contextRegion": { "startLine": 173, "endLine": 179, "snippet": { "text": "\t\t\t.getConnection(s).prepareStatement(query,\n\t\t\t\tResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tanswer_statement.setString(1, \"%\" + pattern + \"%\");\n\t\tanswer_statement.setString(2, \"%\" + pattern + \"%\");\n\t\tResultSet answer_results = answer_statement.executeQuery();\n\n" } } }, "message": { "text": "setString(1)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 51 }, "region": { "startLine": 176 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function handleRequest() in [RoleBasedAccessControl.java](1) might reveal system data or debugging information by calling printStackTrace() on line [358](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 358, "snippet": { "text": "\t ue2.printStackTrace();" } }, "contextRegion": { "startLine": 355, "endLine": 361, "snippet": { "text": "\t s.setMessage(\"You are not authorized to perform this function\");\n\t System.out.println(\"Authorization failure\");\n\t setCurrentAction(s, ERROR_ACTION);\n\t ue2.printStackTrace();\n\t}\n\tcatch (Exception e)\n\t{\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 358, "snippet": { "text": "\t ue2.printStackTrace();" } }, "contextRegion": { "startLine": 355, "endLine": 361, "snippet": { "text": "\t s.setMessage(\"You are not authorized to perform this function\");\n\t System.out.println(\"Authorization failure\");\n\t setCurrentAction(s, ERROR_ACTION);\n\t ue2.printStackTrace();\n\t}\n\tcatch (Exception e)\n\t{\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 358 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 17, "message": { "text": "The catch block at [ViewProfile.java](1) line [203](1) handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program.\r\nThe catch block handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 53 }, "region": { "startLine": 203, "endLine": 207, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t s.setMessage(\"Error getting employee profile\");\r\n\t e.printStackTrace();\r\n\t}" } }, "contextRegion": { "startLine": 200, "endLine": 210, "snippet": { "text": "\t\tsqle.printStackTrace();\n\t }\n\t}\n\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error getting employee profile\");\n\t e.printStackTrace();\n\t}\n\n\treturn profile;\n }\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 53 }, "region": { "startLine": 203, "endLine": 207, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t s.setMessage(\"Error getting employee profile\");\r\n\t e.printStackTrace();\r\n\t}" } }, "contextRegion": { "startLine": 200, "endLine": 210, "snippet": { "text": "\t\tsqle.printStackTrace();\n\t }\n\t}\n\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error getting employee profile\");\n\t e.printStackTrace();\n\t}\n\n\treturn profile;\n }\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 53 }, "region": { "startLine": 203, "startColumn": 2, "endLine": 207 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function makeConnection() in [DatabaseUtilities.java](1) might reveal system data or debugging information by calling printStackTrace() on line [110](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 17 }, "region": { "startLine": 110, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 107, "endLine": 113, "snippet": { "text": "\t}\n\tcatch (Exception e)\n\t{\n\t e.printStackTrace();\n\t return null;\n\t}\n }\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 17 }, "region": { "startLine": 110, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 107, "endLine": 113, "snippet": { "text": "\t}\n\tcatch (Exception e)\n\t{\n\t e.printStackTrace();\n\t return null;\n\t}\n }\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 17 }, "region": { "startLine": 110 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 49, "level": "note", "message": { "text": "The function handleRequest() in [ThreadSafetyProblem.java](1) might reveal system data or debugging information by calling println() on line [216](1). The information revealed by println() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 12 }, "region": { "startLine": 216, "snippet": { "text": "\t System.out.println(\"Exception caught: \" + e);" } }, "contextRegion": { "startLine": 213, "endLine": 219, "snippet": { "text": "\t}\n\tcatch (Exception e)\n\t{\n\t System.out.println(\"Exception caught: \" + e);\n\t e.printStackTrace(System.out);\n\t}\n }\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 820 }, { "index": 821 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 12 }, "region": { "startLine": 216, "snippet": { "text": "\t System.out.println(\"Exception caught: \" + e);" } }, "contextRegion": { "startLine": 213, "endLine": 219, "snippet": { "text": "\t}\n\tcatch (Exception e)\n\t{\n\t System.out.println(\"Exception caught: \" + e);\n\t e.printStackTrace(System.out);\n\t}\n }\n" } } }, "message": { "text": "println(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 12 }, "region": { "startLine": 216 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function handleRequest() in [CrossSiteScripting.java](1) might reveal system data or debugging information by calling printStackTrace() on line [360](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 125 }, "region": { "startLine": 360, "snippet": { "text": "\t\tpnfe.printStackTrace();" } }, "contextRegion": { "startLine": 357, "endLine": 363, "snippet": { "text": "\t catch (ParameterNotFoundException pnfe)\n\t {\n\t\tSystem.out.println(\"Missing parameter\");\n\t\tpnfe.printStackTrace();\n\t\tsetCurrentAction(s, ERROR_ACTION);\n\t }\n\t catch (ValidationException ve)\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 125 }, "region": { "startLine": 360, "snippet": { "text": "\t\tpnfe.printStackTrace();" } }, "contextRegion": { "startLine": 357, "endLine": 363, "snippet": { "text": "\t catch (ParameterNotFoundException pnfe)\n\t {\n\t\tSystem.out.println(\"Missing parameter\");\n\t\tpnfe.printStackTrace();\n\t\tsetCurrentAction(s, ERROR_ACTION);\n\t }\n\t catch (ValidationException ve)\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 125 }, "region": { "startLine": 360 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 64, "message": { "text": "Hardcoded passwords may compromise system security in a way that cannot be easily remedied." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 45 }, "region": { "startLine": 64, "snippet": { "text": " protected final static String PASSWORD = \"Password\";" } }, "contextRegion": { "startLine": 61, "endLine": 67, "snippet": { "text": " /**\n * Description of the Field\n */\n protected final static String PASSWORD = \"Password\";\n\n /**\n * Description of the Field\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 45 }, "region": { "startLine": 64, "snippet": { "text": " protected final static String PASSWORD = \"Password\";" } }, "contextRegion": { "startLine": 61, "endLine": 67, "snippet": { "text": " /**\n * Description of the Field\n */\n protected final static String PASSWORD = \"Password\";\n\n /**\n * Description of the Field\n" } } }, "message": { "text": "FieldAccess: PASSWORD" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 45 }, "region": { "startLine": 64, "snippet": { "text": " protected final static String PASSWORD = \"Password\";" } }, "contextRegion": { "startLine": 61, "endLine": 67, "snippet": { "text": " /**\n * Description of the Field\n */\n protected final static String PASSWORD = \"Password\";\n\n /**\n * Description of the Field\n" } } }, "message": { "text": "Field: PASSWORD" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 45 }, "region": { "startLine": 64 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function createUserDataTable() in [CreateDB.java](1) might reveal system data or debugging information by calling printStackTrace() on line [307](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 40 }, "region": { "startLine": 307, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 304, "endLine": 310, "snippet": { "text": "\tcatch (SQLException e)\n\t{\n\t System.out.println(\"Error creating user database\");\n\t e.printStackTrace();\n\t}\n\n\t// Populate it\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 40 }, "region": { "startLine": 307, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 304, "endLine": 310, "snippet": { "text": "\tcatch (SQLException e)\n\t{\n\t System.out.println(\"Error creating user database\");\n\t e.printStackTrace();\n\t}\n\n\t// Populate it\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 40 }, "region": { "startLine": 307 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function getAllEmployees_BACKUP() in [ListStaff.java](1) might reveal system data or debugging information by calling printStackTrace() on line [163](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 104 }, "region": { "startLine": 163, "snippet": { "text": "\t\tsqle.printStackTrace();" } }, "contextRegion": { "startLine": 160, "endLine": 166, "snippet": { "text": "\t catch (SQLException sqle)\n\t {\n\t\ts.setMessage(\"Error getting employees\");\n\t\tsqle.printStackTrace();\n\t }\n\t}\n\tcatch (Exception e)\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 104 }, "region": { "startLine": 163, "snippet": { "text": "\t\tsqle.printStackTrace();" } }, "contextRegion": { "startLine": 160, "endLine": 166, "snippet": { "text": "\t catch (SQLException sqle)\n\t {\n\t\ts.setMessage(\"Error getting employees\");\n\t\tsqle.printStackTrace();\n\t }\n\t}\n\tcatch (Exception e)\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 104 }, "region": { "startLine": 163 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function handleRequest() in [UpdateProfile.java](1) might reveal system data or debugging information by calling printStackTrace() on line [130](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 101 }, "region": { "startLine": 130, "snippet": { "text": "\t\tue2.printStackTrace();" } }, "contextRegion": { "startLine": 127, "endLine": 133, "snippet": { "text": "\t catch (UnauthorizedException ue2)\n\t {\n\t\tSystem.out.println(\"Internal server error\");\n\t\tue2.printStackTrace();\n\t }\n\t}\n\telse\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 101 }, "region": { "startLine": 130, "snippet": { "text": "\t\tue2.printStackTrace();" } }, "contextRegion": { "startLine": 127, "endLine": 133, "snippet": { "text": "\t catch (UnauthorizedException ue2)\n\t {\n\t\tSystem.out.println(\"Internal server error\");\n\t\tue2.printStackTrace();\n\t }\n\t}\n\telse\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 101 }, "region": { "startLine": 130 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 95, "level": "error", "message": { "text": "Without proper access control, the method deleteEmployeeProfile() in [DeleteProfile.java](1) can execute a SQL statement on line [115](1) that contains an attacker-controlled primary key, thereby allowing the attacker to access unauthorized records.\r\nWithout proper access control, executing a SQL statement that contains a user-controlled primary key can allow an attacker to view unauthorized records." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 73 }, "region": { "startLine": 115, "snippet": { "text": "\t\tstatement.executeUpdate(query);" } }, "contextRegion": { "startLine": 112, "endLine": 118, "snippet": { "text": "\t\tStatement statement = WebSession.getConnection(s)\n\t\t\t.createStatement(ResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tstatement.executeUpdate(query);\n\t }\n\t catch (SQLException sqle)\n\t {\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 67 }, { "index": 68 }, { "index": 69 }, { "index": 70 }, { "index": 76 }, { "index": 77 }, { "index": 78 }, { "index": 79 }, { "index": 80 }, { "index": 822 }, { "index": 82 }, { "index": 823 }, { "index": 824 }, { "index": 825 }, { "index": 826 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 73 }, "region": { "startLine": 115, "snippet": { "text": "\t\tstatement.executeUpdate(query);" } }, "contextRegion": { "startLine": 112, "endLine": 118, "snippet": { "text": "\t\tStatement statement = WebSession.getConnection(s)\n\t\t\t.createStatement(ResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tstatement.executeUpdate(query);\n\t }\n\t catch (SQLException sqle)\n\t {\n" } } }, "message": { "text": "executeUpdate(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 73 }, "region": { "startLine": 115, "startColumn": 27 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function createCustomCookieValue() in [HttpOnly.java](1) might reveal system data or debugging information by calling printStackTrace() on line [183](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 11 }, "region": { "startLine": 183, "snippet": { "text": "\t\t\te.printStackTrace();" } }, "contextRegion": { "startLine": 180, "endLine": 186, "snippet": { "text": "\t\t\toriginal = value;\n\t\t\t\n\t\t} catch (Exception e) {\n\t\t\te.printStackTrace();\n\t\t}\n\t\t\n\t\treturn value;\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 11 }, "region": { "startLine": 183, "snippet": { "text": "\t\t\te.printStackTrace();" } }, "contextRegion": { "startLine": 180, "endLine": 186, "snippet": { "text": "\t\t\toriginal = value;\n\t\t\t\n\t\t} catch (Exception e) {\n\t\t\te.printStackTrace();\n\t\t}\n\t\t\n\t\treturn value;\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 11 }, "region": { "startLine": 183 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 111, "message": { "text": "The call to readLine() at [AbstractLesson.java](1) line [380](1) might allow an attacker to crash the program or otherwise make it unavailable to legitimate users.\r\nAn attacker could cause the program to crash or otherwise become unavailable to legitimate users." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 75 }, "region": { "startLine": 380, "snippet": { "text": "\t while ((line = reader.readLine()) != null)" } }, "contextRegion": { "startLine": 377, "endLine": 383, "snippet": { "text": "\t{\n\t String line;\n\n\t while ((line = reader.readLine()) != null)\n\t {\n\t\tif ((line.indexOf(methodName) != -1)\n\t\t\t&& ((line.indexOf(\"public\") != -1)\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 75 }, "region": { "startLine": 380, "snippet": { "text": "\t while ((line = reader.readLine()) != null)" } }, "contextRegion": { "startLine": 377, "endLine": 383, "snippet": { "text": "\t{\n\t String line;\n\n\t while ((line = reader.readLine()) != null)\n\t {\n\t\tif ((line.indexOf(methodName) != -1)\n\t\t\t&& ((line.indexOf(\"public\") != -1)\n" } } }, "message": { "text": "readLine()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 75 }, "region": { "startLine": 380 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function injectableQuery() in [SqlNumericInjection.java](1) might reveal system data or debugging information by calling printStackTrace() on line [162](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 65 }, "region": { "startLine": 162, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 159, "endLine": 165, "snippet": { "text": "\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\n\t e.printStackTrace();\n\t}\n\n\treturn (ec);\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 65 }, "region": { "startLine": 162, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 159, "endLine": 165, "snippet": { "text": "\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\n\t e.printStackTrace();\n\t}\n\n\treturn (ec);\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 65 }, "region": { "startLine": 162 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 100, "message": { "text": "The servlet HammerHead fails to catch all exceptions in doPost(). If a Servlet fails to catch all exceptions, it might reveal debugging information that will help an adversary form a plan of attack.\r\nIf a Servlet fails to catch all exceptions, it might reveal debugging information that will help an adversary form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 119, "snippet": { "text": " public void doPost(HttpServletRequest request, HttpServletResponse response)" } }, "contextRegion": { "startLine": 116, "endLine": 122, "snippet": { "text": " * @exception ServletException\n * Description of the Exception\n */\n public void doPost(HttpServletRequest request, HttpServletResponse response)\n\t throws IOException, ServletException\n {\n\tScreen screen = null;\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 119, "snippet": { "text": " public void doPost(HttpServletRequest request, HttpServletResponse response)" } }, "contextRegion": { "startLine": 116, "endLine": 122, "snippet": { "text": " * @exception ServletException\n * Description of the Exception\n */\n public void doPost(HttpServletRequest request, HttpServletResponse response)\n\t throws IOException, ServletException\n {\n\tScreen screen = null;\n" } } }, "message": { "text": "Function: doPost" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 119 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 24, "level": "error", "message": { "text": "The method concept1() in [BackDoors.java](1) sends unvalidated data to a web browser on line [127](1), which can result in the browser executing malicious code.\r\nSending unvalidated data to a web browser can result in the browser executing malicious code." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 110 }, "region": { "startLine": 127, "snippet": { "text": "\t\t tr.addElement(new TD(rs.getString(\"ssn\")));" } }, "contextRegion": { "startLine": 124, "endLine": 130, "snippet": { "text": "\t\t tr = new TR();\n\t\t tr.addElement(new TD(rs.getString(\"userid\")));\n\t\t tr.addElement(new TD(rs.getString(\"password\")));\n\t\t tr.addElement(new TD(rs.getString(\"ssn\")));\n\t\t tr.addElement(new TD(rs.getString(\"salary\")));\n\t\t t.addElement(tr);\n\t\t ec.addElement(t);\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 438 }, { "index": 439 }, { "index": 827 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 110 }, "region": { "startLine": 127, "snippet": { "text": "\t\t tr.addElement(new TD(rs.getString(\"ssn\")));" } }, "contextRegion": { "startLine": 124, "endLine": 130, "snippet": { "text": "\t\t tr = new TR();\n\t\t tr.addElement(new TD(rs.getString(\"userid\")));\n\t\t tr.addElement(new TD(rs.getString(\"password\")));\n\t\t tr.addElement(new TD(rs.getString(\"ssn\")));\n\t\t tr.addElement(new TD(rs.getString(\"salary\")));\n\t\t t.addElement(tr);\n\t\t ec.addElement(t);\n" } } }, "message": { "text": "TD(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 110 }, "region": { "startLine": 127, "startColumn": 31 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 33, "level": "note", "message": { "text": "Using println() rather than a dedicated logging facility makes it difficult to monitor the behavior of the program.\r\nUsing `System.out` or `System.err` rather than a dedicated logging facility makes it difficult to monitor the behavior of the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 46 }, "region": { "startLine": 439, "snippet": { "text": "\t\t\tSystem.out.println( \"PATH: \" + path );" } }, "contextRegion": { "startLine": 436, "endLine": 442, "snippet": { "text": "\t\ttry\n\t\t{\n\t\t\tString path = context.getRealPath( \"/database\" ).replace( '\\\\', '/' );\n\t\t\tSystem.out.println( \"PATH: \" + path );\n\t\t\tString realConnectionString = databaseConnectionString.replaceAll( \"PATH\", path );\n\t\t\tSystem.out.println( \"Database Connection String: \" + realConnectionString );\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 46 }, "region": { "startLine": 439, "snippet": { "text": "\t\t\tSystem.out.println( \"PATH: \" + path );" } }, "contextRegion": { "startLine": 436, "endLine": 442, "snippet": { "text": "\t\ttry\n\t\t{\n\t\t\tString path = context.getRealPath( \"/database\" ).replace( '\\\\', '/' );\n\t\t\tSystem.out.println( \"PATH: \" + path );\n\t\t\tString realConnectionString = databaseConnectionString.replaceAll( \"PATH\", path );\n\t\t\tSystem.out.println( \"Database Connection String: \" + realConnectionString );\n\n" } } }, "message": { "text": "FunctionCall: println" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 46 }, "region": { "startLine": 439 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 33, "level": "note", "message": { "text": "Using println() rather than a dedicated logging facility makes it difficult to monitor the behavior of the program.\r\nUsing `System.out` or `System.err` rather than a dedicated logging facility makes it difficult to monitor the behavior of the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 46 }, "region": { "startLine": 441, "snippet": { "text": "\t\t\tSystem.out.println( \"Database Connection String: \" + realConnectionString );" } }, "contextRegion": { "startLine": 438, "endLine": 444, "snippet": { "text": "\t\t\tString path = context.getRealPath( \"/database\" ).replace( '\\\\', '/' );\n\t\t\tSystem.out.println( \"PATH: \" + path );\n\t\t\tString realConnectionString = databaseConnectionString.replaceAll( \"PATH\", path );\n\t\t\tSystem.out.println( \"Database Connection String: \" + realConnectionString );\n\n\t\t\treturn realConnectionString;\n\t\t}\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 46 }, "region": { "startLine": 441, "snippet": { "text": "\t\t\tSystem.out.println( \"Database Connection String: \" + realConnectionString );" } }, "contextRegion": { "startLine": 438, "endLine": 444, "snippet": { "text": "\t\t\tString path = context.getRealPath( \"/database\" ).replace( '\\\\', '/' );\n\t\t\tSystem.out.println( \"PATH: \" + path );\n\t\t\tString realConnectionString = databaseConnectionString.replaceAll( \"PATH\", path );\n\t\t\tSystem.out.println( \"Database Connection String: \" + realConnectionString );\n\n\t\t\treturn realConnectionString;\n\t\t}\n" } } }, "message": { "text": "FunctionCall: println" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 46 }, "region": { "startLine": 441 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 33, "level": "note", "message": { "text": "Using println() rather than a dedicated logging facility makes it difficult to monitor the behavior of the program.\r\nUsing `System.out` or `System.err` rather than a dedicated logging facility makes it difficult to monitor the behavior of the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 46 }, "region": { "startLine": 447, "snippet": { "text": "\t\t\tSystem.out.println( \"Couldn't open database: check web.xml database parameters\" );" } }, "contextRegion": { "startLine": 444, "endLine": 450, "snippet": { "text": "\t\t}\n\t\tcatch ( Exception e )\n\t\t{\n\t\t\tSystem.out.println( \"Couldn't open database: check web.xml database parameters\" );\n\t\t\te.printStackTrace();\n\t\t}\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 46 }, "region": { "startLine": 447, "snippet": { "text": "\t\t\tSystem.out.println( \"Couldn't open database: check web.xml database parameters\" );" } }, "contextRegion": { "startLine": 444, "endLine": 450, "snippet": { "text": "\t\t}\n\t\tcatch ( Exception e )\n\t\t{\n\t\t\tSystem.out.println( \"Couldn't open database: check web.xml database parameters\" );\n\t\t\te.printStackTrace();\n\t\t}\n\n" } } }, "message": { "text": "FunctionCall: println" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 46 }, "region": { "startLine": 447 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 66, "message": { "text": "The method doPost() in [LessonSource.java](1) writes unvalidated user input to the log on line [105](1). An attacker could take advantage of this behavior to forge log entries or inject malicious content into the log.\r\nWriting unvalidated user input to log files can allow an attacker to forge log entries or inject malicious content into the logs." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 117 }, "region": { "startLine": 105, "snippet": { "text": "\t\tlog(request, \"Could not write error screen: \"" } }, "contextRegion": { "startLine": 102, "endLine": 108, "snippet": { "text": "\t catch (Throwable thr)\n\t {\n\t\tthr.printStackTrace();\n\t\tlog(request, \"Could not write error screen: \"\n\t\t\t+ thr.getMessage());\n\t }\n\t //System.out.println( \"Leaving doPost: \" );\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 703 }, { "index": 704 }, { "index": 706 }, { "index": 707 }, { "index": 304 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 117 }, "region": { "startLine": 105, "snippet": { "text": "\t\tlog(request, \"Could not write error screen: \"" } }, "contextRegion": { "startLine": 102, "endLine": 108, "snippet": { "text": "\t catch (Throwable thr)\n\t {\n\t\tthr.printStackTrace();\n\t\tlog(request, \"Could not write error screen: \"\n\t\t\t+ thr.getMessage());\n\t }\n\t //System.out.println( \"Leaving doPost: \" );\n" } } }, "message": { "text": "log(0)" } }, "kinds": [ "call", "function" ] } ] } ] }, { "threadFlows": [ { "locations": [ { "index": 703 }, { "index": 704 }, { "index": 706 }, { "index": 707 }, { "index": 717 }, { "index": 718 }, { "index": 304 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 117 }, "region": { "startLine": 105, "snippet": { "text": "\t\tlog(request, \"Could not write error screen: \"" } }, "contextRegion": { "startLine": 102, "endLine": 108, "snippet": { "text": "\t catch (Throwable thr)\n\t {\n\t\tthr.printStackTrace();\n\t\tlog(request, \"Could not write error screen: \"\n\t\t\t+ thr.getMessage());\n\t }\n\t //System.out.println( \"Leaving doPost: \" );\n" } } }, "message": { "text": "log(0)" } }, "kinds": [ "call", "function" ] } ] } ] }, { "threadFlows": [ { "locations": [ { "index": 703 }, { "index": 704 }, { "index": 706 }, { "index": 707 }, { "index": 307 }, { "index": 308 }, { "index": 309 }, { "index": 310 }, { "index": 304 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 117 }, "region": { "startLine": 105, "snippet": { "text": "\t\tlog(request, \"Could not write error screen: \"" } }, "contextRegion": { "startLine": 102, "endLine": 108, "snippet": { "text": "\t catch (Throwable thr)\n\t {\n\t\tthr.printStackTrace();\n\t\tlog(request, \"Could not write error screen: \"\n\t\t\t+ thr.getMessage());\n\t }\n\t //System.out.println( \"Leaving doPost: \" );\n" } } }, "message": { "text": "log(0)" } }, "kinds": [ "call", "function" ] } ] } ] }, { "threadFlows": [ { "locations": [ { "index": 703 }, { "index": 704 }, { "index": 706 }, { "index": 707 }, { "index": 717 }, { "index": 718 }, { "index": 307 }, { "index": 308 }, { "index": 309 }, { "index": 310 }, { "index": 304 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 117 }, "region": { "startLine": 105, "snippet": { "text": "\t\tlog(request, \"Could not write error screen: \"" } }, "contextRegion": { "startLine": 102, "endLine": 108, "snippet": { "text": "\t catch (Throwable thr)\n\t {\n\t\tthr.printStackTrace();\n\t\tlog(request, \"Could not write error screen: \"\n\t\t\t+ thr.getMessage());\n\t }\n\t //System.out.println( \"Leaving doPost: \" );\n" } } }, "message": { "text": "log(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 117 }, "region": { "startLine": 105, "startColumn": 7 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function getEmployeeProfile() in [ViewProfile.java](1) might reveal system data or debugging information by calling printStackTrace() on line [146](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 38 }, "region": { "startLine": 146, "snippet": { "text": "\t\tsqle.printStackTrace();" } }, "contextRegion": { "startLine": 143, "endLine": 149, "snippet": { "text": "\t catch (SQLException sqle)\n\t {\n\t\ts.setMessage(\"Error getting employee profile\");\n\t\tsqle.printStackTrace();\n\t }\n\t}\n\tcatch (Exception e)\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 38 }, "region": { "startLine": 146, "snippet": { "text": "\t\tsqle.printStackTrace();" } }, "contextRegion": { "startLine": 143, "endLine": 149, "snippet": { "text": "\t catch (SQLException sqle)\n\t {\n\t\ts.setMessage(\"Error getting employee profile\");\n\t\tsqle.printStackTrace();\n\t }\n\t}\n\tcatch (Exception e)\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 38 }, "region": { "startLine": 146 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function getNextUID() in [UpdateProfile.java](1) might reveal system data or debugging information by calling printStackTrace() on line [257](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 101 }, "region": { "startLine": 257, "snippet": { "text": "\t sqle.printStackTrace();" } }, "contextRegion": { "startLine": 254, "endLine": 260, "snippet": { "text": "\t}\n\tcatch (SQLException sqle)\n\t{\n\t sqle.printStackTrace();\n\t s.setMessage(\"Error updating employee profile\");\n\t}\n\tcatch (ClassNotFoundException e)\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 101 }, "region": { "startLine": 257, "snippet": { "text": "\t sqle.printStackTrace();" } }, "contextRegion": { "startLine": 254, "endLine": 260, "snippet": { "text": "\t}\n\tcatch (SQLException sqle)\n\t{\n\t sqle.printStackTrace();\n\t s.setMessage(\"Error updating employee profile\");\n\t}\n\tcatch (ClassNotFoundException e)\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 101 }, "region": { "startLine": 257 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 26, "message": { "text": "A constructor of ErrorScreen in [ErrorScreen.java](1) at line [92](1) calls a function that can be overridden by an attacker.\r\nA constructor of the class calls a function that can be overridden." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 43 }, "region": { "startLine": 92, "snippet": { "text": "\t\tfixCurrentScreen( s );" } }, "contextRegion": { "startLine": 89, "endLine": 95, "snippet": { "text": "\tpublic ErrorScreen( WebSession s, String msg )\n\t{\n\t\tthis.message = msg;\n\t\tfixCurrentScreen( s );\n\t\tsetup( s );\n\t}\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 43 }, "region": { "startLine": 92, "snippet": { "text": "\t\tfixCurrentScreen( s );" } }, "contextRegion": { "startLine": 89, "endLine": 95, "snippet": { "text": "\tpublic ErrorScreen( WebSession s, String msg )\n\t{\n\t\tthis.message = msg;\n\t\tfixCurrentScreen( s );\n\t\tsetup( s );\n\t}\n\n" } } }, "message": { "text": "FunctionCall: fixCurrentScreen" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 43 }, "region": { "startLine": 89, "snippet": { "text": "\tpublic ErrorScreen( WebSession s, String msg )" } }, "contextRegion": { "startLine": 86, "endLine": 92, "snippet": { "text": "\t * @param s Description of the Parameter\n\t * @param msg Description of the Parameter\n\t */\n\tpublic ErrorScreen( WebSession s, String msg )\n\t{\n\t\tthis.message = msg;\n\t\tfixCurrentScreen( s );\n" } } }, "message": { "text": "Function: ErrorScreen" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 43 }, "region": { "startLine": 97, "snippet": { "text": "\tpublic void fixCurrentScreen( WebSession s )" } }, "contextRegion": { "startLine": 94, "endLine": 100, "snippet": { "text": "\t}\n\n\n\tpublic void fixCurrentScreen( WebSession s )\n\t{\n\t\t// So the user can't get stuck on the error screen, reset the\n\t\t// current screen to something known\n" } } }, "message": { "text": "Function: fixCurrentScreen" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 43 }, "region": { "startLine": 92 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 26, "message": { "text": "A constructor of ErrorScreen in [ErrorScreen.java](1) at line [93](1) calls a function that can be overridden by an attacker.\r\nA constructor of the class calls a function that can be overridden." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 43 }, "region": { "startLine": 93, "snippet": { "text": "\t\tsetup( s );" } }, "contextRegion": { "startLine": 90, "endLine": 96, "snippet": { "text": "\t{\n\t\tthis.message = msg;\n\t\tfixCurrentScreen( s );\n\t\tsetup( s );\n\t}\n\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 43 }, "region": { "startLine": 93, "snippet": { "text": "\t\tsetup( s );" } }, "contextRegion": { "startLine": 90, "endLine": 96, "snippet": { "text": "\t{\n\t\tthis.message = msg;\n\t\tfixCurrentScreen( s );\n\t\tsetup( s );\n\t}\n\n\n" } } }, "message": { "text": "FunctionCall: setup" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 43 }, "region": { "startLine": 89, "snippet": { "text": "\tpublic ErrorScreen( WebSession s, String msg )" } }, "contextRegion": { "startLine": 86, "endLine": 92, "snippet": { "text": "\t * @param s Description of the Parameter\n\t * @param msg Description of the Parameter\n\t */\n\tpublic ErrorScreen( WebSession s, String msg )\n\t{\n\t\tthis.message = msg;\n\t\tfixCurrentScreen( s );\n" } } }, "message": { "text": "Function: ErrorScreen" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 43 }, "region": { "startLine": 115, "snippet": { "text": "\tpublic void setup( WebSession s )" } }, "contextRegion": { "startLine": 112, "endLine": 118, "snippet": { "text": "\t}\n\n\t\n\tpublic void setup( WebSession s )\n\t{\n\t\t// call createContent first so messages will go somewhere\n\n" } } }, "message": { "text": "Function: setup" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 43 }, "region": { "startLine": 93 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 81, "level": "note", "message": { "text": "The method createContent() in [FailOpenAuthentication.java](1) can crash the program by dereferencing a null pointer on line [104](1).\r\nThe program can dereference a null pointer, thereby causing a null pointer exception." }, "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 48 }, "region": { "startLine": 86, "snippet": { "text": "\t\tif (username.length() > 0" } }, "contextRegion": { "startLine": 83, "endLine": 89, "snippet": { "text": "\t catch (Exception e)\n\t {\n\t\t// The parameter was omitted. set fail open status complete\n\t\tif (username.length() > 0\n\t\t\t&& e.getMessage().indexOf(\"not found\") != -1)\n\t\t{\n\t\t if ((username != null) && (username.length() > 0))\n" } } }, "message": { "text": "Branch taken" } }, "kinds": [ "branch", "true" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 48 }, "region": { "startLine": 87, "snippet": { "text": "\t\t\t&& e.getMessage().indexOf(\"not found\") != -1)" } }, "contextRegion": { "startLine": 84, "endLine": 90, "snippet": { "text": "\t {\n\t\t// The parameter was omitted. set fail open status complete\n\t\tif (username.length() > 0\n\t\t\t&& e.getMessage().indexOf(\"not found\") != -1)\n\t\t{\n\t\t if ((username != null) && (username.length() > 0))\n\t\t {\n" } } }, "message": { "text": "Branch taken" } }, "kinds": [ "branch", "true" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 48 }, "region": { "startLine": 89, "snippet": { "text": "\t\t if ((username != null) && (username.length() > 0))" } }, "contextRegion": { "startLine": 86, "endLine": 92, "snippet": { "text": "\t\tif (username.length() > 0\n\t\t\t&& e.getMessage().indexOf(\"not found\") != -1)\n\t\t{\n\t\t if ((username != null) && (username.length() > 0))\n\t\t {\n\t\t\tmakeSuccess(s);\n\t\t\treturn (makeUser(s, username,\n" } } }, "message": { "text": "Branch not taken" } }, "kinds": [ "branch", "false" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 48 }, "region": { "startLine": 99, "snippet": { "text": "\t if (password.length() == 0)" } }, "contextRegion": { "startLine": 96, "endLine": 102, "snippet": { "text": "\t }\n\n\t // Don't let the fail open pass with a blank password.\n\t if (password.length() == 0)\n\t {\n\t\t// We make sure the username was submitted to avoid telling the user an invalid\n\t\t// username/password was entered when they first enter the lesson via the side menu.\n" } } }, "message": { "text": "Branch taken" }, "annotations": [ { "startLine": 104, "startColumn": 7, "message": { "text": "Dereferenced : username" } } ] }, "kinds": [ "branch", "true" ] } ] } ] } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 17, "message": { "text": "The catch block at [Encoding.java](1) line [934](1) handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program.\r\nThe catch block handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 934, "endLine": 937, "snippet": { "text": "\t\tcatch ( Exception e )\r\n\t\t{\r\n\t\t\treturn ( \"Decoding error\" );\r\n\t\t}" } }, "contextRegion": { "startLine": 931, "endLine": 940, "snippet": { "text": "\t\t{\n\t\t\treturn ( URLDecoder.decode( str, \"UTF-8\" ) );\n\t\t}\n\t\tcatch ( Exception e )\n\t\t{\n\t\t\treturn ( \"Decoding error\" );\n\t\t}\n\t}\n\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 934, "endLine": 937, "snippet": { "text": "\t\tcatch ( Exception e )\r\n\t\t{\r\n\t\t\treturn ( \"Decoding error\" );\r\n\t\t}" } }, "contextRegion": { "startLine": 931, "endLine": 940, "snippet": { "text": "\t\t{\n\t\t\treturn ( URLDecoder.decode( str, \"UTF-8\" ) );\n\t\t}\n\t\tcatch ( Exception e )\n\t\t{\n\t\t\treturn ( \"Decoding error\" );\n\t\t}\n\t}\n\n\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 934, "startColumn": 3, "endLine": 937 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 49, "level": "note", "message": { "text": "The function log() in [HammerHead.java](1) might reveal system data or debugging information by calling println() on line [307](1). The information revealed by println() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 307, "snippet": { "text": "\tSystem.out.println(output);" } }, "contextRegion": { "startLine": 304, "endLine": 310, "snippet": { "text": "\tString output = new Date() + \" | \" + request.getRemoteHost() + \":\"\n\t\t+ request.getRemoteAddr() + \" | \" + message;\n\tlog(output);\n\tSystem.out.println(output);\n }\n\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 424 }, { "index": 425 }, { "index": 426 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 307, "snippet": { "text": "\tSystem.out.println(output);" } }, "contextRegion": { "startLine": 304, "endLine": 310, "snippet": { "text": "\tString output = new Date() + \" | \" + request.getRemoteHost() + \":\"\n\t\t+ request.getRemoteAddr() + \" | \" + message;\n\tlog(output);\n\tSystem.out.println(output);\n }\n\n\n" } } }, "message": { "text": "println(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 307, "startColumn": 21 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 77, "level": "note", "message": { "text": "The method updateLessonStatus() in [DeleteProfile.java](1) ignores an exception on line [176](1), which could cause the program to overlook unexpected states and conditions.\r\nIgnoring an exception can cause the program to overlook unexpected states and conditions." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 73 }, "region": { "startLine": 176, "endLine": 177, "snippet": { "text": "\tcatch (ParameterNotFoundException e)\r\n\t{}" } }, "contextRegion": { "startLine": 173, "endLine": 180, "snippet": { "text": "\t\tsetStage(s, 2);\n\t }\n\t}\n\tcatch (ParameterNotFoundException e)\n\t{}\n }\n\n}\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 73 }, "region": { "startLine": 176, "endLine": 177, "snippet": { "text": "\tcatch (ParameterNotFoundException e)\r\n\t{}" } }, "contextRegion": { "startLine": 173, "endLine": 180, "snippet": { "text": "\t\tsetStage(s, 2);\n\t }\n\t}\n\tcatch (ParameterNotFoundException e)\n\t{}\n }\n\n}\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 73 }, "region": { "startLine": 176, "startColumn": 2, "endLine": 177 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 17, "message": { "text": "The catch block at [HttpBasics.java](1) line [75](1) handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program.\r\nThe catch block handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 21 }, "region": { "startLine": 75, "endLine": 79, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\r\n\t e.printStackTrace();\r\n\t}" } }, "contextRegion": { "startLine": 72, "endLine": 82, "snippet": { "text": "\t Element b = ECSFactory.makeButton(\"Go!\");\n\t ec.addElement(b);\n\t}\n\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\n\t e.printStackTrace();\n\t}\n\n\tif (!person.toString().equals(\"\")\n\t\t&& getLessonTracker(s).getNumVisits() > 3)\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 21 }, "region": { "startLine": 75, "endLine": 79, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\r\n\t e.printStackTrace();\r\n\t}" } }, "contextRegion": { "startLine": 72, "endLine": 82, "snippet": { "text": "\t Element b = ECSFactory.makeButton(\"Go!\");\n\t ec.addElement(b);\n\t}\n\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\n\t e.printStackTrace();\n\t}\n\n\tif (!person.toString().equals(\"\")\n\t\t&& getLessonTracker(s).getNumVisits() > 3)\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 21 }, "region": { "startLine": 75, "startColumn": 2, "endLine": 79 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 62, "level": "error", "message": { "text": "The method createAttackEnvironment() in [HttpSplitting.java](1) sends unvalidated data to a web browser on line [180](1), which can result in the browser executing malicious code.\r\nSending unvalidated data to a web browser can result in the browser executing malicious code." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 135 }, "region": { "startLine": 180, "snippet": { "text": "\tInput input = new Input(Input.TEXT, LANGUAGE, lang.toString());" } }, "contextRegion": { "startLine": 177, "endLine": 183, "snippet": { "text": "\t\t\"UTF-8\");\n\n\t//add the search by field\n\tInput input = new Input(Input.TEXT, LANGUAGE, lang.toString());\n\tec.addElement(input);\n\n\tElement b = ECSFactory.makeButton(\"Search!\");\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 0 }, { "index": 2 }, { "index": 3 }, { "index": 7 }, { "index": 10 }, { "index": 832 }, { "index": 833 }, { "index": 834 }, { "index": 835 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 135 }, "region": { "startLine": 180, "snippet": { "text": "\tInput input = new Input(Input.TEXT, LANGUAGE, lang.toString());" } }, "contextRegion": { "startLine": 177, "endLine": 183, "snippet": { "text": "\t\t\"UTF-8\");\n\n\t//add the search by field\n\tInput input = new Input(Input.TEXT, LANGUAGE, lang.toString());\n\tec.addElement(input);\n\n\tElement b = ECSFactory.makeButton(\"Search!\");\n" } } }, "message": { "text": "Input(2)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 135 }, "region": { "startLine": 180 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 125, "level": "error", "message": { "text": "The method _jspService() in [EditProfile.jsp](1) mishandles confidential information, which can compromise user privacy and is often illegal.\r\nMishandling private information, such as customer passwords or social security numbers, can compromise user privacy and is often illegal." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 79 }, "region": { "startLine": 67, "snippet": { "text": "\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getCcn()%>\"/>" } }, "contextRegion": { "startLine": 64, "endLine": 70, "snippet": { "text": "\t\t\t\t\t\tCredit Card: \n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t \t\n\t\t\t\t\t\n\t\t\t \t\n\t\t\t\t\t\n\t\t\t \t\n\t\t\t\t\t\n\t\t\t \t\n\t\t\t\t\t\n \n \n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 95 }, "region": { "startLine": 74, "endLine": 76, "snippet": { "text": " \r\n \t\t\t \r\n\t\t\t " } }, "contextRegion": { "startLine": 71, "endLine": 79, "snippet": { "text": " \n \n \n" } } } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 95 }, "region": { "startLine": 74, "startColumn": 23, "endLine": 76 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 143, "message": { "text": "The method getNetstatResults() in [Challenge2Screen.java](1) can dereference a null pointer on line 646 because it does not check the return value of getProperty(), which might return null.\r\nThe program can dereference a null pointer because it does not check the return value of a function that might return null." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 644, "snippet": { "text": "\tString osName = System.getProperty(\"os.name\");" } }, "contextRegion": { "startLine": 641, "endLine": 647, "snippet": { "text": "\n\tString protocol = s.getParser().getRawParameter(PROTOCOL, \"tcp\");\n\n\tString osName = System.getProperty(\"os.name\");\n\tExecResults er = null;\n\tif (osName.indexOf(\"Windows\") != -1)\n\t{\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 644, "snippet": { "text": "\tString osName = System.getProperty(\"os.name\");" } }, "contextRegion": { "startLine": 641, "endLine": 647, "snippet": { "text": "\n\tString protocol = s.getParser().getRawParameter(PROTOCOL, \"tcp\");\n\n\tString osName = System.getProperty(\"os.name\");\n\tExecResults er = null;\n\tif (osName.indexOf(\"Windows\") != -1)\n\t{\n" } } }, "message": { "text": "osName = getProperty(?) : System.getProperty may return NULL" }, "annotations": [ { "startLine": 644, "startColumn": 2, "message": { "text": "osName may be null" } } ] }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 646, "snippet": { "text": "\tif (osName.indexOf(\"Windows\") != -1)" } }, "contextRegion": { "startLine": 643, "endLine": 649, "snippet": { "text": "\n\tString osName = System.getProperty(\"os.name\");\n\tExecResults er = null;\n\tif (osName.indexOf(\"Windows\") != -1)\n\t{\n\t String cmd = \"cmd.exe /c netstat -a -p \" + protocol;\n\t er = Exec.execSimple(cmd);\n" } } }, "message": { "text": "osName.indexOf(...) : osName used without null check" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 644 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function createContent() in [ViewDatabase.java](1) might reveal system data or debugging information by calling printStackTrace() on line [105](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 114 }, "region": { "startLine": 105, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 102, "endLine": 108, "snippet": { "text": "\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\n\t e.printStackTrace();\n\t}\n\n\treturn (ec);\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 114 }, "region": { "startLine": 105, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 102, "endLine": 108, "snippet": { "text": "\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\n\t e.printStackTrace();\n\t}\n\n\treturn (ec);\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 114 }, "region": { "startLine": 105 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 47, "level": "note", "message": { "text": "The method createAttackEnvironment() in [HttpSplitting.java](1) throws a generic exception making it harder for callers to do a good job of error handling and recovery.\r\nThe method throws a generic exception making it harder for callers to do a good job of error handling and recovery." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 135 }, "region": { "startLine": 161, "snippet": { "text": " protected Element createAttackEnvironment(WebSession s) throws Exception" } }, "contextRegion": { "startLine": 158, "endLine": 164, "snippet": { "text": " }\n\n\n protected Element createAttackEnvironment(WebSession s) throws Exception\n {\n\tElementContainer ec = new ElementContainer();\n\tString lang = null;\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 135 }, "region": { "startLine": 161, "snippet": { "text": " protected Element createAttackEnvironment(WebSession s) throws Exception" } }, "contextRegion": { "startLine": 158, "endLine": 164, "snippet": { "text": " }\n\n\n protected Element createAttackEnvironment(WebSession s) throws Exception\n {\n\tElementContainer ec = new ElementContainer();\n\tString lang = null;\n" } } }, "message": { "text": "Function: createAttackEnvironment" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 135 }, "region": { "startLine": 161 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 17, "message": { "text": "The catch block at [UpdateProfile.java](1) line [306](1) handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program.\r\nThe catch block handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 306, "endLine": 310, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t s.setMessage(\"Error updating employee profile\");\r\n\t e.printStackTrace();\r\n\t}" } }, "contextRegion": { "startLine": 303, "endLine": 313, "snippet": { "text": "\t }\n\n\t}\n\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error updating employee profile\");\n\t e.printStackTrace();\n\t}\n }\n\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 306, "endLine": 310, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t s.setMessage(\"Error updating employee profile\");\r\n\t e.printStackTrace();\r\n\t}" } }, "contextRegion": { "startLine": 303, "endLine": 313, "snippet": { "text": "\t }\n\n\t}\n\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error updating employee profile\");\n\t e.printStackTrace();\n\t}\n }\n\n\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 306, "startColumn": 2, "endLine": 310 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 142, "message": { "text": "The call to equals() on line [91](1) causes portability problems because it has different locales which may lead to unexpected output. This may also circumvent custom validation routines.\r\nUnexpected portability problems can be found when the locale is not specified." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 91, "snippet": { "text": "\t\t\tindex, helpFileLen).trim().toLowerCase().equals(" } }, "contextRegion": { "startLine": 88, "endLine": 94, "snippet": { "text": "\t\t\t+ helpFile.substring(index, helpFileLen).trim()\n\t\t\t\t.toLowerCase() + \"]\");\n\t\tif ((osName.indexOf(\"Windows\") != -1 && (helpFile.substring(\n\t\t\tindex, helpFileLen).trim().toLowerCase().equals(\n\t\t\t\"netstat -a\")\n\t\t\t|| helpFile.substring(index, helpFileLen).trim()\n\t\t\t\t.toLowerCase().equals(\"dir\")\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 77, "snippet": { "text": "\t if (s.isDefuseOSCommands()" } }, "contextRegion": { "startLine": 74, "endLine": 80, "snippet": { "text": "\t String helpFile = s.getParser().getRawParameter(HELP_FILE,\n\t\t \"BasicAuthentication.help\");\n\t String safeDirName;\n\t if (s.isDefuseOSCommands()\n\t\t && (helpFile.indexOf('&') != -1 || helpFile.indexOf(';') != -1))\n\t {\n\t\tint index = helpFile.indexOf('&');\n" } } }, "message": { "text": "Branch taken" } }, "kinds": [ "branch", "true" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 78, "snippet": { "text": "\t\t && (helpFile.indexOf('&') != -1 || helpFile.indexOf(';') != -1))" } }, "contextRegion": { "startLine": 75, "endLine": 81, "snippet": { "text": "\t\t \"BasicAuthentication.help\");\n\t String safeDirName;\n\t if (s.isDefuseOSCommands()\n\t\t && (helpFile.indexOf('&') != -1 || helpFile.indexOf(';') != -1))\n\t {\n\t\tint index = helpFile.indexOf('&');\n\t\tif (index == -1)\n" } } }, "message": { "text": "Branch taken" } }, "kinds": [ "branch", "true" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 90, "snippet": { "text": "\t\tif ((osName.indexOf(\"Windows\") != -1 && (helpFile.substring(" } }, "contextRegion": { "startLine": 87, "endLine": 93, "snippet": { "text": "\t\tSystem.out.println(\"Command = [\"\n\t\t\t+ helpFile.substring(index, helpFileLen).trim()\n\t\t\t\t.toLowerCase() + \"]\");\n\t\tif ((osName.indexOf(\"Windows\") != -1 && (helpFile.substring(\n\t\t\tindex, helpFileLen).trim().toLowerCase().equals(\n\t\t\t\"netstat -a\")\n\t\t\t|| helpFile.substring(index, helpFileLen).trim()\n" } } }, "message": { "text": "Branch taken" } }, "kinds": [ "branch", "true" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 91, "snippet": { "text": "\t\t\tindex, helpFileLen).trim().toLowerCase().equals(" } }, "contextRegion": { "startLine": 88, "endLine": 94, "snippet": { "text": "\t\t\t+ helpFile.substring(index, helpFileLen).trim()\n\t\t\t\t.toLowerCase() + \"]\");\n\t\tif ((osName.indexOf(\"Windows\") != -1 && (helpFile.substring(\n\t\t\tindex, helpFileLen).trim().toLowerCase().equals(\n\t\t\t\"netstat -a\")\n\t\t\t|| helpFile.substring(index, helpFileLen).trim()\n\t\t\t\t.toLowerCase().equals(\"dir\")\n" } } }, "message": { "text": "toLowerCase() : Case changed using default locale" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 91, "snippet": { "text": "\t\t\tindex, helpFileLen).trim().toLowerCase().equals(" } }, "contextRegion": { "startLine": 88, "endLine": 94, "snippet": { "text": "\t\t\t+ helpFile.substring(index, helpFileLen).trim()\n\t\t\t\t.toLowerCase() + \"]\");\n\t\tif ((osName.indexOf(\"Windows\") != -1 && (helpFile.substring(\n\t\t\tindex, helpFileLen).trim().toLowerCase().equals(\n\t\t\t\"netstat -a\")\n\t\t\t|| helpFile.substring(index, helpFileLen).trim()\n\t\t\t\t.toLowerCase().equals(\"dir\")\n" } } }, "message": { "text": "helpFile.substring(index, helpFileLen).trim().toLowerCase().equals(...) : Comparison without checking locale" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 91 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 17, "message": { "text": "The catch block at [ProductsAdminScreen.java](1) line [85](1) handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program.\r\nThe catch block handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 4 }, "region": { "startLine": 85, "endLine": 89, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\r\n\t e.printStackTrace();\r\n\t}" } }, "contextRegion": { "startLine": 82, "endLine": 92, "snippet": { "text": "\t\t\tresultsMetaData));\n\t }\n\t}\n\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\n\t e.printStackTrace();\n\t}\n\n\treturn (ec);\n }\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 4 }, "region": { "startLine": 85, "endLine": 89, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\r\n\t e.printStackTrace();\r\n\t}" } }, "contextRegion": { "startLine": 82, "endLine": 92, "snippet": { "text": "\t\t\tresultsMetaData));\n\t }\n\t}\n\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\n\t e.printStackTrace();\n\t}\n\n\treturn (ec);\n }\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 4 }, "region": { "startLine": 85, "startColumn": 2, "endLine": 89 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function findEmployeeProfile() in [FindProfile.java](1) might reveal system data or debugging information by calling printStackTrace() on line [187](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 93 }, "region": { "startLine": 187, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 184, "endLine": 190, "snippet": { "text": "\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error finding employee profile\");\n\t e.printStackTrace();\n\t}\n\n\treturn profile;\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 93 }, "region": { "startLine": 187, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 184, "endLine": 190, "snippet": { "text": "\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error finding employee profile\");\n\t e.printStackTrace();\n\t}\n\n\treturn profile;\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 93 }, "region": { "startLine": 187 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 62, "level": "error", "message": { "text": "The method createContent() in [UncheckedEmail.java](1) sends unvalidated data to a web browser on line [158](1), which can result in the browser executing malicious code.\r\nSending unvalidated data to a web browser can result in the browser executing malicious code." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 91 }, "region": { "startLine": 158, "snippet": { "text": "\t\t\t\t.addElement(new B()" } }, "contextRegion": { "startLine": 155, "endLine": 161, "snippet": { "text": "\t\tec.addElement(new HR());\n\t\tec\n\t\t\t.addElement(new Center()\n\t\t\t\t.addElement(new B()\n\t\t\t\t\t.addElement(\"You sent the following message to: \"\n\t\t\t\t\t\t+ to)));\n\t\tec.addElement(new BR());\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 0 }, { "index": 2 }, { "index": 3 }, { "index": 7 }, { "index": 10 }, { "index": 691 }, { "index": 692 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 91 }, "region": { "startLine": 158, "snippet": { "text": "\t\t\t\t.addElement(new B()" } }, "contextRegion": { "startLine": 155, "endLine": 161, "snippet": { "text": "\t\tec.addElement(new HR());\n\t\tec\n\t\t\t.addElement(new Center()\n\t\t\t\t.addElement(new B()\n\t\t\t\t\t.addElement(\"You sent the following message to: \"\n\t\t\t\t\t\t+ to)));\n\t\tec.addElement(new BR());\n" } } }, "message": { "text": "addElement(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 91 }, "region": { "startLine": 158 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 17, "message": { "text": "The catch block at [DefaultLessonAction.java](1) line [213](1) handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program.\r\nThe catch block handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 106 }, "region": { "startLine": 213, "endLine": 217, "snippet": { "text": "\t\tcatch ( Exception e )\r\n\t\t{\r\n\t\t\ts.setMessage( \"Error getting user name\" );\r\n\t\t\te.printStackTrace();\r\n\t\t}" } }, "contextRegion": { "startLine": 210, "endLine": 220, "snippet": { "text": "\t\t\t\tsqle.printStackTrace();\n\t\t\t}\n\t\t}\n\t\tcatch ( Exception e )\n\t\t{\n\t\t\ts.setMessage( \"Error getting user name\" );\n\t\t\te.printStackTrace();\n\t\t}\n\n\t\treturn name;\n\t}\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 106 }, "region": { "startLine": 213, "endLine": 217, "snippet": { "text": "\t\tcatch ( Exception e )\r\n\t\t{\r\n\t\t\ts.setMessage( \"Error getting user name\" );\r\n\t\t\te.printStackTrace();\r\n\t\t}" } }, "contextRegion": { "startLine": 210, "endLine": 220, "snippet": { "text": "\t\t\t\tsqle.printStackTrace();\n\t\t\t}\n\t\t}\n\t\tcatch ( Exception e )\n\t\t{\n\t\t\ts.setMessage( \"Error getting user name\" );\n\t\t\te.printStackTrace();\n\t\t}\n\n\t\treturn name;\n\t}\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 106 }, "region": { "startLine": 213, "startColumn": 3, "endLine": 217 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 35, "message": { "text": "The method main() in [CreateDB.java](1) can crash the program by dereferencing a null pointer on line [88](1).\r\nThe program can potentially dereference a null pointer, thereby causing a null pointer exception." }, "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 40 }, "region": { "startLine": 58, "snippet": { "text": "\t Class.forName(\"sun.jdbc.odbc.JdbcOdbcDriver\").newInstance();" } }, "contextRegion": { "startLine": 55, "endLine": 61, "snippet": { "text": "\n\ttry\n\t{\n\t Class.forName(\"sun.jdbc.odbc.JdbcOdbcDriver\").newInstance();\n\t}\n\tcatch (Exception e)\n\t{\n" } } }, "message": { "text": "java.lang.Exception thrown" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 40 }, "region": { "startLine": 70, "snippet": { "text": "\t\t .getConnection(" } }, "contextRegion": { "startLine": 67, "endLine": 73, "snippet": { "text": "\t{\n\n\t connection = DriverManager\n\t\t .getConnection(\n\t\t\t \"jdbc:odbc:;DRIVER=Microsoft Access Driver (*.mdb);DBQ=c:/webgoat.mdb;PWD=webgoat\",\n\t\t\t \"webgoat\", \"webgoat\");\n\t db.makeDB(connection);\n" } } }, "message": { "text": "java.lang.Exception thrown" }, "annotations": [ { "startLine": 88, "startColumn": 35, "message": { "text": "Dereferenced : connection" } } ] }, "kinds": [ "unknown" ] } ] } ] } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 77, "level": "note", "message": { "text": "The method loadLessons() in [Course.java](1) ignores an exception on line [377](1), which could cause the program to overlook unexpected states and conditions.\r\nIgnoring an exception can cause the program to overlook unexpected states and conditions." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 63 }, "region": { "startLine": 377, "endLine": 380, "snippet": { "text": " \t\t\tcatch (Exception e)\r\n \t\t\t{\r\n \t\t\t\t//System.out.println(\"Warning: \" + e.getMessage());\r\n \t\t\t}" } }, "contextRegion": { "startLine": 374, "endLine": 383, "snippet": { "text": " \t\t\t\t\t}\n \t\t\t\t}\n \t\t\t}\n \t\t\tcatch (Exception e)\n \t\t\t{\n \t\t\t\t//System.out.println(\"Warning: \" + e.getMessage());\n \t\t\t}\n \t\t}\n \t}\n }\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 63 }, "region": { "startLine": 377, "endLine": 380, "snippet": { "text": " \t\t\tcatch (Exception e)\r\n \t\t\t{\r\n \t\t\t\t//System.out.println(\"Warning: \" + e.getMessage());\r\n \t\t\t}" } }, "contextRegion": { "startLine": 374, "endLine": 383, "snippet": { "text": " \t\t\t\t\t}\n \t\t\t\t}\n \t\t\t}\n \t\t\tcatch (Exception e)\n \t\t\t{\n \t\t\t\t//System.out.println(\"Warning: \" + e.getMessage());\n \t\t\t}\n \t\t}\n \t}\n }\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 63 }, "region": { "startLine": 377, "startColumn": 8, "endLine": 380 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 17, "message": { "text": "The catch block at [ViewProfile.java](1) line [163](1) handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program.\r\nThe catch block handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 66 }, "region": { "startLine": 163, "endLine": 167, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t s.setMessage(\"Error getting employee profile\");\r\n\t e.printStackTrace();\r\n\t}" } }, "contextRegion": { "startLine": 160, "endLine": 170, "snippet": { "text": "\t\tsqle.printStackTrace();\n\t }\n\t}\n\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error getting employee profile\");\n\t e.printStackTrace();\n\t}\n\n\treturn profile;\n }\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 66 }, "region": { "startLine": 163, "endLine": 167, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t s.setMessage(\"Error getting employee profile\");\r\n\t e.printStackTrace();\r\n\t}" } }, "contextRegion": { "startLine": 160, "endLine": 170, "snippet": { "text": "\t\tsqle.printStackTrace();\n\t }\n\t}\n\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error getting employee profile\");\n\t e.printStackTrace();\n\t}\n\n\treturn profile;\n }\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 66 }, "region": { "startLine": 163, "startColumn": 2, "endLine": 167 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 35, "message": { "text": "The method updateSession_DELETEME() in [LessonSource.java](1) can crash the program by dereferencing a null pointer on line [134](1).\r\nThe program can potentially dereference a null pointer, thereby causing a null pointer exception." }, "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 117 }, "region": { "startLine": 130, "snippet": { "text": "\tif ((o != null) && o instanceof WebSession)" } }, "contextRegion": { "startLine": 127, "endLine": 133, "snippet": { "text": "\tWebSession realSession = null;\n\tObject o = hs.getAttribute(WebSession.SESSION);\n\n\tif ((o != null) && o instanceof WebSession)\n\t{\n\t realSession = (WebSession) o;\n\t}\n" } } }, "message": { "text": "Branch not taken" }, "annotations": [ { "startLine": 134, "startColumn": 27, "message": { "text": "Dereferenced : realSession" } } ] }, "kinds": [ "branch", "false" ] } ] } ] } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 64, "message": { "text": "Hardcoded passwords may compromise system security in a way that cannot be easily remedied." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 115 }, "region": { "startLine": 59, "snippet": { "text": " private static final String PASSWORD = \"password\";" } }, "contextRegion": { "startLine": 56, "endLine": 62, "snippet": { "text": "\n private static final String USERNAME = \"username\";\n\n private static final String PASSWORD = \"password\";\n\n private final static IMG MAC_LOGO = new IMG(\"images/logos/macadamian.gif\").setAlt(\n \"Macadamian Technologies\").setBorder(0).setHspace(0).setVspace(0);\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 115 }, "region": { "startLine": 59, "snippet": { "text": " private static final String PASSWORD = \"password\";" } }, "contextRegion": { "startLine": 56, "endLine": 62, "snippet": { "text": "\n private static final String USERNAME = \"username\";\n\n private static final String PASSWORD = \"password\";\n\n private final static IMG MAC_LOGO = new IMG(\"images/logos/macadamian.gif\").setAlt(\n \"Macadamian Technologies\").setBorder(0).setHspace(0).setVspace(0);\n" } } }, "message": { "text": "FieldAccess: PASSWORD" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 115 }, "region": { "startLine": 59, "snippet": { "text": " private static final String PASSWORD = \"password\";" } }, "contextRegion": { "startLine": 56, "endLine": 62, "snippet": { "text": "\n private static final String USERNAME = \"username\";\n\n private static final String PASSWORD = \"password\";\n\n private final static IMG MAC_LOGO = new IMG(\"images/logos/macadamian.gif\").setAlt(\n \"Macadamian Technologies\").setBorder(0).setHspace(0).setVspace(0);\n" } } }, "message": { "text": "Field: PASSWORD" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 115 }, "region": { "startLine": 59 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 108, "level": "error", "message": { "text": "The method getStringParameter() in [ParameterParser.java](1) mishandles confidential information, which can compromise user privacy and is often illegal.\r\nMishandling private information, such as customer passwords or social security numbers, can compromise user privacy and is often illegal." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 695, "snippet": { "text": "\t throw new ParameterNotFoundException(name + \" not found\");" } }, "contextRegion": { "startLine": 692, "endLine": 698, "snippet": { "text": "\n\tif (values == null)\n\t{\n\t throw new ParameterNotFoundException(name + \" not found\");\n\t}\n\telse if (values[0].length() == 0)\n\t{\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 60 }, { "index": 61 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 695, "snippet": { "text": "\t throw new ParameterNotFoundException(name + \" not found\");" } }, "contextRegion": { "startLine": 692, "endLine": 698, "snippet": { "text": "\n\tif (values == null)\n\t{\n\t throw new ParameterNotFoundException(name + \" not found\");\n\t}\n\telse if (values[0].length() == 0)\n\t{\n" } } }, "message": { "text": "ParameterNotFoundException(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 695 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 77, "level": "note", "message": { "text": "The method updateLessonStatus() in [ViewProfile.java](1) ignores an exception on line [253](1), which could cause the program to overlook unexpected states and conditions.\r\nIgnoring an exception can cause the program to overlook unexpected states and conditions." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 38 }, "region": { "startLine": 253, "endLine": 254, "snippet": { "text": "\t\t\tcatch (UnauthorizedException e)\r\n\t\t\t{}" } }, "contextRegion": { "startLine": 250, "endLine": 257, "snippet": { "text": "\t\t\t targetEmployee = getEmployeeProfile_BACKUP(s,\n\t\t\t\t userId, employeeId);\n\t\t\t}\n\t\t\tcatch (UnauthorizedException e)\n\t\t\t{}\n\t\t\tif (targetEmployee != null\n\t\t\t\t&& targetEmployee.getId() == SQLInjection.PRIZE_EMPLOYEE_ID)\n\t\t\t{\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 38 }, "region": { "startLine": 253, "endLine": 254, "snippet": { "text": "\t\t\tcatch (UnauthorizedException e)\r\n\t\t\t{}" } }, "contextRegion": { "startLine": 250, "endLine": 257, "snippet": { "text": "\t\t\t targetEmployee = getEmployeeProfile_BACKUP(s,\n\t\t\t\t userId, employeeId);\n\t\t\t}\n\t\t\tcatch (UnauthorizedException e)\n\t\t\t{}\n\t\t\tif (targetEmployee != null\n\t\t\t\t&& targetEmployee.getId() == SQLInjection.PRIZE_EMPLOYEE_ID)\n\t\t\t{\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 38 }, "region": { "startLine": 253, "startColumn": 4, "endLine": 254 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 77, "level": "note", "message": { "text": "The method updateLessonStatus() in [ViewProfile.java](1) ignores an exception on line [268](1), which could cause the program to overlook unexpected states and conditions.\r\nIgnoring an exception can cause the program to overlook unexpected states and conditions." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 38 }, "region": { "startLine": 268, "endLine": 269, "snippet": { "text": "\tcatch (ParameterNotFoundException pnfe)\r\n\t{}" } }, "contextRegion": { "startLine": 265, "endLine": 272, "snippet": { "text": "\t\t break;\n\t }\n\t}\n\tcatch (ParameterNotFoundException pnfe)\n\t{}\n }\n\n}\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 38 }, "region": { "startLine": 268, "endLine": 269, "snippet": { "text": "\tcatch (ParameterNotFoundException pnfe)\r\n\t{}" } }, "contextRegion": { "startLine": 265, "endLine": 272, "snippet": { "text": "\t\t break;\n\t }\n\t}\n\tcatch (ParameterNotFoundException pnfe)\n\t{}\n }\n\n}\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 38 }, "region": { "startLine": 268, "startColumn": 2, "endLine": 269 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 33, "level": "note", "message": { "text": "Using println() rather than a dedicated logging facility makes it difficult to monitor the behavior of the program.\r\nUsing `System.out` or `System.err` rather than a dedicated logging facility makes it difficult to monitor the behavior of the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 87, "snippet": { "text": "\t\tSystem.out.println(\"Command = [\"" } }, "contextRegion": { "startLine": 84, "endLine": 90, "snippet": { "text": "\t\t}\n\t\tindex = index + 1;\n\t\tint helpFileLen = helpFile.length() - 1; // subtract 1 for the closing quote\n\t\tSystem.out.println(\"Command = [\"\n\t\t\t+ helpFile.substring(index, helpFileLen).trim()\n\t\t\t\t.toLowerCase() + \"]\");\n\t\tif ((osName.indexOf(\"Windows\") != -1 && (helpFile.substring(\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 87, "snippet": { "text": "\t\tSystem.out.println(\"Command = [\"" } }, "contextRegion": { "startLine": 84, "endLine": 90, "snippet": { "text": "\t\t}\n\t\tindex = index + 1;\n\t\tint helpFileLen = helpFile.length() - 1; // subtract 1 for the closing quote\n\t\tSystem.out.println(\"Command = [\"\n\t\t\t+ helpFile.substring(index, helpFileLen).trim()\n\t\t\t\t.toLowerCase() + \"]\");\n\t\tif ((osName.indexOf(\"Windows\") != -1 && (helpFile.substring(\n" } } }, "message": { "text": "FunctionCall: println" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 87 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function createContent() in [RefreshDBScreen.java](1) might reveal system data or debugging information by calling printStackTrace() on line [99](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 36 }, "region": { "startLine": 99, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 96, "endLine": 102, "snippet": { "text": "\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\n\t e.printStackTrace();\n\t}\n\n\treturn (ec);\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 36 }, "region": { "startLine": 99, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 96, "endLine": 102, "snippet": { "text": "\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\n\t e.printStackTrace();\n\t}\n\n\treturn (ec);\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 36 }, "region": { "startLine": 99 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 64, "message": { "text": "Hardcoded passwords may compromise system security in a way that cannot be easily remedied." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 125 }, "region": { "startLine": 95, "snippet": { "text": " public final static String PASSWORD = \"password\";" } }, "contextRegion": { "startLine": 92, "endLine": 98, "snippet": { "text": "\n public final static String FIRST_NAME = \"firstName\";\n\n public final static String PASSWORD = \"password\";\n\n public final static String EMPLOYEE_ID = \"employee_id\";\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 125 }, "region": { "startLine": 95, "snippet": { "text": " public final static String PASSWORD = \"password\";" } }, "contextRegion": { "startLine": 92, "endLine": 98, "snippet": { "text": "\n public final static String FIRST_NAME = \"firstName\";\n\n public final static String PASSWORD = \"password\";\n\n public final static String EMPLOYEE_ID = \"employee_id\";\n\n" } } }, "message": { "text": "FieldAccess: PASSWORD" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 125 }, "region": { "startLine": 95, "snippet": { "text": " public final static String PASSWORD = \"password\";" } }, "contextRegion": { "startLine": 92, "endLine": 98, "snippet": { "text": "\n public final static String FIRST_NAME = \"firstName\";\n\n public final static String PASSWORD = \"password\";\n\n public final static String EMPLOYEE_ID = \"employee_id\";\n\n" } } }, "message": { "text": "Field: PASSWORD" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 125 }, "region": { "startLine": 95 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 98, "level": "note", "message": { "text": "The class Category overrides only one of `equals()` and `hashCode()`.\r\nThis class overrides only one of `equals()` and `hashCode()`." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 31 }, "region": { "startLine": 81, "snippet": { "text": " public boolean equals(Object obj)" } }, "contextRegion": { "startLine": 78, "endLine": 84, "snippet": { "text": " }\n\n\n public boolean equals(Object obj)\n {\n\treturn getName().equals(((Category) obj).getName());\n }\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 31 }, "region": { "startLine": 81, "snippet": { "text": " public boolean equals(Object obj)" } }, "contextRegion": { "startLine": 78, "endLine": 84, "snippet": { "text": " }\n\n\n public boolean equals(Object obj)\n {\n\treturn getName().equals(((Category) obj).getName());\n }\n" } } }, "message": { "text": "Function: equals" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 31 }, "region": { "startLine": 81 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 3, "message": { "text": "The method makeRow() in [Encoding.java](1) uses HTML, XML or other type of encoding that is not always enough to prevent malicious code from reaching the web browser.\r\nRelying on HTML, XML and other types of encoding to validate user input can result in the browser executing malicious code." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 793, "snippet": { "text": "\t\tTD val1 = new TD().addElement( value1 ).setBgColor( \"#dddddd\" );" } }, "contextRegion": { "startLine": 790, "endLine": 796, "snippet": { "text": "\t{\n\n\t\tTD desc = new TD().addElement( description ).setBgColor( \"#bbbbbb\" );\n\t\tTD val1 = new TD().addElement( value1 ).setBgColor( \"#dddddd\" );\n\t\tTD val2 = new TD().addElement( value2 ).setBgColor( \"#dddddd\" );\n\t\tTR tr = new TR();\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 0 }, { "index": 2 }, { "index": 3 }, { "index": 7 }, { "index": 10 }, { "index": 737 }, { "index": 738 }, { "index": 928 }, { "index": 928 }, { "index": 931 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 793, "snippet": { "text": "\t\tTD val1 = new TD().addElement( value1 ).setBgColor( \"#dddddd\" );" } }, "contextRegion": { "startLine": 790, "endLine": 796, "snippet": { "text": "\t{\n\n\t\tTD desc = new TD().addElement( description ).setBgColor( \"#bbbbbb\" );\n\t\tTD val1 = new TD().addElement( value1 ).setBgColor( \"#dddddd\" );\n\t\tTD val2 = new TD().addElement( value2 ).setBgColor( \"#dddddd\" );\n\t\tTR tr = new TR();\n\n" } } }, "message": { "text": "addElement(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 793, "startColumn": 34 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 2, "message": { "text": "On line [100](1) of [LessonSource.java](1), the method is called after the stream has already been committed or obtained.\r\nAfter a servlet's output stream has already been committed, it is erroneous to reset the stream buffer or perform any other action that recommits to the stream. Likewise, it is erroneous to call `getWriter()` after calling `getOutputStream` or vice versa." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 117 }, "region": { "startLine": 100, "snippet": { "text": "\t\tthis.writeSource(source, response);" } }, "contextRegion": { "startLine": 97, "endLine": 103, "snippet": { "text": "\t{\n\t try\n\t {\n\t\tthis.writeSource(source, response);\n\t }\n\t catch (Throwable thr)\n\t {\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 117 }, "region": { "startLine": 80, "snippet": { "text": "\t session.update(request, response, this.getServletName()); // FIXME: Too much in this call." } }, "contextRegion": { "startLine": 77, "endLine": 83, "snippet": { "text": "\t //setCacheHeaders(response, 0);\n\t WebSession session = (WebSession) request.getSession(true)\n\t\t .getAttribute(WebSession.SESSION);\n\t session.update(request, response, this.getServletName()); // FIXME: Too much in this call.\n\n\t // Get the Java source of the lesson. FIXME: Not needed\n\t source = getSource(session);\n" } } }, "message": { "text": "?.update(?, response, ?)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 117 }, "region": { "startLine": 100, "snippet": { "text": "\t\tthis.writeSource(source, response);" } }, "contextRegion": { "startLine": 97, "endLine": 103, "snippet": { "text": "\t{\n\t try\n\t {\n\t\tthis.writeSource(source, response);\n\t }\n\t catch (Throwable thr)\n\t {\n" } } }, "message": { "text": "?.writeSource(?, response)" } }, "kinds": [ "call", "function", "return" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 117 }, "region": { "startLine": 100 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 17, "message": { "text": "The catch block at [Login.java](1) line [213](1) handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program.\r\nThe catch block handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 37 }, "region": { "startLine": 213, "endLine": 217, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t s.setMessage(\"Error getting employees\");\r\n\t e.printStackTrace();\r\n\t}" } }, "contextRegion": { "startLine": 210, "endLine": 220, "snippet": { "text": "\t\tsqle.printStackTrace();\n\t }\n\t}\n\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error getting employees\");\n\t e.printStackTrace();\n\t}\n\n\treturn employees;\n }\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 37 }, "region": { "startLine": 213, "endLine": 217, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t s.setMessage(\"Error getting employees\");\r\n\t e.printStackTrace();\r\n\t}" } }, "contextRegion": { "startLine": 210, "endLine": 220, "snippet": { "text": "\t\tsqle.printStackTrace();\n\t }\n\t}\n\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error getting employees\");\n\t e.printStackTrace();\n\t}\n\n\treturn employees;\n }\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 37 }, "region": { "startLine": 213, "startColumn": 2, "endLine": 217 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 35, "message": { "text": "The method load() in [LessonTracker.java](1) can crash the program by dereferencing a null pointer on line [260](1).\r\nThe program can potentially dereference a null pointer, thereby causing a null pointer exception." }, "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 14 }, "region": { "startLine": 234, "snippet": { "text": "\t if (fileName != null)" } }, "contextRegion": { "startLine": 231, "endLine": 237, "snippet": { "text": "\ttry\n\t{\n\t String fileName = getTrackerFile(s, user, screen);\n\t if (fileName != null)\n\t {\n\t\tProperties tempProps = new Properties();\n\t\t//System.out.println(\"Loading lesson state from: \" + fileName);\n" } } }, "message": { "text": "Branch not taken" }, "annotations": [ { "startLine": 260, "startColumn": 3, "message": { "text": "Dereferenced : in" } } ] }, "kinds": [ "branch", "false" ] } ] } ] } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 17, "message": { "text": "The catch block at [UpdateProfile.java](1) line [234](1) handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program.\r\nThe catch block handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 101 }, "region": { "startLine": 234, "endLine": 238, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t s.setMessage(\"Error updating employee profile\");\r\n\t e.printStackTrace();\r\n\t}" } }, "contextRegion": { "startLine": 231, "endLine": 241, "snippet": { "text": "\t }\n\n\t}\n\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error updating employee profile\");\n\t e.printStackTrace();\n\t}\n }\n\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 101 }, "region": { "startLine": 234, "endLine": 238, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t s.setMessage(\"Error updating employee profile\");\r\n\t e.printStackTrace();\r\n\t}" } }, "contextRegion": { "startLine": 231, "endLine": 241, "snippet": { "text": "\t }\n\n\t}\n\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error updating employee profile\");\n\t e.printStackTrace();\n\t}\n }\n\n\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 101 }, "region": { "startLine": 234, "startColumn": 2, "endLine": 238 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 17, "message": { "text": "The catch block at [Challenge2Screen.java](1) line [346](1) handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program.\r\nThe catch block handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 346, "endLine": 351, "snippet": { "text": "\t catch (Exception e)\r\n\t {\r\n\t\tec\r\n\t\t\t.addElement(new P()\r\n\t\t\t\t.addElement(\"Select a message to read from the Message List below\"));\r\n\t }" } }, "contextRegion": { "startLine": 343, "endLine": 354, "snippet": { "text": "\n\t\tec.addElement(t);\n\t }\n\t catch (Exception e)\n\t {\n\t\tec\n\t\t\t.addElement(new P()\n\t\t\t\t.addElement(\"Select a message to read from the Message List below\"));\n\t }\n\n\t ec.addElement(new HR());\n\t Table t = new Table().setCellSpacing(0).setCellPadding(2).setWidth(\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 346, "endLine": 351, "snippet": { "text": "\t catch (Exception e)\r\n\t {\r\n\t\tec\r\n\t\t\t.addElement(new P()\r\n\t\t\t\t.addElement(\"Select a message to read from the Message List below\"));\r\n\t }" } }, "contextRegion": { "startLine": 343, "endLine": 354, "snippet": { "text": "\n\t\tec.addElement(t);\n\t }\n\t catch (Exception e)\n\t {\n\t\tec\n\t\t\t.addElement(new P()\n\t\t\t\t.addElement(\"Select a message to read from the Message List below\"));\n\t }\n\n\t ec.addElement(new HR());\n\t Table t = new Table().setCellSpacing(0).setCellPadding(2).setWidth(\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 346, "startColumn": 6, "endLine": 351 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 77, "level": "note", "message": { "text": "The method deleteUser() in [UserTracker.java](1) ignores an exception on line [161](1), which could cause the program to overlook unexpected states and conditions.\r\nIgnoring an exception can cause the program to overlook unexpected states and conditions." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 98 }, "region": { "startLine": 161, "endLine": 162, "snippet": { "text": "\t catch (Exception e)\r\n\t {}" } }, "contextRegion": { "startLine": 158, "endLine": 165, "snippet": { "text": "\t\tusersDB.close();\n\n\t }\n\t catch (Exception e)\n\t {}\n\t}\n }\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 98 }, "region": { "startLine": 161, "endLine": 162, "snippet": { "text": "\t catch (Exception e)\r\n\t {}" } }, "contextRegion": { "startLine": 158, "endLine": 165, "snippet": { "text": "\t\tusersDB.close();\n\n\t }\n\t catch (Exception e)\n\t {}\n\t}\n }\n\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 98 }, "region": { "startLine": 161, "startColumn": 6, "endLine": 162 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 125, "level": "error", "message": { "text": "The method _jspService() in [ViewProfile.jsp](1) mishandles confidential information, which can compromise user privacy and is often illegal.\r\nMishandling private information, such as customer passwords or social security numbers, can compromise user privacy and is often illegal." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 44 }, "region": { "startLine": 54, "snippet": { "text": "\t\t\t \t\t<%=employee.getSsn()%>" } }, "contextRegion": { "startLine": 51, "endLine": 57, "snippet": { "text": "\t\t\t \t\tSSN: \n\t\t\t \t\n\t\t\t \t\n\t\t\t\t\t\n\t\t\t \t\n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t \t\n\t\t\t\t\t\n\t\t\t \t\n\t\t\t\t\t\n\t\t\t \t\n\t\t\t\t\t\n\t\t\t \t\n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t
\n\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getCcn()%>\"/>\n\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\tCredit Card Limit: \n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 705 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 79 }, "region": { "startLine": 67, "snippet": { "text": "\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getCcn()%>\"/>" } }, "contextRegion": { "startLine": 64, "endLine": 70, "snippet": { "text": "\t\t\t\t\t\tCredit Card: \n\t\t\t\t\t\n\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getCcn()%>\"/>\n\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\tCredit Card Limit: \n" } } }, "message": { "text": "print(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 79 }, "region": { "startLine": 67 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 111, "message": { "text": "The call to readLine() at [LessonAdapter.java](1) line [95](1) might allow an attacker to crash the program or otherwise make it unavailable to legitimate users.\r\nAn attacker could cause the program to crash or otherwise become unavailable to legitimate users." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 116 }, "region": { "startLine": 95, "snippet": { "text": "\t\twhile ((line = in.readLine()) != null)" } }, "contextRegion": { "startLine": 92, "endLine": 98, "snippet": { "text": "\t\tPRE pre = new PRE();\n\t\tBufferedReader in = new BufferedReader(new FileReader(fileName));\n\t\tString line = null;\n\t\twhile ((line = in.readLine()) != null)\n\t\t{\n\t\t pre.addElement(line + \"\\n\");\n\t\t}\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 116 }, "region": { "startLine": 95, "snippet": { "text": "\t\twhile ((line = in.readLine()) != null)" } }, "contextRegion": { "startLine": 92, "endLine": 98, "snippet": { "text": "\t\tPRE pre = new PRE();\n\t\tBufferedReader in = new BufferedReader(new FileReader(fileName));\n\t\tString line = null;\n\t\twhile ((line = in.readLine()) != null)\n\t\t{\n\t\t pre.addElement(line + \"\\n\");\n\t\t}\n" } } }, "message": { "text": "readLine()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 116 }, "region": { "startLine": 95 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 125, "level": "error", "message": { "text": "The method _jspService() in [EditProfile.jsp](1) mishandles confidential information, which can compromise user privacy and is often illegal.\r\nMishandling private information, such as customer passwords or social security numbers, can compromise user privacy and is often illegal." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 112 }, "region": { "startLine": 53, "snippet": { "text": "\t\t\t \t\t\" type=\"text\" value=\"<%=employee.getSsn()%>\"/> " } }, "contextRegion": { "startLine": 50, "endLine": 56, "snippet": { "text": "\t\t\t \t\tSSN: \n\t\t\t \t\n\t\t\t \t\t\" type=\"text\" value=\"<%=employee.getSsn()%>\"/> \n\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\tSalary: \n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 13 }, { "index": 14 }, { "index": 186 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 112 }, "region": { "startLine": 53, "snippet": { "text": "\t\t\t \t\t\" type=\"text\" value=\"<%=employee.getSsn()%>\"/> " } }, "contextRegion": { "startLine": 50, "endLine": 56, "snippet": { "text": "\t\t\t \t\tSSN: \n\t\t\t \t\n\t\t\t \t\t\" type=\"text\" value=\"<%=employee.getSsn()%>\"/> \n\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\tSalary: \n" } } }, "message": { "text": "print(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 112 }, "region": { "startLine": 53 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function accessWGService() in [WSDLScanning.java](1) might reveal system data or debugging information by calling printStackTrace() on line [163](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 83 }, "region": { "startLine": 163, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 160, "endLine": 166, "snippet": { "text": "\t}\n\tcatch (Exception e)\n\t{\n\t e.printStackTrace();\n\t}\n\treturn null;\n }\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 83 }, "region": { "startLine": 163, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 160, "endLine": 166, "snippet": { "text": "\t}\n\tcatch (Exception e)\n\t{\n\t e.printStackTrace();\n\t}\n\treturn null;\n }\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 83 }, "region": { "startLine": 163 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function accessWGService() in [WSDLScanning.java](1) might reveal system data or debugging information by calling printStackTrace() on line [159](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 83 }, "region": { "startLine": 159, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 156, "endLine": 162, "snippet": { "text": "\t}\n\tcatch (ServiceException e)\n\t{\n\t e.printStackTrace();\n\t}\n\tcatch (Exception e)\n\t{\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 83 }, "region": { "startLine": 159, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 156, "endLine": 162, "snippet": { "text": "\t}\n\tcatch (ServiceException e)\n\t{\n\t e.printStackTrace();\n\t}\n\tcatch (Exception e)\n\t{\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 83 }, "region": { "startLine": 159 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function accessWGService() in [WSDLScanning.java](1) might reveal system data or debugging information by calling printStackTrace() on line [155](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 83 }, "region": { "startLine": 155, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 152, "endLine": 158, "snippet": { "text": "\t}\n\tcatch (RemoteException e)\n\t{\n\t e.printStackTrace();\n\t}\n\tcatch (ServiceException e)\n\t{\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 83 }, "region": { "startLine": 155, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 152, "endLine": 158, "snippet": { "text": "\t}\n\tcatch (RemoteException e)\n\t{\n\t e.printStackTrace();\n\t}\n\tcatch (ServiceException e)\n\t{\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 83 }, "region": { "startLine": 155 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 17, "message": { "text": "The catch block at [AbstractLesson.java](1) line [903](1) handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program.\r\nThe catch block handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 75 }, "region": { "startLine": 903, "endLine": 906, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t s.setMessage(\"Couldn't read HTTP request\");\r\n\t}" } }, "contextRegion": { "startLine": 900, "endLine": 909, "snippet": { "text": "\t el = new StringElement(readFromFile(s.getRequest().getReader(),\n\t\t false));\n\t}\n\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Couldn't read HTTP request\");\n\t}\n\n\tElementContainer ec = new ElementContainer();\n\tec.addElement(new B(\"HTTP Request\"));\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 75 }, "region": { "startLine": 903, "endLine": 906, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t s.setMessage(\"Couldn't read HTTP request\");\r\n\t}" } }, "contextRegion": { "startLine": 900, "endLine": 909, "snippet": { "text": "\t el = new StringElement(readFromFile(s.getRequest().getReader(),\n\t\t false));\n\t}\n\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Couldn't read HTTP request\");\n\t}\n\n\tElementContainer ec = new ElementContainer();\n\tec.addElement(new B(\"HTTP Request\"));\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 75 }, "region": { "startLine": 903, "startColumn": 2, "endLine": 906 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 24, "level": "error", "message": { "text": "The method concept1() in [BackDoors.java](1) sends unvalidated data to a web browser on line [125](1), which can result in the browser executing malicious code.\r\nSending unvalidated data to a web browser can result in the browser executing malicious code." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 110 }, "region": { "startLine": 125, "snippet": { "text": "\t\t tr.addElement(new TD(rs.getString(\"userid\")));" } }, "contextRegion": { "startLine": 122, "endLine": 128, "snippet": { "text": "\t\t tr.addElement(new TD(\"Salary\"));\n\t\t t.addElement(tr);\n\t\t tr = new TR();\n\t\t tr.addElement(new TD(rs.getString(\"userid\")));\n\t\t tr.addElement(new TD(rs.getString(\"password\")));\n\t\t tr.addElement(new TD(rs.getString(\"ssn\")));\n\t\t tr.addElement(new TD(rs.getString(\"salary\")));\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 438 }, { "index": 439 }, { "index": 836 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 110 }, "region": { "startLine": 125, "snippet": { "text": "\t\t tr.addElement(new TD(rs.getString(\"userid\")));" } }, "contextRegion": { "startLine": 122, "endLine": 128, "snippet": { "text": "\t\t tr.addElement(new TD(\"Salary\"));\n\t\t t.addElement(tr);\n\t\t tr = new TR();\n\t\t tr.addElement(new TD(rs.getString(\"userid\")));\n\t\t tr.addElement(new TD(rs.getString(\"password\")));\n\t\t tr.addElement(new TD(rs.getString(\"ssn\")));\n\t\t tr.addElement(new TD(rs.getString(\"salary\")));\n" } } }, "message": { "text": "TD(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 110 }, "region": { "startLine": 125, "startColumn": 31 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 29, "level": "error", "message": { "text": "The function main() in [CreateDB.java](1) sometimes fails to release a system resource allocated by getConnection() on line 70.\r\nThe program can potentially fail to release a database connection." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 40 }, "region": { "startLine": 70, "snippet": { "text": "\t\t .getConnection(" } }, "contextRegion": { "startLine": 67, "endLine": 73, "snippet": { "text": "\t{\n\n\t connection = DriverManager\n\t\t .getConnection(\n\t\t\t \"jdbc:odbc:;DRIVER=Microsoft Access Driver (*.mdb);DBQ=c:/webgoat.mdb;PWD=webgoat\",\n\t\t\t \"webgoat\", \"webgoat\");\n\t db.makeDB(connection);\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 40 }, "region": { "startLine": 58, "snippet": { "text": "\t Class.forName(\"sun.jdbc.odbc.JdbcOdbcDriver\").newInstance();" } }, "contextRegion": { "startLine": 55, "endLine": 61, "snippet": { "text": "\n\ttry\n\t{\n\t Class.forName(\"sun.jdbc.odbc.JdbcOdbcDriver\").newInstance();\n\t}\n\tcatch (Exception e)\n\t{\n" } } }, "message": { "text": "java.lang.Exception thrown" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 40 }, "region": { "startLine": 70, "snippet": { "text": "\t\t .getConnection(" } }, "contextRegion": { "startLine": 67, "endLine": 73, "snippet": { "text": "\t{\n\n\t connection = DriverManager\n\t\t .getConnection(\n\t\t\t \"jdbc:odbc:;DRIVER=Microsoft Access Driver (*.mdb);DBQ=c:/webgoat.mdb;PWD=webgoat\",\n\t\t\t \"webgoat\", \"webgoat\");\n\t db.makeDB(connection);\n" } } }, "message": { "text": "connection = getConnection(...)" }, "annotations": [ { "startLine": 69, "startColumn": 6, "message": { "text": "connection refers to a database connection" } } ] }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 40 }, "region": { "startLine": 74, "snippet": { "text": "\t}" } }, "contextRegion": { "startLine": 71, "endLine": 77, "snippet": { "text": "\t\t\t \"jdbc:odbc:;DRIVER=Microsoft Access Driver (*.mdb);DBQ=c:/webgoat.mdb;PWD=webgoat\",\n\t\t\t \"webgoat\", \"webgoat\");\n\t db.makeDB(connection);\n\t}\n\tcatch (Exception e)\n\t{\n\t System.out.println(\"Driver Manager failed!\");\n" } } }, "message": { "text": "connection no longer refers to a database connection" } }, "kinds": [ "exit", "scope" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 40 }, "region": { "startLine": 90, "snippet": { "text": "\t\t ResultSet.CONCUR_READ_ONLY);" } }, "contextRegion": { "startLine": 87, "endLine": 93, "snippet": { "text": "\t{\n\t Statement answer_statement = connection.createStatement(\n\t\t ResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t ResultSet.CONCUR_READ_ONLY);\n\t ResultSet answer_results = answer_statement.executeQuery(query);\n\t answer_results.first();\n\t int employeeId = answer_results.getInt(\"userid\");\n" } } }, "message": { "text": "java.sql.SQLException thrown" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 40 }, "region": { "startLine": 114, "snippet": { "text": "\t\t ResultSet.CONCUR_READ_ONLY);" } }, "contextRegion": { "startLine": 111, "endLine": 117, "snippet": { "text": "\t{\n\t Statement answer_statement = connection.createStatement(\n\t\t ResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t ResultSet.CONCUR_READ_ONLY);\n\t ResultSet answer_results = answer_statement.executeQuery(query);\n\t boolean allowed = answer_results.first();\n\t //boolean allowed = answer_results.next();\n" } } }, "message": { "text": "java.sql.SQLException thrown" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 40 }, "region": { "startLine": 128, "snippet": { "text": " }" } }, "contextRegion": { "startLine": 125, "endLine": 131, "snippet": { "text": "\t{\n\t sqle.printStackTrace();\n\t}\n }\n\n\n /**\n" } } }, "message": { "text": "connection no longer refers to a database connection" } }, "kinds": [ "exit", "scope" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 40 }, "region": { "startLine": 128, "snippet": { "text": " }" } }, "contextRegion": { "startLine": 125, "endLine": 131, "snippet": { "text": "\t{\n\t sqle.printStackTrace();\n\t}\n }\n\n\n /**\n" } } }, "message": { "text": "connection end scope : Database resource leaked" } }, "kinds": [ "exit", "scope" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 40 }, "region": { "startLine": 70 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 17, "message": { "text": "The catch block at [LessonAdapter.java](1) line [133](1) handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program.\r\nThe catch block handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 116 }, "region": { "startLine": 133, "endLine": 138, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\r\n\t System.out.println(e);\r\n\t e.printStackTrace();\r\n\t}" } }, "contextRegion": { "startLine": 130, "endLine": 141, "snippet": { "text": "\t\t throw new Exception(\"Invalid stage\");\n\t }\n\t}\n\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\n\t System.out.println(e);\n\t e.printStackTrace();\n\t}\n\n\treturn (new StringElement(\"\"));\n }\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 116 }, "region": { "startLine": 133, "endLine": 138, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\r\n\t System.out.println(e);\r\n\t e.printStackTrace();\r\n\t}" } }, "contextRegion": { "startLine": 130, "endLine": 141, "snippet": { "text": "\t\t throw new Exception(\"Invalid stage\");\n\t }\n\t}\n\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\n\t System.out.println(e);\n\t e.printStackTrace();\n\t}\n\n\treturn (new StringElement(\"\"));\n }\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 116 }, "region": { "startLine": 133, "startColumn": 2, "endLine": 138 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 102, "level": "error", "message": { "text": "On line [340](1) of [UpdateProfile.java](1), the method createEmployeeProfile() invokes a SQL query built using input coming from an untrusted source. This call could allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands.\r\nConstructing a dynamic SQL statement with input coming from an untrusted source could allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 340, "snippet": { "text": "\t\tstatement.executeUpdate(query);" } }, "contextRegion": { "startLine": 337, "endLine": 343, "snippet": { "text": "\t {\n\t\tStatement statement = WebSession.getConnection(s)\n\t\t\t.createStatement();\n\t\tstatement.executeUpdate(query);\n\t }\n\t catch (SQLException sqle)\n\t {\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 841 }, { "index": 842 }, { "index": 843 }, { "index": 90 }, { "index": 91 }, { "index": 845 }, { "index": 93 }, { "index": 846 }, { "index": 847 }, { "index": 97 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 340, "snippet": { "text": "\t\tstatement.executeUpdate(query);" } }, "contextRegion": { "startLine": 337, "endLine": 343, "snippet": { "text": "\t {\n\t\tStatement statement = WebSession.getConnection(s)\n\t\t\t.createStatement();\n\t\tstatement.executeUpdate(query);\n\t }\n\t catch (SQLException sqle)\n\t {\n" } } }, "message": { "text": "executeUpdate(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 340, "startColumn": 27 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 33, "level": "note", "message": { "text": "Using println() rather than a dedicated logging facility makes it difficult to monitor the behavior of the program.\r\nUsing `System.out` or `System.err` rather than a dedicated logging facility makes it difficult to monitor the behavior of the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 40 }, "region": { "startLine": 291, "snippet": { "text": "\t System.out.println(\"Error dropping user database\");" } }, "contextRegion": { "startLine": 288, "endLine": 294, "snippet": { "text": "\t}\n\tcatch (SQLException e)\n\t{\n\t System.out.println(\"Error dropping user database\");\n\t}\n\n\t// Create the new table\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 40 }, "region": { "startLine": 291, "snippet": { "text": "\t System.out.println(\"Error dropping user database\");" } }, "contextRegion": { "startLine": 288, "endLine": 294, "snippet": { "text": "\t}\n\tcatch (SQLException e)\n\t{\n\t System.out.println(\"Error dropping user database\");\n\t}\n\n\t// Create the new table\n" } } }, "message": { "text": "FunctionCall: println" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 40 }, "region": { "startLine": 291 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 33, "level": "note", "message": { "text": "Using println() rather than a dedicated logging facility makes it difficult to monitor the behavior of the program.\r\nUsing `System.out` or `System.err` rather than a dedicated logging facility makes it difficult to monitor the behavior of the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 40 }, "region": { "startLine": 306, "snippet": { "text": "\t System.out.println(\"Error creating user database\");" } }, "contextRegion": { "startLine": 303, "endLine": 309, "snippet": { "text": "\t}\n\tcatch (SQLException e)\n\t{\n\t System.out.println(\"Error creating user database\");\n\t e.printStackTrace();\n\t}\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 40 }, "region": { "startLine": 306, "snippet": { "text": "\t System.out.println(\"Error creating user database\");" } }, "contextRegion": { "startLine": 303, "endLine": 309, "snippet": { "text": "\t}\n\tcatch (SQLException e)\n\t{\n\t System.out.println(\"Error creating user database\");\n\t e.printStackTrace();\n\t}\n\n" } } }, "message": { "text": "FunctionCall: println" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 40 }, "region": { "startLine": 306 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function createContent() in [BlindSqlInjection.java](1) might reveal system data or debugging information by calling printStackTrace() on line [145](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 70 }, "region": { "startLine": 145, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 142, "endLine": 148, "snippet": { "text": "\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\n\t e.printStackTrace();\n\t}\n\n\treturn (ec);\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 70 }, "region": { "startLine": 145, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 142, "endLine": 148, "snippet": { "text": "\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\n\t e.printStackTrace();\n\t}\n\n\treturn (ec);\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 70 }, "region": { "startLine": 145 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 29, "level": "error", "message": { "text": "The function getResults() in [SoapRequest.java](1) sometimes fails to release a system resource allocated by makeConnection() on line 412.\r\nThe program can potentially fail to release a database connection." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 130 }, "region": { "startLine": 412, "snippet": { "text": "\t Connection connection = DatabaseUtilities.makeConnection();" } }, "contextRegion": { "startLine": 409, "endLine": 415, "snippet": { "text": " {\n\ttry\n\t{\n\t Connection connection = DatabaseUtilities.makeConnection();\n\t if (connection == null)\n\t {\n\t\treturn null;\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 130 }, "region": { "startLine": 412, "snippet": { "text": "\t Connection connection = DatabaseUtilities.makeConnection();" } }, "contextRegion": { "startLine": 409, "endLine": 415, "snippet": { "text": " {\n\ttry\n\t{\n\t Connection connection = DatabaseUtilities.makeConnection();\n\t if (connection == null)\n\t {\n\t\treturn null;\n" } } }, "message": { "text": "connection = makeConnection()" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 130 }, "region": { "startLine": 413, "snippet": { "text": "\t if (connection == null)" } }, "contextRegion": { "startLine": 410, "endLine": 416, "snippet": { "text": "\ttry\n\t{\n\t Connection connection = DatabaseUtilities.makeConnection();\n\t if (connection == null)\n\t {\n\t\treturn null;\n\t }\n" } } }, "message": { "text": "Branch not taken" } }, "kinds": [ "branch", "false" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 130 }, "region": { "startLine": 417, "snippet": { "text": "\t PreparedStatement ps = connection" } }, "contextRegion": { "startLine": 414, "endLine": 420, "snippet": { "text": "\t {\n\t\treturn null;\n\t }\n\t PreparedStatement ps = connection\n\t\t .prepareStatement(\"SELECT * FROM user_data WHERE userid = ?\");\n\t ps.setInt(1, id);\n\t try\n" } } }, "message": { "text": "java.lang.Exception thrown" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 130 }, "region": { "startLine": 417, "snippet": { "text": "\t PreparedStatement ps = connection" } }, "contextRegion": { "startLine": 414, "endLine": 420, "snippet": { "text": "\t {\n\t\treturn null;\n\t }\n\t PreparedStatement ps = connection\n\t\t .prepareStatement(\"SELECT * FROM user_data WHERE userid = ?\");\n\t ps.setInt(1, id);\n\t try\n" } } }, "message": { "text": "connection no longer refers to a database connection" } }, "kinds": [ "exit", "scope" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 130 }, "region": { "startLine": 417, "snippet": { "text": "\t PreparedStatement ps = connection" } }, "contextRegion": { "startLine": 414, "endLine": 420, "snippet": { "text": "\t {\n\t\treturn null;\n\t }\n\t PreparedStatement ps = connection\n\t\t .prepareStatement(\"SELECT * FROM user_data WHERE userid = ?\");\n\t ps.setInt(1, id);\n\t try\n" } } }, "message": { "text": "connection end scope : Database resource leaked : java.lang.Exception thrown" } }, "kinds": [ "exit", "scope" ] } ] } ] }, { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 130 }, "region": { "startLine": 412, "snippet": { "text": "\t Connection connection = DatabaseUtilities.makeConnection();" } }, "contextRegion": { "startLine": 409, "endLine": 415, "snippet": { "text": " {\n\ttry\n\t{\n\t Connection connection = DatabaseUtilities.makeConnection();\n\t if (connection == null)\n\t {\n\t\treturn null;\n" } } }, "message": { "text": "connection = makeConnection()" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 130 }, "region": { "startLine": 413, "snippet": { "text": "\t if (connection == null)" } }, "contextRegion": { "startLine": 410, "endLine": 416, "snippet": { "text": "\ttry\n\t{\n\t Connection connection = DatabaseUtilities.makeConnection();\n\t if (connection == null)\n\t {\n\t\treturn null;\n\t }\n" } } }, "message": { "text": "Branch not taken" } }, "kinds": [ "branch", "false" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 130 }, "region": { "startLine": 419, "snippet": { "text": "\t ps.setInt(1, id);" } }, "contextRegion": { "startLine": 416, "endLine": 422, "snippet": { "text": "\t }\n\t PreparedStatement ps = connection\n\t\t .prepareStatement(\"SELECT * FROM user_data WHERE userid = ?\");\n\t ps.setInt(1, id);\n\t try\n\t {\n\t\tResultSet results = ps.executeQuery();\n" } } }, "message": { "text": "java.lang.Exception thrown" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 130 }, "region": { "startLine": 419, "snippet": { "text": "\t ps.setInt(1, id);" } }, "contextRegion": { "startLine": 416, "endLine": 422, "snippet": { "text": "\t }\n\t PreparedStatement ps = connection\n\t\t .prepareStatement(\"SELECT * FROM user_data WHERE userid = ?\");\n\t ps.setInt(1, id);\n\t try\n\t {\n\t\tResultSet results = ps.executeQuery();\n" } } }, "message": { "text": "connection no longer refers to a database connection" } }, "kinds": [ "exit", "scope" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 130 }, "region": { "startLine": 419, "snippet": { "text": "\t ps.setInt(1, id);" } }, "contextRegion": { "startLine": 416, "endLine": 422, "snippet": { "text": "\t }\n\t PreparedStatement ps = connection\n\t\t .prepareStatement(\"SELECT * FROM user_data WHERE userid = ?\");\n\t ps.setInt(1, id);\n\t try\n\t {\n\t\tResultSet results = ps.executeQuery();\n" } } }, "message": { "text": "connection end scope : Database resource leaked : java.lang.Exception thrown" } }, "kinds": [ "exit", "scope" ] } ] } ] }, { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 130 }, "region": { "startLine": 412, "snippet": { "text": "\t Connection connection = DatabaseUtilities.makeConnection();" } }, "contextRegion": { "startLine": 409, "endLine": 415, "snippet": { "text": " {\n\ttry\n\t{\n\t Connection connection = DatabaseUtilities.makeConnection();\n\t if (connection == null)\n\t {\n\t\treturn null;\n" } } }, "message": { "text": "connection = makeConnection()" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 130 }, "region": { "startLine": 413, "snippet": { "text": "\t if (connection == null)" } }, "contextRegion": { "startLine": 410, "endLine": 416, "snippet": { "text": "\ttry\n\t{\n\t Connection connection = DatabaseUtilities.makeConnection();\n\t if (connection == null)\n\t {\n\t\treturn null;\n\t }\n" } } }, "message": { "text": "Branch not taken" } }, "kinds": [ "branch", "false" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 130 }, "region": { "startLine": 422, "snippet": { "text": "\t\tResultSet results = ps.executeQuery();" } }, "contextRegion": { "startLine": 419, "endLine": 425, "snippet": { "text": "\t ps.setInt(1, id);\n\t try\n\t {\n\t\tResultSet results = ps.executeQuery();\n\t\tif ((results != null) && (results.next() == true))\n\t\t{\n\t\t return results.getString(field);\n" } } }, "message": { "text": "java.sql.SQLException thrown" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 130 }, "region": { "startLine": 430, "snippet": { "text": "\t}" } }, "contextRegion": { "startLine": 427, "endLine": 433, "snippet": { "text": "\t }\n\t catch (SQLException sqle)\n\t {}\n\t}\n\tcatch (Exception e)\n\t{}\n\treturn null;\n" } } }, "message": { "text": "connection no longer refers to a database connection" } }, "kinds": [ "exit", "scope" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 130 }, "region": { "startLine": 430, "snippet": { "text": "\t}" } }, "contextRegion": { "startLine": 427, "endLine": 433, "snippet": { "text": "\t }\n\t catch (SQLException sqle)\n\t {}\n\t}\n\tcatch (Exception e)\n\t{}\n\treturn null;\n" } } }, "message": { "text": "connection end scope : Database resource leaked" } }, "kinds": [ "exit", "scope" ] } ] } ] }, { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 130 }, "region": { "startLine": 412, "snippet": { "text": "\t Connection connection = DatabaseUtilities.makeConnection();" } }, "contextRegion": { "startLine": 409, "endLine": 415, "snippet": { "text": " {\n\ttry\n\t{\n\t Connection connection = DatabaseUtilities.makeConnection();\n\t if (connection == null)\n\t {\n\t\treturn null;\n" } } }, "message": { "text": "connection = makeConnection()" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 130 }, "region": { "startLine": 413, "snippet": { "text": "\t if (connection == null)" } }, "contextRegion": { "startLine": 410, "endLine": 416, "snippet": { "text": "\ttry\n\t{\n\t Connection connection = DatabaseUtilities.makeConnection();\n\t if (connection == null)\n\t {\n\t\treturn null;\n\t }\n" } } }, "message": { "text": "Branch not taken" } }, "kinds": [ "branch", "false" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 130 }, "region": { "startLine": 423, "snippet": { "text": "\t\tif ((results != null) && (results.next() == true))" } }, "contextRegion": { "startLine": 420, "endLine": 426, "snippet": { "text": "\t try\n\t {\n\t\tResultSet results = ps.executeQuery();\n\t\tif ((results != null) && (results.next() == true))\n\t\t{\n\t\t return results.getString(field);\n\t\t}\n" } } }, "message": { "text": "Branch taken" } }, "kinds": [ "branch", "true" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 130 }, "region": { "startLine": 423, "snippet": { "text": "\t\tif ((results != null) && (results.next() == true))" } }, "contextRegion": { "startLine": 420, "endLine": 426, "snippet": { "text": "\t try\n\t {\n\t\tResultSet results = ps.executeQuery();\n\t\tif ((results != null) && (results.next() == true))\n\t\t{\n\t\t return results.getString(field);\n\t\t}\n" } } }, "message": { "text": "Branch taken" } }, "kinds": [ "branch", "true" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 130 }, "region": { "startLine": 425, "snippet": { "text": "\t\t return results.getString(field);" } }, "contextRegion": { "startLine": 422, "endLine": 428, "snippet": { "text": "\t\tResultSet results = ps.executeQuery();\n\t\tif ((results != null) && (results.next() == true))\n\t\t{\n\t\t return results.getString(field);\n\t\t}\n\t }\n\t catch (SQLException sqle)\n" } } }, "message": { "text": "return" } }, "kinds": [ "return", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 130 }, "region": { "startLine": 425, "snippet": { "text": "\t\t return results.getString(field);" } }, "contextRegion": { "startLine": 422, "endLine": 428, "snippet": { "text": "\t\tResultSet results = ps.executeQuery();\n\t\tif ((results != null) && (results.next() == true))\n\t\t{\n\t\t return results.getString(field);\n\t\t}\n\t }\n\t catch (SQLException sqle)\n" } } }, "message": { "text": "connection no longer refers to a database connection" } }, "kinds": [ "exit", "scope" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 130 }, "region": { "startLine": 425, "snippet": { "text": "\t\t return results.getString(field);" } }, "contextRegion": { "startLine": 422, "endLine": 428, "snippet": { "text": "\t\tResultSet results = ps.executeQuery();\n\t\tif ((results != null) && (results.next() == true))\n\t\t{\n\t\t return results.getString(field);\n\t\t}\n\t }\n\t catch (SQLException sqle)\n" } } }, "message": { "text": "connection end scope : Database resource leaked" } }, "kinds": [ "exit", "scope" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 130 }, "region": { "startLine": 412 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function createContent() in [DOMInjection.java](1) might reveal system data or debugging information by calling printStackTrace() on line [92](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 1 }, "region": { "startLine": 92, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 89, "endLine": 95, "snippet": { "text": "\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\n\t e.printStackTrace();\n\t}\n\n\tString lineSep = System.getProperty(\"line.separator\");\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 1 }, "region": { "startLine": 92, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 89, "endLine": 95, "snippet": { "text": "\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\n\t e.printStackTrace();\n\t}\n\n\tString lineSep = System.getProperty(\"line.separator\");\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 1 }, "region": { "startLine": 92 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 49, "level": "note", "message": { "text": "The function handleRequest() in [BlindSqlInjection.java](1) might reveal system data or debugging information by calling println() on line [343](1). The information revealed by println() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 70 }, "region": { "startLine": 343, "snippet": { "text": "\t System.out.println(\"Exception caught: \" + e);" } }, "contextRegion": { "startLine": 340, "endLine": 346, "snippet": { "text": "\t}\n\tcatch (Exception e)\n\t{\n\t System.out.println(\"Exception caught: \" + e);\n\t e.printStackTrace(System.out);\n\t}\n }\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 849 }, { "index": 850 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 70 }, "region": { "startLine": 343, "snippet": { "text": "\t System.out.println(\"Exception caught: \" + e);" } }, "contextRegion": { "startLine": 340, "endLine": 346, "snippet": { "text": "\t}\n\tcatch (Exception e)\n\t{\n\t System.out.println(\"Exception caught: \" + e);\n\t e.printStackTrace(System.out);\n\t}\n }\n" } } }, "message": { "text": "println(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 70 }, "region": { "startLine": 343 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function createContent() in [HttpOnly.java](1) might reveal system data or debugging information by calling printStackTrace() on line [138](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 11 }, "region": { "startLine": 138, "snippet": { "text": "\t\t\te.printStackTrace();" } }, "contextRegion": { "startLine": 135, "endLine": 141, "snippet": { "text": "\t\tcatch ( Exception e )\n\t\t{\n\t\t\ts.setMessage( \"Error generating \" + this.getClass().getName() );\n\t\t\te.printStackTrace();\n\t\t}\n\n\t\treturn ( ec );\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 11 }, "region": { "startLine": 138, "snippet": { "text": "\t\t\te.printStackTrace();" } }, "contextRegion": { "startLine": 135, "endLine": 141, "snippet": { "text": "\t\tcatch ( Exception e )\n\t\t{\n\t\t\ts.setMessage( \"Error generating \" + this.getClass().getName() );\n\t\t\te.printStackTrace();\n\t\t}\n\n\t\treturn ( ec );\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 11 }, "region": { "startLine": 138 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 62, "level": "error", "message": { "text": "The method createContent() in [UncheckedEmail.java](1) sends unvalidated data to a web browser on line [135](1), which can result in the browser executing malicious code.\r\nSending unvalidated data to a web browser can result in the browser executing malicious code." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 91 }, "region": { "startLine": 135, "snippet": { "text": "\t ta.addElement(new StringElement(convertMetachars(message)));" } }, "contextRegion": { "startLine": 132, "endLine": 138, "snippet": { "text": "\t tr = new TR();\n\t String message = s.getParser().getRawParameter(MESSAGE, \"\");\n\t TextArea ta = new TextArea(MESSAGE, 5, 40);\n\t ta.addElement(new StringElement(convertMetachars(message)));\n\t tr.addElement(new TD().setAlign(\"LEFT\").addElement(ta));\n\t tr.addElement(new TD().setAlign(\"LEFT\").setVAlign(\"MIDDLE\")\n\t\t .addElement(ECSFactory.makeButton(\"Send!\")));\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 0 }, { "index": 2 }, { "index": 3 }, { "index": 7 }, { "index": 10 }, { "index": 851 }, { "index": 852 }, { "index": 853 }, { "index": 856 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 91 }, "region": { "startLine": 135, "snippet": { "text": "\t ta.addElement(new StringElement(convertMetachars(message)));" } }, "contextRegion": { "startLine": 132, "endLine": 138, "snippet": { "text": "\t tr = new TR();\n\t String message = s.getParser().getRawParameter(MESSAGE, \"\");\n\t TextArea ta = new TextArea(MESSAGE, 5, 40);\n\t ta.addElement(new StringElement(convertMetachars(message)));\n\t tr.addElement(new TD().setAlign(\"LEFT\").addElement(ta));\n\t tr.addElement(new TD().setAlign(\"LEFT\").setVAlign(\"MIDDLE\")\n\t\t .addElement(ECSFactory.makeButton(\"Send!\")));\n" } } }, "message": { "text": "addElement(0)" } }, "kinds": [ "call", "function" ] } ] } ] }, { "threadFlows": [ { "locations": [ { "index": 0 }, { "index": 2 }, { "index": 3 }, { "index": 7 }, { "index": 10 }, { "index": 851 }, { "index": 852 }, { "index": 853 }, { "index": 856 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 91 }, "region": { "startLine": 135, "snippet": { "text": "\t ta.addElement(new StringElement(convertMetachars(message)));" } }, "contextRegion": { "startLine": 132, "endLine": 138, "snippet": { "text": "\t tr = new TR();\n\t String message = s.getParser().getRawParameter(MESSAGE, \"\");\n\t TextArea ta = new TextArea(MESSAGE, 5, 40);\n\t ta.addElement(new StringElement(convertMetachars(message)));\n\t tr.addElement(new TD().setAlign(\"LEFT\").addElement(ta));\n\t tr.addElement(new TD().setAlign(\"LEFT\").setVAlign(\"MIDDLE\")\n\t\t .addElement(ECSFactory.makeButton(\"Send!\")));\n" } } }, "message": { "text": "addElement(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 91 }, "region": { "startLine": 135, "startColumn": 20 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 53, "message": { "text": "The J2EE standard forbids the direct management of connections." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 17 }, "region": { "startLine": 78, "snippet": { "text": "\treturn (DriverManager.getConnection(connectionString));" } }, "contextRegion": { "startLine": 75, "endLine": 81, "snippet": { "text": " {\n\tClass.forName(driverName);\n\n\treturn (DriverManager.getConnection(connectionString));\n }\n\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 17 }, "region": { "startLine": 78, "snippet": { "text": "\treturn (DriverManager.getConnection(connectionString));" } }, "contextRegion": { "startLine": 75, "endLine": 81, "snippet": { "text": " {\n\tClass.forName(driverName);\n\n\treturn (DriverManager.getConnection(connectionString));\n }\n\n\n" } } }, "message": { "text": "getConnection()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 17 }, "region": { "startLine": 78 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 110, "level": "error", "message": { "text": "The method execOptions() in [Exec.java](1) calls write() with a command built from untrusted data. This call can cause the program to execute malicious commands on behalf of an attacker.\r\nExecuting commands from an untrusted source or in an untrusted environment can cause an application to execute malicious commands on behalf of an attacker." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 74 }, "region": { "startLine": 311, "snippet": { "text": "\t\t processOut.write(input.getBytes());" } }, "contextRegion": { "startLine": 308, "endLine": 314, "snippet": { "text": "\t {\n\t\ttry\n\t\t{\n\t\t processOut.write(input.getBytes());\n\t\t processOut.flush();\n\t\t processOut.close();\n\t\t}\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 839 }, { "index": 840 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 74 }, "region": { "startLine": 311, "snippet": { "text": "\t\t processOut.write(input.getBytes());" } }, "contextRegion": { "startLine": 308, "endLine": 314, "snippet": { "text": "\t {\n\t\ttry\n\t\t{\n\t\t processOut.write(input.getBytes());\n\t\t processOut.flush();\n\t\t processOut.close();\n\t\t}\n" } } }, "message": { "text": "write(this)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 74 }, "region": { "startLine": 311, "startColumn": 7 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 17, "message": { "text": "The catch block at [ParameterParser.java](1) line [521](1) handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program.\r\nThe catch block handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 521, "endLine": 524, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t return def;\r\n\t}" } }, "contextRegion": { "startLine": 518, "endLine": 527, "snippet": { "text": "\t{\n\t return getLongParameter(name);\n\t}\n\tcatch (Exception e)\n\t{\n\t return def;\n\t}\n }\n\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 521, "endLine": 524, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t return def;\r\n\t}" } }, "contextRegion": { "startLine": 518, "endLine": 527, "snippet": { "text": "\t{\n\t return getLongParameter(name);\n\t}\n\tcatch (Exception e)\n\t{\n\t return def;\n\t}\n }\n\n\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 521, "startColumn": 2, "endLine": 524 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 102, "level": "error", "message": { "text": "On line [248](1) of [UpdateProfile.java](1), the method changeEmployeeProfile() invokes a SQL query built using input coming from an untrusted source. This call could allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands.\r\nConstructing a dynamic SQL statement with input coming from an untrusted source could allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 248, "snippet": { "text": "\t\tanswer_statement.executeUpdate(query);" } }, "contextRegion": { "startLine": 245, "endLine": 251, "snippet": { "text": "\t\tStatement answer_statement = WebSession.getConnection(s)\n\t\t\t.createStatement(ResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tanswer_statement.executeUpdate(query);\n\t }\n\t catch (SQLException sqle)\n\t {\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 281 }, { "index": 284 }, { "index": 288 }, { "index": 290 }, { "index": 90 }, { "index": 91 }, { "index": 294 }, { "index": 93 }, { "index": 859 }, { "index": 860 }, { "index": 861 }, { "index": 149 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 248, "snippet": { "text": "\t\tanswer_statement.executeUpdate(query);" } }, "contextRegion": { "startLine": 245, "endLine": 251, "snippet": { "text": "\t\tStatement answer_statement = WebSession.getConnection(s)\n\t\t\t.createStatement(ResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tanswer_statement.executeUpdate(query);\n\t }\n\t catch (SQLException sqle)\n\t {\n" } } }, "message": { "text": "executeUpdate(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 248, "startColumn": 34 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function getEmployeeProfile() in [EditProfile.java](1) might reveal system data or debugging information by calling printStackTrace() on line [131](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 89 }, "region": { "startLine": 131, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 128, "endLine": 134, "snippet": { "text": "\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error getting employee profile\");\n\t e.printStackTrace();\n\t}\n\n\treturn profile;\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 89 }, "region": { "startLine": 131, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 128, "endLine": 134, "snippet": { "text": "\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error getting employee profile\");\n\t e.printStackTrace();\n\t}\n\n\treturn profile;\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 89 }, "region": { "startLine": 131 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 137, "message": { "text": "Non-final public static fields can be changed by external classes." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 33 }, "region": { "startLine": 61, "snippet": { "text": " public static HashMap rewardsMap = new HashMap();" } }, "contextRegion": { "startLine": 58, "endLine": 64, "snippet": { "text": "\n private final static String ACCOUNTID = \"accountID\";\n\n public static HashMap rewardsMap = new HashMap();\n\n private final static IMG MAC_LOGO = new IMG(\"images/logos/macadamian.gif\").setAlt(\n \"Macadamian Technologies\").setBorder(0).setHspace(0).setVspace(0);\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 33 }, "region": { "startLine": 61, "snippet": { "text": " public static HashMap rewardsMap = new HashMap();" } }, "contextRegion": { "startLine": 58, "endLine": 64, "snippet": { "text": "\n private final static String ACCOUNTID = \"accountID\";\n\n public static HashMap rewardsMap = new HashMap();\n\n private final static IMG MAC_LOGO = new IMG(\"images/logos/macadamian.gif\").setAlt(\n \"Macadamian Technologies\").setBorder(0).setHspace(0).setVspace(0);\n" } } }, "message": { "text": "Field: rewardsMap" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 33 }, "region": { "startLine": 61 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 18, "level": "error", "message": { "text": "The method _jspService() in [ViewProfile.jsp](1) sends unvalidated data to a web browser on line [171](1), which can result in the browser executing malicious code.\r\nSending unvalidated data to a web browser can result in the browser executing malicious code." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 16 }, "region": { "startLine": 171, "snippet": { "text": "\t\t\t" } }, "contextRegion": { "startLine": 168, "endLine": 174, "snippet": { "text": "\t\t\tString thisPage = webSession.getCurrentLink();\n\t\t\t//System.out.println(\"Redirecting to \" + thisPage);\n\t\t%>\n\t\t\t\n\t\t<%\n\t\t}\n\t\t%>\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 862 }, { "index": 863 }, { "index": 864 }, { "index": 865 }, { "index": 866 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 16 }, "region": { "startLine": 171, "snippet": { "text": "\t\t\t" } }, "contextRegion": { "startLine": 168, "endLine": 174, "snippet": { "text": "\t\t\tString thisPage = webSession.getCurrentLink();\n\t\t\t//System.out.println(\"Redirecting to \" + thisPage);\n\t\t%>\n\t\t\t\n\t\t<%\n\t\t}\n\t\t%>\n" } } }, "message": { "text": "print(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 16 }, "region": { "startLine": 171 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 33, "level": "note", "message": { "text": "Using println() rather than a dedicated logging facility makes it difficult to monitor the behavior of the program.\r\nUsing `System.out` or `System.err` rather than a dedicated logging facility makes it difficult to monitor the behavior of the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 9 }, "region": { "startLine": 70, "snippet": { "text": "\t System.out.println(\"Internal server error\");" } }, "contextRegion": { "startLine": 67, "endLine": 73, "snippet": { "text": "\t}\n\tcatch (UnauthenticatedException ue1)\n\t{\n\t System.out.println(\"Internal server error\");\n\t ue1.printStackTrace();\n\t}\n\tcatch (UnauthorizedException ue2)\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 9 }, "region": { "startLine": 70, "snippet": { "text": "\t System.out.println(\"Internal server error\");" } }, "contextRegion": { "startLine": 67, "endLine": 73, "snippet": { "text": "\t}\n\tcatch (UnauthenticatedException ue1)\n\t{\n\t System.out.println(\"Internal server error\");\n\t ue1.printStackTrace();\n\t}\n\tcatch (UnauthorizedException ue2)\n" } } }, "message": { "text": "FunctionCall: println" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 9 }, "region": { "startLine": 70 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 33, "level": "note", "message": { "text": "Using println() rather than a dedicated logging facility makes it difficult to monitor the behavior of the program.\r\nUsing `System.out` or `System.err` rather than a dedicated logging facility makes it difficult to monitor the behavior of the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 9 }, "region": { "startLine": 75, "snippet": { "text": "\t System.out.println(\"Internal server error\");" } }, "contextRegion": { "startLine": 72, "endLine": 78, "snippet": { "text": "\t}\n\tcatch (UnauthorizedException ue2)\n\t{\n\t System.out.println(\"Internal server error\");\n\t ue2.printStackTrace();\n\t}\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 9 }, "region": { "startLine": 75, "snippet": { "text": "\t System.out.println(\"Internal server error\");" } }, "contextRegion": { "startLine": 72, "endLine": 78, "snippet": { "text": "\t}\n\tcatch (UnauthorizedException ue2)\n\t{\n\t System.out.println(\"Internal server error\");\n\t ue2.printStackTrace();\n\t}\n\n" } } }, "message": { "text": "FunctionCall: println" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 9 }, "region": { "startLine": 75 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function getEmployeeProfile_BACKUP() in [EditProfile.java](1) might reveal system data or debugging information by calling printStackTrace() on line [183](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 89 }, "region": { "startLine": 183, "snippet": { "text": "\t\tsqle.printStackTrace();" } }, "contextRegion": { "startLine": 180, "endLine": 186, "snippet": { "text": "\t catch (SQLException sqle)\n\t {\n\t\ts.setMessage(\"Error getting employee profile\");\n\t\tsqle.printStackTrace();\n\t }\n\t}\n\tcatch (Exception e)\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 89 }, "region": { "startLine": 183, "snippet": { "text": "\t\tsqle.printStackTrace();" } }, "contextRegion": { "startLine": 180, "endLine": 186, "snippet": { "text": "\t catch (SQLException sqle)\n\t {\n\t\ts.setMessage(\"Error getting employee profile\");\n\t\tsqle.printStackTrace();\n\t }\n\t}\n\tcatch (Exception e)\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 89 }, "region": { "startLine": 183 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 123, "message": { "text": "The method doPost() in [Controller.java](1) commingles trusted and untrusted data in the same data structure, which encourages programmers to mistakenly trust unvalidated data.\r\nCommingling trusted and untrusted data in the same data structure encourages programmers to mistakenly trust unvalidated data." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 61 }, "region": { "startLine": 77, "snippet": { "text": "\trequest.setAttribute(\"client.browser\", clientBrowser);" } }, "contextRegion": { "startLine": 74, "endLine": 80, "snippet": { "text": "\n\t}\n\n\trequest.setAttribute(\"client.browser\", clientBrowser);\n\n\trequest.getRequestDispatcher(\"/view.jsp\").forward(request, response);\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 300 }, { "index": 301 }, { "index": 302 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 61 }, "region": { "startLine": 77, "snippet": { "text": "\trequest.setAttribute(\"client.browser\", clientBrowser);" } }, "contextRegion": { "startLine": 74, "endLine": 80, "snippet": { "text": "\n\t}\n\n\trequest.setAttribute(\"client.browser\", clientBrowser);\n\n\trequest.getRequestDispatcher(\"/view.jsp\").forward(request, response);\n\n" } } }, "message": { "text": "setAttribute(1)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 61 }, "region": { "startLine": 77, "startColumn": 41 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 12, "level": "note", "message": { "text": "On line [147](1) of [DOS_Login.java](1), the method createContent() invokes a SQL query built using input potentially coming from an untrusted source. This call could allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands.\r\nConstructing a dynamic SQL statement with input coming from an untrusted source could allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 45 }, "region": { "startLine": 147, "snippet": { "text": "\t\t\t statement.executeUpdate(deleteData1);" } }, "contextRegion": { "startLine": 144, "endLine": 150, "snippet": { "text": "\t\t\t makeSuccess(s);\n\t\t\t String deleteData1 = \"DELETE from user_login WHERE webgoat_user = '\"\n\t\t\t\t + s.getUserName() + \"'\";\n\t\t\t statement.executeUpdate(deleteData1);\n\t\t\t return (new H1(\"Congratulations! Lesson Completed\"));\n\t\t\t}\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 45 }, "region": { "startLine": 147, "snippet": { "text": "\t\t\t statement.executeUpdate(deleteData1);" } }, "contextRegion": { "startLine": 144, "endLine": 150, "snippet": { "text": "\t\t\t makeSuccess(s);\n\t\t\t String deleteData1 = \"DELETE from user_login WHERE webgoat_user = '\"\n\t\t\t\t + s.getUserName() + \"'\";\n\t\t\t statement.executeUpdate(deleteData1);\n\t\t\t return (new H1(\"Congratulations! Lesson Completed\"));\n\t\t\t}\n\n" } } }, "message": { "text": "executeUpdate()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 45 }, "region": { "startLine": 147 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function handleRequest() in [DeleteProfile.java](1) might reveal system data or debugging information by calling printStackTrace() on line [86](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 73 }, "region": { "startLine": 86, "snippet": { "text": "\t\tue2.printStackTrace();" } }, "contextRegion": { "startLine": 83, "endLine": 89, "snippet": { "text": "\t catch (UnauthorizedException ue2)\n\t {\n\t\tSystem.out.println(\"Internal server error\");\n\t\tue2.printStackTrace();\n\t }\n\t}\n\telse\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 73 }, "region": { "startLine": 86, "snippet": { "text": "\t\tue2.printStackTrace();" } }, "contextRegion": { "startLine": 83, "endLine": 89, "snippet": { "text": "\t catch (UnauthorizedException ue2)\n\t {\n\t\tSystem.out.println(\"Internal server error\");\n\t\tue2.printStackTrace();\n\t }\n\t}\n\telse\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 73 }, "region": { "startLine": 86 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 89, "level": "note", "message": { "text": "The function log() in [HammerHead.java](1) might reveal system data or debugging information by calling log() on line [306](1). The information revealed by log() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 306, "snippet": { "text": "\tlog(output);" } }, "contextRegion": { "startLine": 303, "endLine": 309, "snippet": { "text": " {\n\tString output = new Date() + \" | \" + request.getRemoteHost() + \":\"\n\t\t+ request.getRemoteAddr() + \" | \" + message;\n\tlog(output);\n\tSystem.out.println(output);\n }\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 867 }, { "index": 868 }, { "index": 426 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 306, "snippet": { "text": "\tlog(output);" } }, "contextRegion": { "startLine": 303, "endLine": 309, "snippet": { "text": " {\n\tString output = new Date() + \" | \" + request.getRemoteHost() + \":\"\n\t\t+ request.getRemoteAddr() + \" | \" + message;\n\tlog(output);\n\tSystem.out.println(output);\n }\n\n" } } }, "message": { "text": "log(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 306, "startColumn": 6 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 24, "level": "error", "message": { "text": "The method writeTable() in [DatabaseUtilities.java](1) sends unvalidated data to a web browser on line [154](1), which can result in the browser executing malicious code.\r\nSending unvalidated data to a web browser can result in the browser executing malicious code." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 17 }, "region": { "startLine": 154, "snippet": { "text": "\t\t row.addElement(new TD(results.getString(i).replaceAll(\" \"," } }, "contextRegion": { "startLine": 151, "endLine": 157, "snippet": { "text": "\n\t\tfor (int i = 1; i < (numColumns + 1); i++)\n\t\t{\n\t\t row.addElement(new TD(results.getString(i).replaceAll(\" \",\n\t\t\t \" \")));\n\t\t}\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 869 }, { "index": 870 }, { "index": 871 }, { "index": 65 }, { "index": 66 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 17 }, "region": { "startLine": 154, "snippet": { "text": "\t\t row.addElement(new TD(results.getString(i).replaceAll(\" \"," } }, "contextRegion": { "startLine": 151, "endLine": 157, "snippet": { "text": "\n\t\tfor (int i = 1; i < (numColumns + 1); i++)\n\t\t{\n\t\t row.addElement(new TD(results.getString(i).replaceAll(\" \",\n\t\t\t \" \")));\n\t\t}\n\n" } } }, "message": { "text": "TD(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 17 }, "region": { "startLine": 154 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 105, "message": { "text": "A web application must define default error pages in order to prevent attackers from mining information from the application container's built-in error response." }, "codeFlows": [ { "threadFlows": [ { "locations": [] } ] } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 42, "message": { "text": "The method doPost() in [HammerHead.java](1) commingles trusted and untrusted data in the same data structure, which encourages programmers to mistakenly trust unvalidated data.\r\nCommingling trusted and untrusted data in the same data structure encourages programmers to mistakenly trust unvalidated data." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 184, "snippet": { "text": "\t request.getSession().setAttribute(\"websession\", mySession);" } }, "contextRegion": { "startLine": 181, "endLine": 187, "snippet": { "text": "\t\tclientBrowser = userAgent;\n\t }\n\t request.setAttribute(\"client.browser\", clientBrowser);\n\t request.getSession().setAttribute(\"websession\", mySession);\n\t request.getSession().setAttribute(\"course\", mySession.getCourse());\n\n\t request.getRequestDispatcher(getViewPage(mySession)).forward(\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 129 }, { "index": 130 }, { "index": 131 }, { "index": 132 }, { "index": 133 }, { "index": 134 }, { "index": 135 }, { "index": 157 }, { "index": 158 }, { "index": 159 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 184, "snippet": { "text": "\t request.getSession().setAttribute(\"websession\", mySession);" } }, "contextRegion": { "startLine": 181, "endLine": 187, "snippet": { "text": "\t\tclientBrowser = userAgent;\n\t }\n\t request.setAttribute(\"client.browser\", clientBrowser);\n\t request.getSession().setAttribute(\"websession\", mySession);\n\t request.getSession().setAttribute(\"course\", mySession.getCourse());\n\n\t request.getRequestDispatcher(getViewPage(mySession)).forward(\n" } } }, "message": { "text": "setAttribute(1)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 184 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 62, "level": "error", "message": { "text": "The method makeAccountLine() in [SqlStringInjection.java](1) sends unvalidated data to a web browser on line [235](1), which can result in the browser executing malicious code.\r\nSending unvalidated data to a web browser can result in the browser executing malicious code." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 13 }, "region": { "startLine": 235, "snippet": { "text": "\tInput input = new Input(Input.TEXT, ACCT_NAME, accountName.toString());" } }, "contextRegion": { "startLine": 232, "endLine": 238, "snippet": { "text": "\tec.addElement(new P().addElement(\"Enter your last name: \"));\n\n\taccountName = s.getParser().getRawParameter(ACCT_NAME, \"Your Name\");\n\tInput input = new Input(Input.TEXT, ACCT_NAME, accountName.toString());\n\tec.addElement(input);\n\n\tElement b = ECSFactory.makeButton(\"Go!\");\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 0 }, { "index": 2 }, { "index": 3 }, { "index": 7 }, { "index": 10 }, { "index": 777 }, { "index": 778 }, { "index": 872 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 13 }, "region": { "startLine": 235, "snippet": { "text": "\tInput input = new Input(Input.TEXT, ACCT_NAME, accountName.toString());" } }, "contextRegion": { "startLine": 232, "endLine": 238, "snippet": { "text": "\tec.addElement(new P().addElement(\"Enter your last name: \"));\n\n\taccountName = s.getParser().getRawParameter(ACCT_NAME, \"Your Name\");\n\tInput input = new Input(Input.TEXT, ACCT_NAME, accountName.toString());\n\tec.addElement(input);\n\n\tElement b = ECSFactory.makeButton(\"Go!\");\n" } } }, "message": { "text": "Input(2)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 13 }, "region": { "startLine": 235 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 17, "message": { "text": "The catch block at [BlindSqlInjection.java](1) line [341](1) handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program.\r\nThe catch block handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 70 }, "region": { "startLine": 341, "endLine": 345, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t System.out.println(\"Exception caught: \" + e);\r\n\t e.printStackTrace(System.out);\r\n\t}" } }, "contextRegion": { "startLine": 338, "endLine": 348, "snippet": { "text": "\t\tconnection = DatabaseUtilities.makeConnection(s);\n\t }\n\t}\n\tcatch (Exception e)\n\t{\n\t System.out.println(\"Exception caught: \" + e);\n\t e.printStackTrace(System.out);\n\t}\n }\n}\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 70 }, "region": { "startLine": 341, "endLine": 345, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t System.out.println(\"Exception caught: \" + e);\r\n\t e.printStackTrace(System.out);\r\n\t}" } }, "contextRegion": { "startLine": 338, "endLine": 348, "snippet": { "text": "\t\tconnection = DatabaseUtilities.makeConnection(s);\n\t }\n\t}\n\tcatch (Exception e)\n\t{\n\t System.out.println(\"Exception caught: \" + e);\n\t e.printStackTrace(System.out);\n\t}\n }\n}\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 70 }, "region": { "startLine": 341, "startColumn": 2, "endLine": 345 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 17, "message": { "text": "The catch block at [BlindSqlInjection.java](1) line [142](1) handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program.\r\nThe catch block handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 70 }, "region": { "startLine": 142, "endLine": 146, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\r\n\t e.printStackTrace();\r\n\t}" } }, "contextRegion": { "startLine": 139, "endLine": 149, "snippet": { "text": "\t\t\t.addElement(\"An error occurred, please try again.\"));\n\t }\n\t}\n\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\n\t e.printStackTrace();\n\t}\n\n\treturn (ec);\n }\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 70 }, "region": { "startLine": 142, "endLine": 146, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\r\n\t e.printStackTrace();\r\n\t}" } }, "contextRegion": { "startLine": 139, "endLine": 149, "snippet": { "text": "\t\t\t.addElement(\"An error occurred, please try again.\"));\n\t }\n\t}\n\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\n\t e.printStackTrace();\n\t}\n\n\treturn (ec);\n }\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 70 }, "region": { "startLine": 142, "startColumn": 2, "endLine": 146 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 122, "level": "error", "message": { "text": "The file [redirect.jsp](1) passes unvalidated data to an HTTP redirect function on line [12](1). Allowing unvalidated input to control the URL used in a redirect can aid phishing attacks.\r\nAllowing unvalidated input to control the URL used in a redirect can aid phishing attacks." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 47 }, "region": { "startLine": 12, "snippet": { "text": "\t\t \"&menu=\" + request.getParameter(\"menu\") +" } }, "contextRegion": { "startLine": 9, "endLine": 15, "snippet": { "text": "\n<% response.sendRedirect(\"/WebGoat/attack?\" +\n\t\t \"Screen=\" + request.getParameter(\"Screen\") +\n\t\t \"&menu=\" + request.getParameter(\"menu\") +\n\t\t \"&fromRedirect=yes&language=\" + request.getParameter(\"language\")); \n%>\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 873 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 47 }, "region": { "startLine": 12, "snippet": { "text": "\t\t \"&menu=\" + request.getParameter(\"menu\") +" } }, "contextRegion": { "startLine": 9, "endLine": 15, "snippet": { "text": "\n<% response.sendRedirect(\"/WebGoat/attack?\" +\n\t\t \"Screen=\" + request.getParameter(\"Screen\") +\n\t\t \"&menu=\" + request.getParameter(\"menu\") +\n\t\t \"&fromRedirect=yes&language=\" + request.getParameter(\"language\")); \n%>\n\n" } } }, "message": { "text": "sendRedirect(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 47 }, "region": { "startLine": 12 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 24, "level": "error", "message": { "text": "The method makeStationList() in [SqlNumericInjection.java](1) sends unvalidated data to a web browser on line [264](1), which can result in the browser executing malicious code.\r\nSending unvalidated data to a web browser can result in the browser executing malicious code." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 65 }, "region": { "startLine": 264, "snippet": { "text": "\t select.addElement(new Option(key).addElement((String) stations" } }, "contextRegion": { "startLine": 261, "endLine": 267, "snippet": { "text": "\twhile (it.hasNext())\n\t{\n\t String key = (String) it.next();\n\t select.addElement(new Option(key).addElement((String) stations\n\t\t .get(key)));\n\t}\n\tec.addElement(select);\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 576 }, { "index": 577 }, { "index": 874 }, { "index": 875 }, { "index": 876 }, { "index": 581 }, { "index": 877 }, { "index": 583 }, { "index": 878 }, { "index": 879 }, { "index": 880 }, { "index": 881 }, { "index": 882 }, { "index": 883 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 65 }, "region": { "startLine": 264, "snippet": { "text": "\t select.addElement(new Option(key).addElement((String) stations" } }, "contextRegion": { "startLine": 261, "endLine": 267, "snippet": { "text": "\twhile (it.hasNext())\n\t{\n\t String key = (String) it.next();\n\t select.addElement(new Option(key).addElement((String) stations\n\t\t .get(key)));\n\t}\n\tec.addElement(select);\n" } } }, "message": { "text": "Option(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 65 }, "region": { "startLine": 264, "startColumn": 35 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 4, "message": { "text": "Attackers can control the filesystem path argument to File() at [CommandInjection.java](1) line [172](1), which allows them to access or modify otherwise protected files.\r\nAllowing user input to control paths used in filesystem operations could enable an attacker to access or modify otherwise protected system resources." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 172, "snippet": { "text": "\t\t\t + new File(safeDir, helpFile).getPath() + \"\\\"\");" } }, "contextRegion": { "startLine": 169, "endLine": 175, "snippet": { "text": "\t\t results = exec(s, \"cmd.exe /c dir /b \\\"\"\n\t\t\t + safeDir.getPath() + \"\\\"\");\n\t\t fileData = exec(s, \"cmd.exe /c type \\\"\"\n\t\t\t + new File(safeDir, helpFile).getPath() + \"\\\"\");\n\n\t\t}\n\t\telse\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 0 }, { "index": 2 }, { "index": 3 }, { "index": 7 }, { "index": 10 }, { "index": 696 }, { "index": 697 }, { "index": 884 }, { "index": 885 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 172, "snippet": { "text": "\t\t\t + new File(safeDir, helpFile).getPath() + \"\\\"\");" } }, "contextRegion": { "startLine": 169, "endLine": 175, "snippet": { "text": "\t\t results = exec(s, \"cmd.exe /c dir /b \\\"\"\n\t\t\t + safeDir.getPath() + \"\\\"\");\n\t\t fileData = exec(s, \"cmd.exe /c type \\\"\"\n\t\t\t + new File(safeDir, helpFile).getPath() + \"\\\"\");\n\n\t\t}\n\t\telse\n" } } }, "message": { "text": "File(1)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 172, "startColumn": 28 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 4, "message": { "text": "Attackers can control the filesystem path argument to File() at [CommandInjection.java](1) line [183](1), which allows them to access or modify otherwise protected files.\r\nAllowing user input to control paths used in filesystem operations could enable an attacker to access or modify otherwise protected system resources." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 183, "snippet": { "text": "\t\t\t \"cat \\\"\" + new File(safeDir, helpFile).getPath()" } }, "contextRegion": { "startLine": 180, "endLine": 186, "snippet": { "text": "\t\t String[] cmd2 = {\n\t\t\t \"/bin/sh\",\n\t\t\t \"-c\",\n\t\t\t \"cat \\\"\" + new File(safeDir, helpFile).getPath()\n\t\t\t\t + \"\\\"\" };\n\t\t fileData = exec(s, cmd2);\n\t\t}\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 0 }, { "index": 2 }, { "index": 3 }, { "index": 7 }, { "index": 10 }, { "index": 696 }, { "index": 697 }, { "index": 884 }, { "index": 885 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 183, "snippet": { "text": "\t\t\t \"cat \\\"\" + new File(safeDir, helpFile).getPath()" } }, "contextRegion": { "startLine": 180, "endLine": 186, "snippet": { "text": "\t\t String[] cmd2 = {\n\t\t\t \"/bin/sh\",\n\t\t\t \"-c\",\n\t\t\t \"cat \\\"\" + new File(safeDir, helpFile).getPath()\n\t\t\t\t + \"\\\"\" };\n\t\t fileData = exec(s, cmd2);\n\t\t}\n" } } }, "message": { "text": "File(1)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 183, "startColumn": 37 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function getEmployeeProfile_BACKUP() in [EditProfile.java](1) might reveal system data or debugging information by calling printStackTrace() on line [192](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 138 }, "region": { "startLine": 192, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 189, "endLine": 195, "snippet": { "text": "\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error getting employee profile\");\n\t e.printStackTrace();\n\t}\n\n\treturn profile;\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 138 }, "region": { "startLine": 192, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 189, "endLine": 195, "snippet": { "text": "\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error getting employee profile\");\n\t e.printStackTrace();\n\t}\n\n\treturn profile;\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 138 }, "region": { "startLine": 192 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 33, "level": "note", "message": { "text": "Using println() rather than a dedicated logging facility makes it difficult to monitor the behavior of the program.\r\nUsing `System.out` or `System.err` rather than a dedicated logging facility makes it difficult to monitor the behavior of the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 264, "snippet": { "text": "\tSystem.out.println(\"Executing OS command: \" + command);" } }, "contextRegion": { "startLine": 261, "endLine": 267, "snippet": { "text": " */\n private String exec(WebSession s, String command)\n {\n\tSystem.out.println(\"Executing OS command: \" + command);\n\tExecResults er = Exec.execSimple(command);\n\tif ((command.indexOf(\"&\") != -1 || command.indexOf(\";\") != -1)\n\t\t&& !er.getError())\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 264, "snippet": { "text": "\tSystem.out.println(\"Executing OS command: \" + command);" } }, "contextRegion": { "startLine": 261, "endLine": 267, "snippet": { "text": " */\n private String exec(WebSession s, String command)\n {\n\tSystem.out.println(\"Executing OS command: \" + command);\n\tExecResults er = Exec.execSimple(command);\n\tif ((command.indexOf(\"&\") != -1 || command.indexOf(\";\") != -1)\n\t\t&& !er.getError())\n" } } }, "message": { "text": "FunctionCall: println" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 264 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 126, "level": "error", "message": { "text": "On line [176](1) of [UpdateProfile.java](1), the method changeEmployeeProfile() invokes a SQL query built using input coming from an untrusted source. This call could allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands.\r\nConstructing a dynamic SQL statement with input coming from an untrusted source could allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 101 }, "region": { "startLine": 176, "snippet": { "text": "\t\tResultSet answer_results = answer_statement.executeQuery(query);" } }, "contextRegion": { "startLine": 173, "endLine": 179, "snippet": { "text": "\t\tStatement answer_statement = WebSession.getConnection(s)\n\t\t\t.createStatement(ResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tResultSet answer_results = answer_statement.executeQuery(query);\n\t }\n\t catch (SQLException sqle)\n\t {\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 67 }, { "index": 68 }, { "index": 69 }, { "index": 70 }, { "index": 76 }, { "index": 77 }, { "index": 886 }, { "index": 887 }, { "index": 888 }, { "index": 889 }, { "index": 890 }, { "index": 891 }, { "index": 893 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 101 }, "region": { "startLine": 176, "snippet": { "text": "\t\tResultSet answer_results = answer_statement.executeQuery(query);" } }, "contextRegion": { "startLine": 173, "endLine": 179, "snippet": { "text": "\t\tStatement answer_statement = WebSession.getConnection(s)\n\t\t\t.createStatement(ResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tResultSet answer_results = answer_statement.executeQuery(query);\n\t }\n\t catch (SQLException sqle)\n\t {\n" } } }, "message": { "text": "executeQuery(0)" } }, "kinds": [ "call", "function" ] } ] } ] }, { "threadFlows": [ { "locations": [ { "index": 67 }, { "index": 68 }, { "index": 69 }, { "index": 70 }, { "index": 76 }, { "index": 77 }, { "index": 894 }, { "index": 895 }, { "index": 896 }, { "index": 889 }, { "index": 897 }, { "index": 898 }, { "index": 893 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 101 }, "region": { "startLine": 176, "snippet": { "text": "\t\tResultSet answer_results = answer_statement.executeQuery(query);" } }, "contextRegion": { "startLine": 173, "endLine": 179, "snippet": { "text": "\t\tStatement answer_statement = WebSession.getConnection(s)\n\t\t\t.createStatement(ResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tResultSet answer_results = answer_statement.executeQuery(query);\n\t }\n\t catch (SQLException sqle)\n\t {\n" } } }, "message": { "text": "executeQuery(0)" } }, "kinds": [ "call", "function" ] } ] } ] }, { "threadFlows": [ { "locations": [ { "index": 67 }, { "index": 68 }, { "index": 69 }, { "index": 70 }, { "index": 76 }, { "index": 77 }, { "index": 900 }, { "index": 901 }, { "index": 902 }, { "index": 889 }, { "index": 903 }, { "index": 904 }, { "index": 893 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 101 }, "region": { "startLine": 176, "snippet": { "text": "\t\tResultSet answer_results = answer_statement.executeQuery(query);" } }, "contextRegion": { "startLine": 173, "endLine": 179, "snippet": { "text": "\t\tStatement answer_statement = WebSession.getConnection(s)\n\t\t\t.createStatement(ResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tResultSet answer_results = answer_statement.executeQuery(query);\n\t }\n\t catch (SQLException sqle)\n\t {\n" } } }, "message": { "text": "executeQuery(0)" } }, "kinds": [ "call", "function" ] } ] } ] }, { "threadFlows": [ { "locations": [ { "index": 67 }, { "index": 68 }, { "index": 69 }, { "index": 70 }, { "index": 76 }, { "index": 77 }, { "index": 905 }, { "index": 906 }, { "index": 907 }, { "index": 889 }, { "index": 908 }, { "index": 909 }, { "index": 893 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 101 }, "region": { "startLine": 176, "snippet": { "text": "\t\tResultSet answer_results = answer_statement.executeQuery(query);" } }, "contextRegion": { "startLine": 173, "endLine": 179, "snippet": { "text": "\t\tStatement answer_statement = WebSession.getConnection(s)\n\t\t\t.createStatement(ResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tResultSet answer_results = answer_statement.executeQuery(query);\n\t }\n\t catch (SQLException sqle)\n\t {\n" } } }, "message": { "text": "executeQuery(0)" } }, "kinds": [ "call", "function" ] } ] } ] }, { "threadFlows": [ { "locations": [ { "index": 67 }, { "index": 68 }, { "index": 69 }, { "index": 70 }, { "index": 76 }, { "index": 77 }, { "index": 910 }, { "index": 911 }, { "index": 912 }, { "index": 889 }, { "index": 913 }, { "index": 914 }, { "index": 893 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 101 }, "region": { "startLine": 176, "snippet": { "text": "\t\tResultSet answer_results = answer_statement.executeQuery(query);" } }, "contextRegion": { "startLine": 173, "endLine": 179, "snippet": { "text": "\t\tStatement answer_statement = WebSession.getConnection(s)\n\t\t\t.createStatement(ResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tResultSet answer_results = answer_statement.executeQuery(query);\n\t }\n\t catch (SQLException sqle)\n\t {\n" } } }, "message": { "text": "executeQuery(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 101 }, "region": { "startLine": 176, "startColumn": 60 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 68, "message": { "text": "Without proper access control, the method changeEmployeeProfile() in [UpdateProfile.java](1) can execute a SQL statement on line [248](1) that contains an attacker-controlled primary key, thereby allowing the attacker to access unauthorized records.\r\nWithout proper access control, executing a SQL statement that contains a user-controlled primary key can allow an attacker to view unauthorized records." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 248, "snippet": { "text": "\t\tanswer_statement.executeUpdate(query);" } }, "contextRegion": { "startLine": 245, "endLine": 251, "snippet": { "text": "\t\tStatement answer_statement = WebSession.getConnection(s)\n\t\t\t.createStatement(ResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tanswer_statement.executeUpdate(query);\n\t }\n\t catch (SQLException sqle)\n\t {\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 471 }, { "index": 472 }, { "index": 473 }, { "index": 474 }, { "index": 90 }, { "index": 91 }, { "index": 476 }, { "index": 93 }, { "index": 915 }, { "index": 916 }, { "index": 82 }, { "index": 149 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 248, "snippet": { "text": "\t\tanswer_statement.executeUpdate(query);" } }, "contextRegion": { "startLine": 245, "endLine": 251, "snippet": { "text": "\t\tStatement answer_statement = WebSession.getConnection(s)\n\t\t\t.createStatement(ResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tanswer_statement.executeUpdate(query);\n\t }\n\t catch (SQLException sqle)\n\t {\n" } } }, "message": { "text": "executeUpdate(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 248, "startColumn": 34 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function createContent() in [WeakSessionID.java](1) might reveal system data or debugging information by calling printStackTrace() on line [138](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 128 }, "region": { "startLine": 138, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 135, "endLine": 141, "snippet": { "text": "\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\n\t e.printStackTrace();\n\t}\n\n\treturn (null);\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 128 }, "region": { "startLine": 138, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 135, "endLine": 141, "snippet": { "text": "\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\n\t e.printStackTrace();\n\t}\n\n\treturn (null);\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 128 }, "region": { "startLine": 138 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function createContent() in [SummaryReportCardScreen.java](1) might reveal system data or debugging information by calling printStackTrace() on line [101](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 133 }, "region": { "startLine": 101, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 98, "endLine": 104, "snippet": { "text": "\t}\n\tcatch (Exception e)\n\t{\n\t e.printStackTrace();\n\t}\n\n\tec.addElement(new Center().addElement(makeSummary(s)));\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 133 }, "region": { "startLine": 101, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 98, "endLine": 104, "snippet": { "text": "\t}\n\tcatch (Exception e)\n\t{\n\t e.printStackTrace();\n\t}\n\n\tec.addElement(new Center().addElement(makeSummary(s)));\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 133 }, "region": { "startLine": 101 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 134, "message": { "text": "The method createContent() in [XMLInjection.java](1) should compare strings with the `equals()` method, not `==` or `!=`.\r\nStrings should be compared with the `equals()` method, not `==` or `!=`." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 33 }, "region": { "startLine": 280, "snippet": { "text": "\tif (s.getParser().getRawParameter(\"SUBMIT\", \"\") != \"\")" } }, "contextRegion": { "startLine": 277, "endLine": 283, "snippet": { "text": "\tb.setName(\"SUBMIT\");\n\tec.addElement(b);\n\n\tif (s.getParser().getRawParameter(\"SUBMIT\", \"\") != \"\")\n\t{\n\t if (s.getParser().getRawParameter(\"check1004\", \"\") != \"\")\n\t {\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 33 }, "region": { "startLine": 280, "snippet": { "text": "\tif (s.getParser().getRawParameter(\"SUBMIT\", \"\") != \"\")" } }, "contextRegion": { "startLine": 277, "endLine": 283, "snippet": { "text": "\tb.setName(\"SUBMIT\");\n\tec.addElement(b);\n\n\tif (s.getParser().getRawParameter(\"SUBMIT\", \"\") != \"\")\n\t{\n\t if (s.getParser().getRawParameter(\"check1004\", \"\") != \"\")\n\t {\n" } } }, "message": { "text": "Operation" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 33 }, "region": { "startLine": 280 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 134, "message": { "text": "The method createContent() in [XMLInjection.java](1) should compare strings with the `equals()` method, not `==` or `!=`.\r\nStrings should be compared with the `equals()` method, not `==` or `!=`." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 33 }, "region": { "startLine": 282, "snippet": { "text": "\t if (s.getParser().getRawParameter(\"check1004\", \"\") != \"\")" } }, "contextRegion": { "startLine": 279, "endLine": 285, "snippet": { "text": "\n\tif (s.getParser().getRawParameter(\"SUBMIT\", \"\") != \"\")\n\t{\n\t if (s.getParser().getRawParameter(\"check1004\", \"\") != \"\")\n\t {\n\t\tmakeSuccess(s);\n\t }\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 33 }, "region": { "startLine": 282, "snippet": { "text": "\t if (s.getParser().getRawParameter(\"check1004\", \"\") != \"\")" } }, "contextRegion": { "startLine": 279, "endLine": 285, "snippet": { "text": "\n\tif (s.getParser().getRawParameter(\"SUBMIT\", \"\") != \"\")\n\t{\n\t if (s.getParser().getRawParameter(\"check1004\", \"\") != \"\")\n\t {\n\t\tmakeSuccess(s);\n\t }\n" } } }, "message": { "text": "Operation" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 33 }, "region": { "startLine": 282 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 110, "level": "error", "message": { "text": "The method execOptions() in [Exec.java](1) calls write() with a command built from untrusted data. This call can cause the program to execute malicious commands on behalf of an attacker.\r\nExecuting commands from an untrusted source or in an untrusted environment can cause an application to execute malicious commands on behalf of an attacker." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 74 }, "region": { "startLine": 122, "snippet": { "text": "\t\t processOut.write(input.getBytes());" } }, "contextRegion": { "startLine": 119, "endLine": 125, "snippet": { "text": "\t {\n\t\ttry\n\t\t{\n\t\t processOut.write(input.getBytes());\n\t\t processOut.flush();\n\t\t processOut.close();\n\t\t}\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 837 }, { "index": 838 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 74 }, "region": { "startLine": 122, "snippet": { "text": "\t\t processOut.write(input.getBytes());" } }, "contextRegion": { "startLine": 119, "endLine": 125, "snippet": { "text": "\t {\n\t\ttry\n\t\t{\n\t\t processOut.write(input.getBytes());\n\t\t processOut.flush();\n\t\t processOut.close();\n\t\t}\n" } } }, "message": { "text": "write(this)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 74 }, "region": { "startLine": 122, "startColumn": 7 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 85, "level": "note", "message": { "text": "The method createContent() in [PathBasedAccessControl.java](1) can crash the program by dereferencing a null pointer on line [110](1).\r\nThe program can potentially dereference a null pointer, thereby causing a null pointer exception." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 52 }, "region": { "startLine": 147, "snippet": { "text": "\t if (!illegalCommand)" } }, "contextRegion": { "startLine": 144, "endLine": 150, "snippet": { "text": "\t\ts.setMessage(\" - isFile(): \" + f.isFile());\n\t\ts.setMessage(\" - exists(): \" + f.exists());\n\t }\n\t if (!illegalCommand)\n\t {\n\t\tif (f.isFile() && f.exists())\n\t\t{\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 52 }, "region": { "startLine": 147, "snippet": { "text": "\t if (!illegalCommand)" } }, "contextRegion": { "startLine": 144, "endLine": 150, "snippet": { "text": "\t\ts.setMessage(\" - isFile(): \" + f.isFile());\n\t\ts.setMessage(\" - exists(): \" + f.exists());\n\t }\n\t if (!illegalCommand)\n\t {\n\t\tif (f.isFile() && f.exists())\n\t\t{\n" } } }, "message": { "text": "Branch taken" } }, "kinds": [ "branch", "true" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 52 }, "region": { "startLine": 149, "snippet": { "text": "\t\tif (f.isFile() && f.exists())" } }, "contextRegion": { "startLine": 146, "endLine": 152, "snippet": { "text": "\t }\n\t if (!illegalCommand)\n\t {\n\t\tif (f.isFile() && f.exists())\n\t\t{\n\t\t // Don't set completion if they are listing files in the \n\t\t // directory listing we gave them.\n" } } }, "message": { "text": "Branch not taken" }, "annotations": [ { "startLine": 168, "startColumn": 12, "message": { "text": "Compared with null : file" } } ] }, "kinds": [ "branch", "false" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 52 }, "region": { "startLine": 147, "startColumn": 11 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 21, "level": "error", "message": { "text": "The method handleRequest() in [SilentTransactions.java](1) sends unvalidated data to a web browser on line [94](1), which can result in the browser executing malicious code.\r\nSending unvalidated data to a web browser can result in the browser executing malicious code." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 10 }, "region": { "startLine": 94, "snippet": { "text": "\t\t out.print(result.toString());" } }, "contextRegion": { "startLine": 91, "endLine": 97, "snippet": { "text": "\t\t\t .append(\"Now you can send out a spam email containing this link and whoever clicks on it
\");\n\t\t result\n\t\t\t .append(\" and happens to be logged in the same time will loose their money !!\");\n\t\t out.print(result.toString());\n\t\t out.flush();\n\t\t out.close();\n\t\t getLessonTracker(s).setCompleted(true);\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 0 }, { "index": 2 }, { "index": 3 }, { "index": 7 }, { "index": 10 }, { "index": 828 }, { "index": 829 }, { "index": 830 }, { "index": 831 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 10 }, "region": { "startLine": 94, "snippet": { "text": "\t\t out.print(result.toString());" } }, "contextRegion": { "startLine": 91, "endLine": 97, "snippet": { "text": "\t\t\t .append(\"Now you can send out a spam email containing this link and whoever clicks on it
\");\n\t\t result\n\t\t\t .append(\" and happens to be logged in the same time will loose their money !!\");\n\t\t out.print(result.toString());\n\t\t out.flush();\n\t\t out.close();\n\t\t getLessonTracker(s).setCompleted(true);\n" } } }, "message": { "text": "print(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 10 }, "region": { "startLine": 94 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 134, "message": { "text": "The method createContent() in [XMLInjection.java](1) should compare strings with the `equals()` method, not `==` or `!=`.\r\nStrings should be compared with the `equals()` method, not `==` or `!=`." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 33 }, "region": { "startLine": 292, "snippet": { "text": "\t\t if (s.getParser().getRawParameter(\"check\" + i, \"\") != \"\")" } }, "contextRegion": { "startLine": 289, "endLine": 295, "snippet": { "text": "\t\tfor (int i = 1001; i < 1001 + rewardsMap.size(); i++)\n\t\t{\n\n\t\t if (s.getParser().getRawParameter(\"check\" + i, \"\") != \"\")\n\t\t {\n\t\t\tshipment.append(((Reward) rewardsMap.get(i)).getName()\n\t\t\t\t+ \"
\");\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 33 }, "region": { "startLine": 292, "snippet": { "text": "\t\t if (s.getParser().getRawParameter(\"check\" + i, \"\") != \"\")" } }, "contextRegion": { "startLine": 289, "endLine": 295, "snippet": { "text": "\t\tfor (int i = 1001; i < 1001 + rewardsMap.size(); i++)\n\t\t{\n\n\t\t if (s.getParser().getRawParameter(\"check\" + i, \"\") != \"\")\n\t\t {\n\t\t\tshipment.append(((Reward) rewardsMap.get(i)).getName()\n\t\t\t\t+ \"
\");\n" } } }, "message": { "text": "Operation" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 33 }, "region": { "startLine": 292 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 33, "level": "note", "message": { "text": "Using println() rather than a dedicated logging facility makes it difficult to monitor the behavior of the program.\r\nUsing `System.out` or `System.err` rather than a dedicated logging facility makes it difficult to monitor the behavior of the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 116 }, "region": { "startLine": 136, "snippet": { "text": "\t System.out.println(e);" } }, "contextRegion": { "startLine": 133, "endLine": 139, "snippet": { "text": "\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\n\t System.out.println(e);\n\t e.printStackTrace();\n\t}\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 116 }, "region": { "startLine": 136, "snippet": { "text": "\t System.out.println(e);" } }, "contextRegion": { "startLine": 133, "endLine": 139, "snippet": { "text": "\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\n\t System.out.println(e);\n\t e.printStackTrace();\n\t}\n\n" } } }, "message": { "text": "FunctionCall: println" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 116 }, "region": { "startLine": 136 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 24, "level": "error", "message": { "text": "The method writeTable() in [DatabaseUtilities.java](1) sends unvalidated data to a web browser on line [154](1), which can result in the browser executing malicious code.\r\nSending unvalidated data to a web browser can result in the browser executing malicious code." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 17 }, "region": { "startLine": 154, "snippet": { "text": "\t\t row.addElement(new TD(results.getString(i).replaceAll(\" \"," } }, "contextRegion": { "startLine": 151, "endLine": 157, "snippet": { "text": "\n\t\tfor (int i = 1; i < (numColumns + 1); i++)\n\t\t{\n\t\t row.addElement(new TD(results.getString(i).replaceAll(\" \",\n\t\t\t \" \")));\n\t\t}\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 746 }, { "index": 748 }, { "index": 917 }, { "index": 65 }, { "index": 66 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 17 }, "region": { "startLine": 154, "snippet": { "text": "\t\t row.addElement(new TD(results.getString(i).replaceAll(\" \"," } }, "contextRegion": { "startLine": 151, "endLine": 157, "snippet": { "text": "\n\t\tfor (int i = 1; i < (numColumns + 1); i++)\n\t\t{\n\t\t row.addElement(new TD(results.getString(i).replaceAll(\" \",\n\t\t\t \" \")));\n\t\t}\n\n" } } }, "message": { "text": "TD(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 17 }, "region": { "startLine": 154 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 17, "message": { "text": "The catch block at [WsSqlInjection.java](1) line [246](1) handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program.\r\nThe catch block handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 99 }, "region": { "startLine": 246, "endLine": 247, "snippet": { "text": "\tcatch (Exception e)\r\n\t{}" } }, "contextRegion": { "startLine": 243, "endLine": 250, "snippet": { "text": "\t catch (SQLException sqle)\n\t {}\n\t}\n\tcatch (Exception e)\n\t{}\n\treturn null;\n }\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 99 }, "region": { "startLine": 246, "endLine": 247, "snippet": { "text": "\tcatch (Exception e)\r\n\t{}" } }, "contextRegion": { "startLine": 243, "endLine": 250, "snippet": { "text": "\t catch (SQLException sqle)\n\t {}\n\t}\n\tcatch (Exception e)\n\t{}\n\treturn null;\n }\n\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 99 }, "region": { "startLine": 246, "startColumn": 2, "endLine": 247 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 33, "level": "note", "message": { "text": "Using println() rather than a dedicated logging facility makes it difficult to monitor the behavior of the program.\r\nUsing `System.out` or `System.err` rather than a dedicated logging facility makes it difficult to monitor the behavior of the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 40 }, "region": { "startLine": 714, "snippet": { "text": "\t System.out.println(\"Error: unable to drop ownership\");" } }, "contextRegion": { "startLine": 711, "endLine": 717, "snippet": { "text": "\t}\n\tcatch (SQLException e)\n\t{\n\t System.out.println(\"Error: unable to drop ownership\");\n\t}\n\n\ttry\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 40 }, "region": { "startLine": 714, "snippet": { "text": "\t System.out.println(\"Error: unable to drop ownership\");" } }, "contextRegion": { "startLine": 711, "endLine": 717, "snippet": { "text": "\t}\n\tcatch (SQLException e)\n\t{\n\t System.out.println(\"Error: unable to drop ownership\");\n\t}\n\n\ttry\n" } } }, "message": { "text": "FunctionCall: println" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 40 }, "region": { "startLine": 714 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 33, "level": "note", "message": { "text": "Using println() rather than a dedicated logging facility makes it difficult to monitor the behavior of the program.\r\nUsing `System.out` or `System.err` rather than a dedicated logging facility makes it difficult to monitor the behavior of the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 40 }, "region": { "startLine": 727, "snippet": { "text": "\t System.out.println(\"Error: unable to create ownership table\");" } }, "contextRegion": { "startLine": 724, "endLine": 730, "snippet": { "text": "\t}\n\tcatch (SQLException e)\n\t{\n\t System.out.println(\"Error: unable to create ownership table\");\n\t}\n\n\tString inputData = \"INSERT INTO ownership VALUES (112, 101)\";\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 40 }, "region": { "startLine": 727, "snippet": { "text": "\t System.out.println(\"Error: unable to create ownership table\");" } }, "contextRegion": { "startLine": 724, "endLine": 730, "snippet": { "text": "\t}\n\tcatch (SQLException e)\n\t{\n\t System.out.println(\"Error: unable to create ownership table\");\n\t}\n\n\tString inputData = \"INSERT INTO ownership VALUES (112, 101)\";\n" } } }, "message": { "text": "FunctionCall: println" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 40 }, "region": { "startLine": 727 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 24, "level": "error", "message": { "text": "The method makeCurrent() in [CSRF.java](1) sends unvalidated data to a web browser on line [248](1), which can result in the browser executing malicious code.\r\nSending unvalidated data to a web browser can result in the browser executing malicious code." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 103 }, "region": { "startLine": 248, "snippet": { "text": "\t\t\t\trow1.addElement( new TD( new StringElement( results.getString( TITLE_COL ) ) ) );" } }, "contextRegion": { "startLine": 245, "endLine": 251, "snippet": { "text": "\t\t\t\tec.addElement( new H1( \"Message Contents For: \" + results.getString( TITLE_COL )) );\n\t\t\t\tTable t = new Table( 0 ).setCellSpacing( 0 ).setCellPadding( 0 ).setBorder( 0 );\n\t\t\t\tTR row1 = new TR( new TD( new B(new StringElement( \"Title:\" )) ) );\n\t\t\t\trow1.addElement( new TD( new StringElement( results.getString( TITLE_COL ) ) ) );\n\t\t\t\tt.addElement( row1 );\n\n\t\t\t\tString messageData = results.getString( MESSAGE_COL );\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 918 }, { "index": 919 }, { "index": 920 }, { "index": 921 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 103 }, "region": { "startLine": 248, "snippet": { "text": "\t\t\t\trow1.addElement( new TD( new StringElement( results.getString( TITLE_COL ) ) ) );" } }, "contextRegion": { "startLine": 245, "endLine": 251, "snippet": { "text": "\t\t\t\tec.addElement( new H1( \"Message Contents For: \" + results.getString( TITLE_COL )) );\n\t\t\t\tTable t = new Table( 0 ).setCellSpacing( 0 ).setCellPadding( 0 ).setBorder( 0 );\n\t\t\t\tTR row1 = new TR( new TD( new B(new StringElement( \"Title:\" )) ) );\n\t\t\t\trow1.addElement( new TD( new StringElement( results.getString( TITLE_COL ) ) ) );\n\t\t\t\tt.addElement( row1 );\n\n\t\t\t\tString messageData = results.getString( MESSAGE_COL );\n" } } }, "message": { "text": "TD(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 103 }, "region": { "startLine": 248, "startColumn": 30 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 24, "level": "error", "message": { "text": "The method makeCurrent() in [CSRF.java](1) sends unvalidated data to a web browser on line [253](1), which can result in the browser executing malicious code.\r\nSending unvalidated data to a web browser can result in the browser executing malicious code." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 103 }, "region": { "startLine": 253, "snippet": { "text": "\t\t\t\trow2.addElement( new TD( new StringElement( messageData ) ) );" } }, "contextRegion": { "startLine": 250, "endLine": 256, "snippet": { "text": "\n\t\t\t\tString messageData = results.getString( MESSAGE_COL );\n\t\t\t\tTR row2 = new TR( new TD( new B(new StringElement( \"Message:\" )) ) );\n\t\t\t\trow2.addElement( new TD( new StringElement( messageData ) ) );\n\t\t\t\tt.addElement( row2 );\n\t\t\t\t\t\t\t\t\t\t\t\n\t\t\t\tTR row3 = new TR( new TD( new StringElement( \"Posted By:\" ) ) );\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 918 }, { "index": 919 }, { "index": 922 }, { "index": 923 }, { "index": 924 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 103 }, "region": { "startLine": 253, "snippet": { "text": "\t\t\t\trow2.addElement( new TD( new StringElement( messageData ) ) );" } }, "contextRegion": { "startLine": 250, "endLine": 256, "snippet": { "text": "\n\t\t\t\tString messageData = results.getString( MESSAGE_COL );\n\t\t\t\tTR row2 = new TR( new TD( new B(new StringElement( \"Message:\" )) ) );\n\t\t\t\trow2.addElement( new TD( new StringElement( messageData ) ) );\n\t\t\t\tt.addElement( row2 );\n\t\t\t\t\t\t\t\t\t\t\t\n\t\t\t\tTR row3 = new TR( new TD( new StringElement( \"Posted By:\" ) ) );\n" } } }, "message": { "text": "TD(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 103 }, "region": { "startLine": 253, "startColumn": 30 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 24, "level": "error", "message": { "text": "The method makeCurrent() in [CSRF.java](1) sends unvalidated data to a web browser on line [257](1), which can result in the browser executing malicious code.\r\nSending unvalidated data to a web browser can result in the browser executing malicious code." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 103 }, "region": { "startLine": 257, "snippet": { "text": "\t\t\t\trow3.addElement( new TD( new StringElement( results.getString( USER_COL ) ) ) );" } }, "contextRegion": { "startLine": 254, "endLine": 260, "snippet": { "text": "\t\t\t\tt.addElement( row2 );\n\t\t\t\t\t\t\t\t\t\t\t\n\t\t\t\tTR row3 = new TR( new TD( new StringElement( \"Posted By:\" ) ) );\n\t\t\t\trow3.addElement( new TD( new StringElement( results.getString( USER_COL ) ) ) );\n\t\t\t\tt.addElement( row3 );\n\t\t\t\t\t\t\t\t\n\t\t\t\tec.addElement( t );\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 918 }, { "index": 919 }, { "index": 925 }, { "index": 926 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 103 }, "region": { "startLine": 257, "snippet": { "text": "\t\t\t\trow3.addElement( new TD( new StringElement( results.getString( USER_COL ) ) ) );" } }, "contextRegion": { "startLine": 254, "endLine": 260, "snippet": { "text": "\t\t\t\tt.addElement( row2 );\n\t\t\t\t\t\t\t\t\t\t\t\n\t\t\t\tTR row3 = new TR( new TD( new StringElement( \"Posted By:\" ) ) );\n\t\t\t\trow3.addElement( new TD( new StringElement( results.getString( USER_COL ) ) ) );\n\t\t\t\tt.addElement( row3 );\n\t\t\t\t\t\t\t\t\n\t\t\t\tec.addElement( t );\n" } } }, "message": { "text": "TD(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 103 }, "region": { "startLine": 257, "startColumn": 30 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function doStage1() in [BasicAuthentication.java](1) might reveal system data or debugging information by calling printStackTrace() on line [160](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 56 }, "region": { "startLine": 160, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 157, "endLine": 163, "snippet": { "text": "\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\n\t e.printStackTrace();\n\t}\n\n\treturn (ec);\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 56 }, "region": { "startLine": 160, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 157, "endLine": 163, "snippet": { "text": "\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\n\t e.printStackTrace();\n\t}\n\n\treturn (ec);\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 56 }, "region": { "startLine": 160 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 49, "level": "note", "message": { "text": "The function log() in [HammerHead.java](1) might reveal system data or debugging information by calling println() on line [307](1). The information revealed by println() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 307, "snippet": { "text": "\tSystem.out.println(output);" } }, "contextRegion": { "startLine": 304, "endLine": 310, "snippet": { "text": "\tString output = new Date() + \" | \" + request.getRemoteHost() + \":\"\n\t\t+ request.getRemoteAddr() + \" | \" + message;\n\tlog(output);\n\tSystem.out.println(output);\n }\n\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 867 }, { "index": 868 }, { "index": 426 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 307, "snippet": { "text": "\tSystem.out.println(output);" } }, "contextRegion": { "startLine": 304, "endLine": 310, "snippet": { "text": "\tString output = new Date() + \" | \" + request.getRemoteHost() + \":\"\n\t\t+ request.getRemoteAddr() + \" | \" + message;\n\tlog(output);\n\tSystem.out.println(output);\n }\n\n\n" } } }, "message": { "text": "println(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 307, "startColumn": 21 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 17, "message": { "text": "The catch block at [WSDLScanning.java](1) line [232](1) handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program.\r\nThe catch block handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 83 }, "region": { "startLine": 232, "endLine": 235, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\r\n\t}" } }, "contextRegion": { "startLine": 229, "endLine": 238, "snippet": { "text": "\t t.addElement(results);\n\t ec.addElement(new P().addElement(t));\n\t}\n\tcatch (Exception e)\n\t{\n\n\t}\n\ttry\n\t{\n\t A a = new A(\"services/WSDLScanning?WSDL\", \"WebGoat WSDL File\");\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 83 }, "region": { "startLine": 232, "endLine": 235, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\r\n\t}" } }, "contextRegion": { "startLine": 229, "endLine": 238, "snippet": { "text": "\t t.addElement(results);\n\t ec.addElement(new P().addElement(t));\n\t}\n\tcatch (Exception e)\n\t{\n\n\t}\n\ttry\n\t{\n\t A a = new A(\"services/WSDLScanning?WSDL\", \"WebGoat WSDL File\");\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 83 }, "region": { "startLine": 232, "startColumn": 2, "endLine": 235 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 17, "message": { "text": "The catch block at [WSDLScanning.java](1) line [261](1) handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program.\r\nThe catch block handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 83 }, "region": { "startLine": 261, "endLine": 265, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\r\n\t e.printStackTrace();\r\n\t}" } }, "contextRegion": { "startLine": 258, "endLine": 268, "snippet": { "text": "\n\t // accessWGService(\"WSDLScanning\", \"getCreditCard\", \"acct_num\", new Integer(101));\n\t}\n\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\n\t e.printStackTrace();\n\t}\n\treturn (ec);\n }\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 83 }, "region": { "startLine": 261, "endLine": 265, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\r\n\t e.printStackTrace();\r\n\t}" } }, "contextRegion": { "startLine": 258, "endLine": 268, "snippet": { "text": "\n\t // accessWGService(\"WSDLScanning\", \"getCreditCard\", \"acct_num\", new Integer(101));\n\t}\n\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\n\t e.printStackTrace();\n\t}\n\treturn (ec);\n }\n\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 83 }, "region": { "startLine": 261, "startColumn": 2, "endLine": 265 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 36, "level": "error", "message": { "text": "The method _jspService() in [ListStaff.jsp](1) sends unvalidated data to a web browser on line [8](1), which can result in the browser executing malicious code.\r\nSending unvalidated data to a web browser can result in the browser executing malicious code." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 126 }, "region": { "startLine": 8, "snippet": { "text": "\t
Welcome Back <%=webSession.getUserNameInLesson()%> - Staff Listing Page
" } }, "contextRegion": { "startLine": 5, "endLine": 11, "snippet": { "text": "\tWebSession webSession = ((WebSession)session.getAttribute(\"websession\"));\n\tint myUserId = webSession.getUserIdInLesson();\n%>\n\t
Welcome Back <%=webSession.getUserNameInLesson()%> - Staff Listing Page
\n\t\t
\n\t\t
\n\t\t
\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 507 }, { "index": 508 }, { "index": 509 }, { "index": 510 }, { "index": 511 }, { "index": 512 }, { "index": 516 }, { "index": 517 }, { "index": 518 }, { "index": 927 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 126 }, "region": { "startLine": 8, "snippet": { "text": "\t
Welcome Back <%=webSession.getUserNameInLesson()%> - Staff Listing Page
" } }, "contextRegion": { "startLine": 5, "endLine": 11, "snippet": { "text": "\tWebSession webSession = ((WebSession)session.getAttribute(\"websession\"));\n\tint myUserId = webSession.getUserIdInLesson();\n%>\n\t
Welcome Back <%=webSession.getUserNameInLesson()%> - Staff Listing Page
\n\t\t
\n\t\t
\n\t\t
\n" } } }, "message": { "text": "print(0)" } }, "kinds": [ "call", "function" ] } ] } ] }, { "threadFlows": [ { "locations": [ { "index": 507 }, { "index": 508 }, { "index": 509 }, { "index": 510 }, { "index": 511 }, { "index": 520 }, { "index": 521 }, { "index": 517 }, { "index": 518 }, { "index": 927 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 126 }, "region": { "startLine": 8, "snippet": { "text": "\t
Welcome Back <%=webSession.getUserNameInLesson()%> - Staff Listing Page
" } }, "contextRegion": { "startLine": 5, "endLine": 11, "snippet": { "text": "\tWebSession webSession = ((WebSession)session.getAttribute(\"websession\"));\n\tint myUserId = webSession.getUserIdInLesson();\n%>\n\t
Welcome Back <%=webSession.getUserNameInLesson()%> - Staff Listing Page
\n\t\t
\n\t\t
\n\t\t
\n" } } }, "message": { "text": "print(0)" } }, "kinds": [ "call", "function" ] } ] } ] }, { "threadFlows": [ { "locations": [ { "index": 507 }, { "index": 508 }, { "index": 509 }, { "index": 510 }, { "index": 511 }, { "index": 523 }, { "index": 524 }, { "index": 517 }, { "index": 518 }, { "index": 927 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 126 }, "region": { "startLine": 8, "snippet": { "text": "\t
Welcome Back <%=webSession.getUserNameInLesson()%> - Staff Listing Page
" } }, "contextRegion": { "startLine": 5, "endLine": 11, "snippet": { "text": "\tWebSession webSession = ((WebSession)session.getAttribute(\"websession\"));\n\tint myUserId = webSession.getUserIdInLesson();\n%>\n\t
Welcome Back <%=webSession.getUserNameInLesson()%> - Staff Listing Page
\n\t\t
\n\t\t
\n\t\t
\n" } } }, "message": { "text": "print(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 126 }, "region": { "startLine": 8 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "3.2166665" } }, { "ruleIndex": 78, "message": { "text": "The function createContent() in [TraceXSS.java](1) might reveal system data or debugging information by calling printStackTrace() on line [223](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 62 }, "region": { "startLine": 223, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 220, "endLine": 226, "snippet": { "text": "\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\n\t e.printStackTrace();\n\t}\n\treturn (ec);\n }\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 62 }, "region": { "startLine": 223, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 220, "endLine": 226, "snippet": { "text": "\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\n\t e.printStackTrace();\n\t}\n\treturn (ec);\n }\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 62 }, "region": { "startLine": 223 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 77, "level": "note", "message": { "text": "The method getIntSessionAttribute() in [DefaultLessonAction.java](1) ignores an exception on line [145](1), which could cause the program to overlook unexpected states and conditions.\r\nIgnoring an exception can cause the program to overlook unexpected states and conditions." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 106 }, "region": { "startLine": 145, "endLine": 147, "snippet": { "text": "\t\t\tcatch (NumberFormatException nfe)\r\n\t\t\t{\r\n\t\t\t}" } }, "contextRegion": { "startLine": 142, "endLine": 150, "snippet": { "text": "\t\t\t{\n\t\t\t\tvalue = Integer.parseInt(ss);\n\t\t\t}\n\t\t\tcatch (NumberFormatException nfe)\n\t\t\t{\n\t\t\t}\n\t\t}\n\t\t\n\t\treturn value;\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 106 }, "region": { "startLine": 145, "endLine": 147, "snippet": { "text": "\t\t\tcatch (NumberFormatException nfe)\r\n\t\t\t{\r\n\t\t\t}" } }, "contextRegion": { "startLine": 142, "endLine": 150, "snippet": { "text": "\t\t\t{\n\t\t\t\tvalue = Integer.parseInt(ss);\n\t\t\t}\n\t\t\tcatch (NumberFormatException nfe)\n\t\t\t{\n\t\t\t}\n\t\t}\n\t\t\n\t\treturn value;\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 106 }, "region": { "startLine": 145, "startColumn": 4, "endLine": 147 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 125, "level": "error", "message": { "text": "The method _jspService() in [EditProfile.jsp](1) mishandles confidential information, which can compromise user privacy and is often illegal.\r\nMishandling private information, such as customer passwords or social security numbers, can compromise user privacy and is often illegal." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 42 }, "region": { "startLine": 54, "snippet": { "text": "\t\t\t \t\t\" type=\"text\" value=\"<%=employee.getSsn()%>\"/> " } }, "contextRegion": { "startLine": 51, "endLine": 57, "snippet": { "text": "\t\t\t \t\tSSN: \n\t\t\t \t		\n\t\t\t \t\t\" type=\"text\" value=\"<%=employee.getSsn()%>\"/> \n\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\tSalary: \n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 932 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 42 }, "region": { "startLine": 54, "snippet": { "text": "\t\t\t \t\t\" type=\"text\" value=\"<%=employee.getSsn()%>\"/> " } }, "contextRegion": { "startLine": 51, "endLine": 57, "snippet": { "text": "\t\t\t \t\tSSN: \n\t\t\t \t\n\t\t\t \t\t\" type=\"text\" value=\"<%=employee.getSsn()%>\"/> \n\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\tSalary: \n" } } }, "message": { "text": "print(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 42 }, "region": { "startLine": 54 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 17, "message": { "text": "The catch block at [BasicAuthentication.java](1) line [248](1) handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program.\r\nThe catch block handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 56 }, "region": { "startLine": 248, "endLine": 252, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\r\n\t e.printStackTrace();\r\n\t}" } }, "contextRegion": { "startLine": 245, "endLine": 255, "snippet": { "text": "\t }\n\n\t}\n\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\n\t e.printStackTrace();\n\t}\n\n\treturn (ec);\n }\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 56 }, "region": { "startLine": 248, "endLine": 252, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\r\n\t e.printStackTrace();\r\n\t}" } }, "contextRegion": { "startLine": 245, "endLine": 255, "snippet": { "text": "\t }\n\n\t}\n\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\n\t e.printStackTrace();\n\t}\n\n\treturn (ec);\n }\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 56 }, "region": { "startLine": 248, "startColumn": 2, "endLine": 252 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 17, "message": { "text": "The catch block at [Login.java](1) line [165](1) handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program.\r\nThe catch block handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 88 }, "region": { "startLine": 165, "endLine": 169, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t s.setMessage(\"Error logging in\");\r\n\t e.printStackTrace();\r\n\t}" } }, "contextRegion": { "startLine": 162, "endLine": 172, "snippet": { "text": "\t\tsqle.printStackTrace();\n\t }\n\t}\n\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error logging in\");\n\t e.printStackTrace();\n\t}\n\n\t//System.out.println(\"Lesson login result: \" + authenticated);\n\treturn authenticated;\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 88 }, "region": { "startLine": 165, "endLine": 169, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t s.setMessage(\"Error logging in\");\r\n\t e.printStackTrace();\r\n\t}" } }, "contextRegion": { "startLine": 162, "endLine": 172, "snippet": { "text": "\t\tsqle.printStackTrace();\n\t }\n\t}\n\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error logging in\");\n\t e.printStackTrace();\n\t}\n\n\t//System.out.println(\"Lesson login result: \" + authenticated);\n\treturn authenticated;\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 88 }, "region": { "startLine": 165, "startColumn": 2, "endLine": 169 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 62, "level": "error", "message": { "text": "The method createContent() in [HttpBasics.java](1) sends unvalidated data to a web browser on line [69](1), which can result in the browser executing malicious code.\r\nSending unvalidated data to a web browser can result in the browser executing malicious code." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 21 }, "region": { "startLine": 69, "snippet": { "text": "\t Input input = new Input(Input.TEXT, PERSON, person.toString());" } }, "contextRegion": { "startLine": 66, "endLine": 72, "snippet": { "text": "\t\t \"\"));\n\t person.reverse();\n\n\t Input input = new Input(Input.TEXT, PERSON, person.toString());\n\t ec.addElement(input);\n\n\t Element b = ECSFactory.makeButton(\"Go!\");\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 67 }, { "index": 68 }, { "index": 69 }, { "index": 70 }, { "index": 76 }, { "index": 77 }, { "index": 136 }, { "index": 137 }, { "index": 933 }, { "index": 934 }, { "index": 935 }, { "index": 936 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 21 }, "region": { "startLine": 69, "snippet": { "text": "\t Input input = new Input(Input.TEXT, PERSON, person.toString());" } }, "contextRegion": { "startLine": 66, "endLine": 72, "snippet": { "text": "\t\t \"\"));\n\t person.reverse();\n\n\t Input input = new Input(Input.TEXT, PERSON, person.toString());\n\t ec.addElement(input);\n\n\t Element b = ECSFactory.makeButton(\"Go!\");\n" } } }, "message": { "text": "Input(2)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 21 }, "region": { "startLine": 69 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function createContent() in [DOS_Login.java](1) might reveal system data or debugging information by calling printStackTrace() on line [172](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 45 }, "region": { "startLine": 172, "snippet": { "text": "\t\tsqle.printStackTrace();" } }, "contextRegion": { "startLine": 169, "endLine": 175, "snippet": { "text": "\t catch (SQLException sqle)\n\t {\n\t\tec.addElement(new P().addElement(sqle.getMessage()));\n\t\tsqle.printStackTrace();\n\t }\n\t}\n\tcatch (Exception e)\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 45 }, "region": { "startLine": 172, "snippet": { "text": "\t\tsqle.printStackTrace();" } }, "contextRegion": { "startLine": 169, "endLine": 175, "snippet": { "text": "\t catch (SQLException sqle)\n\t {\n\t\tec.addElement(new P().addElement(sqle.getMessage()));\n\t\tsqle.printStackTrace();\n\t }\n\t}\n\tcatch (Exception e)\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 45 }, "region": { "startLine": 172 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function deleteEmployeeProfile_BACKUP() in [DeleteProfile.java](1) might reveal system data or debugging information by calling printStackTrace() on line [149](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 73 }, "region": { "startLine": 149, "snippet": { "text": "\t\tsqle.printStackTrace();" } }, "contextRegion": { "startLine": 146, "endLine": 152, "snippet": { "text": "\t catch (SQLException sqle)\n\t {\n\t\ts.setMessage(\"Error deleting employee profile\");\n\t\tsqle.printStackTrace();\n\t }\n\t}\n\tcatch (Exception e)\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 73 }, "region": { "startLine": 149, "snippet": { "text": "\t\tsqle.printStackTrace();" } }, "contextRegion": { "startLine": 146, "endLine": 152, "snippet": { "text": "\t catch (SQLException sqle)\n\t {\n\t\ts.setMessage(\"Error deleting employee profile\");\n\t\tsqle.printStackTrace();\n\t }\n\t}\n\tcatch (Exception e)\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 73 }, "region": { "startLine": 149 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 12, "level": "note", "message": { "text": "On line [382](1) of [UpdateProfile.java](1), the method createEmployeeProfile_BACKUP() invokes a SQL query built using input potentially coming from an untrusted source. This call could allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands.\r\nConstructing a dynamic SQL statement with input coming from an untrusted source could allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 382, "snippet": { "text": "\t\tstatement.executeUpdate(query);" } }, "contextRegion": { "startLine": 379, "endLine": 385, "snippet": { "text": "\t {\n\t\tStatement statement = WebSession.getConnection(s)\n\t\t\t.createStatement();\n\t\tstatement.executeUpdate(query);\n\t }\n\t catch (SQLException sqle)\n\t {\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 382, "snippet": { "text": "\t\tstatement.executeUpdate(query);" } }, "contextRegion": { "startLine": 379, "endLine": 385, "snippet": { "text": "\t {\n\t\tStatement statement = WebSession.getConnection(s)\n\t\t\t.createStatement();\n\t\tstatement.executeUpdate(query);\n\t }\n\t catch (SQLException sqle)\n\t {\n" } } }, "message": { "text": "executeUpdate()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 382 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 17, "message": { "text": "The catch block at [SQLInjection.java](1) line [363](1) handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program.\r\nThe catch block handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 57 }, "region": { "startLine": 363, "endLine": 369, "snippet": { "text": "\t catch (Exception e)\r\n\t {\r\n\t\t// All other errors send the user to the generic error page\r\n\t\tSystem.out.println(\"handleRequest() error\");\r\n\t\te.printStackTrace();\r\n\t\tsetCurrentAction(s, ERROR_ACTION);\r\n\t }" } }, "contextRegion": { "startLine": 360, "endLine": 372, "snippet": { "text": "\t\tSystem.out.println(\"Authorization failure\");\n\t\tue2.printStackTrace();\n\t }\n\t catch (Exception e)\n\t {\n\t\t// All other errors send the user to the generic error page\n\t\tSystem.out.println(\"handleRequest() error\");\n\t\te.printStackTrace();\n\t\tsetCurrentAction(s, ERROR_ACTION);\n\t }\n\t}\n\n\t// All this does for this lesson is ensure that a non-null content exists.\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 57 }, "region": { "startLine": 363, "endLine": 369, "snippet": { "text": "\t catch (Exception e)\r\n\t {\r\n\t\t// All other errors send the user to the generic error page\r\n\t\tSystem.out.println(\"handleRequest() error\");\r\n\t\te.printStackTrace();\r\n\t\tsetCurrentAction(s, ERROR_ACTION);\r\n\t }" } }, "contextRegion": { "startLine": 360, "endLine": 372, "snippet": { "text": "\t\tSystem.out.println(\"Authorization failure\");\n\t\tue2.printStackTrace();\n\t }\n\t catch (Exception e)\n\t {\n\t\t// All other errors send the user to the generic error page\n\t\tSystem.out.println(\"handleRequest() error\");\n\t\te.printStackTrace();\n\t\tsetCurrentAction(s, ERROR_ACTION);\n\t }\n\t}\n\n\t// All this does for this lesson is ensure that a non-null content exists.\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 57 }, "region": { "startLine": 363, "startColumn": 6, "endLine": 369 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 89, "level": "note", "message": { "text": "The function doPost() in [HammerHead.java](1) might reveal system data or debugging information by calling log() on line [193](1). The information revealed by log() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 193, "snippet": { "text": "\t log(\"ERROR: \" + t);" } }, "contextRegion": { "startLine": 190, "endLine": 196, "snippet": { "text": "\tcatch (Throwable t)\n\t{\n\t t.printStackTrace();\n\t log(\"ERROR: \" + t);\n\t screen = new ErrorScreen(mySession, t);\n\t}\n\tfinally\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 937 }, { "index": 938 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 193, "snippet": { "text": "\t log(\"ERROR: \" + t);" } }, "contextRegion": { "startLine": 190, "endLine": 196, "snippet": { "text": "\tcatch (Throwable t)\n\t{\n\t t.printStackTrace();\n\t log(\"ERROR: \" + t);\n\t screen = new ErrorScreen(mySession, t);\n\t}\n\tfinally\n" } } }, "message": { "text": "log(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 193 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 33, "level": "note", "message": { "text": "Using println() rather than a dedicated logging facility makes it difficult to monitor the behavior of the program.\r\nUsing `System.out` or `System.err` rather than a dedicated logging facility makes it difficult to monitor the behavior of the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 431, "snippet": { "text": "\t\tSystem.out.println(\"Missing parameter\");" } }, "contextRegion": { "startLine": 428, "endLine": 434, "snippet": { "text": "\t }\n\t catch (ParameterNotFoundException pnfe)\n\t {\n\t\tSystem.out.println(\"Missing parameter\");\n\t\tpnfe.printStackTrace();\n\t\tsetCurrentAction(s, ERROR_ACTION);\n\t }\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 431, "snippet": { "text": "\t\tSystem.out.println(\"Missing parameter\");" } }, "contextRegion": { "startLine": 428, "endLine": 434, "snippet": { "text": "\t }\n\t catch (ParameterNotFoundException pnfe)\n\t {\n\t\tSystem.out.println(\"Missing parameter\");\n\t\tpnfe.printStackTrace();\n\t\tsetCurrentAction(s, ERROR_ACTION);\n\t }\n" } } }, "message": { "text": "FunctionCall: println" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 431 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 33, "level": "note", "message": { "text": "Using println() rather than a dedicated logging facility makes it difficult to monitor the behavior of the program.\r\nUsing `System.out` or `System.err` rather than a dedicated logging facility makes it difficult to monitor the behavior of the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 437, "snippet": { "text": "\t\tSystem.out.println(\"Validation failed\");" } }, "contextRegion": { "startLine": 434, "endLine": 440, "snippet": { "text": "\t }\n\t catch (ValidationException ve)\n\t {\n\t\tSystem.out.println(\"Validation failed\");\n\t\tve.printStackTrace();\n\t\tsetCurrentAction(s, ERROR_ACTION);\n\t }\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 437, "snippet": { "text": "\t\tSystem.out.println(\"Validation failed\");" } }, "contextRegion": { "startLine": 434, "endLine": 440, "snippet": { "text": "\t }\n\t catch (ValidationException ve)\n\t {\n\t\tSystem.out.println(\"Validation failed\");\n\t\tve.printStackTrace();\n\t\tsetCurrentAction(s, ERROR_ACTION);\n\t }\n" } } }, "message": { "text": "FunctionCall: println" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 437 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 33, "level": "note", "message": { "text": "Using println() rather than a dedicated logging facility makes it difficult to monitor the behavior of the program.\r\nUsing `System.out` or `System.err` rather than a dedicated logging facility makes it difficult to monitor the behavior of the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 444, "snippet": { "text": "\t\tSystem.out.println(\"Authentication failure\");" } }, "contextRegion": { "startLine": 441, "endLine": 447, "snippet": { "text": "\t catch (UnauthenticatedException ue)\n\t {\n\t\ts.setMessage(\"Login failed\");\n\t\tSystem.out.println(\"Authentication failure\");\n\t\tue.printStackTrace();\n\t }\n\t catch (UnauthorizedException ue2)\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 444, "snippet": { "text": "\t\tSystem.out.println(\"Authentication failure\");" } }, "contextRegion": { "startLine": 441, "endLine": 447, "snippet": { "text": "\t catch (UnauthenticatedException ue)\n\t {\n\t\ts.setMessage(\"Login failed\");\n\t\tSystem.out.println(\"Authentication failure\");\n\t\tue.printStackTrace();\n\t }\n\t catch (UnauthorizedException ue2)\n" } } }, "message": { "text": "FunctionCall: println" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 444 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 33, "level": "note", "message": { "text": "Using println() rather than a dedicated logging facility makes it difficult to monitor the behavior of the program.\r\nUsing `System.out` or `System.err` rather than a dedicated logging facility makes it difficult to monitor the behavior of the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 450, "snippet": { "text": "\t\tSystem.out.println(\"Authorization failure\");" } }, "contextRegion": { "startLine": 447, "endLine": 453, "snippet": { "text": "\t catch (UnauthorizedException ue2)\n\t {\n\t\ts.setMessage(\"You are not authorized to perform this function\");\n\t\tSystem.out.println(\"Authorization failure\");\n\t\tsetCurrentAction(s, ERROR_ACTION);\n\t\tue2.printStackTrace();\n\t }\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 450, "snippet": { "text": "\t\tSystem.out.println(\"Authorization failure\");" } }, "contextRegion": { "startLine": 447, "endLine": 453, "snippet": { "text": "\t catch (UnauthorizedException ue2)\n\t {\n\t\ts.setMessage(\"You are not authorized to perform this function\");\n\t\tSystem.out.println(\"Authorization failure\");\n\t\tsetCurrentAction(s, ERROR_ACTION);\n\t\tue2.printStackTrace();\n\t }\n" } } }, "message": { "text": "FunctionCall: println" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 450 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 33, "level": "note", "message": { "text": "Using println() rather than a dedicated logging facility makes it difficult to monitor the behavior of the program.\r\nUsing `System.out` or `System.err` rather than a dedicated logging facility makes it difficult to monitor the behavior of the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 457, "snippet": { "text": "\t\tSystem.out.println(\"handleRequest() error\");" } }, "contextRegion": { "startLine": 454, "endLine": 460, "snippet": { "text": "\t catch (Exception e)\n\t {\n\t\t// All other errors send the user to the generic error page\n\t\tSystem.out.println(\"handleRequest() error\");\n\t\te.printStackTrace();\n\t\tsetCurrentAction(s, ERROR_ACTION);\n\t }\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 457, "snippet": { "text": "\t\tSystem.out.println(\"handleRequest() error\");" } }, "contextRegion": { "startLine": 454, "endLine": 460, "snippet": { "text": "\t catch (Exception e)\n\t {\n\t\t// All other errors send the user to the generic error page\n\t\tSystem.out.println(\"handleRequest() error\");\n\t\te.printStackTrace();\n\t\tsetCurrentAction(s, ERROR_ACTION);\n\t }\n" } } }, "message": { "text": "FunctionCall: println" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 457 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function refreshDB() in [RefreshDBScreen.java](1) might reveal system data or debugging information by calling printStackTrace() on line [169](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 36 }, "region": { "startLine": 169, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 166, "endLine": 172, "snippet": { "text": "\t{\n\t s.setMessage(\"Error refreshing database \"\n\t\t + this.getClass().getName());\n\t e.printStackTrace();\n\t}\n }\n}\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 36 }, "region": { "startLine": 169, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 166, "endLine": 172, "snippet": { "text": "\t{\n\t s.setMessage(\"Error refreshing database \"\n\t\t + this.getClass().getName());\n\t e.printStackTrace();\n\t}\n }\n}\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 36 }, "region": { "startLine": 169 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 24, "level": "error", "message": { "text": "The method writeTable() in [DatabaseUtilities.java](1) sends unvalidated data to a web browser on line [154](1), which can result in the browser executing malicious code.\r\nSending unvalidated data to a web browser can result in the browser executing malicious code." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 17 }, "region": { "startLine": 154, "snippet": { "text": "\t\t row.addElement(new TD(results.getString(i).replaceAll(\" \"," } }, "contextRegion": { "startLine": 151, "endLine": 157, "snippet": { "text": "\n\t\tfor (int i = 1; i < (numColumns + 1); i++)\n\t\t{\n\t\t row.addElement(new TD(results.getString(i).replaceAll(\" \",\n\t\t\t \" \")));\n\t\t}\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 939 }, { "index": 940 }, { "index": 941 }, { "index": 942 }, { "index": 943 }, { "index": 944 }, { "index": 65 }, { "index": 66 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 17 }, "region": { "startLine": 154, "snippet": { "text": "\t\t row.addElement(new TD(results.getString(i).replaceAll(\" \"," } }, "contextRegion": { "startLine": 151, "endLine": 157, "snippet": { "text": "\n\t\tfor (int i = 1; i < (numColumns + 1); i++)\n\t\t{\n\t\t row.addElement(new TD(results.getString(i).replaceAll(\" \",\n\t\t\t \" \")));\n\t\t}\n\n" } } }, "message": { "text": "TD(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 17 }, "region": { "startLine": 154 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 17, "message": { "text": "The catch block at [HttpSplitting.java](1) line [235](1) handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program.\r\nThe catch block handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 135 }, "region": { "startLine": 235, "endLine": 238, "snippet": { "text": "\tcatch (Exception ex)\r\n\t{\r\n\t ec.addElement(new P().addElement(ex.getMessage()));\r\n\t}" } }, "contextRegion": { "startLine": 232, "endLine": 241, "snippet": { "text": "\t\t}\n\t }\n\t}\n\tcatch (Exception ex)\n\t{\n\t ec.addElement(new P().addElement(ex.getMessage()));\n\t}\n\treturn ec;\n }\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 135 }, "region": { "startLine": 235, "endLine": 238, "snippet": { "text": "\tcatch (Exception ex)\r\n\t{\r\n\t ec.addElement(new P().addElement(ex.getMessage()));\r\n\t}" } }, "contextRegion": { "startLine": 232, "endLine": 241, "snippet": { "text": "\t\t}\n\t }\n\t}\n\tcatch (Exception ex)\n\t{\n\t ec.addElement(new P().addElement(ex.getMessage()));\n\t}\n\treturn ec;\n }\n\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 135 }, "region": { "startLine": 235, "startColumn": 2, "endLine": 238 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 28, "message": { "text": "The form post at [webgoat.jsp](1) line [74](1) must contain a user-specific secret in order to prevent an attacker from making unauthorized requests.\r\nForm posts must contain a user-specific secret in order to prevent an attacker from making unauthorized requests." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 95 }, "region": { "startLine": 74, "endLine": 76, "snippet": { "text": " \r\n \t\t\t \r\n\t\t\t " } }, "contextRegion": { "startLine": 71, "endLine": 79, "snippet": { "text": "
\n
\t\t\t\n
\n \t\t\t \n\t\t\t
\n\t\t\t
\n
\n
\t\t\t\n
\n \t\t\t \n\t\t\t
\n\t\t\t
\n
\n\t\t\t \t\t<%=employee.getSsn()%>\n\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\tSalary: \n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 13 }, { "index": 14 }, { "index": 497 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 44 }, "region": { "startLine": 54, "snippet": { "text": "\t\t\t \t\t<%=employee.getSsn()%>" } }, "contextRegion": { "startLine": 51, "endLine": 57, "snippet": { "text": "\t\t\t \t\tSSN: \n\t\t\t \t\n\t\t\t \t\t<%=employee.getSsn()%>\n\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\tSalary: \n" } } }, "message": { "text": "print(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 44 }, "region": { "startLine": 54 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 17, "message": { "text": "The catch block at [WsSqlInjection.java](1) line [216](1) handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program.\r\nThe catch block handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 99 }, "region": { "startLine": 216, "endLine": 220, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\r\n\t e.printStackTrace();\r\n\t}" } }, "contextRegion": { "startLine": 213, "endLine": 223, "snippet": { "text": "\t ec.addElement(a);\n\t getLessonTracker(s).setCompleted(completed);\n\t}\n\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\n\t e.printStackTrace();\n\t}\n\treturn (ec);\n }\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 99 }, "region": { "startLine": 216, "endLine": 220, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\r\n\t e.printStackTrace();\r\n\t}" } }, "contextRegion": { "startLine": 213, "endLine": 223, "snippet": { "text": "\t ec.addElement(a);\n\t getLessonTracker(s).setCompleted(completed);\n\t}\n\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\n\t e.printStackTrace();\n\t}\n\treturn (ec);\n }\n\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 99 }, "region": { "startLine": 216, "startColumn": 2, "endLine": 220 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 17, "message": { "text": "The catch block at [DOS_Login.java](1) line [175](1) handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program.\r\nThe catch block handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 45 }, "region": { "startLine": 175, "endLine": 178, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\r\n\t}" } }, "contextRegion": { "startLine": 172, "endLine": 181, "snippet": { "text": "\t\tsqle.printStackTrace();\n\t }\n\t}\n\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\n\t}\n\n\treturn (ec.addElement(makeLogin(s)));\n }\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 45 }, "region": { "startLine": 175, "endLine": 178, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\r\n\t}" } }, "contextRegion": { "startLine": 172, "endLine": 181, "snippet": { "text": "\t\tsqle.printStackTrace();\n\t }\n\t}\n\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\n\t}\n\n\treturn (ec.addElement(makeLogin(s)));\n }\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 45 }, "region": { "startLine": 175, "startColumn": 2, "endLine": 178 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 12, "level": "note", "message": { "text": "On line [146](1) of [ListStaff.java](1), the method getAllEmployees_BACKUP() invokes a SQL query built using input potentially coming from an untrusted source. This call could allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands.\r\nConstructing a dynamic SQL statement with input coming from an untrusted source could allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 104 }, "region": { "startLine": 146, "snippet": { "text": "\t\tResultSet answer_results = answer_statement.executeQuery(query);" } }, "contextRegion": { "startLine": 143, "endLine": 149, "snippet": { "text": "\t\tStatement answer_statement = WebSession.getConnection(s)\n\t\t\t.createStatement(ResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tResultSet answer_results = answer_statement.executeQuery(query);\n\t\tanswer_results.beforeFirst();\n\t\twhile (answer_results.next())\n\t\t{\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 104 }, "region": { "startLine": 146, "snippet": { "text": "\t\tResultSet answer_results = answer_statement.executeQuery(query);" } }, "contextRegion": { "startLine": 143, "endLine": 149, "snippet": { "text": "\t\tStatement answer_statement = WebSession.getConnection(s)\n\t\t\t.createStatement(ResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tResultSet answer_results = answer_statement.executeQuery(query);\n\t\tanswer_results.beforeFirst();\n\t\twhile (answer_results.next())\n\t\t{\n" } } }, "message": { "text": "executeQuery()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 104 }, "region": { "startLine": 146 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 102, "level": "error", "message": { "text": "On line [340](1) of [UpdateProfile.java](1), the method createEmployeeProfile() invokes a SQL query built using input coming from an untrusted source. This call could allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands.\r\nConstructing a dynamic SQL statement with input coming from an untrusted source could allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 340, "snippet": { "text": "\t\tstatement.executeUpdate(query);" } }, "contextRegion": { "startLine": 337, "endLine": 343, "snippet": { "text": "\t {\n\t\tStatement statement = WebSession.getConnection(s)\n\t\t\t.createStatement();\n\t\tstatement.executeUpdate(query);\n\t }\n\t catch (SQLException sqle)\n\t {\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 945 }, { "index": 946 }, { "index": 947 }, { "index": 90 }, { "index": 91 }, { "index": 948 }, { "index": 93 }, { "index": 949 }, { "index": 950 }, { "index": 97 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 340, "snippet": { "text": "\t\tstatement.executeUpdate(query);" } }, "contextRegion": { "startLine": 337, "endLine": 343, "snippet": { "text": "\t {\n\t\tStatement statement = WebSession.getConnection(s)\n\t\t\t.createStatement();\n\t\tstatement.executeUpdate(query);\n\t }\n\t catch (SQLException sqle)\n\t {\n" } } }, "message": { "text": "executeUpdate(0)" } }, "kinds": [ "call", "function" ] } ] } ] }, { "threadFlows": [ { "locations": [ { "index": 945 }, { "index": 946 }, { "index": 947 }, { "index": 90 }, { "index": 91 }, { "index": 948 }, { "index": 93 }, { "index": 949 }, { "index": 951 }, { "index": 952 }, { "index": 97 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 340, "snippet": { "text": "\t\tstatement.executeUpdate(query);" } }, "contextRegion": { "startLine": 337, "endLine": 343, "snippet": { "text": "\t {\n\t\tStatement statement = WebSession.getConnection(s)\n\t\t\t.createStatement();\n\t\tstatement.executeUpdate(query);\n\t }\n\t catch (SQLException sqle)\n\t {\n" } } }, "message": { "text": "executeUpdate(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 340, "startColumn": 27 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function handleRequest() in [SQLInjection.java](1) might reveal system data or debugging information by calling printStackTrace() on line [355](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 57 }, "region": { "startLine": 355, "snippet": { "text": "\t\tue.printStackTrace();" } }, "contextRegion": { "startLine": 352, "endLine": 358, "snippet": { "text": "\t {\n\t\ts.setMessage(\"Login failed\");\n\t\tSystem.out.println(\"Authentication failure\");\n\t\tue.printStackTrace();\n\t }\n\t catch (UnauthorizedException ue2)\n\t {\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 57 }, "region": { "startLine": 355, "snippet": { "text": "\t\tue.printStackTrace();" } }, "contextRegion": { "startLine": 352, "endLine": 358, "snippet": { "text": "\t {\n\t\ts.setMessage(\"Login failed\");\n\t\tSystem.out.println(\"Authentication failure\");\n\t\tue.printStackTrace();\n\t }\n\t catch (UnauthorizedException ue2)\n\t {\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 57 }, "region": { "startLine": 355 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function doPost() in [HammerHead.java](1) might reveal system data or debugging information by calling printStackTrace() on line [192](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 192, "snippet": { "text": "\t t.printStackTrace();" } }, "contextRegion": { "startLine": 189, "endLine": 195, "snippet": { "text": "\t}\n\tcatch (Throwable t)\n\t{\n\t t.printStackTrace();\n\t log(\"ERROR: \" + t);\n\t screen = new ErrorScreen(mySession, t);\n\t}\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 192, "snippet": { "text": "\t t.printStackTrace();" } }, "contextRegion": { "startLine": 189, "endLine": 195, "snippet": { "text": "\t}\n\tcatch (Throwable t)\n\t{\n\t t.printStackTrace();\n\t log(\"ERROR: \" + t);\n\t screen = new ErrorScreen(mySession, t);\n\t}\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 192 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function createContent() in [ThreadSafetyProblem.java](1) might reveal system data or debugging information by calling printStackTrace() on line [128](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 12 }, "region": { "startLine": 128, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 125, "endLine": 131, "snippet": { "text": "\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\n\t e.printStackTrace();\n\t}\n\n\treturn (ec);\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 12 }, "region": { "startLine": 128, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 125, "endLine": 131, "snippet": { "text": "\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\n\t e.printStackTrace();\n\t}\n\n\treturn (ec);\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 12 }, "region": { "startLine": 128 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 12, "level": "note", "message": { "text": "On line [265](1) of [DefaultLessonAction.java](1), the method isAuthorized() invokes a SQL query built using input potentially coming from an untrusted source. This call could allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands.\r\nConstructing a dynamic SQL statement with input coming from an untrusted source could allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 106 }, "region": { "startLine": 265, "snippet": { "text": "\t\t\t\t\tanswer_results = answer_statement.executeQuery( query );" } }, "contextRegion": { "startLine": 262, "endLine": 268, "snippet": { "text": "\t\t\t\t\tquery = \"SELECT * FROM ownership WHERE employer_id = \" + Integer.parseInt(employer_id) +\n\t\t\t\t\t\t\t\" AND employee_id = \" + employeeId;\n\t\t\t\t\tanswer_statement = WebSession.getConnection(s).createStatement( ResultSet.TYPE_SCROLL_INSENSITIVE, ResultSet.CONCUR_READ_ONLY );\n\t\t\t\t\tanswer_results = answer_statement.executeQuery( query );\n\t\t\t\t\tauthorized = answer_results.first();\n\t\t\t\t}\n\t\t\t}\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 106 }, "region": { "startLine": 265, "snippet": { "text": "\t\t\t\t\tanswer_results = answer_statement.executeQuery( query );" } }, "contextRegion": { "startLine": 262, "endLine": 268, "snippet": { "text": "\t\t\t\t\tquery = \"SELECT * FROM ownership WHERE employer_id = \" + Integer.parseInt(employer_id) +\n\t\t\t\t\t\t\t\" AND employee_id = \" + employeeId;\n\t\t\t\t\tanswer_statement = WebSession.getConnection(s).createStatement( ResultSet.TYPE_SCROLL_INSENSITIVE, ResultSet.CONCUR_READ_ONLY );\n\t\t\t\t\tanswer_results = answer_statement.executeQuery( query );\n\t\t\t\t\tauthorized = answer_results.first();\n\t\t\t\t}\n\t\t\t}\n" } } }, "message": { "text": "executeQuery()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 106 }, "region": { "startLine": 265 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 12, "level": "note", "message": { "text": "On line [256](1) of [DefaultLessonAction.java](1), the method isAuthorized() invokes a SQL query built using input potentially coming from an untrusted source. This call could allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands.\r\nConstructing a dynamic SQL statement with input coming from an untrusted source could allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 106 }, "region": { "startLine": 256, "snippet": { "text": "\t\t\t\tResultSet answer_results = answer_statement.executeQuery( query );" } }, "contextRegion": { "startLine": 253, "endLine": 259, "snippet": { "text": "\t\t\ttry\n\t\t\t{\n\t\t\t\tStatement answer_statement = WebSession.getConnection(s).createStatement( ResultSet.TYPE_SCROLL_INSENSITIVE, ResultSet.CONCUR_READ_ONLY );\n\t\t\t\tResultSet answer_results = answer_statement.executeQuery( query );\n\t\t\t\tauthorized = answer_results.first();\n\t\t\t\t\n\t\t\t\t/* User is validated for function, but can the user perform that function on the specified user? */\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 106 }, "region": { "startLine": 256, "snippet": { "text": "\t\t\t\tResultSet answer_results = answer_statement.executeQuery( query );" } }, "contextRegion": { "startLine": 253, "endLine": 259, "snippet": { "text": "\t\t\ttry\n\t\t\t{\n\t\t\t\tStatement answer_statement = WebSession.getConnection(s).createStatement( ResultSet.TYPE_SCROLL_INSENSITIVE, ResultSet.CONCUR_READ_ONLY );\n\t\t\t\tResultSet answer_results = answer_statement.executeQuery( query );\n\t\t\t\tauthorized = answer_results.first();\n\t\t\t\t\n\t\t\t\t/* User is validated for function, but can the user perform that function on the specified user? */\n" } } }, "message": { "text": "executeQuery()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 106 }, "region": { "startLine": 256 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 0, "message": { "text": "Attackers can control the filesystem path argument to FileInputStream() at [LessonTracker.java](1) line [238](1), which allows them to access or modify otherwise protected files.\r\nAllowing user input to control paths used in filesystem operations could enable an attacker to access or modify otherwise protected system resources." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 14 }, "region": { "startLine": 238, "snippet": { "text": "\t\tin = new FileInputStream(fileName);" } }, "contextRegion": { "startLine": 235, "endLine": 241, "snippet": { "text": "\t {\n\t\tProperties tempProps = new Properties();\n\t\t//System.out.println(\"Loading lesson state from: \" + fileName);\n\t\tin = new FileInputStream(fileName);\n\t\ttempProps.load(in);\n\t\t// allow the screen to use any custom properties it may have set\n\t\tLessonTracker tempLessonTracker = screen\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 0 }, { "index": 2 }, { "index": 3 }, { "index": 769 }, { "index": 770 }, { "index": 772 }, { "index": 604 }, { "index": 605 }, { "index": 606 }, { "index": 607 }, { "index": 609 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 14 }, "region": { "startLine": 238, "snippet": { "text": "\t\tin = new FileInputStream(fileName);" } }, "contextRegion": { "startLine": 235, "endLine": 241, "snippet": { "text": "\t {\n\t\tProperties tempProps = new Properties();\n\t\t//System.out.println(\"Loading lesson state from: \" + fileName);\n\t\tin = new FileInputStream(fileName);\n\t\ttempProps.load(in);\n\t\t// allow the screen to use any custom properties it may have set\n\t\tLessonTracker tempLessonTracker = screen\n" } } }, "message": { "text": "FileInputStream(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 14 }, "region": { "startLine": 238, "startColumn": 28 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 108, "level": "error", "message": { "text": "The method getStringParameter() in [ParameterParser.java](1) mishandles confidential information, which can compromise user privacy and is often illegal.\r\nMishandling private information, such as customer passwords or social security numbers, can compromise user privacy and is often illegal." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 699, "snippet": { "text": "\t throw new ParameterNotFoundException(name + \" was empty\");" } }, "contextRegion": { "startLine": 696, "endLine": 702, "snippet": { "text": "\t}\n\telse if (values[0].length() == 0)\n\t{\n\t throw new ParameterNotFoundException(name + \" was empty\");\n\t}\n\telse\n\t{\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 468 }, { "index": 469 }, { "index": 470 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 699, "snippet": { "text": "\t throw new ParameterNotFoundException(name + \" was empty\");" } }, "contextRegion": { "startLine": 696, "endLine": 702, "snippet": { "text": "\t}\n\telse if (values[0].length() == 0)\n\t{\n\t throw new ParameterNotFoundException(name + \" was empty\");\n\t}\n\telse\n\t{\n" } } }, "message": { "text": "ParameterNotFoundException(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 699 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 127, "message": { "text": "The method createContent() in [ThreadSafetyProblem.java](1) calls sleep() on line [95](1). Thread management in a web application is forbidden in some circumstances and is always highly error prone.\r\nThread management in a web application is forbidden in some circumstances and is always highly error prone." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 12 }, "region": { "startLine": 95, "snippet": { "text": "\t\tThread.sleep(1500);" } }, "contextRegion": { "startLine": 92, "endLine": 98, "snippet": { "text": "\n\t if (!\"\".equals(currentUser))\n\t {\n\t\tThread.sleep(1500);\n\n\t\t// Get the users info from the DB\n\t\tString query = \"SELECT * FROM user_system_data WHERE user_name = '\"\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 12 }, "region": { "startLine": 95, "snippet": { "text": "\t\tThread.sleep(1500);" } }, "contextRegion": { "startLine": 92, "endLine": 98, "snippet": { "text": "\n\t if (!\"\".equals(currentUser))\n\t {\n\t\tThread.sleep(1500);\n\n\t\t// Get the users info from the DB\n\t\tString query = \"SELECT * FROM user_system_data WHERE user_name = '\"\n" } } }, "message": { "text": "sleep()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 12 }, "region": { "startLine": 95 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 99, "message": { "text": "Without proper access control, the method findEmployeeProfile() in [FindProfile.java](1) can execute a SQL statement on line [177](1) that contains an attacker-controlled primary key, thereby allowing the attacker to access unauthorized records.\r\nWithout proper access control, executing a SQL statement that contains a user-controlled primary key can allow an attacker to view unauthorized records." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 51 }, "region": { "startLine": 177, "snippet": { "text": "\t\tanswer_statement.setString(2, \"%\" + pattern + \"%\");" } }, "contextRegion": { "startLine": 174, "endLine": 180, "snippet": { "text": "\t\t\t\tResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tanswer_statement.setString(1, \"%\" + pattern + \"%\");\n\t\tanswer_statement.setString(2, \"%\" + pattern + \"%\");\n\t\tResultSet answer_results = answer_statement.executeQuery();\n\n\t\t// Just use the first hit.\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 0 }, { "index": 2 }, { "index": 3 }, { "index": 815 }, { "index": 816 }, { "index": 817 }, { "index": 818 }, { "index": 819 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 51 }, "region": { "startLine": 177, "snippet": { "text": "\t\tanswer_statement.setString(2, \"%\" + pattern + \"%\");" } }, "contextRegion": { "startLine": 174, "endLine": 180, "snippet": { "text": "\t\t\t\tResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tanswer_statement.setString(1, \"%\" + pattern + \"%\");\n\t\tanswer_statement.setString(2, \"%\" + pattern + \"%\");\n\t\tResultSet answer_results = answer_statement.executeQuery();\n\n\t\t// Just use the first hit.\n" } } }, "message": { "text": "setString(1)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 51 }, "region": { "startLine": 177 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 92, "message": { "text": "The XML parser configured in [WsSAXInjection.java](1):[179](1) does not prevent nor limit Document Type Definition (DTD) entity resolution. This can expose the parser to an XML Entity Expansion injection\r\nUsing XML parsers configured to not prevent nor limit Document Type Definition (DTD) entity resolution can expose the parser to an XML Entity Expansion injection\r\n." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 18 }, "region": { "startLine": 179, "snippet": { "text": "\t reader.parse(new InputSource(new StringReader(xml)));" } }, "contextRegion": { "startLine": 176, "endLine": 182, "snippet": { "text": "\t XMLReader reader = XMLReaderFactory.createXMLReader();\n\t PasswordChanger changer = new PasswordChanger();\n\t reader.setContentHandler(changer);\n\t reader.parse(new InputSource(new StringReader(xml)));\n\t if (!\"101\".equals(changer.getId()))\n\t {\n\t\tmakeSuccess(s);\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 0 }, { "index": 2 }, { "index": 3 }, { "index": 7 }, { "index": 10 }, { "index": 187 }, { "index": 188 }, { "index": 189 }, { "index": 190 }, { "index": 191 }, { "index": 192 }, { "index": 193 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 18 }, "region": { "startLine": 179, "snippet": { "text": "\t reader.parse(new InputSource(new StringReader(xml)));" } }, "contextRegion": { "startLine": 176, "endLine": 182, "snippet": { "text": "\t XMLReader reader = XMLReaderFactory.createXMLReader();\n\t PasswordChanger changer = new PasswordChanger();\n\t reader.setContentHandler(changer);\n\t reader.parse(new InputSource(new StringReader(xml)));\n\t if (!\"101\".equals(changer.getId()))\n\t {\n\t\tmakeSuccess(s);\n" } } }, "message": { "text": "parse(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 18 }, "region": { "startLine": 179, "startColumn": 19 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 108, "level": "error", "message": { "text": "The method ParameterNotFoundException() in [ParameterNotFoundException.java](1) mishandles confidential information, which can compromise user privacy and is often illegal.\r\nMishandling private information, such as customer passwords or social security numbers, can compromise user privacy and is often illegal." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 77 }, "region": { "startLine": 54, "snippet": { "text": "\tsuper(s);" } }, "contextRegion": { "startLine": 51, "endLine": 57, "snippet": { "text": " */\n public ParameterNotFoundException(String s)\n {\n\tsuper(s);\n }\n}\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 468 }, { "index": 469 }, { "index": 470 }, { "index": 164 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 77 }, "region": { "startLine": 54, "snippet": { "text": "\tsuper(s);" } }, "contextRegion": { "startLine": 51, "endLine": 57, "snippet": { "text": " */\n public ParameterNotFoundException(String s)\n {\n\tsuper(s);\n }\n}\n" } } }, "message": { "text": "Exception(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 77 }, "region": { "startLine": 54, "startColumn": 8 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 49, "level": "note", "message": { "text": "The function getFileMethod() in [AbstractLesson.java](1) might reveal system data or debugging information by calling println() on line [422](1). The information revealed by println() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 75 }, "region": { "startLine": 422, "snippet": { "text": "\t System.out.println(e);" } }, "contextRegion": { "startLine": 419, "endLine": 425, "snippet": { "text": "\t}\n\tcatch (Exception e)\n\t{\n\t System.out.println(e);\n\t e.printStackTrace();\n\t}\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 953 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 75 }, "region": { "startLine": 422, "snippet": { "text": "\t System.out.println(e);" } }, "contextRegion": { "startLine": 419, "endLine": 425, "snippet": { "text": "\t}\n\tcatch (Exception e)\n\t{\n\t System.out.println(e);\n\t e.printStackTrace();\n\t}\n\n" } } }, "message": { "text": "println(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 75 }, "region": { "startLine": 422, "startColumn": 25 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 28, "message": { "text": "The form post at [SearchStaff.jsp](1) line [15](1) must contain a user-specific secret in order to prevent an attacker from making unauthorized requests.\r\nForm posts must contain a user-specific secret in order to prevent an attacker from making unauthorized requests." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 94 }, "region": { "startLine": 15, "endLine": 21, "snippet": { "text": "\t\t\t
\">\r\n\t\t\t \t\r\n\t\t\t\t
\r\n\t\t\t\t\"/>\r\n\t\t\t
" } }, "contextRegion": { "startLine": 12, "endLine": 24, "snippet": { "text": "\t\t\t<%\n\t\t\t}\n\t\t\t%>\n\t\t\t
\">\n\t\t\t \t\n\t\t\t\t
\n\t\t\t\t\"/>\n\t\t\t
\n\t\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 94 }, "region": { "startLine": 15, "endLine": 21, "snippet": { "text": "\t\t\t
\">\r\n\t\t\t \t\r\n\t\t\t\t
\r\n\t\t\t\t\"/>\r\n\t\t\t
" } }, "contextRegion": { "startLine": 12, "endLine": 24, "snippet": { "text": "\t\t\t<%\n\t\t\t}\n\t\t\t%>\n\t\t\t
\">\n\t\t\t \t\n\t\t\t\t
\n\t\t\t\t\"/>\n\t\t\t
\n\t\n" } } } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 94 }, "region": { "startLine": 15, "startColumn": 4, "endLine": 21 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 28, "message": { "text": "The form post at [SearchStaff.jsp](1) line [15](1) must contain a user-specific secret in order to prevent an attacker from making unauthorized requests.\r\nForm posts must contain a user-specific secret in order to prevent an attacker from making unauthorized requests." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 72 }, "region": { "startLine": 15, "endLine": 21, "snippet": { "text": "\t\t\t\t
\">\r\n\t\t\t \t\r\n\t\t\t\t
\r\n\t\t\t\t\"/>\r\n\t\t\t
" } }, "contextRegion": { "startLine": 12, "endLine": 24, "snippet": { "text": "\t\t\t<%\n\t\t\t}\n\t\t\t%>\n\t\t\t\t
\">\n\t\t\t \t\n\t\t\t\t
\n\t\t\t\t\"/>\n\t\t\t
\n\t\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 72 }, "region": { "startLine": 15, "endLine": 21, "snippet": { "text": "\t\t\t\t
\">\r\n\t\t\t \t\r\n\t\t\t\t
\r\n\t\t\t\t\"/>\r\n\t\t\t
" } }, "contextRegion": { "startLine": 12, "endLine": 24, "snippet": { "text": "\t\t\t<%\n\t\t\t}\n\t\t\t%>\n\t\t\t\t
\">\n\t\t\t \t\n\t\t\t\t
\n\t\t\t\t\"/>\n\t\t\t
\n\t\n" } } } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 72 }, "region": { "startLine": 15, "startColumn": 5, "endLine": 21 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 28, "message": { "text": "The form post at [SearchStaff.jsp](1) line [15](1) must contain a user-specific secret in order to prevent an attacker from making unauthorized requests.\r\nForm posts must contain a user-specific secret in order to prevent an attacker from making unauthorized requests." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 2 }, "region": { "startLine": 15, "endLine": 21, "snippet": { "text": "\t\t\t
\">\r\n\t\t\t \t\r\n\t\t\t\t
\r\n\t\t\t\t\"/>\r\n\t\t\t
" } }, "contextRegion": { "startLine": 12, "endLine": 24, "snippet": { "text": "\t\t\t<%\n\t\t\t}\n\t\t\t%>\n\t\t\t
\">\n\t\t\t \t\n\t\t\t\t
\n\t\t\t\t\"/>\n\t\t\t
\n\t\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 2 }, "region": { "startLine": 15, "endLine": 21, "snippet": { "text": "\t\t\t
\">\r\n\t\t\t \t\r\n\t\t\t\t
\r\n\t\t\t\t\"/>\r\n\t\t\t
" } }, "contextRegion": { "startLine": 12, "endLine": 24, "snippet": { "text": "\t\t\t<%\n\t\t\t}\n\t\t\t%>\n\t\t\t
\">\n\t\t\t \t\n\t\t\t\t
\n\t\t\t\t\"/>\n\t\t\t
\n\t\n" } } } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 2 }, "region": { "startLine": 15, "startColumn": 4, "endLine": 21 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 85, "level": "note", "message": { "text": "The method createContent() in [FailOpenAuthentication.java](1) can crash the program by dereferencing a null pointer on line [86](1).\r\nThe program can potentially dereference a null pointer, thereby causing a null pointer exception." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 48 }, "region": { "startLine": 86, "snippet": { "text": "\t\tif (username.length() > 0" } }, "contextRegion": { "startLine": 83, "endLine": 89, "snippet": { "text": "\t catch (Exception e)\n\t {\n\t\t// The parameter was omitted. set fail open status complete\n\t\tif (username.length() > 0\n\t\t\t&& e.getMessage().indexOf(\"not found\") != -1)\n\t\t{\n\t\t if ((username != null) && (username.length() > 0))\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 48 }, "region": { "startLine": 86, "snippet": { "text": "\t\tif (username.length() > 0" } }, "contextRegion": { "startLine": 83, "endLine": 89, "snippet": { "text": "\t catch (Exception e)\n\t {\n\t\t// The parameter was omitted. set fail open status complete\n\t\tif (username.length() > 0\n\t\t\t&& e.getMessage().indexOf(\"not found\") != -1)\n\t\t{\n\t\t if ((username != null) && (username.length() > 0))\n" } } }, "message": { "text": "Branch taken" } }, "kinds": [ "branch", "true" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 48 }, "region": { "startLine": 87, "snippet": { "text": "\t\t\t&& e.getMessage().indexOf(\"not found\") != -1)" } }, "contextRegion": { "startLine": 84, "endLine": 90, "snippet": { "text": "\t {\n\t\t// The parameter was omitted. set fail open status complete\n\t\tif (username.length() > 0\n\t\t\t&& e.getMessage().indexOf(\"not found\") != -1)\n\t\t{\n\t\t if ((username != null) && (username.length() > 0))\n\t\t {\n" } } }, "message": { "text": "Branch taken" }, "annotations": [ { "startLine": 89, "startColumn": 12, "message": { "text": "Compared with null : username" } } ] }, "kinds": [ "branch", "true" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 48 }, "region": { "startLine": 86 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function handleRequest() in [SqlNumericInjection.java](1) might reveal system data or debugging information by calling printStackTrace() on line [401](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 65 }, "region": { "startLine": 401, "snippet": { "text": "\t e.printStackTrace(System.out);" } }, "contextRegion": { "startLine": 398, "endLine": 404, "snippet": { "text": "\tcatch (Exception e)\n\t{\n\t System.out.println(\"Exception caught: \" + e);\n\t e.printStackTrace(System.out);\n\t}\n }\n}\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 65 }, "region": { "startLine": 401, "snippet": { "text": "\t e.printStackTrace(System.out);" } }, "contextRegion": { "startLine": 398, "endLine": 404, "snippet": { "text": "\tcatch (Exception e)\n\t{\n\t System.out.println(\"Exception caught: \" + e);\n\t e.printStackTrace(System.out);\n\t}\n }\n}\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 65 }, "region": { "startLine": 401 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 102, "level": "error", "message": { "text": "On line [248](1) of [UpdateProfile.java](1), the method changeEmployeeProfile() invokes a SQL query built using input coming from an untrusted source. This call could allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands.\r\nConstructing a dynamic SQL statement with input coming from an untrusted source could allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 248, "snippet": { "text": "\t\tanswer_statement.executeUpdate(query);" } }, "contextRegion": { "startLine": 245, "endLine": 251, "snippet": { "text": "\t\tStatement answer_statement = WebSession.getConnection(s)\n\t\t\t.createStatement(ResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tanswer_statement.executeUpdate(query);\n\t }\n\t catch (SQLException sqle)\n\t {\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 945 }, { "index": 946 }, { "index": 947 }, { "index": 90 }, { "index": 91 }, { "index": 948 }, { "index": 93 }, { "index": 954 }, { "index": 955 }, { "index": 149 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 248, "snippet": { "text": "\t\tanswer_statement.executeUpdate(query);" } }, "contextRegion": { "startLine": 245, "endLine": 251, "snippet": { "text": "\t\tStatement answer_statement = WebSession.getConnection(s)\n\t\t\t.createStatement(ResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tanswer_statement.executeUpdate(query);\n\t }\n\t catch (SQLException sqle)\n\t {\n" } } }, "message": { "text": "executeUpdate(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 248, "startColumn": 34 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 21, "level": "error", "message": { "text": "The method doHTTPSplitting() in [HttpSplitting.java](1) sends unvalidated data to a web browser on line [112](1), which can result in the browser executing malicious code.\r\nSending unvalidated data to a web browser can result in the browser executing malicious code." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 135 }, "region": { "startLine": 112, "snippet": { "text": "\t\t out.print(message);" } }, "contextRegion": { "startLine": 109, "endLine": 115, "snippet": { "text": "\t\t PrintWriter out = new PrintWriter(res.getOutputStream());\n\t\t String message = lang.substring(lang.indexOf(\"\"));\n\n\t\t out.print(message);\n\t\t out.flush();\n\t\t out.close();\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 0 }, { "index": 2 }, { "index": 3 }, { "index": 7 }, { "index": 10 }, { "index": 956 }, { "index": 957 }, { "index": 958 }, { "index": 959 }, { "index": 960 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 135 }, "region": { "startLine": 112, "snippet": { "text": "\t\t out.print(message);" } }, "contextRegion": { "startLine": 109, "endLine": 115, "snippet": { "text": "\t\t PrintWriter out = new PrintWriter(res.getOutputStream());\n\t\t String message = lang.substring(lang.indexOf(\"\"));\n\n\t\t out.print(message);\n\t\t out.flush();\n\t\t out.close();\n\n" } } }, "message": { "text": "print(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 135 }, "region": { "startLine": 112, "startColumn": 17 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function getEmployeeProfile() in [EditProfile.java](1) might reveal system data or debugging information by calling printStackTrace() on line [125](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 89 }, "region": { "startLine": 125, "snippet": { "text": "\t\tsqle.printStackTrace();" } }, "contextRegion": { "startLine": 122, "endLine": 128, "snippet": { "text": "\t catch (SQLException sqle)\n\t {\n\t\ts.setMessage(\"Error getting employee profile\");\n\t\tsqle.printStackTrace();\n\t }\n\t}\n\tcatch (Exception e)\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 89 }, "region": { "startLine": 125, "snippet": { "text": "\t\tsqle.printStackTrace();" } }, "contextRegion": { "startLine": 122, "endLine": 128, "snippet": { "text": "\t catch (SQLException sqle)\n\t {\n\t\ts.setMessage(\"Error getting employee profile\");\n\t\tsqle.printStackTrace();\n\t }\n\t}\n\tcatch (Exception e)\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 89 }, "region": { "startLine": 125 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 33, "level": "note", "message": { "text": "Using println() rather than a dedicated logging facility makes it difficult to monitor the behavior of the program.\r\nUsing `System.out` or `System.err` rather than a dedicated logging facility makes it difficult to monitor the behavior of the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 46 }, "region": { "startLine": 801, "snippet": { "text": "\t\tSystem.out.println(\"Opening new lesson session for lesson \" + lesson);" } }, "contextRegion": { "startLine": 798, "endLine": 804, "snippet": { "text": "\n\tpublic void openLessonSession(AbstractLesson lesson)\n\t{\n\t\tSystem.out.println(\"Opening new lesson session for lesson \" + lesson);\n\t\tLessonSession lessonSession = new LessonSession();\n\t\tlessonSessions.put(lesson, lessonSession);\n\t}\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 46 }, "region": { "startLine": 801, "snippet": { "text": "\t\tSystem.out.println(\"Opening new lesson session for lesson \" + lesson);" } }, "contextRegion": { "startLine": 798, "endLine": 804, "snippet": { "text": "\n\tpublic void openLessonSession(AbstractLesson lesson)\n\t{\n\t\tSystem.out.println(\"Opening new lesson session for lesson \" + lesson);\n\t\tLessonSession lessonSession = new LessonSession();\n\t\tlessonSessions.put(lesson, lessonSession);\n\t}\n" } } }, "message": { "text": "FunctionCall: println" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 46 }, "region": { "startLine": 801 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 131, "level": "note", "message": { "text": "The `equals()` method is called on an object that does not implement `equals()`." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 129 }, "region": { "startLine": 244, "snippet": { "text": "\t\t if (COLORS.get(USERNAME_RESPONSE).equals(color))" } }, "contextRegion": { "startLine": 241, "endLine": 247, "snippet": { "text": "\t\t{\n\t\t color = s.getParser().getStringParameter(COLOR, \"\");\n\t\n\t\t if (COLORS.get(USERNAME_RESPONSE).equals(color))\n\t\t {\n\t\t\t\tSTAGE = 1;\n\t\t\t\tCOLOR_RESPONSE = color;\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 129 }, "region": { "startLine": 244, "snippet": { "text": "\t\t if (COLORS.get(USERNAME_RESPONSE).equals(color))" } }, "contextRegion": { "startLine": 241, "endLine": 247, "snippet": { "text": "\t\t{\n\t\t color = s.getParser().getStringParameter(COLOR, \"\");\n\t\n\t\t if (COLORS.get(USERNAME_RESPONSE).equals(color))\n\t\t {\n\t\t\t\tSTAGE = 1;\n\t\t\t\tCOLOR_RESPONSE = color;\n" } } }, "message": { "text": "FunctionCall: equals" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 129 }, "region": { "startLine": 244 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 126, "level": "error", "message": { "text": "On line [114](1) of [DOS_Login.java](1), the method createContent() invokes a SQL query built using input coming from an untrusted source. This call could allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands.\r\nConstructing a dynamic SQL statement with input coming from an untrusted source could allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 45 }, "region": { "startLine": 114, "snippet": { "text": "\t\tResultSet results = statement.executeQuery(query);" } }, "contextRegion": { "startLine": 111, "endLine": 117, "snippet": { "text": "\t\tStatement statement = connection.createStatement(\n\t\t\tResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tResultSet results = statement.executeQuery(query);\n\t\tif ((results != null) && (results.first() == true))\n\t\t{\n\t\t ResultSetMetaData resultsMetaData = results.getMetaData();\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 0 }, { "index": 2 }, { "index": 3 }, { "index": 556 }, { "index": 557 }, { "index": 961 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 45 }, "region": { "startLine": 114, "snippet": { "text": "\t\tResultSet results = statement.executeQuery(query);" } }, "contextRegion": { "startLine": 111, "endLine": 117, "snippet": { "text": "\t\tStatement statement = connection.createStatement(\n\t\t\tResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tResultSet results = statement.executeQuery(query);\n\t\tif ((results != null) && (results.first() == true))\n\t\t{\n\t\t ResultSetMetaData resultsMetaData = results.getMetaData();\n" } } }, "message": { "text": "executeQuery(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 45 }, "region": { "startLine": 114, "startColumn": 46 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 62, "level": "error", "message": { "text": "The method createContent() in [ReflectedXSS.java](1) sends unvalidated data to a web browser on line [136](1), which can result in the browser executing malicious code.\r\nSending unvalidated data to a web browser can result in the browser executing malicious code." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 137 }, "region": { "startLine": 136, "snippet": { "text": "\t\t\t .getStringParameter(\"QTY2\", \"1\")))" } }, "contextRegion": { "startLine": 133, "endLine": 139, "snippet": { "text": "\t tr.addElement(new TD().addElement(\"27.99\").setAlign(\"right\"));\n\t tr.addElement(new TD().addElement(\n\t\t new Input(Input.TEXT, \"QTY2\", s.getParser()\n\t\t\t .getStringParameter(\"QTY2\", \"1\")))\n\t\t .setAlign(\"right\"));\n\t quantity = s.getParser().getFloatParameter(\"QTY2\", 1.0f);\n\t total = quantity * 27.99f;\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 67 }, { "index": 68 }, { "index": 69 }, { "index": 70 }, { "index": 76 }, { "index": 77 }, { "index": 136 }, { "index": 137 }, { "index": 962 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 137 }, "region": { "startLine": 136, "snippet": { "text": "\t\t\t .getStringParameter(\"QTY2\", \"1\")))" } }, "contextRegion": { "startLine": 133, "endLine": 139, "snippet": { "text": "\t tr.addElement(new TD().addElement(\"27.99\").setAlign(\"right\"));\n\t tr.addElement(new TD().addElement(\n\t\t new Input(Input.TEXT, \"QTY2\", s.getParser()\n\t\t\t .getStringParameter(\"QTY2\", \"1\")))\n\t\t .setAlign(\"right\"));\n\t quantity = s.getParser().getFloatParameter(\"QTY2\", 1.0f);\n\t total = quantity * 27.99f;\n" } } }, "message": { "text": "Input(2)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 137 }, "region": { "startLine": 136 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 17, "message": { "text": "The catch block at [ParameterParser.java](1) line [179](1) handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program.\r\nThe catch block handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 179, "endLine": 182, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t return def;\r\n\t}" } }, "contextRegion": { "startLine": 176, "endLine": 185, "snippet": { "text": "\t{\n\t return getByteParameter(name);\n\t}\n\tcatch (Exception e)\n\t{\n\t return def;\n\t}\n }\n\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 179, "endLine": 182, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t return def;\r\n\t}" } }, "contextRegion": { "startLine": 176, "endLine": 185, "snippet": { "text": "\t{\n\t return getByteParameter(name);\n\t}\n\tcatch (Exception e)\n\t{\n\t return def;\n\t}\n }\n\n\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 179, "startColumn": 2, "endLine": 182 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 17, "message": { "text": "The catch block at [ParameterParser.java](1) line [672](1) handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program.\r\nThe catch block handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 672, "endLine": 675, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t return def;\r\n\t}" } }, "contextRegion": { "startLine": 669, "endLine": 678, "snippet": { "text": "\t{\n\t return getShortParameter(name);\n\t}\n\tcatch (Exception e)\n\t{\n\t return def;\n\t}\n }\n\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 672, "endLine": 675, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t return def;\r\n\t}" } }, "contextRegion": { "startLine": 669, "endLine": 678, "snippet": { "text": "\t{\n\t return getShortParameter(name);\n\t}\n\tcatch (Exception e)\n\t{\n\t return def;\n\t}\n }\n\n\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 672, "startColumn": 2, "endLine": 675 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 99, "message": { "text": "Without proper access control, the method parameterizedQuery() in [SqlStringInjection.java](1) can execute a SQL statement on line [193](1) that contains an attacker-controlled primary key, thereby allowing the attacker to access unauthorized records.\r\nWithout proper access control, executing a SQL statement that contains a user-controlled primary key can allow an attacker to view unauthorized records." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 13 }, "region": { "startLine": 193, "snippet": { "text": "\t\tstatement.setString(1, accountName);" } }, "contextRegion": { "startLine": 190, "endLine": 196, "snippet": { "text": "\t\tPreparedStatement statement = connection.prepareStatement(\n\t\t\tquery, ResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tstatement.setString(1, accountName);\n\t\tResultSet results = statement.executeQuery();\n\n\t\tif ((results != null) && (results.first() == true))\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 0 }, { "index": 2 }, { "index": 3 }, { "index": 7 }, { "index": 10 }, { "index": 777 }, { "index": 778 }, { "index": 963 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 13 }, "region": { "startLine": 193, "snippet": { "text": "\t\tstatement.setString(1, accountName);" } }, "contextRegion": { "startLine": 190, "endLine": 196, "snippet": { "text": "\t\tPreparedStatement statement = connection.prepareStatement(\n\t\t\tquery, ResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tstatement.setString(1, accountName);\n\t\tResultSet results = statement.executeQuery();\n\n\t\tif ((results != null) && (results.first() == true))\n" } } }, "message": { "text": "setString(1)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 13 }, "region": { "startLine": 193 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 49, "level": "note", "message": { "text": "The function createStagedContent() in [LessonAdapter.java](1) might reveal system data or debugging information by calling println() on line [136](1). The information revealed by println() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 116 }, "region": { "startLine": 136, "snippet": { "text": "\t System.out.println(e);" } }, "contextRegion": { "startLine": 133, "endLine": 139, "snippet": { "text": "\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\n\t System.out.println(e);\n\t e.printStackTrace();\n\t}\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 964 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 116 }, "region": { "startLine": 136, "snippet": { "text": "\t System.out.println(e);" } }, "contextRegion": { "startLine": 133, "endLine": 139, "snippet": { "text": "\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\n\t System.out.println(e);\n\t e.printStackTrace();\n\t}\n\n" } } }, "message": { "text": "println(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 116 }, "region": { "startLine": 136, "startColumn": 25 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 108, "level": "error", "message": { "text": "The method getRawParameter() in [ParameterParser.java](1) mishandles confidential information, which can compromise user privacy and is often illegal.\r\nMishandling private information, such as customer passwords or social security numbers, can compromise user privacy and is often illegal." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 635, "snippet": { "text": "\t throw new ParameterNotFoundException(name + \" was empty\");" } }, "contextRegion": { "startLine": 632, "endLine": 638, "snippet": { "text": "\t}\n\telse if (values[0].length() == 0)\n\t{\n\t throw new ParameterNotFoundException(name + \" was empty\");\n\t}\n\n\treturn (values[0]);\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 541 }, { "index": 542 }, { "index": 128 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 635, "snippet": { "text": "\t throw new ParameterNotFoundException(name + \" was empty\");" } }, "contextRegion": { "startLine": 632, "endLine": 638, "snippet": { "text": "\t}\n\telse if (values[0].length() == 0)\n\t{\n\t throw new ParameterNotFoundException(name + \" was empty\");\n\t}\n\n\treturn (values[0]);\n" } } }, "message": { "text": "ParameterNotFoundException(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 635 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 62, "level": "error", "message": { "text": "The method makeRow() in [Encoding.java](1) sends unvalidated data to a web browser on line [793](1), which can result in the browser executing malicious code.\r\nSending unvalidated data to a web browser can result in the browser executing malicious code." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 793, "snippet": { "text": "\t\tTD val1 = new TD().addElement( value1 ).setBgColor( \"#dddddd\" );" } }, "contextRegion": { "startLine": 790, "endLine": 796, "snippet": { "text": "\t{\n\n\t\tTD desc = new TD().addElement( description ).setBgColor( \"#bbbbbb\" );\n\t\tTD val1 = new TD().addElement( value1 ).setBgColor( \"#dddddd\" );\n\t\tTD val2 = new TD().addElement( value2 ).setBgColor( \"#dddddd\" );\n\t\tTR tr = new TR();\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 0 }, { "index": 2 }, { "index": 3 }, { "index": 7 }, { "index": 10 }, { "index": 737 }, { "index": 738 }, { "index": 781 }, { "index": 965 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 793, "snippet": { "text": "\t\tTD val1 = new TD().addElement( value1 ).setBgColor( \"#dddddd\" );" } }, "contextRegion": { "startLine": 790, "endLine": 796, "snippet": { "text": "\t{\n\n\t\tTD desc = new TD().addElement( description ).setBgColor( \"#bbbbbb\" );\n\t\tTD val1 = new TD().addElement( value1 ).setBgColor( \"#dddddd\" );\n\t\tTD val2 = new TD().addElement( value2 ).setBgColor( \"#dddddd\" );\n\t\tTR tr = new TR();\n\n" } } }, "message": { "text": "addElement(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 793, "startColumn": 34 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function handleRequest() in [SQLInjection.java](1) might reveal system data or debugging information by calling printStackTrace() on line [361](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 57 }, "region": { "startLine": 361, "snippet": { "text": "\t\tue2.printStackTrace();" } }, "contextRegion": { "startLine": 358, "endLine": 364, "snippet": { "text": "\t {\n\t\ts.setMessage(\"You are not authorized to perform this function\");\n\t\tSystem.out.println(\"Authorization failure\");\n\t\tue2.printStackTrace();\n\t }\n\t catch (Exception e)\n\t {\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 57 }, "region": { "startLine": 361, "snippet": { "text": "\t\tue2.printStackTrace();" } }, "contextRegion": { "startLine": 358, "endLine": 364, "snippet": { "text": "\t {\n\t\ts.setMessage(\"You are not authorized to perform this function\");\n\t\tSystem.out.println(\"Authorization failure\");\n\t\tue2.printStackTrace();\n\t }\n\t catch (Exception e)\n\t {\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 57 }, "region": { "startLine": 361 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function main() in [CreateDB.java](1) might reveal system data or debugging information by calling printStackTrace() on line [126](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 40 }, "region": { "startLine": 126, "snippet": { "text": "\t sqle.printStackTrace();" } }, "contextRegion": { "startLine": 123, "endLine": 129, "snippet": { "text": "\t}\n\tcatch (SQLException sqle)\n\t{\n\t sqle.printStackTrace();\n\t}\n }\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 40 }, "region": { "startLine": 126, "snippet": { "text": "\t sqle.printStackTrace();" } }, "contextRegion": { "startLine": 123, "endLine": 129, "snippet": { "text": "\t}\n\tcatch (SQLException sqle)\n\t{\n\t sqle.printStackTrace();\n\t}\n }\n\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 40 }, "region": { "startLine": 126 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function main() in [CreateDB.java](1) might reveal system data or debugging information by calling printStackTrace() on line [101](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 40 }, "region": { "startLine": 101, "snippet": { "text": "\t sqle.printStackTrace();" } }, "contextRegion": { "startLine": 98, "endLine": 104, "snippet": { "text": "\t}\n\tcatch (SQLException sqle)\n\t{\n\t sqle.printStackTrace();\n\t}\n\n\t/**\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 40 }, "region": { "startLine": 101, "snippet": { "text": "\t sqle.printStackTrace();" } }, "contextRegion": { "startLine": 98, "endLine": 104, "snippet": { "text": "\t}\n\tcatch (SQLException sqle)\n\t{\n\t sqle.printStackTrace();\n\t}\n\n\t/**\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 40 }, "region": { "startLine": 101 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 24, "level": "error", "message": { "text": "The method makeCurrent() in [CSRF.java](1) sends unvalidated data to a web browser on line [245](1), which can result in the browser executing malicious code.\r\nSending unvalidated data to a web browser can result in the browser executing malicious code." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 103 }, "region": { "startLine": 245, "snippet": { "text": "\t\t\t\tec.addElement( new H1( \"Message Contents For: \" + results.getString( TITLE_COL )) );" } }, "contextRegion": { "startLine": 242, "endLine": 248, "snippet": { "text": "\n\t\t\tif ( ( results != null ) && results.first() )\n\t\t\t{\n\t\t\t\tec.addElement( new H1( \"Message Contents For: \" + results.getString( TITLE_COL )) );\n\t\t\t\tTable t = new Table( 0 ).setCellSpacing( 0 ).setCellPadding( 0 ).setBorder( 0 );\n\t\t\t\tTR row1 = new TR( new TD( new B(new StringElement( \"Title:\" )) ) );\n\t\t\t\trow1.addElement( new TD( new StringElement( results.getString( TITLE_COL ) ) ) );\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 918 }, { "index": 919 }, { "index": 966 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 103 }, "region": { "startLine": 245, "snippet": { "text": "\t\t\t\tec.addElement( new H1( \"Message Contents For: \" + results.getString( TITLE_COL )) );" } }, "contextRegion": { "startLine": 242, "endLine": 248, "snippet": { "text": "\n\t\t\tif ( ( results != null ) && results.first() )\n\t\t\t{\n\t\t\t\tec.addElement( new H1( \"Message Contents For: \" + results.getString( TITLE_COL )) );\n\t\t\t\tTable t = new Table( 0 ).setCellSpacing( 0 ).setCellPadding( 0 ).setBorder( 0 );\n\t\t\t\tTR row1 = new TR( new TD( new B(new StringElement( \"Title:\" )) ) );\n\t\t\t\trow1.addElement( new TD( new StringElement( results.getString( TITLE_COL ) ) ) );\n" } } }, "message": { "text": "H1(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 103 }, "region": { "startLine": 245 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 53, "message": { "text": "The J2EE standard forbids the direct management of connections." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 17 }, "region": { "startLine": 68, "snippet": { "text": "\treturn (DriverManager.getConnection(s.getDatabaseConnectionString()));" } }, "contextRegion": { "startLine": 65, "endLine": 71, "snippet": { "text": " {\n\tClass.forName(s.getDatabaseDriver());\n\n\treturn (DriverManager.getConnection(s.getDatabaseConnectionString()));\n }\n\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 17 }, "region": { "startLine": 68, "snippet": { "text": "\treturn (DriverManager.getConnection(s.getDatabaseConnectionString()));" } }, "contextRegion": { "startLine": 65, "endLine": 71, "snippet": { "text": " {\n\tClass.forName(s.getDatabaseDriver());\n\n\treturn (DriverManager.getConnection(s.getDatabaseConnectionString()));\n }\n\n\n" } } }, "message": { "text": "getConnection()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 17 }, "region": { "startLine": 68 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 64, "message": { "text": "Hardcoded passwords may compromise system security in a way that cannot be easily remedied." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 88, "snippet": { "text": " public final static String PASSWORD = \"password\";" } }, "contextRegion": { "startLine": 85, "endLine": 91, "snippet": { "text": "\n public final static String FIRST_NAME = \"firstName\";\n\n public final static String PASSWORD = \"password\";\n\n public final static String EMPLOYEE_ID = \"employee_id\";\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 88, "snippet": { "text": " public final static String PASSWORD = \"password\";" } }, "contextRegion": { "startLine": 85, "endLine": 91, "snippet": { "text": "\n public final static String FIRST_NAME = \"firstName\";\n\n public final static String PASSWORD = \"password\";\n\n public final static String EMPLOYEE_ID = \"employee_id\";\n\n" } } }, "message": { "text": "FieldAccess: PASSWORD" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 88, "snippet": { "text": " public final static String PASSWORD = \"password\";" } }, "contextRegion": { "startLine": 85, "endLine": 91, "snippet": { "text": "\n public final static String FIRST_NAME = \"firstName\";\n\n public final static String PASSWORD = \"password\";\n\n public final static String EMPLOYEE_ID = \"employee_id\";\n\n" } } }, "message": { "text": "Field: PASSWORD" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 88 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 142, "message": { "text": "The call to equals() on line [106](1) causes portability problems because it has different locales which may lead to unexpected output. This may also circumvent custom validation routines.\r\nUnexpected portability problems can be found when the locale is not specified." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 106, "snippet": { "text": "\t\t\t\t\t.trim().toLowerCase().equals(\"ls #\")" } }, "contextRegion": { "startLine": 103, "endLine": 109, "snippet": { "text": "\t\t\t\t|| helpFile.substring(index, helpFileLen)\n\t\t\t\t\t.trim().toLowerCase().equals(\"dir #\")\n\t\t\t\t|| helpFile.substring(index, helpFileLen)\n\t\t\t\t\t.trim().toLowerCase().equals(\"ls #\")\n\t\t\t\t|| helpFile.substring(index, helpFileLen)\n\t\t\t\t\t.trim().toLowerCase().equals(\"ls -l #\")\n\t\t\t\t|| helpFile.substring(index, helpFileLen)\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 77, "snippet": { "text": "\t if (s.isDefuseOSCommands()" } }, "contextRegion": { "startLine": 74, "endLine": 80, "snippet": { "text": "\t String helpFile = s.getParser().getRawParameter(HELP_FILE,\n\t\t \"BasicAuthentication.help\");\n\t String safeDirName;\n\t if (s.isDefuseOSCommands()\n\t\t && (helpFile.indexOf('&') != -1 || helpFile.indexOf(';') != -1))\n\t {\n\t\tint index = helpFile.indexOf('&');\n" } } }, "message": { "text": "Branch taken" } }, "kinds": [ "branch", "true" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 78, "snippet": { "text": "\t\t && (helpFile.indexOf('&') != -1 || helpFile.indexOf(';') != -1))" } }, "contextRegion": { "startLine": 75, "endLine": 81, "snippet": { "text": "\t\t \"BasicAuthentication.help\");\n\t String safeDirName;\n\t if (s.isDefuseOSCommands()\n\t\t && (helpFile.indexOf('&') != -1 || helpFile.indexOf(';') != -1))\n\t {\n\t\tint index = helpFile.indexOf('&');\n\t\tif (index == -1)\n" } } }, "message": { "text": "Branch taken" } }, "kinds": [ "branch", "true" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 90, "snippet": { "text": "\t\tif ((osName.indexOf(\"Windows\") != -1 && (helpFile.substring(" } }, "contextRegion": { "startLine": 87, "endLine": 93, "snippet": { "text": "\t\tSystem.out.println(\"Command = [\"\n\t\t\t+ helpFile.substring(index, helpFileLen).trim()\n\t\t\t\t.toLowerCase() + \"]\");\n\t\tif ((osName.indexOf(\"Windows\") != -1 && (helpFile.substring(\n\t\t\tindex, helpFileLen).trim().toLowerCase().equals(\n\t\t\t\"netstat -a\")\n\t\t\t|| helpFile.substring(index, helpFileLen).trim()\n" } } }, "message": { "text": "Branch not taken" } }, "kinds": [ "branch", "false" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 102, "snippet": { "text": "\t\t\t\t.toLowerCase().equals(\"netstat -a #\")" } }, "contextRegion": { "startLine": 99, "endLine": 105, "snippet": { "text": "\t\t\t.substring(index, helpFileLen).trim().toLowerCase()\n\t\t\t.equals(\"ipconfig\")))\n\t\t\t|| (helpFile.substring(index, helpFileLen).trim()\n\t\t\t\t.toLowerCase().equals(\"netstat -a #\")\n\t\t\t\t|| helpFile.substring(index, helpFileLen)\n\t\t\t\t\t.trim().toLowerCase().equals(\"dir #\")\n\t\t\t\t|| helpFile.substring(index, helpFileLen)\n" } } }, "message": { "text": "Branch not taken" } }, "kinds": [ "branch", "false" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 104, "snippet": { "text": "\t\t\t\t\t.trim().toLowerCase().equals(\"dir #\")" } }, "contextRegion": { "startLine": 101, "endLine": 107, "snippet": { "text": "\t\t\t|| (helpFile.substring(index, helpFileLen).trim()\n\t\t\t\t.toLowerCase().equals(\"netstat -a #\")\n\t\t\t\t|| helpFile.substring(index, helpFileLen)\n\t\t\t\t\t.trim().toLowerCase().equals(\"dir #\")\n\t\t\t\t|| helpFile.substring(index, helpFileLen)\n\t\t\t\t\t.trim().toLowerCase().equals(\"ls #\")\n\t\t\t\t|| helpFile.substring(index, helpFileLen)\n" } } }, "message": { "text": "Branch not taken" } }, "kinds": [ "branch", "false" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 106, "snippet": { "text": "\t\t\t\t\t.trim().toLowerCase().equals(\"ls #\")" } }, "contextRegion": { "startLine": 103, "endLine": 109, "snippet": { "text": "\t\t\t\t|| helpFile.substring(index, helpFileLen)\n\t\t\t\t\t.trim().toLowerCase().equals(\"dir #\")\n\t\t\t\t|| helpFile.substring(index, helpFileLen)\n\t\t\t\t\t.trim().toLowerCase().equals(\"ls #\")\n\t\t\t\t|| helpFile.substring(index, helpFileLen)\n\t\t\t\t\t.trim().toLowerCase().equals(\"ls -l #\")\n\t\t\t\t|| helpFile.substring(index, helpFileLen)\n" } } }, "message": { "text": "toLowerCase() : Case changed using default locale" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 106, "snippet": { "text": "\t\t\t\t\t.trim().toLowerCase().equals(\"ls #\")" } }, "contextRegion": { "startLine": 103, "endLine": 109, "snippet": { "text": "\t\t\t\t|| helpFile.substring(index, helpFileLen)\n\t\t\t\t\t.trim().toLowerCase().equals(\"dir #\")\n\t\t\t\t|| helpFile.substring(index, helpFileLen)\n\t\t\t\t\t.trim().toLowerCase().equals(\"ls #\")\n\t\t\t\t|| helpFile.substring(index, helpFileLen)\n\t\t\t\t\t.trim().toLowerCase().equals(\"ls -l #\")\n\t\t\t\t|| helpFile.substring(index, helpFileLen)\n" } } }, "message": { "text": "helpFile.substring(index, helpFileLen).trim().toLowerCase().equals(...) : Comparison without checking locale" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 106 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 108, "level": "error", "message": { "text": "The method getRawParameter() in [ParameterParser.java](1) mishandles confidential information, which can compromise user privacy and is often illegal.\r\nMishandling private information, such as customer passwords or social security numbers, can compromise user privacy and is often illegal." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 631, "snippet": { "text": "\t throw new ParameterNotFoundException(name + \" not found\");" } }, "contextRegion": { "startLine": 628, "endLine": 634, "snippet": { "text": "\n\tif (values == null)\n\t{\n\t throw new ParameterNotFoundException(name + \" not found\");\n\t}\n\telse if (values[0].length() == 0)\n\t{\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 427 }, { "index": 428 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 631, "snippet": { "text": "\t throw new ParameterNotFoundException(name + \" not found\");" } }, "contextRegion": { "startLine": 628, "endLine": 634, "snippet": { "text": "\n\tif (values == null)\n\t{\n\t throw new ParameterNotFoundException(name + \" not found\");\n\t}\n\telse if (values[0].length() == 0)\n\t{\n" } } }, "message": { "text": "ParameterNotFoundException(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 631 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 94, "message": { "text": "The method doPost() in [HammerHead.java](1) stores a non-serializable object as an `HttpSession` attribute, which can damage application reliability.\r\nStoring a non-serializable object as an `HttpSession` attribute can damage application reliability." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 184, "snippet": { "text": "\t request.getSession().setAttribute(\"websession\", mySession);" } }, "contextRegion": { "startLine": 181, "endLine": 187, "snippet": { "text": "\t\tclientBrowser = userAgent;\n\t }\n\t request.setAttribute(\"client.browser\", clientBrowser);\n\t request.getSession().setAttribute(\"websession\", mySession);\n\t request.getSession().setAttribute(\"course\", mySession.getCourse());\n\n\t request.getRequestDispatcher(getViewPage(mySession)).forward(\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 184, "snippet": { "text": "\t request.getSession().setAttribute(\"websession\", mySession);" } }, "contextRegion": { "startLine": 181, "endLine": 187, "snippet": { "text": "\t\tclientBrowser = userAgent;\n\t }\n\t request.setAttribute(\"client.browser\", clientBrowser);\n\t request.getSession().setAttribute(\"websession\", mySession);\n\t request.getSession().setAttribute(\"course\", mySession.getCourse());\n\n\t request.getRequestDispatcher(getViewPage(mySession)).forward(\n" } } }, "message": { "text": "FunctionCall: setAttribute" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 184 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 23, "level": "error", "message": { "text": "Without proper access control, the method getEmployeeProfile() in [EditProfile.java](1) can execute a SQL statement on line [96](1) that contains an attacker-controlled primary key, thereby allowing the attacker to access unauthorized records.\r\nWithout proper access control, executing a SQL statement that contains a user-controlled primary key can allow an attacker to view unauthorized records." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 89 }, "region": { "startLine": 96, "snippet": { "text": "\t\tanswer_statement.setInt(1, subjectUserId);" } }, "contextRegion": { "startLine": 93, "endLine": 99, "snippet": { "text": "\t\t\t.getConnection(s).prepareStatement(query,\n\t\t\t\tResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tanswer_statement.setInt(1, subjectUserId);\n\t\tResultSet answer_results = answer_statement.executeQuery();\n\t\tif (answer_results.next())\n\t\t{\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 67 }, { "index": 68 }, { "index": 69 }, { "index": 70 }, { "index": 76 }, { "index": 77 }, { "index": 78 }, { "index": 79 }, { "index": 80 }, { "index": 967 }, { "index": 82 }, { "index": 968 }, { "index": 969 }, { "index": 970 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 89 }, "region": { "startLine": 96, "snippet": { "text": "\t\tanswer_statement.setInt(1, subjectUserId);" } }, "contextRegion": { "startLine": 93, "endLine": 99, "snippet": { "text": "\t\t\t.getConnection(s).prepareStatement(query,\n\t\t\t\tResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tanswer_statement.setInt(1, subjectUserId);\n\t\tResultSet answer_results = answer_statement.executeQuery();\n\t\tif (answer_results.next())\n\t\t{\n" } } }, "message": { "text": "setInt(1)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 89 }, "region": { "startLine": 96, "startColumn": 30 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 94, "message": { "text": "The method doPost() in [HammerHead.java](1) stores a non-serializable object as an `HttpSession` attribute, which can damage application reliability.\r\nStoring a non-serializable object as an `HttpSession` attribute can damage application reliability." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 185, "snippet": { "text": "\t request.getSession().setAttribute(\"course\", mySession.getCourse());" } }, "contextRegion": { "startLine": 182, "endLine": 188, "snippet": { "text": "\t }\n\t request.setAttribute(\"client.browser\", clientBrowser);\n\t request.getSession().setAttribute(\"websession\", mySession);\n\t request.getSession().setAttribute(\"course\", mySession.getCourse());\n\n\t request.getRequestDispatcher(getViewPage(mySession)).forward(\n\t\t request, response);\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 185, "snippet": { "text": "\t request.getSession().setAttribute(\"course\", mySession.getCourse());" } }, "contextRegion": { "startLine": 182, "endLine": 188, "snippet": { "text": "\t }\n\t request.setAttribute(\"client.browser\", clientBrowser);\n\t request.getSession().setAttribute(\"websession\", mySession);\n\t request.getSession().setAttribute(\"course\", mySession.getCourse());\n\n\t request.getRequestDispatcher(getViewPage(mySession)).forward(\n\t\t request, response);\n" } } }, "message": { "text": "FunctionCall: setAttribute" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 185 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 33, "level": "note", "message": { "text": "Using println() rather than a dedicated logging facility makes it difficult to monitor the behavior of the program.\r\nUsing `System.out` or `System.err` rather than a dedicated logging facility makes it difficult to monitor the behavior of the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 40 }, "region": { "startLine": 352, "snippet": { "text": "\t System.out.println(\"Error dropping user_login table\");" } }, "contextRegion": { "startLine": 349, "endLine": 355, "snippet": { "text": "\t}\n\tcatch (SQLException e)\n\t{\n\t System.out.println(\"Error dropping user_login table\");\n\t}\n\n\t// Create the new table\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 40 }, "region": { "startLine": 352, "snippet": { "text": "\t System.out.println(\"Error dropping user_login table\");" } }, "contextRegion": { "startLine": 349, "endLine": 355, "snippet": { "text": "\t}\n\tcatch (SQLException e)\n\t{\n\t System.out.println(\"Error dropping user_login table\");\n\t}\n\n\t// Create the new table\n" } } }, "message": { "text": "FunctionCall: println" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 40 }, "region": { "startLine": 352 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 33, "level": "note", "message": { "text": "Using println() rather than a dedicated logging facility makes it difficult to monitor the behavior of the program.\r\nUsing `System.out` or `System.err` rather than a dedicated logging facility makes it difficult to monitor the behavior of the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 40 }, "region": { "startLine": 364, "snippet": { "text": "\t System.out.println(\"Error creating user database\");" } }, "contextRegion": { "startLine": 361, "endLine": 367, "snippet": { "text": "\t}\n\tcatch (SQLException e)\n\t{\n\t System.out.println(\"Error creating user database\");\n\t e.printStackTrace();\n\t}\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 40 }, "region": { "startLine": 364, "snippet": { "text": "\t System.out.println(\"Error creating user database\");" } }, "contextRegion": { "startLine": 361, "endLine": 367, "snippet": { "text": "\t}\n\tcatch (SQLException e)\n\t{\n\t System.out.println(\"Error creating user database\");\n\t e.printStackTrace();\n\t}\n\n" } } }, "message": { "text": "FunctionCall: println" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 40 }, "region": { "startLine": 364 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 40, "message": { "text": "The method toString() in [ParameterParser.java](1) can dereference a null pointer on line 1072 because it does not check the return value of getParameterValues(), which might return null.\r\nThe program can dereference a null pointer because it does not check the return value of a function that might return null." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 1072, "snippet": { "text": "\t s.append(key + \"=\" + getParameterValues(key)[0]);" } }, "contextRegion": { "startLine": 1069, "endLine": 1075, "snippet": { "text": "\twhile (e.hasMoreElements())\n\t{\n\t String key = (String) e.nextElement();\n\t s.append(key + \"=\" + getParameterValues(key)[0]);\n\n\t // FIXME: Other values?\n\t if (e.hasMoreElements())\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 1069, "snippet": { "text": "\twhile (e.hasMoreElements())" } }, "contextRegion": { "startLine": 1066, "endLine": 1072, "snippet": { "text": "\tStringBuffer s = new StringBuffer(\"[\");\n\tEnumeration e = getParameterNames();\n\n\twhile (e.hasMoreElements())\n\t{\n\t String key = (String) e.nextElement();\n\t s.append(key + \"=\" + getParameterValues(key)[0]);\n" } } }, "message": { "text": "Branch taken" } }, "kinds": [ "branch", "true" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 1072, "snippet": { "text": "\t s.append(key + \"=\" + getParameterValues(key)[0]);" } }, "contextRegion": { "startLine": 1069, "endLine": 1075, "snippet": { "text": "\twhile (e.hasMoreElements())\n\t{\n\t String key = (String) e.nextElement();\n\t s.append(key + \"=\" + getParameterValues(key)[0]);\n\n\t // FIXME: Other values?\n\t if (e.hasMoreElements())\n" } } }, "message": { "text": "getParameterValues(...) : ParameterParser.getParameterValues may return NULL" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 1072, "snippet": { "text": "\t s.append(key + \"=\" + getParameterValues(key)[0]);" } }, "contextRegion": { "startLine": 1069, "endLine": 1075, "snippet": { "text": "\twhile (e.hasMoreElements())\n\t{\n\t String key = (String) e.nextElement();\n\t s.append(key + \"=\" + getParameterValues(key)[0]);\n\n\t // FIXME: Other values?\n\t if (e.hasMoreElements())\n" } } }, "message": { "text": "this.getParameterValues(key)[] : return value used without null check" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 1072 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 12, "level": "note", "message": { "text": "On line [146](1) of [ListStaff.java](1), the method getAllEmployees_BACKUP() invokes a SQL query built using input potentially coming from an untrusted source. This call could allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands.\r\nConstructing a dynamic SQL statement with input coming from an untrusted source could allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 108 }, "region": { "startLine": 146, "snippet": { "text": "\t\tResultSet answer_results = answer_statement.executeQuery(query);" } }, "contextRegion": { "startLine": 143, "endLine": 149, "snippet": { "text": "\t\tStatement answer_statement = WebSession.getConnection(s)\n\t\t\t.createStatement(ResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tResultSet answer_results = answer_statement.executeQuery(query);\n\t\tanswer_results.beforeFirst();\n\t\twhile (answer_results.next())\n\t\t{\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 108 }, "region": { "startLine": 146, "snippet": { "text": "\t\tResultSet answer_results = answer_statement.executeQuery(query);" } }, "contextRegion": { "startLine": 143, "endLine": 149, "snippet": { "text": "\t\tStatement answer_statement = WebSession.getConnection(s)\n\t\t\t.createStatement(ResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tResultSet answer_results = answer_statement.executeQuery(query);\n\t\tanswer_results.beforeFirst();\n\t\twhile (answer_results.next())\n\t\t{\n" } } }, "message": { "text": "executeQuery()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 108 }, "region": { "startLine": 146 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 22, "message": { "text": "An overly long session timeout gives attackers more time to potentially compromise user accounts." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 86 }, "region": { "startLine": 248, "snippet": { "text": " " } }, "contextRegion": { "startLine": 245, "endLine": 251, "snippet": { "text": " the timeout for a particular session dynamically by using\n HttpSession.getMaxInactiveInterval(). -->\n\n \n \t\n 2880\n \n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 86 }, "region": { "startLine": 248, "snippet": { "text": " " } }, "contextRegion": { "startLine": 245, "endLine": 251, "snippet": { "text": " the timeout for a particular session dynamically by using\n HttpSession.getMaxInactiveInterval(). -->\n\n \n \t\n 2880\n \n" } } } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 86 }, "region": { "startLine": 248 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 42, "message": { "text": "The method updateSession() in [HammerHead.java](1) commingles trusted and untrusted data in the same data structure, which encourages programmers to mistakenly trust unvalidated data.\r\nCommingling trusted and untrusted data in the same data structure encourages programmers to mistakenly trust unvalidated data." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 495, "snippet": { "text": "\t hs.setAttribute(WebSession.SESSION, session);" } }, "contextRegion": { "startLine": 492, "endLine": 498, "snippet": { "text": "\t // Create new custom session and save it in the HTTP session\n\t // System.out.println( \"HH Creating new WebSession: \" );\n\t session = new WebSession(this, context);\n\t hs.setAttribute(WebSession.SESSION, session);\n\t // reset timeout\n\t hs.setMaxInactiveInterval(sessionTimeoutSeconds);\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 503 }, { "index": 504 }, { "index": 505 }, { "index": 135 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 495, "snippet": { "text": "\t hs.setAttribute(WebSession.SESSION, session);" } }, "contextRegion": { "startLine": 492, "endLine": 498, "snippet": { "text": "\t // Create new custom session and save it in the HTTP session\n\t // System.out.println( \"HH Creating new WebSession: \" );\n\t session = new WebSession(this, context);\n\t hs.setAttribute(WebSession.SESSION, session);\n\t // reset timeout\n\t hs.setMaxInactiveInterval(sessionTimeoutSeconds);\n\n" } } }, "message": { "text": "setAttribute(1)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 495, "startColumn": 42 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 62, "level": "error", "message": { "text": "The method createContent() in [LogSpoofing.java](1) sends unvalidated data to a web browser on line [110](1), which can result in the browser executing malicious code.\r\nSending unvalidated data to a web browser can result in the browser executing malicious code." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 115 }, "region": { "startLine": 110, "snippet": { "text": "\t\t new TD(new PRE(\"Login failed for username: \"" } }, "contextRegion": { "startLine": 107, "endLine": 113, "snippet": { "text": "\t\t .setBorder(0);\n\t TR row4 = new TR();\n\t row4.addElement(\n\t\t new TD(new PRE(\"Login failed for username: \"\n\t\t\t + inputUsername))).setBgColor(HtmlColor.GRAY);\n\n\t t2.addElement(row4);\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 0 }, { "index": 2 }, { "index": 3 }, { "index": 7 }, { "index": 10 }, { "index": 971 }, { "index": 972 }, { "index": 973 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 115 }, "region": { "startLine": 110, "snippet": { "text": "\t\t new TD(new PRE(\"Login failed for username: \"" } }, "contextRegion": { "startLine": 107, "endLine": 113, "snippet": { "text": "\t\t .setBorder(0);\n\t TR row4 = new TR();\n\t row4.addElement(\n\t\t new TD(new PRE(\"Login failed for username: \"\n\t\t\t + inputUsername))).setBgColor(HtmlColor.GRAY);\n\n\t t2.addElement(row4);\n" } } }, "message": { "text": "PRE(0)" } }, "kinds": [ "call", "function" ] } ] } ] }, { "threadFlows": [ { "locations": [ { "index": 0 }, { "index": 2 }, { "index": 3 }, { "index": 7 }, { "index": 10 }, { "index": 971 }, { "index": 972 }, { "index": 973 }, { "index": 974 }, { "index": 975 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 115 }, "region": { "startLine": 110, "snippet": { "text": "\t\t new TD(new PRE(\"Login failed for username: \"" } }, "contextRegion": { "startLine": 107, "endLine": 113, "snippet": { "text": "\t\t .setBorder(0);\n\t TR row4 = new TR();\n\t row4.addElement(\n\t\t new TD(new PRE(\"Login failed for username: \"\n\t\t\t + inputUsername))).setBgColor(HtmlColor.GRAY);\n\n\t t2.addElement(row4);\n" } } }, "message": { "text": "PRE(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 115 }, "region": { "startLine": 110 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 118, "message": { "text": "A cookie is created without the `secure` flag set to `true`." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 172, "snippet": { "text": "\ts.getResponse().addCookie(newCookie);" } }, "contextRegion": { "startLine": 169, "endLine": 175, "snippet": { "text": "\tec.addElement(input);\n\n\tCookie newCookie = new Cookie(USER_COOKIE, \"White\");\n\ts.getResponse().addCookie(newCookie);\n\t//\n\n\treturn (ec);\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 153, "snippet": { "text": "\tif (username.equals(user) && password.equals(pass))" } }, "contextRegion": { "startLine": 150, "endLine": 156, "snippet": { "text": "\tString username = s.getParser().getStringParameter(USERNAME, \"\");\n\tString password = s.getParser().getStringParameter(PASSWORD, \"\");\n\n\tif (username.equals(user) && password.equals(pass))\n\t{\n\t s.setMessage(\"Welcome to stage 2 -- get credit card numbers!\");\n\t setStage(s, 2);\n" } } }, "message": { "text": "Branch not taken" } }, "kinds": [ "branch", "false" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 171, "snippet": { "text": "\tCookie newCookie = new Cookie(USER_COOKIE, \"White\");" } }, "contextRegion": { "startLine": 168, "endLine": 174, "snippet": { "text": "\tInput input = new Input(Input.HIDDEN, USER, \"White\");\n\tec.addElement(input);\n\n\tCookie newCookie = new Cookie(USER_COOKIE, \"White\");\n\ts.getResponse().addCookie(newCookie);\n\t//\n\n" } } }, "message": { "text": "newCookie = new Cookie(...)" } }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 172, "snippet": { "text": "\ts.getResponse().addCookie(newCookie);" } }, "contextRegion": { "startLine": 169, "endLine": 175, "snippet": { "text": "\tec.addElement(input);\n\n\tCookie newCookie = new Cookie(USER_COOKIE, \"White\");\n\ts.getResponse().addCookie(newCookie);\n\t//\n\n\treturn (ec);\n" } } }, "message": { "text": "addCookie(newCookie)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 172 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 76, "message": { "text": "Attackers can control the resource identifier argument to Socket() at [Interceptor.java](1) line [93](1), which could enable them to access or modify otherwise protected system resources.\r\nAllowing user input to control resource identifiers could enable an attacker to access or modify otherwise protected system resources." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 39 }, "region": { "startLine": 93, "snippet": { "text": "\t\tosgSocket = new Socket(osgServerName, Integer" } }, "contextRegion": { "startLine": 90, "endLine": 96, "snippet": { "text": "\t if (osgServerName != null && osgServerName.length() != 0\n\t\t && osgServerPort != null && osgServerPort.length() != 0)\n\t {\n\t\tosgSocket = new Socket(osgServerName, Integer\n\t\t\t.parseInt(osgServerPort));\n\t\tif (osgSocket != null)\n\t\t{\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 976 }, { "index": 977 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 39 }, "region": { "startLine": 93, "snippet": { "text": "\t\tosgSocket = new Socket(osgServerName, Integer" } }, "contextRegion": { "startLine": 90, "endLine": 96, "snippet": { "text": "\t if (osgServerName != null && osgServerName.length() != 0\n\t\t && osgServerPort != null && osgServerPort.length() != 0)\n\t {\n\t\tosgSocket = new Socket(osgServerName, Integer\n\t\t\t.parseInt(osgServerPort));\n\t\tif (osgSocket != null)\n\t\t{\n" } } }, "message": { "text": "Socket(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 39 }, "region": { "startLine": 93, "startColumn": 26 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 24, "level": "error", "message": { "text": "The method writeTable() in [DatabaseUtilities.java](1) sends unvalidated data to a web browser on line [154](1), which can result in the browser executing malicious code.\r\nSending unvalidated data to a web browser can result in the browser executing malicious code." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 17 }, "region": { "startLine": 154, "snippet": { "text": "\t\t row.addElement(new TD(results.getString(i).replaceAll(\" \"," } }, "contextRegion": { "startLine": 151, "endLine": 157, "snippet": { "text": "\n\t\tfor (int i = 1; i < (numColumns + 1); i++)\n\t\t{\n\t\t row.addElement(new TD(results.getString(i).replaceAll(\" \",\n\t\t\t \" \")));\n\t\t}\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 978 }, { "index": 979 }, { "index": 980 }, { "index": 65 }, { "index": 66 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 17 }, "region": { "startLine": 154, "snippet": { "text": "\t\t row.addElement(new TD(results.getString(i).replaceAll(\" \"," } }, "contextRegion": { "startLine": 151, "endLine": 157, "snippet": { "text": "\n\t\tfor (int i = 1; i < (numColumns + 1); i++)\n\t\t{\n\t\t row.addElement(new TD(results.getString(i).replaceAll(\" \",\n\t\t\t \" \")));\n\t\t}\n\n" } } }, "message": { "text": "TD(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 17 }, "region": { "startLine": 154 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 17, "message": { "text": "The catch block at [ViewProfile.java](1) line [143](1) handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program.\r\nThe catch block handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 53 }, "region": { "startLine": 143, "endLine": 147, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t s.setMessage(\"Error getting employee profile\");\r\n\t e.printStackTrace();\r\n\t}" } }, "contextRegion": { "startLine": 140, "endLine": 150, "snippet": { "text": "\t\tsqle.printStackTrace();\n\t }\n\t}\n\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error getting employee profile\");\n\t e.printStackTrace();\n\t}\n\n\treturn profile;\n }\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 53 }, "region": { "startLine": 143, "endLine": 147, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t s.setMessage(\"Error getting employee profile\");\r\n\t e.printStackTrace();\r\n\t}" } }, "contextRegion": { "startLine": 140, "endLine": 150, "snippet": { "text": "\t\tsqle.printStackTrace();\n\t }\n\t}\n\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error getting employee profile\");\n\t e.printStackTrace();\n\t}\n\n\treturn profile;\n }\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 53 }, "region": { "startLine": 143, "startColumn": 2, "endLine": 147 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function isAuthorized() in [DefaultLessonAction.java](1) might reveal system data or debugging information by calling printStackTrace() on line [278](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 106 }, "region": { "startLine": 278, "snippet": { "text": "\t\t\te.printStackTrace();" } }, "contextRegion": { "startLine": 275, "endLine": 281, "snippet": { "text": "\t\tcatch ( Exception e )\n\t\t{\n\t\t\ts.setMessage( \"Error authorizing\" );\n\t\t\te.printStackTrace();\n\t\t}\n\t\t\t\t\n\t\t// Update lesson status if necessary.\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 106 }, "region": { "startLine": 278, "snippet": { "text": "\t\t\te.printStackTrace();" } }, "contextRegion": { "startLine": 275, "endLine": 281, "snippet": { "text": "\t\tcatch ( Exception e )\n\t\t{\n\t\t\ts.setMessage( \"Error authorizing\" );\n\t\t\te.printStackTrace();\n\t\t}\n\t\t\t\t\n\t\t// Update lesson status if necessary.\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 106 }, "region": { "startLine": 278 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 133, "message": { "text": "The function createContent() in [PathBasedAccessControl.java](1) sometimes fails to release a system resource allocated by FileReader() on line 193.\r\nThe program can potentially fail to release a system resource." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 52 }, "region": { "startLine": 192, "snippet": { "text": "\t\t String fileData = getFileText(new BufferedReader(" } }, "contextRegion": { "startLine": 189, "endLine": 195, "snippet": { "text": "\t\t {\n\t\t\tthrow new Exception(\"File is too large\");\n\t\t }\n\t\t String fileData = getFileText(new BufferedReader(\n\t\t\t new FileReader(f)), false);\n\t\t if (fileData.indexOf(0x00) != -1)\n\t\t {\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 52 }, "region": { "startLine": 147, "snippet": { "text": "\t if (!illegalCommand)" } }, "contextRegion": { "startLine": 144, "endLine": 150, "snippet": { "text": "\t\ts.setMessage(\" - isFile(): \" + f.isFile());\n\t\ts.setMessage(\" - exists(): \" + f.exists());\n\t }\n\t if (!illegalCommand)\n\t {\n\t\tif (f.isFile() && f.exists())\n\t\t{\n" } } }, "message": { "text": "Branch taken" } }, "kinds": [ "branch", "true" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 52 }, "region": { "startLine": 188, "snippet": { "text": "\t\t if (f.length() > 80000)" } }, "contextRegion": { "startLine": 185, "endLine": 191, "snippet": { "text": "\t\t ec.addElement(new HR().setWidth(\"100%\"));\n\t\t ec.addElement(\"Viewing file: \" + f.getCanonicalPath());\n\t\t ec.addElement(new HR().setWidth(\"100%\"));\n\t\t if (f.length() > 80000)\n\t\t {\n\t\t\tthrow new Exception(\"File is too large\");\n\t\t }\n" } } }, "message": { "text": "Branch not taken" } }, "kinds": [ "branch", "false" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 52 }, "region": { "startLine": 193, "snippet": { "text": "\t\t\t new FileReader(f)), false);" } }, "contextRegion": { "startLine": 190, "endLine": 196, "snippet": { "text": "\t\t\tthrow new Exception(\"File is too large\");\n\t\t }\n\t\t String fileData = getFileText(new BufferedReader(\n\t\t\t new FileReader(f)), false);\n\t\t if (fileData.indexOf(0x00) != -1)\n\t\t {\n\t\t\tthrow new Exception(\"File is binary\");\n" } } }, "message": { "text": "new FileReader(...)" }, "annotations": [ { "startLine": 193, "startColumn": 8, "message": { "text": " refers to an allocated resource" } } ] }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 52 }, "region": { "startLine": 192, "snippet": { "text": "\t\t String fileData = getFileText(new BufferedReader(" } }, "contextRegion": { "startLine": 189, "endLine": 195, "snippet": { "text": "\t\t {\n\t\t\tthrow new Exception(\"File is too large\");\n\t\t }\n\t\t String fileData = getFileText(new BufferedReader(\n\t\t\t new FileReader(f)), false);\n\t\t if (fileData.indexOf(0x00) != -1)\n\t\t {\n" } } }, "message": { "text": "new BufferedReader(new java.io.FileReader())" }, "annotations": [ { "startLine": 192, "startColumn": 37, "message": { "text": " refers to an allocated resource" } } ] }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 52 }, "region": { "startLine": 192, "snippet": { "text": "\t\t String fileData = getFileText(new BufferedReader(" } }, "contextRegion": { "startLine": 189, "endLine": 195, "snippet": { "text": "\t\t {\n\t\t\tthrow new Exception(\"File is too large\");\n\t\t }\n\t\t String fileData = getFileText(new BufferedReader(\n\t\t\t new FileReader(f)), false);\n\t\t if (fileData.indexOf(0x00) != -1)\n\t\t {\n" } } }, "message": { "text": "getFileText(new java.io.BufferedReader(), ?)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 52 }, "region": { "startLine": 194, "snippet": { "text": "\t\t if (fileData.indexOf(0x00) != -1)" } }, "contextRegion": { "startLine": 191, "endLine": 197, "snippet": { "text": "\t\t }\n\t\t String fileData = getFileText(new BufferedReader(\n\t\t\t new FileReader(f)), false);\n\t\t if (fileData.indexOf(0x00) != -1)\n\t\t {\n\t\t\tthrow new Exception(\"File is binary\");\n\t\t }\n" } } }, "message": { "text": "Branch not taken" } }, "kinds": [ "branch", "false" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 52 }, "region": { "startLine": 204, "snippet": { "text": "\t\t}" } }, "contextRegion": { "startLine": 201, "endLine": 207, "snippet": { "text": "\t\t\t .replaceAll(\"

\", \"
\").replaceAll(\n\t\t\t\t \"
\\\\s
\", \"
\").replaceAll(\"<\\\\?\",\n\t\t\t\t \"<\").replaceAll(\"<(r|u|t)\", \"<$1\")));\n\t\t}\n\t\tcatch (Exception e)\n\t\t{\n\t\t ec.addElement(new BR());\n" } } }, "message": { "text": " no longer refers to an allocated resource" } }, "kinds": [ "exit", "scope" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 52 }, "region": { "startLine": 204, "snippet": { "text": "\t\t}" } }, "contextRegion": { "startLine": 201, "endLine": 207, "snippet": { "text": "\t\t\t .replaceAll(\"

\", \"
\").replaceAll(\n\t\t\t\t \"
\\\\s
\", \"
\").replaceAll(\"<\\\\?\",\n\t\t\t\t \"<\").replaceAll(\"<(r|u|t)\", \"<$1\")));\n\t\t}\n\t\tcatch (Exception e)\n\t\t{\n\t\t ec.addElement(new BR());\n" } } }, "message": { "text": " no longer refers to an allocated resource" } }, "kinds": [ "exit", "scope" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 52 }, "region": { "startLine": 204, "snippet": { "text": "\t\t}" } }, "contextRegion": { "startLine": 201, "endLine": 207, "snippet": { "text": "\t\t\t .replaceAll(\"

\", \"
\").replaceAll(\n\t\t\t\t \"
\\\\s
\", \"
\").replaceAll(\"<\\\\?\",\n\t\t\t\t \"<\").replaceAll(\"<(r|u|t)\", \"<$1\")));\n\t\t}\n\t\tcatch (Exception e)\n\t\t{\n\t\t ec.addElement(new BR());\n" } } }, "message": { "text": "end scope : Resource leaked" } }, "kinds": [ "exit", "scope" ] } ] } ] }, { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 52 }, "region": { "startLine": 147, "snippet": { "text": "\t if (!illegalCommand)" } }, "contextRegion": { "startLine": 144, "endLine": 150, "snippet": { "text": "\t\ts.setMessage(\" - isFile(): \" + f.isFile());\n\t\ts.setMessage(\" - exists(): \" + f.exists());\n\t }\n\t if (!illegalCommand)\n\t {\n\t\tif (f.isFile() && f.exists())\n\t\t{\n" } } }, "message": { "text": "Branch taken" } }, "kinds": [ "branch", "true" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 52 }, "region": { "startLine": 188, "snippet": { "text": "\t\t if (f.length() > 80000)" } }, "contextRegion": { "startLine": 185, "endLine": 191, "snippet": { "text": "\t\t ec.addElement(new HR().setWidth(\"100%\"));\n\t\t ec.addElement(\"Viewing file: \" + f.getCanonicalPath());\n\t\t ec.addElement(new HR().setWidth(\"100%\"));\n\t\t if (f.length() > 80000)\n\t\t {\n\t\t\tthrow new Exception(\"File is too large\");\n\t\t }\n" } } }, "message": { "text": "Branch not taken" } }, "kinds": [ "branch", "false" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 52 }, "region": { "startLine": 193, "snippet": { "text": "\t\t\t new FileReader(f)), false);" } }, "contextRegion": { "startLine": 190, "endLine": 196, "snippet": { "text": "\t\t\tthrow new Exception(\"File is too large\");\n\t\t }\n\t\t String fileData = getFileText(new BufferedReader(\n\t\t\t new FileReader(f)), false);\n\t\t if (fileData.indexOf(0x00) != -1)\n\t\t {\n\t\t\tthrow new Exception(\"File is binary\");\n" } } }, "message": { "text": "new FileReader(...)" }, "annotations": [ { "startLine": 193, "startColumn": 8, "message": { "text": " refers to an allocated resource" } } ] }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 52 }, "region": { "startLine": 192, "snippet": { "text": "\t\t String fileData = getFileText(new BufferedReader(" } }, "contextRegion": { "startLine": 189, "endLine": 195, "snippet": { "text": "\t\t {\n\t\t\tthrow new Exception(\"File is too large\");\n\t\t }\n\t\t String fileData = getFileText(new BufferedReader(\n\t\t\t new FileReader(f)), false);\n\t\t if (fileData.indexOf(0x00) != -1)\n\t\t {\n" } } }, "message": { "text": "new BufferedReader(new java.io.FileReader())" }, "annotations": [ { "startLine": 192, "startColumn": 37, "message": { "text": " refers to an allocated resource" } } ] }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 52 }, "region": { "startLine": 192, "snippet": { "text": "\t\t String fileData = getFileText(new BufferedReader(" } }, "contextRegion": { "startLine": 189, "endLine": 195, "snippet": { "text": "\t\t {\n\t\t\tthrow new Exception(\"File is too large\");\n\t\t }\n\t\t String fileData = getFileText(new BufferedReader(\n\t\t\t new FileReader(f)), false);\n\t\t if (fileData.indexOf(0x00) != -1)\n\t\t {\n" } } }, "message": { "text": "getFileText(new java.io.BufferedReader(), ?)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 52 }, "region": { "startLine": 194, "snippet": { "text": "\t\t if (fileData.indexOf(0x00) != -1)" } }, "contextRegion": { "startLine": 191, "endLine": 197, "snippet": { "text": "\t\t }\n\t\t String fileData = getFileText(new BufferedReader(\n\t\t\t new FileReader(f)), false);\n\t\t if (fileData.indexOf(0x00) != -1)\n\t\t {\n\t\t\tthrow new Exception(\"File is binary\");\n\t\t }\n" } } }, "message": { "text": "Branch taken" } }, "kinds": [ "branch", "true" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 52 }, "region": { "startLine": 196, "snippet": { "text": "\t\t\tthrow new Exception(\"File is binary\");" } }, "contextRegion": { "startLine": 193, "endLine": 199, "snippet": { "text": "\t\t\t new FileReader(f)), false);\n\t\t if (fileData.indexOf(0x00) != -1)\n\t\t {\n\t\t\tthrow new Exception(\"File is binary\");\n\t\t }\n\t\t ec.addElement(new StringElement(fileData.replaceAll(\n\t\t\t System.getProperty(\"line.separator\"), \"
\")\n" } } }, "message": { "text": " no longer refers to an allocated resource" } }, "kinds": [ "exit", "scope" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 52 }, "region": { "startLine": 196, "snippet": { "text": "\t\t\tthrow new Exception(\"File is binary\");" } }, "contextRegion": { "startLine": 193, "endLine": 199, "snippet": { "text": "\t\t\t new FileReader(f)), false);\n\t\t if (fileData.indexOf(0x00) != -1)\n\t\t {\n\t\t\tthrow new Exception(\"File is binary\");\n\t\t }\n\t\t ec.addElement(new StringElement(fileData.replaceAll(\n\t\t\t System.getProperty(\"line.separator\"), \"
\")\n" } } }, "message": { "text": " no longer refers to an allocated resource" } }, "kinds": [ "exit", "scope" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 52 }, "region": { "startLine": 196, "snippet": { "text": "\t\t\tthrow new Exception(\"File is binary\");" } }, "contextRegion": { "startLine": 193, "endLine": 199, "snippet": { "text": "\t\t\t new FileReader(f)), false);\n\t\t if (fileData.indexOf(0x00) != -1)\n\t\t {\n\t\t\tthrow new Exception(\"File is binary\");\n\t\t }\n\t\t ec.addElement(new StringElement(fileData.replaceAll(\n\t\t\t System.getProperty(\"line.separator\"), \"
\")\n" } } }, "message": { "text": "end scope : Resource leaked : java.lang.Exception thrown" } }, "kinds": [ "exit", "scope" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 52 }, "region": { "startLine": 192 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 137, "message": { "text": "Non-final public static fields can be changed by external classes." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 17 }, "region": { "startLine": 50, "snippet": { "text": " public static String servletContextRealPath = null;" } }, "contextRegion": { "startLine": 47, "endLine": 53, "snippet": { "text": "public class DatabaseUtilities\n{\n\n public static String servletContextRealPath = null;\n\n\n /**\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 17 }, "region": { "startLine": 50, "snippet": { "text": " public static String servletContextRealPath = null;" } }, "contextRegion": { "startLine": 47, "endLine": 53, "snippet": { "text": "public class DatabaseUtilities\n{\n\n public static String servletContextRealPath = null;\n\n\n /**\n" } } }, "message": { "text": "Field: servletContextRealPath" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 17 }, "region": { "startLine": 50 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 9, "message": { "text": "Empty passwords may compromise system security in a way that cannot be easily remedied." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 45 }, "region": { "startLine": 87, "snippet": { "text": "\t String password = \"\";" } }, "contextRegion": { "startLine": 84, "endLine": 90, "snippet": { "text": "\ttry\n\t{\n\t String username = \"\";\n\t String password = \"\";\n\t username = s.getParser().getRawParameter(USERNAME);\n\t password = s.getParser().getRawParameter(PASSWORD);\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 45 }, "region": { "startLine": 87, "snippet": { "text": "\t String password = \"\";" } }, "contextRegion": { "startLine": 84, "endLine": 90, "snippet": { "text": "\ttry\n\t{\n\t String username = \"\";\n\t String password = \"\";\n\t username = s.getParser().getRawParameter(USERNAME);\n\t password = s.getParser().getRawParameter(PASSWORD);\n\n" } } }, "message": { "text": "VariableAccess: password" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 45 }, "region": { "startLine": 87, "snippet": { "text": "\t String password = \"\";" } }, "contextRegion": { "startLine": 84, "endLine": 90, "snippet": { "text": "\ttry\n\t{\n\t String username = \"\";\n\t String password = \"\";\n\t username = s.getParser().getRawParameter(USERNAME);\n\t password = s.getParser().getRawParameter(PASSWORD);\n\n" } } }, "message": { "text": "Variable: password" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 45 }, "region": { "startLine": 87, "startColumn": 6 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 77, "level": "note", "message": { "text": "The method load() in [LessonTracker.java](1) ignores an exception on line [247](1), which could cause the program to overlook unexpected states and conditions.\r\nIgnoring an exception can cause the program to overlook unexpected states and conditions." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 14 }, "region": { "startLine": 247, "endLine": 250, "snippet": { "text": "\tcatch (FileNotFoundException e)\r\n\t{\r\n\t // Normal if the lesson has not been accessed yet.\r\n\t}" } }, "contextRegion": { "startLine": 244, "endLine": 253, "snippet": { "text": "\t\treturn tempLessonTracker;\n\t }\n\t}\n\tcatch (FileNotFoundException e)\n\t{\n\t // Normal if the lesson has not been accessed yet.\n\t}\n\tcatch (Exception e)\n\t{\n\t System.out.println(\"Failed to load lesson state for \" + screen);\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 14 }, "region": { "startLine": 247, "endLine": 250, "snippet": { "text": "\tcatch (FileNotFoundException e)\r\n\t{\r\n\t // Normal if the lesson has not been accessed yet.\r\n\t}" } }, "contextRegion": { "startLine": 244, "endLine": 253, "snippet": { "text": "\t\treturn tempLessonTracker;\n\t }\n\t}\n\tcatch (FileNotFoundException e)\n\t{\n\t // Normal if the lesson has not been accessed yet.\n\t}\n\tcatch (Exception e)\n\t{\n\t System.out.println(\"Failed to load lesson state for \" + screen);\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 14 }, "region": { "startLine": 247, "startColumn": 2, "endLine": 250 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 77, "level": "note", "message": { "text": "The method load() in [LessonTracker.java](1) ignores an exception on line [262](1), which could cause the program to overlook unexpected states and conditions.\r\nIgnoring an exception can cause the program to overlook unexpected states and conditions." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 14 }, "region": { "startLine": 262, "endLine": 263, "snippet": { "text": "\t catch (Exception e)\r\n\t {}" } }, "contextRegion": { "startLine": 259, "endLine": 266, "snippet": { "text": "\t {\n\t\tin.close();\n\t }\n\t catch (Exception e)\n\t {}\n\t}\n\n\treturn screen.createLessonTracker();\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 14 }, "region": { "startLine": 262, "endLine": 263, "snippet": { "text": "\t catch (Exception e)\r\n\t {}" } }, "contextRegion": { "startLine": 259, "endLine": 266, "snippet": { "text": "\t {\n\t\tin.close();\n\t }\n\t catch (Exception e)\n\t {}\n\t}\n\n\treturn screen.createLessonTracker();\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 14 }, "region": { "startLine": 262, "startColumn": 6, "endLine": 263 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 17, "message": { "text": "The catch block at [StoredXss.java](1) line [361](1) handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program.\r\nThe catch block handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 60 }, "region": { "startLine": 361, "endLine": 364, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t s.setMessage(\"Error while getting message list.\");\r\n\t}" } }, "contextRegion": { "startLine": 358, "endLine": 367, "snippet": { "text": "\t\t}\n\t }\n\t}\n\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error while getting message list.\");\n\t}\n\n\tElementContainer ec = new ElementContainer();\n\tec.addElement(new H1(\"Message List\"));\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 60 }, "region": { "startLine": 361, "endLine": 364, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t s.setMessage(\"Error while getting message list.\");\r\n\t}" } }, "contextRegion": { "startLine": 358, "endLine": 367, "snippet": { "text": "\t\t}\n\t }\n\t}\n\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error while getting message list.\");\n\t}\n\n\tElementContainer ec = new ElementContainer();\n\tec.addElement(new H1(\"Message List\"));\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 60 }, "region": { "startLine": 361, "startColumn": 2, "endLine": 364 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 42, "message": { "text": "The method setSessionAttribute() in [DefaultLessonAction.java](1) commingles trusted and untrusted data in the same data structure, which encourages programmers to mistakenly trust unvalidated data.\r\nCommingling trusted and untrusted data in the same data structure encourages programmers to mistakenly trust unvalidated data." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 106 }, "region": { "startLine": 89, "snippet": { "text": "\t\ts.getRequest().getSession().setAttribute(name, value);" } }, "contextRegion": { "startLine": 86, "endLine": 92, "snippet": { "text": "\t\n\tpublic void setSessionAttribute(WebSession s, String name, Object value)\n\t{\n\t\ts.getRequest().getSession().setAttribute(name, value);\n\t}\n\t\n\tpublic void setRequestAttribute(WebSession s, String name, Object value)\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 981 }, { "index": 982 }, { "index": 983 }, { "index": 984 }, { "index": 985 }, { "index": 986 }, { "index": 987 }, { "index": 988 }, { "index": 989 }, { "index": 990 }, { "index": 991 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 106 }, "region": { "startLine": 89, "snippet": { "text": "\t\ts.getRequest().getSession().setAttribute(name, value);" } }, "contextRegion": { "startLine": 86, "endLine": 92, "snippet": { "text": "\t\n\tpublic void setSessionAttribute(WebSession s, String name, Object value)\n\t{\n\t\ts.getRequest().getSession().setAttribute(name, value);\n\t}\n\t\n\tpublic void setRequestAttribute(WebSession s, String name, Object value)\n" } } }, "message": { "text": "setAttribute(1)" } }, "kinds": [ "call", "function" ] } ] } ] }, { "threadFlows": [ { "locations": [ { "index": 981 }, { "index": 982 }, { "index": 992 }, { "index": 993 }, { "index": 994 }, { "index": 986 }, { "index": 987 }, { "index": 988 }, { "index": 995 }, { "index": 990 }, { "index": 991 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 106 }, "region": { "startLine": 89, "snippet": { "text": "\t\ts.getRequest().getSession().setAttribute(name, value);" } }, "contextRegion": { "startLine": 86, "endLine": 92, "snippet": { "text": "\t\n\tpublic void setSessionAttribute(WebSession s, String name, Object value)\n\t{\n\t\ts.getRequest().getSession().setAttribute(name, value);\n\t}\n\t\n\tpublic void setRequestAttribute(WebSession s, String name, Object value)\n" } } }, "message": { "text": "setAttribute(1)" } }, "kinds": [ "call", "function" ] } ] } ] }, { "threadFlows": [ { "locations": [ { "index": 981 }, { "index": 982 }, { "index": 996 }, { "index": 997 }, { "index": 998 }, { "index": 986 }, { "index": 987 }, { "index": 988 }, { "index": 999 }, { "index": 990 }, { "index": 991 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 106 }, "region": { "startLine": 89, "snippet": { "text": "\t\ts.getRequest().getSession().setAttribute(name, value);" } }, "contextRegion": { "startLine": 86, "endLine": 92, "snippet": { "text": "\t\n\tpublic void setSessionAttribute(WebSession s, String name, Object value)\n\t{\n\t\ts.getRequest().getSession().setAttribute(name, value);\n\t}\n\t\n\tpublic void setRequestAttribute(WebSession s, String name, Object value)\n" } } }, "message": { "text": "setAttribute(1)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 106 }, "region": { "startLine": 89, "startColumn": 50 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 77, "level": "note", "message": { "text": "The method determineType() in [SoapRequest.java](1) ignores an exception on line [322](1), which could cause the program to overlook unexpected states and conditions.\r\nIgnoring an exception can cause the program to overlook unexpected states and conditions." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 130 }, "region": { "startLine": 322, "endLine": 326, "snippet": { "text": "\tcatch (ParameterNotFoundException pnfe)\r\n\t{\r\n\t //DEVNOTE: Eat the exception.\r\n\t // ec.addElement( new P().addElement( pnfe.getMessage() ) );\r\n\t}" } }, "contextRegion": { "startLine": 319, "endLine": 329, "snippet": { "text": "\t\ts.setMessage(\"Sorry, that is an incorrect type. Try Again.\");\n\t }\n\t}\n\tcatch (ParameterNotFoundException pnfe)\n\t{\n\t //DEVNOTE: Eat the exception.\n\t // ec.addElement( new P().addElement( pnfe.getMessage() ) );\n\t}\n\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 130 }, "region": { "startLine": 322, "endLine": 326, "snippet": { "text": "\tcatch (ParameterNotFoundException pnfe)\r\n\t{\r\n\t //DEVNOTE: Eat the exception.\r\n\t // ec.addElement( new P().addElement( pnfe.getMessage() ) );\r\n\t}" } }, "contextRegion": { "startLine": 319, "endLine": 329, "snippet": { "text": "\t\ts.setMessage(\"Sorry, that is an incorrect type. Try Again.\");\n\t }\n\t}\n\tcatch (ParameterNotFoundException pnfe)\n\t{\n\t //DEVNOTE: Eat the exception.\n\t // ec.addElement( new P().addElement( pnfe.getMessage() ) );\n\t}\n\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 130 }, "region": { "startLine": 322, "startColumn": 2, "endLine": 326 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 24, "level": "error", "message": { "text": "The method makeCurrent() in [StoredXss.java](1) sends unvalidated data to a web browser on line [228](1), which can result in the browser executing malicious code.\r\nSending unvalidated data to a web browser can result in the browser executing malicious code." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 60 }, "region": { "startLine": 228, "snippet": { "text": "\t\tec.addElement(new H1(\"Message Contents For: \"" } }, "contextRegion": { "startLine": 225, "endLine": 231, "snippet": { "text": "\n\t if ((results != null) && results.first())\n\t {\n\t\tec.addElement(new H1(\"Message Contents For: \"\n\t\t\t+ results.getString(TITLE_COL)));\n\t\tTable t = new Table(0).setCellSpacing(0).setCellPadding(0)\n\t\t\t.setBorder(0);\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 429 }, { "index": 430 }, { "index": 1000 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 60 }, "region": { "startLine": 228, "snippet": { "text": "\t\tec.addElement(new H1(\"Message Contents For: \"" } }, "contextRegion": { "startLine": 225, "endLine": 231, "snippet": { "text": "\n\t if ((results != null) && results.first())\n\t {\n\t\tec.addElement(new H1(\"Message Contents For: \"\n\t\t\t+ results.getString(TITLE_COL)));\n\t\tTable t = new Table(0).setCellSpacing(0).setCellPadding(0)\n\t\t\t.setBorder(0);\n" } } }, "message": { "text": "H1(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 60 }, "region": { "startLine": 228 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 17, "message": { "text": "The catch block at [ParameterParser.java](1) line [859](1) handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program.\r\nThe catch block handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 859, "endLine": 862, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t return def;\r\n\t}" } }, "contextRegion": { "startLine": 856, "endLine": 865, "snippet": { "text": "\t{\n\t return getWordParameter(name);\n\t}\n\tcatch (Exception e)\n\t{\n\t return def;\n\t}\n }\n\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 859, "endLine": 862, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t return def;\r\n\t}" } }, "contextRegion": { "startLine": 856, "endLine": 865, "snippet": { "text": "\t{\n\t return getWordParameter(name);\n\t}\n\tcatch (Exception e)\n\t{\n\t return def;\n\t}\n }\n\n\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 859, "startColumn": 2, "endLine": 862 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 102, "level": "error", "message": { "text": "On line [248](1) of [UpdateProfile.java](1), the method changeEmployeeProfile() invokes a SQL query built using input coming from an untrusted source. This call could allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands.\r\nConstructing a dynamic SQL statement with input coming from an untrusted source could allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 248, "snippet": { "text": "\t\tanswer_statement.executeUpdate(query);" } }, "contextRegion": { "startLine": 245, "endLine": 251, "snippet": { "text": "\t\tStatement answer_statement = WebSession.getConnection(s)\n\t\t\t.createStatement(ResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tanswer_statement.executeUpdate(query);\n\t }\n\t catch (SQLException sqle)\n\t {\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 623 }, { "index": 624 }, { "index": 625 }, { "index": 90 }, { "index": 91 }, { "index": 627 }, { "index": 93 }, { "index": 1001 }, { "index": 1002 }, { "index": 149 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 248, "snippet": { "text": "\t\tanswer_statement.executeUpdate(query);" } }, "contextRegion": { "startLine": 245, "endLine": 251, "snippet": { "text": "\t\tStatement answer_statement = WebSession.getConnection(s)\n\t\t\t.createStatement(ResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tanswer_statement.executeUpdate(query);\n\t }\n\t catch (SQLException sqle)\n\t {\n" } } }, "message": { "text": "executeUpdate(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 248, "startColumn": 34 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 64, "message": { "text": "Hardcoded passwords may compromise system security in a way that cannot be easily remedied." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 57 }, "region": { "startLine": 94, "snippet": { "text": " public final static String PASSWORD = \"password\";" } }, "contextRegion": { "startLine": 91, "endLine": 97, "snippet": { "text": "\n public final static String FIRST_NAME = \"firstName\";\n\n public final static String PASSWORD = \"password\";\n\n public final static String EMPLOYEE_ID = \"employee_id\";\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 57 }, "region": { "startLine": 94, "snippet": { "text": " public final static String PASSWORD = \"password\";" } }, "contextRegion": { "startLine": 91, "endLine": 97, "snippet": { "text": "\n public final static String FIRST_NAME = \"firstName\";\n\n public final static String PASSWORD = \"password\";\n\n public final static String EMPLOYEE_ID = \"employee_id\";\n\n" } } }, "message": { "text": "FieldAccess: PASSWORD" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 57 }, "region": { "startLine": 94, "snippet": { "text": " public final static String PASSWORD = \"password\";" } }, "contextRegion": { "startLine": 91, "endLine": 97, "snippet": { "text": "\n public final static String FIRST_NAME = \"firstName\";\n\n public final static String PASSWORD = \"password\";\n\n public final static String EMPLOYEE_ID = \"employee_id\";\n\n" } } }, "message": { "text": "Field: PASSWORD" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 57 }, "region": { "startLine": 94 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 133, "message": { "text": "The function createContent() in [LessonAdapter.java](1) sometimes fails to release a system resource allocated by FileReader() on line 93.\r\nThe program can potentially fail to release a system resource." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 116 }, "region": { "startLine": 93, "snippet": { "text": "\t\tBufferedReader in = new BufferedReader(new FileReader(fileName));" } }, "contextRegion": { "startLine": 90, "endLine": 96, "snippet": { "text": "\t try\n\t {\n\t\tPRE pre = new PRE();\n\t\tBufferedReader in = new BufferedReader(new FileReader(fileName));\n\t\tString line = null;\n\t\twhile ((line = in.readLine()) != null)\n\t\t{\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 116 }, "region": { "startLine": 88, "snippet": { "text": "\tif (fileName != null)" } }, "contextRegion": { "startLine": 85, "endLine": 91, "snippet": { "text": "\n\tString fileName = s.getContext().getRealPath(\n\t\t\"doc/New Lesson Instructions.txt\");\n\tif (fileName != null)\n\t{\n\t try\n\t {\n" } } }, "message": { "text": "Branch taken" } }, "kinds": [ "branch", "true" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 116 }, "region": { "startLine": 93, "snippet": { "text": "\t\tBufferedReader in = new BufferedReader(new FileReader(fileName));" } }, "contextRegion": { "startLine": 90, "endLine": 96, "snippet": { "text": "\t try\n\t {\n\t\tPRE pre = new PRE();\n\t\tBufferedReader in = new BufferedReader(new FileReader(fileName));\n\t\tString line = null;\n\t\twhile ((line = in.readLine()) != null)\n\t\t{\n" } } }, "message": { "text": "new FileReader(...)" }, "annotations": [ { "startLine": 93, "startColumn": 42, "message": { "text": " refers to an allocated resource" } } ] }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 116 }, "region": { "startLine": 93, "snippet": { "text": "\t\tBufferedReader in = new BufferedReader(new FileReader(fileName));" } }, "contextRegion": { "startLine": 90, "endLine": 96, "snippet": { "text": "\t try\n\t {\n\t\tPRE pre = new PRE();\n\t\tBufferedReader in = new BufferedReader(new FileReader(fileName));\n\t\tString line = null;\n\t\twhile ((line = in.readLine()) != null)\n\t\t{\n" } } }, "message": { "text": "in = new BufferedReader(new java.io.FileReader())" }, "annotations": [ { "startLine": 93, "startColumn": 3, "message": { "text": "in refers to an allocated resource" } } ] }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 116 }, "region": { "startLine": 95, "snippet": { "text": "\t\twhile ((line = in.readLine()) != null)" } }, "contextRegion": { "startLine": 92, "endLine": 98, "snippet": { "text": "\t\tPRE pre = new PRE();\n\t\tBufferedReader in = new BufferedReader(new FileReader(fileName));\n\t\tString line = null;\n\t\twhile ((line = in.readLine()) != null)\n\t\t{\n\t\t pre.addElement(line + \"\\n\");\n\t\t}\n" } } }, "message": { "text": "java.lang.Exception thrown" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 116 }, "region": { "startLine": 95, "snippet": { "text": "\t\twhile ((line = in.readLine()) != null)" } }, "contextRegion": { "startLine": 92, "endLine": 98, "snippet": { "text": "\t\tPRE pre = new PRE();\n\t\tBufferedReader in = new BufferedReader(new FileReader(fileName));\n\t\tString line = null;\n\t\twhile ((line = in.readLine()) != null)\n\t\t{\n\t\t pre.addElement(line + \"\\n\");\n\t\t}\n" } } }, "message": { "text": "in no longer refers to an allocated resource" } }, "kinds": [ "exit", "scope" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 116 }, "region": { "startLine": 95, "snippet": { "text": "\t\twhile ((line = in.readLine()) != null)" } }, "contextRegion": { "startLine": 92, "endLine": 98, "snippet": { "text": "\t\tPRE pre = new PRE();\n\t\tBufferedReader in = new BufferedReader(new FileReader(fileName));\n\t\tString line = null;\n\t\twhile ((line = in.readLine()) != null)\n\t\t{\n\t\t pre.addElement(line + \"\\n\");\n\t\t}\n" } } }, "message": { "text": "in no longer refers to an allocated resource" } }, "kinds": [ "exit", "scope" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 116 }, "region": { "startLine": 95, "snippet": { "text": "\t\twhile ((line = in.readLine()) != null)" } }, "contextRegion": { "startLine": 92, "endLine": 98, "snippet": { "text": "\t\tPRE pre = new PRE();\n\t\tBufferedReader in = new BufferedReader(new FileReader(fileName));\n\t\tString line = null;\n\t\twhile ((line = in.readLine()) != null)\n\t\t{\n\t\t pre.addElement(line + \"\\n\");\n\t\t}\n" } } }, "message": { "text": "in no longer refers to an allocated resource" } }, "kinds": [ "exit", "scope" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 116 }, "region": { "startLine": 95, "snippet": { "text": "\t\twhile ((line = in.readLine()) != null)" } }, "contextRegion": { "startLine": 92, "endLine": 98, "snippet": { "text": "\t\tPRE pre = new PRE();\n\t\tBufferedReader in = new BufferedReader(new FileReader(fileName));\n\t\tString line = null;\n\t\twhile ((line = in.readLine()) != null)\n\t\t{\n\t\t pre.addElement(line + \"\\n\");\n\t\t}\n" } } }, "message": { "text": "in end scope : Resource leaked : java.lang.Exception thrown" } }, "kinds": [ "exit", "scope" ] } ] } ] }, { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 116 }, "region": { "startLine": 88, "snippet": { "text": "\tif (fileName != null)" } }, "contextRegion": { "startLine": 85, "endLine": 91, "snippet": { "text": "\n\tString fileName = s.getContext().getRealPath(\n\t\t\"doc/New Lesson Instructions.txt\");\n\tif (fileName != null)\n\t{\n\t try\n\t {\n" } } }, "message": { "text": "Branch taken" } }, "kinds": [ "branch", "true" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 116 }, "region": { "startLine": 93, "snippet": { "text": "\t\tBufferedReader in = new BufferedReader(new FileReader(fileName));" } }, "contextRegion": { "startLine": 90, "endLine": 96, "snippet": { "text": "\t try\n\t {\n\t\tPRE pre = new PRE();\n\t\tBufferedReader in = new BufferedReader(new FileReader(fileName));\n\t\tString line = null;\n\t\twhile ((line = in.readLine()) != null)\n\t\t{\n" } } }, "message": { "text": "new FileReader(...)" }, "annotations": [ { "startLine": 93, "startColumn": 42, "message": { "text": " refers to an allocated resource" } } ] }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 116 }, "region": { "startLine": 93, "snippet": { "text": "\t\tBufferedReader in = new BufferedReader(new FileReader(fileName));" } }, "contextRegion": { "startLine": 90, "endLine": 96, "snippet": { "text": "\t try\n\t {\n\t\tPRE pre = new PRE();\n\t\tBufferedReader in = new BufferedReader(new FileReader(fileName));\n\t\tString line = null;\n\t\twhile ((line = in.readLine()) != null)\n\t\t{\n" } } }, "message": { "text": "in = new BufferedReader(new java.io.FileReader())" }, "annotations": [ { "startLine": 93, "startColumn": 3, "message": { "text": "in refers to an allocated resource" } } ] }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 116 }, "region": { "startLine": 100, "snippet": { "text": "\t }" } }, "contextRegion": { "startLine": 97, "endLine": 103, "snippet": { "text": "\t\t pre.addElement(line + \"\\n\");\n\t\t}\n\t\tec.addElement(pre);\n\t }\n\t catch (Exception e)\n\t {}\n\t}\n" } } }, "message": { "text": "in no longer refers to an allocated resource" } }, "kinds": [ "exit", "scope" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 116 }, "region": { "startLine": 100, "snippet": { "text": "\t }" } }, "contextRegion": { "startLine": 97, "endLine": 103, "snippet": { "text": "\t\t pre.addElement(line + \"\\n\");\n\t\t}\n\t\tec.addElement(pre);\n\t }\n\t catch (Exception e)\n\t {}\n\t}\n" } } }, "message": { "text": "in no longer refers to an allocated resource" } }, "kinds": [ "exit", "scope" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 116 }, "region": { "startLine": 100, "snippet": { "text": "\t }" } }, "contextRegion": { "startLine": 97, "endLine": 103, "snippet": { "text": "\t\t pre.addElement(line + \"\\n\");\n\t\t}\n\t\tec.addElement(pre);\n\t }\n\t catch (Exception e)\n\t {}\n\t}\n" } } }, "message": { "text": "in no longer refers to an allocated resource" } }, "kinds": [ "exit", "scope" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 116 }, "region": { "startLine": 100, "snippet": { "text": "\t }" } }, "contextRegion": { "startLine": 97, "endLine": 103, "snippet": { "text": "\t\t pre.addElement(line + \"\\n\");\n\t\t}\n\t\tec.addElement(pre);\n\t }\n\t catch (Exception e)\n\t {}\n\t}\n" } } }, "message": { "text": "in end scope : Resource leaked" } }, "kinds": [ "exit", "scope" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 116 }, "region": { "startLine": 93 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 49, "level": "note", "message": { "text": "The function WebSession() in [WebSession.java](1) might reveal system data or debugging information by calling println() on line [283](1). The information revealed by println() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 46 }, "region": { "startLine": 283, "snippet": { "text": "\t\tSystem.out.println(\"Context Path: \" + DatabaseUtilities.servletContextRealPath);" } }, "contextRegion": { "startLine": 280, "endLine": 286, "snippet": { "text": "\n\t\t// FIXME: hack to save context for web service calls\n\t\tDatabaseUtilities.servletContextRealPath = context.getRealPath(\"/\");\n\t\tSystem.out.println(\"Context Path: \" + DatabaseUtilities.servletContextRealPath);\n\t\t// FIXME: need to solve concurrency problem here -- make tables for this user\n\t\tif ( !databaseBuilt )\n\t\t{\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 98 }, { "index": 99 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 46 }, "region": { "startLine": 283, "snippet": { "text": "\t\tSystem.out.println(\"Context Path: \" + DatabaseUtilities.servletContextRealPath);" } }, "contextRegion": { "startLine": 280, "endLine": 286, "snippet": { "text": "\n\t\t// FIXME: hack to save context for web service calls\n\t\tDatabaseUtilities.servletContextRealPath = context.getRealPath(\"/\");\n\t\tSystem.out.println(\"Context Path: \" + DatabaseUtilities.servletContextRealPath);\n\t\t// FIXME: need to solve concurrency problem here -- make tables for this user\n\t\tif ( !databaseBuilt )\n\t\t{\n" } } }, "message": { "text": "println(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 46 }, "region": { "startLine": 283 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 87, "level": "error", "message": { "text": "Hardcoded passwords may compromise system security in a way that cannot be easily remedied." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 40 }, "region": { "startLine": 70, "snippet": { "text": "\t\t .getConnection(" } }, "contextRegion": { "startLine": 67, "endLine": 73, "snippet": { "text": "\t{\n\n\t connection = DriverManager\n\t\t .getConnection(\n\t\t\t \"jdbc:odbc:;DRIVER=Microsoft Access Driver (*.mdb);DBQ=c:/webgoat.mdb;PWD=webgoat\",\n\t\t\t \"webgoat\", \"webgoat\");\n\t db.makeDB(connection);\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 40 }, "region": { "startLine": 70, "snippet": { "text": "\t\t .getConnection(" } }, "contextRegion": { "startLine": 67, "endLine": 73, "snippet": { "text": "\t{\n\n\t connection = DriverManager\n\t\t .getConnection(\n\t\t\t \"jdbc:odbc:;DRIVER=Microsoft Access Driver (*.mdb);DBQ=c:/webgoat.mdb;PWD=webgoat\",\n\t\t\t \"webgoat\", \"webgoat\");\n\t db.makeDB(connection);\n" } } }, "message": { "text": "getConnection()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 40 }, "region": { "startLine": 70 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 125, "level": "error", "message": { "text": "The method _jspService() in [EditProfile.jsp](1) mishandles confidential information, which can compromise user privacy and is often illegal.\r\nMishandling private information, such as customer passwords or social security numbers, can compromise user privacy and is often illegal." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 42 }, "region": { "startLine": 67, "snippet": { "text": "\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getCcn()%>\"/>" } }, "contextRegion": { "startLine": 64, "endLine": 70, "snippet": { "text": "\t\t\t\t\t\tCredit Card: \n\t\t\t\t\t		\n\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getCcn()%>\"/>\n\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\tCredit Card Limit: \n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 421 }, { "index": 422 }, { "index": 1006 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 42 }, "region": { "startLine": 67, "snippet": { "text": "\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getCcn()%>\"/>" } }, "contextRegion": { "startLine": 64, "endLine": 70, "snippet": { "text": "\t\t\t\t\t\tCredit Card: \n\t\t\t\t\t\n\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getCcn()%>\"/>\n\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\tCredit Card Limit: \n" } } }, "message": { "text": "print(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 42 }, "region": { "startLine": 67 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 53, "message": { "text": "The J2EE standard forbids the direct management of connections." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 40 }, "region": { "startLine": 70, "snippet": { "text": "\t\t .getConnection(" } }, "contextRegion": { "startLine": 67, "endLine": 73, "snippet": { "text": "\t{\n\n\t connection = DriverManager\n\t\t .getConnection(\n\t\t\t \"jdbc:odbc:;DRIVER=Microsoft Access Driver (*.mdb);DBQ=c:/webgoat.mdb;PWD=webgoat\",\n\t\t\t \"webgoat\", \"webgoat\");\n\t db.makeDB(connection);\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 40 }, "region": { "startLine": 70, "snippet": { "text": "\t\t .getConnection(" } }, "contextRegion": { "startLine": 67, "endLine": 73, "snippet": { "text": "\t{\n\n\t connection = DriverManager\n\t\t .getConnection(\n\t\t\t \"jdbc:odbc:;DRIVER=Microsoft Access Driver (*.mdb);DBQ=c:/webgoat.mdb;PWD=webgoat\",\n\t\t\t \"webgoat\", \"webgoat\");\n\t db.makeDB(connection);\n" } } }, "message": { "text": "getConnection()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 40 }, "region": { "startLine": 70 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 122, "level": "error", "message": { "text": "The file [config.jsp](1) passes unvalidated data to an HTTP redirect function on line [12](1). Allowing unvalidated input to control the URL used in a redirect can aid phishing attacks.\r\nAllowing unvalidated input to control the URL used in a redirect can aid phishing attacks." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 78 }, "region": { "startLine": 12, "snippet": { "text": "\t\t \"&menu=\" + request.getParameter(\"menu\") +" } }, "contextRegion": { "startLine": 9, "endLine": 15, "snippet": { "text": "\n<% response.sendRedirect(\"/WebGoat/attack?\" +\n\t\t \"Screen=\" + request.getParameter(\"Screen\") +\n\t\t \"&menu=\" + request.getParameter(\"menu\") +\n\t\t \"&succeeded=yes\"); \n%>\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 1007 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 78 }, "region": { "startLine": 12, "snippet": { "text": "\t\t \"&menu=\" + request.getParameter(\"menu\") +" } }, "contextRegion": { "startLine": 9, "endLine": 15, "snippet": { "text": "\n<% response.sendRedirect(\"/WebGoat/attack?\" +\n\t\t \"Screen=\" + request.getParameter(\"Screen\") +\n\t\t \"&menu=\" + request.getParameter(\"menu\") +\n\t\t \"&succeeded=yes\"); \n%>\n\n" } } }, "message": { "text": "sendRedirect(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 78 }, "region": { "startLine": 12 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function handleRequest() in [SqlStringInjection.java](1) might reveal system data or debugging information by calling printStackTrace() on line [317](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 13 }, "region": { "startLine": 317, "snippet": { "text": "\t e.printStackTrace(System.out);" } }, "contextRegion": { "startLine": 314, "endLine": 320, "snippet": { "text": "\tcatch (Exception e)\n\t{\n\t System.out.println(\"Exception caught: \" + e);\n\t e.printStackTrace(System.out);\n\t}\n }\n}\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 13 }, "region": { "startLine": 317, "snippet": { "text": "\t e.printStackTrace(System.out);" } }, "contextRegion": { "startLine": 314, "endLine": 320, "snippet": { "text": "\tcatch (Exception e)\n\t{\n\t System.out.println(\"Exception caught: \" + e);\n\t e.printStackTrace(System.out);\n\t}\n }\n}\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 13 }, "region": { "startLine": 317 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 17, "message": { "text": "The catch block at [ListStaff.java](1) line [118](1) handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program.\r\nThe catch block handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 104 }, "region": { "startLine": 118, "endLine": 122, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t s.setMessage(\"Error getting employees\");\r\n\t e.printStackTrace();\r\n\t}" } }, "contextRegion": { "startLine": 115, "endLine": 125, "snippet": { "text": "\t\tsqle.printStackTrace();\n\t }\n\t}\n\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error getting employees\");\n\t e.printStackTrace();\n\t}\n\n\treturn employees;\n }\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 104 }, "region": { "startLine": 118, "endLine": 122, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t s.setMessage(\"Error getting employees\");\r\n\t e.printStackTrace();\r\n\t}" } }, "contextRegion": { "startLine": 115, "endLine": 125, "snippet": { "text": "\t\tsqle.printStackTrace();\n\t }\n\t}\n\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error getting employees\");\n\t e.printStackTrace();\n\t}\n\n\treturn employees;\n }\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 104 }, "region": { "startLine": 118, "startColumn": 2, "endLine": 122 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 125, "level": "error", "message": { "text": "The method _jspService() in [ViewProfile.jsp](1) mishandles confidential information, which can compromise user privacy and is often illegal.\r\nMishandling private information, such as customer passwords or social security numbers, can compromise user privacy and is often illegal." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 44 }, "region": { "startLine": 67, "snippet": { "text": "\t\t\t\t\t\t<%=employee.getCcn()%>" } }, "contextRegion": { "startLine": 64, "endLine": 70, "snippet": { "text": "\t\t\t\t\t\tCredit Card: \n\t\t\t\t\t\n\t\t\t\t\t\t<%=employee.getCcn()%>\n\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\tCredit Card Limit: \n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 637 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 44 }, "region": { "startLine": 67, "snippet": { "text": "\t\t\t\t\t\t<%=employee.getCcn()%>" } }, "contextRegion": { "startLine": 64, "endLine": 70, "snippet": { "text": "\t\t\t\t\t\tCredit Card: \n\t\t\t\t\t\n\t\t\t\t\t\t<%=employee.getCcn()%>\n\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\tCredit Card Limit: \n" } } }, "message": { "text": "print(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 44 }, "region": { "startLine": 67 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 17, "message": { "text": "The catch block at [Login.java](1) line [255](1) handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program.\r\nThe catch block handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 88 }, "region": { "startLine": 255, "endLine": 259, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t s.setMessage(\"Error getting employees\");\r\n\t e.printStackTrace();\r\n\t}" } }, "contextRegion": { "startLine": 252, "endLine": 262, "snippet": { "text": "\t\tsqle.printStackTrace();\n\t }\n\t}\n\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error getting employees\");\n\t e.printStackTrace();\n\t}\n\n\treturn employees;\n }\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 88 }, "region": { "startLine": 255, "endLine": 259, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t s.setMessage(\"Error getting employees\");\r\n\t e.printStackTrace();\r\n\t}" } }, "contextRegion": { "startLine": 252, "endLine": 262, "snippet": { "text": "\t\tsqle.printStackTrace();\n\t }\n\t}\n\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error getting employees\");\n\t e.printStackTrace();\n\t}\n\n\treturn employees;\n }\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 88 }, "region": { "startLine": 255, "startColumn": 2, "endLine": 259 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 26, "message": { "text": "A constructor of WelcomeScreen in [WelcomeScreen.java](1) at line [56](1) calls a function that can be overridden by an attacker.\r\nA constructor of the class calls a function that can be overridden." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 20 }, "region": { "startLine": 56, "snippet": { "text": "\tsetup(s);" } }, "contextRegion": { "startLine": 53, "endLine": 59, "snippet": { "text": " */\n public WelcomeScreen(WebSession s)\n {\n\tsetup(s);\n }\n\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 20 }, "region": { "startLine": 56, "snippet": { "text": "\tsetup(s);" } }, "contextRegion": { "startLine": 53, "endLine": 59, "snippet": { "text": " */\n public WelcomeScreen(WebSession s)\n {\n\tsetup(s);\n }\n\n\n" } } }, "message": { "text": "FunctionCall: setup" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 20 }, "region": { "startLine": 54, "snippet": { "text": " public WelcomeScreen(WebSession s)" } }, "contextRegion": { "startLine": 51, "endLine": 57, "snippet": { "text": " *\n * @param s Description of the Parameter\n */\n public WelcomeScreen(WebSession s)\n {\n\tsetup(s);\n }\n" } } }, "message": { "text": "Function: WelcomeScreen" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 20 }, "region": { "startLine": 67, "snippet": { "text": " public void setup(WebSession s)" } }, "contextRegion": { "startLine": 64, "endLine": 70, "snippet": { "text": " {}\n\n\n public void setup(WebSession s)\n {\n\t// call createContent first so messages will go somewhere\n\n" } } }, "message": { "text": "Function: setup" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 20 }, "region": { "startLine": 56 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 62, "level": "error", "message": { "text": "The method injectableQuery() in [SqlStringInjection.java](1) sends unvalidated data to a web browser on line [105](1), which can result in the browser executing malicious code.\r\nSending unvalidated data to a web browser can result in the browser executing malicious code." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 13 }, "region": { "startLine": 105, "snippet": { "text": "\t ec.addElement(new PRE(query));" } }, "contextRegion": { "startLine": 102, "endLine": 108, "snippet": { "text": "\n\t String query = \"SELECT * FROM user_data WHERE last_name = '\"\n\t\t + accountName + \"'\";\n\t ec.addElement(new PRE(query));\n\n\t try\n\t {\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 0 }, { "index": 2 }, { "index": 3 }, { "index": 7 }, { "index": 10 }, { "index": 777 }, { "index": 778 }, { "index": 779 }, { "index": 780 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 13 }, "region": { "startLine": 105, "snippet": { "text": "\t ec.addElement(new PRE(query));" } }, "contextRegion": { "startLine": 102, "endLine": 108, "snippet": { "text": "\n\t String query = \"SELECT * FROM user_data WHERE last_name = '\"\n\t\t + accountName + \"'\";\n\t ec.addElement(new PRE(query));\n\n\t try\n\t {\n" } } }, "message": { "text": "PRE(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 13 }, "region": { "startLine": 105, "startColumn": 28 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function login() in [Login.java](1) might reveal system data or debugging information by calling printStackTrace() on line [169](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 37 }, "region": { "startLine": 169, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 166, "endLine": 172, "snippet": { "text": "\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error logging in\");\n\t e.printStackTrace();\n\t}\n\n\t//System.out.println(\"Lesson login result: \" + authenticated);\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 37 }, "region": { "startLine": 169, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 166, "endLine": 172, "snippet": { "text": "\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error logging in\");\n\t e.printStackTrace();\n\t}\n\n\t//System.out.println(\"Lesson login result: \" + authenticated);\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 37 }, "region": { "startLine": 169 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 52, "level": "error", "message": { "text": "Hardcoded passwords may compromise system security in a way that cannot be easily remedied." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 83 }, "region": { "startLine": 147, "snippet": { "text": "\t call.setPassword(\"guest\");" } }, "contextRegion": { "startLine": 144, "endLine": 150, "snippet": { "text": "\t call.addParameter(parameterName, serviceName, ParameterMode.INOUT);\n\t call.setReturnType(XMLType.XSD_STRING);\n\t call.setUsername(\"guest\");\n\t call.setPassword(\"guest\");\n\t call.setTargetEndpointAddress(\"http://localhost/WebGoat/services/\"\n\t\t + serv);\n\t Object result = call.invoke(new Object[] { parameterValue });\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 83 }, "region": { "startLine": 147, "snippet": { "text": "\t call.setPassword(\"guest\");" } }, "contextRegion": { "startLine": 144, "endLine": 150, "snippet": { "text": "\t call.addParameter(parameterName, serviceName, ParameterMode.INOUT);\n\t call.setReturnType(XMLType.XSD_STRING);\n\t call.setUsername(\"guest\");\n\t call.setPassword(\"guest\");\n\t call.setTargetEndpointAddress(\"http://localhost/WebGoat/services/\"\n\t\t + serv);\n\t Object result = call.invoke(new Object[] { parameterValue });\n" } } }, "message": { "text": "setPassword()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 83 }, "region": { "startLine": 147 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 66, "message": { "text": "The method doPost() in [HammerHead.java](1) writes unvalidated user input to the log on line [173](1). An attacker could take advantage of this behavior to forge log entries or inject malicious content into the log.\r\nWriting unvalidated user input to log files can allow an attacker to forge log entries or inject malicious content into the logs." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 173, "snippet": { "text": "\t log(request, screen.getClass().getName() + \" | \"" } }, "contextRegion": { "startLine": 170, "endLine": 176, "snippet": { "text": "\t // log the access to this screen for this user\n\t UserTracker userTracker = UserTracker.instance();\n\t userTracker.update(mySession, screen);\n\t log(request, screen.getClass().getName() + \" | \"\n\t\t + mySession.getParser().toString());\n\n\t // Redirect the request to our View servlet\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 703 }, { "index": 704 }, { "index": 706 }, { "index": 707 }, { "index": 1008 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 173, "snippet": { "text": "\t log(request, screen.getClass().getName() + \" | \"" } }, "contextRegion": { "startLine": 170, "endLine": 176, "snippet": { "text": "\t // log the access to this screen for this user\n\t UserTracker userTracker = UserTracker.instance();\n\t userTracker.update(mySession, screen);\n\t log(request, screen.getClass().getName() + \" | \"\n\t\t + mySession.getParser().toString());\n\n\t // Redirect the request to our View servlet\n" } } }, "message": { "text": "log(0)" } }, "kinds": [ "call", "function" ] } ] } ] }, { "threadFlows": [ { "locations": [ { "index": 703 }, { "index": 704 }, { "index": 706 }, { "index": 707 }, { "index": 717 }, { "index": 718 }, { "index": 1008 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 173, "snippet": { "text": "\t log(request, screen.getClass().getName() + \" | \"" } }, "contextRegion": { "startLine": 170, "endLine": 176, "snippet": { "text": "\t // log the access to this screen for this user\n\t UserTracker userTracker = UserTracker.instance();\n\t userTracker.update(mySession, screen);\n\t log(request, screen.getClass().getName() + \" | \"\n\t\t + mySession.getParser().toString());\n\n\t // Redirect the request to our View servlet\n" } } }, "message": { "text": "log(0)" } }, "kinds": [ "call", "function" ] } ] } ] }, { "threadFlows": [ { "locations": [ { "index": 703 }, { "index": 704 }, { "index": 706 }, { "index": 707 }, { "index": 307 }, { "index": 308 }, { "index": 309 }, { "index": 310 }, { "index": 1008 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 173, "snippet": { "text": "\t log(request, screen.getClass().getName() + \" | \"" } }, "contextRegion": { "startLine": 170, "endLine": 176, "snippet": { "text": "\t // log the access to this screen for this user\n\t UserTracker userTracker = UserTracker.instance();\n\t userTracker.update(mySession, screen);\n\t log(request, screen.getClass().getName() + \" | \"\n\t\t + mySession.getParser().toString());\n\n\t // Redirect the request to our View servlet\n" } } }, "message": { "text": "log(0)" } }, "kinds": [ "call", "function" ] } ] } ] }, { "threadFlows": [ { "locations": [ { "index": 703 }, { "index": 704 }, { "index": 706 }, { "index": 707 }, { "index": 717 }, { "index": 718 }, { "index": 307 }, { "index": 308 }, { "index": 309 }, { "index": 310 }, { "index": 1008 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 173, "snippet": { "text": "\t log(request, screen.getClass().getName() + \" | \"" } }, "contextRegion": { "startLine": 170, "endLine": 176, "snippet": { "text": "\t // log the access to this screen for this user\n\t UserTracker userTracker = UserTracker.instance();\n\t userTracker.update(mySession, screen);\n\t log(request, screen.getClass().getName() + \" | \"\n\t\t + mySession.getParser().toString());\n\n\t // Redirect the request to our View servlet\n" } } }, "message": { "text": "log(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 173, "startColumn": 10 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 108, "level": "error", "message": { "text": "The method ParameterNotFoundException() in [ParameterNotFoundException.java](1) mishandles confidential information, which can compromise user privacy and is often illegal.\r\nMishandling private information, such as customer passwords or social security numbers, can compromise user privacy and is often illegal." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 77 }, "region": { "startLine": 54, "snippet": { "text": "\tsuper(s);" } }, "contextRegion": { "startLine": 51, "endLine": 57, "snippet": { "text": " */\n public ParameterNotFoundException(String s)\n {\n\tsuper(s);\n }\n}\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 541 }, { "index": 542 }, { "index": 128 }, { "index": 335 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 77 }, "region": { "startLine": 54, "snippet": { "text": "\tsuper(s);" } }, "contextRegion": { "startLine": 51, "endLine": 57, "snippet": { "text": " */\n public ParameterNotFoundException(String s)\n {\n\tsuper(s);\n }\n}\n" } } }, "message": { "text": "Exception(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 77 }, "region": { "startLine": 54, "startColumn": 8 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 108, "level": "error", "message": { "text": "The method getStringParameter() in [ParameterParser.java](1) mishandles confidential information, which can compromise user privacy and is often illegal.\r\nMishandling private information, such as customer passwords or social security numbers, can compromise user privacy and is often illegal." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 695, "snippet": { "text": "\t throw new ParameterNotFoundException(name + \" not found\");" } }, "contextRegion": { "startLine": 692, "endLine": 698, "snippet": { "text": "\n\tif (values == null)\n\t{\n\t throw new ParameterNotFoundException(name + \" not found\");\n\t}\n\telse if (values[0].length() == 0)\n\t{\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 602 }, { "index": 603 }, { "index": 470 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 695, "snippet": { "text": "\t throw new ParameterNotFoundException(name + \" not found\");" } }, "contextRegion": { "startLine": 692, "endLine": 698, "snippet": { "text": "\n\tif (values == null)\n\t{\n\t throw new ParameterNotFoundException(name + \" not found\");\n\t}\n\telse if (values[0].length() == 0)\n\t{\n" } } }, "message": { "text": "ParameterNotFoundException(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 695 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 125, "level": "error", "message": { "text": "The method _jspService() in [EditProfile.jsp](1) mishandles confidential information, which can compromise user privacy and is often illegal.\r\nMishandling private information, such as customer passwords or social security numbers, can compromise user privacy and is often illegal." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 112 }, "region": { "startLine": 53, "snippet": { "text": "\t\t\t \t\t\" type=\"text\" value=\"<%=employee.getSsn()%>\"/> " } }, "contextRegion": { "startLine": 50, "endLine": 56, "snippet": { "text": "\t\t\t \t\tSSN: \n\t\t\t \t\n\t\t\t \t\t\" type=\"text\" value=\"<%=employee.getSsn()%>\"/> \n\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\tSalary: \n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 1009 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 112 }, "region": { "startLine": 53, "snippet": { "text": "\t\t\t \t\t\" type=\"text\" value=\"<%=employee.getSsn()%>\"/> " } }, "contextRegion": { "startLine": 50, "endLine": 56, "snippet": { "text": "\t\t\t \t\tSSN: \n\t\t\t \t\n\t\t\t \t\t\" type=\"text\" value=\"<%=employee.getSsn()%>\"/> \n\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\tSalary: \n" } } }, "message": { "text": "print(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 112 }, "region": { "startLine": 53 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 139, "message": { "text": "On line [158](1) of [XPATHInjection.java](1), the method createContent() invokes an XPath query built using unvalidated input. This call could allow an attacker to modify the statement's meaning or to execute arbitrary XPath queries.\r\nConstructing a dynamic XPath query with user input could allow an attacker to modify the statement's meaning." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 5 }, "region": { "startLine": 158, "snippet": { "text": "\t nodes = (NodeList) xPath.evaluate(expression, inputSource," } }, "contextRegion": { "startLine": 155, "endLine": 161, "snippet": { "text": "\t InputSource inputSource = new InputSource(new FileInputStream(d));\n\t String expression = \"/employees/employee[loginID/text()='\"\n\t\t + username + \"' and passwd/text()='\" + password + \"']\";\n\t nodes = (NodeList) xPath.evaluate(expression, inputSource,\n\t\t XPathConstants.NODESET);\n\t int nodesLength = nodes.getLength();\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 0 }, { "index": 2 }, { "index": 3 }, { "index": 7 }, { "index": 10 }, { "index": 1003 }, { "index": 1004 }, { "index": 1005 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 5 }, "region": { "startLine": 158, "snippet": { "text": "\t nodes = (NodeList) xPath.evaluate(expression, inputSource," } }, "contextRegion": { "startLine": 155, "endLine": 161, "snippet": { "text": "\t InputSource inputSource = new InputSource(new FileInputStream(d));\n\t String expression = \"/employees/employee[loginID/text()='\"\n\t\t + username + \"' and passwd/text()='\" + password + \"']\";\n\t nodes = (NodeList) xPath.evaluate(expression, inputSource,\n\t\t XPathConstants.NODESET);\n\t int nodesLength = nodes.getLength();\n\n" } } }, "message": { "text": "evaluate(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 5 }, "region": { "startLine": 158, "startColumn": 40 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 17, "message": { "text": "The catch block at [DefaultLessonAction.java](1) line [275](1) handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program.\r\nThe catch block handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 106 }, "region": { "startLine": 275, "endLine": 279, "snippet": { "text": "\t\tcatch ( Exception e )\r\n\t\t{\r\n\t\t\ts.setMessage( \"Error authorizing\" );\r\n\t\t\te.printStackTrace();\r\n\t\t}" } }, "contextRegion": { "startLine": 272, "endLine": 282, "snippet": { "text": "\t\t\t\tsqle.printStackTrace();\n\t\t\t}\n\t\t}\n\t\tcatch ( Exception e )\n\t\t{\n\t\t\ts.setMessage( \"Error authorizing\" );\n\t\t\te.printStackTrace();\n\t\t}\n\t\t\t\t\n\t\t// Update lesson status if necessary.\n\t\tif (getStage(s) == 2)\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 106 }, "region": { "startLine": 275, "endLine": 279, "snippet": { "text": "\t\tcatch ( Exception e )\r\n\t\t{\r\n\t\t\ts.setMessage( \"Error authorizing\" );\r\n\t\t\te.printStackTrace();\r\n\t\t}" } }, "contextRegion": { "startLine": 272, "endLine": 282, "snippet": { "text": "\t\t\t\tsqle.printStackTrace();\n\t\t\t}\n\t\t}\n\t\tcatch ( Exception e )\n\t\t{\n\t\t\ts.setMessage( \"Error authorizing\" );\n\t\t\te.printStackTrace();\n\t\t}\n\t\t\t\t\n\t\t// Update lesson status if necessary.\n\t\tif (getStage(s) == 2)\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 106 }, "region": { "startLine": 275, "startColumn": 3, "endLine": 279 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 133, "message": { "text": "The function getInstructions() in [LessonAdapter.java](1) sometimes fails to release a system resource allocated by FileReader() on line 285.\r\nThe program can potentially fail to release a system resource." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 116 }, "region": { "startLine": 285, "snippet": { "text": "\t\tBufferedReader in = new BufferedReader(new FileReader(fileName));" } }, "contextRegion": { "startLine": 282, "endLine": 288, "snippet": { "text": "\t String fileName = s.getWebResource(getLessonPlanFileName());\n\t if (fileName != null)\n\t {\n\t\tBufferedReader in = new BufferedReader(new FileReader(fileName));\n\t\tString line = null;\n\t\tboolean startAppending = false;\n\t\twhile ((line = in.readLine()) != null)\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 116 }, "region": { "startLine": 283, "snippet": { "text": "\t if (fileName != null)" } }, "contextRegion": { "startLine": 280, "endLine": 286, "snippet": { "text": "\ttry\n\t{\n\t String fileName = s.getWebResource(getLessonPlanFileName());\n\t if (fileName != null)\n\t {\n\t\tBufferedReader in = new BufferedReader(new FileReader(fileName));\n\t\tString line = null;\n" } } }, "message": { "text": "Branch taken" } }, "kinds": [ "branch", "true" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 116 }, "region": { "startLine": 285, "snippet": { "text": "\t\tBufferedReader in = new BufferedReader(new FileReader(fileName));" } }, "contextRegion": { "startLine": 282, "endLine": 288, "snippet": { "text": "\t String fileName = s.getWebResource(getLessonPlanFileName());\n\t if (fileName != null)\n\t {\n\t\tBufferedReader in = new BufferedReader(new FileReader(fileName));\n\t\tString line = null;\n\t\tboolean startAppending = false;\n\t\twhile ((line = in.readLine()) != null)\n" } } }, "message": { "text": "new FileReader(...)" }, "annotations": [ { "startLine": 285, "startColumn": 42, "message": { "text": " refers to an allocated resource" } } ] }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 116 }, "region": { "startLine": 285, "snippet": { "text": "\t\tBufferedReader in = new BufferedReader(new FileReader(fileName));" } }, "contextRegion": { "startLine": 282, "endLine": 288, "snippet": { "text": "\t String fileName = s.getWebResource(getLessonPlanFileName());\n\t if (fileName != null)\n\t {\n\t\tBufferedReader in = new BufferedReader(new FileReader(fileName));\n\t\tString line = null;\n\t\tboolean startAppending = false;\n\t\twhile ((line = in.readLine()) != null)\n" } } }, "message": { "text": "in = new BufferedReader(new java.io.FileReader())" }, "annotations": [ { "startLine": 285, "startColumn": 3, "message": { "text": "in refers to an allocated resource" } } ] }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 116 }, "region": { "startLine": 288, "snippet": { "text": "\t\twhile ((line = in.readLine()) != null)" } }, "contextRegion": { "startLine": 285, "endLine": 291, "snippet": { "text": "\t\tBufferedReader in = new BufferedReader(new FileReader(fileName));\n\t\tString line = null;\n\t\tboolean startAppending = false;\n\t\twhile ((line = in.readLine()) != null)\n\t\t{\n\t\t if (line.indexOf(\"\") != -1)\n\t\t {\n" } } }, "message": { "text": "java.lang.Exception thrown" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 116 }, "region": { "startLine": 288, "snippet": { "text": "\t\twhile ((line = in.readLine()) != null)" } }, "contextRegion": { "startLine": 285, "endLine": 291, "snippet": { "text": "\t\tBufferedReader in = new BufferedReader(new FileReader(fileName));\n\t\tString line = null;\n\t\tboolean startAppending = false;\n\t\twhile ((line = in.readLine()) != null)\n\t\t{\n\t\t if (line.indexOf(\"\") != -1)\n\t\t {\n" } } }, "message": { "text": "in no longer refers to an allocated resource" } }, "kinds": [ "exit", "scope" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 116 }, "region": { "startLine": 288, "snippet": { "text": "\t\twhile ((line = in.readLine()) != null)" } }, "contextRegion": { "startLine": 285, "endLine": 291, "snippet": { "text": "\t\tBufferedReader in = new BufferedReader(new FileReader(fileName));\n\t\tString line = null;\n\t\tboolean startAppending = false;\n\t\twhile ((line = in.readLine()) != null)\n\t\t{\n\t\t if (line.indexOf(\"\") != -1)\n\t\t {\n" } } }, "message": { "text": "in no longer refers to an allocated resource" } }, "kinds": [ "exit", "scope" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 116 }, "region": { "startLine": 288, "snippet": { "text": "\t\twhile ((line = in.readLine()) != null)" } }, "contextRegion": { "startLine": 285, "endLine": 291, "snippet": { "text": "\t\tBufferedReader in = new BufferedReader(new FileReader(fileName));\n\t\tString line = null;\n\t\tboolean startAppending = false;\n\t\twhile ((line = in.readLine()) != null)\n\t\t{\n\t\t if (line.indexOf(\"\") != -1)\n\t\t {\n" } } }, "message": { "text": "in no longer refers to an allocated resource" } }, "kinds": [ "exit", "scope" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 116 }, "region": { "startLine": 288, "snippet": { "text": "\t\twhile ((line = in.readLine()) != null)" } }, "contextRegion": { "startLine": 285, "endLine": 291, "snippet": { "text": "\t\tBufferedReader in = new BufferedReader(new FileReader(fileName));\n\t\tString line = null;\n\t\tboolean startAppending = false;\n\t\twhile ((line = in.readLine()) != null)\n\t\t{\n\t\t if (line.indexOf(\"\") != -1)\n\t\t {\n" } } }, "message": { "text": "in end scope : Resource leaked : java.lang.Exception thrown" } }, "kinds": [ "exit", "scope" ] } ] } ] }, { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 116 }, "region": { "startLine": 283, "snippet": { "text": "\t if (fileName != null)" } }, "contextRegion": { "startLine": 280, "endLine": 286, "snippet": { "text": "\ttry\n\t{\n\t String fileName = s.getWebResource(getLessonPlanFileName());\n\t if (fileName != null)\n\t {\n\t\tBufferedReader in = new BufferedReader(new FileReader(fileName));\n\t\tString line = null;\n" } } }, "message": { "text": "Branch taken" } }, "kinds": [ "branch", "true" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 116 }, "region": { "startLine": 285, "snippet": { "text": "\t\tBufferedReader in = new BufferedReader(new FileReader(fileName));" } }, "contextRegion": { "startLine": 282, "endLine": 288, "snippet": { "text": "\t String fileName = s.getWebResource(getLessonPlanFileName());\n\t if (fileName != null)\n\t {\n\t\tBufferedReader in = new BufferedReader(new FileReader(fileName));\n\t\tString line = null;\n\t\tboolean startAppending = false;\n\t\twhile ((line = in.readLine()) != null)\n" } } }, "message": { "text": "new FileReader(...)" }, "annotations": [ { "startLine": 285, "startColumn": 42, "message": { "text": " refers to an allocated resource" } } ] }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 116 }, "region": { "startLine": 285, "snippet": { "text": "\t\tBufferedReader in = new BufferedReader(new FileReader(fileName));" } }, "contextRegion": { "startLine": 282, "endLine": 288, "snippet": { "text": "\t String fileName = s.getWebResource(getLessonPlanFileName());\n\t if (fileName != null)\n\t {\n\t\tBufferedReader in = new BufferedReader(new FileReader(fileName));\n\t\tString line = null;\n\t\tboolean startAppending = false;\n\t\twhile ((line = in.readLine()) != null)\n" } } }, "message": { "text": "in = new BufferedReader(new java.io.FileReader())" }, "annotations": [ { "startLine": 285, "startColumn": 3, "message": { "text": "in refers to an allocated resource" } } ] }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 116 }, "region": { "startLine": 305, "snippet": { "text": "\t }" } }, "contextRegion": { "startLine": 302, "endLine": 308, "snippet": { "text": "\t\t\tbuff.append(line + \"\\n\");\n\t\t }\n\t\t}\n\t }\n\t}\n\tcatch (Exception e)\n\t{}\n" } } }, "message": { "text": "in no longer refers to an allocated resource" } }, "kinds": [ "exit", "scope" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 116 }, "region": { "startLine": 305, "snippet": { "text": "\t }" } }, "contextRegion": { "startLine": 302, "endLine": 308, "snippet": { "text": "\t\t\tbuff.append(line + \"\\n\");\n\t\t }\n\t\t}\n\t }\n\t}\n\tcatch (Exception e)\n\t{}\n" } } }, "message": { "text": "in no longer refers to an allocated resource" } }, "kinds": [ "exit", "scope" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 116 }, "region": { "startLine": 305, "snippet": { "text": "\t }" } }, "contextRegion": { "startLine": 302, "endLine": 308, "snippet": { "text": "\t\t\tbuff.append(line + \"\\n\");\n\t\t }\n\t\t}\n\t }\n\t}\n\tcatch (Exception e)\n\t{}\n" } } }, "message": { "text": "in no longer refers to an allocated resource" } }, "kinds": [ "exit", "scope" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 116 }, "region": { "startLine": 305, "snippet": { "text": "\t }" } }, "contextRegion": { "startLine": 302, "endLine": 308, "snippet": { "text": "\t\t\tbuff.append(line + \"\\n\");\n\t\t }\n\t\t}\n\t }\n\t}\n\tcatch (Exception e)\n\t{}\n" } } }, "message": { "text": "in end scope : Resource leaked" } }, "kinds": [ "exit", "scope" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 116 }, "region": { "startLine": 285 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 33, "level": "note", "message": { "text": "Using println() rather than a dedicated logging facility makes it difficult to monitor the behavior of the program.\r\nUsing `System.out` or `System.err` rather than a dedicated logging facility makes it difficult to monitor the behavior of the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 40 }, "region": { "startLine": 391, "snippet": { "text": "\t System.out.println(\"Error dropping weather database\");" } }, "contextRegion": { "startLine": 388, "endLine": 394, "snippet": { "text": "\t}\n\tcatch (SQLException e)\n\t{\n\t System.out.println(\"Error dropping weather database\");\n\t}\n\n\t// Create the new table\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 40 }, "region": { "startLine": 391, "snippet": { "text": "\t System.out.println(\"Error dropping weather database\");" } }, "contextRegion": { "startLine": 388, "endLine": 394, "snippet": { "text": "\t}\n\tcatch (SQLException e)\n\t{\n\t System.out.println(\"Error dropping weather database\");\n\t}\n\n\t// Create the new table\n" } } }, "message": { "text": "FunctionCall: println" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 40 }, "region": { "startLine": 391 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 33, "level": "note", "message": { "text": "Using println() rather than a dedicated logging facility makes it difficult to monitor the behavior of the program.\r\nUsing `System.out` or `System.err` rather than a dedicated logging facility makes it difficult to monitor the behavior of the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 40 }, "region": { "startLine": 405, "snippet": { "text": "\t System.out.println(\"Error creating weather database\");" } }, "contextRegion": { "startLine": 402, "endLine": 408, "snippet": { "text": "\t}\n\tcatch (SQLException e)\n\t{\n\t System.out.println(\"Error creating weather database\");\n\t e.printStackTrace();\n\t}\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 40 }, "region": { "startLine": 405, "snippet": { "text": "\t System.out.println(\"Error creating weather database\");" } }, "contextRegion": { "startLine": 402, "endLine": 408, "snippet": { "text": "\t}\n\tcatch (SQLException e)\n\t{\n\t System.out.println(\"Error creating weather database\");\n\t e.printStackTrace();\n\t}\n\n" } } }, "message": { "text": "FunctionCall: println" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 40 }, "region": { "startLine": 405 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 33, "level": "note", "message": { "text": "Using println() rather than a dedicated logging facility makes it difficult to monitor the behavior of the program.\r\nUsing `System.out` or `System.err` rather than a dedicated logging facility makes it difficult to monitor the behavior of the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 245, "snippet": { "text": "\t System.out.println(\"Name: \" + name);" } }, "contextRegion": { "startLine": 242, "endLine": 248, "snippet": { "text": "\t{\n\t String name = (String) enumerator.nextElement();\n\t Object value = session.getAttribute(name);\n\t System.out.println(\"Name: \" + name);\n\t System.out.println(\"Value: \" + value);\n\t}\n }\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 245, "snippet": { "text": "\t System.out.println(\"Name: \" + name);" } }, "contextRegion": { "startLine": 242, "endLine": 248, "snippet": { "text": "\t{\n\t String name = (String) enumerator.nextElement();\n\t Object value = session.getAttribute(name);\n\t System.out.println(\"Name: \" + name);\n\t System.out.println(\"Value: \" + value);\n\t}\n }\n" } } }, "message": { "text": "FunctionCall: println" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 245 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 33, "level": "note", "message": { "text": "Using println() rather than a dedicated logging facility makes it difficult to monitor the behavior of the program.\r\nUsing `System.out` or `System.err` rather than a dedicated logging facility makes it difficult to monitor the behavior of the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 246, "snippet": { "text": "\t System.out.println(\"Value: \" + value);" } }, "contextRegion": { "startLine": 243, "endLine": 249, "snippet": { "text": "\t String name = (String) enumerator.nextElement();\n\t Object value = session.getAttribute(name);\n\t System.out.println(\"Name: \" + name);\n\t System.out.println(\"Value: \" + value);\n\t}\n }\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 246, "snippet": { "text": "\t System.out.println(\"Value: \" + value);" } }, "contextRegion": { "startLine": 243, "endLine": 249, "snippet": { "text": "\t String name = (String) enumerator.nextElement();\n\t Object value = session.getAttribute(name);\n\t System.out.println(\"Name: \" + name);\n\t System.out.println(\"Value: \" + value);\n\t}\n }\n\n" } } }, "message": { "text": "FunctionCall: println" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 246 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 17, "message": { "text": "The catch block at [JSONInjection.java](1) line [96](1) handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program.\r\nThe catch block handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 7 }, "region": { "startLine": 96, "endLine": 99, "snippet": { "text": "\tcatch (Exception ex)\r\n\t{\r\n\t ex.printStackTrace();\r\n\t}" } }, "contextRegion": { "startLine": 93, "endLine": 102, "snippet": { "text": "\t\treturn;\n\t }\n\t}\n\tcatch (Exception ex)\n\t{\n\t ex.printStackTrace();\n\t}\n\n\tForm form = new Form(getFormAction(), Form.POST).setName(\"form\")\n\t\t.setEncType(\"\");\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 7 }, "region": { "startLine": 96, "endLine": 99, "snippet": { "text": "\tcatch (Exception ex)\r\n\t{\r\n\t ex.printStackTrace();\r\n\t}" } }, "contextRegion": { "startLine": 93, "endLine": 102, "snippet": { "text": "\t\treturn;\n\t }\n\t}\n\tcatch (Exception ex)\n\t{\n\t ex.printStackTrace();\n\t}\n\n\tForm form = new Form(getFormAction(), Form.POST).setName(\"form\")\n\t\t.setEncType(\"\");\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 7 }, "region": { "startLine": 96, "startColumn": 2, "endLine": 99 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 108, "level": "error", "message": { "text": "The method getRawParameter() in [ParameterParser.java](1) mishandles confidential information, which can compromise user privacy and is often illegal.\r\nMishandling private information, such as customer passwords or social security numbers, can compromise user privacy and is often illegal." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 635, "snippet": { "text": "\t throw new ParameterNotFoundException(name + \" was empty\");" } }, "contextRegion": { "startLine": 632, "endLine": 638, "snippet": { "text": "\t}\n\telse if (values[0].length() == 0)\n\t{\n\t throw new ParameterNotFoundException(name + \" was empty\");\n\t}\n\n\treturn (values[0]);\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 563 }, { "index": 564 }, { "index": 128 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 635, "snippet": { "text": "\t throw new ParameterNotFoundException(name + \" was empty\");" } }, "contextRegion": { "startLine": 632, "endLine": 638, "snippet": { "text": "\t}\n\telse if (values[0].length() == 0)\n\t{\n\t throw new ParameterNotFoundException(name + \" was empty\");\n\t}\n\n\treturn (values[0]);\n" } } }, "message": { "text": "ParameterNotFoundException(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 635 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 33, "level": "note", "message": { "text": "Using println() rather than a dedicated logging facility makes it difficult to monitor the behavior of the program.\r\nUsing `System.out` or `System.err` rather than a dedicated logging facility makes it difficult to monitor the behavior of the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 17 }, "region": { "startLine": 95, "snippet": { "text": "\t\tSystem.out.println(\"DBName: \" + dbName);" } }, "contextRegion": { "startLine": 92, "endLine": 98, "snippet": { "text": "\t if (os.toLowerCase().indexOf(\"window\") != -1)\n\t {\n\t\tdbName = dbName.concat(\"webgoat.mdb\");\n\t\tSystem.out.println(\"DBName: \" + dbName);\n\t\tClass.forName(\"sun.jdbc.odbc.JdbcOdbcDriver\");\n\t\treturn DriverManager\n\t\t\t.getConnection(\"jdbc:odbc:;DRIVER=Microsoft Access Driver (*.mdb);DBQ=\"\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 17 }, "region": { "startLine": 95, "snippet": { "text": "\t\tSystem.out.println(\"DBName: \" + dbName);" } }, "contextRegion": { "startLine": 92, "endLine": 98, "snippet": { "text": "\t if (os.toLowerCase().indexOf(\"window\") != -1)\n\t {\n\t\tdbName = dbName.concat(\"webgoat.mdb\");\n\t\tSystem.out.println(\"DBName: \" + dbName);\n\t\tClass.forName(\"sun.jdbc.odbc.JdbcOdbcDriver\");\n\t\treturn DriverManager\n\t\t\t.getConnection(\"jdbc:odbc:;DRIVER=Microsoft Access Driver (*.mdb);DBQ=\"\n" } } }, "message": { "text": "FunctionCall: println" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 17 }, "region": { "startLine": 95 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 124, "message": { "text": "The iteration count used by a password-based key derivation function is too low." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 495, "snippet": { "text": "\t\t\tSecretKey k = kf.generateSecret( new javax.crypto.spec.PBEKeySpec( pass ) );" } }, "contextRegion": { "startLine": 492, "endLine": 498, "snippet": { "text": "\n\t\t\tchar[] pass = pw.toCharArray();\n\n\t\t\tSecretKey k = kf.generateSecret( new javax.crypto.spec.PBEKeySpec( pass ) );\n\n\t\t\tpasswordDecryptCipher.init( Cipher.DECRYPT_MODE, k, ps );\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 495, "snippet": { "text": "\t\t\tSecretKey k = kf.generateSecret( new javax.crypto.spec.PBEKeySpec( pass ) );" } }, "contextRegion": { "startLine": 492, "endLine": 498, "snippet": { "text": "\n\t\t\tchar[] pass = pw.toCharArray();\n\n\t\t\tSecretKey k = kf.generateSecret( new javax.crypto.spec.PBEKeySpec( pass ) );\n\n\t\t\tpasswordDecryptCipher.init( Cipher.DECRYPT_MODE, k, ps );\n\n" } } }, "message": { "text": "PBEKeySpec()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 495 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 108, "level": "error", "message": { "text": "The method getRawParameter() in [ParameterParser.java](1) mishandles confidential information, which can compromise user privacy and is often illegal.\r\nMishandling private information, such as customer passwords or social security numbers, can compromise user privacy and is often illegal." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 631, "snippet": { "text": "\t throw new ParameterNotFoundException(name + \" not found\");" } }, "contextRegion": { "startLine": 628, "endLine": 634, "snippet": { "text": "\n\tif (values == null)\n\t{\n\t throw new ParameterNotFoundException(name + \" not found\");\n\t}\n\telse if (values[0].length() == 0)\n\t{\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 165 }, { "index": 166 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 631, "snippet": { "text": "\t throw new ParameterNotFoundException(name + \" not found\");" } }, "contextRegion": { "startLine": 628, "endLine": 634, "snippet": { "text": "\n\tif (values == null)\n\t{\n\t throw new ParameterNotFoundException(name + \" not found\");\n\t}\n\telse if (values[0].length() == 0)\n\t{\n" } } }, "message": { "text": "ParameterNotFoundException(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 631 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 102, "level": "error", "message": { "text": "On line [340](1) of [UpdateProfile.java](1), the method createEmployeeProfile() invokes a SQL query built using input coming from an untrusted source. This call could allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands.\r\nConstructing a dynamic SQL statement with input coming from an untrusted source could allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 340, "snippet": { "text": "\t\tstatement.executeUpdate(query);" } }, "contextRegion": { "startLine": 337, "endLine": 343, "snippet": { "text": "\t {\n\t\tStatement statement = WebSession.getConnection(s)\n\t\t\t.createStatement();\n\t\tstatement.executeUpdate(query);\n\t }\n\t catch (SQLException sqle)\n\t {\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 491 }, { "index": 492 }, { "index": 493 }, { "index": 90 }, { "index": 91 }, { "index": 494 }, { "index": 93 }, { "index": 1012 }, { "index": 1013 }, { "index": 97 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 340, "snippet": { "text": "\t\tstatement.executeUpdate(query);" } }, "contextRegion": { "startLine": 337, "endLine": 343, "snippet": { "text": "\t {\n\t\tStatement statement = WebSession.getConnection(s)\n\t\t\t.createStatement();\n\t\tstatement.executeUpdate(query);\n\t }\n\t catch (SQLException sqle)\n\t {\n" } } }, "message": { "text": "executeUpdate(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 340, "startColumn": 27 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function handleRequest() in [RoleBasedAccessControl.java](1) might reveal system data or debugging information by calling printStackTrace() on line [364](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 364, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 361, "endLine": 367, "snippet": { "text": "\t{\n\t // All other errors send the user to the generic error page\n\t System.out.println(\"handleRequest() error\");\n\t e.printStackTrace();\n\t setCurrentAction(s, ERROR_ACTION);\n\t}\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 364, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 361, "endLine": 367, "snippet": { "text": "\t{\n\t // All other errors send the user to the generic error page\n\t System.out.println(\"handleRequest() error\");\n\t e.printStackTrace();\n\t setCurrentAction(s, ERROR_ACTION);\n\t}\n\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 364 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 116, "level": "error", "message": { "text": "The function getResults() in [WsSqlInjection.java](1) sometimes fails to release a system resource allocated by makeConnection() on line 229.\r\nThe program can potentially fail to release a database connection." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 99 }, "region": { "startLine": 240, "snippet": { "text": "\t\tResultSet results = statement.executeQuery(query);" } }, "contextRegion": { "startLine": 237, "endLine": 243, "snippet": { "text": "\t\tStatement statement = connection.createStatement(\n\t\t\tResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tResultSet results = statement.executeQuery(query);\n\t\treturn results;\n\t }\n\t catch (SQLException sqle)\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 99 }, "region": { "startLine": 229, "snippet": { "text": "\t Connection connection = DatabaseUtilities.makeConnection();" } }, "contextRegion": { "startLine": 226, "endLine": 232, "snippet": { "text": " {\n\ttry\n\t{\n\t Connection connection = DatabaseUtilities.makeConnection();\n\t if (connection == null)\n\t {\n\t\treturn null;\n" } } }, "message": { "text": "connection = makeConnection()" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 99 }, "region": { "startLine": 230, "snippet": { "text": "\t if (connection == null)" } }, "contextRegion": { "startLine": 227, "endLine": 233, "snippet": { "text": "\ttry\n\t{\n\t Connection connection = DatabaseUtilities.makeConnection();\n\t if (connection == null)\n\t {\n\t\treturn null;\n\t }\n" } } }, "message": { "text": "Branch not taken" } }, "kinds": [ "branch", "false" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 99 }, "region": { "startLine": 237, "snippet": { "text": "\t\tStatement statement = connection.createStatement(" } }, "contextRegion": { "startLine": 234, "endLine": 240, "snippet": { "text": "\t String query = \"SELECT * FROM user_data WHERE userid = \" + id;\n\t try\n\t {\n\t\tStatement statement = connection.createStatement(\n\t\t\tResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tResultSet results = statement.executeQuery(query);\n" } } }, "message": { "text": "statement = connection.createStatement(...)" }, "annotations": [ { "startLine": 237, "startColumn": 3, "message": { "text": "statement refers to a database command" } } ] }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 99 }, "region": { "startLine": 240, "snippet": { "text": "\t\tResultSet results = statement.executeQuery(query);" } }, "contextRegion": { "startLine": 237, "endLine": 243, "snippet": { "text": "\t\tStatement statement = connection.createStatement(\n\t\t\tResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tResultSet results = statement.executeQuery(query);\n\t\treturn results;\n\t }\n\t catch (SQLException sqle)\n" } } }, "message": { "text": "results = statement.executeQuery(...)" }, "annotations": [ { "startLine": 240, "startColumn": 3, "message": { "text": "results refers to a database reader" } } ] }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 99 }, "region": { "startLine": 241, "snippet": { "text": "\t\treturn results;" } }, "contextRegion": { "startLine": 238, "endLine": 244, "snippet": { "text": "\t\t\tResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tResultSet results = statement.executeQuery(query);\n\t\treturn results;\n\t }\n\t catch (SQLException sqle)\n\t {}\n" } } }, "message": { "text": "return" } }, "kinds": [ "return", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 99 }, "region": { "startLine": 241, "snippet": { "text": "\t\treturn results;" } }, "contextRegion": { "startLine": 238, "endLine": 244, "snippet": { "text": "\t\t\tResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tResultSet results = statement.executeQuery(query);\n\t\treturn results;\n\t }\n\t catch (SQLException sqle)\n\t {}\n" } } }, "message": { "text": "results no longer refers to a database reader" } }, "kinds": [ "exit", "scope" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 99 }, "region": { "startLine": 241, "snippet": { "text": "\t\treturn results;" } }, "contextRegion": { "startLine": 238, "endLine": 244, "snippet": { "text": "\t\t\tResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tResultSet results = statement.executeQuery(query);\n\t\treturn results;\n\t }\n\t catch (SQLException sqle)\n\t {}\n" } } }, "message": { "text": "results no longer refers to a database reader" } }, "kinds": [ "exit", "scope" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 99 }, "region": { "startLine": 241, "snippet": { "text": "\t\treturn results;" } }, "contextRegion": { "startLine": 238, "endLine": 244, "snippet": { "text": "\t\t\tResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tResultSet results = statement.executeQuery(query);\n\t\treturn results;\n\t }\n\t catch (SQLException sqle)\n\t {}\n" } } }, "message": { "text": "connection end scope : Database resource leaked" } }, "kinds": [ "exit", "scope" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 99 }, "region": { "startLine": 240 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 62, "level": "error", "message": { "text": "The method makeRow() in [Encoding.java](1) sends unvalidated data to a web browser on line [794](1), which can result in the browser executing malicious code.\r\nSending unvalidated data to a web browser can result in the browser executing malicious code." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 794, "snippet": { "text": "\t\tTD val2 = new TD().addElement( value2 ).setBgColor( \"#dddddd\" );" } }, "contextRegion": { "startLine": 791, "endLine": 797, "snippet": { "text": "\n\t\tTD desc = new TD().addElement( description ).setBgColor( \"#bbbbbb\" );\n\t\tTD val1 = new TD().addElement( value1 ).setBgColor( \"#dddddd\" );\n\t\tTD val2 = new TD().addElement( value2 ).setBgColor( \"#dddddd\" );\n\t\tTR tr = new TR();\n\n\t\ttr.addElement( desc );\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 67 }, { "index": 68 }, { "index": 69 }, { "index": 70 }, { "index": 76 }, { "index": 77 }, { "index": 136 }, { "index": 137 }, { "index": 407 }, { "index": 408 }, { "index": 409 }, { "index": 1014 }, { "index": 804 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 794, "snippet": { "text": "\t\tTD val2 = new TD().addElement( value2 ).setBgColor( \"#dddddd\" );" } }, "contextRegion": { "startLine": 791, "endLine": 797, "snippet": { "text": "\n\t\tTD desc = new TD().addElement( description ).setBgColor( \"#bbbbbb\" );\n\t\tTD val1 = new TD().addElement( value1 ).setBgColor( \"#dddddd\" );\n\t\tTD val2 = new TD().addElement( value2 ).setBgColor( \"#dddddd\" );\n\t\tTR tr = new TR();\n\n\t\ttr.addElement( desc );\n" } } }, "message": { "text": "addElement(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 794, "startColumn": 34 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 102, "level": "error", "message": { "text": "On line [340](1) of [UpdateProfile.java](1), the method createEmployeeProfile() invokes a SQL query built using input coming from an untrusted source. This call could allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands.\r\nConstructing a dynamic SQL statement with input coming from an untrusted source could allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 340, "snippet": { "text": "\t\tstatement.executeUpdate(query);" } }, "contextRegion": { "startLine": 337, "endLine": 343, "snippet": { "text": "\t {\n\t\tStatement statement = WebSession.getConnection(s)\n\t\t\t.createStatement();\n\t\tstatement.executeUpdate(query);\n\t }\n\t catch (SQLException sqle)\n\t {\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 141 }, { "index": 142 }, { "index": 143 }, { "index": 90 }, { "index": 91 }, { "index": 145 }, { "index": 93 }, { "index": 1010 }, { "index": 1011 }, { "index": 97 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 340, "snippet": { "text": "\t\tstatement.executeUpdate(query);" } }, "contextRegion": { "startLine": 337, "endLine": 343, "snippet": { "text": "\t {\n\t\tStatement statement = WebSession.getConnection(s)\n\t\t\t.createStatement();\n\t\tstatement.executeUpdate(query);\n\t }\n\t catch (SQLException sqle)\n\t {\n" } } }, "message": { "text": "executeUpdate(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 340, "startColumn": 27 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 17, "message": { "text": "The catch block at [Challenge2Screen.java](1) line [726](1) handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program.\r\nThe catch block handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 726, "endLine": 730, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t System.out.println(\"Couldn't write \" + message + \" to \" + s);\r\n\t e.printStackTrace();\r\n\t}" } }, "contextRegion": { "startLine": 723, "endLine": 733, "snippet": { "text": "\t OutputStreamWriter osw = new OutputStreamWriter(s.getOutputStream());\n\t osw.write(message);\n\t}\n\tcatch (Exception e)\n\t{\n\t System.out.println(\"Couldn't write \" + message + \" to \" + s);\n\t e.printStackTrace();\n\t}\n }\n\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 726, "endLine": 730, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t System.out.println(\"Couldn't write \" + message + \" to \" + s);\r\n\t e.printStackTrace();\r\n\t}" } }, "contextRegion": { "startLine": 723, "endLine": 733, "snippet": { "text": "\t OutputStreamWriter osw = new OutputStreamWriter(s.getOutputStream());\n\t osw.write(message);\n\t}\n\tcatch (Exception e)\n\t{\n\t System.out.println(\"Couldn't write \" + message + \" to \" + s);\n\t e.printStackTrace();\n\t}\n }\n\n\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 726, "startColumn": 2, "endLine": 730 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 17, "message": { "text": "The catch block at [ListStaff.java](1) line [166](1) handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program.\r\nThe catch block handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 108 }, "region": { "startLine": 166, "endLine": 170, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t s.setMessage(\"Error getting employees\");\r\n\t e.printStackTrace();\r\n\t}" } }, "contextRegion": { "startLine": 163, "endLine": 173, "snippet": { "text": "\t\tsqle.printStackTrace();\n\t }\n\t}\n\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error getting employees\");\n\t e.printStackTrace();\n\t}\n\n\treturn employees;\n }\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 108 }, "region": { "startLine": 166, "endLine": 170, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t s.setMessage(\"Error getting employees\");\r\n\t e.printStackTrace();\r\n\t}" } }, "contextRegion": { "startLine": 163, "endLine": 173, "snippet": { "text": "\t\tsqle.printStackTrace();\n\t }\n\t}\n\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error getting employees\");\n\t e.printStackTrace();\n\t}\n\n\treturn employees;\n }\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 108 }, "region": { "startLine": 166, "startColumn": 2, "endLine": 170 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 125, "level": "error", "message": { "text": "The method _jspService() in [EditProfile.jsp](1) mishandles confidential information, which can compromise user privacy and is often illegal.\r\nMishandling private information, such as customer passwords or social security numbers, can compromise user privacy and is often illegal." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 42 }, "region": { "startLine": 54, "snippet": { "text": "\t\t\t \t\t\" type=\"text\" value=\"<%=employee.getSsn()%>\"/> " } }, "contextRegion": { "startLine": 51, "endLine": 57, "snippet": { "text": "\t\t\t \t\tSSN: \n\t\t\t \t\n\t\t\t \t\t\" type=\"text\" value=\"<%=employee.getSsn()%>\"/> \n\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\tSalary: \n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 1018 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 42 }, "region": { "startLine": 54, "snippet": { "text": "\t\t\t \t\t\" type=\"text\" value=\"<%=employee.getSsn()%>\"/> " } }, "contextRegion": { "startLine": 51, "endLine": 57, "snippet": { "text": "\t\t\t \t\tSSN: \n\t\t\t \t\n\t\t\t \t\t\" type=\"text\" value=\"<%=employee.getSsn()%>\"/> \n\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\tSalary: \n" } } }, "message": { "text": "print(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 42 }, "region": { "startLine": 54 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 62, "level": "error", "message": { "text": "The method makeUser() in [WeakAuthenticationCookie.java](1) sends unvalidated data to a web browser on line [377](1), which can result in the browser executing malicious code.\r\nSending unvalidated data to a web browser can result in the browser executing malicious code." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 132 }, "region": { "startLine": 377, "snippet": { "text": "\tec.addElement(new P().addElement(\"Welcome, \" + user));" } }, "contextRegion": { "startLine": 374, "endLine": 380, "snippet": { "text": "\t throws Exception\n {\n\tElementContainer ec = new ElementContainer();\n\tec.addElement(new P().addElement(\"Welcome, \" + user));\n\tec.addElement(new P().addElement(\"You have been authenticated with \"\n\t\t+ method));\n\tec.addElement(new P().addElement(ECSFactory.makeLink(\"Logout\", LOGOUT,\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 67 }, { "index": 68 }, { "index": 69 }, { "index": 70 }, { "index": 76 }, { "index": 77 }, { "index": 136 }, { "index": 137 }, { "index": 1022 }, { "index": 1023 }, { "index": 1024 }, { "index": 1025 }, { "index": 1027 }, { "index": 1028 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 132 }, "region": { "startLine": 377, "snippet": { "text": "\tec.addElement(new P().addElement(\"Welcome, \" + user));" } }, "contextRegion": { "startLine": 374, "endLine": 380, "snippet": { "text": "\t throws Exception\n {\n\tElementContainer ec = new ElementContainer();\n\tec.addElement(new P().addElement(\"Welcome, \" + user));\n\tec.addElement(new P().addElement(\"You have been authenticated with \"\n\t\t+ method));\n\tec.addElement(new P().addElement(ECSFactory.makeLink(\"Logout\", LOGOUT,\n" } } }, "message": { "text": "addElement(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 132 }, "region": { "startLine": 377 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 126, "level": "error", "message": { "text": "On line [240](1) of [WsSqlInjection.java](1), the method getResults() invokes a SQL query built using input coming from an untrusted source. This call could allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands.\r\nConstructing a dynamic SQL statement with input coming from an untrusted source could allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 99 }, "region": { "startLine": 240, "snippet": { "text": "\t\tResultSet results = statement.executeQuery(query);" } }, "contextRegion": { "startLine": 237, "endLine": 243, "snippet": { "text": "\t\tStatement statement = connection.createStatement(\n\t\t\tResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tResultSet results = statement.executeQuery(query);\n\t\treturn results;\n\t }\n\t catch (SQLException sqle)\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 0 }, { "index": 2 }, { "index": 3 }, { "index": 7 }, { "index": 10 }, { "index": 1026 }, { "index": 1029 }, { "index": 1030 }, { "index": 1031 }, { "index": 1032 }, { "index": 1034 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 99 }, "region": { "startLine": 240, "snippet": { "text": "\t\tResultSet results = statement.executeQuery(query);" } }, "contextRegion": { "startLine": 237, "endLine": 243, "snippet": { "text": "\t\tStatement statement = connection.createStatement(\n\t\t\tResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tResultSet results = statement.executeQuery(query);\n\t\treturn results;\n\t }\n\t catch (SQLException sqle)\n" } } }, "message": { "text": "executeQuery(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 99 }, "region": { "startLine": 240, "startColumn": 46 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 17, "message": { "text": "The catch block at [ViewProfile.java](1) line [223](1) handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program.\r\nThe catch block handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 66 }, "region": { "startLine": 223, "endLine": 227, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t s.setMessage(\"Error getting employee profile\");\r\n\t e.printStackTrace();\r\n\t}" } }, "contextRegion": { "startLine": 220, "endLine": 230, "snippet": { "text": "\t\tsqle.printStackTrace();\n\t }\n\t}\n\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error getting employee profile\");\n\t e.printStackTrace();\n\t}\n\n\treturn profile;\n }\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 66 }, "region": { "startLine": 223, "endLine": 227, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t s.setMessage(\"Error getting employee profile\");\r\n\t e.printStackTrace();\r\n\t}" } }, "contextRegion": { "startLine": 220, "endLine": 230, "snippet": { "text": "\t\tsqle.printStackTrace();\n\t }\n\t}\n\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error getting employee profile\");\n\t e.printStackTrace();\n\t}\n\n\treturn profile;\n }\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 66 }, "region": { "startLine": 223, "startColumn": 2, "endLine": 227 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 33, "level": "note", "message": { "text": "Using println() rather than a dedicated logging facility makes it difficult to monitor the behavior of the program.\r\nUsing `System.out` or `System.err` rather than a dedicated logging facility makes it difficult to monitor the behavior of the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 46 }, "region": { "startLine": 988, "snippet": { "text": "\t\t\tSystem.out.println( \"Logout \" + request.getUserPrincipal() );" } }, "contextRegion": { "startLine": 985, "endLine": 991, "snippet": { "text": "\t\t// FIXME: doesn't work right -- no reauthentication\n\t\tif ( myParser.getRawParameter( LOGOUT, null ) != null )\n\t\t{\n\t\t\tSystem.out.println( \"Logout \" + request.getUserPrincipal() );\n\t\t\teatCookies();\n\t\t\trequest.getSession().invalidate();\n\t\t\tcurrentScreen = WELCOME;\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 46 }, "region": { "startLine": 988, "snippet": { "text": "\t\t\tSystem.out.println( \"Logout \" + request.getUserPrincipal() );" } }, "contextRegion": { "startLine": 985, "endLine": 991, "snippet": { "text": "\t\t// FIXME: doesn't work right -- no reauthentication\n\t\tif ( myParser.getRawParameter( LOGOUT, null ) != null )\n\t\t{\n\t\t\tSystem.out.println( \"Logout \" + request.getUserPrincipal() );\n\t\t\teatCookies();\n\t\t\trequest.getSession().invalidate();\n\t\t\tcurrentScreen = WELCOME;\n" } } }, "message": { "text": "FunctionCall: println" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 46 }, "region": { "startLine": 988 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 33, "level": "note", "message": { "text": "Using println() rather than a dedicated logging facility makes it difficult to monitor the behavior of the program.\r\nUsing `System.out` or `System.err` rather than a dedicated logging facility makes it difficult to monitor the behavior of the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 46 }, "region": { "startLine": 1089, "snippet": { "text": "\t\t\tSystem.out.println(\"Hacked admin\");" } }, "contextRegion": { "startLine": 1086, "endLine": 1092, "snippet": { "text": "\t\tisHackedAdmin = myParser.getBooleanParameter( ADMIN, isAdmin );\n\t\tif ( isHackedAdmin )\n\t\t{\n\t\t\tSystem.out.println(\"Hacked admin\");\n\t\t\thasHackedHackableAdmin = true;\n\t\t}\n\t\tisColor = myParser.getBooleanParameter( COLOR, isColor );\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 46 }, "region": { "startLine": 1089, "snippet": { "text": "\t\t\tSystem.out.println(\"Hacked admin\");" } }, "contextRegion": { "startLine": 1086, "endLine": 1092, "snippet": { "text": "\t\tisHackedAdmin = myParser.getBooleanParameter( ADMIN, isAdmin );\n\t\tif ( isHackedAdmin )\n\t\t{\n\t\t\tSystem.out.println(\"Hacked admin\");\n\t\t\thasHackedHackableAdmin = true;\n\t\t}\n\t\tisColor = myParser.getBooleanParameter( COLOR, isColor );\n" } } }, "message": { "text": "FunctionCall: println" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 46 }, "region": { "startLine": 1089 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 120, "message": { "text": "Attackers can control an argument to the reflection method forName() at [DatabaseUtilities.java](1) line [66](1), which could allow them to create unexpected control flow paths through the application, potentially bypassing security checks.\r\nAn attacker may be able to create unexpected control flow paths through the application, potentially bypassing security checks." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 17 }, "region": { "startLine": 66, "snippet": { "text": "\tClass.forName(s.getDatabaseDriver());" } }, "contextRegion": { "startLine": 63, "endLine": 69, "snippet": { "text": " public static Connection makeConnection(WebSession s)\n\t throws ClassNotFoundException, SQLException\n {\n\tClass.forName(s.getDatabaseDriver());\n\n\treturn (DriverManager.getConnection(s.getDatabaseConnectionString()));\n }\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 551 }, { "index": 552 }, { "index": 1019 }, { "index": 1020 }, { "index": 1021 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 17 }, "region": { "startLine": 66, "snippet": { "text": "\tClass.forName(s.getDatabaseDriver());" } }, "contextRegion": { "startLine": 63, "endLine": 69, "snippet": { "text": " public static Connection makeConnection(WebSession s)\n\t throws ClassNotFoundException, SQLException\n {\n\tClass.forName(s.getDatabaseDriver());\n\n\treturn (DriverManager.getConnection(s.getDatabaseConnectionString()));\n }\n" } } }, "message": { "text": "forName(0)" } }, "kinds": [ "call", "function" ] } ] } ] }, { "threadFlows": [ { "locations": [ { "index": 551 }, { "index": 552 }, { "index": 553 }, { "index": 135 }, { "index": 157 }, { "index": 559 }, { "index": 159 }, { "index": 1035 }, { "index": 1036 }, { "index": 1037 }, { "index": 1021 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 17 }, "region": { "startLine": 66, "snippet": { "text": "\tClass.forName(s.getDatabaseDriver());" } }, "contextRegion": { "startLine": 63, "endLine": 69, "snippet": { "text": " public static Connection makeConnection(WebSession s)\n\t throws ClassNotFoundException, SQLException\n {\n\tClass.forName(s.getDatabaseDriver());\n\n\treturn (DriverManager.getConnection(s.getDatabaseConnectionString()));\n }\n" } } }, "message": { "text": "forName(0)" } }, "kinds": [ "call", "function" ] } ] } ] }, { "threadFlows": [ { "locations": [ { "index": 551 }, { "index": 552 }, { "index": 553 }, { "index": 135 }, { "index": 157 }, { "index": 559 }, { "index": 159 }, { "index": 1035 }, { "index": 1036 }, { "index": 1038 }, { "index": 1021 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 17 }, "region": { "startLine": 66, "snippet": { "text": "\tClass.forName(s.getDatabaseDriver());" } }, "contextRegion": { "startLine": 63, "endLine": 69, "snippet": { "text": " public static Connection makeConnection(WebSession s)\n\t throws ClassNotFoundException, SQLException\n {\n\tClass.forName(s.getDatabaseDriver());\n\n\treturn (DriverManager.getConnection(s.getDatabaseConnectionString()));\n }\n" } } }, "message": { "text": "forName(0)" } }, "kinds": [ "call", "function" ] } ] } ] }, { "threadFlows": [ { "locations": [ { "index": 551 }, { "index": 552 }, { "index": 553 }, { "index": 135 }, { "index": 157 }, { "index": 559 }, { "index": 159 }, { "index": 1035 }, { "index": 1036 }, { "index": 1039 }, { "index": 1021 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 17 }, "region": { "startLine": 66, "snippet": { "text": "\tClass.forName(s.getDatabaseDriver());" } }, "contextRegion": { "startLine": 63, "endLine": 69, "snippet": { "text": " public static Connection makeConnection(WebSession s)\n\t throws ClassNotFoundException, SQLException\n {\n\tClass.forName(s.getDatabaseDriver());\n\n\treturn (DriverManager.getConnection(s.getDatabaseConnectionString()));\n }\n" } } }, "message": { "text": "forName(0)" } }, "kinds": [ "call", "function" ] } ] } ] }, { "threadFlows": [ { "locations": [ { "index": 551 }, { "index": 552 }, { "index": 553 }, { "index": 135 }, { "index": 157 }, { "index": 559 }, { "index": 159 }, { "index": 1035 }, { "index": 1036 }, { "index": 1040 }, { "index": 1021 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 17 }, "region": { "startLine": 66, "snippet": { "text": "\tClass.forName(s.getDatabaseDriver());" } }, "contextRegion": { "startLine": 63, "endLine": 69, "snippet": { "text": " public static Connection makeConnection(WebSession s)\n\t throws ClassNotFoundException, SQLException\n {\n\tClass.forName(s.getDatabaseDriver());\n\n\treturn (DriverManager.getConnection(s.getDatabaseConnectionString()));\n }\n" } } }, "message": { "text": "forName(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 17 }, "region": { "startLine": 66 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 116, "level": "error", "message": { "text": "The function main() in [CreateDB.java](1) sometimes fails to release a system resource allocated by getConnection() on line 70.\r\nThe program can potentially fail to release a database connection." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 40 }, "region": { "startLine": 91, "snippet": { "text": "\t ResultSet answer_results = answer_statement.executeQuery(query);" } }, "contextRegion": { "startLine": 88, "endLine": 94, "snippet": { "text": "\t Statement answer_statement = connection.createStatement(\n\t\t ResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t ResultSet.CONCUR_READ_ONLY);\n\t ResultSet answer_results = answer_statement.executeQuery(query);\n\t answer_results.first();\n\t int employeeId = answer_results.getInt(\"userid\");\n\t String firstName = answer_results.getString(\"first_name\");\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 40 }, "region": { "startLine": 58, "snippet": { "text": "\t Class.forName(\"sun.jdbc.odbc.JdbcOdbcDriver\").newInstance();" } }, "contextRegion": { "startLine": 55, "endLine": 61, "snippet": { "text": "\n\ttry\n\t{\n\t Class.forName(\"sun.jdbc.odbc.JdbcOdbcDriver\").newInstance();\n\t}\n\tcatch (Exception e)\n\t{\n" } } }, "message": { "text": "java.lang.Exception thrown" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 40 }, "region": { "startLine": 70, "snippet": { "text": "\t\t .getConnection(" } }, "contextRegion": { "startLine": 67, "endLine": 73, "snippet": { "text": "\t{\n\n\t connection = DriverManager\n\t\t .getConnection(\n\t\t\t \"jdbc:odbc:;DRIVER=Microsoft Access Driver (*.mdb);DBQ=c:/webgoat.mdb;PWD=webgoat\",\n\t\t\t \"webgoat\", \"webgoat\");\n\t db.makeDB(connection);\n" } } }, "message": { "text": "connection = getConnection(...)" }, "annotations": [ { "startLine": 69, "startColumn": 6, "message": { "text": "connection refers to a database connection" } } ] }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 40 }, "region": { "startLine": 73, "snippet": { "text": "\t db.makeDB(connection);" } }, "contextRegion": { "startLine": 70, "endLine": 76, "snippet": { "text": "\t\t .getConnection(\n\t\t\t \"jdbc:odbc:;DRIVER=Microsoft Access Driver (*.mdb);DBQ=c:/webgoat.mdb;PWD=webgoat\",\n\t\t\t \"webgoat\", \"webgoat\");\n\t db.makeDB(connection);\n\t}\n\tcatch (Exception e)\n\t{\n" } } }, "message": { "text": "?.makeDB(connection)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 40 }, "region": { "startLine": 91, "snippet": { "text": "\t ResultSet answer_results = answer_statement.executeQuery(query);" } }, "contextRegion": { "startLine": 88, "endLine": 94, "snippet": { "text": "\t Statement answer_statement = connection.createStatement(\n\t\t ResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t ResultSet.CONCUR_READ_ONLY);\n\t ResultSet answer_results = answer_statement.executeQuery(query);\n\t answer_results.first();\n\t int employeeId = answer_results.getInt(\"userid\");\n\t String firstName = answer_results.getString(\"first_name\");\n" } } }, "message": { "text": "answer_results = answer_statement.executeQuery(...)" }, "annotations": [ { "startLine": 91, "startColumn": 6, "message": { "text": "answer_results refers to a database reader" } } ] }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 40 }, "region": { "startLine": 98, "snippet": { "text": "\t}" } }, "contextRegion": { "startLine": 95, "endLine": 101, "snippet": { "text": "\t String lastName = answer_results.getString(\"last_name\");\n\t System.out.println(\"Query 1 Results: \" + firstName + \" \" + lastName\n\t\t + \" \" + employeeId);\n\t}\n\tcatch (SQLException sqle)\n\t{\n\t sqle.printStackTrace();\n" } } }, "message": { "text": "answer_results no longer refers to a database reader" } }, "kinds": [ "exit", "scope" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 40 }, "region": { "startLine": 98, "snippet": { "text": "\t}" } }, "contextRegion": { "startLine": 95, "endLine": 101, "snippet": { "text": "\t String lastName = answer_results.getString(\"last_name\");\n\t System.out.println(\"Query 1 Results: \" + firstName + \" \" + lastName\n\t\t + \" \" + employeeId);\n\t}\n\tcatch (SQLException sqle)\n\t{\n\t sqle.printStackTrace();\n" } } }, "message": { "text": "answer_results no longer refers to a database reader" } }, "kinds": [ "exit", "scope" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 40 }, "region": { "startLine": 98, "snippet": { "text": "\t}" } }, "contextRegion": { "startLine": 95, "endLine": 101, "snippet": { "text": "\t String lastName = answer_results.getString(\"last_name\");\n\t System.out.println(\"Query 1 Results: \" + firstName + \" \" + lastName\n\t\t + \" \" + employeeId);\n\t}\n\tcatch (SQLException sqle)\n\t{\n\t sqle.printStackTrace();\n" } } }, "message": { "text": "answer_results end scope" } }, "kinds": [ "exit", "scope" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 40 }, "region": { "startLine": 114, "snippet": { "text": "\t\t ResultSet.CONCUR_READ_ONLY);" } }, "contextRegion": { "startLine": 111, "endLine": 117, "snippet": { "text": "\t{\n\t Statement answer_statement = connection.createStatement(\n\t\t ResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t ResultSet.CONCUR_READ_ONLY);\n\t ResultSet answer_results = answer_statement.executeQuery(query);\n\t boolean allowed = answer_results.first();\n\t //boolean allowed = answer_results.next();\n" } } }, "message": { "text": "java.sql.SQLException thrown" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 40 }, "region": { "startLine": 128, "snippet": { "text": " }" } }, "contextRegion": { "startLine": 125, "endLine": 131, "snippet": { "text": "\t{\n\t sqle.printStackTrace();\n\t}\n }\n\n\n /**\n" } } }, "message": { "text": "connection end scope : Database resource leaked" } }, "kinds": [ "exit", "scope" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 40 }, "region": { "startLine": 91 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function getEmployeeProfile() in [EditProfile.java](1) might reveal system data or debugging information by calling printStackTrace() on line [125](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 138 }, "region": { "startLine": 125, "snippet": { "text": "\t\tsqle.printStackTrace();" } }, "contextRegion": { "startLine": 122, "endLine": 128, "snippet": { "text": "\t catch (SQLException sqle)\n\t {\n\t\ts.setMessage(\"Error getting employee profile\");\n\t\tsqle.printStackTrace();\n\t }\n\t}\n\tcatch (Exception e)\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 138 }, "region": { "startLine": 125, "snippet": { "text": "\t\tsqle.printStackTrace();" } }, "contextRegion": { "startLine": 122, "endLine": 128, "snippet": { "text": "\t catch (SQLException sqle)\n\t {\n\t\ts.setMessage(\"Error getting employee profile\");\n\t\tsqle.printStackTrace();\n\t }\n\t}\n\tcatch (Exception e)\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 138 }, "region": { "startLine": 125 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 64, "message": { "text": "Hardcoded passwords may compromise system security in a way that cannot be easily remedied." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 102 }, "region": { "startLine": 70, "snippet": { "text": " public final static String PASSWORD = \"Password\";" } }, "contextRegion": { "startLine": 67, "endLine": 73, "snippet": { "text": " * Description of the Field\n */\n\n public final static String PASSWORD = \"Password\";\n\n\n /**\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 102 }, "region": { "startLine": 70, "snippet": { "text": " public final static String PASSWORD = \"Password\";" } }, "contextRegion": { "startLine": 67, "endLine": 73, "snippet": { "text": " * Description of the Field\n */\n\n public final static String PASSWORD = \"Password\";\n\n\n /**\n" } } }, "message": { "text": "FieldAccess: PASSWORD" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 102 }, "region": { "startLine": 70, "snippet": { "text": " public final static String PASSWORD = \"Password\";" } }, "contextRegion": { "startLine": 67, "endLine": 73, "snippet": { "text": " * Description of the Field\n */\n\n public final static String PASSWORD = \"Password\";\n\n\n /**\n" } } }, "message": { "text": "Field: PASSWORD" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 102 }, "region": { "startLine": 70 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 49, "level": "note", "message": { "text": "The function getDatabaseConnectionString() in [WebSession.java](1) might reveal system data or debugging information by calling println() on line [441](1). The information revealed by println() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 46 }, "region": { "startLine": 441, "snippet": { "text": "\t\t\tSystem.out.println( \"Database Connection String: \" + realConnectionString );" } }, "contextRegion": { "startLine": 438, "endLine": 444, "snippet": { "text": "\t\t\tString path = context.getRealPath( \"/database\" ).replace( '\\\\', '/' );\n\t\t\tSystem.out.println( \"PATH: \" + path );\n\t\t\tString realConnectionString = databaseConnectionString.replaceAll( \"PATH\", path );\n\t\t\tSystem.out.println( \"Database Connection String: \" + realConnectionString );\n\n\t\t\treturn realConnectionString;\n\t\t}\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 251 }, { "index": 252 }, { "index": 253 }, { "index": 1042 }, { "index": 1045 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 46 }, "region": { "startLine": 441, "snippet": { "text": "\t\t\tSystem.out.println( \"Database Connection String: \" + realConnectionString );" } }, "contextRegion": { "startLine": 438, "endLine": 444, "snippet": { "text": "\t\t\tString path = context.getRealPath( \"/database\" ).replace( '\\\\', '/' );\n\t\t\tSystem.out.println( \"PATH: \" + path );\n\t\t\tString realConnectionString = databaseConnectionString.replaceAll( \"PATH\", path );\n\t\t\tSystem.out.println( \"Database Connection String: \" + realConnectionString );\n\n\t\t\treturn realConnectionString;\n\t\t}\n" } } }, "message": { "text": "println(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 46 }, "region": { "startLine": 441 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 18, "level": "error", "message": { "text": "The method _jspService() in [ViewProfile.jsp](1) sends unvalidated data to a web browser on line [171](1), which can result in the browser executing malicious code.\r\nSending unvalidated data to a web browser can result in the browser executing malicious code." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 16 }, "region": { "startLine": 171, "snippet": { "text": "\t\t\t" } }, "contextRegion": { "startLine": 168, "endLine": 174, "snippet": { "text": "\t\t\tString thisPage = webSession.getCurrentLink();\n\t\t\t//System.out.println(\"Redirecting to \" + thisPage);\n\t\t%>\n\t\t\t\n\t\t<%\n\t\t}\n\t\t%>\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 1041 }, { "index": 1043 }, { "index": 1044 }, { "index": 1046 }, { "index": 863 }, { "index": 864 }, { "index": 865 }, { "index": 866 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 16 }, "region": { "startLine": 171, "snippet": { "text": "\t\t\t" } }, "contextRegion": { "startLine": 168, "endLine": 174, "snippet": { "text": "\t\t\tString thisPage = webSession.getCurrentLink();\n\t\t\t//System.out.println(\"Redirecting to \" + thisPage);\n\t\t%>\n\t\t\t\n\t\t<%\n\t\t}\n\t\t%>\n" } } }, "message": { "text": "print(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 16 }, "region": { "startLine": 171 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 33, "level": "note", "message": { "text": "Using println() rather than a dedicated logging facility makes it difficult to monitor the behavior of the program.\r\nUsing `System.out` or `System.err` rather than a dedicated logging facility makes it difficult to monitor the behavior of the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 93 }, "region": { "startLine": 83, "snippet": { "text": "\t\t System.out.println(\"Internal server error\");" } }, "contextRegion": { "startLine": 80, "endLine": 86, "snippet": { "text": "\t\t}\n\t\tcatch (UnauthenticatedException ue1)\n\t\t{\n\t\t System.out.println(\"Internal server error\");\n\t\t ue1.printStackTrace();\n\t\t}\n\t\tcatch (UnauthorizedException ue2)\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 93 }, "region": { "startLine": 83, "snippet": { "text": "\t\t System.out.println(\"Internal server error\");" } }, "contextRegion": { "startLine": 80, "endLine": 86, "snippet": { "text": "\t\t}\n\t\tcatch (UnauthenticatedException ue1)\n\t\t{\n\t\t System.out.println(\"Internal server error\");\n\t\t ue1.printStackTrace();\n\t\t}\n\t\tcatch (UnauthorizedException ue2)\n" } } }, "message": { "text": "FunctionCall: println" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 93 }, "region": { "startLine": 83 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 33, "level": "note", "message": { "text": "Using println() rather than a dedicated logging facility makes it difficult to monitor the behavior of the program.\r\nUsing `System.out` or `System.err` rather than a dedicated logging facility makes it difficult to monitor the behavior of the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 93 }, "region": { "startLine": 88, "snippet": { "text": "\t\t System.out.println(\"Internal server error\");" } }, "contextRegion": { "startLine": 85, "endLine": 91, "snippet": { "text": "\t\t}\n\t\tcatch (UnauthorizedException ue2)\n\t\t{\n\t\t System.out.println(\"Internal server error\");\n\t\t ue2.printStackTrace();\n\t\t}\n\t }\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 93 }, "region": { "startLine": 88, "snippet": { "text": "\t\t System.out.println(\"Internal server error\");" } }, "contextRegion": { "startLine": 85, "endLine": 91, "snippet": { "text": "\t\t}\n\t\tcatch (UnauthorizedException ue2)\n\t\t{\n\t\t System.out.println(\"Internal server error\");\n\t\t ue2.printStackTrace();\n\t\t}\n\t }\n" } } }, "message": { "text": "FunctionCall: println" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 93 }, "region": { "startLine": 88 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 12, "level": "note", "message": { "text": "On line [297](1) of [UpdateProfile.java](1), the method doChangeEmployeeProfile_BACKUP() invokes a SQL query built using input potentially coming from an untrusted source. This call could allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands.\r\nConstructing a dynamic SQL statement with input coming from an untrusted source could allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 297, "snippet": { "text": "\t\tanswer_statement.executeUpdate(query);" } }, "contextRegion": { "startLine": 294, "endLine": 300, "snippet": { "text": "\t\tStatement answer_statement = WebSession.getConnection(s)\n\t\t\t.createStatement(ResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tanswer_statement.executeUpdate(query);\n\t }\n\t catch (SQLException sqle)\n\t {\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 297, "snippet": { "text": "\t\tanswer_statement.executeUpdate(query);" } }, "contextRegion": { "startLine": 294, "endLine": 300, "snippet": { "text": "\t\tStatement answer_statement = WebSession.getConnection(s)\n\t\t\t.createStatement(ResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tanswer_statement.executeUpdate(query);\n\t }\n\t catch (SQLException sqle)\n\t {\n" } } }, "message": { "text": "executeUpdate()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 297 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 126, "level": "error", "message": { "text": "On line [191](1) of [Login.java](1), the method login_BACKUP() invokes a SQL query built using input coming from an untrusted source. This call could allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands.\r\nConstructing a dynamic SQL statement with input coming from an untrusted source could allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 88 }, "region": { "startLine": 191, "snippet": { "text": "\t\tResultSet answer_results = answer_statement.executeQuery(query);" } }, "contextRegion": { "startLine": 188, "endLine": 194, "snippet": { "text": "\t\tStatement answer_statement = WebSession.getConnection(s)\n\t\t\t.createStatement(ResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tResultSet answer_results = answer_statement.executeQuery(query);\n\t\tif (answer_results.first())\n\t\t{\n\t\t setSessionAttribute(s,\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 0 }, { "index": 2 }, { "index": 3 }, { "index": 1047 }, { "index": 1048 }, { "index": 1049 }, { "index": 1051 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 88 }, "region": { "startLine": 191, "snippet": { "text": "\t\tResultSet answer_results = answer_statement.executeQuery(query);" } }, "contextRegion": { "startLine": 188, "endLine": 194, "snippet": { "text": "\t\tStatement answer_statement = WebSession.getConnection(s)\n\t\t\t.createStatement(ResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tResultSet answer_results = answer_statement.executeQuery(query);\n\t\tif (answer_results.first())\n\t\t{\n\t\t setSessionAttribute(s,\n" } } }, "message": { "text": "executeQuery(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 88 }, "region": { "startLine": 191, "startColumn": 60 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 18, "level": "error", "message": { "text": "The method _jspService() in [SearchStaff.jsp](1) sends unvalidated data to a web browser on line [11](1), which can result in the browser executing malicious code.\r\nSending unvalidated data to a web browser can result in the browser executing malicious code." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 72 }, "region": { "startLine": 11, "snippet": { "text": "\t\t\t\tEmployee <%=searchedName%> not found." } }, "contextRegion": { "startLine": 8, "endLine": 14, "snippet": { "text": "\t\t\tif (searchedName != null)\n\t\t\t{\n\t\t\t%>\n\t\t\t\tEmployee <%=searchedName%> not found.\n\t\t\t<%\n\t\t\t}\n\t\t\t%>\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 1050 }, { "index": 1052 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 72 }, "region": { "startLine": 11, "snippet": { "text": "\t\t\t\tEmployee <%=searchedName%> not found." } }, "contextRegion": { "startLine": 8, "endLine": 14, "snippet": { "text": "\t\t\tif (searchedName != null)\n\t\t\t{\n\t\t\t%>\n\t\t\t\tEmployee <%=searchedName%> not found.\n\t\t\t<%\n\t\t\t}\n\t\t\t%>\n" } } }, "message": { "text": "print(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 72 }, "region": { "startLine": 11 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function getEmployeeProfile() in [ViewProfile.java](1) might reveal system data or debugging information by calling printStackTrace() on line [166](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 66 }, "region": { "startLine": 166, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 163, "endLine": 169, "snippet": { "text": "\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error getting employee profile\");\n\t e.printStackTrace();\n\t}\n\n\treturn profile;\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 66 }, "region": { "startLine": 166, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 163, "endLine": 169, "snippet": { "text": "\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error getting employee profile\");\n\t e.printStackTrace();\n\t}\n\n\treturn profile;\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 66 }, "region": { "startLine": 166 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function handleRequest() in [SQLInjection.java](1) might reveal system data or debugging information by calling printStackTrace() on line [342](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 57 }, "region": { "startLine": 342, "snippet": { "text": "\t\tpnfe.printStackTrace();" } }, "contextRegion": { "startLine": 339, "endLine": 345, "snippet": { "text": "\t catch (ParameterNotFoundException pnfe)\n\t {\n\t\tSystem.out.println(\"Missing parameter\");\n\t\tpnfe.printStackTrace();\n\t\tsetCurrentAction(s, ERROR_ACTION);\n\t }\n\t catch (ValidationException ve)\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 57 }, "region": { "startLine": 342, "snippet": { "text": "\t\tpnfe.printStackTrace();" } }, "contextRegion": { "startLine": 339, "endLine": 345, "snippet": { "text": "\t catch (ParameterNotFoundException pnfe)\n\t {\n\t\tSystem.out.println(\"Missing parameter\");\n\t\tpnfe.printStackTrace();\n\t\tsetCurrentAction(s, ERROR_ACTION);\n\t }\n\t catch (ValidationException ve)\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 57 }, "region": { "startLine": 342 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 17, "message": { "text": "The catch block at [SoapRequest.java](1) line [431](1) handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program.\r\nThe catch block handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 130 }, "region": { "startLine": 431, "endLine": 432, "snippet": { "text": "\tcatch (Exception e)\r\n\t{}" } }, "contextRegion": { "startLine": 428, "endLine": 435, "snippet": { "text": "\t catch (SQLException sqle)\n\t {}\n\t}\n\tcatch (Exception e)\n\t{}\n\treturn null;\n }\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 130 }, "region": { "startLine": 431, "endLine": 432, "snippet": { "text": "\tcatch (Exception e)\r\n\t{}" } }, "contextRegion": { "startLine": 428, "endLine": 435, "snippet": { "text": "\t catch (SQLException sqle)\n\t {}\n\t}\n\tcatch (Exception e)\n\t{}\n\treturn null;\n }\n\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 130 }, "region": { "startLine": 431, "startColumn": 2, "endLine": 432 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 102, "level": "error", "message": { "text": "On line [340](1) of [UpdateProfile.java](1), the method createEmployeeProfile() invokes a SQL query built using input coming from an untrusted source. This call could allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands.\r\nConstructing a dynamic SQL statement with input coming from an untrusted source could allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 340, "snippet": { "text": "\t\tstatement.executeUpdate(query);" } }, "contextRegion": { "startLine": 337, "endLine": 343, "snippet": { "text": "\t {\n\t\tStatement statement = WebSession.getConnection(s)\n\t\t\t.createStatement();\n\t\tstatement.executeUpdate(query);\n\t }\n\t catch (SQLException sqle)\n\t {\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 1053 }, { "index": 1054 }, { "index": 1055 }, { "index": 90 }, { "index": 91 }, { "index": 1056 }, { "index": 93 }, { "index": 1057 }, { "index": 1058 }, { "index": 97 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 340, "snippet": { "text": "\t\tstatement.executeUpdate(query);" } }, "contextRegion": { "startLine": 337, "endLine": 343, "snippet": { "text": "\t {\n\t\tStatement statement = WebSession.getConnection(s)\n\t\t\t.createStatement();\n\t\tstatement.executeUpdate(query);\n\t }\n\t catch (SQLException sqle)\n\t {\n" } } }, "message": { "text": "executeUpdate(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 340, "startColumn": 27 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 9, "message": { "text": "Empty passwords may compromise system security in a way that cannot be easily remedied." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 48 }, "region": { "startLine": 68, "snippet": { "text": "\t String password = \"\";" } }, "contextRegion": { "startLine": 65, "endLine": 71, "snippet": { "text": "\ttry\n\t{\n\t String username = \"\";\n\t String password = \"\";\n\n\t try\n\t {\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 48 }, "region": { "startLine": 68, "snippet": { "text": "\t String password = \"\";" } }, "contextRegion": { "startLine": 65, "endLine": 71, "snippet": { "text": "\ttry\n\t{\n\t String username = \"\";\n\t String password = \"\";\n\n\t try\n\t {\n" } } }, "message": { "text": "VariableAccess: password" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 48 }, "region": { "startLine": 68, "snippet": { "text": "\t String password = \"\";" } }, "contextRegion": { "startLine": 65, "endLine": 71, "snippet": { "text": "\ttry\n\t{\n\t String username = \"\";\n\t String password = \"\";\n\n\t try\n\t {\n" } } }, "message": { "text": "Variable: password" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 48 }, "region": { "startLine": 68, "startColumn": 6 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 66, "message": { "text": "The method doPost() in [HammerHead.java](1) writes unvalidated user input to the log on line [173](1). An attacker could take advantage of this behavior to forge log entries or inject malicious content into the log.\r\nWriting unvalidated user input to log files can allow an attacker to forge log entries or inject malicious content into the logs." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 173, "snippet": { "text": "\t log(request, screen.getClass().getName() + \" | \"" } }, "contextRegion": { "startLine": 170, "endLine": 176, "snippet": { "text": "\t // log the access to this screen for this user\n\t UserTracker userTracker = UserTracker.instance();\n\t userTracker.update(mySession, screen);\n\t log(request, screen.getClass().getName() + \" | \"\n\t\t + mySession.getParser().toString());\n\n\t // Redirect the request to our View servlet\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 300 }, { "index": 301 }, { "index": 302 }, { "index": 303 }, { "index": 1008 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 173, "snippet": { "text": "\t log(request, screen.getClass().getName() + \" | \"" } }, "contextRegion": { "startLine": 170, "endLine": 176, "snippet": { "text": "\t // log the access to this screen for this user\n\t UserTracker userTracker = UserTracker.instance();\n\t userTracker.update(mySession, screen);\n\t log(request, screen.getClass().getName() + \" | \"\n\t\t + mySession.getParser().toString());\n\n\t // Redirect the request to our View servlet\n" } } }, "message": { "text": "log(0)" } }, "kinds": [ "call", "function" ] } ] } ] }, { "threadFlows": [ { "locations": [ { "index": 300 }, { "index": 301 }, { "index": 302 }, { "index": 303 }, { "index": 305 }, { "index": 306 }, { "index": 1008 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 173, "snippet": { "text": "\t log(request, screen.getClass().getName() + \" | \"" } }, "contextRegion": { "startLine": 170, "endLine": 176, "snippet": { "text": "\t // log the access to this screen for this user\n\t UserTracker userTracker = UserTracker.instance();\n\t userTracker.update(mySession, screen);\n\t log(request, screen.getClass().getName() + \" | \"\n\t\t + mySession.getParser().toString());\n\n\t // Redirect the request to our View servlet\n" } } }, "message": { "text": "log(0)" } }, "kinds": [ "call", "function" ] } ] } ] }, { "threadFlows": [ { "locations": [ { "index": 300 }, { "index": 301 }, { "index": 302 }, { "index": 303 }, { "index": 307 }, { "index": 308 }, { "index": 309 }, { "index": 310 }, { "index": 1008 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 173, "snippet": { "text": "\t log(request, screen.getClass().getName() + \" | \"" } }, "contextRegion": { "startLine": 170, "endLine": 176, "snippet": { "text": "\t // log the access to this screen for this user\n\t UserTracker userTracker = UserTracker.instance();\n\t userTracker.update(mySession, screen);\n\t log(request, screen.getClass().getName() + \" | \"\n\t\t + mySession.getParser().toString());\n\n\t // Redirect the request to our View servlet\n" } } }, "message": { "text": "log(0)" } }, "kinds": [ "call", "function" ] } ] } ] }, { "threadFlows": [ { "locations": [ { "index": 300 }, { "index": 301 }, { "index": 302 }, { "index": 303 }, { "index": 305 }, { "index": 306 }, { "index": 307 }, { "index": 308 }, { "index": 309 }, { "index": 310 }, { "index": 1008 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 173, "snippet": { "text": "\t log(request, screen.getClass().getName() + \" | \"" } }, "contextRegion": { "startLine": 170, "endLine": 176, "snippet": { "text": "\t // log the access to this screen for this user\n\t UserTracker userTracker = UserTracker.instance();\n\t userTracker.update(mySession, screen);\n\t log(request, screen.getClass().getName() + \" | \"\n\t\t + mySession.getParser().toString());\n\n\t // Redirect the request to our View servlet\n" } } }, "message": { "text": "log(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 173, "startColumn": 10 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 33, "level": "note", "message": { "text": "Using println() rather than a dedicated logging facility makes it difficult to monitor the behavior of the program.\r\nUsing `System.out` or `System.err` rather than a dedicated logging facility makes it difficult to monitor the behavior of the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 57 }, "region": { "startLine": 341, "snippet": { "text": "\t\tSystem.out.println(\"Missing parameter\");" } }, "contextRegion": { "startLine": 338, "endLine": 344, "snippet": { "text": "\t }\n\t catch (ParameterNotFoundException pnfe)\n\t {\n\t\tSystem.out.println(\"Missing parameter\");\n\t\tpnfe.printStackTrace();\n\t\tsetCurrentAction(s, ERROR_ACTION);\n\t }\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 57 }, "region": { "startLine": 341, "snippet": { "text": "\t\tSystem.out.println(\"Missing parameter\");" } }, "contextRegion": { "startLine": 338, "endLine": 344, "snippet": { "text": "\t }\n\t catch (ParameterNotFoundException pnfe)\n\t {\n\t\tSystem.out.println(\"Missing parameter\");\n\t\tpnfe.printStackTrace();\n\t\tsetCurrentAction(s, ERROR_ACTION);\n\t }\n" } } }, "message": { "text": "FunctionCall: println" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 57 }, "region": { "startLine": 341 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 133, "message": { "text": "The function makeSourceDump_DELETEME() in [AbstractLesson.java](1) sometimes fails to release a system resource allocated by FileReader() on line 955.\r\nThe program can potentially fail to release a system resource." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 75 }, "region": { "startLine": 954, "snippet": { "text": "\t\t\t\t .addElement(convertMetachars(readFromFile(" } }, "contextRegion": { "startLine": 951, "endLine": 957, "snippet": { "text": "\t t\n\t\t .addElement(new TR()\n\t\t\t .addElement(new TD()\n\t\t\t\t .addElement(convertMetachars(readFromFile(\n\t\t\t\t\t new BufferedReader(new FileReader(\n\t\t\t\t\t\t filename)), true)))));\n\t}\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 75 }, "region": { "startLine": 935, "snippet": { "text": "\tif (!s.showSource())" } }, "contextRegion": { "startLine": 932, "endLine": 938, "snippet": { "text": " */\n protected Element makeSourceDump_DELETEME(WebSession s)\n {\n\tif (!s.showSource())\n\t{\n\t return new StringElement();\n\t}\n" } } }, "message": { "text": "Branch not taken" } }, "kinds": [ "branch", "false" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 75 }, "region": { "startLine": 955, "snippet": { "text": "\t\t\t\t\t new BufferedReader(new FileReader(" } }, "contextRegion": { "startLine": 952, "endLine": 958, "snippet": { "text": "\t\t .addElement(new TR()\n\t\t\t .addElement(new TD()\n\t\t\t\t .addElement(convertMetachars(readFromFile(\n\t\t\t\t\t new BufferedReader(new FileReader(\n\t\t\t\t\t\t filename)), true)))));\n\t}\n\tcatch (IOException e)\n" } } }, "message": { "text": "new FileReader(...)" }, "annotations": [ { "startLine": 955, "startColumn": 29, "message": { "text": " refers to an allocated resource" } } ] }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 75 }, "region": { "startLine": 955, "snippet": { "text": "\t\t\t\t\t new BufferedReader(new FileReader(" } }, "contextRegion": { "startLine": 952, "endLine": 958, "snippet": { "text": "\t\t .addElement(new TR()\n\t\t\t .addElement(new TD()\n\t\t\t\t .addElement(convertMetachars(readFromFile(\n\t\t\t\t\t new BufferedReader(new FileReader(\n\t\t\t\t\t\t filename)), true)))));\n\t}\n\tcatch (IOException e)\n" } } }, "message": { "text": "new BufferedReader(new java.io.FileReader())" }, "annotations": [ { "startLine": 955, "startColumn": 10, "message": { "text": " refers to an allocated resource" } } ] }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 75 }, "region": { "startLine": 954, "snippet": { "text": "\t\t\t\t .addElement(convertMetachars(readFromFile(" } }, "contextRegion": { "startLine": 951, "endLine": 957, "snippet": { "text": "\t t\n\t\t .addElement(new TR()\n\t\t\t .addElement(new TD()\n\t\t\t\t .addElement(convertMetachars(readFromFile(\n\t\t\t\t\t new BufferedReader(new FileReader(\n\t\t\t\t\t\t filename)), true)))));\n\t}\n" } } }, "message": { "text": "readFromFile(new java.io.BufferedReader(), ?)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 75 }, "region": { "startLine": 957, "snippet": { "text": "\t}" } }, "contextRegion": { "startLine": 954, "endLine": 960, "snippet": { "text": "\t\t\t\t .addElement(convertMetachars(readFromFile(\n\t\t\t\t\t new BufferedReader(new FileReader(\n\t\t\t\t\t\t filename)), true)))));\n\t}\n\tcatch (IOException e)\n\t{\n\t System.out.println(\"reading file EXCEPTION: \" + filename);\n" } } }, "message": { "text": " no longer refers to an allocated resource" } }, "kinds": [ "exit", "scope" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 75 }, "region": { "startLine": 957, "snippet": { "text": "\t}" } }, "contextRegion": { "startLine": 954, "endLine": 960, "snippet": { "text": "\t\t\t\t .addElement(convertMetachars(readFromFile(\n\t\t\t\t\t new BufferedReader(new FileReader(\n\t\t\t\t\t\t filename)), true)))));\n\t}\n\tcatch (IOException e)\n\t{\n\t System.out.println(\"reading file EXCEPTION: \" + filename);\n" } } }, "message": { "text": " no longer refers to an allocated resource" } }, "kinds": [ "exit", "scope" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 75 }, "region": { "startLine": 957, "snippet": { "text": "\t}" } }, "contextRegion": { "startLine": 954, "endLine": 960, "snippet": { "text": "\t\t\t\t .addElement(convertMetachars(readFromFile(\n\t\t\t\t\t new BufferedReader(new FileReader(\n\t\t\t\t\t\t filename)), true)))));\n\t}\n\tcatch (IOException e)\n\t{\n\t System.out.println(\"reading file EXCEPTION: \" + filename);\n" } } }, "message": { "text": "end scope : Resource leaked" } }, "kinds": [ "exit", "scope" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 75 }, "region": { "startLine": 954 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 33, "level": "note", "message": { "text": "Using println() rather than a dedicated logging facility makes it difficult to monitor the behavior of the program.\r\nUsing `System.out` or `System.err` rather than a dedicated logging facility makes it difficult to monitor the behavior of the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 57 }, "region": { "startLine": 354, "snippet": { "text": "\t\tSystem.out.println(\"Authentication failure\");" } }, "contextRegion": { "startLine": 351, "endLine": 357, "snippet": { "text": "\t catch (UnauthenticatedException ue)\n\t {\n\t\ts.setMessage(\"Login failed\");\n\t\tSystem.out.println(\"Authentication failure\");\n\t\tue.printStackTrace();\n\t }\n\t catch (UnauthorizedException ue2)\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 57 }, "region": { "startLine": 354, "snippet": { "text": "\t\tSystem.out.println(\"Authentication failure\");" } }, "contextRegion": { "startLine": 351, "endLine": 357, "snippet": { "text": "\t catch (UnauthenticatedException ue)\n\t {\n\t\ts.setMessage(\"Login failed\");\n\t\tSystem.out.println(\"Authentication failure\");\n\t\tue.printStackTrace();\n\t }\n\t catch (UnauthorizedException ue2)\n" } } }, "message": { "text": "FunctionCall: println" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 57 }, "region": { "startLine": 354 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 33, "level": "note", "message": { "text": "Using println() rather than a dedicated logging facility makes it difficult to monitor the behavior of the program.\r\nUsing `System.out` or `System.err` rather than a dedicated logging facility makes it difficult to monitor the behavior of the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 57 }, "region": { "startLine": 347, "snippet": { "text": "\t\tSystem.out.println(\"Validation failed\");" } }, "contextRegion": { "startLine": 344, "endLine": 350, "snippet": { "text": "\t }\n\t catch (ValidationException ve)\n\t {\n\t\tSystem.out.println(\"Validation failed\");\n\t\tve.printStackTrace();\n\t\tsetCurrentAction(s, ERROR_ACTION);\n\t }\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 57 }, "region": { "startLine": 347, "snippet": { "text": "\t\tSystem.out.println(\"Validation failed\");" } }, "contextRegion": { "startLine": 344, "endLine": 350, "snippet": { "text": "\t }\n\t catch (ValidationException ve)\n\t {\n\t\tSystem.out.println(\"Validation failed\");\n\t\tve.printStackTrace();\n\t\tsetCurrentAction(s, ERROR_ACTION);\n\t }\n" } } }, "message": { "text": "FunctionCall: println" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 57 }, "region": { "startLine": 347 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 33, "level": "note", "message": { "text": "Using println() rather than a dedicated logging facility makes it difficult to monitor the behavior of the program.\r\nUsing `System.out` or `System.err` rather than a dedicated logging facility makes it difficult to monitor the behavior of the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 57 }, "region": { "startLine": 360, "snippet": { "text": "\t\tSystem.out.println(\"Authorization failure\");" } }, "contextRegion": { "startLine": 357, "endLine": 363, "snippet": { "text": "\t catch (UnauthorizedException ue2)\n\t {\n\t\ts.setMessage(\"You are not authorized to perform this function\");\n\t\tSystem.out.println(\"Authorization failure\");\n\t\tue2.printStackTrace();\n\t }\n\t catch (Exception e)\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 57 }, "region": { "startLine": 360, "snippet": { "text": "\t\tSystem.out.println(\"Authorization failure\");" } }, "contextRegion": { "startLine": 357, "endLine": 363, "snippet": { "text": "\t catch (UnauthorizedException ue2)\n\t {\n\t\ts.setMessage(\"You are not authorized to perform this function\");\n\t\tSystem.out.println(\"Authorization failure\");\n\t\tue2.printStackTrace();\n\t }\n\t catch (Exception e)\n" } } }, "message": { "text": "FunctionCall: println" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 57 }, "region": { "startLine": 360 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function getAllEmployees() in [Login.java](1) might reveal system data or debugging information by calling printStackTrace() on line [210](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 37 }, "region": { "startLine": 210, "snippet": { "text": "\t\tsqle.printStackTrace();" } }, "contextRegion": { "startLine": 207, "endLine": 213, "snippet": { "text": "\t catch (SQLException sqle)\n\t {\n\t\ts.setMessage(\"Error getting employees\");\n\t\tsqle.printStackTrace();\n\t }\n\t}\n\tcatch (Exception e)\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 37 }, "region": { "startLine": 210, "snippet": { "text": "\t\tsqle.printStackTrace();" } }, "contextRegion": { "startLine": 207, "endLine": 213, "snippet": { "text": "\t catch (SQLException sqle)\n\t {\n\t\ts.setMessage(\"Error getting employees\");\n\t\tsqle.printStackTrace();\n\t }\n\t}\n\tcatch (Exception e)\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 37 }, "region": { "startLine": 210 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 33, "level": "note", "message": { "text": "Using println() rather than a dedicated logging facility makes it difficult to monitor the behavior of the program.\r\nUsing `System.out` or `System.err` rather than a dedicated logging facility makes it difficult to monitor the behavior of the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 57 }, "region": { "startLine": 366, "snippet": { "text": "\t\tSystem.out.println(\"handleRequest() error\");" } }, "contextRegion": { "startLine": 363, "endLine": 369, "snippet": { "text": "\t catch (Exception e)\n\t {\n\t\t// All other errors send the user to the generic error page\n\t\tSystem.out.println(\"handleRequest() error\");\n\t\te.printStackTrace();\n\t\tsetCurrentAction(s, ERROR_ACTION);\n\t }\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 57 }, "region": { "startLine": 366, "snippet": { "text": "\t\tSystem.out.println(\"handleRequest() error\");" } }, "contextRegion": { "startLine": 363, "endLine": 369, "snippet": { "text": "\t catch (Exception e)\n\t {\n\t\t// All other errors send the user to the generic error page\n\t\tSystem.out.println(\"handleRequest() error\");\n\t\te.printStackTrace();\n\t\tsetCurrentAction(s, ERROR_ACTION);\n\t }\n" } } }, "message": { "text": "FunctionCall: println" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 57 }, "region": { "startLine": 366 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 62, "level": "error", "message": { "text": "The method doStage1() in [BasicAuthentication.java](1) sends unvalidated data to a web browser on line [143](1), which can result in the browser executing malicious code.\r\nSending unvalidated data to a web browser can result in the browser executing malicious code." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 56 }, "region": { "startLine": 143, "snippet": { "text": "\t\t headerName.toString())));" } }, "contextRegion": { "startLine": 140, "endLine": 146, "snippet": { "text": "\t\t\t\t \"What is the decoded value of the authentication header: \")));\n\n\t row1.addElement(new TD(new Input(Input.TEXT, HEADER_NAME,\n\t\t headerName.toString())));\n\t row2.addElement(new TD(new Input(Input.TEXT, HEADER_VALUE,\n\t\t headerValue.toString())));\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 67 }, { "index": 68 }, { "index": 69 }, { "index": 70 }, { "index": 76 }, { "index": 77 }, { "index": 136 }, { "index": 137 }, { "index": 1059 }, { "index": 1060 }, { "index": 1061 }, { "index": 1062 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 56 }, "region": { "startLine": 143, "snippet": { "text": "\t\t headerName.toString())));" } }, "contextRegion": { "startLine": 140, "endLine": 146, "snippet": { "text": "\t\t\t\t \"What is the decoded value of the authentication header: \")));\n\n\t row1.addElement(new TD(new Input(Input.TEXT, HEADER_NAME,\n\t\t headerName.toString())));\n\t row2.addElement(new TD(new Input(Input.TEXT, HEADER_VALUE,\n\t\t headerValue.toString())));\n\n" } } }, "message": { "text": "Input(2)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 56 }, "region": { "startLine": 143 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 108, "level": "error", "message": { "text": "The method ParameterNotFoundException() in [ParameterNotFoundException.java](1) mishandles confidential information, which can compromise user privacy and is often illegal.\r\nMishandling private information, such as customer passwords or social security numbers, can compromise user privacy and is often illegal." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 77 }, "region": { "startLine": 54, "snippet": { "text": "\tsuper(s);" } }, "contextRegion": { "startLine": 51, "endLine": 57, "snippet": { "text": " */\n public ParameterNotFoundException(String s)\n {\n\tsuper(s);\n }\n}\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 139 }, { "index": 140 }, { "index": 164 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 77 }, "region": { "startLine": 54, "snippet": { "text": "\tsuper(s);" } }, "contextRegion": { "startLine": 51, "endLine": 57, "snippet": { "text": " */\n public ParameterNotFoundException(String s)\n {\n\tsuper(s);\n }\n}\n" } } }, "message": { "text": "Exception(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 77 }, "region": { "startLine": 54, "startColumn": 8 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function createEmployeeProfile_BACKUP() in [UpdateProfile.java](1) might reveal system data or debugging information by calling printStackTrace() on line [387](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 387, "snippet": { "text": "\t\tsqle.printStackTrace();" } }, "contextRegion": { "startLine": 384, "endLine": 390, "snippet": { "text": "\t catch (SQLException sqle)\n\t {\n\t\ts.setMessage(\"Error updating employee profile\");\n\t\tsqle.printStackTrace();\n\t }\n\t}\n\tcatch (Exception e)\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 387, "snippet": { "text": "\t\tsqle.printStackTrace();" } }, "contextRegion": { "startLine": 384, "endLine": 390, "snippet": { "text": "\t catch (SQLException sqle)\n\t {\n\t\ts.setMessage(\"Error updating employee profile\");\n\t\tsqle.printStackTrace();\n\t }\n\t}\n\tcatch (Exception e)\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 387 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function isAuthorized() in [AbstractLesson.java](1) might reveal system data or debugging information by calling printStackTrace() on line [807](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 75 }, "region": { "startLine": 807, "snippet": { "text": "\t\tsqle.printStackTrace();" } }, "contextRegion": { "startLine": 804, "endLine": 810, "snippet": { "text": "\t catch (SQLException sqle)\n\t {\n\t\ts.setMessage(\"Error authorizing\");\n\t\tsqle.printStackTrace();\n\t }\n\t}\n\tcatch (Exception e)\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 75 }, "region": { "startLine": 807, "snippet": { "text": "\t\tsqle.printStackTrace();" } }, "contextRegion": { "startLine": 804, "endLine": 810, "snippet": { "text": "\t catch (SQLException sqle)\n\t {\n\t\ts.setMessage(\"Error authorizing\");\n\t\tsqle.printStackTrace();\n\t }\n\t}\n\tcatch (Exception e)\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 75 }, "region": { "startLine": 807 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 102, "level": "error", "message": { "text": "On line [248](1) of [UpdateProfile.java](1), the method changeEmployeeProfile() invokes a SQL query built using input coming from an untrusted source. This call could allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands.\r\nConstructing a dynamic SQL statement with input coming from an untrusted source could allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 248, "snippet": { "text": "\t\tanswer_statement.executeUpdate(query);" } }, "contextRegion": { "startLine": 245, "endLine": 251, "snippet": { "text": "\t\tStatement answer_statement = WebSession.getConnection(s)\n\t\t\t.createStatement(ResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tanswer_statement.executeUpdate(query);\n\t }\n\t catch (SQLException sqle)\n\t {\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 1053 }, { "index": 1054 }, { "index": 1055 }, { "index": 90 }, { "index": 91 }, { "index": 1056 }, { "index": 93 }, { "index": 1063 }, { "index": 1064 }, { "index": 149 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 248, "snippet": { "text": "\t\tanswer_statement.executeUpdate(query);" } }, "contextRegion": { "startLine": 245, "endLine": 251, "snippet": { "text": "\t\tStatement answer_statement = WebSession.getConnection(s)\n\t\t\t.createStatement(ResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tanswer_statement.executeUpdate(query);\n\t }\n\t catch (SQLException sqle)\n\t {\n" } } }, "message": { "text": "executeUpdate(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 248, "startColumn": 34 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 17, "message": { "text": "The catch block at [ParameterParser.java](1) line [261](1) handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program.\r\nThe catch block handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 261, "endLine": 264, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t return def;\r\n\t}" } }, "contextRegion": { "startLine": 258, "endLine": 267, "snippet": { "text": "\t{\n\t return getClassNameParameter(name);\n\t}\n\tcatch (Exception e)\n\t{\n\t return def;\n\t}\n }\n\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 261, "endLine": 264, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t return def;\r\n\t}" } }, "contextRegion": { "startLine": 258, "endLine": 267, "snippet": { "text": "\t{\n\t return getClassNameParameter(name);\n\t}\n\tcatch (Exception e)\n\t{\n\t return def;\n\t}\n }\n\n\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 261, "startColumn": 2, "endLine": 264 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 77, "level": "note", "message": { "text": "The method getIntRequestAttribute() in [DefaultLessonAction.java](1) ignores an exception on line [178](1), which could cause the program to overlook unexpected states and conditions.\r\nIgnoring an exception can cause the program to overlook unexpected states and conditions." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 106 }, "region": { "startLine": 178, "endLine": 180, "snippet": { "text": "\t\t\tcatch (NumberFormatException nfe)\r\n\t\t\t{\r\n\t\t\t}" } }, "contextRegion": { "startLine": 175, "endLine": 183, "snippet": { "text": "\t\t\t{\n\t\t\t\tvalue = Integer.parseInt(ss);\n\t\t\t}\n\t\t\tcatch (NumberFormatException nfe)\n\t\t\t{\n\t\t\t}\n\t\t}\n\t\t\n\t\treturn value;\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 106 }, "region": { "startLine": 178, "endLine": 180, "snippet": { "text": "\t\t\tcatch (NumberFormatException nfe)\r\n\t\t\t{\r\n\t\t\t}" } }, "contextRegion": { "startLine": 175, "endLine": 183, "snippet": { "text": "\t\t\t{\n\t\t\t\tvalue = Integer.parseInt(ss);\n\t\t\t}\n\t\t\tcatch (NumberFormatException nfe)\n\t\t\t{\n\t\t\t}\n\t\t}\n\t\t\n\t\treturn value;\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 106 }, "region": { "startLine": 178, "startColumn": 4, "endLine": 180 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function getFileText() in [AbstractLesson.java](1) might reveal system data or debugging information by calling printStackTrace() on line [479](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 75 }, "region": { "startLine": 479, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 476, "endLine": 482, "snippet": { "text": "\tcatch (Exception e)\n\t{\n\t System.out.println(e);\n\t e.printStackTrace();\n\t}\n\n\treturn (sb.toString());\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 75 }, "region": { "startLine": 479, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 476, "endLine": 482, "snippet": { "text": "\tcatch (Exception e)\n\t{\n\t System.out.println(e);\n\t e.printStackTrace();\n\t}\n\n\treturn (sb.toString());\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 75 }, "region": { "startLine": 479 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 35, "message": { "text": "The method hashMD5() in [Encoding.java](1) can crash the program by dereferencing a null pointer on line [648](1).\r\nThe program can potentially dereference a null pointer, thereby causing a null pointer exception." }, "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 640, "snippet": { "text": "\t\t\tmd = MessageDigest.getInstance( \"MD5\" );" } }, "contextRegion": { "startLine": 637, "endLine": 643, "snippet": { "text": "\n\t\ttry\n\t\t{\n\t\t\tmd = MessageDigest.getInstance( \"MD5\" );\n\t\t\tmd.update( b );\n\t\t}\n\t\tcatch ( NoSuchAlgorithmException e )\n" } } }, "message": { "text": "java.security.NoSuchAlgorithmException thrown" }, "annotations": [ { "startLine": 648, "startColumn": 26, "message": { "text": "Dereferenced : md" } } ] }, "kinds": [ "unknown" ] } ] } ] } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 33, "level": "note", "message": { "text": "Using println() rather than a dedicated logging facility makes it difficult to monitor the behavior of the program.\r\nUsing `System.out` or `System.err` rather than a dedicated logging facility makes it difficult to monitor the behavior of the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 73 }, "region": { "startLine": 85, "snippet": { "text": "\t\tSystem.out.println(\"Internal server error\");" } }, "contextRegion": { "startLine": 82, "endLine": 88, "snippet": { "text": "\t }\n\t catch (UnauthorizedException ue2)\n\t {\n\t\tSystem.out.println(\"Internal server error\");\n\t\tue2.printStackTrace();\n\t }\n\t}\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 73 }, "region": { "startLine": 85, "snippet": { "text": "\t\tSystem.out.println(\"Internal server error\");" } }, "contextRegion": { "startLine": 82, "endLine": 88, "snippet": { "text": "\t }\n\t catch (UnauthorizedException ue2)\n\t {\n\t\tSystem.out.println(\"Internal server error\");\n\t\tue2.printStackTrace();\n\t }\n\t}\n" } } }, "message": { "text": "FunctionCall: println" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 73 }, "region": { "startLine": 85 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 125, "level": "error", "message": { "text": "The method _jspService() in [ViewProfile.jsp](1) mishandles confidential information, which can compromise user privacy and is often illegal.\r\nMishandling private information, such as customer passwords or social security numbers, can compromise user privacy and is often illegal." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 27 }, "region": { "startLine": 67, "snippet": { "text": "\t\t\t\t\t\t<%=employee.getCcn()%>" } }, "contextRegion": { "startLine": 64, "endLine": 70, "snippet": { "text": "\t\t\t\t\t\tCredit Card: \n\t\t\t\t\t\n\t\t\t\t\t\t<%=employee.getCcn()%>\n\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\tCredit Card Limit: \n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 423 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 27 }, "region": { "startLine": 67, "snippet": { "text": "\t\t\t\t\t\t<%=employee.getCcn()%>" } }, "contextRegion": { "startLine": 64, "endLine": 70, "snippet": { "text": "\t\t\t\t\t\tCredit Card: \n\t\t\t\t\t\n\t\t\t\t\t\t<%=employee.getCcn()%>\n\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\tCredit Card Limit: \n" } } }, "message": { "text": "print(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 27 }, "region": { "startLine": 67 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 33, "level": "note", "message": { "text": "Using println() rather than a dedicated logging facility makes it difficult to monitor the behavior of the program.\r\nUsing `System.out` or `System.err` rather than a dedicated logging facility makes it difficult to monitor the behavior of the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 73 }, "region": { "startLine": 80, "snippet": { "text": "\t\tSystem.out.println(\"Internal server error\");" } }, "contextRegion": { "startLine": 77, "endLine": 83, "snippet": { "text": "\t }\n\t catch (UnauthenticatedException ue1)\n\t {\n\t\tSystem.out.println(\"Internal server error\");\n\t\tue1.printStackTrace();\n\t }\n\t catch (UnauthorizedException ue2)\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 73 }, "region": { "startLine": 80, "snippet": { "text": "\t\tSystem.out.println(\"Internal server error\");" } }, "contextRegion": { "startLine": 77, "endLine": 83, "snippet": { "text": "\t }\n\t catch (UnauthenticatedException ue1)\n\t {\n\t\tSystem.out.println(\"Internal server error\");\n\t\tue1.printStackTrace();\n\t }\n\t catch (UnauthorizedException ue2)\n" } } }, "message": { "text": "FunctionCall: println" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 73 }, "region": { "startLine": 80 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 125, "level": "error", "message": { "text": "The method _jspService() in [EditProfile.jsp](1) mishandles confidential information, which can compromise user privacy and is often illegal.\r\nMishandling private information, such as customer passwords or social security numbers, can compromise user privacy and is often illegal." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 42 }, "region": { "startLine": 67, "snippet": { "text": "\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getCcn()%>\"/>" } }, "contextRegion": { "startLine": 64, "endLine": 70, "snippet": { "text": "\t\t\t\t\t\tCredit Card: \n\t\t\t\t\t\n\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getCcn()%>\"/>\n\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\tCredit Card Limit: \n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 1006 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 42 }, "region": { "startLine": 67, "snippet": { "text": "\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getCcn()%>\"/>" } }, "contextRegion": { "startLine": 64, "endLine": 70, "snippet": { "text": "\t\t\t\t\t\tCredit Card: \n\t\t\t\t\t\n\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getCcn()%>\"/>\n\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\tCredit Card Limit: \n" } } }, "message": { "text": "print(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 42 }, "region": { "startLine": 67 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function doPost() in [HammerHead.java](1) might reveal system data or debugging information by calling printStackTrace() on line [204](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 204, "snippet": { "text": "\t\tthr.printStackTrace();" } }, "contextRegion": { "startLine": 201, "endLine": 207, "snippet": { "text": "\t }\n\t catch (Throwable thr)\n\t {\n\t\tthr.printStackTrace();\n\t\tlog(request, \"Could not write error screen: \"\n\t\t\t+ thr.getMessage());\n\t }\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 204, "snippet": { "text": "\t\tthr.printStackTrace();" } }, "contextRegion": { "startLine": 201, "endLine": 207, "snippet": { "text": "\t }\n\t catch (Throwable thr)\n\t {\n\t\tthr.printStackTrace();\n\t\tlog(request, \"Could not write error screen: \"\n\t\t\t+ thr.getMessage());\n\t }\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 204 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function doPost() in [HammerHead.java](1) might reveal system data or debugging information by calling printStackTrace() on line [204](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 204, "snippet": { "text": "\t\tthr.printStackTrace();" } }, "contextRegion": { "startLine": 201, "endLine": 207, "snippet": { "text": "\t }\n\t catch (Throwable thr)\n\t {\n\t\tthr.printStackTrace();\n\t\tlog(request, \"Could not write error screen: \"\n\t\t\t+ thr.getMessage());\n\t }\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 204, "snippet": { "text": "\t\tthr.printStackTrace();" } }, "contextRegion": { "startLine": 201, "endLine": 207, "snippet": { "text": "\t }\n\t catch (Throwable thr)\n\t {\n\t\tthr.printStackTrace();\n\t\tlog(request, \"Could not write error screen: \"\n\t\t\t+ thr.getMessage());\n\t }\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 204 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function doPost() in [HammerHead.java](1) might reveal system data or debugging information by calling printStackTrace() on line [204](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 204, "snippet": { "text": "\t\tthr.printStackTrace();" } }, "contextRegion": { "startLine": 201, "endLine": 207, "snippet": { "text": "\t }\n\t catch (Throwable thr)\n\t {\n\t\tthr.printStackTrace();\n\t\tlog(request, \"Could not write error screen: \"\n\t\t\t+ thr.getMessage());\n\t }\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 204, "snippet": { "text": "\t\tthr.printStackTrace();" } }, "contextRegion": { "startLine": 201, "endLine": 207, "snippet": { "text": "\t }\n\t catch (Throwable thr)\n\t {\n\t\tthr.printStackTrace();\n\t\tlog(request, \"Could not write error screen: \"\n\t\t\t+ thr.getMessage());\n\t }\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 204 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function changeEmployeeProfile() in [UpdateProfile.java](1) might reveal system data or debugging information by calling printStackTrace() on line [260](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 260, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 257, "endLine": 263, "snippet": { "text": "\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error updating employee profile\");\n\t e.printStackTrace();\n\t}\n }\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 260, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 257, "endLine": 263, "snippet": { "text": "\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error updating employee profile\");\n\t e.printStackTrace();\n\t}\n }\n\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 260 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 17, "message": { "text": "The catch block at [AccessControlMatrix.java](1) line [111](1) handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program.\r\nThe catch block handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 105 }, "region": { "startLine": 111, "endLine": 115, "snippet": { "text": "\t\tcatch (Exception e)\r\n\t\t{\r\n\t\t s.setMessage(\"Error generating \" + this.getClass().getName());\r\n\t\t e.printStackTrace();\r\n\t\t}" } }, "contextRegion": { "startLine": 108, "endLine": 118, "snippet": { "text": "\t\t\t\t+ resource);\n\t\t }\n\t\t}\n\t\tcatch (Exception e)\n\t\t{\n\t\t s.setMessage(\"Error generating \" + this.getClass().getName());\n\t\t e.printStackTrace();\n\t\t}\n\t\n\t\treturn (ec);\n }\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 105 }, "region": { "startLine": 111, "endLine": 115, "snippet": { "text": "\t\tcatch (Exception e)\r\n\t\t{\r\n\t\t s.setMessage(\"Error generating \" + this.getClass().getName());\r\n\t\t e.printStackTrace();\r\n\t\t}" } }, "contextRegion": { "startLine": 108, "endLine": 118, "snippet": { "text": "\t\t\t\t+ resource);\n\t\t }\n\t\t}\n\t\tcatch (Exception e)\n\t\t{\n\t\t s.setMessage(\"Error generating \" + this.getClass().getName());\n\t\t e.printStackTrace();\n\t\t}\n\t\n\t\treturn (ec);\n }\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 105 }, "region": { "startLine": 111, "startColumn": 3, "endLine": 115 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function handleRequest() in [FindProfile.java](1) might reveal system data or debugging information by calling printStackTrace() on line [121](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 51 }, "region": { "startLine": 121, "snippet": { "text": "\t\t ue1.printStackTrace();" } }, "contextRegion": { "startLine": 118, "endLine": 124, "snippet": { "text": "\t\tcatch (UnauthenticatedException ue1)\n\t\t{\n\t\t System.out.println(\"Internal server error\");\n\t\t ue1.printStackTrace();\n\t\t}\n\t\tcatch (UnauthorizedException ue2)\n\t\t{\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 51 }, "region": { "startLine": 121, "snippet": { "text": "\t\t ue1.printStackTrace();" } }, "contextRegion": { "startLine": 118, "endLine": 124, "snippet": { "text": "\t\tcatch (UnauthenticatedException ue1)\n\t\t{\n\t\t System.out.println(\"Internal server error\");\n\t\t ue1.printStackTrace();\n\t\t}\n\t\tcatch (UnauthorizedException ue2)\n\t\t{\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 51 }, "region": { "startLine": 121 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function doChangeEmployeeProfile_BACKUP() in [UpdateProfile.java](1) might reveal system data or debugging information by calling printStackTrace() on line [309](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 309, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 306, "endLine": 312, "snippet": { "text": "\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error updating employee profile\");\n\t e.printStackTrace();\n\t}\n }\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 309, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 306, "endLine": 312, "snippet": { "text": "\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error updating employee profile\");\n\t e.printStackTrace();\n\t}\n }\n\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 309 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function isDefaced() in [Challenge2Screen.java](1) might reveal system data or debugging information by calling printStackTrace() on line [390](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 390, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 387, "endLine": 393, "snippet": { "text": "\t}\n\tcatch (Exception e)\n\t{\n\t e.printStackTrace();\n\t}\n\treturn defaced;\n\t//\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 390, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 387, "endLine": 393, "snippet": { "text": "\t}\n\tcatch (Exception e)\n\t{\n\t e.printStackTrace();\n\t}\n\treturn defaced;\n\t//\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 390 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 140, "level": "error", "message": { "text": "The function main() in [CreateDB.java](1) sometimes fails to release a system resource allocated by getConnection() on line 70.\r\nThe program can potentially fail to release a database connection." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 40 }, "region": { "startLine": 73, "snippet": { "text": "\t db.makeDB(connection);" } }, "contextRegion": { "startLine": 70, "endLine": 76, "snippet": { "text": "\t\t .getConnection(\n\t\t\t \"jdbc:odbc:;DRIVER=Microsoft Access Driver (*.mdb);DBQ=c:/webgoat.mdb;PWD=webgoat\",\n\t\t\t \"webgoat\", \"webgoat\");\n\t db.makeDB(connection);\n\t}\n\tcatch (Exception e)\n\t{\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 40 }, "region": { "startLine": 58, "snippet": { "text": "\t Class.forName(\"sun.jdbc.odbc.JdbcOdbcDriver\").newInstance();" } }, "contextRegion": { "startLine": 55, "endLine": 61, "snippet": { "text": "\n\ttry\n\t{\n\t Class.forName(\"sun.jdbc.odbc.JdbcOdbcDriver\").newInstance();\n\t}\n\tcatch (Exception e)\n\t{\n" } } }, "message": { "text": "java.lang.Exception thrown" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 40 }, "region": { "startLine": 70, "snippet": { "text": "\t\t .getConnection(" } }, "contextRegion": { "startLine": 67, "endLine": 73, "snippet": { "text": "\t{\n\n\t connection = DriverManager\n\t\t .getConnection(\n\t\t\t \"jdbc:odbc:;DRIVER=Microsoft Access Driver (*.mdb);DBQ=c:/webgoat.mdb;PWD=webgoat\",\n\t\t\t \"webgoat\", \"webgoat\");\n\t db.makeDB(connection);\n" } } }, "message": { "text": "connection = getConnection(...)" }, "annotations": [ { "startLine": 69, "startColumn": 6, "message": { "text": "connection refers to a database connection" } } ] }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 40 }, "region": { "startLine": 73, "snippet": { "text": "\t db.makeDB(connection);" } }, "contextRegion": { "startLine": 70, "endLine": 76, "snippet": { "text": "\t\t .getConnection(\n\t\t\t \"jdbc:odbc:;DRIVER=Microsoft Access Driver (*.mdb);DBQ=c:/webgoat.mdb;PWD=webgoat\",\n\t\t\t \"webgoat\", \"webgoat\");\n\t db.makeDB(connection);\n\t}\n\tcatch (Exception e)\n\t{\n" } } }, "message": { "text": "?.makeDB(connection)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 40 }, "region": { "startLine": 90, "snippet": { "text": "\t\t ResultSet.CONCUR_READ_ONLY);" } }, "contextRegion": { "startLine": 87, "endLine": 93, "snippet": { "text": "\t{\n\t Statement answer_statement = connection.createStatement(\n\t\t ResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t ResultSet.CONCUR_READ_ONLY);\n\t ResultSet answer_results = answer_statement.executeQuery(query);\n\t answer_results.first();\n\t int employeeId = answer_results.getInt(\"userid\");\n" } } }, "message": { "text": "java.sql.SQLException thrown" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 40 }, "region": { "startLine": 114, "snippet": { "text": "\t\t ResultSet.CONCUR_READ_ONLY);" } }, "contextRegion": { "startLine": 111, "endLine": 117, "snippet": { "text": "\t{\n\t Statement answer_statement = connection.createStatement(\n\t\t ResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t ResultSet.CONCUR_READ_ONLY);\n\t ResultSet answer_results = answer_statement.executeQuery(query);\n\t boolean allowed = answer_results.first();\n\t //boolean allowed = answer_results.next();\n" } } }, "message": { "text": "java.sql.SQLException thrown" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 40 }, "region": { "startLine": 128, "snippet": { "text": " }" } }, "contextRegion": { "startLine": 125, "endLine": 131, "snippet": { "text": "\t{\n\t sqle.printStackTrace();\n\t}\n }\n\n\n /**\n" } } }, "message": { "text": "connection end scope : Database resource leaked" } }, "kinds": [ "exit", "scope" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 40 }, "region": { "startLine": 73 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 111, "message": { "text": "The call to readLine() at [AbstractLesson.java](1) line [465](1) might allow an attacker to crash the program or otherwise make it unavailable to legitimate users.\r\nAn attacker could cause the program to crash or otherwise become unavailable to legitimate users." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 75 }, "region": { "startLine": 465, "snippet": { "text": "\t while ((line = reader.readLine()) != null)" } }, "contextRegion": { "startLine": 462, "endLine": 468, "snippet": { "text": "\t{\n\t String line;\n\n\t while ((line = reader.readLine()) != null)\n\t {\n\t\tif (numbers)\n\t\t{\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 75 }, "region": { "startLine": 465, "snippet": { "text": "\t while ((line = reader.readLine()) != null)" } }, "contextRegion": { "startLine": 462, "endLine": 468, "snippet": { "text": "\t{\n\t String line;\n\n\t while ((line = reader.readLine()) != null)\n\t {\n\t\tif (numbers)\n\t\t{\n" } } }, "message": { "text": "readLine()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 75 }, "region": { "startLine": 465 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function Course() in [Course.java](1) might reveal system data or debugging information by calling printStackTrace() on line [72](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 63 }, "region": { "startLine": 72, "snippet": { "text": "\t\t e.printStackTrace();" } }, "contextRegion": { "startLine": 69, "endLine": 75, "snippet": { "text": "\t\tcatch (IOException e)\n\t\t{\n\t\t System.out.println(\"Error loading WebGoat properties\");\n\t\t e.printStackTrace();\n\t\t}\n }\n \n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 63 }, "region": { "startLine": 72, "snippet": { "text": "\t\t e.printStackTrace();" } }, "contextRegion": { "startLine": 69, "endLine": 75, "snippet": { "text": "\t\tcatch (IOException e)\n\t\t{\n\t\t System.out.println(\"Error loading WebGoat properties\");\n\t\t e.printStackTrace();\n\t\t}\n }\n \n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 63 }, "region": { "startLine": 72 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function createEmployeeProfile_BACKUP() in [UpdateProfile.java](1) might reveal system data or debugging information by calling printStackTrace() on line [393](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 393, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 390, "endLine": 396, "snippet": { "text": "\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error updating employee profile\");\n\t e.printStackTrace();\n\t}\n }\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 393, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 390, "endLine": 396, "snippet": { "text": "\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error updating employee profile\");\n\t e.printStackTrace();\n\t}\n }\n\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 393 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 47, "level": "note", "message": { "text": "The method showDefaceAttempt() in [Challenge2Screen.java](1) throws a generic exception making it harder for callers to do a good job of error handling and recovery.\r\nThe method throws a generic exception making it harder for callers to do a good job of error handling and recovery." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 397, "snippet": { "text": " private Element showDefaceAttempt(WebSession s) throws Exception" } }, "contextRegion": { "startLine": 394, "endLine": 400, "snippet": { "text": " }\n\n\n private Element showDefaceAttempt(WebSession s) throws Exception\n {\n\tElementContainer ec = new ElementContainer();\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 397, "snippet": { "text": " private Element showDefaceAttempt(WebSession s) throws Exception" } }, "contextRegion": { "startLine": 394, "endLine": 400, "snippet": { "text": " }\n\n\n private Element showDefaceAttempt(WebSession s) throws Exception\n {\n\tElementContainer ec = new ElementContainer();\n\n" } } }, "message": { "text": "Function: showDefaceAttempt" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 397 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function handleRequest() in [RoleBasedAccessControl.java](1) might reveal system data or debugging information by calling printStackTrace() on line [351](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 351, "snippet": { "text": "\t ue.printStackTrace();" } }, "contextRegion": { "startLine": 348, "endLine": 354, "snippet": { "text": "\t{\n\t s.setMessage(\"Login failed\");\n\t System.out.println(\"Authentication failure\");\n\t ue.printStackTrace();\n\t}\n\tcatch (UnauthorizedException ue2)\n\t{\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 351, "snippet": { "text": "\t ue.printStackTrace();" } }, "contextRegion": { "startLine": 348, "endLine": 354, "snippet": { "text": "\t{\n\t s.setMessage(\"Login failed\");\n\t System.out.println(\"Authentication failure\");\n\t ue.printStackTrace();\n\t}\n\tcatch (UnauthorizedException ue2)\n\t{\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 351 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 17, "message": { "text": "The catch block at [Encoding.java](1) line [1010](1) handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program.\r\nThe catch block handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 1010, "endLine": 1013, "snippet": { "text": "\t\tcatch ( Exception e )\r\n\t\t{\r\n\t\t\treturn \"String not XOR encoded.\";\r\n\t\t}" } }, "contextRegion": { "startLine": 1007, "endLine": 1016, "snippet": { "text": "\t\t\tString decoded = base64Decode( input );\n\t\t\treturn new String( xor( decoded, userKey ) );\n\t\t}\n\t\tcatch ( Exception e )\n\t\t{\n\t\t\treturn \"String not XOR encoded.\";\n\t\t}\n\t}\n\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 1010, "endLine": 1013, "snippet": { "text": "\t\tcatch ( Exception e )\r\n\t\t{\r\n\t\t\treturn \"String not XOR encoded.\";\r\n\t\t}" } }, "contextRegion": { "startLine": 1007, "endLine": 1016, "snippet": { "text": "\t\t\tString decoded = base64Decode( input );\n\t\t\treturn new String( xor( decoded, userKey ) );\n\t\t}\n\t\tcatch ( Exception e )\n\t\t{\n\t\t\treturn \"String not XOR encoded.\";\n\t\t}\n\t}\n\n\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 1010, "startColumn": 3, "endLine": 1013 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 40, "message": { "text": "The method createContent() in [WSDLScanning.java](1) can dereference a null pointer on line 217 because it does not check the return value of getParameterValues(), which might return null.\r\nThe program can dereference a null pointer because it does not check the return value of a function that might return null." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 83 }, "region": { "startLine": 201, "snippet": { "text": "\t String[] fields = s.getParser().getParameterValues(\"field\");" } }, "contextRegion": { "startLine": 198, "endLine": 204, "snippet": { "text": "\n\ttry\n\t{\n\t String[] fields = s.getParser().getParameterValues(\"field\");\n\t int id = s.getParser().getIntParameter(\"id\");\n\t if (connection == null)\n\t {\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 83 }, "region": { "startLine": 201, "snippet": { "text": "\t String[] fields = s.getParser().getParameterValues(\"field\");" } }, "contextRegion": { "startLine": 198, "endLine": 204, "snippet": { "text": "\n\ttry\n\t{\n\t String[] fields = s.getParser().getParameterValues(\"field\");\n\t int id = s.getParser().getIntParameter(\"id\");\n\t if (connection == null)\n\t {\n" } } }, "message": { "text": "fields = getParameterValues(...) : ParameterParser.getParameterValues may return NULL" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 83 }, "region": { "startLine": 217, "snippet": { "text": "\t for (int i = 0; i < fields.length; i++)" } }, "contextRegion": { "startLine": 214, "endLine": 220, "snippet": { "text": "\t }\n\t TR header = new TR();\n\t TR results = new TR();\n\t for (int i = 0; i < fields.length; i++)\n\t {\n\t\theader.addElement(new TD().addElement(fields[i]));\n\t\tresults.addElement(new TD()\n" } } }, "message": { "text": "fields.length : fields used without null check" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 83 }, "region": { "startLine": 201 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function getEmployeeProfile() in [ViewProfile.java](1) might reveal system data or debugging information by calling printStackTrace() on line [160](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 66 }, "region": { "startLine": 160, "snippet": { "text": "\t\tsqle.printStackTrace();" } }, "contextRegion": { "startLine": 157, "endLine": 163, "snippet": { "text": "\t catch (SQLException sqle)\n\t {\n\t\ts.setMessage(\"Error getting employee profile\");\n\t\tsqle.printStackTrace();\n\t }\n\t}\n\tcatch (Exception e)\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 66 }, "region": { "startLine": 160, "snippet": { "text": "\t\tsqle.printStackTrace();" } }, "contextRegion": { "startLine": 157, "endLine": 163, "snippet": { "text": "\t catch (SQLException sqle)\n\t {\n\t\ts.setMessage(\"Error getting employee profile\");\n\t\tsqle.printStackTrace();\n\t }\n\t}\n\tcatch (Exception e)\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 66 }, "region": { "startLine": 160 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 17, "message": { "text": "The catch block at [ParameterParser.java](1) line [223](1) handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program.\r\nThe catch block handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 223, "endLine": 226, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t return def;\r\n\t}" } }, "contextRegion": { "startLine": 220, "endLine": 229, "snippet": { "text": "\t{\n\t return getCharParameter(name);\n\t}\n\tcatch (Exception e)\n\t{\n\t return def;\n\t}\n }\n\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 223, "endLine": 226, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t return def;\r\n\t}" } }, "contextRegion": { "startLine": 220, "endLine": 229, "snippet": { "text": "\t{\n\t return getCharParameter(name);\n\t}\n\tcatch (Exception e)\n\t{\n\t return def;\n\t}\n }\n\n\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 223, "startColumn": 2, "endLine": 226 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function createContent() in [PathBasedAccessControl.java](1) might reveal system data or debugging information by calling printStackTrace() on line [217](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 52 }, "region": { "startLine": 217, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 214, "endLine": 220, "snippet": { "text": "\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\n\t e.printStackTrace();\n\t}\n\n\treturn (ec);\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 52 }, "region": { "startLine": 217, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 214, "endLine": 220, "snippet": { "text": "\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\n\t e.printStackTrace();\n\t}\n\n\treturn (ec);\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 52 }, "region": { "startLine": 217 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 12, "level": "note", "message": { "text": "On line [98](1) of [ListStaff.java](1), the method getAllEmployees() invokes a SQL query built using input potentially coming from an untrusted source. This call could allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands.\r\nConstructing a dynamic SQL statement with input coming from an untrusted source could allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 104 }, "region": { "startLine": 98, "snippet": { "text": "\t\tResultSet answer_results = answer_statement.executeQuery(query);" } }, "contextRegion": { "startLine": 95, "endLine": 101, "snippet": { "text": "\t\tStatement answer_statement = WebSession.getConnection(s)\n\t\t\t.createStatement(ResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tResultSet answer_results = answer_statement.executeQuery(query);\n\t\tanswer_results.beforeFirst();\n\t\twhile (answer_results.next())\n\t\t{\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 104 }, "region": { "startLine": 98, "snippet": { "text": "\t\tResultSet answer_results = answer_statement.executeQuery(query);" } }, "contextRegion": { "startLine": 95, "endLine": 101, "snippet": { "text": "\t\tStatement answer_statement = WebSession.getConnection(s)\n\t\t\t.createStatement(ResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tResultSet answer_results = answer_statement.executeQuery(query);\n\t\tanswer_results.beforeFirst();\n\t\twhile (answer_results.next())\n\t\t{\n" } } }, "message": { "text": "executeQuery()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 104 }, "region": { "startLine": 98 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 36, "level": "error", "message": { "text": "The method _jspService() in [ViewProfile.jsp](1) sends unvalidated data to a web browser on line [9](1), which can result in the browser executing malicious code.\r\nSending unvalidated data to a web browser can result in the browser executing malicious code." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 44 }, "region": { "startLine": 9, "snippet": { "text": "\t\t
Welcome Back <%=webSession.getUserNameInLesson()%> - View Profile Page
" } }, "contextRegion": { "startLine": 6, "endLine": 12, "snippet": { "text": "\tWebSession webSession = ((WebSession)session.getAttribute(\"websession\"));\n//\tint myUserId = getIntSessionAttribute(webSession, \"RoleBasedAccessControl.\" + RoleBasedAccessControl.USER_ID);\n%>\n\t\t
Welcome Back <%=webSession.getUserNameInLesson()%> - View Profile Page
\n\t\t
\n\t\t\t\t\n\t\t\t\t
\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 507 }, { "index": 508 }, { "index": 509 }, { "index": 510 }, { "index": 511 }, { "index": 512 }, { "index": 516 }, { "index": 517 }, { "index": 518 }, { "index": 1065 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 44 }, "region": { "startLine": 9, "snippet": { "text": "\t\t
Welcome Back <%=webSession.getUserNameInLesson()%> - View Profile Page
" } }, "contextRegion": { "startLine": 6, "endLine": 12, "snippet": { "text": "\tWebSession webSession = ((WebSession)session.getAttribute(\"websession\"));\n//\tint myUserId = getIntSessionAttribute(webSession, \"RoleBasedAccessControl.\" + RoleBasedAccessControl.USER_ID);\n%>\n\t\t
Welcome Back <%=webSession.getUserNameInLesson()%> - View Profile Page
\n\t\t
\n\t\t\t\t\n\t\t\t\t
\n" } } }, "message": { "text": "print(0)" } }, "kinds": [ "call", "function" ] } ] } ] }, { "threadFlows": [ { "locations": [ { "index": 507 }, { "index": 508 }, { "index": 509 }, { "index": 510 }, { "index": 511 }, { "index": 520 }, { "index": 521 }, { "index": 517 }, { "index": 518 }, { "index": 1065 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 44 }, "region": { "startLine": 9, "snippet": { "text": "\t\t
Welcome Back <%=webSession.getUserNameInLesson()%> - View Profile Page
" } }, "contextRegion": { "startLine": 6, "endLine": 12, "snippet": { "text": "\tWebSession webSession = ((WebSession)session.getAttribute(\"websession\"));\n//\tint myUserId = getIntSessionAttribute(webSession, \"RoleBasedAccessControl.\" + RoleBasedAccessControl.USER_ID);\n%>\n\t\t
Welcome Back <%=webSession.getUserNameInLesson()%> - View Profile Page
\n\t\t
\n\t\t\t\t\n\t\t\t\t
\n" } } }, "message": { "text": "print(0)" } }, "kinds": [ "call", "function" ] } ] } ] }, { "threadFlows": [ { "locations": [ { "index": 507 }, { "index": 508 }, { "index": 509 }, { "index": 510 }, { "index": 511 }, { "index": 523 }, { "index": 524 }, { "index": 517 }, { "index": 518 }, { "index": 1065 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 44 }, "region": { "startLine": 9, "snippet": { "text": "\t\t
Welcome Back <%=webSession.getUserNameInLesson()%> - View Profile Page
" } }, "contextRegion": { "startLine": 6, "endLine": 12, "snippet": { "text": "\tWebSession webSession = ((WebSession)session.getAttribute(\"websession\"));\n//\tint myUserId = getIntSessionAttribute(webSession, \"RoleBasedAccessControl.\" + RoleBasedAccessControl.USER_ID);\n%>\n\t\t
Welcome Back <%=webSession.getUserNameInLesson()%> - View Profile Page
\n\t\t
\n\t\t\t\t\n\t\t\t\t\n\t\t\t\t\t\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 16 }, "region": { "startLine": 31, "snippet": { "text": "\t\t\t\t\t\t" } }, "contextRegion": { "startLine": 28, "endLine": 34, "snippet": { "text": "\t\t\t\t\t\tStreet: \n\t\t\t\t\t\n\t\t\t\t\t\n" } } }, "message": { "text": "Comment" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 16 }, "region": { "startLine": 31, "startColumn": 7 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function handleRequest() in [FindProfile.java](1) might reveal system data or debugging information by calling printStackTrace() on line [89](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 93 }, "region": { "startLine": 89, "snippet": { "text": "\t\t ue2.printStackTrace();" } }, "contextRegion": { "startLine": 86, "endLine": 92, "snippet": { "text": "\t\tcatch (UnauthorizedException ue2)\n\t\t{\n\t\t System.out.println(\"Internal server error\");\n\t\t ue2.printStackTrace();\n\t\t}\n\t }\n\t}\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 93 }, "region": { "startLine": 89, "snippet": { "text": "\t\t ue2.printStackTrace();" } }, "contextRegion": { "startLine": 86, "endLine": 92, "snippet": { "text": "\t\tcatch (UnauthorizedException ue2)\n\t\t{\n\t\t System.out.println(\"Internal server error\");\n\t\t ue2.printStackTrace();\n\t\t}\n\t }\n\t}\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 93 }, "region": { "startLine": 89 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 82, "message": { "text": "The class SoapRequest stores a database connection in a static field, which creates a race condition when the connection is shared between threads.\r\nDatabase connections stored in static fields will be shared between threads." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 130 }, "region": { "startLine": 74, "snippet": { "text": " public static Connection connection = null;" } }, "contextRegion": { "startLine": 71, "endLine": 77, "snippet": { "text": " */\n\n //static boolean completed;\n public static Connection connection = null;\n\n public final static String firstName = \"getFirstName\";\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 130 }, "region": { "startLine": 74, "snippet": { "text": " public static Connection connection = null;" } }, "contextRegion": { "startLine": 71, "endLine": 77, "snippet": { "text": " */\n\n //static boolean completed;\n public static Connection connection = null;\n\n public final static String firstName = \"getFirstName\";\n\n" } } }, "message": { "text": "Field: connection" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 130 }, "region": { "startLine": 74 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 78, "message": { "text": "The function getAllEmployees_BACKUP() in [ListStaff.java](1) might reveal system data or debugging information by calling printStackTrace() on line [169](1). The information revealed by printStackTrace() could help an adversary form a plan of attack.\r\nRevealing system data or debugging information helps an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 104 }, "region": { "startLine": 169, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 166, "endLine": 172, "snippet": { "text": "\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error getting employees\");\n\t e.printStackTrace();\n\t}\n\n\treturn employees;\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 104 }, "region": { "startLine": 169, "snippet": { "text": "\t e.printStackTrace();" } }, "contextRegion": { "startLine": 166, "endLine": 172, "snippet": { "text": "\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error getting employees\");\n\t e.printStackTrace();\n\t}\n\n\treturn employees;\n" } } }, "message": { "text": "printStackTrace()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 104 }, "region": { "startLine": 169 } } } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 12, "level": "note", "message": { "text": "On line [203](1) of [DefaultLessonAction.java](1), the method getUserName() invokes a SQL query built using input potentially coming from an untrusted source. This call could allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands.\r\nConstructing a dynamic SQL statement with input coming from an untrusted source could allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 106 }, "region": { "startLine": 203, "snippet": { "text": "\t\t\t\tResultSet answer_results = answer_statement.executeQuery( query );" } }, "contextRegion": { "startLine": 200, "endLine": 206, "snippet": { "text": "\t\t\ttry\n\t\t\t{\n\t\t\t\tStatement answer_statement = WebSession.getConnection(s).createStatement( ResultSet.TYPE_SCROLL_INSENSITIVE, ResultSet.CONCUR_READ_ONLY );\n\t\t\t\tResultSet answer_results = answer_statement.executeQuery( query );\n\t\t\t\tif (answer_results.next())\n\t\t\t\t\tname = answer_results.getString(\"first_name\");\n\t\t\t}\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 106 }, "region": { "startLine": 203, "snippet": { "text": "\t\t\t\tResultSet answer_results = answer_statement.executeQuery( query );" } }, "contextRegion": { "startLine": 200, "endLine": 206, "snippet": { "text": "\t\t\ttry\n\t\t\t{\n\t\t\t\tStatement answer_statement = WebSession.getConnection(s).createStatement( ResultSet.TYPE_SCROLL_INSENSITIVE, ResultSet.CONCUR_READ_ONLY );\n\t\t\t\tResultSet answer_results = answer_statement.executeQuery( query );\n\t\t\t\tif (answer_results.next())\n\t\t\t\t\tname = answer_results.getString(\"first_name\");\n\t\t\t}\n" } } }, "message": { "text": "executeQuery()" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 106 }, "region": { "startLine": 203 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 62, "level": "error", "message": { "text": "The method createContent() in [ViewDatabase.java](1) sends unvalidated data to a web browser on line [72](1), which can result in the browser executing malicious code.\r\nSending unvalidated data to a web browser can result in the browser executing malicious code." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 114 }, "region": { "startLine": 72, "snippet": { "text": "\t Input input = new Input(Input.TEXT, SQL, sqlStatement.toString());" } }, "contextRegion": { "startLine": 69, "endLine": 75, "snippet": { "text": "\n\t StringBuffer sqlStatement = new StringBuffer(s.getParser()\n\t\t .getRawParameter(SQL, \"\"));\n\t Input input = new Input(Input.TEXT, SQL, sqlStatement.toString());\n\t ec.addElement(input);\n\n\t Element b = ECSFactory.makeButton(\"Go!\");\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 0 }, { "index": 2 }, { "index": 3 }, { "index": 7 }, { "index": 10 }, { "index": 633 }, { "index": 634 }, { "index": 635 }, { "index": 1066 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 114 }, "region": { "startLine": 72, "snippet": { "text": "\t Input input = new Input(Input.TEXT, SQL, sqlStatement.toString());" } }, "contextRegion": { "startLine": 69, "endLine": 75, "snippet": { "text": "\n\t StringBuffer sqlStatement = new StringBuffer(s.getParser()\n\t\t .getRawParameter(SQL, \"\"));\n\t Input input = new Input(Input.TEXT, SQL, sqlStatement.toString());\n\t ec.addElement(input);\n\n\t Element b = ECSFactory.makeButton(\"Go!\");\n" } } }, "message": { "text": "Input(2)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 114 }, "region": { "startLine": 72 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 17, "message": { "text": "The catch block at [ListStaff.java](1) line [118](1) handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program.\r\nThe catch block handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 108 }, "region": { "startLine": 118, "endLine": 122, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t s.setMessage(\"Error getting employees\");\r\n\t e.printStackTrace();\r\n\t}" } }, "contextRegion": { "startLine": 115, "endLine": 125, "snippet": { "text": "\t\tsqle.printStackTrace();\n\t }\n\t}\n\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error getting employees\");\n\t e.printStackTrace();\n\t}\n\n\treturn employees;\n }\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 108 }, "region": { "startLine": 118, "endLine": 122, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t s.setMessage(\"Error getting employees\");\r\n\t e.printStackTrace();\r\n\t}" } }, "contextRegion": { "startLine": 115, "endLine": 125, "snippet": { "text": "\t\tsqle.printStackTrace();\n\t }\n\t}\n\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error getting employees\");\n\t e.printStackTrace();\n\t}\n\n\treturn employees;\n }\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 108 }, "region": { "startLine": 118, "startColumn": 2, "endLine": 122 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 33, "level": "note", "message": { "text": "Using println() rather than a dedicated logging facility makes it difficult to monitor the behavior of the program.\r\nUsing `System.out` or `System.err` rather than a dedicated logging facility makes it difficult to monitor the behavior of the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 75 }, "region": { "startLine": 422, "snippet": { "text": "\t System.out.println(e);" } }, "contextRegion": { "startLine": 419, "endLine": 425, "snippet": { "text": "\t}\n\tcatch (Exception e)\n\t{\n\t System.out.println(e);\n\t e.printStackTrace();\n\t}\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 75 }, "region": { "startLine": 422, "snippet": { "text": "\t System.out.println(e);" } }, "contextRegion": { "startLine": 419, "endLine": 425, "snippet": { "text": "\t}\n\tcatch (Exception e)\n\t{\n\t System.out.println(e);\n\t e.printStackTrace();\n\t}\n\n" } } }, "message": { "text": "FunctionCall: println" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 75 }, "region": { "startLine": 422 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 102, "level": "error", "message": { "text": "On line [248](1) of [UpdateProfile.java](1), the method changeEmployeeProfile() invokes a SQL query built using input coming from an untrusted source. This call could allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands.\r\nConstructing a dynamic SQL statement with input coming from an untrusted source could allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 248, "snippet": { "text": "\t\tanswer_statement.executeUpdate(query);" } }, "contextRegion": { "startLine": 245, "endLine": 251, "snippet": { "text": "\t\tStatement answer_statement = WebSession.getConnection(s)\n\t\t\t.createStatement(ResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tanswer_statement.executeUpdate(query);\n\t }\n\t catch (SQLException sqle)\n\t {\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 841 }, { "index": 842 }, { "index": 843 }, { "index": 90 }, { "index": 91 }, { "index": 845 }, { "index": 93 }, { "index": 1067 }, { "index": 1068 }, { "index": 149 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 248, "snippet": { "text": "\t\tanswer_statement.executeUpdate(query);" } }, "contextRegion": { "startLine": 245, "endLine": 251, "snippet": { "text": "\t\tStatement answer_statement = WebSession.getConnection(s)\n\t\t\t.createStatement(ResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tanswer_statement.executeUpdate(query);\n\t }\n\t catch (SQLException sqle)\n\t {\n" } } }, "message": { "text": "executeUpdate(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 248, "startColumn": 34 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 125, "level": "error", "message": { "text": "The method _jspService() in [ViewProfile.jsp](1) mishandles confidential information, which can compromise user privacy and is often illegal.\r\nMishandling private information, such as customer passwords or social security numbers, can compromise user privacy and is often illegal." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 27 }, "region": { "startLine": 54, "snippet": { "text": "\t\t\t \t\t<%=employee.getSsn()%>" } }, "contextRegion": { "startLine": 51, "endLine": 57, "snippet": { "text": "\t\t\t \t\tSSN: \n\t\t\t \t\n\t\t\t \t\n\t\t\t\t\t\n\t\t\t \t\n\t\t\t\t\t
\n" } } }, "message": { "text": "print(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 44 }, "region": { "startLine": 9 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "3.2166665" } }, { "ruleIndex": 35, "message": { "text": "The method createContent() in [XPATHInjection.java](1) can crash the program by dereferencing a null pointer on line [185](1).\r\nThe program can potentially dereference a null pointer, thereby causing a null pointer exception." }, "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 5 }, "region": { "startLine": 163, "snippet": { "text": "\t if (nodesLength > 0)" } }, "contextRegion": { "startLine": 160, "endLine": 166, "snippet": { "text": "\t int nodesLength = nodes.getLength();\n\n\t Table t2 = null;\n\t if (nodesLength > 0)\n\t {\n\t\tt2 = new Table().setCellSpacing(0).setCellPadding(0).setBorder(\n\t\t\t1).setWidth(\"90%\").setAlign(\"center\");\n" } } }, "message": { "text": "Branch not taken" } }, "kinds": [ "branch", "false" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 5 }, "region": { "startLine": 175, "snippet": { "text": "\t for (int i = 0; i < nodesLength; i++)" } }, "contextRegion": { "startLine": 172, "endLine": 178, "snippet": { "text": "\t\tt2.addElement(tr);\n\t }\n\n\t for (int i = 0; i < nodesLength; i++)\n\t {\n\t\tNode node = nodes.item(i);\n\t\tString[] arrTokens = node.getTextContent()\n" } } }, "message": { "text": "Branch taken" }, "annotations": [ { "startLine": 185, "startColumn": 3, "message": { "text": "Dereferenced : t2" } } ] }, "kinds": [ "branch", "true" ] } ] } ] } ], "properties": { "InstanceSeverity": "3.0", "Confidence": "5.0" } }, { "ruleIndex": 17, "message": { "text": "The catch block at [WSDLScanning.java](1) line [161](1) handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program.\r\nThe catch block handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 83 }, "region": { "startLine": 161, "endLine": 164, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t e.printStackTrace();\r\n\t}" } }, "contextRegion": { "startLine": 158, "endLine": 167, "snippet": { "text": "\t{\n\t e.printStackTrace();\n\t}\n\tcatch (Exception e)\n\t{\n\t e.printStackTrace();\n\t}\n\treturn null;\n }\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 83 }, "region": { "startLine": 161, "endLine": 164, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t e.printStackTrace();\r\n\t}" } }, "contextRegion": { "startLine": 158, "endLine": 167, "snippet": { "text": "\t{\n\t e.printStackTrace();\n\t}\n\tcatch (Exception e)\n\t{\n\t e.printStackTrace();\n\t}\n\treturn null;\n }\n\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 83 }, "region": { "startLine": 161, "startColumn": 2, "endLine": 164 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 17, "message": { "text": "The catch block at [HttpOnly.java](1) line [182](1) handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program.\r\nThe catch block handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 11 }, "region": { "startLine": 182, "endLine": 184, "snippet": { "text": "\t\t} catch (Exception e) {\r\n\t\t\te.printStackTrace();\r\n\t\t}" } }, "contextRegion": { "startLine": 179, "endLine": 187, "snippet": { "text": "\t\t\tvalue = encoder.encode(md.digest());\n\t\t\toriginal = value;\n\t\t\t\n\t\t} catch (Exception e) {\n\t\t\te.printStackTrace();\n\t\t}\n\t\t\n\t\treturn value;\n\t}\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 11 }, "region": { "startLine": 182, "endLine": 184, "snippet": { "text": "\t\t} catch (Exception e) {\r\n\t\t\te.printStackTrace();\r\n\t\t}" } }, "contextRegion": { "startLine": 179, "endLine": 187, "snippet": { "text": "\t\t\tvalue = encoder.encode(md.digest());\n\t\t\toriginal = value;\n\t\t\t\n\t\t} catch (Exception e) {\n\t\t\te.printStackTrace();\n\t\t}\n\t\t\n\t\treturn value;\n\t}\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 11 }, "region": { "startLine": 182, "startColumn": 5, "endLine": 184 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 101, "level": "note", "message": { "text": "Any information revealed in the HTML comment at [ViewProfile.jsp](1) line [31](1) could help an adversary learn about the system and form a plan of attack.\r\nAny information revealed in an HTML comment might help an adversary learn about the system and form a plan of attack." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 16 }, "region": { "startLine": 31, "snippet": { "text": "\t\t\t\t\t\t" } }, "contextRegion": { "startLine": 28, "endLine": 34, "snippet": { "text": "\t\t\t\t\t\tStreet: \n\t\t\t\t\t\n\t\t\t\t\t\t\n\n\t\t\t\t\t\t<%=employee.getAddress1()%>\n\t\t\t\t\t\n\t\t\t\t\t\t\n\n\t\t\t\t\t\t<%=employee.getAddress1()%>\n\t\t\t\t\t\n\t\t\t \t\t<%=employee.getSsn()%>\n\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\tSalary: \n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 194 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 27 }, "region": { "startLine": 54, "snippet": { "text": "\t\t\t \t\t<%=employee.getSsn()%>" } }, "contextRegion": { "startLine": 51, "endLine": 57, "snippet": { "text": "\t\t\t \t\tSSN: \n\t\t\t \t\n\t\t\t \t\t<%=employee.getSsn()%>\n\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\tSalary: \n" } } }, "message": { "text": "print(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 27 }, "region": { "startLine": 54 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 24, "level": "error", "message": { "text": "The method writeTable() in [DatabaseUtilities.java](1) sends unvalidated data to a web browser on line [154](1), which can result in the browser executing malicious code.\r\nSending unvalidated data to a web browser can result in the browser executing malicious code." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 17 }, "region": { "startLine": 154, "snippet": { "text": "\t\t row.addElement(new TD(results.getString(i).replaceAll(\" \"," } }, "contextRegion": { "startLine": 151, "endLine": 157, "snippet": { "text": "\n\t\tfor (int i = 1; i < (numColumns + 1); i++)\n\t\t{\n\t\t row.addElement(new TD(results.getString(i).replaceAll(\" \",\n\t\t\t \" \")));\n\t\t}\n\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "index": 1069 }, { "index": 1070 }, { "index": 1071 }, { "index": 65 }, { "index": 66 }, { "location": { "physicalLocation": { "artifactLocation": { "index": 17 }, "region": { "startLine": 154, "snippet": { "text": "\t\t row.addElement(new TD(results.getString(i).replaceAll(\" \"," } }, "contextRegion": { "startLine": 151, "endLine": 157, "snippet": { "text": "\n\t\tfor (int i = 1; i < (numColumns + 1); i++)\n\t\t{\n\t\t row.addElement(new TD(results.getString(i).replaceAll(\" \",\n\t\t\t \" \")));\n\t\t}\n\n" } } }, "message": { "text": "TD(0)" } }, "kinds": [ "call", "function" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 17 }, "region": { "startLine": 154 } } } ], "properties": { "InstanceSeverity": "4.0", "Confidence": "5.0" } }, { "ruleIndex": 47, "level": "note", "message": { "text": "The method makeUser() in [WeakAuthenticationCookie.java](1) throws a generic exception making it harder for callers to do a good job of error handling and recovery.\r\nThe method throws a generic exception making it harder for callers to do a good job of error handling and recovery." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 132 }, "region": { "startLine": 373, "snippet": { "text": " protected Element makeUser(WebSession s, String user, String method)" } }, "contextRegion": { "startLine": 370, "endLine": 376, "snippet": { "text": " * @return Description of the Return Value\n * @exception Exception Description of the Exception\n */\n protected Element makeUser(WebSession s, String user, String method)\n\t throws Exception\n {\n\tElementContainer ec = new ElementContainer();\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 132 }, "region": { "startLine": 373, "snippet": { "text": " protected Element makeUser(WebSession s, String user, String method)" } }, "contextRegion": { "startLine": 370, "endLine": 376, "snippet": { "text": " * @return Description of the Return Value\n * @exception Exception Description of the Exception\n */\n protected Element makeUser(WebSession s, String user, String method)\n\t throws Exception\n {\n\tElementContainer ec = new ElementContainer();\n" } } }, "message": { "text": "Function: makeUser" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 132 }, "region": { "startLine": 373 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 17, "message": { "text": "The catch block at [ParameterParser.java](1) line [428](1) handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program.\r\nThe catch block handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 428, "endLine": 431, "snippet": { "text": "\t\t catch (Exception e)\r\n\t\t {\r\n\t\t\tvalid = false;\r\n\t\t }" } }, "contextRegion": { "startLine": 425, "endLine": 434, "snippet": { "text": "\t\t\t valid = false;\n\t\t\t}\n\t\t }\n\t\t catch (Exception e)\n\t\t {\n\t\t\tvalid = false;\n\t\t }\n\n\t\t octetCount++;\n\t\t}\n" } } } } ], "codeFlows": [ { "threadFlows": [ { "locations": [ { "location": { "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 428, "endLine": 431, "snippet": { "text": "\t\t catch (Exception e)\r\n\t\t {\r\n\t\t\tvalid = false;\r\n\t\t }" } }, "contextRegion": { "startLine": 425, "endLine": 434, "snippet": { "text": "\t\t\t valid = false;\n\t\t\t}\n\t\t }\n\t\t catch (Exception e)\n\t\t {\n\t\t\tvalid = false;\n\t\t }\n\n\t\t octetCount++;\n\t\t}\n" } } }, "message": { "text": "CatchBlock" } }, "kinds": [ "unknown" ] } ] } ] } ], "relatedLocations": [ { "id": 1, "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 428, "startColumn": 7, "endLine": 431 } } } ], "properties": { "InstanceSeverity": "2.0", "Confidence": "5.0" } }, { "ruleIndex": 17, "message": { "text": "The catch block at [DOMInjection.java](1) line [89](1) handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program.\r\nThe catch block handles a broad swath of exceptions, potentially trapping dissimilar issues or problems that should not be dealt with at this point in the program." }, "locations": [ { "physicalLocation": { "artifactLocation": { "index": 1 }, "region": { "startLine": 89, "endLine": 93, "snippet": { "text": "\tcatch (Exception e)\r\n\t{\r\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\r\n\t e.printStackTrace();\r\n\t}" } }, "contextRegion": { "startLine": 86, "endLine": 96, "snippet": { "text": "\t\tmakeSuccess(s);\n\t }\n\t}\n\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\n\t e.printStackTrace();\n\t}\n\n\tString lineSep = System.getProperty(\"line.separator\");\n\tString script = \"\") > -1)\n" } } }, "message": { "text": "getName(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 46 }, "region": { "startLine": 271, "snippet": { "text": "\t\t\t\t.getInitParameter( FEEDBACK_ADDRESS ) : feedbackAddress;" } }, "contextRegion": { "startLine": 268, "endLine": 274, "snippet": { "text": "\t\tdefuseOSCommands = \"true\".equals( servlet.getInitParameter( DEFUSEOSCOMMANDS ) );\n\t\tenterprise = \"true\".equals( servlet.getInitParameter( ENTERPRISE ) );\n\t\tfeedbackAddress = servlet.getInitParameter( FEEDBACK_ADDRESS ) != null ? servlet\n\t\t\t\t.getInitParameter( FEEDBACK_ADDRESS ) : feedbackAddress;\n\t\tshowRequest = \"true\".equals( servlet.getInitParameter( SHOWREQUEST ) );\n\t\tisDebug = \"true\".equals( servlet.getInitParameter( DEBUG ) );\n\t\tdatabaseConnectionString = servlet.getInitParameter( DATABASE_CONNECTION_STRING );\n" } } }, "message": { "text": "getInitParameter(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 46 }, "region": { "startLine": 270, "snippet": { "text": "\t\tfeedbackAddress = servlet.getInitParameter( FEEDBACK_ADDRESS ) != null ? servlet" } }, "contextRegion": { "startLine": 267, "endLine": 273, "snippet": { "text": "\t\tshowSource = \"true\".equals( servlet.getInitParameter( SHOWSOURCE ) );\n\t\tdefuseOSCommands = \"true\".equals( servlet.getInitParameter( DEFUSEOSCOMMANDS ) );\n\t\tenterprise = \"true\".equals( servlet.getInitParameter( ENTERPRISE ) );\n\t\tfeedbackAddress = servlet.getInitParameter( FEEDBACK_ADDRESS ) != null ? servlet\n\t\t\t\t.getInitParameter( FEEDBACK_ADDRESS ) : feedbackAddress;\n\t\tshowRequest = \"true\".equals( servlet.getInitParameter( SHOWREQUEST ) );\n\t\tisDebug = \"true\".equals( servlet.getInitParameter( DEBUG ) );\n" } } }, "message": { "text": "Assignment to this.feedbackAddress" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 494, "snippet": { "text": "\t session = new WebSession(this, context);" } }, "contextRegion": { "startLine": 491, "endLine": 497, "snippet": { "text": "\t{\n\t // Create new custom session and save it in the HTTP session\n\t // System.out.println( \"HH Creating new WebSession: \" );\n\t session = new WebSession(this, context);\n\t hs.setAttribute(WebSession.SESSION, session);\n\t // reset timeout\n\t hs.setMaxInactiveInterval(sessionTimeoutSeconds);\n" } } }, "message": { "text": "WebSession(this.feedbackAddress)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 135, "snippet": { "text": "\t mySession = updateSession(request, response, context);" } }, "contextRegion": { "startLine": 132, "endLine": 138, "snippet": { "text": "\n\t // FIXME: If a response is written by updateSession(), do not\n\t // call makeScreen() and writeScreen()\n\t mySession = updateSession(request, response, context);\n\t if (response.isCommitted())\n\t\treturn;\n\n" } } }, "message": { "text": "updateSession(return.feedbackAddress)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 106 }, "region": { "startLine": 203, "snippet": { "text": "\t\t\t\tResultSet answer_results = answer_statement.executeQuery( query );" } }, "contextRegion": { "startLine": 200, "endLine": 206, "snippet": { "text": "\t\t\ttry\n\t\t\t{\n\t\t\t\tStatement answer_statement = WebSession.getConnection(s).createStatement( ResultSet.TYPE_SCROLL_INSENSITIVE, ResultSet.CONCUR_READ_ONLY );\n\t\t\t\tResultSet answer_results = answer_statement.executeQuery( query );\n\t\t\t\tif (answer_results.next())\n\t\t\t\t\tname = answer_results.getString(\"first_name\");\n\t\t\t}\n" } } }, "message": { "text": "executeQuery(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 106 }, "region": { "startLine": 203, "snippet": { "text": "\t\t\t\tResultSet answer_results = answer_statement.executeQuery( query );" } }, "contextRegion": { "startLine": 200, "endLine": 206, "snippet": { "text": "\t\t\ttry\n\t\t\t{\n\t\t\t\tStatement answer_statement = WebSession.getConnection(s).createStatement( ResultSet.TYPE_SCROLL_INSENSITIVE, ResultSet.CONCUR_READ_ONLY );\n\t\t\t\tResultSet answer_results = answer_statement.executeQuery( query );\n\t\t\t\tif (answer_results.next())\n\t\t\t\t\tname = answer_results.getString(\"first_name\");\n\t\t\t}\n" } } }, "message": { "text": "Assignment to answer_results" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 106 }, "region": { "startLine": 205, "snippet": { "text": "\t\t\t\t\tname = answer_results.getString(\"first_name\");" } }, "contextRegion": { "startLine": 202, "endLine": 208, "snippet": { "text": "\t\t\t\tStatement answer_statement = WebSession.getConnection(s).createStatement( ResultSet.TYPE_SCROLL_INSENSITIVE, ResultSet.CONCUR_READ_ONLY );\n\t\t\t\tResultSet answer_results = answer_statement.executeQuery( query );\n\t\t\t\tif (answer_results.next())\n\t\t\t\t\tname = answer_results.getString(\"first_name\");\n\t\t\t}\n\t\t\tcatch ( SQLException sqle )\n\t\t\t{\n" } } }, "message": { "text": "getString(this : return)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 106 }, "region": { "startLine": 205, "snippet": { "text": "\t\t\t\t\tname = answer_results.getString(\"first_name\");" } }, "contextRegion": { "startLine": 202, "endLine": 208, "snippet": { "text": "\t\t\t\tStatement answer_statement = WebSession.getConnection(s).createStatement( ResultSet.TYPE_SCROLL_INSENSITIVE, ResultSet.CONCUR_READ_ONLY );\n\t\t\t\tResultSet answer_results = answer_statement.executeQuery( query );\n\t\t\t\tif (answer_results.next())\n\t\t\t\t\tname = answer_results.getString(\"first_name\");\n\t\t\t}\n\t\t\tcatch ( SQLException sqle )\n\t\t\t{\n" } } }, "message": { "text": "Assignment to name" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 106 }, "region": { "startLine": 219, "snippet": { "text": "\t\treturn name;" } }, "contextRegion": { "startLine": 216, "endLine": 222, "snippet": { "text": "\t\t\te.printStackTrace();\n\t\t}\n\n\t\treturn name;\n\t}\n\t\n\tpublic boolean requiresAuthentication()\n" } } }, "message": { "text": "Return name" } }, "kinds": [ "return", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 125 }, "region": { "startLine": 416, "snippet": { "text": "\treturn action.getUserName(s);" } }, "contextRegion": { "startLine": 413, "endLine": 419, "snippet": { "text": " {\n\tLessonAction action = (LessonAction) lessonFunctions\n\t\t.get(getCurrentAction(s));\n\treturn action.getUserName(s);\n }\n\n\n" } } }, "message": { "text": "getUserName(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 12 }, "region": { "startLine": 103, "snippet": { "text": "\t\tResultSet results = statement.executeQuery(query);" } }, "contextRegion": { "startLine": 100, "endLine": 106, "snippet": { "text": "\t\tStatement statement = connection.createStatement(\n\t\t\tResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tResultSet results = statement.executeQuery(query);\n\n\t\tif ((results != null) && (results.first() == true))\n\t\t{\n" } } }, "message": { "text": "executeQuery(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 12 }, "region": { "startLine": 103, "snippet": { "text": "\t\tResultSet results = statement.executeQuery(query);" } }, "contextRegion": { "startLine": 100, "endLine": 106, "snippet": { "text": "\t\tStatement statement = connection.createStatement(\n\t\t\tResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tResultSet results = statement.executeQuery(query);\n\n\t\tif ((results != null) && (results.first() == true))\n\t\t{\n" } } }, "message": { "text": "Assignment to results" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 12 }, "region": { "startLine": 110, "snippet": { "text": "\t\t ec.addElement(DatabaseUtilities.writeTable(results," } }, "contextRegion": { "startLine": 107, "endLine": 113, "snippet": { "text": "\t\t ec.addElement(\"Account information for user: \"\n\t\t\t + originalUser + \"

\");\n\t\t ResultSetMetaData resultsMetaData = results.getMetaData();\n\t\t ec.addElement(DatabaseUtilities.writeTable(results,\n\t\t\t resultsMetaData));\n\t\t}\n\t\telse\n" } } }, "message": { "text": "writeTable(0)" } }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 125 }, "region": { "startLine": 416, "snippet": { "text": "\treturn action.getUserName(s);" } }, "contextRegion": { "startLine": 413, "endLine": 419, "snippet": { "text": " {\n\tLessonAction action = (LessonAction) lessonFunctions\n\t\t.get(getCurrentAction(s));\n\treturn action.getUserName(s);\n }\n\n\n" } } }, "message": { "text": "Return" } }, "kinds": [ "return", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 46 }, "region": { "startLine": 796, "snippet": { "text": "\t\treturn getCurrentLesson().getUserName(this);" } }, "contextRegion": { "startLine": 793, "endLine": 799, "snippet": { "text": "\t\n\tpublic String getUserNameInLesson() throws ParameterNotFoundException\n\t{\n\t\treturn getCurrentLesson().getUserName(this);\n\t}\n\n\tpublic void openLessonSession(AbstractLesson lesson)\n" } } }, "message": { "text": "getUserName(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 46 }, "region": { "startLine": 796, "snippet": { "text": "\t\treturn getCurrentLesson().getUserName(this);" } }, "contextRegion": { "startLine": 793, "endLine": 799, "snippet": { "text": "\t\n\tpublic String getUserNameInLesson() throws ParameterNotFoundException\n\t{\n\t\treturn getCurrentLesson().getUserName(this);\n\t}\n\n\tpublic void openLessonSession(AbstractLesson lesson)\n" } } }, "message": { "text": "Return" } }, "kinds": [ "return", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 16 }, "region": { "startLine": 11, "snippet": { "text": "\t\t
Welcome Back <%=webSession.getUserNameInLesson()%>
" } }, "contextRegion": { "startLine": 8, "endLine": 14, "snippet": { "text": "\tEmployee employee = (Employee) session.getAttribute(\"CrossSiteScripting.\" + CrossSiteScripting.EMPLOYEE_ATTRIBUTE_KEY);\n//\tint myUserId = getIntSessionAttribute(webSession, \"CrossSiteScripting.\" + CrossSiteScripting.USER_ID);\n%>\n\t\t
Welcome Back <%=webSession.getUserNameInLesson()%>
\n\t\t
\n\t\t\t\t\n\t\t\t\t
\n" } } }, "message": { "text": "getUserNameInLesson(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 489, "snippet": { "text": "\treturn action.getUserName(s);" } }, "contextRegion": { "startLine": 486, "endLine": 492, "snippet": { "text": " {\n\tLessonAction action = (LessonAction) lessonFunctions\n\t\t.get(getCurrentAction(s));\n\treturn action.getUserName(s);\n }\n\n\n" } } }, "message": { "text": "getUserName(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 113 }, "region": { "startLine": 489, "snippet": { "text": "\treturn action.getUserName(s);" } }, "contextRegion": { "startLine": 486, "endLine": 492, "snippet": { "text": " {\n\tLessonAction action = (LessonAction) lessonFunctions\n\t\t.get(getCurrentAction(s));\n\treturn action.getUserName(s);\n }\n\n\n" } } }, "message": { "text": "Return" } }, "kinds": [ "return", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 70 }, "region": { "startLine": 82, "snippet": { "text": "\t Input input = new Input(Input.TEXT, ACCT_NUM, accountNumber" } }, "contextRegion": { "startLine": 79, "endLine": 85, "snippet": { "text": "\n\t String accountNumber = s.getParser().getRawParameter(ACCT_NUM,\n\t\t \"101\");\n\t Input input = new Input(Input.TEXT, ACCT_NUM, accountNumber\n\t\t .toString());\n\t ec.addElement(input);\n\n" } } }, "message": { "text": "toString(this : return)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 57 }, "region": { "startLine": 398, "snippet": { "text": "\treturn action.getUserName(s);" } }, "contextRegion": { "startLine": 395, "endLine": 401, "snippet": { "text": " {\n\tLessonAction action = (LessonAction) lessonFunctions\n\t\t.get(getCurrentAction(s));\n\treturn action.getUserName(s);\n }\n\n\n" } } }, "message": { "text": "getUserName(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 57 }, "region": { "startLine": 398, "snippet": { "text": "\treturn action.getUserName(s);" } }, "contextRegion": { "startLine": 395, "endLine": 401, "snippet": { "text": " {\n\tLessonAction action = (LessonAction) lessonFunctions\n\t\t.get(getCurrentAction(s));\n\treturn action.getUserName(s);\n }\n\n\n" } } }, "message": { "text": "Return" } }, "kinds": [ "return", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 93 }, "region": { "startLine": 69, "snippet": { "text": "\t String pattern = s.getParser().getRawParameter(" } }, "contextRegion": { "startLine": 66, "endLine": 72, "snippet": { "text": "\t int userId = getIntSessionAttribute(s, getLessonName() + \".\"\n\t\t + RoleBasedAccessControl.USER_ID);\n\n\t String pattern = s.getParser().getRawParameter(\n\t\t RoleBasedAccessControl.SEARCHNAME);\n\n\t findEmployeeProfile(s, userId, pattern);\n" } } }, "message": { "text": "getRawParameter(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 93 }, "region": { "startLine": 69, "snippet": { "text": "\t String pattern = s.getParser().getRawParameter(" } }, "contextRegion": { "startLine": 66, "endLine": 72, "snippet": { "text": "\t int userId = getIntSessionAttribute(s, getLessonName() + \".\"\n\t\t + RoleBasedAccessControl.USER_ID);\n\n\t String pattern = s.getParser().getRawParameter(\n\t\t RoleBasedAccessControl.SEARCHNAME);\n\n\t findEmployeeProfile(s, userId, pattern);\n" } } }, "message": { "text": "Assignment to pattern" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 93 }, "region": { "startLine": 72, "snippet": { "text": "\t findEmployeeProfile(s, userId, pattern);" } }, "contextRegion": { "startLine": 69, "endLine": 75, "snippet": { "text": "\t String pattern = s.getParser().getRawParameter(\n\t\t RoleBasedAccessControl.SEARCHNAME);\n\n\t findEmployeeProfile(s, userId, pattern);\n\n\t // Execute the chained Action if the employee was found.\n\t if (foundEmployee(s))\n" } } }, "message": { "text": "findEmployeeProfile(2)" } }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 119 }, "region": { "startLine": 8, "snippet": { "text": "\t
Welcome Back <%=webSession.getUserNameInLesson()%> - Staff Listing Page
" } }, "contextRegion": { "startLine": 5, "endLine": 11, "snippet": { "text": "\tWebSession webSession = ((WebSession)session.getAttribute(\"websession\"));\n\tint myUserId = webSession.getUserIdInLesson();\n%>\n\t
Welcome Back <%=webSession.getUserNameInLesson()%> - Staff Listing Page
\n\t\t
\n\t\t
\n\t\t
\n" } } }, "message": { "text": "getUserNameInLesson(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 75 }, "region": { "startLine": 900, "snippet": { "text": "\t el = new StringElement(readFromFile(s.getRequest().getReader()," } }, "contextRegion": { "startLine": 897, "endLine": 903, "snippet": { "text": "\n\ttry\n\t{\n\t el = new StringElement(readFromFile(s.getRequest().getReader(),\n\t\t false));\n\t}\n\tcatch (Exception e)\n" } } }, "message": { "text": "getReader(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 75 }, "region": { "startLine": 900, "snippet": { "text": "\t el = new StringElement(readFromFile(s.getRequest().getReader()," } }, "contextRegion": { "startLine": 897, "endLine": 903, "snippet": { "text": "\n\ttry\n\t{\n\t el = new StringElement(readFromFile(s.getRequest().getReader(),\n\t\t false));\n\t}\n\tcatch (Exception e)\n" } } }, "message": { "text": "readFromFile(0 : return)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 75 }, "region": { "startLine": 443, "snippet": { "text": "\treturn (getFileText(reader, numbers));" } }, "contextRegion": { "startLine": 440, "endLine": 446, "snippet": { "text": " */\n public static String readFromFile(BufferedReader reader, boolean numbers)\n {\n\treturn (getFileText(reader, numbers));\n }\n\n\n" } } }, "message": { "text": "getFileText(0 : return)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 75 }, "region": { "startLine": 465, "snippet": { "text": "\t while ((line = reader.readLine()) != null)" } }, "contextRegion": { "startLine": 462, "endLine": 468, "snippet": { "text": "\t{\n\t String line;\n\n\t while ((line = reader.readLine()) != null)\n\t {\n\t\tif (numbers)\n\t\t{\n" } } }, "message": { "text": "readLine(this : return)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 75 }, "region": { "startLine": 465, "snippet": { "text": "\t while ((line = reader.readLine()) != null)" } }, "contextRegion": { "startLine": 462, "endLine": 468, "snippet": { "text": "\t{\n\t String line;\n\n\t while ((line = reader.readLine()) != null)\n\t {\n\t\tif (numbers)\n\t\t{\n" } } }, "message": { "text": "Assignment to line" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 75 }, "region": { "startLine": 471, "snippet": { "text": "\t\tsb.append(line + System.getProperty(\"line.separator\"));" } }, "contextRegion": { "startLine": 468, "endLine": 474, "snippet": { "text": "\t\t{\n\t\t sb.append(pad(++count) + \" \");\n\t\t}\n\t\tsb.append(line + System.getProperty(\"line.separator\"));\n\t }\n\n\t reader.close();\n" } } }, "message": { "text": "append(0 : this)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 75 }, "region": { "startLine": 482, "snippet": { "text": "\treturn (sb.toString());" } }, "contextRegion": { "startLine": 479, "endLine": 485, "snippet": { "text": "\t e.printStackTrace();\n\t}\n\n\treturn (sb.toString());\n }\n\n\n" } } }, "message": { "text": "toString(this : return)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 75 }, "region": { "startLine": 482, "snippet": { "text": "\treturn (sb.toString());" } }, "contextRegion": { "startLine": 479, "endLine": 485, "snippet": { "text": "\t e.printStackTrace();\n\t}\n\n\treturn (sb.toString());\n }\n\n\n" } } }, "message": { "text": "Return" } }, "kinds": [ "return", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 75 }, "region": { "startLine": 443, "snippet": { "text": "\treturn (getFileText(reader, numbers));" } }, "contextRegion": { "startLine": 440, "endLine": 446, "snippet": { "text": " */\n public static String readFromFile(BufferedReader reader, boolean numbers)\n {\n\treturn (getFileText(reader, numbers));\n }\n\n\n" } } }, "message": { "text": "Return" } }, "kinds": [ "return", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 75 }, "region": { "startLine": 900, "snippet": { "text": "\t el = new StringElement(readFromFile(s.getRequest().getReader()," } }, "contextRegion": { "startLine": 897, "endLine": 903, "snippet": { "text": "\n\ttry\n\t{\n\t el = new StringElement(readFromFile(s.getRequest().getReader(),\n\t\t false));\n\t}\n\tcatch (Exception e)\n" } } }, "message": { "text": "StringElement(0 : this)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 75 }, "region": { "startLine": 900, "snippet": { "text": "\t el = new StringElement(readFromFile(s.getRequest().getReader()," } }, "contextRegion": { "startLine": 897, "endLine": 903, "snippet": { "text": "\n\ttry\n\t{\n\t el = new StringElement(readFromFile(s.getRequest().getReader(),\n\t\t false));\n\t}\n\tcatch (Exception e)\n" } } }, "message": { "text": "Assignment to el" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 75 }, "region": { "startLine": 910, "snippet": { "text": "\tec.addElement(el);" } }, "contextRegion": { "startLine": 907, "endLine": 913, "snippet": { "text": "\n\tElementContainer ec = new ElementContainer();\n\tec.addElement(new B(\"HTTP Request\"));\n\tec.addElement(el);\n\n\tTable t = new Table().setCellSpacing(0).setCellPadding(0).setBorder(0);\n\n" } } }, "message": { "text": "addElement(0 : this)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 18 }, "region": { "startLine": 149, "snippet": { "text": "\t password = s.getParser().getRawParameter(PASSWORD, null);" } }, "contextRegion": { "startLine": 146, "endLine": 152, "snippet": { "text": "\t{\n\t ec.addElement(makeInputLine(s));\n\n\t password = s.getParser().getRawParameter(PASSWORD, null);\n\n\t PRE pre = new PRE();\n\t String xml = template1;\n" } } }, "message": { "text": "Read org.owasp.webgoat.lessons.WsSAXInjection.PASSWORD" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 18 }, "region": { "startLine": 149, "snippet": { "text": "\t password = s.getParser().getRawParameter(PASSWORD, null);" } }, "contextRegion": { "startLine": 146, "endLine": 152, "snippet": { "text": "\t{\n\t ec.addElement(makeInputLine(s));\n\n\t password = s.getParser().getRawParameter(PASSWORD, null);\n\n\t PRE pre = new PRE();\n\t String xml = template1;\n" } } }, "message": { "text": "getRawParameter(0)" } }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 42 }, "region": { "startLine": 8, "snippet": { "text": "\t\t
Welcome Back <%=webSession.getUserNameInLesson()%>
" } }, "contextRegion": { "startLine": 5, "endLine": 11, "snippet": { "text": "\tWebSession webSession = ((WebSession)session.getAttribute(\"websession\"));\n\tEmployee employee = (Employee) session.getAttribute(\"CrossSiteScripting.Employee\");\n%>\n\t\t
Welcome Back <%=webSession.getUserNameInLesson()%>
\n\t\t
\n\t\t\t
\">\n\t\t\t\t\n" } } }, "message": { "text": "getUserNameInLesson(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 135 }, "region": { "startLine": 98, "snippet": { "text": "\t\tString lineSep = System.getProperty(\"line.separator\");" } }, "contextRegion": { "startLine": 95, "endLine": 101, "snippet": { "text": "\t if (lang.length() != 0 && fromRedirect.length() != 0)\n\t {\n\t\t//Split by the line separator line.separator is platform independant\n\t\tString lineSep = System.getProperty(\"line.separator\");\n\t\tString[] arrTokens = lang.toString().toUpperCase().split(\n\t\t\tlineSep);\n\n" } } }, "message": { "text": "getProperty(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 135 }, "region": { "startLine": 98, "snippet": { "text": "\t\tString lineSep = System.getProperty(\"line.separator\");" } }, "contextRegion": { "startLine": 95, "endLine": 101, "snippet": { "text": "\t if (lang.length() != 0 && fromRedirect.length() != 0)\n\t {\n\t\t//Split by the line separator line.separator is platform independant\n\t\tString lineSep = System.getProperty(\"line.separator\");\n\t\tString[] arrTokens = lang.toString().toUpperCase().split(\n\t\t\tlineSep);\n\n" } } }, "message": { "text": "Assignment to lineSep" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 66 }, "region": { "startLine": 67, "snippet": { "text": "\t\temployeeId = s.getParser().getIntParameter(" } }, "contextRegion": { "startLine": 64, "endLine": 70, "snippet": { "text": "\t try\n\t {\n\t\t// User selected employee\n\t\temployeeId = s.getParser().getIntParameter(\n\t\t\tRoleBasedAccessControl.EMPLOYEE_ID);\n\t }\n\t catch (ParameterNotFoundException e)\n" } } }, "message": { "text": "getIntParameter(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 66 }, "region": { "startLine": 67, "snippet": { "text": "\t\temployeeId = s.getParser().getIntParameter(" } }, "contextRegion": { "startLine": 64, "endLine": 70, "snippet": { "text": "\t try\n\t {\n\t\t// User selected employee\n\t\temployeeId = s.getParser().getIntParameter(\n\t\t\tRoleBasedAccessControl.EMPLOYEE_ID);\n\t }\n\t catch (ParameterNotFoundException e)\n" } } }, "message": { "text": "Assignment to employeeId" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 66 }, "region": { "startLine": 67, "snippet": { "text": "\t\temployeeId = s.getParser().getIntParameter(" } }, "contextRegion": { "startLine": 64, "endLine": 70, "snippet": { "text": "\t try\n\t {\n\t\t// User selected employee\n\t\temployeeId = s.getParser().getIntParameter(\n\t\t\tRoleBasedAccessControl.EMPLOYEE_ID);\n\t }\n\t catch (ParameterNotFoundException e)\n" } } }, "message": { "text": "Taint change on employeeId" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 66 }, "region": { "startLine": 77, "snippet": { "text": "\t Employee employee = getEmployeeProfile(s, userId, employeeId);" } }, "contextRegion": { "startLine": 74, "endLine": 80, "snippet": { "text": "\t\t\t+ RoleBasedAccessControl.EMPLOYEE_ID);\n\t }\n\n\t Employee employee = getEmployeeProfile(s, userId, employeeId);\n\t setSessionAttribute(s, getLessonName() + \".\"\n\t\t + RoleBasedAccessControl.EMPLOYEE_ATTRIBUTE_KEY, employee);\n\t}\n" } } }, "message": { "text": "getEmployeeProfile(2)" } }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 66 }, "region": { "startLine": 124, "endLine": 125, "snippet": { "text": "\t String query = \"SELECT * FROM employee WHERE userid = \"\r\n\t\t + subjectUserId;" } }, "contextRegion": { "startLine": 121, "endLine": 128, "snippet": { "text": "\t// Query the database for the profile data of the given employee\n\ttry\n\t{\n\t String query = \"SELECT * FROM employee WHERE userid = \"\n\t\t + subjectUserId;\n\n\t try\n\t {\n" } } }, "message": { "text": "Assignment to query" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 46 }, "region": { "startLine": 275, "snippet": { "text": "\t\tdatabaseDriver = servlet.getInitParameter( DATABASE_DRIVER );" } }, "contextRegion": { "startLine": 272, "endLine": 278, "snippet": { "text": "\t\tshowRequest = \"true\".equals( servlet.getInitParameter( SHOWREQUEST ) );\n\t\tisDebug = \"true\".equals( servlet.getInitParameter( DEBUG ) );\n\t\tdatabaseConnectionString = servlet.getInitParameter( DATABASE_CONNECTION_STRING );\n\t\tdatabaseDriver = servlet.getInitParameter( DATABASE_DRIVER );\n\t\tservletName = servlet.getServletName();\n\t\tthis.context = context;\n\t\tcourse = new Course();\n" } } }, "message": { "text": "getInitParameter(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 46 }, "region": { "startLine": 275, "snippet": { "text": "\t\tdatabaseDriver = servlet.getInitParameter( DATABASE_DRIVER );" } }, "contextRegion": { "startLine": 272, "endLine": 278, "snippet": { "text": "\t\tshowRequest = \"true\".equals( servlet.getInitParameter( SHOWREQUEST ) );\n\t\tisDebug = \"true\".equals( servlet.getInitParameter( DEBUG ) );\n\t\tdatabaseConnectionString = servlet.getInitParameter( DATABASE_CONNECTION_STRING );\n\t\tdatabaseDriver = servlet.getInitParameter( DATABASE_DRIVER );\n\t\tservletName = servlet.getServletName();\n\t\tthis.context = context;\n\t\tcourse = new Course();\n" } } }, "message": { "text": "Assignment to this.databaseDriver" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 494, "snippet": { "text": "\t session = new WebSession(this, context);" } }, "contextRegion": { "startLine": 491, "endLine": 497, "snippet": { "text": "\t{\n\t // Create new custom session and save it in the HTTP session\n\t // System.out.println( \"HH Creating new WebSession: \" );\n\t session = new WebSession(this, context);\n\t hs.setAttribute(WebSession.SESSION, session);\n\t // reset timeout\n\t hs.setMaxInactiveInterval(sessionTimeoutSeconds);\n" } } }, "message": { "text": "WebSession(this.databaseDriver)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 95, "snippet": { "text": "\t\tthis.changeEmployeeProfile(s, userId, subjectId, employee);" } }, "contextRegion": { "startLine": 92, "endLine": 98, "snippet": { "text": "\n\t if (subjectId > 0)\n\t {\n\t\tthis.changeEmployeeProfile(s, userId, subjectId, employee);\n\t\tsetRequestAttribute(s, getLessonName() + \".\"\n\t\t\t+ CrossSiteScripting.EMPLOYEE_ID, Integer\n\t\t\t.toString(subjectId));\n" } } }, "message": { "text": "changeEmployeeProfile(3.ccnLimit)" } }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 235, "snippet": { "text": "\t\t + employee.getCcnLimit()" } }, "contextRegion": { "startLine": 232, "endLine": 238, "snippet": { "text": "\t\t + \"', ccn = '\"\n\t\t + employee.getCcn()\n\t\t + \"', ccn_limit = \"\n\t\t + employee.getCcnLimit()\n\t\t +\n\t\t //\t\"', disciplined_date = '\" + employee.getDisciplinaryActionDate() +\n\t\t //\t\"', disciplined_notes = '\" + employee.getDisciplinaryActionNotes() +\n" } } }, "message": { "text": "getCcnLimit(this.ccnLimit : return)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 45 }, "region": { "startLine": 88, "snippet": { "text": "\t username = s.getParser().getRawParameter(USERNAME);" } }, "contextRegion": { "startLine": 85, "endLine": 91, "snippet": { "text": "\t{\n\t String username = \"\";\n\t String password = \"\";\n\t username = s.getParser().getRawParameter(USERNAME);\n\t password = s.getParser().getRawParameter(PASSWORD);\n\n\t // don;t allow user name from other lessons. it would be too simple.\n" } } }, "message": { "text": "getRawParameter(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 45 }, "region": { "startLine": 88, "snippet": { "text": "\t username = s.getParser().getRawParameter(USERNAME);" } }, "contextRegion": { "startLine": 85, "endLine": 91, "snippet": { "text": "\t{\n\t String username = \"\";\n\t String password = \"\";\n\t username = s.getParser().getRawParameter(USERNAME);\n\t password = s.getParser().getRawParameter(PASSWORD);\n\n\t // don;t allow user name from other lessons. it would be too simple.\n" } } }, "message": { "text": "Assignment to username" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 45 }, "region": { "startLine": 129, "endLine": 132, "snippet": { "text": "\t\t\t String insertData1 = \"INSERT INTO user_login VALUES ( '\"\r\n\t\t\t\t + username\r\n\t\t\t\t + \"', '\"\r\n\t\t\t\t + s.getUserName()" } }, "contextRegion": { "startLine": 126, "endLine": 135, "snippet": { "text": "\t\t\tif (results.getString(2).equals(username)\n\t\t\t\t&& results.getString(3).equals(password))\n\t\t\t{\n\t\t\t String insertData1 = \"INSERT INTO user_login VALUES ( '\"\n\t\t\t\t + username\n\t\t\t\t + \"', '\"\n\t\t\t\t + s.getUserName()\n\t\t\t\t + \"' )\";\n\t\t\t statement.executeUpdate(insertData1);\n\t\t\t}\n" } } }, "message": { "text": "Assignment to insertData1" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 135, "snippet": { "text": "\t mySession = updateSession(request, response, context);" } }, "contextRegion": { "startLine": 132, "endLine": 138, "snippet": { "text": "\n\t // FIXME: If a response is written by updateSession(), do not\n\t // call makeScreen() and writeScreen()\n\t mySession = updateSession(request, response, context);\n\t if (response.isCommitted())\n\t\treturn;\n\n" } } }, "message": { "text": "updateSession(return.databaseDriver)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 112 }, "region": { "startLine": 8, "snippet": { "text": "\t\t
Welcome Back <%=webSession.getUserNameInLesson()%> - Edit Profile Page
" } }, "contextRegion": { "startLine": 5, "endLine": 11, "snippet": { "text": "\tWebSession webSession = ((WebSession)session.getAttribute(\"websession\"));\n\tEmployee employee = (Employee) session.getAttribute(\"RoleBasedAccessControl.Employee\");\n%>\n\t\t
Welcome Back <%=webSession.getUserNameInLesson()%> - Edit Profile Page
\n\t\t
\n\t\t\t\">\n
\n" } } }, "message": { "text": "getUserNameInLesson(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 75 }, "region": { "startLine": 1044, "snippet": { "text": "\t System.out.println(e);" } }, "contextRegion": { "startLine": 1041, "endLine": 1047, "snippet": { "text": "\t}\n\tcatch (Exception e)\n\t{\n\t System.out.println(e);\n\t e.printStackTrace();\n\t}\n\n" } } }, "message": { "text": "Read e" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 201, "snippet": { "text": "\t\t\tSystem.getProperty(\"line.separator\"), \"
\")" } }, "contextRegion": { "startLine": 198, "endLine": 204, "snippet": { "text": "\t\tec.addElement(new BR());\n\t\tec.addElement(new HR().setWidth(\"90%\"));\n\t\tec.addElement(new StringElement(fileData.replaceAll(\n\t\t\tSystem.getProperty(\"line.separator\"), \"
\")\n\t\t\t.replaceAll(\"(?s)\", \"\").replaceAll(\n\t\t\t\t\"

\", \"
\").replaceAll(\"
\\\\s
\",\n\t\t\t\t\"
\")));\n" } } }, "message": { "text": "getProperty(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 5 }, "region": { "startLine": 142, "snippet": { "text": "\t String password = s.getParser().getRawParameter(PASSWORD, \"\");" } }, "contextRegion": { "startLine": 139, "endLine": 145, "snippet": { "text": "\t\treturn ec;\n\t }\n\n\t String password = s.getParser().getRawParameter(PASSWORD, \"\");\n\t if (password == null || password.length() == 0)\n\t {\n\t\tec.addElement(new P().addElement(new StringElement(\n" } } }, "message": { "text": "Read org.owasp.webgoat.lessons.XPATHInjection.PASSWORD" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 5 }, "region": { "startLine": 142, "snippet": { "text": "\t String password = s.getParser().getRawParameter(PASSWORD, \"\");" } }, "contextRegion": { "startLine": 139, "endLine": 145, "snippet": { "text": "\t\treturn ec;\n\t }\n\n\t String password = s.getParser().getRawParameter(PASSWORD, \"\");\n\t if (password == null || password.length() == 0)\n\t {\n\t\tec.addElement(new P().addElement(new StringElement(\n" } } }, "message": { "text": "getRawParameter(0)" } }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 74, "endLine": 75, "snippet": { "text": "\t int subjectId = s.getParser().getIntParameter(\r\n\t\t CrossSiteScripting.EMPLOYEE_ID, 0);" } }, "contextRegion": { "startLine": 71, "endLine": 78, "snippet": { "text": "\t int userId = getIntSessionAttribute(s, getLessonName() + \".\"\n\t\t + CrossSiteScripting.USER_ID);\n\n\t int subjectId = s.getParser().getIntParameter(\n\t\t CrossSiteScripting.EMPLOYEE_ID, 0);\n\n\t Employee employee = null;\n\t try\n" } } }, "message": { "text": "getIntParameter(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 74, "endLine": 75, "snippet": { "text": "\t int subjectId = s.getParser().getIntParameter(\r\n\t\t CrossSiteScripting.EMPLOYEE_ID, 0);" } }, "contextRegion": { "startLine": 71, "endLine": 78, "snippet": { "text": "\t int userId = getIntSessionAttribute(s, getLessonName() + \".\"\n\t\t + CrossSiteScripting.USER_ID);\n\n\t int subjectId = s.getParser().getIntParameter(\n\t\t CrossSiteScripting.EMPLOYEE_ID, 0);\n\n\t Employee employee = null;\n\t try\n" } } }, "message": { "text": "Assignment to subjectId" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 74, "snippet": { "text": "\t int subjectId = s.getParser().getIntParameter(" } }, "contextRegion": { "startLine": 71, "endLine": 77, "snippet": { "text": "\t int userId = getIntSessionAttribute(s, getLessonName() + \".\"\n\t\t + CrossSiteScripting.USER_ID);\n\n\t int subjectId = s.getParser().getIntParameter(\n\t\t CrossSiteScripting.EMPLOYEE_ID, 0);\n\n\t Employee employee = null;\n" } } }, "message": { "text": "Taint change on subjectId" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 95, "snippet": { "text": "\t\tthis.changeEmployeeProfile(s, userId, subjectId, employee);" } }, "contextRegion": { "startLine": 92, "endLine": 98, "snippet": { "text": "\n\t if (subjectId > 0)\n\t {\n\t\tthis.changeEmployeeProfile(s, userId, subjectId, employee);\n\t\tsetRequestAttribute(s, getLessonName() + \".\"\n\t\t\t+ CrossSiteScripting.EMPLOYEE_ID, Integer\n\t\t\t.toString(subjectId));\n" } } }, "message": { "text": "changeEmployeeProfile(2)" } }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 137 }, "region": { "startLine": 123, "snippet": { "text": "\t\t\t .getStringParameter(\"QTY1\", \"1\")))" } }, "contextRegion": { "startLine": 120, "endLine": 126, "snippet": { "text": "\t tr.addElement(new TD().addElement(\"69.99\").setAlign(\"right\"));\n\t tr.addElement(new TD().addElement(\n\t\t new Input(Input.TEXT, \"QTY1\", s.getParser()\n\t\t\t .getStringParameter(\"QTY1\", \"1\")))\n\t\t .setAlign(\"right\"));\n\t quantity = s.getParser().getFloatParameter(\"QTY1\", 1.0f);\n\t total = quantity * 69.99f;\n" } } }, "message": { "text": "getStringParameter(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 110 }, "region": { "startLine": 95, "snippet": { "text": "\t String userInput = s.getParser().getRawParameter(USERNAME, \"\");" } }, "contextRegion": { "startLine": 92, "endLine": 98, "snippet": { "text": "\n\ttry\n\t{\n\t String userInput = s.getParser().getRawParameter(USERNAME, \"\");\n\t if (!userInput.equals(\"\"))\n\t {\n\t\tuserInput = SELECT_ST + userInput;\n" } } }, "message": { "text": "getRawParameter(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 110 }, "region": { "startLine": 95, "snippet": { "text": "\t String userInput = s.getParser().getRawParameter(USERNAME, \"\");" } }, "contextRegion": { "startLine": 92, "endLine": 98, "snippet": { "text": "\n\ttry\n\t{\n\t String userInput = s.getParser().getRawParameter(USERNAME, \"\");\n\t if (!userInput.equals(\"\"))\n\t {\n\t\tuserInput = SELECT_ST + userInput;\n" } } }, "message": { "text": "Assignment to userInput" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 110 }, "region": { "startLine": 98, "snippet": { "text": "\t\tuserInput = SELECT_ST + userInput;" } }, "contextRegion": { "startLine": 95, "endLine": 101, "snippet": { "text": "\t String userInput = s.getParser().getRawParameter(USERNAME, \"\");\n\t if (!userInput.equals(\"\"))\n\t {\n\t\tuserInput = SELECT_ST + userInput;\n\t\tString[] arrSQL = userInput.split(\";\");\n\t\tConnection conn = getConnection(s);\n\t\tStatement statement = conn.createStatement(\n" } } }, "message": { "text": "Assignment to userInput" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 110 }, "region": { "startLine": 99, "snippet": { "text": "\t\tString[] arrSQL = userInput.split(\";\");" } }, "contextRegion": { "startLine": 96, "endLine": 102, "snippet": { "text": "\t if (!userInput.equals(\"\"))\n\t {\n\t\tuserInput = SELECT_ST + userInput;\n\t\tString[] arrSQL = userInput.split(\";\");\n\t\tConnection conn = getConnection(s);\n\t\tStatement statement = conn.createStatement(\n\t\t\tResultSet.TYPE_SCROLL_INSENSITIVE,\n" } } }, "message": { "text": "split(this : return[])" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 110 }, "region": { "startLine": 99, "snippet": { "text": "\t\tString[] arrSQL = userInput.split(\";\");" } }, "contextRegion": { "startLine": 96, "endLine": 102, "snippet": { "text": "\t if (!userInput.equals(\"\"))\n\t {\n\t\tuserInput = SELECT_ST + userInput;\n\t\tString[] arrSQL = userInput.split(\";\");\n\t\tConnection conn = getConnection(s);\n\t\tStatement statement = conn.createStatement(\n\t\t\tResultSet.TYPE_SCROLL_INSENSITIVE,\n" } } }, "message": { "text": "Assignment to arrSQL" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 112 }, "region": { "startLine": 66, "snippet": { "text": "\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getCcn()%>\"/>" } }, "contextRegion": { "startLine": 63, "endLine": 69, "snippet": { "text": "\t\t\t\t\t\tCredit Card: \n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t
\n\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getCcn()%>\"/>\n\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\tCredit Card Limit: \n" } } }, "message": { "text": "getCcn(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 65 }, "region": { "startLine": 299, "snippet": { "text": "\t ResultSet results = statement.executeQuery(query);" } }, "contextRegion": { "startLine": 296, "endLine": 302, "snippet": { "text": "\t Statement statement = connection.createStatement(\n\t\t ResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t ResultSet.CONCUR_READ_ONLY);\n\t ResultSet results = statement.executeQuery(query);\n\n\t if ((results != null) && (results.first() == true))\n\t {\n" } } }, "message": { "text": "executeQuery(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 65 }, "region": { "startLine": 299, "snippet": { "text": "\t ResultSet results = statement.executeQuery(query);" } }, "contextRegion": { "startLine": 296, "endLine": 302, "snippet": { "text": "\t Statement statement = connection.createStatement(\n\t\t ResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t ResultSet.CONCUR_READ_ONLY);\n\t ResultSet results = statement.executeQuery(query);\n\n\t if ((results != null) && (results.first() == true))\n\t {\n" } } }, "message": { "text": "Assignment to results" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 65 }, "region": { "startLine": 308, "snippet": { "text": "\t\t String name = results.getString(\"name\");" } }, "contextRegion": { "startLine": 305, "endLine": 311, "snippet": { "text": "\t\twhile (results.next())\n\t\t{\n\t\t String station = results.getString(\"station\");\n\t\t String name = results.getString(\"name\");\n\n\t\t //\n\t\t if (!station.equals(\"10001\") && !station.equals(\"11001\"))\n" } } }, "message": { "text": "getString(this : return)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 65 }, "region": { "startLine": 308, "snippet": { "text": "\t\t String name = results.getString(\"name\");" } }, "contextRegion": { "startLine": 305, "endLine": 311, "snippet": { "text": "\t\twhile (results.next())\n\t\t{\n\t\t String station = results.getString(\"station\");\n\t\t String name = results.getString(\"name\");\n\n\t\t //\n\t\t if (!station.equals(\"10001\") && !station.equals(\"11001\"))\n" } } }, "message": { "text": "Assignment to name" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 65 }, "region": { "startLine": 313, "snippet": { "text": "\t\t\tstations.put(station, name);" } }, "contextRegion": { "startLine": 310, "endLine": 316, "snippet": { "text": "\t\t //\n\t\t if (!station.equals(\"10001\") && !station.equals(\"11001\"))\n\t\t {\n\t\t\tstations.put(station, name);\n\t\t }\n\t\t //\n\t\t}\n" } } }, "message": { "text": "put(1 : this['?'])" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 65 }, "region": { "startLine": 326, "snippet": { "text": "\treturn stations;" } }, "contextRegion": { "startLine": 323, "endLine": 329, "snippet": { "text": "\t sqle.printStackTrace();\n\t}\n\n\treturn stations;\n }\n\n\n" } } }, "message": { "text": "Return stations" } }, "kinds": [ "return", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 65 }, "region": { "startLine": 258, "snippet": { "text": "\tMap stations = getStations(s);" } }, "contextRegion": { "startLine": 255, "endLine": 261, "snippet": { "text": "\t\t.addElement(new P()\n\t\t\t.addElement(\"Select your local weather station: \"));\n\n\tMap stations = getStations(s);\n\tSelect select = new Select(STATION_ID);\n\tIterator it = stations.keySet().iterator();\n\twhile (it.hasNext())\n" } } }, "message": { "text": "getStations(return['?'])" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 65 }, "region": { "startLine": 258, "snippet": { "text": "\tMap stations = getStations(s);" } }, "contextRegion": { "startLine": 255, "endLine": 261, "snippet": { "text": "\t\t.addElement(new P()\n\t\t\t.addElement(\"Select your local weather station: \"));\n\n\tMap stations = getStations(s);\n\tSelect select = new Select(STATION_ID);\n\tIterator it = stations.keySet().iterator();\n\twhile (it.hasNext())\n" } } }, "message": { "text": "Assignment to stations" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 65 }, "region": { "startLine": 264, "snippet": { "text": "\t select.addElement(new Option(key).addElement((String) stations" } }, "contextRegion": { "startLine": 261, "endLine": 267, "snippet": { "text": "\twhile (it.hasNext())\n\t{\n\t String key = (String) it.next();\n\t select.addElement(new Option(key).addElement((String) stations\n\t\t .get(key)));\n\t}\n\tec.addElement(select);\n" } } }, "message": { "text": "get(this['?'] : return)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 79 }, "region": { "startLine": 67, "snippet": { "text": "\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getCcn()%>\"/>" } }, "contextRegion": { "startLine": 64, "endLine": 70, "snippet": { "text": "\t\t\t\t\t\tCredit Card: \n\t\t\t\t\t\n\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getCcn()%>\"/>\n\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\tCredit Card Limit: \n" } } }, "message": { "text": "Read org.owasp.webgoat.lessons.SQLInjection.SQLInjection.CCN" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 110 }, "region": { "startLine": 228, "snippet": { "text": "\tString userInput = s.getParser().getRawParameter(\"username\", \"\");" } }, "contextRegion": { "startLine": 225, "endLine": 231, "snippet": { "text": "\tInput username = new Input(Input.TEXT, \"username\", \"\");\n\tec.addElement(username);\n\n\tString userInput = s.getParser().getRawParameter(\"username\", \"\");\n\n\tec.addElement(new BR());\n\tec.addElement(new BR());\n" } } }, "message": { "text": "getRawParameter(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 110 }, "region": { "startLine": 228, "snippet": { "text": "\tString userInput = s.getParser().getRawParameter(\"username\", \"\");" } }, "contextRegion": { "startLine": 225, "endLine": 231, "snippet": { "text": "\tInput username = new Input(Input.TEXT, \"username\", \"\");\n\tec.addElement(username);\n\n\tString userInput = s.getParser().getRawParameter(\"username\", \"\");\n\n\tec.addElement(new BR());\n\tec.addElement(new BR());\n" } } }, "message": { "text": "Assignment to userInput" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 110 }, "region": { "startLine": 233, "snippet": { "text": "\tString formattedInput = \"\" + userInput" } }, "contextRegion": { "startLine": 230, "endLine": 236, "snippet": { "text": "\tec.addElement(new BR());\n\tec.addElement(new BR());\n\n\tString formattedInput = \"\" + userInput\n\t\t+ \"\";\n\tec.addElement(new Div(SELECT_ST + formattedInput));\n\n" } } }, "message": { "text": "Assignment to formattedInput" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 46 }, "region": { "startLine": 1145, "snippet": { "text": "\t\treturn getRequest().getHeader( header );" } }, "contextRegion": { "startLine": 1142, "endLine": 1148, "snippet": { "text": "\t */\n\tpublic String getHeader( String header )\n\t{\n\t\treturn getRequest().getHeader( header );\n\t}\n\n\tpublic String getNextHint()\n" } } }, "message": { "text": "getHeader(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 46 }, "region": { "startLine": 1145, "snippet": { "text": "\t\treturn getRequest().getHeader( header );" } }, "contextRegion": { "startLine": 1142, "endLine": 1148, "snippet": { "text": "\t */\n\tpublic String getHeader( String header )\n\t{\n\t\treturn getRequest().getHeader( header );\n\t}\n\n\tpublic String getNextHint()\n" } } }, "message": { "text": "Return" } }, "kinds": [ "return", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 11 }, "region": { "startLine": 385, "snippet": { "text": "\t\tString browser = s.getHeader(\"user-agent\").toLowerCase();" } }, "contextRegion": { "startLine": 382, "endLine": 388, "snippet": { "text": "\tprivate String getBrowserType(WebSession s) {\n\t\tint offset = -1;\n\t\tString result = \"unknown\";\n\t\tString browser = s.getHeader(\"user-agent\").toLowerCase();\n\t\t\n\t\tif(browser != null) {\n\t\t\tif(browser.indexOf(\"firefox\") != -1) {\n" } } }, "message": { "text": "getHeader(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 11 }, "region": { "startLine": 385, "snippet": { "text": "\t\tString browser = s.getHeader(\"user-agent\").toLowerCase();" } }, "contextRegion": { "startLine": 382, "endLine": 388, "snippet": { "text": "\tprivate String getBrowserType(WebSession s) {\n\t\tint offset = -1;\n\t\tString result = \"unknown\";\n\t\tString browser = s.getHeader(\"user-agent\").toLowerCase();\n\t\t\n\t\tif(browser != null) {\n\t\t\tif(browser.indexOf(\"firefox\") != -1) {\n" } } }, "message": { "text": "toLowerCase(this : return)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 11 }, "region": { "startLine": 385, "snippet": { "text": "\t\tString browser = s.getHeader(\"user-agent\").toLowerCase();" } }, "contextRegion": { "startLine": 382, "endLine": 388, "snippet": { "text": "\tprivate String getBrowserType(WebSession s) {\n\t\tint offset = -1;\n\t\tString result = \"unknown\";\n\t\tString browser = s.getHeader(\"user-agent\").toLowerCase();\n\t\t\n\t\tif(browser != null) {\n\t\t\tif(browser.indexOf(\"firefox\") != -1) {\n" } } }, "message": { "text": "Assignment to browser" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 11 }, "region": { "startLine": 405, "snippet": { "text": "\t\t\t\tbrowser = browser.substring(browser.indexOf(\"netscape\"));" } }, "contextRegion": { "startLine": 402, "endLine": 408, "snippet": { "text": "\t\t\t} else if(browser.indexOf(\"safari\") != -1) {\n\t\t\t\tresult = \"Safari\";\n\t\t\t} else if(browser.indexOf(\"netscape\") != -1) {\n\t\t\t\tbrowser = browser.substring(browser.indexOf(\"netscape\"));\n\t\t\t\t\n\t\t\t\toffset = getOffset(browser);\n\t\t\t\t\n" } } }, "message": { "text": "substring(this : return)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 11 }, "region": { "startLine": 405, "snippet": { "text": "\t\t\t\tbrowser = browser.substring(browser.indexOf(\"netscape\"));" } }, "contextRegion": { "startLine": 402, "endLine": 408, "snippet": { "text": "\t\t\t} else if(browser.indexOf(\"safari\") != -1) {\n\t\t\t\tresult = \"Safari\";\n\t\t\t} else if(browser.indexOf(\"netscape\") != -1) {\n\t\t\t\tbrowser = browser.substring(browser.indexOf(\"netscape\"));\n\t\t\t\t\n\t\t\t\toffset = getOffset(browser);\n\t\t\t\t\n" } } }, "message": { "text": "Assignment to browser" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 11 }, "region": { "startLine": 409, "snippet": { "text": "\t\t\t\tresult = browser.substring(0, offset);" } }, "contextRegion": { "startLine": 406, "endLine": 412, "snippet": { "text": "\t\t\t\t\n\t\t\t\toffset = getOffset(browser);\n\t\t\t\t\n\t\t\t\tresult = browser.substring(0, offset);\n\t\t\t} else if(browser.indexOf(\"konqueror\") != -1) {\n\t\t\t\tresult = \"Konqueror\";\n\t\t\t} else if(browser.indexOf(\"mozilla\") != -1) {\n" } } }, "message": { "text": "substring(this : return)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 11 }, "region": { "startLine": 409, "snippet": { "text": "\t\t\t\tresult = browser.substring(0, offset);" } }, "contextRegion": { "startLine": 406, "endLine": 412, "snippet": { "text": "\t\t\t\t\n\t\t\t\toffset = getOffset(browser);\n\t\t\t\t\n\t\t\t\tresult = browser.substring(0, offset);\n\t\t\t} else if(browser.indexOf(\"konqueror\") != -1) {\n\t\t\t\tresult = \"Konqueror\";\n\t\t\t} else if(browser.indexOf(\"mozilla\") != -1) {\n" } } }, "message": { "text": "Assignment to result" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 11 }, "region": { "startLine": 417, "snippet": { "text": "\t\treturn result;" } }, "contextRegion": { "startLine": 414, "endLine": 420, "snippet": { "text": "\t\t\t}\n\t\t}\n\t\t\n\t\treturn result;\n\t}\n\t\n\tprivate int getOffset(String s) {\n" } } }, "message": { "text": "Return result" } }, "kinds": [ "return", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 11 }, "region": { "startLine": 233, "snippet": { "text": "\t\ttr.addElement(new TD(new StringElement(\"Your browser appears to be: \" + getBrowserType(s))));" } }, "contextRegion": { "startLine": 230, "endLine": 236, "snippet": { "text": "\t\t\n\t\ttr = new TR();\n\t\t\n\t\ttr.addElement(new TD(new StringElement(\"Your browser appears to be: \" + getBrowserType(s))));\n\t\tt.addElement(tr);\n\t\t\n\t\ttr = new TR();\n" } } }, "message": { "text": "getBrowserType(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 11 }, "region": { "startLine": 233, "snippet": { "text": "\t\ttr.addElement(new TD(new StringElement(\"Your browser appears to be: \" + getBrowserType(s))));" } }, "contextRegion": { "startLine": 230, "endLine": 236, "snippet": { "text": "\t\t\n\t\ttr = new TR();\n\t\t\n\t\ttr.addElement(new TD(new StringElement(\"Your browser appears to be: \" + getBrowserType(s))));\n\t\tt.addElement(tr);\n\t\t\n\t\ttr = new TR();\n" } } }, "message": { "text": "StringElement(0 : this)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 90 }, "region": { "startLine": 8, "snippet": { "text": "\t
Welcome Back <%=webSession.getUserNameInLesson()%> - Staff Listing Page
" } }, "contextRegion": { "startLine": 5, "endLine": 11, "snippet": { "text": "\tWebSession webSession = ((WebSession)session.getAttribute(\"websession\"));\n\tint myUserId = webSession.getUserIdInLesson();\n%>\n\t
Welcome Back <%=webSession.getUserNameInLesson()%> - Staff Listing Page
\n\t\t
\n\t\t
\n\t\t
\n" } } }, "message": { "text": "getUserNameInLesson(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 151, "snippet": { "text": "\tString password = s.getParser().getStringParameter(PASSWORD, \"\");" } }, "contextRegion": { "startLine": 148, "endLine": 154, "snippet": { "text": "\tsetStage(s, 1);\n\n\tString username = s.getParser().getStringParameter(USERNAME, \"\");\n\tString password = s.getParser().getStringParameter(PASSWORD, \"\");\n\n\tif (username.equals(user) && password.equals(pass))\n\t{\n" } } }, "message": { "text": "Read org.owasp.webgoat.lessons.Challenge2Screen.PASSWORD" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 151, "snippet": { "text": "\tString password = s.getParser().getStringParameter(PASSWORD, \"\");" } }, "contextRegion": { "startLine": 148, "endLine": 154, "snippet": { "text": "\tsetStage(s, 1);\n\n\tString username = s.getParser().getStringParameter(USERNAME, \"\");\n\tString password = s.getParser().getStringParameter(PASSWORD, \"\");\n\n\tif (username.equals(user) && password.equals(pass))\n\t{\n" } } }, "message": { "text": "getStringParameter(0)" } }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 55 }, "region": { "startLine": 249, "snippet": { "text": "\t t.addElement(makeLessonRow(s, user, screen));" } }, "contextRegion": { "startLine": 246, "endLine": 252, "snippet": { "text": "\t\tAbstractLesson.USER_ROLE).iterator(); lessonIter.hasNext();)\n\t{\n\t Screen screen = (Screen) lessonIter.next();\n\t t.addElement(makeLessonRow(s, user, screen));\n\t}\n\n\t// The user figured out there was a hackable admin acocunt\n" } } }, "message": { "text": "makeLessonRow(1)" } }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 55 }, "region": { "startLine": 165, "snippet": { "text": "\t\ts, user, screen);" } }, "contextRegion": { "startLine": 162, "endLine": 168, "snippet": { "text": " private TR makeLessonRow(WebSession s, String user, Screen screen)\n {\n\tLessonTracker lessonTracker = UserTracker.instance().getLessonTracker(\n\t\ts, user, screen);\n\tTR tr = new TR();\n\tif (lessonTracker.getCompleted())\n\t{\n" } } }, "message": { "text": "getLessonTracker(1)" } }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 98 }, "region": { "startLine": 188, "snippet": { "text": "\t tracker = LessonTracker.load(s, user, screen);" } }, "contextRegion": { "startLine": 185, "endLine": 191, "snippet": { "text": "\tif (tracker == null)\n\t{\n\t // Creates a new lesson tracker, if one does not exist on disk.\n\t tracker = LessonTracker.load(s, user, screen);\n\t usermap.put(screen.getTitle(), tracker);\n\t}\n\t//System.out.println( \"User: [\" + userName + \"] UserTracker:getLessonTracker() LTH \" + tracker.hashCode() + \" for \" + screen );\n" } } }, "message": { "text": "load(1)" } }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 14 }, "region": { "startLine": 233, "snippet": { "text": "\t String fileName = getTrackerFile(s, user, screen);" } }, "contextRegion": { "startLine": 230, "endLine": 236, "snippet": { "text": "\tFileInputStream in = null;\n\ttry\n\t{\n\t String fileName = getTrackerFile(s, user, screen);\n\t if (fileName != null)\n\t {\n\t\tProperties tempProps = new Properties();\n" } } }, "message": { "text": "getTrackerFile(1 : return)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 14 }, "region": { "startLine": 216, "snippet": { "text": "\treturn getUserDir(s) + user + \".\" + screen.getClass().getName()" } }, "contextRegion": { "startLine": 213, "endLine": 219, "snippet": { "text": " private static String getTrackerFile(WebSession s, String user,\n\t Screen screen)\n {\n\treturn getUserDir(s) + user + \".\" + screen.getClass().getName()\n\t\t+ \".props\";\n }\n\n" } } }, "message": { "text": "Return" } }, "kinds": [ "return", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 14 }, "region": { "startLine": 233, "snippet": { "text": "\t String fileName = getTrackerFile(s, user, screen);" } }, "contextRegion": { "startLine": 230, "endLine": 236, "snippet": { "text": "\tFileInputStream in = null;\n\ttry\n\t{\n\t String fileName = getTrackerFile(s, user, screen);\n\t if (fileName != null)\n\t {\n\t\tProperties tempProps = new Properties();\n" } } }, "message": { "text": "Assignment to fileName" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 46 }, "region": { "startLine": 596, "snippet": { "text": "\t\t\tcookies = Arrays.asList( request.getCookies() );" } }, "contextRegion": { "startLine": 593, "endLine": 599, "snippet": { "text": "\t\tList cookies = null;\n\n\t\tif ( showCookies() )\n\t\t\tcookies = Arrays.asList( request.getCookies() );\n\n\t\t/*\n\t\t * List cookies = new Vector();\n" } } }, "message": { "text": "getCookies(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 46 }, "region": { "startLine": 596, "snippet": { "text": "\t\t\tcookies = Arrays.asList( request.getCookies() );" } }, "contextRegion": { "startLine": 593, "endLine": 599, "snippet": { "text": "\t\tList cookies = null;\n\n\t\tif ( showCookies() )\n\t\t\tcookies = Arrays.asList( request.getCookies() );\n\n\t\t/*\n\t\t * List cookies = new Vector();\n" } } }, "message": { "text": "asList(0[] : return)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 46 }, "region": { "startLine": 596, "snippet": { "text": "\t\t\tcookies = Arrays.asList( request.getCookies() );" } }, "contextRegion": { "startLine": 593, "endLine": 599, "snippet": { "text": "\t\tList cookies = null;\n\n\t\tif ( showCookies() )\n\t\t\tcookies = Arrays.asList( request.getCookies() );\n\n\t\t/*\n\t\t * List cookies = new Vector();\n" } } }, "message": { "text": "Assignment to cookies" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 46 }, "region": { "startLine": 610, "snippet": { "text": "\t\treturn cookies;" } }, "contextRegion": { "startLine": 607, "endLine": 613, "snippet": { "text": "\t\t * cookie.getValue() ) ); }\n\t\t */\n\n\t\treturn cookies;\n\t}\n\n\t/**\n" } } }, "message": { "text": "Return cookies" } }, "kinds": [ "return", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 84 }, "region": { "startLine": 186, "snippet": { "text": "\t\t\t\t\tIterator i = webSession.getCookies().iterator();" } }, "contextRegion": { "startLine": 183, "endLine": 189, "snippet": { "text": "\t\t\t\t\n\t\t\t\tif (webSession.getCookies() != null)\n\t\t\t\t{\n\t\t\t\t\tIterator i = webSession.getCookies().iterator();\n\t\t\t\t\twhile (i.hasNext())\n\t\t\t\t\t{\n\t\t\t\t\t\tCookie c = (Cookie) i.next();\n" } } }, "message": { "text": "getCookies(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 84 }, "region": { "startLine": 186, "snippet": { "text": "\t\t\t\t\tIterator i = webSession.getCookies().iterator();" } }, "contextRegion": { "startLine": 183, "endLine": 189, "snippet": { "text": "\t\t\t\t\n\t\t\t\tif (webSession.getCookies() != null)\n\t\t\t\t{\n\t\t\t\t\tIterator i = webSession.getCookies().iterator();\n\t\t\t\t\twhile (i.hasNext())\n\t\t\t\t\t{\n\t\t\t\t\t\tCookie c = (Cookie) i.next();\n" } } }, "message": { "text": "iterator(this : return)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 84 }, "region": { "startLine": 186, "snippet": { "text": "\t\t\t\t\tIterator i = webSession.getCookies().iterator();" } }, "contextRegion": { "startLine": 183, "endLine": 189, "snippet": { "text": "\t\t\t\t\n\t\t\t\tif (webSession.getCookies() != null)\n\t\t\t\t{\n\t\t\t\t\tIterator i = webSession.getCookies().iterator();\n\t\t\t\t\twhile (i.hasNext())\n\t\t\t\t\t{\n\t\t\t\t\t\tCookie c = (Cookie) i.next();\n" } } }, "message": { "text": "Assignment to i" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 27 }, "region": { "startLine": 9, "snippet": { "text": "\t\t
Welcome Back <%=webSession.getUserNameInLesson()%>
" } }, "contextRegion": { "startLine": 6, "endLine": 12, "snippet": { "text": "\tEmployee employee = (Employee) session.getAttribute(\"SQLInjection.\" + SQLInjection.EMPLOYEE_ATTRIBUTE_KEY);\n//\tint myUserId = getIntSessionAttribute(webSession, \"SQLInjection.\" + SQLInjection.USER_ID);\n%>\n\t\t
Welcome Back <%=webSession.getUserNameInLesson()%>
\n\t\t
\n\t\t\t\t\n\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t
\n" } } }, "message": { "text": "getUserNameInLesson(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 84 }, "region": { "startLine": 189, "snippet": { "text": "\t\t\t\t\t\tCookie c = (Cookie) i.next();" } }, "contextRegion": { "startLine": 186, "endLine": 192, "snippet": { "text": "\t\t\t\t\tIterator i = webSession.getCookies().iterator();\n\t\t\t\t\twhile (i.hasNext())\n\t\t\t\t\t{\n\t\t\t\t\t\tCookie c = (Cookie) i.next();\n\t\t\t\t\t\tprintCookies = \"
\" + c.getName() + \" \\\"\\\" \" + c.getValue() + \"

\";\n\t\t\t\t\t\tout.println(printCookies);\n\t\t\t\t\t}\n" } } }, "message": { "text": "next(this : return)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 84 }, "region": { "startLine": 189, "snippet": { "text": "\t\t\t\t\t\tCookie c = (Cookie) i.next();" } }, "contextRegion": { "startLine": 186, "endLine": 192, "snippet": { "text": "\t\t\t\t\tIterator i = webSession.getCookies().iterator();\n\t\t\t\t\twhile (i.hasNext())\n\t\t\t\t\t{\n\t\t\t\t\t\tCookie c = (Cookie) i.next();\n\t\t\t\t\t\tprintCookies = \"
\" + c.getName() + \" \\\"\\\" \" + c.getValue() + \"

\";\n\t\t\t\t\t\tout.println(printCookies);\n\t\t\t\t\t}\n" } } }, "message": { "text": "Assignment to c" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 84 }, "region": { "startLine": 190, "snippet": { "text": "\t\t\t\t\t\tprintCookies = \"
\" + c.getName() + \" \\\"\\\" \" + c.getValue() + \"

\";" } }, "contextRegion": { "startLine": 187, "endLine": 193, "snippet": { "text": "\t\t\t\t\twhile (i.hasNext())\n\t\t\t\t\t{\n\t\t\t\t\t\tCookie c = (Cookie) i.next();\n\t\t\t\t\t\tprintCookies = \"
\" + c.getName() + \" \\\"\\\" \" + c.getValue() + \"

\";\n\t\t\t\t\t\tout.println(printCookies);\n\t\t\t\t\t}\n\t\t\t\t}%>\n" } } }, "message": { "text": "getName(this : return)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 84 }, "region": { "startLine": 190, "snippet": { "text": "\t\t\t\t\t\tprintCookies = \"
\" + c.getName() + \" \\\"\\\" \" + c.getValue() + \"

\";" } }, "contextRegion": { "startLine": 187, "endLine": 193, "snippet": { "text": "\t\t\t\t\twhile (i.hasNext())\n\t\t\t\t\t{\n\t\t\t\t\t\tCookie c = (Cookie) i.next();\n\t\t\t\t\t\tprintCookies = \"
\" + c.getName() + \" \\\"\\\" \" + c.getValue() + \"

\";\n\t\t\t\t\t\tout.println(printCookies);\n\t\t\t\t\t}\n\t\t\t\t}%>\n" } } }, "message": { "text": "Assignment to printCookies" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 62 }, "region": { "startLine": 166, "snippet": { "text": "\t\t\t .getStringParameter(\"QTY4\", \"1\")))" } }, "contextRegion": { "startLine": 163, "endLine": 169, "snippet": { "text": "\n\t tr.addElement(new TD().addElement(\n\t\t new Input(Input.TEXT, \"QTY4\", s.getParser()\n\t\t\t .getStringParameter(\"QTY4\", \"1\")))\n\t\t .setAlign(\"right\"));\n\t quantity = s.getParser().getFloatParameter(\"QTY4\", 1.0f);\n\t total = quantity * 299.99f;\n" } } }, "message": { "text": "getStringParameter(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 137, "snippet": { "text": "\tString address2 = request.getParameter(CrossSiteScripting.ADDRESS2);" } }, "contextRegion": { "startLine": 134, "endLine": 140, "snippet": { "text": "\tString title = request.getParameter(CrossSiteScripting.TITLE);\n\tString phone = request.getParameter(CrossSiteScripting.PHONE_NUMBER);\n\tString address1 = request.getParameter(CrossSiteScripting.ADDRESS1);\n\tString address2 = request.getParameter(CrossSiteScripting.ADDRESS2);\n\tint manager = Integer.parseInt(request\n\t\t.getParameter(CrossSiteScripting.MANAGER));\n\tString startDate = request.getParameter(CrossSiteScripting.START_DATE);\n" } } }, "message": { "text": "getParameter(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 137, "snippet": { "text": "\tString address2 = request.getParameter(CrossSiteScripting.ADDRESS2);" } }, "contextRegion": { "startLine": 134, "endLine": 140, "snippet": { "text": "\tString title = request.getParameter(CrossSiteScripting.TITLE);\n\tString phone = request.getParameter(CrossSiteScripting.PHONE_NUMBER);\n\tString address1 = request.getParameter(CrossSiteScripting.ADDRESS1);\n\tString address2 = request.getParameter(CrossSiteScripting.ADDRESS2);\n\tint manager = Integer.parseInt(request\n\t\t.getParameter(CrossSiteScripting.MANAGER));\n\tString startDate = request.getParameter(CrossSiteScripting.START_DATE);\n" } } }, "message": { "text": "Assignment to address2" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 154, "snippet": { "text": "\t\ttitle, phone, address1, address2, manager, startDate, salary," } }, "contextRegion": { "startLine": 151, "endLine": 157, "snippet": { "text": "\t\t.getParameter(CrossSiteScripting.DESCRIPTION);\n\n\tEmployee employee = new Employee(subjectId, firstName, lastName, ssn,\n\t\ttitle, phone, address1, address2, manager, startDate, salary,\n\t\tccn, ccnLimit, disciplinaryActionDate, disciplinaryActionNotes,\n\t\tpersonalDescription);\n\n" } } }, "message": { "text": "Employee(7 : this.address2)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 124 }, "region": { "startLine": 94, "snippet": { "text": "\tthis.address2 = address2;" } }, "contextRegion": { "startLine": 91, "endLine": 97, "snippet": { "text": "\tthis.title = title;\n\tthis.phone = phone;\n\tthis.address1 = address1;\n\tthis.address2 = address2;\n\tthis.manager = manager;\n\tthis.startDate = startDate;\n\tthis.salary = salary;\n" } } }, "message": { "text": "Assignment to this.address2" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 80, "snippet": { "text": "\t\temployee = parseEmployeeProfile(subjectId, s);" } }, "contextRegion": { "startLine": 77, "endLine": 83, "snippet": { "text": "\t Employee employee = null;\n\t try\n\t {\n\t\temployee = parseEmployeeProfile(subjectId, s);\n\t }\n\t catch (ValidationException e)\n\t {\n" } } }, "message": { "text": "parseEmployeeProfile(return.address2)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 101, "snippet": { "text": "\t\tthis.createEmployeeProfile(s, userId, employee);" } }, "contextRegion": { "startLine": 98, "endLine": 104, "snippet": { "text": "\t\t\t.toString(subjectId));\n\t }\n\t else\n\t\tthis.createEmployeeProfile(s, userId, employee);\n\n\t try\n\t {\n" } } }, "message": { "text": "createEmployeeProfile(2.address2)" } }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 326, "snippet": { "text": "\t\t + employee.getAddress2() + \"',\" + employee.getManager()" } }, "contextRegion": { "startLine": 323, "endLine": 329, "snippet": { "text": "\t\t + employee.getFirstName().toLowerCase() + \"','\"\n\t\t + employee.getTitle() + \"','\" + employee.getPhoneNumber()\n\t\t + \"','\" + employee.getAddress1() + \"','\"\n\t\t + employee.getAddress2() + \"',\" + employee.getManager()\n\t\t + \",'\" + employee.getStartDate() + \"',\"\n\t\t + employee.getSalary() + \",'\" + employee.getCcn() + \"',\"\n\t\t + employee.getCcnLimit() + \",'\"\n" } } }, "message": { "text": "getAddress2(this.address2 : return)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 124 }, "region": { "startLine": 120, "snippet": { "text": "\treturn address2;" } }, "contextRegion": { "startLine": 117, "endLine": 123, "snippet": { "text": "\n public String getAddress2()\n {\n\treturn address2;\n }\n\n\n" } } }, "message": { "text": "Return this.address2" } }, "kinds": [ "return", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 95, "snippet": { "text": "\t\tthis.changeEmployeeProfile(s, userId, subjectId, employee);" } }, "contextRegion": { "startLine": 92, "endLine": 98, "snippet": { "text": "\n\t if (subjectId > 0)\n\t {\n\t\tthis.changeEmployeeProfile(s, userId, subjectId, employee);\n\t\tsetRequestAttribute(s, getLessonName() + \".\"\n\t\t\t+ CrossSiteScripting.EMPLOYEE_ID, Integer\n\t\t\t.toString(subjectId));\n" } } }, "message": { "text": "changeEmployeeProfile(3.title)" } }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 225, "snippet": { "text": "\t\t + \"', title = '\" + employee.getTitle() + \"', phone = '\"" } }, "contextRegion": { "startLine": 222, "endLine": 228, "snippet": { "text": "\t String query = \"UPDATE employee SET first_name = '\"\n\t\t + employee.getFirstName() + \"', last_name = '\"\n\t\t + employee.getLastName() + \"', ssn = '\" + employee.getSsn()\n\t\t + \"', title = '\" + employee.getTitle() + \"', phone = '\"\n\t\t + employee.getPhoneNumber() + \"', address1 = '\"\n\t\t + employee.getAddress1() + \"', address2 = '\"\n\t\t + employee.getAddress2() + \"', manager = \"\n" } } }, "message": { "text": "getTitle(this.title : return)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 114 }, "region": { "startLine": 71, "snippet": { "text": "\t\t .getRawParameter(SQL, \"\"));" } }, "contextRegion": { "startLine": 68, "endLine": 74, "snippet": { "text": "\t ec.addElement(new StringElement(\"Enter a SQL statement: \"));\n\n\t StringBuffer sqlStatement = new StringBuffer(s.getParser()\n\t\t .getRawParameter(SQL, \"\"));\n\t Input input = new Input(Input.TEXT, SQL, sqlStatement.toString());\n\t ec.addElement(input);\n\n" } } }, "message": { "text": "getRawParameter(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 114 }, "region": { "startLine": 71, "snippet": { "text": "\t\t .getRawParameter(SQL, \"\"));" } }, "contextRegion": { "startLine": 68, "endLine": 74, "snippet": { "text": "\t ec.addElement(new StringElement(\"Enter a SQL statement: \"));\n\n\t StringBuffer sqlStatement = new StringBuffer(s.getParser()\n\t\t .getRawParameter(SQL, \"\"));\n\t Input input = new Input(Input.TEXT, SQL, sqlStatement.toString());\n\t ec.addElement(input);\n\n" } } }, "message": { "text": "StringBuffer(0 : this)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 114 }, "region": { "startLine": 70, "snippet": { "text": "\t StringBuffer sqlStatement = new StringBuffer(s.getParser()" } }, "contextRegion": { "startLine": 67, "endLine": 73, "snippet": { "text": "\t{\n\t ec.addElement(new StringElement(\"Enter a SQL statement: \"));\n\n\t StringBuffer sqlStatement = new StringBuffer(s.getParser()\n\t\t .getRawParameter(SQL, \"\"));\n\t Input input = new Input(Input.TEXT, SQL, sqlStatement.toString());\n\t ec.addElement(input);\n" } } }, "message": { "text": "Assignment to sqlStatement" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 114 }, "region": { "startLine": 89, "snippet": { "text": "\t\tResultSet results = statement.executeQuery(sqlStatement" } }, "contextRegion": { "startLine": 86, "endLine": 92, "snippet": { "text": "\t\tStatement statement = connection.createStatement(\n\t\t\tResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tResultSet results = statement.executeQuery(sqlStatement\n\t\t\t.toString());\n\n\t\tif ((results != null) && (results.first() == true))\n" } } }, "message": { "text": "toString(this : return)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 44 }, "region": { "startLine": 67, "snippet": { "text": "\t\t\t\t\t\t<%=employee.getCcn()%>" } }, "contextRegion": { "startLine": 64, "endLine": 70, "snippet": { "text": "\t\t\t\t\t\tCredit Card: \n\t\t\t\t\t		\n\t\t\t\t\t\t<%=employee.getCcn()%>\n\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\tCredit Card Limit: \n" } } }, "message": { "text": "getCcn(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 65 }, "region": { "startLine": 104, "snippet": { "text": "\t station = s.getParser().getRawParameter(STATION_ID, null);" } }, "contextRegion": { "startLine": 101, "endLine": 107, "snippet": { "text": "\n\t String query;\n\n\t station = s.getParser().getRawParameter(STATION_ID, null);\n\n\t if (station == null)\n\t {\n" } } }, "message": { "text": "getRawParameter(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 65 }, "region": { "startLine": 104, "snippet": { "text": "\t station = s.getParser().getRawParameter(STATION_ID, null);" } }, "contextRegion": { "startLine": 101, "endLine": 107, "snippet": { "text": "\n\t String query;\n\n\t station = s.getParser().getRawParameter(STATION_ID, null);\n\n\t if (station == null)\n\t {\n" } } }, "message": { "text": "Assignment to this.station" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 65 }, "region": { "startLine": 112, "snippet": { "text": "\t\tquery = \"SELECT * FROM weather_data WHERE station = \" + station;" } }, "contextRegion": { "startLine": 109, "endLine": 115, "snippet": { "text": "\t }\n\t else\n\t {\n\t\tquery = \"SELECT * FROM weather_data WHERE station = \" + station;\n\t }\n\n\t ec.addElement(new PRE(query));\n" } } }, "message": { "text": "Assignment to query" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 53 }, "region": { "startLine": 112, "snippet": { "text": "\t\tResultSet answer_results = answer_statement.executeQuery(query);" } }, "contextRegion": { "startLine": 109, "endLine": 115, "snippet": { "text": "\t\tStatement answer_statement = WebSession.getConnection(s)\n\t\t\t.createStatement(ResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tResultSet answer_results = answer_statement.executeQuery(query);\n\t\tif (answer_results.next())\n\t\t{\n\t\t // Note: Do NOT get the password field.\n" } } }, "message": { "text": "executeQuery(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 53 }, "region": { "startLine": 112, "snippet": { "text": "\t\tResultSet answer_results = answer_statement.executeQuery(query);" } }, "contextRegion": { "startLine": 109, "endLine": 115, "snippet": { "text": "\t\tStatement answer_statement = WebSession.getConnection(s)\n\t\t\t.createStatement(ResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tResultSet answer_results = answer_statement.executeQuery(query);\n\t\tif (answer_results.next())\n\t\t{\n\t\t // Note: Do NOT get the password field.\n" } } }, "message": { "text": "Assignment to answer_results" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 53 }, "region": { "startLine": 117, "snippet": { "text": "\t\t\t answer_results.getString(\"first_name\")," } }, "contextRegion": { "startLine": 114, "endLine": 120, "snippet": { "text": "\t\t{\n\t\t // Note: Do NOT get the password field.\n\t\t profile = new Employee(answer_results.getInt(\"userid\"),\n\t\t\t answer_results.getString(\"first_name\"),\n\t\t\t answer_results.getString(\"last_name\"),\n\t\t\t answer_results.getString(\"ssn\"), answer_results\n\t\t\t\t .getString(\"title\"), answer_results\n" } } }, "message": { "text": "getString(this : return)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 53 }, "region": { "startLine": 117, "snippet": { "text": "\t\t\t answer_results.getString(\"first_name\")," } }, "contextRegion": { "startLine": 114, "endLine": 120, "snippet": { "text": "\t\t{\n\t\t // Note: Do NOT get the password field.\n\t\t profile = new Employee(answer_results.getInt(\"userid\"),\n\t\t\t answer_results.getString(\"first_name\"),\n\t\t\t answer_results.getString(\"last_name\"),\n\t\t\t answer_results.getString(\"ssn\"), answer_results\n\t\t\t\t .getString(\"title\"), answer_results\n" } } }, "message": { "text": "Employee(1 : this.firstName)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 53 }, "region": { "startLine": 116, "snippet": { "text": "\t\t profile = new Employee(answer_results.getInt(\"userid\")," } }, "contextRegion": { "startLine": 113, "endLine": 119, "snippet": { "text": "\t\tif (answer_results.next())\n\t\t{\n\t\t // Note: Do NOT get the password field.\n\t\t profile = new Employee(answer_results.getInt(\"userid\"),\n\t\t\t answer_results.getString(\"first_name\"),\n\t\t\t answer_results.getString(\"last_name\"),\n\t\t\t answer_results.getString(\"ssn\"), answer_results\n" } } }, "message": { "text": "Assignment to profile" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 53 }, "region": { "startLine": 149, "snippet": { "text": "\treturn profile;" } }, "contextRegion": { "startLine": 146, "endLine": 152, "snippet": { "text": "\t e.printStackTrace();\n\t}\n\n\treturn profile;\n }\n\n\n" } } }, "message": { "text": "Return profile" } }, "kinds": [ "return", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 53 }, "region": { "startLine": 79, "snippet": { "text": "\t Employee employee = getEmployeeProfile(s, userId, employeeId);" } }, "contextRegion": { "startLine": 76, "endLine": 82, "snippet": { "text": "\t\t\t+ CrossSiteScripting.EMPLOYEE_ID);\n\t }\n\n\t Employee employee = getEmployeeProfile(s, userId, employeeId);\n\t setSessionAttribute(s, getLessonName() + \".\"\n\t\t + CrossSiteScripting.EMPLOYEE_ATTRIBUTE_KEY, employee);\n\n" } } }, "message": { "text": "getEmployeeProfile(return.firstName)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 53 }, "region": { "startLine": 79, "snippet": { "text": "\t Employee employee = getEmployeeProfile(s, userId, employeeId);" } }, "contextRegion": { "startLine": 76, "endLine": 82, "snippet": { "text": "\t\t\t+ CrossSiteScripting.EMPLOYEE_ID);\n\t }\n\n\t Employee employee = getEmployeeProfile(s, userId, employeeId);\n\t setSessionAttribute(s, getLessonName() + \".\"\n\t\t + CrossSiteScripting.EMPLOYEE_ATTRIBUTE_KEY, employee);\n\n" } } }, "message": { "text": "Assignment to employee" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 53 }, "region": { "startLine": 81, "snippet": { "text": "\t\t + CrossSiteScripting.EMPLOYEE_ATTRIBUTE_KEY, employee);" } }, "contextRegion": { "startLine": 78, "endLine": 84, "snippet": { "text": "\n\t Employee employee = getEmployeeProfile(s, userId, employeeId);\n\t setSessionAttribute(s, getLessonName() + \".\"\n\t\t + CrossSiteScripting.EMPLOYEE_ATTRIBUTE_KEY, employee);\n\n\t updateLessonStatus(s, employee);\n\t}\n" } } }, "message": { "text": "setSessionAttribute(2)" } }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 53 }, "region": { "startLine": 118, "snippet": { "text": "\t\t\t answer_results.getString(\"last_name\")," } }, "contextRegion": { "startLine": 115, "endLine": 121, "snippet": { "text": "\t\t // Note: Do NOT get the password field.\n\t\t profile = new Employee(answer_results.getInt(\"userid\"),\n\t\t\t answer_results.getString(\"first_name\"),\n\t\t\t answer_results.getString(\"last_name\"),\n\t\t\t answer_results.getString(\"ssn\"), answer_results\n\t\t\t\t .getString(\"title\"), answer_results\n\t\t\t\t .getString(\"phone\"), answer_results\n" } } }, "message": { "text": "getString(this : return)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 53 }, "region": { "startLine": 118, "snippet": { "text": "\t\t\t answer_results.getString(\"last_name\")," } }, "contextRegion": { "startLine": 115, "endLine": 121, "snippet": { "text": "\t\t // Note: Do NOT get the password field.\n\t\t profile = new Employee(answer_results.getInt(\"userid\"),\n\t\t\t answer_results.getString(\"first_name\"),\n\t\t\t answer_results.getString(\"last_name\"),\n\t\t\t answer_results.getString(\"ssn\"), answer_results\n\t\t\t\t .getString(\"title\"), answer_results\n\t\t\t\t .getString(\"phone\"), answer_results\n" } } }, "message": { "text": "Employee(2 : this.lastName)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 53 }, "region": { "startLine": 79, "snippet": { "text": "\t Employee employee = getEmployeeProfile(s, userId, employeeId);" } }, "contextRegion": { "startLine": 76, "endLine": 82, "snippet": { "text": "\t\t\t+ CrossSiteScripting.EMPLOYEE_ID);\n\t }\n\n\t Employee employee = getEmployeeProfile(s, userId, employeeId);\n\t setSessionAttribute(s, getLessonName() + \".\"\n\t\t + CrossSiteScripting.EMPLOYEE_ATTRIBUTE_KEY, employee);\n\n" } } }, "message": { "text": "getEmployeeProfile(return.lastName)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 53 }, "region": { "startLine": 119, "snippet": { "text": "\t\t\t answer_results.getString(\"ssn\"), answer_results" } }, "contextRegion": { "startLine": 116, "endLine": 122, "snippet": { "text": "\t\t profile = new Employee(answer_results.getInt(\"userid\"),\n\t\t\t answer_results.getString(\"first_name\"),\n\t\t\t answer_results.getString(\"last_name\"),\n\t\t\t answer_results.getString(\"ssn\"), answer_results\n\t\t\t\t .getString(\"title\"), answer_results\n\t\t\t\t .getString(\"phone\"), answer_results\n\t\t\t\t .getString(\"address1\"), answer_results\n" } } }, "message": { "text": "getString(this : return)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 53 }, "region": { "startLine": 119, "snippet": { "text": "\t\t\t answer_results.getString(\"ssn\"), answer_results" } }, "contextRegion": { "startLine": 116, "endLine": 122, "snippet": { "text": "\t\t profile = new Employee(answer_results.getInt(\"userid\"),\n\t\t\t answer_results.getString(\"first_name\"),\n\t\t\t answer_results.getString(\"last_name\"),\n\t\t\t answer_results.getString(\"ssn\"), answer_results\n\t\t\t\t .getString(\"title\"), answer_results\n\t\t\t\t .getString(\"phone\"), answer_results\n\t\t\t\t .getString(\"address1\"), answer_results\n" } } }, "message": { "text": "Employee(3 : this.ssn)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 53 }, "region": { "startLine": 79, "snippet": { "text": "\t Employee employee = getEmployeeProfile(s, userId, employeeId);" } }, "contextRegion": { "startLine": 76, "endLine": 82, "snippet": { "text": "\t\t\t+ CrossSiteScripting.EMPLOYEE_ID);\n\t }\n\n\t Employee employee = getEmployeeProfile(s, userId, employeeId);\n\t setSessionAttribute(s, getLessonName() + \".\"\n\t\t + CrossSiteScripting.EMPLOYEE_ATTRIBUTE_KEY, employee);\n\n" } } }, "message": { "text": "getEmployeeProfile(return.ssn)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 53 }, "region": { "startLine": 120, "snippet": { "text": "\t\t\t\t .getString(\"title\"), answer_results" } }, "contextRegion": { "startLine": 117, "endLine": 123, "snippet": { "text": "\t\t\t answer_results.getString(\"first_name\"),\n\t\t\t answer_results.getString(\"last_name\"),\n\t\t\t answer_results.getString(\"ssn\"), answer_results\n\t\t\t\t .getString(\"title\"), answer_results\n\t\t\t\t .getString(\"phone\"), answer_results\n\t\t\t\t .getString(\"address1\"), answer_results\n\t\t\t\t .getString(\"address2\"), answer_results\n" } } }, "message": { "text": "Employee(4 : this.title)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 53 }, "region": { "startLine": 79, "snippet": { "text": "\t Employee employee = getEmployeeProfile(s, userId, employeeId);" } }, "contextRegion": { "startLine": 76, "endLine": 82, "snippet": { "text": "\t\t\t+ CrossSiteScripting.EMPLOYEE_ID);\n\t }\n\n\t Employee employee = getEmployeeProfile(s, userId, employeeId);\n\t setSessionAttribute(s, getLessonName() + \".\"\n\t\t + CrossSiteScripting.EMPLOYEE_ATTRIBUTE_KEY, employee);\n\n" } } }, "message": { "text": "getEmployeeProfile(return.title)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 53 }, "region": { "startLine": 120, "snippet": { "text": "\t\t\t\t .getString(\"title\"), answer_results" } }, "contextRegion": { "startLine": 117, "endLine": 123, "snippet": { "text": "\t\t\t answer_results.getString(\"first_name\"),\n\t\t\t answer_results.getString(\"last_name\"),\n\t\t\t answer_results.getString(\"ssn\"), answer_results\n\t\t\t\t .getString(\"title\"), answer_results\n\t\t\t\t .getString(\"phone\"), answer_results\n\t\t\t\t .getString(\"address1\"), answer_results\n\t\t\t\t .getString(\"address2\"), answer_results\n" } } }, "message": { "text": "getString(this : return)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 801, "snippet": { "text": "\tCookie[] cookies = s.getRequest().getCookies();" } }, "contextRegion": { "startLine": 798, "endLine": 804, "snippet": { "text": " */\n protected String getCookie(WebSession s)\n {\n\tCookie[] cookies = s.getRequest().getCookies();\n\n\tfor (int i = 0; i < cookies.length; i++)\n\t{\n" } } }, "message": { "text": "getCookies(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 53 }, "region": { "startLine": 121, "snippet": { "text": "\t\t\t\t .getString(\"phone\"), answer_results" } }, "contextRegion": { "startLine": 118, "endLine": 124, "snippet": { "text": "\t\t\t answer_results.getString(\"last_name\"),\n\t\t\t answer_results.getString(\"ssn\"), answer_results\n\t\t\t\t .getString(\"title\"), answer_results\n\t\t\t\t .getString(\"phone\"), answer_results\n\t\t\t\t .getString(\"address1\"), answer_results\n\t\t\t\t .getString(\"address2\"), answer_results\n\t\t\t\t .getInt(\"manager\"), answer_results\n" } } }, "message": { "text": "Employee(5 : this.phone)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 801, "snippet": { "text": "\tCookie[] cookies = s.getRequest().getCookies();" } }, "contextRegion": { "startLine": 798, "endLine": 804, "snippet": { "text": " */\n protected String getCookie(WebSession s)\n {\n\tCookie[] cookies = s.getRequest().getCookies();\n\n\tfor (int i = 0; i < cookies.length; i++)\n\t{\n" } } }, "message": { "text": "Assignment to cookies" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 807, "snippet": { "text": "\t\treturn (cookies[i].getValue());" } }, "contextRegion": { "startLine": 804, "endLine": 810, "snippet": { "text": "\t{\n\t if (cookies[i].getName().equalsIgnoreCase(USER_COOKIE))\n\t {\n\t\treturn (cookies[i].getValue());\n\t }\n\t}\n\n" } } }, "message": { "text": "getValue(this : return)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 53 }, "region": { "startLine": 79, "snippet": { "text": "\t Employee employee = getEmployeeProfile(s, userId, employeeId);" } }, "contextRegion": { "startLine": 76, "endLine": 82, "snippet": { "text": "\t\t\t+ CrossSiteScripting.EMPLOYEE_ID);\n\t }\n\n\t Employee employee = getEmployeeProfile(s, userId, employeeId);\n\t setSessionAttribute(s, getLessonName() + \".\"\n\t\t + CrossSiteScripting.EMPLOYEE_ATTRIBUTE_KEY, employee);\n\n" } } }, "message": { "text": "getEmployeeProfile(return.phone)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 807, "snippet": { "text": "\t\treturn (cookies[i].getValue());" } }, "contextRegion": { "startLine": 804, "endLine": 810, "snippet": { "text": "\t{\n\t if (cookies[i].getName().equalsIgnoreCase(USER_COOKIE))\n\t {\n\t\treturn (cookies[i].getValue());\n\t }\n\t}\n\n" } } }, "message": { "text": "Return" } }, "kinds": [ "return", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 214, "snippet": { "text": "\tString user = getCookie(s);" } }, "contextRegion": { "startLine": 211, "endLine": 217, "snippet": { "text": "\tStatement statement3 = connection.createStatement(\n\t\tResultSet.TYPE_SCROLL_INSENSITIVE, ResultSet.CONCUR_READ_ONLY);\n\t// pull the USER_COOKIE from the cookies\n\tString user = getCookie(s);\n\tString query = \"SELECT * FROM user_data WHERE last_name = '\" + user\n\t\t+ \"'\";\n\tVector v = new Vector();\n" } } }, "message": { "text": "getCookie(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 214, "snippet": { "text": "\tString user = getCookie(s);" } }, "contextRegion": { "startLine": 211, "endLine": 217, "snippet": { "text": "\tStatement statement3 = connection.createStatement(\n\t\tResultSet.TYPE_SCROLL_INSENSITIVE, ResultSet.CONCUR_READ_ONLY);\n\t// pull the USER_COOKIE from the cookies\n\tString user = getCookie(s);\n\tString query = \"SELECT * FROM user_data WHERE last_name = '\" + user\n\t\t+ \"'\";\n\tVector v = new Vector();\n" } } }, "message": { "text": "Assignment to user" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 215, "snippet": { "text": "\tString query = \"SELECT * FROM user_data WHERE last_name = '\" + user" } }, "contextRegion": { "startLine": 212, "endLine": 218, "snippet": { "text": "\t\tResultSet.TYPE_SCROLL_INSENSITIVE, ResultSet.CONCUR_READ_ONLY);\n\t// pull the USER_COOKIE from the cookies\n\tString user = getCookie(s);\n\tString query = \"SELECT * FROM user_data WHERE last_name = '\" + user\n\t\t+ \"'\";\n\tVector v = new Vector();\n\ttry\n" } } }, "message": { "text": "Assignment to query" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 8 }, "region": { "startLine": 140, "snippet": { "text": "\t String param1 = s.getParser().getRawParameter(\"field1\", \"abc\");" } }, "contextRegion": { "startLine": 137, "endLine": 143, "snippet": { "text": "\t\t+ \"\" + lineSep;\n\ttry\n\t{\n\t String param1 = s.getParser().getRawParameter(\"field1\", \"abc\");\n\t String param2 = s.getParser().getRawParameter(\"field2\", \"123\");\n\t String param3 = s.getParser().getRawParameter(\"field3\",\n\t\t \"abc 123 ABC\");\n" } } }, "message": { "text": "getRawParameter(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 8 }, "region": { "startLine": 140, "snippet": { "text": "\t String param1 = s.getParser().getRawParameter(\"field1\", \"abc\");" } }, "contextRegion": { "startLine": 137, "endLine": 143, "snippet": { "text": "\t\t+ \"\" + lineSep;\n\ttry\n\t{\n\t String param1 = s.getParser().getRawParameter(\"field1\", \"abc\");\n\t String param2 = s.getParser().getRawParameter(\"field2\", \"123\");\n\t String param3 = s.getParser().getRawParameter(\"field3\",\n\t\t \"abc 123 ABC\");\n" } } }, "message": { "text": "Assignment to param1" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 149, "snippet": { "text": "\t\t.getParameter(CrossSiteScripting.DISCIPLINARY_NOTES);" } }, "contextRegion": { "startLine": 146, "endLine": 152, "snippet": { "text": "\tString disciplinaryActionDate = request\n\t\t.getParameter(CrossSiteScripting.DISCIPLINARY_DATE);\n\tString disciplinaryActionNotes = request\n\t\t.getParameter(CrossSiteScripting.DISCIPLINARY_NOTES);\n\tString personalDescription = request\n\t\t.getParameter(CrossSiteScripting.DESCRIPTION);\n\n" } } }, "message": { "text": "getParameter(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 148, "endLine": 149, "snippet": { "text": "\tString disciplinaryActionNotes = request\r\n\t\t.getParameter(CrossSiteScripting.DISCIPLINARY_NOTES);" } }, "contextRegion": { "startLine": 145, "endLine": 152, "snippet": { "text": "\t\t.getParameter(CrossSiteScripting.CCN_LIMIT));\n\tString disciplinaryActionDate = request\n\t\t.getParameter(CrossSiteScripting.DISCIPLINARY_DATE);\n\tString disciplinaryActionNotes = request\n\t\t.getParameter(CrossSiteScripting.DISCIPLINARY_NOTES);\n\tString personalDescription = request\n\t\t.getParameter(CrossSiteScripting.DESCRIPTION);\n\n" } } }, "message": { "text": "Assignment to disciplinaryActionNotes" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 155, "snippet": { "text": "\t\tccn, ccnLimit, disciplinaryActionDate, disciplinaryActionNotes," } }, "contextRegion": { "startLine": 152, "endLine": 158, "snippet": { "text": "\n\tEmployee employee = new Employee(subjectId, firstName, lastName, ssn,\n\t\ttitle, phone, address1, address2, manager, startDate, salary,\n\t\tccn, ccnLimit, disciplinaryActionDate, disciplinaryActionNotes,\n\t\tpersonalDescription);\n\n\treturn employee;\n" } } }, "message": { "text": "Employee(14 : this.disciplinaryActionNotes)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 124 }, "region": { "startLine": 101, "snippet": { "text": "\tthis.disciplinaryActionNotes = disciplinaryActionNotes;" } }, "contextRegion": { "startLine": 98, "endLine": 104, "snippet": { "text": "\tthis.ccn = ccn;\n\tthis.ccnLimit = ccnLimit;\n\tthis.disciplinaryActionDate = disciplinaryActionDate;\n\tthis.disciplinaryActionNotes = disciplinaryActionNotes;\n\tthis.personalDescription = personalDescription;\n }\n\n" } } }, "message": { "text": "Assignment to this.disciplinaryActionNotes" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 80, "snippet": { "text": "\t\temployee = parseEmployeeProfile(subjectId, s);" } }, "contextRegion": { "startLine": 77, "endLine": 83, "snippet": { "text": "\t Employee employee = null;\n\t try\n\t {\n\t\temployee = parseEmployeeProfile(subjectId, s);\n\t }\n\t catch (ValidationException e)\n\t {\n" } } }, "message": { "text": "parseEmployeeProfile(return.disciplinaryActionNotes)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 101, "snippet": { "text": "\t\tthis.createEmployeeProfile(s, userId, employee);" } }, "contextRegion": { "startLine": 98, "endLine": 104, "snippet": { "text": "\t\t\t.toString(subjectId));\n\t }\n\t else\n\t\tthis.createEmployeeProfile(s, userId, employee);\n\n\t try\n\t {\n" } } }, "message": { "text": "createEmployeeProfile(2.disciplinaryActionNotes)" } }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 62 }, "region": { "startLine": 124, "snippet": { "text": "\t\t\t .getStringParameter(\"QTY1\", \"1\")))" } }, "contextRegion": { "startLine": 121, "endLine": 127, "snippet": { "text": "\t tr.addElement(new TD().addElement(\"69.99\").setAlign(\"right\"));\n\t tr.addElement(new TD().addElement(\n\t\t new Input(Input.TEXT, \"QTY1\", s.getParser()\n\t\t\t .getStringParameter(\"QTY1\", \"1\")))\n\t\t .setAlign(\"right\"));\n\t quantity = s.getParser().getFloatParameter(\"QTY1\", 1.0f);\n\t total = quantity * 69.99f;\n" } } }, "message": { "text": "getStringParameter(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 331, "snippet": { "text": "\t\t + employee.getDisciplinaryActionNotes() + \"','\"" } }, "contextRegion": { "startLine": 328, "endLine": 334, "snippet": { "text": "\t\t + employee.getSalary() + \",'\" + employee.getCcn() + \"',\"\n\t\t + employee.getCcnLimit() + \",'\"\n\t\t + employee.getDisciplinaryActionDate() + \"','\"\n\t\t + employee.getDisciplinaryActionNotes() + \"','\"\n\t\t + employee.getPersonalDescription() + \"')\";\n\n\t //System.out.println(\"Query: \" + query);\n" } } }, "message": { "text": "getDisciplinaryActionNotes(this.disciplinaryActionNotes : return)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 124 }, "region": { "startLine": 258, "snippet": { "text": "\treturn this.disciplinaryActionNotes;" } }, "contextRegion": { "startLine": 255, "endLine": 261, "snippet": { "text": "\n public String getDisciplinaryActionNotes()\n {\n\treturn this.disciplinaryActionNotes;\n }\n\n\n" } } }, "message": { "text": "Return this.disciplinaryActionNotes" } }, "kinds": [ "return", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 137 }, "region": { "startLine": 75, "snippet": { "text": "\t String param2 = HtmlEncoder.encode(s.getParser().getRawParameter(" } }, "contextRegion": { "startLine": 72, "endLine": 78, "snippet": { "text": "\ttry\n\t{\n\t String param1 = s.getParser().getRawParameter(\"field1\", \"111\");\n\t String param2 = HtmlEncoder.encode(s.getParser().getRawParameter(\n\t\t \"field2\", \"4128 3214 0002 1999\"));\n\t float quantity = 1.0f;\n\t float total = 0.0f;\n" } } }, "message": { "text": "getRawParameter(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 137 }, "region": { "startLine": 75, "snippet": { "text": "\t String param2 = HtmlEncoder.encode(s.getParser().getRawParameter(" } }, "contextRegion": { "startLine": 72, "endLine": 78, "snippet": { "text": "\ttry\n\t{\n\t String param1 = s.getParser().getRawParameter(\"field1\", \"111\");\n\t String param2 = HtmlEncoder.encode(s.getParser().getRawParameter(\n\t\t \"field2\", \"4128 3214 0002 1999\"));\n\t float quantity = 1.0f;\n\t float total = 0.0f;\n" } } }, "message": { "text": "encode(0 : return)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 32 }, "region": { "startLine": 147, "snippet": { "text": "\t char ch = s1.charAt(i);" } }, "contextRegion": { "startLine": 144, "endLine": 150, "snippet": { "text": "\tint i;\n\tfor (i = 0; i < s1.length(); ++i)\n\t{\n\t char ch = s1.charAt(i);\n\n\t String entity = (String) i2e.get(new Integer((int) ch));\n\n" } } }, "message": { "text": "charAt(this : return)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 32 }, "region": { "startLine": 147, "snippet": { "text": "\t char ch = s1.charAt(i);" } }, "contextRegion": { "startLine": 144, "endLine": 150, "snippet": { "text": "\tint i;\n\tfor (i = 0; i < s1.length(); ++i)\n\t{\n\t char ch = s1.charAt(i);\n\n\t String entity = (String) i2e.get(new Integer((int) ch));\n\n" } } }, "message": { "text": "Assignment to ch" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 32 }, "region": { "startLine": 159, "snippet": { "text": "\t\t buf.append(ch);" } }, "contextRegion": { "startLine": 156, "endLine": 162, "snippet": { "text": "\t\t}\n\t\telse\n\t\t{\n\t\t buf.append(ch);\n\t\t}\n\t }\n\t else\n" } } }, "message": { "text": "append(0 : this)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 32 }, "region": { "startLine": 168, "snippet": { "text": "\treturn buf.toString();" } }, "contextRegion": { "startLine": 165, "endLine": 171, "snippet": { "text": "\t }\n\t}\n\n\treturn buf.toString();\n }\n\n\n" } } }, "message": { "text": "toString(this : return)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 32 }, "region": { "startLine": 168, "snippet": { "text": "\treturn buf.toString();" } }, "contextRegion": { "startLine": 165, "endLine": 171, "snippet": { "text": "\t }\n\t}\n\n\treturn buf.toString();\n }\n\n\n" } } }, "message": { "text": "Return" } }, "kinds": [ "return", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 137 }, "region": { "startLine": 75, "snippet": { "text": "\t String param2 = HtmlEncoder.encode(s.getParser().getRawParameter(" } }, "contextRegion": { "startLine": 72, "endLine": 78, "snippet": { "text": "\ttry\n\t{\n\t String param1 = s.getParser().getRawParameter(\"field1\", \"111\");\n\t String param2 = HtmlEncoder.encode(s.getParser().getRawParameter(\n\t\t \"field2\", \"4128 3214 0002 1999\"));\n\t float quantity = 1.0f;\n\t float total = 0.0f;\n" } } }, "message": { "text": "Assignment to param2" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 12 }, "region": { "startLine": 84, "snippet": { "text": "\t originalUser = currentUser;" } }, "contextRegion": { "startLine": 81, "endLine": 87, "snippet": { "text": "\t ec.addElement(new StringElement(\"Enter user name: \"));\n\t ec.addElement(new Input(Input.TEXT, USER_NAME, \"\"));\n\t currentUser = s.getParser().getRawParameter(USER_NAME, \"\");\n\t originalUser = currentUser;\n\n\t // Store the user name\n\t String user1 = new String(currentUser);\n" } } }, "message": { "text": "Assignment to this.originalUser" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 12 }, "region": { "startLine": 107, "snippet": { "text": "\t\t ec.addElement(\"Account information for user: \"" } }, "contextRegion": { "startLine": 104, "endLine": 110, "snippet": { "text": "\n\t\tif ((results != null) && (results.first() == true))\n\t\t{\n\t\t ec.addElement(\"Account information for user: \"\n\t\t\t + originalUser + \"

\");\n\t\t ResultSetMetaData resultsMetaData = results.getMetaData();\n\t\t ec.addElement(DatabaseUtilities.writeTable(results,\n" } } }, "message": { "text": "addElement(0 : this)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 12 }, "region": { "startLine": 131, "snippet": { "text": "\treturn (ec);" } }, "contextRegion": { "startLine": 128, "endLine": 134, "snippet": { "text": "\t e.printStackTrace();\n\t}\n\n\treturn (ec);\n }\n\n\n" } } }, "message": { "text": "Return ec" } }, "kinds": [ "return", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 75 }, "region": { "startLine": 1086, "snippet": { "text": "\tform.addElement(createContent(s));" } }, "contextRegion": { "startLine": 1083, "endLine": 1089, "snippet": { "text": "\tForm form = new Form(getFormAction(), Form.POST).setName(\"form\")\n\t\t.setEncType(\"\");\n\n\tform.addElement(createContent(s));\n\n\tsetContent(form);\n }\n" } } }, "message": { "text": "createContent(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 91 }, "region": { "startLine": 82, "snippet": { "text": "\t String to = s.getParser().getRawParameter(TO, \"\");" } }, "contextRegion": { "startLine": 79, "endLine": 85, "snippet": { "text": "\tElementContainer ec = new ElementContainer();\n\ttry\n\t{\n\t String to = s.getParser().getRawParameter(TO, \"\");\n\n\t Table t = new Table().setCellSpacing(0).setCellPadding(2)\n\t\t .setBorder(0).setWidth(\"90%\").setAlign(\"center\");\n" } } }, "message": { "text": "getRawParameter(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 91 }, "region": { "startLine": 82, "snippet": { "text": "\t String to = s.getParser().getRawParameter(TO, \"\");" } }, "contextRegion": { "startLine": 79, "endLine": 85, "snippet": { "text": "\tElementContainer ec = new ElementContainer();\n\ttry\n\t{\n\t String to = s.getParser().getRawParameter(TO, \"\");\n\n\t Table t = new Table().setCellSpacing(0).setCellPadding(2)\n\t\t .setBorder(0).setWidth(\"90%\").setAlign(\"center\");\n" } } }, "message": { "text": "Assignment to to" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 91 }, "region": { "startLine": 165, "snippet": { "text": "\t\tec.addElement(new StringElement(\"Delivered-To: \" + to));" } }, "contextRegion": { "startLine": 162, "endLine": 168, "snippet": { "text": "\t\tec.addElement(new StringElement(\n\t\t\t\"Return-Path: <webgoat@owasp.org>\"));\n\t\tec.addElement(new BR());\n\t\tec.addElement(new StringElement(\"Delivered-To: \" + to));\n\t\tec.addElement(new BR());\n\t\tec.addElement(new StringElement(\n\t\t\t\"Received: (qmail 614458 invoked by uid 239); \"\n" } } }, "message": { "text": "StringElement(0 : this)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 91 }, "region": { "startLine": 165, "snippet": { "text": "\t\tec.addElement(new StringElement(\"Delivered-To: \" + to));" } }, "contextRegion": { "startLine": 162, "endLine": 168, "snippet": { "text": "\t\tec.addElement(new StringElement(\n\t\t\t\"Return-Path: <webgoat@owasp.org>\"));\n\t\tec.addElement(new BR());\n\t\tec.addElement(new StringElement(\"Delivered-To: \" + to));\n\t\tec.addElement(new BR());\n\t\tec.addElement(new StringElement(\n\t\t\t\"Received: (qmail 614458 invoked by uid 239); \"\n" } } }, "message": { "text": "addElement(0 : this)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 91 }, "region": { "startLine": 198, "snippet": { "text": "\treturn (ec);" } }, "contextRegion": { "startLine": 195, "endLine": 201, "snippet": { "text": "\t s.setMessage(\"Error generating \" + this.getClass().getName());\n\t e.printStackTrace();\n\t}\n\treturn (ec);\n }\n\n\n" } } }, "message": { "text": "Return ec" } }, "kinds": [ "return", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 74, "snippet": { "text": "\t String helpFile = s.getParser().getRawParameter(HELP_FILE," } }, "contextRegion": { "startLine": 71, "endLine": 77, "snippet": { "text": "\tboolean illegalCommand = s.isDefuseOSCommands();\n\ttry\n\t{\n\t String helpFile = s.getParser().getRawParameter(HELP_FILE,\n\t\t \"BasicAuthentication.help\");\n\t String safeDirName;\n\t if (s.isDefuseOSCommands()\n" } } }, "message": { "text": "getRawParameter(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 74, "snippet": { "text": "\t String helpFile = s.getParser().getRawParameter(HELP_FILE," } }, "contextRegion": { "startLine": 71, "endLine": 77, "snippet": { "text": "\tboolean illegalCommand = s.isDefuseOSCommands();\n\ttry\n\t{\n\t String helpFile = s.getParser().getRawParameter(HELP_FILE,\n\t\t \"BasicAuthentication.help\");\n\t String safeDirName;\n\t if (s.isDefuseOSCommands()\n" } } }, "message": { "text": "Assignment to helpFile" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 158, "snippet": { "text": "\t\t\t\t\t : helpFile.toString()) + \"\"));" } }, "contextRegion": { "startLine": 155, "endLine": 161, "snippet": { "text": "\t\t .addElement(new StringElement(\n\t\t\t \"You are currently viewing: \"\n\t\t\t\t + (helpFile.toString().length() == 0 ? \"<select file from list below>\"\n\t\t\t\t\t : helpFile.toString()) + \"\"));\n\n\t if (!illegalCommand)\n\t {\n" } } }, "message": { "text": "toString(this : return)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 157, "snippet": { "text": "\t\t\t\t + (helpFile.toString().length() == 0 ? \"<select file from list below>\"" } }, "contextRegion": { "startLine": 154, "endLine": 160, "snippet": { "text": "\t ec\n\t\t .addElement(new StringElement(\n\t\t\t \"You are currently viewing: \"\n\t\t\t\t + (helpFile.toString().length() == 0 ? \"<select file from list below>\"\n\t\t\t\t\t : helpFile.toString()) + \"\"));\n\n\t if (!illegalCommand)\n" } } }, "message": { "text": "StringElement(0 : this)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 155, "snippet": { "text": "\t\t .addElement(new StringElement(" } }, "contextRegion": { "startLine": 152, "endLine": 158, "snippet": { "text": "\t File safeDir = new File(s.getContext().getRealPath(\"/lesson_plans\"));\n\n\t ec\n\t\t .addElement(new StringElement(\n\t\t\t \"You are currently viewing: \"\n\t\t\t\t + (helpFile.toString().length() == 0 ? \"<select file from list below>\"\n\t\t\t\t\t : helpFile.toString()) + \"\"));\n" } } }, "message": { "text": "addElement(0 : this)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 214, "snippet": { "text": "\treturn (ec);" } }, "contextRegion": { "startLine": 211, "endLine": 217, "snippet": { "text": "\t e.printStackTrace();\n\t}\n\n\treturn (ec);\n }\n\n\n" } } }, "message": { "text": "Return ec" } }, "kinds": [ "return", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 78 }, "region": { "startLine": 12, "snippet": { "text": "\t\t \"&menu=\" + request.getParameter(\"menu\") +" } }, "contextRegion": { "startLine": 9, "endLine": 15, "snippet": { "text": "\n<% response.sendRedirect(\"/WebGoat/attack?\" +\n\t\t \"Screen=\" + request.getParameter(\"Screen\") +\n\t\t \"&menu=\" + request.getParameter(\"menu\") +\n\t\t \"&succeeded=yes\"); \n%>\n\n" } } }, "message": { "text": "getParameter(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 177, "snippet": { "text": "\t String userAgent = request.getHeader(\"user-agent\");" } }, "contextRegion": { "startLine": 174, "endLine": 180, "snippet": { "text": "\t\t + mySession.getParser().toString());\n\n\t // Redirect the request to our View servlet\n\t String userAgent = request.getHeader(\"user-agent\");\n\t String clientBrowser = \"Not known!\";\n\t if (userAgent != null)\n\t {\n" } } }, "message": { "text": "getHeader(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 177, "snippet": { "text": "\t String userAgent = request.getHeader(\"user-agent\");" } }, "contextRegion": { "startLine": 174, "endLine": 180, "snippet": { "text": "\t\t + mySession.getParser().toString());\n\n\t // Redirect the request to our View servlet\n\t String userAgent = request.getHeader(\"user-agent\");\n\t String clientBrowser = \"Not known!\";\n\t if (userAgent != null)\n\t {\n" } } }, "message": { "text": "Assignment to userAgent" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 79 }, "region": { "startLine": 67, "snippet": { "text": "\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getCcn()%>\"/>" } }, "contextRegion": { "startLine": 64, "endLine": 70, "snippet": { "text": "\t\t\t\t\t\tCredit Card: \n\t\t\t\t\t		\n\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getCcn()%>\"/>\n\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\tCredit Card Limit: \n" } } }, "message": { "text": "getCcn(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 181, "snippet": { "text": "\t\tclientBrowser = userAgent;" } }, "contextRegion": { "startLine": 178, "endLine": 184, "snippet": { "text": "\t String clientBrowser = \"Not known!\";\n\t if (userAgent != null)\n\t {\n\t\tclientBrowser = userAgent;\n\t }\n\t request.setAttribute(\"client.browser\", clientBrowser);\n\t request.getSession().setAttribute(\"websession\", mySession);\n" } } }, "message": { "text": "Assignment to clientBrowser" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 183, "snippet": { "text": "\t request.setAttribute(\"client.browser\", clientBrowser);" } }, "contextRegion": { "startLine": 180, "endLine": 186, "snippet": { "text": "\t {\n\t\tclientBrowser = userAgent;\n\t }\n\t request.setAttribute(\"client.browser\", clientBrowser);\n\t request.getSession().setAttribute(\"websession\", mySession);\n\t request.getSession().setAttribute(\"course\", mySession.getCourse());\n\n" } } }, "message": { "text": "setAttribute(1 : this['client.browser'])" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 46 }, "region": { "startLine": 969, "snippet": { "text": "\t\tthis.request = request;" } }, "contextRegion": { "startLine": 966, "endLine": 972, "snippet": { "text": "\t\tString content = null;\n\n\t\tclearMessage();\n\t\tthis.request = request;\n\t\tthis.response = response;\n\t\tthis.servletName = name;\n\n" } } }, "message": { "text": "Read request" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 46 }, "region": { "startLine": 969, "snippet": { "text": "\t\tthis.request = request;" } }, "contextRegion": { "startLine": 966, "endLine": 972, "snippet": { "text": "\t\tString content = null;\n\n\t\tclearMessage();\n\t\tthis.request = request;\n\t\tthis.response = response;\n\t\tthis.servletName = name;\n\n" } } }, "message": { "text": "Assignment to this.request" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 501, "snippet": { "text": "\tsession.update(request, response, this.getServletName());" } }, "contextRegion": { "startLine": 498, "endLine": 504, "snippet": { "text": "\n\t}\n\n\tsession.update(request, response, this.getServletName());\n\n\t// to authenticate\n\t// System.out.println( \"HH Leaving Session_id: \" + hs.getId() );\n" } } }, "message": { "text": "update(this.request['client.browser'])" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 135, "snippet": { "text": "\t mySession = updateSession(request, response, context);" } }, "contextRegion": { "startLine": 132, "endLine": 138, "snippet": { "text": "\n\t // FIXME: If a response is written by updateSession(), do not\n\t // call makeScreen() and writeScreen()\n\t mySession = updateSession(request, response, context);\n\t if (response.isCommitted())\n\t\treturn;\n\n" } } }, "message": { "text": "updateSession(return.request['client.browser'])" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 1094, "startColumn": 17 } }, "message": { "text": "Read request" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 1094, "snippet": { "text": "\tthis.request = request;" } }, "contextRegion": { "startLine": 1091, "endLine": 1097, "snippet": { "text": " */\n public void update(ServletRequest request)\n {\n\tthis.request = request;\n }\n}\n" } } }, "message": { "text": "Assignment to this.request" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 46 }, "region": { "startLine": 979, "snippet": { "text": "\t\t\tmyParser.update( request );" } }, "contextRegion": { "startLine": 976, "endLine": 982, "snippet": { "text": "\t\t}\n\t\telse\n\t\t{\n\t\t\tmyParser.update( request );\n\t\t}\n\n\t\t// System.out.println(\"Current Screen 1: \" + currentScreen );\n" } } }, "message": { "text": "update(this.request['client.browser'])" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 501, "snippet": { "text": "\tsession.update(request, response, this.getServletName());" } }, "contextRegion": { "startLine": 498, "endLine": 504, "snippet": { "text": "\n\t}\n\n\tsession.update(request, response, this.getServletName());\n\n\t// to authenticate\n\t// System.out.println( \"HH Leaving Session_id: \" + hs.getId() );\n" } } }, "message": { "text": "update(this.myParser.request['client.browser'])" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 135, "snippet": { "text": "\t mySession = updateSession(request, response, context);" } }, "contextRegion": { "startLine": 132, "endLine": 138, "snippet": { "text": "\n\t // FIXME: If a response is written by updateSession(), do not\n\t // call makeScreen() and writeScreen()\n\t mySession = updateSession(request, response, context);\n\t if (response.isCommitted())\n\t\treturn;\n\n" } } }, "message": { "text": "updateSession(return.myParser.request['client.browser'])" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 103, "snippet": { "text": "\tdoPost(request, response);" } }, "contextRegion": { "startLine": 100, "endLine": 106, "snippet": { "text": " public void doGet(HttpServletRequest request, HttpServletResponse response)\n\t throws IOException, ServletException\n {\n\tdoPost(request, response);\n }\n\n\n" } } }, "message": { "text": "doPost(0['client.browser'])" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 103, "snippet": { "text": "\tdoPost(request, response);" } }, "contextRegion": { "startLine": 100, "endLine": 106, "snippet": { "text": " public void doGet(HttpServletRequest request, HttpServletResponse response)\n\t throws IOException, ServletException\n {\n\tdoPost(request, response);\n }\n\n\n" } } }, "message": { "text": "javax.servlet.ServletRequest['client.browser'] promoted to global" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 59, "snippet": { "text": "\tthis.request = request;" } }, "contextRegion": { "startLine": 56, "endLine": 62, "snippet": { "text": " */\n public ParameterParser(ServletRequest request)\n {\n\tthis.request = request;\n }\n\n\n" } } }, "message": { "text": "Read request" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 109 }, "region": { "startLine": 59, "snippet": { "text": "\tthis.request = request;" } }, "contextRegion": { "startLine": 56, "endLine": 62, "snippet": { "text": " */\n public ParameterParser(ServletRequest request)\n {\n\tthis.request = request;\n }\n\n\n" } } }, "message": { "text": "Assignment to this.request" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 46 }, "region": { "startLine": 975, "snippet": { "text": "\t\t\tmyParser = new ParameterParser( request );" } }, "contextRegion": { "startLine": 972, "endLine": 978, "snippet": { "text": "\n\t\tif ( myParser == null )\n\t\t{\n\t\t\tmyParser = new ParameterParser( request );\n\t\t}\n\t\telse\n\t\t{\n" } } }, "message": { "text": "ParameterParser(this.request['client.browser'])" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 46 }, "region": { "startLine": 975, "snippet": { "text": "\t\t\tmyParser = new ParameterParser( request );" } }, "contextRegion": { "startLine": 972, "endLine": 978, "snippet": { "text": "\n\t\tif ( myParser == null )\n\t\t{\n\t\t\tmyParser = new ParameterParser( request );\n\t\t}\n\t\telse\n\t\t{\n" } } }, "message": { "text": "Assignment to this.myParser" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 103 }, "region": { "startLine": 84, "snippet": { "text": "\t\t\tString message = s.getParser().getRawParameter( MESSAGE, \"\" );" } }, "contextRegion": { "startLine": 81, "endLine": 87, "snippet": { "text": "\t\ttry\n\t\t{\n\t\t\tString title = HtmlEncoder.encode( s.getParser().getRawParameter( TITLE, \"\" ) );\n\t\t\tString message = s.getParser().getRawParameter( MESSAGE, \"\" );\n\n\t\t\tif ( connection == null )\n\t\t\t{\n" } } }, "message": { "text": "getRawParameter(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 103 }, "region": { "startLine": 84, "snippet": { "text": "\t\t\tString message = s.getParser().getRawParameter( MESSAGE, \"\" );" } }, "contextRegion": { "startLine": 81, "endLine": 87, "snippet": { "text": "\t\ttry\n\t\t{\n\t\t\tString title = HtmlEncoder.encode( s.getParser().getRawParameter( TITLE, \"\" ) );\n\t\t\tString message = s.getParser().getRawParameter( MESSAGE, \"\" );\n\n\t\t\tif ( connection == null )\n\t\t\t{\n" } } }, "message": { "text": "Assignment to message" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 37 }, "region": { "startLine": 77, "snippet": { "text": "\t String password = s.getParser().getStringParameter(" } }, "contextRegion": { "startLine": 74, "endLine": 80, "snippet": { "text": "\t{\n\t employeeId = s.getParser().getIntParameter(\n\t\t RoleBasedAccessControl.EMPLOYEE_ID);\n\t String password = s.getParser().getStringParameter(\n\t\t RoleBasedAccessControl.PASSWORD);\n\n\t // Attempt authentication\n" } } }, "message": { "text": "getStringParameter(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 37 }, "region": { "startLine": 77, "snippet": { "text": "\t String password = s.getParser().getStringParameter(" } }, "contextRegion": { "startLine": 74, "endLine": 80, "snippet": { "text": "\t{\n\t employeeId = s.getParser().getIntParameter(\n\t\t RoleBasedAccessControl.EMPLOYEE_ID);\n\t String password = s.getParser().getStringParameter(\n\t\t RoleBasedAccessControl.PASSWORD);\n\n\t // Attempt authentication\n" } } }, "message": { "text": "Assignment to password" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 37 }, "region": { "startLine": 81, "snippet": { "text": "\t if (login(s, employeeId, password))" } }, "contextRegion": { "startLine": 78, "endLine": 84, "snippet": { "text": "\t\t RoleBasedAccessControl.PASSWORD);\n\n\t // Attempt authentication\n\t if (login(s, employeeId, password))\n\t {\n\t\t// Execute the chained Action if authentication succeeded.\n\t\ttry\n" } } }, "message": { "text": "login(2)" } }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 37 }, "region": { "startLine": 140, "endLine": 141, "snippet": { "text": "\t String query = \"SELECT * FROM employee WHERE userid = \" + userId\r\n\t\t + \" and password = '\" + password + \"'\";" } }, "contextRegion": { "startLine": 137, "endLine": 144, "snippet": { "text": "\n\ttry\n\t{\n\t String query = \"SELECT * FROM employee WHERE userid = \" + userId\n\t\t + \" and password = '\" + password + \"'\";\n\n\t try\n\t {\n" } } }, "message": { "text": "Assignment to query" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 88 }, "region": { "startLine": 75, "snippet": { "text": "\t employeeId = s.getParser().getStringParameter(" } }, "contextRegion": { "startLine": 72, "endLine": 78, "snippet": { "text": "\tString employeeId = null;\n\ttry\n\t{\n\t employeeId = s.getParser().getStringParameter(\n\t\t SQLInjection.EMPLOYEE_ID);\n\t String password = s.getParser().getRawParameter(\n\t\t SQLInjection.PASSWORD);\n" } } }, "message": { "text": "getStringParameter(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 88 }, "region": { "startLine": 75, "snippet": { "text": "\t employeeId = s.getParser().getStringParameter(" } }, "contextRegion": { "startLine": 72, "endLine": 78, "snippet": { "text": "\tString employeeId = null;\n\ttry\n\t{\n\t employeeId = s.getParser().getStringParameter(\n\t\t SQLInjection.EMPLOYEE_ID);\n\t String password = s.getParser().getRawParameter(\n\t\t SQLInjection.PASSWORD);\n" } } }, "message": { "text": "Assignment to employeeId" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 88 }, "region": { "startLine": 75, "snippet": { "text": "\t employeeId = s.getParser().getStringParameter(" } }, "contextRegion": { "startLine": 72, "endLine": 78, "snippet": { "text": "\tString employeeId = null;\n\ttry\n\t{\n\t employeeId = s.getParser().getStringParameter(\n\t\t SQLInjection.EMPLOYEE_ID);\n\t String password = s.getParser().getRawParameter(\n\t\t SQLInjection.PASSWORD);\n" } } }, "message": { "text": "Taint change on employeeId" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 88 }, "region": { "startLine": 81, "snippet": { "text": "\t boolean authenticated = login(s, employeeId, password);" } }, "contextRegion": { "startLine": 78, "endLine": 84, "snippet": { "text": "\t\t SQLInjection.PASSWORD);\n\n\t // Attempt authentication\n\t boolean authenticated = login(s, employeeId, password);\n\n\t updateLessonStatus(s);\n\n" } } }, "message": { "text": "login(1)" } }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 13 }, "region": { "startLine": 316, "snippet": { "text": "\t System.out.println(\"Exception caught: \" + e);" } }, "contextRegion": { "startLine": 313, "endLine": 319, "snippet": { "text": "\t}\n\tcatch (Exception e)\n\t{\n\t System.out.println(\"Exception caught: \" + e);\n\t e.printStackTrace(System.out);\n\t}\n }\n" } } }, "message": { "text": "Read e" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 13 }, "region": { "startLine": 316, "snippet": { "text": "\t System.out.println(\"Exception caught: \" + e);" } }, "contextRegion": { "startLine": 313, "endLine": 319, "snippet": { "text": "\t}\n\tcatch (Exception e)\n\t{\n\t System.out.println(\"Exception caught: \" + e);\n\t e.printStackTrace(System.out);\n\t}\n }\n" } } }, "message": { "text": "toString(this : return)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 62 }, "region": { "startLine": 74, "snippet": { "text": "\t String param1 = s.getParser().getRawParameter(\"field1\", \"111\");" } }, "contextRegion": { "startLine": 71, "endLine": 77, "snippet": { "text": "\n\ttry\n\t{\n\t String param1 = s.getParser().getRawParameter(\"field1\", \"111\");\n\t String param2 = HtmlEncoder.encode(s.getParser().getRawParameter(\n\t\t \"field2\", \"4128 3214 0002 1999\"));\n\t float quantity = 1.0f;\n" } } }, "message": { "text": "getRawParameter(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 62 }, "region": { "startLine": 74, "snippet": { "text": "\t String param1 = s.getParser().getRawParameter(\"field1\", \"111\");" } }, "contextRegion": { "startLine": 71, "endLine": 77, "snippet": { "text": "\n\ttry\n\t{\n\t String param1 = s.getParser().getRawParameter(\"field1\", \"111\");\n\t String param2 = HtmlEncoder.encode(s.getParser().getRawParameter(\n\t\t \"field2\", \"4128 3214 0002 1999\"));\n\t float quantity = 1.0f;\n" } } }, "message": { "text": "Assignment to param1" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 349, "snippet": { "text": "\t\t\tString userInput = s.getParser().getRawParameter( INPUT, \"\" );" } }, "contextRegion": { "startLine": 346, "endLine": 352, "snippet": { "text": "\t\ttry\n\t\t{\n\n\t\t\tString userInput = s.getParser().getRawParameter( INPUT, \"\" );\n\n\t\t\tString userKey = s.getParser().getStringParameter( KEY, \"\" );\n\n" } } }, "message": { "text": "getRawParameter(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 349, "snippet": { "text": "\t\t\tString userInput = s.getParser().getRawParameter( INPUT, \"\" );" } }, "contextRegion": { "startLine": 346, "endLine": 352, "snippet": { "text": "\t\ttry\n\t\t{\n\n\t\t\tString userInput = s.getParser().getRawParameter( INPUT, \"\" );\n\n\t\t\tString userKey = s.getParser().getStringParameter( KEY, \"\" );\n\n" } } }, "message": { "text": "Assignment to userInput" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 11 }, "region": { "startLine": 192, "snippet": { "text": "\t\tString cookie = s.getCookie(UNIQUE2U);" } }, "contextRegion": { "startLine": 189, "endLine": 195, "snippet": { "text": "\tprivate void setHttpOnly(WebSession s) {\n\t\tString value = createCustomCookieValue();\n\t\tHttpServletResponse response = s.getResponse();\n\t\tString cookie = s.getCookie(UNIQUE2U);\n\t\t\n\t\tif(cookie == null || cookie.equals(\"HACKED\")) {\n\t\t\tresponse.setHeader(\"Set-Cookie\", UNIQUE2U + \"=\" + value + \"; HttpOnly\");\n" } } }, "message": { "text": "getCookie(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 11 }, "region": { "startLine": 192, "snippet": { "text": "\t\tString cookie = s.getCookie(UNIQUE2U);" } }, "contextRegion": { "startLine": 189, "endLine": 195, "snippet": { "text": "\tprivate void setHttpOnly(WebSession s) {\n\t\tString value = createCustomCookieValue();\n\t\tHttpServletResponse response = s.getResponse();\n\t\tString cookie = s.getCookie(UNIQUE2U);\n\t\t\n\t\tif(cookie == null || cookie.equals(\"HACKED\")) {\n\t\t\tresponse.setHeader(\"Set-Cookie\", UNIQUE2U + \"=\" + value + \"; HttpOnly\");\n" } } }, "message": { "text": "Assignment to cookie" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 103 }, "region": { "startLine": 181, "snippet": { "text": "\t\t\tResultSet results = statement.executeQuery( STANDARD_QUERY + \" WHERE user_name LIKE '\" + getNameroot( s.getUserName() ) + \"%'\" );" } }, "contextRegion": { "startLine": 178, "endLine": 184, "snippet": { "text": "\n\t\t\tStatement statement = connection.createStatement( ResultSet.TYPE_SCROLL_INSENSITIVE, ResultSet.CONCUR_READ_ONLY );\n\t\t\t\n\t\t\tResultSet results = statement.executeQuery( STANDARD_QUERY + \" WHERE user_name LIKE '\" + getNameroot( s.getUserName() ) + \"%'\" );\n\n\t\t\tif ( ( results != null ) && ( results.first() == true ) )\n\t\t\t{\n" } } }, "message": { "text": "executeQuery(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 103 }, "region": { "startLine": 181, "snippet": { "text": "\t\t\tResultSet results = statement.executeQuery( STANDARD_QUERY + \" WHERE user_name LIKE '\" + getNameroot( s.getUserName() ) + \"%'\" );" } }, "contextRegion": { "startLine": 178, "endLine": 184, "snippet": { "text": "\n\t\t\tStatement statement = connection.createStatement( ResultSet.TYPE_SCROLL_INSENSITIVE, ResultSet.CONCUR_READ_ONLY );\n\t\t\t\n\t\t\tResultSet results = statement.executeQuery( STANDARD_QUERY + \" WHERE user_name LIKE '\" + getNameroot( s.getUserName() ) + \"%'\" );\n\n\t\t\tif ( ( results != null ) && ( results.first() == true ) )\n\t\t\t{\n" } } }, "message": { "text": "Assignment to results" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 103 }, "region": { "startLine": 192, "snippet": { "text": "\t\t\t \"' style='cursor:hand'>\" + results.getString( TITLE_COL ) + \"\";" } }, "contextRegion": { "startLine": 189, "endLine": 195, "snippet": { "text": "\t\t\t\t\tString link = \"\" + results.getString( TITLE_COL ) + \"\";\n\t\t\t\t\tTD td = new TD().addElement( link );\n\t\t\t\t\tTR tr = new TR().addElement( td );\n\t\t\t\t\tt.addElement( tr );\n" } } }, "message": { "text": "getString(this : return)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 103 }, "region": { "startLine": 189, "endLine": 192, "snippet": { "text": "\t\t\t\t\tString link = \"\" + results.getString( TITLE_COL ) + \"\";" } }, "contextRegion": { "startLine": 186, "endLine": 195, "snippet": { "text": "\n\t\t\t\tfor ( int i = 0; results.next(); i++ )\n\t\t\t\t{\n\t\t\t\t\tString link = \"\" + results.getString( TITLE_COL ) + \"\";\n\t\t\t\t\tTD td = new TD().addElement( link );\n\t\t\t\t\tTR tr = new TR().addElement( td );\n\t\t\t\t\tt.addElement( tr );\n" } } }, "message": { "text": "Assignment to link" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 4 }, "region": { "startLine": 75, "snippet": { "text": "\t ResultSet results = statement.executeQuery(QUERY);" } }, "contextRegion": { "startLine": 72, "endLine": 78, "snippet": { "text": "\t Statement statement = connection.createStatement(\n\t\t ResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t ResultSet.CONCUR_READ_ONLY);\n\t ResultSet results = statement.executeQuery(QUERY);\n\n\t if (results != null)\n\t {\n" } } }, "message": { "text": "executeQuery(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 220, "snippet": { "text": "\t ResultSet results = statement3.executeQuery(query);" } }, "contextRegion": { "startLine": 217, "endLine": 223, "snippet": { "text": "\tVector v = new Vector();\n\ttry\n\t{\n\t ResultSet results = statement3.executeQuery(query);\n\n\t while (results.next())\n\t {\n" } } }, "message": { "text": "executeQuery(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 4 }, "region": { "startLine": 75, "snippet": { "text": "\t ResultSet results = statement.executeQuery(QUERY);" } }, "contextRegion": { "startLine": 72, "endLine": 78, "snippet": { "text": "\t Statement statement = connection.createStatement(\n\t\t ResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t ResultSet.CONCUR_READ_ONLY);\n\t ResultSet results = statement.executeQuery(QUERY);\n\n\t if (results != null)\n\t {\n" } } }, "message": { "text": "Assignment to results" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 220, "snippet": { "text": "\t ResultSet results = statement3.executeQuery(query);" } }, "contextRegion": { "startLine": 217, "endLine": 223, "snippet": { "text": "\tVector v = new Vector();\n\ttry\n\t{\n\t ResultSet results = statement3.executeQuery(query);\n\n\t while (results.next())\n\t {\n" } } }, "message": { "text": "Assignment to results" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 224, "snippet": { "text": "\t\tString type = results.getString(\"cc_type\");" } }, "contextRegion": { "startLine": 221, "endLine": 227, "snippet": { "text": "\n\t while (results.next())\n\t {\n\t\tString type = results.getString(\"cc_type\");\n\t\tString num = results.getString(\"cc_number\");\n\t\tv.addElement(type + \"-\" + num);\n\t }\n" } } }, "message": { "text": "getString(this : return)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 4 }, "region": { "startLine": 81, "snippet": { "text": "\t\tec.addElement(DatabaseUtilities.writeTable(results," } }, "contextRegion": { "startLine": 78, "endLine": 84, "snippet": { "text": "\t {\n\t\tmakeSuccess(s);\n\t\tResultSetMetaData resultsMetaData = results.getMetaData();\n\t\tec.addElement(DatabaseUtilities.writeTable(results,\n\t\t\tresultsMetaData));\n\t }\n\t}\n" } } }, "message": { "text": "writeTable(0)" } }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 224, "snippet": { "text": "\t\tString type = results.getString(\"cc_type\");" } }, "contextRegion": { "startLine": 221, "endLine": 227, "snippet": { "text": "\n\t while (results.next())\n\t {\n\t\tString type = results.getString(\"cc_type\");\n\t\tString num = results.getString(\"cc_number\");\n\t\tv.addElement(type + \"-\" + num);\n\t }\n" } } }, "message": { "text": "Assignment to type" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 226, "snippet": { "text": "\t\tv.addElement(type + \"-\" + num);" } }, "contextRegion": { "startLine": 223, "endLine": 229, "snippet": { "text": "\t {\n\t\tString type = results.getString(\"cc_type\");\n\t\tString num = results.getString(\"cc_number\");\n\t\tv.addElement(type + \"-\" + num);\n\t }\n\t if (v.size() > 2)\n\t {\n" } } }, "message": { "text": "addElement(0 : this)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 250, "snippet": { "text": "\t\tElement p = ECSFactory.makePulldown(CREDIT, v);" } }, "contextRegion": { "startLine": 247, "endLine": 253, "snippet": { "text": "\t\ttr\n\t\t\t.addElement(new TD()\n\t\t\t\t.addElement(\"Please select credit card for this purchase: \"));\n\t\tElement p = ECSFactory.makePulldown(CREDIT, v);\n\t\ttr.addElement(new TD().addElement(p).setAlign(\"right\"));\n\t\tt.addElement(tr);\n\n" } } }, "message": { "text": "makePulldown(1)" } }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 205, "snippet": { "text": "\t\tlog(request, \"Could not write error screen: \"" } }, "contextRegion": { "startLine": 202, "endLine": 208, "snippet": { "text": "\t catch (Throwable thr)\n\t {\n\t\tthr.printStackTrace();\n\t\tlog(request, \"Could not write error screen: \"\n\t\t\t+ thr.getMessage());\n\t }\n\t // System.out.println( \"HH Leaving doPost: \" );\n" } } }, "message": { "text": "Read request" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 102 }, "region": { "startLine": 450, "snippet": { "text": "\ts.addElement((String[]) options.toArray(new String[options.size()]));" } }, "contextRegion": { "startLine": 447, "endLine": 453, "snippet": { "text": "\n\tSelect s = new Select(name);\n\n\ts.addElement((String[]) options.toArray(new String[options.size()]));\n\n\treturn (s);\n }\n" } } }, "message": { "text": "toArray(this : return[])" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 225, "snippet": { "text": "\t\tString num = results.getString(\"cc_number\");" } }, "contextRegion": { "startLine": 222, "endLine": 228, "snippet": { "text": "\t while (results.next())\n\t {\n\t\tString type = results.getString(\"cc_type\");\n\t\tString num = results.getString(\"cc_number\");\n\t\tv.addElement(type + \"-\" + num);\n\t }\n\t if (v.size() > 2)\n" } } }, "message": { "text": "getString(this : return)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 225, "snippet": { "text": "\t\tString num = results.getString(\"cc_number\");" } }, "contextRegion": { "startLine": 222, "endLine": 228, "snippet": { "text": "\t while (results.next())\n\t {\n\t\tString type = results.getString(\"cc_type\");\n\t\tString num = results.getString(\"cc_number\");\n\t\tv.addElement(type + \"-\" + num);\n\t }\n\t if (v.size() > 2)\n" } } }, "message": { "text": "Assignment to num" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 225, "snippet": { "text": "\t\tString num = results.getString(\"cc_number\");" } }, "contextRegion": { "startLine": 222, "endLine": 228, "snippet": { "text": "\t while (results.next())\n\t {\n\t\tString type = results.getString(\"cc_type\");\n\t\tString num = results.getString(\"cc_number\");\n\t\tv.addElement(type + \"-\" + num);\n\t }\n\t if (v.size() > 2)\n" } } }, "message": { "text": "Taint change on num" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 142, "snippet": { "text": "\t\t.getParameter(CrossSiteScripting.SALARY));" } }, "contextRegion": { "startLine": 139, "endLine": 145, "snippet": { "text": "\t\t.getParameter(CrossSiteScripting.MANAGER));\n\tString startDate = request.getParameter(CrossSiteScripting.START_DATE);\n\tint salary = Integer.parseInt(request\n\t\t.getParameter(CrossSiteScripting.SALARY));\n\tString ccn = request.getParameter(CrossSiteScripting.CCN);\n\tint ccnLimit = Integer.parseInt(request\n\t\t.getParameter(CrossSiteScripting.CCN_LIMIT));\n" } } }, "message": { "text": "getParameter(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 142, "snippet": { "text": "\t\t.getParameter(CrossSiteScripting.SALARY));" } }, "contextRegion": { "startLine": 139, "endLine": 145, "snippet": { "text": "\t\t.getParameter(CrossSiteScripting.MANAGER));\n\tString startDate = request.getParameter(CrossSiteScripting.START_DATE);\n\tint salary = Integer.parseInt(request\n\t\t.getParameter(CrossSiteScripting.SALARY));\n\tString ccn = request.getParameter(CrossSiteScripting.CCN);\n\tint ccnLimit = Integer.parseInt(request\n\t\t.getParameter(CrossSiteScripting.CCN_LIMIT));\n" } } }, "message": { "text": "parseInt(0 : return)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 141, "snippet": { "text": "\tint salary = Integer.parseInt(request" } }, "contextRegion": { "startLine": 138, "endLine": 144, "snippet": { "text": "\tint manager = Integer.parseInt(request\n\t\t.getParameter(CrossSiteScripting.MANAGER));\n\tString startDate = request.getParameter(CrossSiteScripting.START_DATE);\n\tint salary = Integer.parseInt(request\n\t\t.getParameter(CrossSiteScripting.SALARY));\n\tString ccn = request.getParameter(CrossSiteScripting.CCN);\n\tint ccnLimit = Integer.parseInt(request\n" } } }, "message": { "text": "Assignment to salary" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 154, "snippet": { "text": "\t\ttitle, phone, address1, address2, manager, startDate, salary," } }, "contextRegion": { "startLine": 151, "endLine": 157, "snippet": { "text": "\t\t.getParameter(CrossSiteScripting.DESCRIPTION);\n\n\tEmployee employee = new Employee(subjectId, firstName, lastName, ssn,\n\t\ttitle, phone, address1, address2, manager, startDate, salary,\n\t\tccn, ccnLimit, disciplinaryActionDate, disciplinaryActionNotes,\n\t\tpersonalDescription);\n\n" } } }, "message": { "text": "Employee(10 : this.salary)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 124 }, "region": { "startLine": 97, "snippet": { "text": "\tthis.salary = salary;" } }, "contextRegion": { "startLine": 94, "endLine": 100, "snippet": { "text": "\tthis.address2 = address2;\n\tthis.manager = manager;\n\tthis.startDate = startDate;\n\tthis.salary = salary;\n\tthis.ccn = ccn;\n\tthis.ccnLimit = ccnLimit;\n\tthis.disciplinaryActionDate = disciplinaryActionDate;\n" } } }, "message": { "text": "Assignment to this.salary" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 80, "snippet": { "text": "\t\temployee = parseEmployeeProfile(subjectId, s);" } }, "contextRegion": { "startLine": 77, "endLine": 83, "snippet": { "text": "\t Employee employee = null;\n\t try\n\t {\n\t\temployee = parseEmployeeProfile(subjectId, s);\n\t }\n\t catch (ValidationException e)\n\t {\n" } } }, "message": { "text": "parseEmployeeProfile(return.salary)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 101, "snippet": { "text": "\t\tthis.createEmployeeProfile(s, userId, employee);" } }, "contextRegion": { "startLine": 98, "endLine": 104, "snippet": { "text": "\t\t\t.toString(subjectId));\n\t }\n\t else\n\t\tthis.createEmployeeProfile(s, userId, employee);\n\n\t try\n\t {\n" } } }, "message": { "text": "createEmployeeProfile(2.salary)" } }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 328, "snippet": { "text": "\t\t + employee.getSalary() + \",'\" + employee.getCcn() + \"',\"" } }, "contextRegion": { "startLine": 325, "endLine": 331, "snippet": { "text": "\t\t + \"','\" + employee.getAddress1() + \"','\"\n\t\t + employee.getAddress2() + \"',\" + employee.getManager()\n\t\t + \",'\" + employee.getStartDate() + \"',\"\n\t\t + employee.getSalary() + \",'\" + employee.getCcn() + \"',\"\n\t\t + employee.getCcnLimit() + \",'\"\n\t\t + employee.getDisciplinaryActionDate() + \"','\"\n\t\t + employee.getDisciplinaryActionNotes() + \"','\"\n" } } }, "message": { "text": "getSalary(this.salary : return)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 124 }, "region": { "startLine": 192, "snippet": { "text": "\treturn salary;" } }, "contextRegion": { "startLine": 189, "endLine": 195, "snippet": { "text": "\n public int getSalary()\n {\n\treturn salary;\n }\n\n\n" } } }, "message": { "text": "Return this.salary" } }, "kinds": [ "return", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 103 }, "region": { "startLine": 229, "snippet": { "text": "\t\t\tint messageNum = s.getParser().getIntParameter( NUMBER, 0 );" } }, "contextRegion": { "startLine": 226, "endLine": 232, "snippet": { "text": "\n\t\ttry\n\t\t{\n\t\t\tint messageNum = s.getParser().getIntParameter( NUMBER, 0 );\n\n\t\t\tif ( connection == null )\n\t\t\t{\n" } } }, "message": { "text": "getIntParameter(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 55 }, "region": { "startLine": 80, "snippet": { "text": "\t\tuser = s.getParser().getRawParameter(USERNAME);" } }, "contextRegion": { "startLine": 77, "endLine": 83, "snippet": { "text": "\t{\n\t if (s.getRequest().isUserInRole(WebSession.WEBGOAT_ADMIN))\n\t {\n\t\tuser = s.getParser().getRawParameter(USERNAME);\n\t }\n\t else\n\t {\n" } } }, "message": { "text": "getRawParameter(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 55 }, "region": { "startLine": 80, "snippet": { "text": "\t\tuser = s.getParser().getRawParameter(USERNAME);" } }, "contextRegion": { "startLine": 77, "endLine": 83, "snippet": { "text": "\t{\n\t if (s.getRequest().isUserInRole(WebSession.WEBGOAT_ADMIN))\n\t {\n\t\tuser = s.getParser().getRawParameter(USERNAME);\n\t }\n\t else\n\t {\n" } } }, "message": { "text": "Assignment to user" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 103 }, "region": { "startLine": 229, "snippet": { "text": "\t\t\tint messageNum = s.getParser().getIntParameter( NUMBER, 0 );" } }, "contextRegion": { "startLine": 226, "endLine": 232, "snippet": { "text": "\n\t\ttry\n\t\t{\n\t\t\tint messageNum = s.getParser().getIntParameter( NUMBER, 0 );\n\n\t\t\tif ( connection == null )\n\t\t\t{\n" } } }, "message": { "text": "Assignment to messageNum" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 55 }, "region": { "startLine": 96, "snippet": { "text": "\tec.addElement(makeReportCard(s, user));" } }, "contextRegion": { "startLine": 93, "endLine": 99, "snippet": { "text": "\t}\n\n\tec.addElement(makeFeedback(s));\n\tec.addElement(makeReportCard(s, user));\n\n\treturn ec;\n }\n" } } }, "message": { "text": "makeReportCard(1)" } }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 103 }, "region": { "startLine": 229, "snippet": { "text": "\t\t\tint messageNum = s.getParser().getIntParameter( NUMBER, 0 );" } }, "contextRegion": { "startLine": 226, "endLine": 232, "snippet": { "text": "\n\t\ttry\n\t\t{\n\t\t\tint messageNum = s.getParser().getIntParameter( NUMBER, 0 );\n\n\t\t\tif ( connection == null )\n\t\t\t{\n" } } }, "message": { "text": "Taint change on messageNum" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 94 }, "region": { "startLine": 7, "snippet": { "text": "\t\t\tString searchedName = request.getParameter(CrossSiteScripting.SEARCHNAME);" } }, "contextRegion": { "startLine": 4, "endLine": 10, "snippet": { "text": "\t
\n\t\t\t<% \n\t\t\tWebSession webSession = ((WebSession)session.getAttribute(\"websession\"));\n\t\t\tString searchedName = request.getParameter(CrossSiteScripting.SEARCHNAME);\n\t\t\tif (searchedName != null)\n\t\t\t{\n\t\t\t%>\n" } } }, "message": { "text": "getParameter(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 94 }, "region": { "startLine": 7, "snippet": { "text": "\t\t\tString searchedName = request.getParameter(CrossSiteScripting.SEARCHNAME);" } }, "contextRegion": { "startLine": 4, "endLine": 10, "snippet": { "text": "\t
\n\t\t\t<% \n\t\t\tWebSession webSession = ((WebSession)session.getAttribute(\"websession\"));\n\t\t\tString searchedName = request.getParameter(CrossSiteScripting.SEARCHNAME);\n\t\t\tif (searchedName != null)\n\t\t\t{\n\t\t\t%>\n" } } }, "message": { "text": "Assignment to searchedName" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 79 }, "region": { "startLine": 8, "snippet": { "text": "\t\t
Welcome Back <%=webSession.getUserNameInLesson()%>
" } }, "contextRegion": { "startLine": 5, "endLine": 11, "snippet": { "text": "\tWebSession webSession = ((WebSession)session.getAttribute(\"websession\"));\n\tEmployee employee = (Employee) session.getAttribute(\"SQLInjection.Employee\");\n%>\n\t\t
Welcome Back <%=webSession.getUserNameInLesson()%>
\n\t\t
\n\t\t\t\">\n\t\t\t\t\n" } } }, "message": { "text": "getUserNameInLesson(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 13 }, "region": { "startLine": 234, "snippet": { "text": "\taccountName = s.getParser().getRawParameter(ACCT_NAME, \"Your Name\");" } }, "contextRegion": { "startLine": 231, "endLine": 237, "snippet": { "text": "\tElementContainer ec = new ElementContainer();\n\tec.addElement(new P().addElement(\"Enter your last name: \"));\n\n\taccountName = s.getParser().getRawParameter(ACCT_NAME, \"Your Name\");\n\tInput input = new Input(Input.TEXT, ACCT_NAME, accountName.toString());\n\tec.addElement(input);\n\n" } } }, "message": { "text": "getRawParameter(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 13 }, "region": { "startLine": 234, "snippet": { "text": "\taccountName = s.getParser().getRawParameter(ACCT_NAME, \"Your Name\");" } }, "contextRegion": { "startLine": 231, "endLine": 237, "snippet": { "text": "\tElementContainer ec = new ElementContainer();\n\tec.addElement(new P().addElement(\"Enter your last name: \"));\n\n\taccountName = s.getParser().getRawParameter(ACCT_NAME, \"Your Name\");\n\tInput input = new Input(Input.TEXT, ACCT_NAME, accountName.toString());\n\tec.addElement(input);\n\n" } } }, "message": { "text": "Assignment to this.accountName" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 13 }, "region": { "startLine": 101, "snippet": { "text": "\t ec.addElement(makeAccountLine(s));" } }, "contextRegion": { "startLine": 98, "endLine": 104, "snippet": { "text": "\t\tconnection = DatabaseUtilities.makeConnection(s);\n\t }\n\n\t ec.addElement(makeAccountLine(s));\n\n\t String query = \"SELECT * FROM user_data WHERE last_name = '\"\n\t\t + accountName + \"'\";\n" } } }, "message": { "text": "makeAccountLine(this.accountName)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 13 }, "region": { "startLine": 103, "snippet": { "text": "\t String query = \"SELECT * FROM user_data WHERE last_name = '\"" } }, "contextRegion": { "startLine": 100, "endLine": 106, "snippet": { "text": "\n\t ec.addElement(makeAccountLine(s));\n\n\t String query = \"SELECT * FROM user_data WHERE last_name = '\"\n\t\t + accountName + \"'\";\n\t ec.addElement(new PRE(query));\n\n" } } }, "message": { "text": "Assignment to query" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 436, "snippet": { "text": "\t\t\tt.addElement( makeRow( description, rot13( userInput ), rot13( userInput ) ) );" } }, "contextRegion": { "startLine": 433, "endLine": 439, "snippet": { "text": "\t\t\t\n\t\t\tdescription = \"Rot13 encoding is a way to make text unreadable, but is easily reversed and provides no security.\";\n\n\t\t\tt.addElement( makeRow( description, rot13( userInput ), rot13( userInput ) ) );\n\t\t\t\n\t\t\tdescription = \"XOR with password encoding is a weak encryption scheme that mixes a password into data.\";\n\n" } } }, "message": { "text": "rot13(0 : return)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 844, "snippet": { "text": "\t\t\t\tchar inChar = input.charAt( i );" } }, "contextRegion": { "startLine": 841, "endLine": 847, "snippet": { "text": "\t\t{\n\t\t\tfor ( int i = 0; i < input.length(); i++ )\n\t\t\t{\n\t\t\t\tchar inChar = input.charAt( i );\n\t\t\t\tif ( ( inChar >= 'A' ) & ( inChar <= 'Z' ) )\n\t\t\t\t{\n\t\t\t\t\tinChar += 13;\n" } } }, "message": { "text": "charAt(this : return)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 844, "snippet": { "text": "\t\t\t\tchar inChar = input.charAt( i );" } }, "contextRegion": { "startLine": 841, "endLine": 847, "snippet": { "text": "\t\t{\n\t\t\tfor ( int i = 0; i < input.length(); i++ )\n\t\t\t{\n\t\t\t\tchar inChar = input.charAt( i );\n\t\t\t\tif ( ( inChar >= 'A' ) & ( inChar <= 'Z' ) )\n\t\t\t\t{\n\t\t\t\t\tinChar += 13;\n" } } }, "message": { "text": "Assignment to inChar" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 861, "snippet": { "text": "\t\t\t\toutput.append( inChar );" } }, "contextRegion": { "startLine": 858, "endLine": 864, "snippet": { "text": "\t\t\t\t\t\tinChar -= 26;\n\t\t\t\t\t}\n\t\t\t\t}\n\t\t\t\toutput.append( inChar );\n\t\t\t}\n\t\t}\n\t\treturn output.toString();\n" } } }, "message": { "text": "append(0 : this)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 864, "snippet": { "text": "\t\treturn output.toString();" } }, "contextRegion": { "startLine": 861, "endLine": 867, "snippet": { "text": "\t\t\t\toutput.append( inChar );\n\t\t\t}\n\t\t}\n\t\treturn output.toString();\n\t}\n\n\n" } } }, "message": { "text": "toString(this : return)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 864, "snippet": { "text": "\t\treturn output.toString();" } }, "contextRegion": { "startLine": 861, "endLine": 867, "snippet": { "text": "\t\t\t\toutput.append( inChar );\n\t\t\t}\n\t\t}\n\t\treturn output.toString();\n\t}\n\n\n" } } }, "message": { "text": "Return" } }, "kinds": [ "return", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 436, "snippet": { "text": "\t\t\tt.addElement( makeRow( description, rot13( userInput ), rot13( userInput ) ) );" } }, "contextRegion": { "startLine": 433, "endLine": 439, "snippet": { "text": "\t\t\t\n\t\t\tdescription = \"Rot13 encoding is a way to make text unreadable, but is easily reversed and provides no security.\";\n\n\t\t\tt.addElement( makeRow( description, rot13( userInput ), rot13( userInput ) ) );\n\t\t\t\n\t\t\tdescription = \"XOR with password encoding is a weak encryption scheme that mixes a password into data.\";\n\n" } } }, "message": { "text": "makeRow(2)" } }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 440, "snippet": { "text": "\t\t\tt.addElement( makeRow( description, xorEncode( userInput, userKey ), xorDecode( userInput, userKey ) ) );" } }, "contextRegion": { "startLine": 437, "endLine": 443, "snippet": { "text": "\t\t\t\n\t\t\tdescription = \"XOR with password encoding is a weak encryption scheme that mixes a password into data.\";\n\n\t\t\tt.addElement( makeRow( description, xorEncode( userInput, userKey ), xorDecode( userInput, userKey ) ) );\n\t\t\t\n\t\t\tdescription = \"Double unicode encoding is...\";\n\n" } } }, "message": { "text": "xorDecode(0 : return)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 1007, "snippet": { "text": "\t\t\tString decoded = base64Decode( input );" } }, "contextRegion": { "startLine": 1004, "endLine": 1010, "snippet": { "text": "\t{\n\t\ttry\n\t\t{\n\t\t\tString decoded = base64Decode( input );\n\t\t\treturn new String( xor( decoded, userKey ) );\n\t\t}\n\t\tcatch ( Exception e )\n" } } }, "message": { "text": "base64Decode(0 : return)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 264, "snippet": { "text": "\t\tbyte[] b = decoder.decodeBuffer( str );" } }, "contextRegion": { "startLine": 261, "endLine": 267, "snippet": { "text": "\tpublic static String base64Decode( String str ) throws IOException\n\t{\n\n\t\tbyte[] b = decoder.decodeBuffer( str );\n\n\t\treturn ( new String( b ) );\n\t}\n" } } }, "message": { "text": "decodeBuffer(0 : return[])" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 264, "snippet": { "text": "\t\tbyte[] b = decoder.decodeBuffer( str );" } }, "contextRegion": { "startLine": 261, "endLine": 267, "snippet": { "text": "\tpublic static String base64Decode( String str ) throws IOException\n\t{\n\n\t\tbyte[] b = decoder.decodeBuffer( str );\n\n\t\treturn ( new String( b ) );\n\t}\n" } } }, "message": { "text": "Assignment to b" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 266, "snippet": { "text": "\t\treturn ( new String( b ) );" } }, "contextRegion": { "startLine": 263, "endLine": 269, "snippet": { "text": "\n\t\tbyte[] b = decoder.decodeBuffer( str );\n\n\t\treturn ( new String( b ) );\n\t}\n\n\n" } } }, "message": { "text": "String(0[] : this)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 266, "snippet": { "text": "\t\treturn ( new String( b ) );" } }, "contextRegion": { "startLine": 263, "endLine": 269, "snippet": { "text": "\n\t\tbyte[] b = decoder.decodeBuffer( str );\n\n\t\treturn ( new String( b ) );\n\t}\n\n\n" } } }, "message": { "text": "Return" } }, "kinds": [ "return", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 1007, "snippet": { "text": "\t\t\tString decoded = base64Decode( input );" } }, "contextRegion": { "startLine": 1004, "endLine": 1010, "snippet": { "text": "\t{\n\t\ttry\n\t\t{\n\t\t\tString decoded = base64Decode( input );\n\t\t\treturn new String( xor( decoded, userKey ) );\n\t\t}\n\t\tcatch ( Exception e )\n" } } }, "message": { "text": "Assignment to decoded" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 1008, "snippet": { "text": "\t\t\treturn new String( xor( decoded, userKey ) );" } }, "contextRegion": { "startLine": 1005, "endLine": 1011, "snippet": { "text": "\t\ttry\n\t\t{\n\t\t\tString decoded = base64Decode( input );\n\t\t\treturn new String( xor( decoded, userKey ) );\n\t\t}\n\t\tcatch ( Exception e )\n\t\t{\n" } } }, "message": { "text": "xor(0 : return[])" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 983, "snippet": { "text": "\t\t\tinputChars = input.toCharArray();" } }, "contextRegion": { "startLine": 980, "endLine": 986, "snippet": { "text": "\t\tchar[] outputChars = null;\n\t\tif ( input != null )\n\t\t{\n\t\t\tinputChars = input.toCharArray();\n\t\t\toutputChars = new char[inputChars.length];\n\t\t\tfor ( int i = 0; i < inputChars.length; i++ )\n\t\t\t{\n" } } }, "message": { "text": "toCharArray(this : return[])" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 983, "snippet": { "text": "\t\t\tinputChars = input.toCharArray();" } }, "contextRegion": { "startLine": 980, "endLine": 986, "snippet": { "text": "\t\tchar[] outputChars = null;\n\t\tif ( input != null )\n\t\t{\n\t\t\tinputChars = input.toCharArray();\n\t\t\toutputChars = new char[inputChars.length];\n\t\t\tfor ( int i = 0; i < inputChars.length; i++ )\n\t\t\t{\n" } } }, "message": { "text": "Assignment to inputChars" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 987, "snippet": { "text": "\t\t\t\toutputChars[i] = (char) ( inputChars[i] ^ xorChars[i % keyLen] );" } }, "contextRegion": { "startLine": 984, "endLine": 990, "snippet": { "text": "\t\t\toutputChars = new char[inputChars.length];\n\t\t\tfor ( int i = 0; i < inputChars.length; i++ )\n\t\t\t{\n\t\t\t\toutputChars[i] = (char) ( inputChars[i] ^ xorChars[i % keyLen] );\n\t\t\t}\n\t\t}\n\t\treturn outputChars;\n" } } }, "message": { "text": "Assignment to outputChars[]" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 990, "snippet": { "text": "\t\treturn outputChars;" } }, "contextRegion": { "startLine": 987, "endLine": 993, "snippet": { "text": "\t\t\t\toutputChars[i] = (char) ( inputChars[i] ^ xorChars[i % keyLen] );\n\t\t\t}\n\t\t}\n\t\treturn outputChars;\n\t}\n\n\n" } } }, "message": { "text": "Return outputChars" } }, "kinds": [ "return", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 1008, "snippet": { "text": "\t\t\treturn new String( xor( decoded, userKey ) );" } }, "contextRegion": { "startLine": 1005, "endLine": 1011, "snippet": { "text": "\t\ttry\n\t\t{\n\t\t\tString decoded = base64Decode( input );\n\t\t\treturn new String( xor( decoded, userKey ) );\n\t\t}\n\t\tcatch ( Exception e )\n\t\t{\n" } } }, "message": { "text": "String(0[] : this)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 1008, "snippet": { "text": "\t\t\treturn new String( xor( decoded, userKey ) );" } }, "contextRegion": { "startLine": 1005, "endLine": 1011, "snippet": { "text": "\t\ttry\n\t\t{\n\t\t\tString decoded = base64Decode( input );\n\t\t\treturn new String( xor( decoded, userKey ) );\n\t\t}\n\t\tcatch ( Exception e )\n\t\t{\n" } } }, "message": { "text": "Return" } }, "kinds": [ "return", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 28 }, "region": { "startLine": 324, "snippet": { "text": "\t\tSystem.getProperty(\"line.separator\") };" } }, "contextRegion": { "startLine": 321, "endLine": 327, "snippet": { "text": "\t * screen size, say less than 80 characters. \n\t */\n\tString[] metaChar = { \"&\", \"<\", \">\", \"\\\"\", \"\\t\",\n\t\tSystem.getProperty(\"line.separator\") };\n\n\tString[] htmlCode = { \"&\", \"<\", \">\", \""\", \" \", \"
\" };\n\n" } } }, "message": { "text": "getProperty(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 28 }, "region": { "startLine": 323, "snippet": { "text": "\tString[] metaChar = { \"&\", \"<\", \">\", \"\\\"\", \"\\t\"," } }, "contextRegion": { "startLine": 320, "endLine": 326, "snippet": { "text": "\t * length checking and only do \" \" conversion in lines that won't exceed \n\t * screen size, say less than 80 characters. \n\t */\n\tString[] metaChar = { \"&\", \"<\", \">\", \"\\\"\", \"\\t\",\n\t\tSystem.getProperty(\"line.separator\") };\n\n\tString[] htmlCode = { \"&\", \"<\", \">\", \""\", \" \", \"
\" };\n" } } }, "message": { "text": "Assignment to metaChar" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 440, "snippet": { "text": "\t\t\tt.addElement( makeRow( description, xorEncode( userInput, userKey ), xorDecode( userInput, userKey ) ) );" } }, "contextRegion": { "startLine": 437, "endLine": 443, "snippet": { "text": "\t\t\t\n\t\t\tdescription = \"XOR with password encoding is a weak encryption scheme that mixes a password into data.\";\n\n\t\t\tt.addElement( makeRow( description, xorEncode( userInput, userKey ), xorDecode( userInput, userKey ) ) );\n\t\t\t\n\t\t\tdescription = \"Double unicode encoding is...\";\n\n" } } }, "message": { "text": "makeRow(2)" } }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 88 }, "region": { "startLine": 155, "snippet": { "text": "\t\t\t + SQLInjection.USER_ID, userId);" } }, "contextRegion": { "startLine": 152, "endLine": 158, "snippet": { "text": "\t\t setSessionAttribute(s,\n\t\t\t getLessonName() + \".isAuthenticated\", Boolean.TRUE);\n\t\t setSessionAttribute(s, getLessonName() + \".\"\n\t\t\t + SQLInjection.USER_ID, userId);\n\t\t authenticated = true;\n\t\t}\n\t }\n" } } }, "message": { "text": "setSessionAttribute(2)" } }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 448, "snippet": { "text": "\t\t\tt.addElement( makeRow( description, urlEncode( urlEncode( userInput ) ), urlDecode( urlDecode( userInput ) ) ) );" } }, "contextRegion": { "startLine": 445, "endLine": 451, "snippet": { "text": "\t\t\t\n\t\t\tdescription = \"Double URL encoding is...\";\n\n\t\t\tt.addElement( makeRow( description, urlEncode( urlEncode( userInput ) ), urlDecode( urlDecode( userInput ) ) ) );\n\t\t\t\n\t\t\tec.addElement( t );\n\n" } } }, "message": { "text": "urlDecode(0 : return)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 88 }, "region": { "startLine": 269, "snippet": { "text": "\t String employeeId = s.getParser().getStringParameter(" } }, "contextRegion": { "startLine": 266, "endLine": 272, "snippet": { "text": " {\n\ttry\n\t{\n\t String employeeId = s.getParser().getStringParameter(\n\t\t SQLInjection.EMPLOYEE_ID);\n\t String password = s.getParser().getRawParameter(\n\t\t SQLInjection.PASSWORD);\n" } } }, "message": { "text": "getStringParameter(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 88 }, "region": { "startLine": 269, "snippet": { "text": "\t String employeeId = s.getParser().getStringParameter(" } }, "contextRegion": { "startLine": 266, "endLine": 272, "snippet": { "text": " {\n\ttry\n\t{\n\t String employeeId = s.getParser().getStringParameter(\n\t\t SQLInjection.EMPLOYEE_ID);\n\t String password = s.getParser().getRawParameter(\n\t\t SQLInjection.PASSWORD);\n" } } }, "message": { "text": "Assignment to employeeId" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 88 }, "region": { "startLine": 269, "snippet": { "text": "\t String employeeId = s.getParser().getStringParameter(" } }, "contextRegion": { "startLine": 266, "endLine": 272, "snippet": { "text": " {\n\ttry\n\t{\n\t String employeeId = s.getParser().getStringParameter(\n\t\t SQLInjection.EMPLOYEE_ID);\n\t String password = s.getParser().getRawParameter(\n\t\t SQLInjection.PASSWORD);\n" } } }, "message": { "text": "Taint change on employeeId" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 88 }, "region": { "startLine": 287, "snippet": { "text": "\t\t\t && login_BACKUP(s, employeeId, password))" } }, "contextRegion": { "startLine": 284, "endLine": 290, "snippet": { "text": "\t\t // This assumes the student hasn't modified login_BACKUP().\n\t\t if (Integer.parseInt(employeeId) == SQLInjection.PRIZE_EMPLOYEE_ID\n\t\t\t && !isAuthenticated(s)\n\t\t\t && login_BACKUP(s, employeeId, password))\n\t\t {\n\t\t\ts.setMessage(\"Welcome to stage 3\");\n\t\t\tsetStage(s, 3);\n" } } }, "message": { "text": "login_BACKUP(1)" } }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 88 }, "region": { "startLine": 197, "snippet": { "text": "\t\t\t + SQLInjection.USER_ID, userId);" } }, "contextRegion": { "startLine": 194, "endLine": 200, "snippet": { "text": "\t\t setSessionAttribute(s,\n\t\t\t getLessonName() + \".isAuthenticated\", Boolean.TRUE);\n\t\t setSessionAttribute(s, getLessonName() + \".\"\n\t\t\t + SQLInjection.USER_ID, userId);\n\t\t authenticated = true;\n\t\t}\n\n" } } }, "message": { "text": "setSessionAttribute(2)" } }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 932, "snippet": { "text": "\t\t\treturn ( URLDecoder.decode( str, \"UTF-8\" ) );" } }, "contextRegion": { "startLine": 929, "endLine": 935, "snippet": { "text": "\t{\n\t\ttry\n\t\t{\n\t\t\treturn ( URLDecoder.decode( str, \"UTF-8\" ) );\n\t\t}\n\t\tcatch ( Exception e )\n\t\t{\n" } } }, "message": { "text": "decode(0 : return)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 932, "snippet": { "text": "\t\t\treturn ( URLDecoder.decode( str, \"UTF-8\" ) );" } }, "contextRegion": { "startLine": 929, "endLine": 935, "snippet": { "text": "\t{\n\t\ttry\n\t\t{\n\t\t\treturn ( URLDecoder.decode( str, \"UTF-8\" ) );\n\t\t}\n\t\tcatch ( Exception e )\n\t\t{\n" } } }, "message": { "text": "Return" } }, "kinds": [ "return", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 448, "snippet": { "text": "\t\t\tt.addElement( makeRow( description, urlEncode( urlEncode( userInput ) ), urlDecode( urlDecode( userInput ) ) ) );" } }, "contextRegion": { "startLine": 445, "endLine": 451, "snippet": { "text": "\t\t\t\n\t\t\tdescription = \"Double URL encoding is...\";\n\n\t\t\tt.addElement( makeRow( description, urlEncode( urlEncode( userInput ) ), urlDecode( urlDecode( userInput ) ) ) );\n\t\t\t\n\t\t\tec.addElement( t );\n\n" } } }, "message": { "text": "makeRow(2)" } }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 51 }, "region": { "startLine": 149, "snippet": { "text": "\treturn s.getParser().getRawParameter(name);" } }, "contextRegion": { "startLine": 146, "endLine": 152, "snippet": { "text": " protected String getRequestParameter(WebSession s, String name)\n\t throws ParameterNotFoundException, ValidationException\n {\n\treturn s.getParser().getRawParameter(name);\n }\n\n\n" } } }, "message": { "text": "getRawParameter(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 51 }, "region": { "startLine": 149, "snippet": { "text": "\treturn s.getParser().getRawParameter(name);" } }, "contextRegion": { "startLine": 146, "endLine": 152, "snippet": { "text": " protected String getRequestParameter(WebSession s, String name)\n\t throws ParameterNotFoundException, ValidationException\n {\n\treturn s.getParser().getRawParameter(name);\n }\n\n\n" } } }, "message": { "text": "Return" } }, "kinds": [ "return", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 51 }, "region": { "startLine": 76, "snippet": { "text": "\t\tsearchName = getRequestParameter(s," } }, "contextRegion": { "startLine": 73, "endLine": 79, "snippet": { "text": "\t String searchName = null;\n\t try\n\t {\n\t\tsearchName = getRequestParameter(s,\n\t\t\tCrossSiteScripting.SEARCHNAME);\n\n\t\tEmployee employee = null;\n" } } }, "message": { "text": "getRequestParameter(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 51 }, "region": { "startLine": 76, "snippet": { "text": "\t\tsearchName = getRequestParameter(s," } }, "contextRegion": { "startLine": 73, "endLine": 79, "snippet": { "text": "\t String searchName = null;\n\t try\n\t {\n\t\tsearchName = getRequestParameter(s,\n\t\t\tCrossSiteScripting.SEARCHNAME);\n\n\t\tEmployee employee = null;\n" } } }, "message": { "text": "Assignment to searchName" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 51 }, "region": { "startLine": 81, "snippet": { "text": "\t\temployee = findEmployeeProfile(s, userId, searchName);" } }, "contextRegion": { "startLine": 78, "endLine": 84, "snippet": { "text": "\n\t\tEmployee employee = null;\n\n\t\temployee = findEmployeeProfile(s, userId, searchName);\n\t\tif (employee == null)\n\t\t{\n\t\t setSessionAttribute(s, getLessonName() + \".\"\n" } } }, "message": { "text": "findEmployeeProfile(2)" } }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 12 }, "region": { "startLine": 216, "snippet": { "text": "\t System.out.println(\"Exception caught: \" + e);" } }, "contextRegion": { "startLine": 213, "endLine": 219, "snippet": { "text": "\t}\n\tcatch (Exception e)\n\t{\n\t System.out.println(\"Exception caught: \" + e);\n\t e.printStackTrace(System.out);\n\t}\n }\n" } } }, "message": { "text": "Read e" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 12 }, "region": { "startLine": 216, "snippet": { "text": "\t System.out.println(\"Exception caught: \" + e);" } }, "contextRegion": { "startLine": 213, "endLine": 219, "snippet": { "text": "\t}\n\tcatch (Exception e)\n\t{\n\t System.out.println(\"Exception caught: \" + e);\n\t e.printStackTrace(System.out);\n\t}\n }\n" } } }, "message": { "text": "toString(this : return)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 73 }, "region": { "startLine": 67, "snippet": { "text": "\tint employeeId = s.getParser().getIntParameter(" } }, "contextRegion": { "startLine": 64, "endLine": 70, "snippet": { "text": "\n\tint userId = getIntSessionAttribute(s, getLessonName() + \".\"\n\t\t+ RoleBasedAccessControl.USER_ID);\n\tint employeeId = s.getParser().getIntParameter(\n\t\tRoleBasedAccessControl.EMPLOYEE_ID);\n\n\tif (isAuthenticated(s))\n" } } }, "message": { "text": "getIntParameter(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 73 }, "region": { "startLine": 67, "snippet": { "text": "\tint employeeId = s.getParser().getIntParameter(" } }, "contextRegion": { "startLine": 64, "endLine": 70, "snippet": { "text": "\n\tint userId = getIntSessionAttribute(s, getLessonName() + \".\"\n\t\t+ RoleBasedAccessControl.USER_ID);\n\tint employeeId = s.getParser().getIntParameter(\n\t\tRoleBasedAccessControl.EMPLOYEE_ID);\n\n\tif (isAuthenticated(s))\n" } } }, "message": { "text": "Assignment to employeeId" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 73 }, "region": { "startLine": 67, "snippet": { "text": "\tint employeeId = s.getParser().getIntParameter(" } }, "contextRegion": { "startLine": 64, "endLine": 70, "snippet": { "text": "\n\tint userId = getIntSessionAttribute(s, getLessonName() + \".\"\n\t\t+ RoleBasedAccessControl.USER_ID);\n\tint employeeId = s.getParser().getIntParameter(\n\t\tRoleBasedAccessControl.EMPLOYEE_ID);\n\n\tif (isAuthenticated(s))\n" } } }, "message": { "text": "Taint change on employeeId" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 73 }, "region": { "startLine": 72, "snippet": { "text": "\t deleteEmployeeProfile(s, userId, employeeId);" } }, "contextRegion": { "startLine": 69, "endLine": 75, "snippet": { "text": "\n\tif (isAuthenticated(s))\n\t{\n\t deleteEmployeeProfile(s, userId, employeeId);\n\n\t try\n\t {\n" } } }, "message": { "text": "deleteEmployeeProfile(2)" } }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 73 }, "region": { "startLine": 108, "snippet": { "text": "\t String query = \"DELETE FROM employee WHERE userid = \" + employeeId;" } }, "contextRegion": { "startLine": 105, "endLine": 111, "snippet": { "text": "\ttry\n\t{\n\t // Note: The password field is ONLY set by ChangePassword\n\t String query = \"DELETE FROM employee WHERE userid = \" + employeeId;\n\t //System.out.println(\"Query: \" + query);\n\t try\n\t {\n" } } }, "message": { "text": "Assignment to query" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 110 }, "region": { "startLine": 127, "snippet": { "text": "\t\t tr.addElement(new TD(rs.getString(\"ssn\")));" } }, "contextRegion": { "startLine": 124, "endLine": 130, "snippet": { "text": "\t\t tr = new TR();\n\t\t tr.addElement(new TD(rs.getString(\"userid\")));\n\t\t tr.addElement(new TD(rs.getString(\"password\")));\n\t\t tr.addElement(new TD(rs.getString(\"ssn\")));\n\t\t tr.addElement(new TD(rs.getString(\"salary\")));\n\t\t t.addElement(tr);\n\t\t ec.addElement(t);\n" } } }, "message": { "text": "getString(this : return)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 10 }, "region": { "startLine": 76, "snippet": { "text": "\t\t String amount = s.getParser().getRawParameter(\"amount\", \"\");" } }, "contextRegion": { "startLine": 73, "endLine": 79, "snippet": { "text": "\t\tif (s.getParser().getRawParameter(\"confirm\", \"\").equals(\n\t\t\t\"Confirm\"))\n\t\t{\n\t\t String amount = s.getParser().getRawParameter(\"amount\", \"\");\n\t\t s.getResponse().setContentType(\"text/html\");\n\t\t s.getResponse().setHeader(\"Cache-Control\", \"no-cache\");\n\t\t PrintWriter out = new PrintWriter(s.getResponse()\n" } } }, "message": { "text": "getRawParameter(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 10 }, "region": { "startLine": 76, "snippet": { "text": "\t\t String amount = s.getParser().getRawParameter(\"amount\", \"\");" } }, "contextRegion": { "startLine": 73, "endLine": 79, "snippet": { "text": "\t\tif (s.getParser().getRawParameter(\"confirm\", \"\").equals(\n\t\t\t\"Confirm\"))\n\t\t{\n\t\t String amount = s.getParser().getRawParameter(\"amount\", \"\");\n\t\t s.getResponse().setContentType(\"text/html\");\n\t\t s.getResponse().setHeader(\"Cache-Control\", \"no-cache\");\n\t\t PrintWriter out = new PrintWriter(s.getResponse()\n" } } }, "message": { "text": "Assignment to amount" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 10 }, "region": { "startLine": 87, "snippet": { "text": "\t\t\tresult.append(amount);" } }, "contextRegion": { "startLine": 84, "endLine": 90, "snippet": { "text": "\t\t if (!amount.equals(\"\"))\n\t\t {\n\t\t\tresult.append(\"You have just silently authorized \");\n\t\t\tresult.append(amount);\n\t\t\tresult.append(\"$ without the user interaction.
\");\n\t\t }\n\t\t result\n" } } }, "message": { "text": "append(0 : this)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 10 }, "region": { "startLine": 94, "snippet": { "text": "\t\t out.print(result.toString());" } }, "contextRegion": { "startLine": 91, "endLine": 97, "snippet": { "text": "\t\t\t .append(\"Now you can send out a spam email containing this link and whoever clicks on it
\");\n\t\t result\n\t\t\t .append(\" and happens to be logged in the same time will loose their money !!\");\n\t\t out.print(result.toString());\n\t\t out.flush();\n\t\t out.close();\n\t\t getLessonTracker(s).setCompleted(true);\n" } } }, "message": { "text": "toString(this : return)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 135 }, "region": { "startLine": 176, "snippet": { "text": "\tlang = URLDecoder.decode(s.getParser().getRawParameter(LANGUAGE, \"\")," } }, "contextRegion": { "startLine": 173, "endLine": 179, "snippet": { "text": "\t}\n\tec.addElement(new StringElement(\"Search by country : \"));\n\n\tlang = URLDecoder.decode(s.getParser().getRawParameter(LANGUAGE, \"\"),\n\t\t\"UTF-8\");\n\n\t//add the search by field\n" } } }, "message": { "text": "getRawParameter(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 135 }, "region": { "startLine": 176, "snippet": { "text": "\tlang = URLDecoder.decode(s.getParser().getRawParameter(LANGUAGE, \"\")," } }, "contextRegion": { "startLine": 173, "endLine": 179, "snippet": { "text": "\t}\n\tec.addElement(new StringElement(\"Search by country : \"));\n\n\tlang = URLDecoder.decode(s.getParser().getRawParameter(LANGUAGE, \"\"),\n\t\t\"UTF-8\");\n\n\t//add the search by field\n" } } }, "message": { "text": "decode(0 : return)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 135 }, "region": { "startLine": 176, "snippet": { "text": "\tlang = URLDecoder.decode(s.getParser().getRawParameter(LANGUAGE, \"\")," } }, "contextRegion": { "startLine": 173, "endLine": 179, "snippet": { "text": "\t}\n\tec.addElement(new StringElement(\"Search by country : \"));\n\n\tlang = URLDecoder.decode(s.getParser().getRawParameter(LANGUAGE, \"\"),\n\t\t\"UTF-8\");\n\n\t//add the search by field\n" } } }, "message": { "text": "Assignment to lang" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 135 }, "region": { "startLine": 180, "snippet": { "text": "\tInput input = new Input(Input.TEXT, LANGUAGE, lang.toString());" } }, "contextRegion": { "startLine": 177, "endLine": 183, "snippet": { "text": "\t\t\"UTF-8\");\n\n\t//add the search by field\n\tInput input = new Input(Input.TEXT, LANGUAGE, lang.toString());\n\tec.addElement(input);\n\n\tElement b = ECSFactory.makeButton(\"Search!\");\n" } } }, "message": { "text": "toString(this : return)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 110 }, "region": { "startLine": 125, "snippet": { "text": "\t\t tr.addElement(new TD(rs.getString(\"userid\")));" } }, "contextRegion": { "startLine": 122, "endLine": 128, "snippet": { "text": "\t\t tr.addElement(new TD(\"Salary\"));\n\t\t t.addElement(tr);\n\t\t tr = new TR();\n\t\t tr.addElement(new TD(rs.getString(\"userid\")));\n\t\t tr.addElement(new TD(rs.getString(\"password\")));\n\t\t tr.addElement(new TD(rs.getString(\"ssn\")));\n\t\t tr.addElement(new TD(rs.getString(\"salary\")));\n" } } }, "message": { "text": "getString(this : return)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 74 }, "region": { "startLine": 108, "snippet": { "text": "\t OutputStream processOut = child.getOutputStream();" } }, "contextRegion": { "startLine": 105, "endLine": 111, "snippet": { "text": "\t // get the streams in and out of the command\n\t InputStream processIn = child.getInputStream();\n\t InputStream processError = child.getErrorStream();\n\t OutputStream processOut = child.getOutputStream();\n\n\t // start the clock running\n\t if (timeout > 0)\n" } } }, "message": { "text": "getOutputStream(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 74 }, "region": { "startLine": 108, "snippet": { "text": "\t OutputStream processOut = child.getOutputStream();" } }, "contextRegion": { "startLine": 105, "endLine": 111, "snippet": { "text": "\t // get the streams in and out of the command\n\t InputStream processIn = child.getInputStream();\n\t InputStream processError = child.getErrorStream();\n\t OutputStream processOut = child.getOutputStream();\n\n\t // start the clock running\n\t if (timeout > 0)\n" } } }, "message": { "text": "Assignment to processOut" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 74 }, "region": { "startLine": 297, "snippet": { "text": "\t OutputStream processOut = child.getOutputStream();" } }, "contextRegion": { "startLine": 294, "endLine": 300, "snippet": { "text": "\t // get the streams in and out of the command\n\t InputStream processIn = child.getInputStream();\n\t InputStream processError = child.getErrorStream();\n\t OutputStream processOut = child.getOutputStream();\n\n\t // start the clock running\n\t if (timeout > 0)\n" } } }, "message": { "text": "getOutputStream(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 74 }, "region": { "startLine": 297, "snippet": { "text": "\t OutputStream processOut = child.getOutputStream();" } }, "contextRegion": { "startLine": 294, "endLine": 300, "snippet": { "text": "\t // get the streams in and out of the command\n\t InputStream processIn = child.getInputStream();\n\t InputStream processError = child.getErrorStream();\n\t OutputStream processOut = child.getOutputStream();\n\n\t // start the clock running\n\t if (timeout > 0)\n" } } }, "message": { "text": "Assignment to processOut" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 136, "snippet": { "text": "\tString address1 = request.getParameter(CrossSiteScripting.ADDRESS1);" } }, "contextRegion": { "startLine": 133, "endLine": 139, "snippet": { "text": "\tString ssn = request.getParameter(CrossSiteScripting.SSN);\n\tString title = request.getParameter(CrossSiteScripting.TITLE);\n\tString phone = request.getParameter(CrossSiteScripting.PHONE_NUMBER);\n\tString address1 = request.getParameter(CrossSiteScripting.ADDRESS1);\n\tString address2 = request.getParameter(CrossSiteScripting.ADDRESS2);\n\tint manager = Integer.parseInt(request\n\t\t.getParameter(CrossSiteScripting.MANAGER));\n" } } }, "message": { "text": "getParameter(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 136, "snippet": { "text": "\tString address1 = request.getParameter(CrossSiteScripting.ADDRESS1);" } }, "contextRegion": { "startLine": 133, "endLine": 139, "snippet": { "text": "\tString ssn = request.getParameter(CrossSiteScripting.SSN);\n\tString title = request.getParameter(CrossSiteScripting.TITLE);\n\tString phone = request.getParameter(CrossSiteScripting.PHONE_NUMBER);\n\tString address1 = request.getParameter(CrossSiteScripting.ADDRESS1);\n\tString address2 = request.getParameter(CrossSiteScripting.ADDRESS2);\n\tint manager = Integer.parseInt(request\n\t\t.getParameter(CrossSiteScripting.MANAGER));\n" } } }, "message": { "text": "Assignment to address1" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 154, "snippet": { "text": "\t\ttitle, phone, address1, address2, manager, startDate, salary," } }, "contextRegion": { "startLine": 151, "endLine": 157, "snippet": { "text": "\t\t.getParameter(CrossSiteScripting.DESCRIPTION);\n\n\tEmployee employee = new Employee(subjectId, firstName, lastName, ssn,\n\t\ttitle, phone, address1, address2, manager, startDate, salary,\n\t\tccn, ccnLimit, disciplinaryActionDate, disciplinaryActionNotes,\n\t\tpersonalDescription);\n\n" } } }, "message": { "text": "Employee(6 : this.address1)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 124 }, "region": { "startLine": 93, "snippet": { "text": "\tthis.address1 = address1;" } }, "contextRegion": { "startLine": 90, "endLine": 96, "snippet": { "text": "\tthis.ssn = ssn;\n\tthis.title = title;\n\tthis.phone = phone;\n\tthis.address1 = address1;\n\tthis.address2 = address2;\n\tthis.manager = manager;\n\tthis.startDate = startDate;\n" } } }, "message": { "text": "Assignment to this.address1" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 80, "snippet": { "text": "\t\temployee = parseEmployeeProfile(subjectId, s);" } }, "contextRegion": { "startLine": 77, "endLine": 83, "snippet": { "text": "\t Employee employee = null;\n\t try\n\t {\n\t\temployee = parseEmployeeProfile(subjectId, s);\n\t }\n\t catch (ValidationException e)\n\t {\n" } } }, "message": { "text": "parseEmployeeProfile(return.address1)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 101, "snippet": { "text": "\t\tthis.createEmployeeProfile(s, userId, employee);" } }, "contextRegion": { "startLine": 98, "endLine": 104, "snippet": { "text": "\t\t\t.toString(subjectId));\n\t }\n\t else\n\t\tthis.createEmployeeProfile(s, userId, employee);\n\n\t try\n\t {\n" } } }, "message": { "text": "createEmployeeProfile(2.address1)" } }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 325, "snippet": { "text": "\t\t + \"','\" + employee.getAddress1() + \"','\"" } }, "contextRegion": { "startLine": 322, "endLine": 328, "snippet": { "text": "\t\t + \"','\" + employee.getSsn() + \"','\"\n\t\t + employee.getFirstName().toLowerCase() + \"','\"\n\t\t + employee.getTitle() + \"','\" + employee.getPhoneNumber()\n\t\t + \"','\" + employee.getAddress1() + \"','\"\n\t\t + employee.getAddress2() + \"',\" + employee.getManager()\n\t\t + \",'\" + employee.getStartDate() + \"',\"\n\t\t + employee.getSalary() + \",'\" + employee.getCcn() + \"',\"\n" } } }, "message": { "text": "getAddress1(this.address1 : return)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 124 }, "region": { "startLine": 108, "snippet": { "text": "\treturn address1;" } }, "contextRegion": { "startLine": 105, "endLine": 111, "snippet": { "text": "\n public String getAddress1()\n {\n\treturn address1;\n }\n\n\n" } } }, "message": { "text": "Return this.address1" } }, "kinds": [ "return", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 70 }, "region": { "startLine": 343, "snippet": { "text": "\t System.out.println(\"Exception caught: \" + e);" } }, "contextRegion": { "startLine": 340, "endLine": 346, "snippet": { "text": "\t}\n\tcatch (Exception e)\n\t{\n\t System.out.println(\"Exception caught: \" + e);\n\t e.printStackTrace(System.out);\n\t}\n }\n" } } }, "message": { "text": "Read e" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 70 }, "region": { "startLine": 343, "snippet": { "text": "\t System.out.println(\"Exception caught: \" + e);" } }, "contextRegion": { "startLine": 340, "endLine": 346, "snippet": { "text": "\t}\n\tcatch (Exception e)\n\t{\n\t System.out.println(\"Exception caught: \" + e);\n\t e.printStackTrace(System.out);\n\t}\n }\n" } } }, "message": { "text": "toString(this : return)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 91 }, "region": { "startLine": 133, "snippet": { "text": "\t String message = s.getParser().getRawParameter(MESSAGE, \"\");" } }, "contextRegion": { "startLine": 130, "endLine": 136, "snippet": { "text": "\t t.addElement(tr);\n\n\t tr = new TR();\n\t String message = s.getParser().getRawParameter(MESSAGE, \"\");\n\t TextArea ta = new TextArea(MESSAGE, 5, 40);\n\t ta.addElement(new StringElement(convertMetachars(message)));\n\t tr.addElement(new TD().setAlign(\"LEFT\").addElement(ta));\n" } } }, "message": { "text": "getRawParameter(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 91 }, "region": { "startLine": 133, "snippet": { "text": "\t String message = s.getParser().getRawParameter(MESSAGE, \"\");" } }, "contextRegion": { "startLine": 130, "endLine": 136, "snippet": { "text": "\t t.addElement(tr);\n\n\t tr = new TR();\n\t String message = s.getParser().getRawParameter(MESSAGE, \"\");\n\t TextArea ta = new TextArea(MESSAGE, 5, 40);\n\t ta.addElement(new StringElement(convertMetachars(message)));\n\t tr.addElement(new TD().setAlign(\"LEFT\").addElement(ta));\n" } } }, "message": { "text": "Assignment to message" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 91 }, "region": { "startLine": 135, "snippet": { "text": "\t ta.addElement(new StringElement(convertMetachars(message)));" } }, "contextRegion": { "startLine": 132, "endLine": 138, "snippet": { "text": "\t tr = new TR();\n\t String message = s.getParser().getRawParameter(MESSAGE, \"\");\n\t TextArea ta = new TextArea(MESSAGE, 5, 40);\n\t ta.addElement(new StringElement(convertMetachars(message)));\n\t tr.addElement(new TD().setAlign(\"LEFT\").addElement(ta));\n\t tr.addElement(new TD().setAlign(\"LEFT\").setVAlign(\"MIDDLE\")\n\t\t .addElement(ECSFactory.makeButton(\"Send!\")));\n" } } }, "message": { "text": "convertMetachars(0 : return)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 28 }, "region": { "startLine": 328, "snippet": { "text": "\tString replacedString = token;" } }, "contextRegion": { "startLine": 325, "endLine": 331, "snippet": { "text": "\n\tString[] htmlCode = { \"&\", \"<\", \">\", \""\", \" \", \"
\" };\n\n\tString replacedString = token;\n\tfor (; mci < metaChar.length; mci += 1)\n\t{\n\t replacedString = replacedString.replaceAll(metaChar[mci],\n" } } }, "message": { "text": "Assignment to replacedString" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 28 }, "region": { "startLine": 334, "snippet": { "text": "\treturn (replacedString);" } }, "contextRegion": { "startLine": 331, "endLine": 337, "snippet": { "text": "\t replacedString = replacedString.replaceAll(metaChar[mci],\n\t\t htmlCode[mci]);\n\t}\n\treturn (replacedString);\n }\n\n\n" } } }, "message": { "text": "Return replacedString" } }, "kinds": [ "return", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 91 }, "region": { "startLine": 135, "snippet": { "text": "\t ta.addElement(new StringElement(convertMetachars(message)));" } }, "contextRegion": { "startLine": 132, "endLine": 138, "snippet": { "text": "\t tr = new TR();\n\t String message = s.getParser().getRawParameter(MESSAGE, \"\");\n\t TextArea ta = new TextArea(MESSAGE, 5, 40);\n\t ta.addElement(new StringElement(convertMetachars(message)));\n\t tr.addElement(new TD().setAlign(\"LEFT\").addElement(ta));\n\t tr.addElement(new TD().setAlign(\"LEFT\").setVAlign(\"MIDDLE\")\n\t\t .addElement(ECSFactory.makeButton(\"Send!\")));\n" } } }, "message": { "text": "StringElement(0 : this)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 28 }, "region": { "startLine": 331, "snippet": { "text": "\t replacedString = replacedString.replaceAll(metaChar[mci]," } }, "contextRegion": { "startLine": 328, "endLine": 334, "snippet": { "text": "\tString replacedString = token;\n\tfor (; mci < metaChar.length; mci += 1)\n\t{\n\t replacedString = replacedString.replaceAll(metaChar[mci],\n\t\t htmlCode[mci]);\n\t}\n\treturn (replacedString);\n" } } }, "message": { "text": "replaceAll(this : return)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 28 }, "region": { "startLine": 331, "endLine": 332, "snippet": { "text": "\t replacedString = replacedString.replaceAll(metaChar[mci],\r\n\t\t htmlCode[mci]);" } }, "contextRegion": { "startLine": 328, "endLine": 335, "snippet": { "text": "\tString replacedString = token;\n\tfor (; mci < metaChar.length; mci += 1)\n\t{\n\t replacedString = replacedString.replaceAll(metaChar[mci],\n\t\t htmlCode[mci]);\n\t}\n\treturn (replacedString);\n }\n" } } }, "message": { "text": "Assignment to replacedString" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 95, "snippet": { "text": "\t\tthis.changeEmployeeProfile(s, userId, subjectId, employee);" } }, "contextRegion": { "startLine": 92, "endLine": 98, "snippet": { "text": "\n\t if (subjectId > 0)\n\t {\n\t\tthis.changeEmployeeProfile(s, userId, subjectId, employee);\n\t\tsetRequestAttribute(s, getLessonName() + \".\"\n\t\t\t+ CrossSiteScripting.EMPLOYEE_ID, Integer\n\t\t\t.toString(subjectId));\n" } } }, "message": { "text": "changeEmployeeProfile(3.phone)" } }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 226, "snippet": { "text": "\t\t + employee.getPhoneNumber() + \"', address1 = '\"" } }, "contextRegion": { "startLine": 223, "endLine": 229, "snippet": { "text": "\t\t + employee.getFirstName() + \"', last_name = '\"\n\t\t + employee.getLastName() + \"', ssn = '\" + employee.getSsn()\n\t\t + \"', title = '\" + employee.getTitle() + \"', phone = '\"\n\t\t + employee.getPhoneNumber() + \"', address1 = '\"\n\t\t + employee.getAddress1() + \"', address2 = '\"\n\t\t + employee.getAddress2() + \"', manager = \"\n\t\t + employee.getManager()\n" } } }, "message": { "text": "getPhoneNumber(this.phone : return)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 226, "snippet": { "text": "\t\t + employee.getPhoneNumber() + \"', address1 = '\"" } }, "contextRegion": { "startLine": 223, "endLine": 229, "snippet": { "text": "\t\t + employee.getFirstName() + \"', last_name = '\"\n\t\t + employee.getLastName() + \"', ssn = '\" + employee.getSsn()\n\t\t + \"', title = '\" + employee.getTitle() + \"', phone = '\"\n\t\t + employee.getPhoneNumber() + \"', address1 = '\"\n\t\t + employee.getAddress1() + \"', address2 = '\"\n\t\t + employee.getAddress2() + \"', manager = \"\n\t\t + employee.getManager()\n" } } }, "message": { "text": "Taint change on getPhoneNumber(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 46 }, "region": { "startLine": 521, "snippet": { "text": "\t\t\tthisLink = thisLink + name + \"=\" + request.getParameter(name);" } }, "contextRegion": { "startLine": 518, "endLine": 524, "snippet": { "text": "\t\t\t{\n\t\t\t\tthisLink += \"&\";\n\t\t\t}\n\t\t\tthisLink = thisLink + name + \"=\" + request.getParameter(name);\n\t\t}\n\n\t\treturn thisLink;\n" } } }, "message": { "text": "getParameter(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 46 }, "region": { "startLine": 521, "snippet": { "text": "\t\t\tthisLink = thisLink + name + \"=\" + request.getParameter(name);" } }, "contextRegion": { "startLine": 518, "endLine": 524, "snippet": { "text": "\t\t\t{\n\t\t\t\tthisLink += \"&\";\n\t\t\t}\n\t\t\tthisLink = thisLink + name + \"=\" + request.getParameter(name);\n\t\t}\n\n\t\treturn thisLink;\n" } } }, "message": { "text": "Assignment to thisLink" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 46 }, "region": { "startLine": 524, "snippet": { "text": "\t\treturn thisLink;" } }, "contextRegion": { "startLine": 521, "endLine": 527, "snippet": { "text": "\t\t\tthisLink = thisLink + name + \"=\" + request.getParameter(name);\n\t\t}\n\n\t\treturn thisLink;\n\t}\n\n\tpublic AbstractLesson getCurrentLesson()\n" } } }, "message": { "text": "Return thisLink" } }, "kinds": [ "return", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 16 }, "region": { "startLine": 168, "snippet": { "text": "\t\t\tString thisPage = webSession.getCurrentLink();" } }, "contextRegion": { "startLine": 165, "endLine": 171, "snippet": { "text": "\t\t{\n\t\t\twebSession.getCurrentLesson().setStage(webSession, 5);\n\t\t\t//System.out.println(\"Reloading ViewProfile.jsp for stage 5 transition\");\n\t\t\tString thisPage = webSession.getCurrentLink();\n\t\t\t//System.out.println(\"Redirecting to \" + thisPage);\n\t\t%>\n\t\t\t\n" } } }, "message": { "text": "getCurrentLink(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 16 }, "region": { "startLine": 168, "snippet": { "text": "\t\t\tString thisPage = webSession.getCurrentLink();" } }, "contextRegion": { "startLine": 165, "endLine": 171, "snippet": { "text": "\t\t{\n\t\t\twebSession.getCurrentLesson().setStage(webSession, 5);\n\t\t\t//System.out.println(\"Reloading ViewProfile.jsp for stage 5 transition\");\n\t\t\tString thisPage = webSession.getCurrentLink();\n\t\t\t//System.out.println(\"Redirecting to \" + thisPage);\n\t\t%>\n\t\t\t\n" } } }, "message": { "text": "Assignment to thisPage" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 117 }, "region": { "startLine": 106, "snippet": { "text": "\t\t\t+ thr.getMessage());" } }, "contextRegion": { "startLine": 103, "endLine": 109, "snippet": { "text": "\t {\n\t\tthr.printStackTrace();\n\t\tlog(request, \"Could not write error screen: \"\n\t\t\t+ thr.getMessage());\n\t }\n\t //System.out.println( \"Leaving doPost: \" );\n\n" } } }, "message": { "text": "getMessage(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 117 }, "region": { "startLine": 105, "snippet": { "text": "\t\tlog(request, \"Could not write error screen: \"" } }, "contextRegion": { "startLine": 102, "endLine": 108, "snippet": { "text": "\t catch (Throwable thr)\n\t {\n\t\tthr.printStackTrace();\n\t\tlog(request, \"Could not write error screen: \"\n\t\t\t+ thr.getMessage());\n\t }\n\t //System.out.println( \"Leaving doPost: \" );\n" } } }, "message": { "text": "log(1)" } }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 65 }, "region": { "startLine": 208, "snippet": { "text": "\t\tResultSet results = statement.executeQuery();" } }, "contextRegion": { "startLine": 205, "endLine": 211, "snippet": { "text": "\t\t\tquery, ResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tstatement.setInt(1, Integer.parseInt(station));\n\t\tResultSet results = statement.executeQuery();\n\n\t\tif ((results != null) && (results.first() == true))\n\t\t{\n" } } }, "message": { "text": "executeQuery(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 65 }, "region": { "startLine": 208, "snippet": { "text": "\t\tResultSet results = statement.executeQuery();" } }, "contextRegion": { "startLine": 205, "endLine": 211, "snippet": { "text": "\t\t\tquery, ResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tstatement.setInt(1, Integer.parseInt(station));\n\t\tResultSet results = statement.executeQuery();\n\n\t\tif ((results != null) && (results.first() == true))\n\t\t{\n" } } }, "message": { "text": "Assignment to results" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 65 }, "region": { "startLine": 213, "snippet": { "text": "\t\t ec.addElement(DatabaseUtilities.writeTable(results," } }, "contextRegion": { "startLine": 210, "endLine": 216, "snippet": { "text": "\t\tif ((results != null) && (results.first() == true))\n\t\t{\n\t\t ResultSetMetaData resultsMetaData = results.getMetaData();\n\t\t ec.addElement(DatabaseUtilities.writeTable(results,\n\t\t\t resultsMetaData));\n\t\t results.last();\n\n" } } }, "message": { "text": "writeTable(0)" } }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 13 }, "region": { "startLine": 235, "snippet": { "text": "\tInput input = new Input(Input.TEXT, ACCT_NAME, accountName.toString());" } }, "contextRegion": { "startLine": 232, "endLine": 238, "snippet": { "text": "\tec.addElement(new P().addElement(\"Enter your last name: \"));\n\n\taccountName = s.getParser().getRawParameter(ACCT_NAME, \"Your Name\");\n\tInput input = new Input(Input.TEXT, ACCT_NAME, accountName.toString());\n\tec.addElement(input);\n\n\tElement b = ECSFactory.makeButton(\"Go!\");\n" } } }, "message": { "text": "toString(this : return)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 47 }, "region": { "startLine": 11, "snippet": { "text": "\t\t \"Screen=\" + request.getParameter(\"Screen\") +" } }, "contextRegion": { "startLine": 8, "endLine": 14, "snippet": { "text": "\n\n<% response.sendRedirect(\"/WebGoat/attack?\" +\n\t\t \"Screen=\" + request.getParameter(\"Screen\") +\n\t\t \"&menu=\" + request.getParameter(\"menu\") +\n\t\t \"&fromRedirect=yes&language=\" + request.getParameter(\"language\")); \n%>\n" } } }, "message": { "text": "getParameter(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 65 }, "region": { "startLine": 307, "snippet": { "text": "\t\t String station = results.getString(\"station\");" } }, "contextRegion": { "startLine": 304, "endLine": 310, "snippet": { "text": "\n\t\twhile (results.next())\n\t\t{\n\t\t String station = results.getString(\"station\");\n\t\t String name = results.getString(\"name\");\n\n\t\t //\n" } } }, "message": { "text": "getString(this : return)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 65 }, "region": { "startLine": 307, "snippet": { "text": "\t\t String station = results.getString(\"station\");" } }, "contextRegion": { "startLine": 304, "endLine": 310, "snippet": { "text": "\n\t\twhile (results.next())\n\t\t{\n\t\t String station = results.getString(\"station\");\n\t\t String name = results.getString(\"name\");\n\n\t\t //\n" } } }, "message": { "text": "Assignment to station" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 65 }, "region": { "startLine": 313, "snippet": { "text": "\t\t\tstations.put(station, name);" } }, "contextRegion": { "startLine": 310, "endLine": 316, "snippet": { "text": "\t\t //\n\t\t if (!station.equals(\"10001\") && !station.equals(\"11001\"))\n\t\t {\n\t\t\tstations.put(station, name);\n\t\t }\n\t\t //\n\t\t}\n" } } }, "message": { "text": "put(0 : this.{keys})" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 65 }, "region": { "startLine": 258, "snippet": { "text": "\tMap stations = getStations(s);" } }, "contextRegion": { "startLine": 255, "endLine": 261, "snippet": { "text": "\t\t.addElement(new P()\n\t\t\t.addElement(\"Select your local weather station: \"));\n\n\tMap stations = getStations(s);\n\tSelect select = new Select(STATION_ID);\n\tIterator it = stations.keySet().iterator();\n\twhile (it.hasNext())\n" } } }, "message": { "text": "getStations(return.{keys})" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 65 }, "region": { "startLine": 260, "snippet": { "text": "\tIterator it = stations.keySet().iterator();" } }, "contextRegion": { "startLine": 257, "endLine": 263, "snippet": { "text": "\n\tMap stations = getStations(s);\n\tSelect select = new Select(STATION_ID);\n\tIterator it = stations.keySet().iterator();\n\twhile (it.hasNext())\n\t{\n\t String key = (String) it.next();\n" } } }, "message": { "text": "keySet(this.{keys} : return)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 65 }, "region": { "startLine": 260, "snippet": { "text": "\tIterator it = stations.keySet().iterator();" } }, "contextRegion": { "startLine": 257, "endLine": 263, "snippet": { "text": "\n\tMap stations = getStations(s);\n\tSelect select = new Select(STATION_ID);\n\tIterator it = stations.keySet().iterator();\n\twhile (it.hasNext())\n\t{\n\t String key = (String) it.next();\n" } } }, "message": { "text": "iterator(this : return)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 65 }, "region": { "startLine": 260, "snippet": { "text": "\tIterator it = stations.keySet().iterator();" } }, "contextRegion": { "startLine": 257, "endLine": 263, "snippet": { "text": "\n\tMap stations = getStations(s);\n\tSelect select = new Select(STATION_ID);\n\tIterator it = stations.keySet().iterator();\n\twhile (it.hasNext())\n\t{\n\t String key = (String) it.next();\n" } } }, "message": { "text": "Assignment to it" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 65 }, "region": { "startLine": 263, "snippet": { "text": "\t String key = (String) it.next();" } }, "contextRegion": { "startLine": 260, "endLine": 266, "snippet": { "text": "\tIterator it = stations.keySet().iterator();\n\twhile (it.hasNext())\n\t{\n\t String key = (String) it.next();\n\t select.addElement(new Option(key).addElement((String) stations\n\t\t .get(key)));\n\t}\n" } } }, "message": { "text": "next(this : return)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 65 }, "region": { "startLine": 263, "snippet": { "text": "\t String key = (String) it.next();" } }, "contextRegion": { "startLine": 260, "endLine": 266, "snippet": { "text": "\tIterator it = stations.keySet().iterator();\n\twhile (it.hasNext())\n\t{\n\t String key = (String) it.next();\n\t select.addElement(new Option(key).addElement((String) stations\n\t\t .get(key)));\n\t}\n" } } }, "message": { "text": "Assignment to key" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 65 }, "region": { "startLine": 263, "snippet": { "text": "\t String key = (String) it.next();" } }, "contextRegion": { "startLine": 260, "endLine": 266, "snippet": { "text": "\tIterator it = stations.keySet().iterator();\n\twhile (it.hasNext())\n\t{\n\t String key = (String) it.next();\n\t select.addElement(new Option(key).addElement((String) stations\n\t\t .get(key)));\n\t}\n" } } }, "message": { "text": "Taint change on key" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 164, "snippet": { "text": "\t\thelpFile = helpFile.replaceAll(\"\\\\.help\", \"\\\\.html\");" } }, "contextRegion": { "startLine": 161, "endLine": 167, "snippet": { "text": "\t {\n\t\tString results;\n\t\tString fileData = null;\n\t\thelpFile = helpFile.replaceAll(\"\\\\.help\", \"\\\\.html\");\n\n\t\tif (osName.indexOf(\"Windows\") != -1)\n\t\t{\n" } } }, "message": { "text": "replaceAll(this : return)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 29 }, "region": { "startLine": 164, "snippet": { "text": "\t\thelpFile = helpFile.replaceAll(\"\\\\.help\", \"\\\\.html\");" } }, "contextRegion": { "startLine": 161, "endLine": 167, "snippet": { "text": "\t {\n\t\tString results;\n\t\tString fileData = null;\n\t\thelpFile = helpFile.replaceAll(\"\\\\.help\", \"\\\\.html\");\n\n\t\tif (osName.indexOf(\"Windows\") != -1)\n\t\t{\n" } } }, "message": { "text": "Assignment to helpFile" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 101 }, "region": { "startLine": 72, "snippet": { "text": "\t String firstName = s.getParser().getStringParameter(" } }, "contextRegion": { "startLine": 69, "endLine": 75, "snippet": { "text": "\t int subjectId = s.getParser().getIntParameter(\n\t\t RoleBasedAccessControl.EMPLOYEE_ID, 0);\n\n\t String firstName = s.getParser().getStringParameter(\n\t\t RoleBasedAccessControl.FIRST_NAME);\n\t String lastName = s.getParser().getStringParameter(\n\t\t RoleBasedAccessControl.LAST_NAME);\n" } } }, "message": { "text": "getStringParameter(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 101 }, "region": { "startLine": 72, "snippet": { "text": "\t String firstName = s.getParser().getStringParameter(" } }, "contextRegion": { "startLine": 69, "endLine": 75, "snippet": { "text": "\t int subjectId = s.getParser().getIntParameter(\n\t\t RoleBasedAccessControl.EMPLOYEE_ID, 0);\n\n\t String firstName = s.getParser().getStringParameter(\n\t\t RoleBasedAccessControl.FIRST_NAME);\n\t String lastName = s.getParser().getStringParameter(\n\t\t RoleBasedAccessControl.LAST_NAME);\n" } } }, "message": { "text": "Assignment to firstName" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 101 }, "region": { "startLine": 103, "snippet": { "text": "\t Employee employee = new Employee(subjectId, firstName, lastName," } }, "contextRegion": { "startLine": 100, "endLine": 106, "snippet": { "text": "\t String personalDescription = s.getParser().getStringParameter(\n\t\t RoleBasedAccessControl.DESCRIPTION);\n\n\t Employee employee = new Employee(subjectId, firstName, lastName,\n\t\t ssn, title, phone, address1, address2, manager, startDate,\n\t\t salary, ccn, ccnLimit, disciplinaryActionDate,\n\t\t disciplinaryActionNotes, personalDescription);\n" } } }, "message": { "text": "Employee(1 : this.firstName)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 101 }, "region": { "startLine": 103, "snippet": { "text": "\t Employee employee = new Employee(subjectId, firstName, lastName," } }, "contextRegion": { "startLine": 100, "endLine": 106, "snippet": { "text": "\t String personalDescription = s.getParser().getStringParameter(\n\t\t RoleBasedAccessControl.DESCRIPTION);\n\n\t Employee employee = new Employee(subjectId, firstName, lastName,\n\t\t ssn, title, phone, address1, address2, manager, startDate,\n\t\t salary, ccn, ccnLimit, disciplinaryActionDate,\n\t\t disciplinaryActionNotes, personalDescription);\n" } } }, "message": { "text": "Assignment to employee" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 101 }, "region": { "startLine": 110, "snippet": { "text": "\t\tthis.changeEmployeeProfile(s, userId, subjectId, employee);" } }, "contextRegion": { "startLine": 107, "endLine": 113, "snippet": { "text": "\n\t if (subjectId > 0)\n\t {\n\t\tthis.changeEmployeeProfile(s, userId, subjectId, employee);\n\t\tsetRequestAttribute(s, getLessonName() + \".\"\n\t\t\t+ RoleBasedAccessControl.EMPLOYEE_ID, Integer\n\t\t\t.toString(subjectId));\n" } } }, "message": { "text": "changeEmployeeProfile(3.firstName)" } }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 101 }, "region": { "startLine": 151, "snippet": { "text": "\t\t + employee.getFirstName() + \"', last_name = '\"" } }, "contextRegion": { "startLine": 148, "endLine": 154, "snippet": { "text": "\t{\n\t // Note: The password field is ONLY set by ChangePassword\n\t String query = \"UPDATE employee SET first_name = '\"\n\t\t + employee.getFirstName() + \"', last_name = '\"\n\t\t + employee.getLastName() + \"', ssn = '\" + employee.getSsn()\n\t\t + \"', title = '\" + employee.getTitle() + \"', phone = '\"\n\t\t + employee.getPhoneNumber() + \"', address1 = '\"\n" } } }, "message": { "text": "getFirstName(this.firstName : return)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 124 }, "region": { "startLine": 156, "snippet": { "text": "\treturn firstName;" } }, "contextRegion": { "startLine": 153, "endLine": 159, "snippet": { "text": "\n public String getFirstName()\n {\n\treturn firstName;\n }\n\n\n" } } }, "message": { "text": "Return this.firstName" } }, "kinds": [ "return", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 101 }, "region": { "startLine": 150, "endLine": 169, "snippet": { "text": "\t String query = \"UPDATE employee SET first_name = '\"\r\n\t\t + employee.getFirstName() + \"', last_name = '\"\r\n\t\t + employee.getLastName() + \"', ssn = '\" + employee.getSsn()\r\n\t\t + \"', title = '\" + employee.getTitle() + \"', phone = '\"\r\n\t\t + employee.getPhoneNumber() + \"', address1 = '\"\r\n\t\t + employee.getAddress1() + \"', address2 = '\"\r\n\t\t + employee.getAddress2() + \"', manager = \"\r\n\t\t + employee.getManager()\r\n\t\t + \", start_date = '\"\r\n\t\t + employee.getStartDate()\r\n\t\t + \"', ccn = '\"\r\n\t\t + employee.getCcn()\r\n\t\t + \"', ccn_limit = \"\r\n\t\t + employee.getCcnLimit()\r\n\t\t +\r\n\t\t //\t\"', disciplined_date = '\" + employee.getDisciplinaryActionDate() +\r\n\t\t //\t\"', disciplined_notes = '\" + employee.getDisciplinaryActionNotes() +\r\n\t\t \", personal_description = '\"\r\n\t\t + employee.getPersonalDescription() + \"' WHERE userid = \"\r\n\t\t + subjectId;" } }, "contextRegion": { "startLine": 147, "endLine": 172, "snippet": { "text": "\ttry\n\t{\n\t // Note: The password field is ONLY set by ChangePassword\n\t String query = \"UPDATE employee SET first_name = '\"\n\t\t + employee.getFirstName() + \"', last_name = '\"\n\t\t + employee.getLastName() + \"', ssn = '\" + employee.getSsn()\n\t\t + \"', title = '\" + employee.getTitle() + \"', phone = '\"\n\t\t + employee.getPhoneNumber() + \"', address1 = '\"\n\t\t + employee.getAddress1() + \"', address2 = '\"\n\t\t + employee.getAddress2() + \"', manager = \"\n\t\t + employee.getManager()\n\t\t + \", start_date = '\"\n\t\t + employee.getStartDate()\n\t\t + \"', ccn = '\"\n\t\t + employee.getCcn()\n\t\t + \"', ccn_limit = \"\n\t\t + employee.getCcnLimit()\n\t\t +\n\t\t //\t\"', disciplined_date = '\" + employee.getDisciplinaryActionDate() +\n\t\t //\t\"', disciplined_notes = '\" + employee.getDisciplinaryActionNotes() +\n\t\t \", personal_description = '\"\n\t\t + employee.getPersonalDescription() + \"' WHERE userid = \"\n\t\t + subjectId;\n\t //System.out.println(\"Query: \" + query);\n\t try\n\t {\n" } } }, "message": { "text": "Assignment to query" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 101 }, "region": { "startLine": 74, "snippet": { "text": "\t String lastName = s.getParser().getStringParameter(" } }, "contextRegion": { "startLine": 71, "endLine": 77, "snippet": { "text": "\n\t String firstName = s.getParser().getStringParameter(\n\t\t RoleBasedAccessControl.FIRST_NAME);\n\t String lastName = s.getParser().getStringParameter(\n\t\t RoleBasedAccessControl.LAST_NAME);\n\t String ssn = s.getParser().getStringParameter(\n\t\t RoleBasedAccessControl.SSN);\n" } } }, "message": { "text": "getStringParameter(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 101 }, "region": { "startLine": 74, "snippet": { "text": "\t String lastName = s.getParser().getStringParameter(" } }, "contextRegion": { "startLine": 71, "endLine": 77, "snippet": { "text": "\n\t String firstName = s.getParser().getStringParameter(\n\t\t RoleBasedAccessControl.FIRST_NAME);\n\t String lastName = s.getParser().getStringParameter(\n\t\t RoleBasedAccessControl.LAST_NAME);\n\t String ssn = s.getParser().getStringParameter(\n\t\t RoleBasedAccessControl.SSN);\n" } } }, "message": { "text": "Assignment to lastName" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 101 }, "region": { "startLine": 103, "snippet": { "text": "\t Employee employee = new Employee(subjectId, firstName, lastName," } }, "contextRegion": { "startLine": 100, "endLine": 106, "snippet": { "text": "\t String personalDescription = s.getParser().getStringParameter(\n\t\t RoleBasedAccessControl.DESCRIPTION);\n\n\t Employee employee = new Employee(subjectId, firstName, lastName,\n\t\t ssn, title, phone, address1, address2, manager, startDate,\n\t\t salary, ccn, ccnLimit, disciplinaryActionDate,\n\t\t disciplinaryActionNotes, personalDescription);\n" } } }, "message": { "text": "Employee(2 : this.lastName)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 101 }, "region": { "startLine": 110, "snippet": { "text": "\t\tthis.changeEmployeeProfile(s, userId, subjectId, employee);" } }, "contextRegion": { "startLine": 107, "endLine": 113, "snippet": { "text": "\n\t if (subjectId > 0)\n\t {\n\t\tthis.changeEmployeeProfile(s, userId, subjectId, employee);\n\t\tsetRequestAttribute(s, getLessonName() + \".\"\n\t\t\t+ RoleBasedAccessControl.EMPLOYEE_ID, Integer\n\t\t\t.toString(subjectId));\n" } } }, "message": { "text": "changeEmployeeProfile(3.lastName)" } }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 101 }, "region": { "startLine": 152, "snippet": { "text": "\t\t + employee.getLastName() + \"', ssn = '\" + employee.getSsn()" } }, "contextRegion": { "startLine": 149, "endLine": 155, "snippet": { "text": "\t // Note: The password field is ONLY set by ChangePassword\n\t String query = \"UPDATE employee SET first_name = '\"\n\t\t + employee.getFirstName() + \"', last_name = '\"\n\t\t + employee.getLastName() + \"', ssn = '\" + employee.getSsn()\n\t\t + \"', title = '\" + employee.getTitle() + \"', phone = '\"\n\t\t + employee.getPhoneNumber() + \"', address1 = '\"\n\t\t + employee.getAddress1() + \"', address2 = '\"\n" } } }, "message": { "text": "getLastName(this.lastName : return)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 124 }, "region": { "startLine": 168, "snippet": { "text": "\treturn lastName;" } }, "contextRegion": { "startLine": 165, "endLine": 171, "snippet": { "text": "\n public String getLastName()\n {\n\treturn lastName;\n }\n\n\n" } } }, "message": { "text": "Return this.lastName" } }, "kinds": [ "return", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 101 }, "region": { "startLine": 76, "snippet": { "text": "\t String ssn = s.getParser().getStringParameter(" } }, "contextRegion": { "startLine": 73, "endLine": 79, "snippet": { "text": "\t\t RoleBasedAccessControl.FIRST_NAME);\n\t String lastName = s.getParser().getStringParameter(\n\t\t RoleBasedAccessControl.LAST_NAME);\n\t String ssn = s.getParser().getStringParameter(\n\t\t RoleBasedAccessControl.SSN);\n\t String title = s.getParser().getStringParameter(\n\t\t RoleBasedAccessControl.TITLE);\n" } } }, "message": { "text": "getStringParameter(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 101 }, "region": { "startLine": 76, "snippet": { "text": "\t String ssn = s.getParser().getStringParameter(" } }, "contextRegion": { "startLine": 73, "endLine": 79, "snippet": { "text": "\t\t RoleBasedAccessControl.FIRST_NAME);\n\t String lastName = s.getParser().getStringParameter(\n\t\t RoleBasedAccessControl.LAST_NAME);\n\t String ssn = s.getParser().getStringParameter(\n\t\t RoleBasedAccessControl.SSN);\n\t String title = s.getParser().getStringParameter(\n\t\t RoleBasedAccessControl.TITLE);\n" } } }, "message": { "text": "Assignment to ssn" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 101 }, "region": { "startLine": 104, "snippet": { "text": "\t\t ssn, title, phone, address1, address2, manager, startDate," } }, "contextRegion": { "startLine": 101, "endLine": 107, "snippet": { "text": "\t\t RoleBasedAccessControl.DESCRIPTION);\n\n\t Employee employee = new Employee(subjectId, firstName, lastName,\n\t\t ssn, title, phone, address1, address2, manager, startDate,\n\t\t salary, ccn, ccnLimit, disciplinaryActionDate,\n\t\t disciplinaryActionNotes, personalDescription);\n\n" } } }, "message": { "text": "Employee(3 : this.ssn)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 101 }, "region": { "startLine": 110, "snippet": { "text": "\t\tthis.changeEmployeeProfile(s, userId, subjectId, employee);" } }, "contextRegion": { "startLine": 107, "endLine": 113, "snippet": { "text": "\n\t if (subjectId > 0)\n\t {\n\t\tthis.changeEmployeeProfile(s, userId, subjectId, employee);\n\t\tsetRequestAttribute(s, getLessonName() + \".\"\n\t\t\t+ RoleBasedAccessControl.EMPLOYEE_ID, Integer\n\t\t\t.toString(subjectId));\n" } } }, "message": { "text": "changeEmployeeProfile(3.ssn)" } }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 101 }, "region": { "startLine": 152, "snippet": { "text": "\t\t + employee.getLastName() + \"', ssn = '\" + employee.getSsn()" } }, "contextRegion": { "startLine": 149, "endLine": 155, "snippet": { "text": "\t // Note: The password field is ONLY set by ChangePassword\n\t String query = \"UPDATE employee SET first_name = '\"\n\t\t + employee.getFirstName() + \"', last_name = '\"\n\t\t + employee.getLastName() + \"', ssn = '\" + employee.getSsn()\n\t\t + \"', title = '\" + employee.getTitle() + \"', phone = '\"\n\t\t + employee.getPhoneNumber() + \"', address1 = '\"\n\t\t + employee.getAddress1() + \"', address2 = '\"\n" } } }, "message": { "text": "getSsn(this.ssn : return)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 101 }, "region": { "startLine": 78, "snippet": { "text": "\t String title = s.getParser().getStringParameter(" } }, "contextRegion": { "startLine": 75, "endLine": 81, "snippet": { "text": "\t\t RoleBasedAccessControl.LAST_NAME);\n\t String ssn = s.getParser().getStringParameter(\n\t\t RoleBasedAccessControl.SSN);\n\t String title = s.getParser().getStringParameter(\n\t\t RoleBasedAccessControl.TITLE);\n\t String phone = s.getParser().getStringParameter(\n\t\t RoleBasedAccessControl.PHONE_NUMBER);\n" } } }, "message": { "text": "getStringParameter(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 101 }, "region": { "startLine": 78, "snippet": { "text": "\t String title = s.getParser().getStringParameter(" } }, "contextRegion": { "startLine": 75, "endLine": 81, "snippet": { "text": "\t\t RoleBasedAccessControl.LAST_NAME);\n\t String ssn = s.getParser().getStringParameter(\n\t\t RoleBasedAccessControl.SSN);\n\t String title = s.getParser().getStringParameter(\n\t\t RoleBasedAccessControl.TITLE);\n\t String phone = s.getParser().getStringParameter(\n\t\t RoleBasedAccessControl.PHONE_NUMBER);\n" } } }, "message": { "text": "Assignment to title" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 101 }, "region": { "startLine": 104, "snippet": { "text": "\t\t ssn, title, phone, address1, address2, manager, startDate," } }, "contextRegion": { "startLine": 101, "endLine": 107, "snippet": { "text": "\t\t RoleBasedAccessControl.DESCRIPTION);\n\n\t Employee employee = new Employee(subjectId, firstName, lastName,\n\t\t ssn, title, phone, address1, address2, manager, startDate,\n\t\t salary, ccn, ccnLimit, disciplinaryActionDate,\n\t\t disciplinaryActionNotes, personalDescription);\n\n" } } }, "message": { "text": "Employee(4 : this.title)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 101 }, "region": { "startLine": 110, "snippet": { "text": "\t\tthis.changeEmployeeProfile(s, userId, subjectId, employee);" } }, "contextRegion": { "startLine": 107, "endLine": 113, "snippet": { "text": "\n\t if (subjectId > 0)\n\t {\n\t\tthis.changeEmployeeProfile(s, userId, subjectId, employee);\n\t\tsetRequestAttribute(s, getLessonName() + \".\"\n\t\t\t+ RoleBasedAccessControl.EMPLOYEE_ID, Integer\n\t\t\t.toString(subjectId));\n" } } }, "message": { "text": "changeEmployeeProfile(3.title)" } }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 101 }, "region": { "startLine": 153, "snippet": { "text": "\t\t + \"', title = '\" + employee.getTitle() + \"', phone = '\"" } }, "contextRegion": { "startLine": 150, "endLine": 156, "snippet": { "text": "\t String query = \"UPDATE employee SET first_name = '\"\n\t\t + employee.getFirstName() + \"', last_name = '\"\n\t\t + employee.getLastName() + \"', ssn = '\" + employee.getSsn()\n\t\t + \"', title = '\" + employee.getTitle() + \"', phone = '\"\n\t\t + employee.getPhoneNumber() + \"', address1 = '\"\n\t\t + employee.getAddress1() + \"', address2 = '\"\n\t\t + employee.getAddress2() + \"', manager = \"\n" } } }, "message": { "text": "getTitle(this.title : return)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 101 }, "region": { "startLine": 82, "snippet": { "text": "\t String address1 = s.getParser().getStringParameter(" } }, "contextRegion": { "startLine": 79, "endLine": 85, "snippet": { "text": "\t\t RoleBasedAccessControl.TITLE);\n\t String phone = s.getParser().getStringParameter(\n\t\t RoleBasedAccessControl.PHONE_NUMBER);\n\t String address1 = s.getParser().getStringParameter(\n\t\t RoleBasedAccessControl.ADDRESS1);\n\t String address2 = s.getParser().getStringParameter(\n\t\t RoleBasedAccessControl.ADDRESS2);\n" } } }, "message": { "text": "getStringParameter(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 101 }, "region": { "startLine": 82, "snippet": { "text": "\t String address1 = s.getParser().getStringParameter(" } }, "contextRegion": { "startLine": 79, "endLine": 85, "snippet": { "text": "\t\t RoleBasedAccessControl.TITLE);\n\t String phone = s.getParser().getStringParameter(\n\t\t RoleBasedAccessControl.PHONE_NUMBER);\n\t String address1 = s.getParser().getStringParameter(\n\t\t RoleBasedAccessControl.ADDRESS1);\n\t String address2 = s.getParser().getStringParameter(\n\t\t RoleBasedAccessControl.ADDRESS2);\n" } } }, "message": { "text": "Assignment to address1" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 101 }, "region": { "startLine": 104, "snippet": { "text": "\t\t ssn, title, phone, address1, address2, manager, startDate," } }, "contextRegion": { "startLine": 101, "endLine": 107, "snippet": { "text": "\t\t RoleBasedAccessControl.DESCRIPTION);\n\n\t Employee employee = new Employee(subjectId, firstName, lastName,\n\t\t ssn, title, phone, address1, address2, manager, startDate,\n\t\t salary, ccn, ccnLimit, disciplinaryActionDate,\n\t\t disciplinaryActionNotes, personalDescription);\n\n" } } }, "message": { "text": "Employee(6 : this.address1)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 101 }, "region": { "startLine": 110, "snippet": { "text": "\t\tthis.changeEmployeeProfile(s, userId, subjectId, employee);" } }, "contextRegion": { "startLine": 107, "endLine": 113, "snippet": { "text": "\n\t if (subjectId > 0)\n\t {\n\t\tthis.changeEmployeeProfile(s, userId, subjectId, employee);\n\t\tsetRequestAttribute(s, getLessonName() + \".\"\n\t\t\t+ RoleBasedAccessControl.EMPLOYEE_ID, Integer\n\t\t\t.toString(subjectId));\n" } } }, "message": { "text": "changeEmployeeProfile(3.address1)" } }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 101 }, "region": { "startLine": 155, "snippet": { "text": "\t\t + employee.getAddress1() + \"', address2 = '\"" } }, "contextRegion": { "startLine": 152, "endLine": 158, "snippet": { "text": "\t\t + employee.getLastName() + \"', ssn = '\" + employee.getSsn()\n\t\t + \"', title = '\" + employee.getTitle() + \"', phone = '\"\n\t\t + employee.getPhoneNumber() + \"', address1 = '\"\n\t\t + employee.getAddress1() + \"', address2 = '\"\n\t\t + employee.getAddress2() + \"', manager = \"\n\t\t + employee.getManager()\n\t\t + \", start_date = '\"\n" } } }, "message": { "text": "getAddress1(this.address1 : return)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 95, "snippet": { "text": "\t\tthis.changeEmployeeProfile(s, userId, subjectId, employee);" } }, "contextRegion": { "startLine": 92, "endLine": 98, "snippet": { "text": "\n\t if (subjectId > 0)\n\t {\n\t\tthis.changeEmployeeProfile(s, userId, subjectId, employee);\n\t\tsetRequestAttribute(s, getLessonName() + \".\"\n\t\t\t+ CrossSiteScripting.EMPLOYEE_ID, Integer\n\t\t\t.toString(subjectId));\n" } } }, "message": { "text": "changeEmployeeProfile(3.manager)" } }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 229, "snippet": { "text": "\t\t + employee.getManager()" } }, "contextRegion": { "startLine": 226, "endLine": 232, "snippet": { "text": "\t\t + employee.getPhoneNumber() + \"', address1 = '\"\n\t\t + employee.getAddress1() + \"', address2 = '\"\n\t\t + employee.getAddress2() + \"', manager = \"\n\t\t + employee.getManager()\n\t\t + \", start_date = '\"\n\t\t + employee.getStartDate()\n\t\t + \"', ccn = '\"\n" } } }, "message": { "text": "getManager(this.manager : return)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 54 }, "region": { "startLine": 231, "snippet": { "text": "\t\tec.addElement(DatabaseUtilities.writeTable(results," } }, "contextRegion": { "startLine": 228, "endLine": 234, "snippet": { "text": "\t if (v.size() > 2)\n\t {\n\t\tResultSetMetaData resultsMetaData = results.getMetaData();\n\t\tec.addElement(DatabaseUtilities.writeTable(results,\n\t\t\tresultsMetaData));\n\t\tec.addElement(ECSFactory.makeButton(PROCEED_TO_NEXT_STAGE\n\t\t\t+ \"(3)\"));\n" } } }, "message": { "text": "writeTable(0)" } }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 103 }, "region": { "startLine": 241, "snippet": { "text": "\t\t\tResultSet results = statement.executeQuery();" } }, "contextRegion": { "startLine": 238, "endLine": 244, "snippet": { "text": "\t\t\tPreparedStatement statement = connection.prepareStatement( query, ResultSet.TYPE_SCROLL_INSENSITIVE, ResultSet.CONCUR_READ_ONLY );\n\t\t\tstatement.setString(1, getNameroot( s.getUserName() ) + \"%\");\n\t\t\tstatement.setInt(2, messageNum);\n\t\t\tResultSet results = statement.executeQuery();\n\n\t\t\tif ( ( results != null ) && results.first() )\n\t\t\t{\n" } } }, "message": { "text": "executeQuery(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 103 }, "region": { "startLine": 241, "snippet": { "text": "\t\t\tResultSet results = statement.executeQuery();" } }, "contextRegion": { "startLine": 238, "endLine": 244, "snippet": { "text": "\t\t\tPreparedStatement statement = connection.prepareStatement( query, ResultSet.TYPE_SCROLL_INSENSITIVE, ResultSet.CONCUR_READ_ONLY );\n\t\t\tstatement.setString(1, getNameroot( s.getUserName() ) + \"%\");\n\t\t\tstatement.setInt(2, messageNum);\n\t\t\tResultSet results = statement.executeQuery();\n\n\t\t\tif ( ( results != null ) && results.first() )\n\t\t\t{\n" } } }, "message": { "text": "Assignment to results" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 103 }, "region": { "startLine": 248, "snippet": { "text": "\t\t\t\trow1.addElement( new TD( new StringElement( results.getString( TITLE_COL ) ) ) );" } }, "contextRegion": { "startLine": 245, "endLine": 251, "snippet": { "text": "\t\t\t\tec.addElement( new H1( \"Message Contents For: \" + results.getString( TITLE_COL )) );\n\t\t\t\tTable t = new Table( 0 ).setCellSpacing( 0 ).setCellPadding( 0 ).setBorder( 0 );\n\t\t\t\tTR row1 = new TR( new TD( new B(new StringElement( \"Title:\" )) ) );\n\t\t\t\trow1.addElement( new TD( new StringElement( results.getString( TITLE_COL ) ) ) );\n\t\t\t\tt.addElement( row1 );\n\n\t\t\t\tString messageData = results.getString( MESSAGE_COL );\n" } } }, "message": { "text": "getString(this : return)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 103 }, "region": { "startLine": 248, "snippet": { "text": "\t\t\t\trow1.addElement( new TD( new StringElement( results.getString( TITLE_COL ) ) ) );" } }, "contextRegion": { "startLine": 245, "endLine": 251, "snippet": { "text": "\t\t\t\tec.addElement( new H1( \"Message Contents For: \" + results.getString( TITLE_COL )) );\n\t\t\t\tTable t = new Table( 0 ).setCellSpacing( 0 ).setCellPadding( 0 ).setBorder( 0 );\n\t\t\t\tTR row1 = new TR( new TD( new B(new StringElement( \"Title:\" )) ) );\n\t\t\t\trow1.addElement( new TD( new StringElement( results.getString( TITLE_COL ) ) ) );\n\t\t\t\tt.addElement( row1 );\n\n\t\t\t\tString messageData = results.getString( MESSAGE_COL );\n" } } }, "message": { "text": "StringElement(0 : this)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 103 }, "region": { "startLine": 251, "snippet": { "text": "\t\t\t\tString messageData = results.getString( MESSAGE_COL );" } }, "contextRegion": { "startLine": 248, "endLine": 254, "snippet": { "text": "\t\t\t\trow1.addElement( new TD( new StringElement( results.getString( TITLE_COL ) ) ) );\n\t\t\t\tt.addElement( row1 );\n\n\t\t\t\tString messageData = results.getString( MESSAGE_COL );\n\t\t\t\tTR row2 = new TR( new TD( new B(new StringElement( \"Message:\" )) ) );\n\t\t\t\trow2.addElement( new TD( new StringElement( messageData ) ) );\n\t\t\t\tt.addElement( row2 );\n" } } }, "message": { "text": "getString(this : return)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 103 }, "region": { "startLine": 251, "snippet": { "text": "\t\t\t\tString messageData = results.getString( MESSAGE_COL );" } }, "contextRegion": { "startLine": 248, "endLine": 254, "snippet": { "text": "\t\t\t\trow1.addElement( new TD( new StringElement( results.getString( TITLE_COL ) ) ) );\n\t\t\t\tt.addElement( row1 );\n\n\t\t\t\tString messageData = results.getString( MESSAGE_COL );\n\t\t\t\tTR row2 = new TR( new TD( new B(new StringElement( \"Message:\" )) ) );\n\t\t\t\trow2.addElement( new TD( new StringElement( messageData ) ) );\n\t\t\t\tt.addElement( row2 );\n" } } }, "message": { "text": "Assignment to messageData" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 103 }, "region": { "startLine": 253, "snippet": { "text": "\t\t\t\trow2.addElement( new TD( new StringElement( messageData ) ) );" } }, "contextRegion": { "startLine": 250, "endLine": 256, "snippet": { "text": "\n\t\t\t\tString messageData = results.getString( MESSAGE_COL );\n\t\t\t\tTR row2 = new TR( new TD( new B(new StringElement( \"Message:\" )) ) );\n\t\t\t\trow2.addElement( new TD( new StringElement( messageData ) ) );\n\t\t\t\tt.addElement( row2 );\n\t\t\t\t\t\t\t\t\t\t\t\n\t\t\t\tTR row3 = new TR( new TD( new StringElement( \"Posted By:\" ) ) );\n" } } }, "message": { "text": "StringElement(0 : this)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 103 }, "region": { "startLine": 257, "snippet": { "text": "\t\t\t\trow3.addElement( new TD( new StringElement( results.getString( USER_COL ) ) ) );" } }, "contextRegion": { "startLine": 254, "endLine": 260, "snippet": { "text": "\t\t\t\tt.addElement( row2 );\n\t\t\t\t\t\t\t\t\t\t\t\n\t\t\t\tTR row3 = new TR( new TD( new StringElement( \"Posted By:\" ) ) );\n\t\t\t\trow3.addElement( new TD( new StringElement( results.getString( USER_COL ) ) ) );\n\t\t\t\tt.addElement( row3 );\n\t\t\t\t\t\t\t\t\n\t\t\t\tec.addElement( t );\n" } } }, "message": { "text": "getString(this : return)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 103 }, "region": { "startLine": 257, "snippet": { "text": "\t\t\t\trow3.addElement( new TD( new StringElement( results.getString( USER_COL ) ) ) );" } }, "contextRegion": { "startLine": 254, "endLine": 260, "snippet": { "text": "\t\t\t\tt.addElement( row2 );\n\t\t\t\t\t\t\t\t\t\t\t\n\t\t\t\tTR row3 = new TR( new TD( new StringElement( \"Posted By:\" ) ) );\n\t\t\t\trow3.addElement( new TD( new StringElement( results.getString( USER_COL ) ) ) );\n\t\t\t\tt.addElement( row3 );\n\t\t\t\t\t\t\t\t\n\t\t\t\tec.addElement( t );\n" } } }, "message": { "text": "StringElement(0 : this)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 126 }, "region": { "startLine": 8, "snippet": { "text": "\t
Welcome Back <%=webSession.getUserNameInLesson()%> - Staff Listing Page
" } }, "contextRegion": { "startLine": 5, "endLine": 11, "snippet": { "text": "\tWebSession webSession = ((WebSession)session.getAttribute(\"websession\"));\n\tint myUserId = webSession.getUserIdInLesson();\n%>\n\t
Welcome Back <%=webSession.getUserNameInLesson()%> - Staff Listing Page
\n\t\t
\n\t\t
\n\t\t
\n" } } }, "message": { "text": "getUserNameInLesson(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 448, "snippet": { "text": "\t\t\tt.addElement( makeRow( description, urlEncode( urlEncode( userInput ) ), urlDecode( urlDecode( userInput ) ) ) );" } }, "contextRegion": { "startLine": 445, "endLine": 451, "snippet": { "text": "\t\t\t\n\t\t\tdescription = \"Double URL encoding is...\";\n\n\t\t\tt.addElement( makeRow( description, urlEncode( urlEncode( userInput ) ), urlDecode( urlDecode( userInput ) ) ) );\n\t\t\t\n\t\t\tec.addElement( t );\n\n" } } }, "message": { "text": "urlEncode(0 : return)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 953, "snippet": { "text": "\t\t\treturn ( URLEncoder.encode( str, \"UTF-8\" ) );" } }, "contextRegion": { "startLine": 950, "endLine": 956, "snippet": { "text": "\t{\n\t\ttry\n\t\t{\n\t\t\treturn ( URLEncoder.encode( str, \"UTF-8\" ) );\n\t\t}\n\t\tcatch ( Exception e )\n\t\t{\n" } } }, "message": { "text": "encode(0 : return)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 953, "snippet": { "text": "\t\t\treturn ( URLEncoder.encode( str, \"UTF-8\" ) );" } }, "contextRegion": { "startLine": 950, "endLine": 956, "snippet": { "text": "\t{\n\t\ttry\n\t\t{\n\t\t\treturn ( URLEncoder.encode( str, \"UTF-8\" ) );\n\t\t}\n\t\tcatch ( Exception e )\n\t\t{\n" } } }, "message": { "text": "Return" } }, "kinds": [ "return", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 448, "snippet": { "text": "\t\t\tt.addElement( makeRow( description, urlEncode( urlEncode( userInput ) ), urlDecode( urlDecode( userInput ) ) ) );" } }, "contextRegion": { "startLine": 445, "endLine": 451, "snippet": { "text": "\t\t\t\n\t\t\tdescription = \"Double URL encoding is...\";\n\n\t\t\tt.addElement( makeRow( description, urlEncode( urlEncode( userInput ) ), urlDecode( urlDecode( userInput ) ) ) );\n\t\t\t\n\t\t\tec.addElement( t );\n\n" } } }, "message": { "text": "makeRow(1)" } }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 42 }, "region": { "startLine": 54, "snippet": { "text": "\t\t\t \t\t\" type=\"text\" value=\"<%=employee.getSsn()%>\"/> " } }, "contextRegion": { "startLine": 51, "endLine": 57, "snippet": { "text": "\t\t\t \t\tSSN: \n\t\t\t \t\n\t\t\t \t\n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t \t\n\t\t\t\t\t\n\t\t\t \t\n\t\t\t\t\t
\n\t\t\t \t\t\" type=\"text\" value=\"<%=employee.getSsn()%>\"/> \n\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\tSalary: \n" } } }, "message": { "text": "Read org.owasp.webgoat.lessons.CrossSiteScripting.CrossSiteScripting.SSN" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 21 }, "region": { "startLine": 65, "snippet": { "text": "\t person = new StringBuffer(s.getParser().getStringParameter(PERSON," } }, "contextRegion": { "startLine": 62, "endLine": 68, "snippet": { "text": "\t{\n\t ec.addElement(new StringElement(\"Enter your name: \"));\n\n\t person = new StringBuffer(s.getParser().getStringParameter(PERSON,\n\t\t \"\"));\n\t person.reverse();\n\n" } } }, "message": { "text": "getStringParameter(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 21 }, "region": { "startLine": 65, "snippet": { "text": "\t person = new StringBuffer(s.getParser().getStringParameter(PERSON," } }, "contextRegion": { "startLine": 62, "endLine": 68, "snippet": { "text": "\t{\n\t ec.addElement(new StringElement(\"Enter your name: \"));\n\n\t person = new StringBuffer(s.getParser().getStringParameter(PERSON,\n\t\t \"\"));\n\t person.reverse();\n\n" } } }, "message": { "text": "StringBuffer(0 : this)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 21 }, "region": { "startLine": 65, "snippet": { "text": "\t person = new StringBuffer(s.getParser().getStringParameter(PERSON," } }, "contextRegion": { "startLine": 62, "endLine": 68, "snippet": { "text": "\t{\n\t ec.addElement(new StringElement(\"Enter your name: \"));\n\n\t person = new StringBuffer(s.getParser().getStringParameter(PERSON,\n\t\t \"\"));\n\t person.reverse();\n\n" } } }, "message": { "text": "Assignment to person" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 21 }, "region": { "startLine": 69, "snippet": { "text": "\t Input input = new Input(Input.TEXT, PERSON, person.toString());" } }, "contextRegion": { "startLine": 66, "endLine": 72, "snippet": { "text": "\t\t \"\"));\n\t person.reverse();\n\n\t Input input = new Input(Input.TEXT, PERSON, person.toString());\n\t ec.addElement(input);\n\n\t Element b = ECSFactory.makeButton(\"Go!\");\n" } } }, "message": { "text": "toString(this : return)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 193, "snippet": { "text": "\t log(\"ERROR: \" + t);" } }, "contextRegion": { "startLine": 190, "endLine": 196, "snippet": { "text": "\tcatch (Throwable t)\n\t{\n\t t.printStackTrace();\n\t log(\"ERROR: \" + t);\n\t screen = new ErrorScreen(mySession, t);\n\t}\n\tfinally\n" } } }, "message": { "text": "Read t" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 193, "snippet": { "text": "\t log(\"ERROR: \" + t);" } }, "contextRegion": { "startLine": 190, "endLine": 196, "snippet": { "text": "\tcatch (Throwable t)\n\t{\n\t t.printStackTrace();\n\t log(\"ERROR: \" + t);\n\t screen = new ErrorScreen(mySession, t);\n\t}\n\tfinally\n" } } }, "message": { "text": "toString(this : return)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 99 }, "region": { "startLine": 240, "snippet": { "text": "\t\tResultSet results = statement.executeQuery(query);" } }, "contextRegion": { "startLine": 237, "endLine": 243, "snippet": { "text": "\t\tStatement statement = connection.createStatement(\n\t\t\tResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tResultSet results = statement.executeQuery(query);\n\t\treturn results;\n\t }\n\t catch (SQLException sqle)\n" } } }, "message": { "text": "executeQuery(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 99 }, "region": { "startLine": 240, "snippet": { "text": "\t\tResultSet results = statement.executeQuery(query);" } }, "contextRegion": { "startLine": 237, "endLine": 243, "snippet": { "text": "\t\tStatement statement = connection.createStatement(\n\t\t\tResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tResultSet results = statement.executeQuery(query);\n\t\treturn results;\n\t }\n\t catch (SQLException sqle)\n" } } }, "message": { "text": "Assignment to results" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 99 }, "region": { "startLine": 241, "snippet": { "text": "\t\treturn results;" } }, "contextRegion": { "startLine": 238, "endLine": 244, "snippet": { "text": "\t\t\tResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tResultSet results = statement.executeQuery(query);\n\t\treturn results;\n\t }\n\t catch (SQLException sqle)\n\t {}\n" } } }, "message": { "text": "Return results" } }, "kinds": [ "return", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 99 }, "region": { "startLine": 187, "snippet": { "text": "\t\tResultSet results = getResults(accountNumber);" } }, "contextRegion": { "startLine": 184, "endLine": 190, "snippet": { "text": "\t }\n\t try\n\t {\n\t\tResultSet results = getResults(accountNumber);\n\t\tif ((results != null) && (results.first() == true))\n\t\t{\n\t\t ResultSetMetaData resultsMetaData = results.getMetaData();\n" } } }, "message": { "text": "getResults(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 99 }, "region": { "startLine": 187, "snippet": { "text": "\t\tResultSet results = getResults(accountNumber);" } }, "contextRegion": { "startLine": 184, "endLine": 190, "snippet": { "text": "\t }\n\t try\n\t {\n\t\tResultSet results = getResults(accountNumber);\n\t\tif ((results != null) && (results.first() == true))\n\t\t{\n\t\t ResultSetMetaData resultsMetaData = results.getMetaData();\n" } } }, "message": { "text": "Assignment to results" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 99 }, "region": { "startLine": 191, "snippet": { "text": "\t\t ec.addElement(DatabaseUtilities.writeTable(results," } }, "contextRegion": { "startLine": 188, "endLine": 194, "snippet": { "text": "\t\tif ((results != null) && (results.first() == true))\n\t\t{\n\t\t ResultSetMetaData resultsMetaData = results.getMetaData();\n\t\t ec.addElement(DatabaseUtilities.writeTable(results,\n\t\t\t resultsMetaData));\n\t\t results.last();\n\t\t if (results.getRow() >= 6)\n" } } }, "message": { "text": "writeTable(0)" } }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 131, "snippet": { "text": "\tString firstName = request.getParameter(CrossSiteScripting.FIRST_NAME);" } }, "contextRegion": { "startLine": 128, "endLine": 134, "snippet": { "text": "\t// is the better solution.\n\n\tHttpServletRequest request = s.getRequest();\n\tString firstName = request.getParameter(CrossSiteScripting.FIRST_NAME);\n\tString lastName = request.getParameter(CrossSiteScripting.LAST_NAME);\n\tString ssn = request.getParameter(CrossSiteScripting.SSN);\n\tString title = request.getParameter(CrossSiteScripting.TITLE);\n" } } }, "message": { "text": "getParameter(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 131, "snippet": { "text": "\tString firstName = request.getParameter(CrossSiteScripting.FIRST_NAME);" } }, "contextRegion": { "startLine": 128, "endLine": 134, "snippet": { "text": "\t// is the better solution.\n\n\tHttpServletRequest request = s.getRequest();\n\tString firstName = request.getParameter(CrossSiteScripting.FIRST_NAME);\n\tString lastName = request.getParameter(CrossSiteScripting.LAST_NAME);\n\tString ssn = request.getParameter(CrossSiteScripting.SSN);\n\tString title = request.getParameter(CrossSiteScripting.TITLE);\n" } } }, "message": { "text": "Assignment to firstName" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 153, "snippet": { "text": "\tEmployee employee = new Employee(subjectId, firstName, lastName, ssn," } }, "contextRegion": { "startLine": 150, "endLine": 156, "snippet": { "text": "\tString personalDescription = request\n\t\t.getParameter(CrossSiteScripting.DESCRIPTION);\n\n\tEmployee employee = new Employee(subjectId, firstName, lastName, ssn,\n\t\ttitle, phone, address1, address2, manager, startDate, salary,\n\t\tccn, ccnLimit, disciplinaryActionDate, disciplinaryActionNotes,\n\t\tpersonalDescription);\n" } } }, "message": { "text": "Employee(1 : this.firstName)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 80, "snippet": { "text": "\t\temployee = parseEmployeeProfile(subjectId, s);" } }, "contextRegion": { "startLine": 77, "endLine": 83, "snippet": { "text": "\t Employee employee = null;\n\t try\n\t {\n\t\temployee = parseEmployeeProfile(subjectId, s);\n\t }\n\t catch (ValidationException e)\n\t {\n" } } }, "message": { "text": "parseEmployeeProfile(return.firstName)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 101, "snippet": { "text": "\t\tthis.createEmployeeProfile(s, userId, employee);" } }, "contextRegion": { "startLine": 98, "endLine": 104, "snippet": { "text": "\t\t\t.toString(subjectId));\n\t }\n\t else\n\t\tthis.createEmployeeProfile(s, userId, employee);\n\n\t try\n\t {\n" } } }, "message": { "text": "createEmployeeProfile(2.firstName)" } }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 321, "snippet": { "text": "\t\t + employee.getFirstName() + \"','\" + employee.getLastName()" } }, "contextRegion": { "startLine": 318, "endLine": 324, "snippet": { "text": "\t{\n\t // FIXME: Cannot choose the id because we cannot guarantee uniqueness\n\t String query = \"INSERT INTO employee VALUES ( max(userid)+1, '\"\n\t\t + employee.getFirstName() + \"','\" + employee.getLastName()\n\t\t + \"','\" + employee.getSsn() + \"','\"\n\t\t + employee.getFirstName().toLowerCase() + \"','\"\n\t\t + employee.getTitle() + \"','\" + employee.getPhoneNumber()\n" } } }, "message": { "text": "getFirstName(this.firstName : return)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 323, "snippet": { "text": "\t\t + employee.getFirstName().toLowerCase() + \"','\"" } }, "contextRegion": { "startLine": 320, "endLine": 326, "snippet": { "text": "\t String query = \"INSERT INTO employee VALUES ( max(userid)+1, '\"\n\t\t + employee.getFirstName() + \"','\" + employee.getLastName()\n\t\t + \"','\" + employee.getSsn() + \"','\"\n\t\t + employee.getFirstName().toLowerCase() + \"','\"\n\t\t + employee.getTitle() + \"','\" + employee.getPhoneNumber()\n\t\t + \"','\" + employee.getAddress1() + \"','\"\n\t\t + employee.getAddress2() + \"',\" + employee.getManager()\n" } } }, "message": { "text": "getFirstName(this.firstName : return)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 323, "snippet": { "text": "\t\t + employee.getFirstName().toLowerCase() + \"','\"" } }, "contextRegion": { "startLine": 320, "endLine": 326, "snippet": { "text": "\t String query = \"INSERT INTO employee VALUES ( max(userid)+1, '\"\n\t\t + employee.getFirstName() + \"','\" + employee.getLastName()\n\t\t + \"','\" + employee.getSsn() + \"','\"\n\t\t + employee.getFirstName().toLowerCase() + \"','\"\n\t\t + employee.getTitle() + \"','\" + employee.getPhoneNumber()\n\t\t + \"','\" + employee.getAddress1() + \"','\"\n\t\t + employee.getAddress2() + \"',\" + employee.getManager()\n" } } }, "message": { "text": "toLowerCase(this : return)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 75 }, "region": { "startLine": 422, "snippet": { "text": "\t System.out.println(e);" } }, "contextRegion": { "startLine": 419, "endLine": 425, "snippet": { "text": "\t}\n\tcatch (Exception e)\n\t{\n\t System.out.println(e);\n\t e.printStackTrace();\n\t}\n\n" } } }, "message": { "text": "Read e" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 95, "snippet": { "text": "\t\tthis.changeEmployeeProfile(s, userId, subjectId, employee);" } }, "contextRegion": { "startLine": 92, "endLine": 98, "snippet": { "text": "\n\t if (subjectId > 0)\n\t {\n\t\tthis.changeEmployeeProfile(s, userId, subjectId, employee);\n\t\tsetRequestAttribute(s, getLessonName() + \".\"\n\t\t\t+ CrossSiteScripting.EMPLOYEE_ID, Integer\n\t\t\t.toString(subjectId));\n" } } }, "message": { "text": "changeEmployeeProfile(3.firstName)" } }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 223, "snippet": { "text": "\t\t + employee.getFirstName() + \"', last_name = '\"" } }, "contextRegion": { "startLine": 220, "endLine": 226, "snippet": { "text": "\t{\n\t // Note: The password field is ONLY set by ChangePassword\n\t String query = \"UPDATE employee SET first_name = '\"\n\t\t + employee.getFirstName() + \"', last_name = '\"\n\t\t + employee.getLastName() + \"', ssn = '\" + employee.getSsn()\n\t\t + \"', title = '\" + employee.getTitle() + \"', phone = '\"\n\t\t + employee.getPhoneNumber() + \"', address1 = '\"\n" } } }, "message": { "text": "getFirstName(this.firstName : return)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 135 }, "region": { "startLine": 89, "snippet": { "text": "\t\t .getRawParameter(LANGUAGE, \"\"), \"UTF-8\");" } }, "contextRegion": { "startLine": 86, "endLine": 92, "snippet": { "text": "\t{\n\t ec.addElement(createAttackEnvironment(s));\n\t lang = URLDecoder.decode(s.getParser()\n\t\t .getRawParameter(LANGUAGE, \"\"), \"UTF-8\");\n\n\t //Check if we are coming from the redirect page\n\t String fromRedirect = s.getParser().getStringParameter(\n" } } }, "message": { "text": "getRawParameter(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 135 }, "region": { "startLine": 89, "snippet": { "text": "\t\t .getRawParameter(LANGUAGE, \"\"), \"UTF-8\");" } }, "contextRegion": { "startLine": 86, "endLine": 92, "snippet": { "text": "\t{\n\t ec.addElement(createAttackEnvironment(s));\n\t lang = URLDecoder.decode(s.getParser()\n\t\t .getRawParameter(LANGUAGE, \"\"), \"UTF-8\");\n\n\t //Check if we are coming from the redirect page\n\t String fromRedirect = s.getParser().getStringParameter(\n" } } }, "message": { "text": "decode(0 : return)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 135 }, "region": { "startLine": 88, "snippet": { "text": "\t lang = URLDecoder.decode(s.getParser()" } }, "contextRegion": { "startLine": 85, "endLine": 91, "snippet": { "text": "\ttry\n\t{\n\t ec.addElement(createAttackEnvironment(s));\n\t lang = URLDecoder.decode(s.getParser()\n\t\t .getRawParameter(LANGUAGE, \"\"), \"UTF-8\");\n\n\t //Check if we are coming from the redirect page\n" } } }, "message": { "text": "Assignment to lang" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 135 }, "region": { "startLine": 110, "snippet": { "text": "\t\t String message = lang.substring(lang.indexOf(\"\"));" } }, "contextRegion": { "startLine": 107, "endLine": 113, "snippet": { "text": "\t\t HttpServletResponse res = s.getResponse();\n\t\t res.setContentType(\"text/html\");\n\t\t PrintWriter out = new PrintWriter(res.getOutputStream());\n\t\t String message = lang.substring(lang.indexOf(\"\"));\n\n\t\t out.print(message);\n\t\t out.flush();\n" } } }, "message": { "text": "substring(this : return)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 135 }, "region": { "startLine": 110, "snippet": { "text": "\t\t String message = lang.substring(lang.indexOf(\"\"));" } }, "contextRegion": { "startLine": 107, "endLine": 113, "snippet": { "text": "\t\t HttpServletResponse res = s.getResponse();\n\t\t res.setContentType(\"text/html\");\n\t\t PrintWriter out = new PrintWriter(res.getOutputStream());\n\t\t String message = lang.substring(lang.indexOf(\"\"));\n\n\t\t out.print(message);\n\t\t out.flush();\n" } } }, "message": { "text": "Assignment to message" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 45 }, "region": { "startLine": 106, "endLine": 107, "snippet": { "text": "\t String query = \"SELECT * FROM user_system_data WHERE user_name = '\"\r\n\t\t + username + \"' and password = '\" + password + \"'\";" } }, "contextRegion": { "startLine": 103, "endLine": 110, "snippet": { "text": "\t\tconnection = DatabaseUtilities.makeConnection(s);\n\t }\n\n\t String query = \"SELECT * FROM user_system_data WHERE user_name = '\"\n\t\t + username + \"' and password = '\" + password + \"'\";\n\t ec.addElement(new StringElement(query));\n\t try\n\t {\n" } } }, "message": { "text": "Assignment to query" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 137 }, "region": { "startLine": 136, "snippet": { "text": "\t\t\t .getStringParameter(\"QTY2\", \"1\")))" } }, "contextRegion": { "startLine": 133, "endLine": 139, "snippet": { "text": "\t tr.addElement(new TD().addElement(\"27.99\").setAlign(\"right\"));\n\t tr.addElement(new TD().addElement(\n\t\t new Input(Input.TEXT, \"QTY2\", s.getParser()\n\t\t\t .getStringParameter(\"QTY2\", \"1\")))\n\t\t .setAlign(\"right\"));\n\t quantity = s.getParser().getFloatParameter(\"QTY2\", 1.0f);\n\t total = quantity * 27.99f;\n" } } }, "message": { "text": "getStringParameter(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 13 }, "region": { "startLine": 183, "snippet": { "text": "\t ec.addElement(makeAccountLine(s));" } }, "contextRegion": { "startLine": 180, "endLine": 186, "snippet": { "text": "\t\tconnection = DatabaseUtilities.makeConnection(s);\n\t }\n\n\t ec.addElement(makeAccountLine(s));\n\n\t String query = \"SELECT * FROM user_data WHERE last_name = ?\";\n\t ec.addElement(new PRE(query));\n" } } }, "message": { "text": "makeAccountLine(this.accountName)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 116 }, "region": { "startLine": 136, "snippet": { "text": "\t System.out.println(e);" } }, "contextRegion": { "startLine": 133, "endLine": 139, "snippet": { "text": "\tcatch (Exception e)\n\t{\n\t s.setMessage(\"Error generating \" + this.getClass().getName());\n\t System.out.println(e);\n\t e.printStackTrace();\n\t}\n\n" } } }, "message": { "text": "Read e" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 436, "snippet": { "text": "\t\t\tt.addElement( makeRow( description, rot13( userInput ), rot13( userInput ) ) );" } }, "contextRegion": { "startLine": 433, "endLine": 439, "snippet": { "text": "\t\t\t\n\t\t\tdescription = \"Rot13 encoding is a way to make text unreadable, but is easily reversed and provides no security.\";\n\n\t\t\tt.addElement( makeRow( description, rot13( userInput ), rot13( userInput ) ) );\n\t\t\t\n\t\t\tdescription = \"XOR with password encoding is a weak encryption scheme that mixes a password into data.\";\n\n" } } }, "message": { "text": "makeRow(1)" } }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 103 }, "region": { "startLine": 245, "snippet": { "text": "\t\t\t\tec.addElement( new H1( \"Message Contents For: \" + results.getString( TITLE_COL )) );" } }, "contextRegion": { "startLine": 242, "endLine": 248, "snippet": { "text": "\n\t\t\tif ( ( results != null ) && results.first() )\n\t\t\t{\n\t\t\t\tec.addElement( new H1( \"Message Contents For: \" + results.getString( TITLE_COL )) );\n\t\t\t\tTable t = new Table( 0 ).setCellSpacing( 0 ).setCellPadding( 0 ).setBorder( 0 );\n\t\t\t\tTR row1 = new TR( new TD( new B(new StringElement( \"Title:\" )) ) );\n\t\t\t\trow1.addElement( new TD( new StringElement( results.getString( TITLE_COL ) ) ) );\n" } } }, "message": { "text": "getString(this : return)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 89 }, "region": { "startLine": 62, "snippet": { "text": "\t int employeeId = s.getParser().getIntParameter(" } }, "contextRegion": { "startLine": 59, "endLine": 65, "snippet": { "text": "\tif (isAuthenticated(s))\n\t{\n\t int userId = getUserId(s);\n\t int employeeId = s.getParser().getIntParameter(\n\t\t CrossSiteScripting.EMPLOYEE_ID);\n\n\t Employee employee = getEmployeeProfile(s, userId, employeeId);\n" } } }, "message": { "text": "getIntParameter(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 89 }, "region": { "startLine": 62, "snippet": { "text": "\t int employeeId = s.getParser().getIntParameter(" } }, "contextRegion": { "startLine": 59, "endLine": 65, "snippet": { "text": "\tif (isAuthenticated(s))\n\t{\n\t int userId = getUserId(s);\n\t int employeeId = s.getParser().getIntParameter(\n\t\t CrossSiteScripting.EMPLOYEE_ID);\n\n\t Employee employee = getEmployeeProfile(s, userId, employeeId);\n" } } }, "message": { "text": "Assignment to employeeId" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 89 }, "region": { "startLine": 62, "snippet": { "text": "\t int employeeId = s.getParser().getIntParameter(" } }, "contextRegion": { "startLine": 59, "endLine": 65, "snippet": { "text": "\tif (isAuthenticated(s))\n\t{\n\t int userId = getUserId(s);\n\t int employeeId = s.getParser().getIntParameter(\n\t\t CrossSiteScripting.EMPLOYEE_ID);\n\n\t Employee employee = getEmployeeProfile(s, userId, employeeId);\n" } } }, "message": { "text": "Taint change on employeeId" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 89 }, "region": { "startLine": 65, "snippet": { "text": "\t Employee employee = getEmployeeProfile(s, userId, employeeId);" } }, "contextRegion": { "startLine": 62, "endLine": 68, "snippet": { "text": "\t int employeeId = s.getParser().getIntParameter(\n\t\t CrossSiteScripting.EMPLOYEE_ID);\n\n\t Employee employee = getEmployeeProfile(s, userId, employeeId);\n\t setSessionAttribute(s, getLessonName() + \".\"\n\t\t + CrossSiteScripting.EMPLOYEE_ATTRIBUTE_KEY, employee);\n\t}\n" } } }, "message": { "text": "getEmployeeProfile(2)" } }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 115 }, "region": { "startLine": 97, "snippet": { "text": "\t inputUsername = new String(s.getParser().getRawParameter(USERNAME," } }, "contextRegion": { "startLine": 94, "endLine": 100, "snippet": { "text": "\t ec = new ElementContainer();\n\t ec.addElement(t);\n\n\t inputUsername = new String(s.getParser().getRawParameter(USERNAME,\n\t\t \"\"));\n\t if (inputUsername.length() != 0)\n\t {\n" } } }, "message": { "text": "getRawParameter(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 115 }, "region": { "startLine": 97, "snippet": { "text": "\t inputUsername = new String(s.getParser().getRawParameter(USERNAME," } }, "contextRegion": { "startLine": 94, "endLine": 100, "snippet": { "text": "\t ec = new ElementContainer();\n\t ec.addElement(t);\n\n\t inputUsername = new String(s.getParser().getRawParameter(USERNAME,\n\t\t \"\"));\n\t if (inputUsername.length() != 0)\n\t {\n" } } }, "message": { "text": "String(0 : this)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 115 }, "region": { "startLine": 97, "snippet": { "text": "\t inputUsername = new String(s.getParser().getRawParameter(USERNAME," } }, "contextRegion": { "startLine": 94, "endLine": 100, "snippet": { "text": "\t ec = new ElementContainer();\n\t ec.addElement(t);\n\n\t inputUsername = new String(s.getParser().getRawParameter(USERNAME,\n\t\t \"\"));\n\t if (inputUsername.length() != 0)\n\t {\n" } } }, "message": { "text": "Assignment to inputUsername" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 115 }, "region": { "startLine": 101, "snippet": { "text": "\t\tinputUsername = URLDecoder.decode(inputUsername, \"UTF-8\");" } }, "contextRegion": { "startLine": 98, "endLine": 104, "snippet": { "text": "\t\t \"\"));\n\t if (inputUsername.length() != 0)\n\t {\n\t\tinputUsername = URLDecoder.decode(inputUsername, \"UTF-8\");\n\t }\n\n\t ec.addElement(new PRE(\" \"));\n" } } }, "message": { "text": "decode(0 : return)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 115 }, "region": { "startLine": 101, "snippet": { "text": "\t\tinputUsername = URLDecoder.decode(inputUsername, \"UTF-8\");" } }, "contextRegion": { "startLine": 98, "endLine": 104, "snippet": { "text": "\t\t \"\"));\n\t if (inputUsername.length() != 0)\n\t {\n\t\tinputUsername = URLDecoder.decode(inputUsername, \"UTF-8\");\n\t }\n\n\t ec.addElement(new PRE(\" \"));\n" } } }, "message": { "text": "Assignment to inputUsername" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 39 }, "region": { "startLine": 83, "snippet": { "text": "\t\t.getInitParameter(OSG_SERVER_NAME);" } }, "contextRegion": { "startLine": 80, "endLine": 86, "snippet": { "text": "\tPrintWriter out = null;\n\tBufferedReader in = null;\n\tString osgServerName = req.getSession().getServletContext()\n\t\t.getInitParameter(OSG_SERVER_NAME);\n\tString osgServerPort = req.getSession().getServletContext()\n\t\t.getInitParameter(OSG_SERVER_PORT);\n\n" } } }, "message": { "text": "getInitParameter(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 39 }, "region": { "startLine": 82, "endLine": 83, "snippet": { "text": "\tString osgServerName = req.getSession().getServletContext()\r\n\t\t.getInitParameter(OSG_SERVER_NAME);" } }, "contextRegion": { "startLine": 79, "endLine": 86, "snippet": { "text": "\tSocket osgSocket = null;\n\tPrintWriter out = null;\n\tBufferedReader in = null;\n\tString osgServerName = req.getSession().getServletContext()\n\t\t.getInitParameter(OSG_SERVER_NAME);\n\tString osgServerPort = req.getSession().getServletContext()\n\t\t.getInitParameter(OSG_SERVER_PORT);\n\n" } } }, "message": { "text": "Assignment to osgServerName" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 45 }, "region": { "startLine": 114, "snippet": { "text": "\t\tResultSet results = statement.executeQuery(query);" } }, "contextRegion": { "startLine": 111, "endLine": 117, "snippet": { "text": "\t\tStatement statement = connection.createStatement(\n\t\t\tResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tResultSet results = statement.executeQuery(query);\n\t\tif ((results != null) && (results.first() == true))\n\t\t{\n\t\t ResultSetMetaData resultsMetaData = results.getMetaData();\n" } } }, "message": { "text": "executeQuery(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 45 }, "region": { "startLine": 114, "snippet": { "text": "\t\tResultSet results = statement.executeQuery(query);" } }, "contextRegion": { "startLine": 111, "endLine": 117, "snippet": { "text": "\t\tStatement statement = connection.createStatement(\n\t\t\tResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tResultSet results = statement.executeQuery(query);\n\t\tif ((results != null) && (results.first() == true))\n\t\t{\n\t\t ResultSetMetaData resultsMetaData = results.getMetaData();\n" } } }, "message": { "text": "Assignment to results" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 45 }, "region": { "startLine": 118, "snippet": { "text": "\t\t ec.addElement(DatabaseUtilities.writeTable(results," } }, "contextRegion": { "startLine": 115, "endLine": 121, "snippet": { "text": "\t\tif ((results != null) && (results.first() == true))\n\t\t{\n\t\t ResultSetMetaData resultsMetaData = results.getMetaData();\n\t\t ec.addElement(DatabaseUtilities.writeTable(results,\n\t\t\t resultsMetaData));\n\t\t results.last();\n\n" } } }, "message": { "text": "writeTable(0)" } }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 37 }, "region": { "startLine": 194, "snippet": { "text": "\t\tResultSet answer_results = answer_statement.executeQuery(query);" } }, "contextRegion": { "startLine": 191, "endLine": 197, "snippet": { "text": "\t\tStatement answer_statement = WebSession.getConnection(s)\n\t\t\t.createStatement(ResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tResultSet answer_results = answer_statement.executeQuery(query);\n\t\tanswer_results.beforeFirst();\n\t\twhile (answer_results.next())\n\t\t{\n" } } }, "message": { "text": "executeQuery(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 37 }, "region": { "startLine": 194, "snippet": { "text": "\t\tResultSet answer_results = answer_statement.executeQuery(query);" } }, "contextRegion": { "startLine": 191, "endLine": 197, "snippet": { "text": "\t\tStatement answer_statement = WebSession.getConnection(s)\n\t\t\t.createStatement(ResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tResultSet answer_results = answer_statement.executeQuery(query);\n\t\tanswer_results.beforeFirst();\n\t\twhile (answer_results.next())\n\t\t{\n" } } }, "message": { "text": "Assignment to answer_results" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 37 }, "region": { "startLine": 199, "snippet": { "text": "\t\t String firstName = answer_results.getString(\"first_name\");" } }, "contextRegion": { "startLine": 196, "endLine": 202, "snippet": { "text": "\t\twhile (answer_results.next())\n\t\t{\n\t\t int employeeId = answer_results.getInt(\"userid\");\n\t\t String firstName = answer_results.getString(\"first_name\");\n\t\t String lastName = answer_results.getString(\"last_name\");\n\t\t String role = answer_results.getString(\"role\");\n\t\t EmployeeStub stub = new EmployeeStub(employeeId, firstName,\n" } } }, "message": { "text": "getString(this : return)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 37 }, "region": { "startLine": 199, "snippet": { "text": "\t\t String firstName = answer_results.getString(\"first_name\");" } }, "contextRegion": { "startLine": 196, "endLine": 202, "snippet": { "text": "\t\twhile (answer_results.next())\n\t\t{\n\t\t int employeeId = answer_results.getInt(\"userid\");\n\t\t String firstName = answer_results.getString(\"first_name\");\n\t\t String lastName = answer_results.getString(\"last_name\");\n\t\t String role = answer_results.getString(\"role\");\n\t\t EmployeeStub stub = new EmployeeStub(employeeId, firstName,\n" } } }, "message": { "text": "Assignment to firstName" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 37 }, "region": { "startLine": 202, "snippet": { "text": "\t\t EmployeeStub stub = new EmployeeStub(employeeId, firstName," } }, "contextRegion": { "startLine": 199, "endLine": 205, "snippet": { "text": "\t\t String firstName = answer_results.getString(\"first_name\");\n\t\t String lastName = answer_results.getString(\"last_name\");\n\t\t String role = answer_results.getString(\"role\");\n\t\t EmployeeStub stub = new EmployeeStub(employeeId, firstName,\n\t\t\t lastName, role);\n\t\t employees.add(stub);\n\t\t}\n" } } }, "message": { "text": "EmployeeStub(1 : this.firstName)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 37 }, "region": { "startLine": 202, "snippet": { "text": "\t\t EmployeeStub stub = new EmployeeStub(employeeId, firstName," } }, "contextRegion": { "startLine": 199, "endLine": 205, "snippet": { "text": "\t\t String firstName = answer_results.getString(\"first_name\");\n\t\t String lastName = answer_results.getString(\"last_name\");\n\t\t String role = answer_results.getString(\"role\");\n\t\t EmployeeStub stub = new EmployeeStub(employeeId, firstName,\n\t\t\t lastName, role);\n\t\t employees.add(stub);\n\t\t}\n" } } }, "message": { "text": "Assignment to stub" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 37 }, "region": { "startLine": 204, "snippet": { "text": "\t\t employees.add(stub);" } }, "contextRegion": { "startLine": 201, "endLine": 207, "snippet": { "text": "\t\t String role = answer_results.getString(\"role\");\n\t\t EmployeeStub stub = new EmployeeStub(employeeId, firstName,\n\t\t\t lastName, role);\n\t\t employees.add(stub);\n\t\t}\n\t }\n\t catch (SQLException sqle)\n" } } }, "message": { "text": "add(0 : this)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 37 }, "region": { "startLine": 219, "snippet": { "text": "\treturn employees;" } }, "contextRegion": { "startLine": 216, "endLine": 222, "snippet": { "text": "\t e.printStackTrace();\n\t}\n\n\treturn employees;\n }\n\n}\n" } } }, "message": { "text": "Return employees" } }, "kinds": [ "return", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 37 }, "region": { "startLine": 68, "snippet": { "text": "\tList employees = getAllEmployees(s);" } }, "contextRegion": { "startLine": 65, "endLine": 71, "snippet": { "text": "\t//System.out.println(\"Login.handleRequest()\");\n\tgetLesson().setCurrentAction(s, getActionName());\n\n\tList employees = getAllEmployees(s);\n\tsetSessionAttribute(s, getLessonName() + \".\"\n\t\t+ RoleBasedAccessControl.STAFF_ATTRIBUTE_KEY, employees);\n\n" } } }, "message": { "text": "getAllEmployees(return.firstName)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 37 }, "region": { "startLine": 68, "snippet": { "text": "\tList employees = getAllEmployees(s);" } }, "contextRegion": { "startLine": 65, "endLine": 71, "snippet": { "text": "\t//System.out.println(\"Login.handleRequest()\");\n\tgetLesson().setCurrentAction(s, getActionName());\n\n\tList employees = getAllEmployees(s);\n\tsetSessionAttribute(s, getLessonName() + \".\"\n\t\t+ RoleBasedAccessControl.STAFF_ATTRIBUTE_KEY, employees);\n\n" } } }, "message": { "text": "Assignment to employees" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 37 }, "region": { "startLine": 70, "snippet": { "text": "\t\t+ RoleBasedAccessControl.STAFF_ATTRIBUTE_KEY, employees);" } }, "contextRegion": { "startLine": 67, "endLine": 73, "snippet": { "text": "\n\tList employees = getAllEmployees(s);\n\tsetSessionAttribute(s, getLessonName() + \".\"\n\t\t+ RoleBasedAccessControl.STAFF_ATTRIBUTE_KEY, employees);\n\n\tint employeeId = -1;\n\ttry\n" } } }, "message": { "text": "setSessionAttribute(2)" } }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 37 }, "region": { "startLine": 200, "snippet": { "text": "\t\t String lastName = answer_results.getString(\"last_name\");" } }, "contextRegion": { "startLine": 197, "endLine": 203, "snippet": { "text": "\t\t{\n\t\t int employeeId = answer_results.getInt(\"userid\");\n\t\t String firstName = answer_results.getString(\"first_name\");\n\t\t String lastName = answer_results.getString(\"last_name\");\n\t\t String role = answer_results.getString(\"role\");\n\t\t EmployeeStub stub = new EmployeeStub(employeeId, firstName,\n\t\t\t lastName, role);\n" } } }, "message": { "text": "getString(this : return)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 37 }, "region": { "startLine": 200, "snippet": { "text": "\t\t String lastName = answer_results.getString(\"last_name\");" } }, "contextRegion": { "startLine": 197, "endLine": 203, "snippet": { "text": "\t\t{\n\t\t int employeeId = answer_results.getInt(\"userid\");\n\t\t String firstName = answer_results.getString(\"first_name\");\n\t\t String lastName = answer_results.getString(\"last_name\");\n\t\t String role = answer_results.getString(\"role\");\n\t\t EmployeeStub stub = new EmployeeStub(employeeId, firstName,\n\t\t\t lastName, role);\n" } } }, "message": { "text": "Assignment to lastName" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 37 }, "region": { "startLine": 203, "snippet": { "text": "\t\t\t lastName, role);" } }, "contextRegion": { "startLine": 200, "endLine": 206, "snippet": { "text": "\t\t String lastName = answer_results.getString(\"last_name\");\n\t\t String role = answer_results.getString(\"role\");\n\t\t EmployeeStub stub = new EmployeeStub(employeeId, firstName,\n\t\t\t lastName, role);\n\t\t employees.add(stub);\n\t\t}\n\t }\n" } } }, "message": { "text": "EmployeeStub(2 : this.lastName)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 37 }, "region": { "startLine": 68, "snippet": { "text": "\tList employees = getAllEmployees(s);" } }, "contextRegion": { "startLine": 65, "endLine": 71, "snippet": { "text": "\t//System.out.println(\"Login.handleRequest()\");\n\tgetLesson().setCurrentAction(s, getActionName());\n\n\tList employees = getAllEmployees(s);\n\tsetSessionAttribute(s, getLessonName() + \".\"\n\t\t+ RoleBasedAccessControl.STAFF_ATTRIBUTE_KEY, employees);\n\n" } } }, "message": { "text": "getAllEmployees(return.lastName)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 37 }, "region": { "startLine": 201, "snippet": { "text": "\t\t String role = answer_results.getString(\"role\");" } }, "contextRegion": { "startLine": 198, "endLine": 204, "snippet": { "text": "\t\t int employeeId = answer_results.getInt(\"userid\");\n\t\t String firstName = answer_results.getString(\"first_name\");\n\t\t String lastName = answer_results.getString(\"last_name\");\n\t\t String role = answer_results.getString(\"role\");\n\t\t EmployeeStub stub = new EmployeeStub(employeeId, firstName,\n\t\t\t lastName, role);\n\t\t employees.add(stub);\n" } } }, "message": { "text": "getString(this : return)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 37 }, "region": { "startLine": 201, "snippet": { "text": "\t\t String role = answer_results.getString(\"role\");" } }, "contextRegion": { "startLine": 198, "endLine": 204, "snippet": { "text": "\t\t int employeeId = answer_results.getInt(\"userid\");\n\t\t String firstName = answer_results.getString(\"first_name\");\n\t\t String lastName = answer_results.getString(\"last_name\");\n\t\t String role = answer_results.getString(\"role\");\n\t\t EmployeeStub stub = new EmployeeStub(employeeId, firstName,\n\t\t\t lastName, role);\n\t\t employees.add(stub);\n" } } }, "message": { "text": "Assignment to role" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 37 }, "region": { "startLine": 203, "snippet": { "text": "\t\t\t lastName, role);" } }, "contextRegion": { "startLine": 200, "endLine": 206, "snippet": { "text": "\t\t String lastName = answer_results.getString(\"last_name\");\n\t\t String role = answer_results.getString(\"role\");\n\t\t EmployeeStub stub = new EmployeeStub(employeeId, firstName,\n\t\t\t lastName, role);\n\t\t employees.add(stub);\n\t\t}\n\t }\n" } } }, "message": { "text": "EmployeeStub(3 : this.role)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 37 }, "region": { "startLine": 68, "snippet": { "text": "\tList employees = getAllEmployees(s);" } }, "contextRegion": { "startLine": 65, "endLine": 71, "snippet": { "text": "\t//System.out.println(\"Login.handleRequest()\");\n\tgetLesson().setCurrentAction(s, getActionName());\n\n\tList employees = getAllEmployees(s);\n\tsetSessionAttribute(s, getLessonName() + \".\"\n\t\t+ RoleBasedAccessControl.STAFF_ATTRIBUTE_KEY, employees);\n\n" } } }, "message": { "text": "getAllEmployees(return.role)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 60 }, "region": { "startLine": 229, "snippet": { "text": "\t\t\t+ results.getString(TITLE_COL)));" } }, "contextRegion": { "startLine": 226, "endLine": 232, "snippet": { "text": "\t if ((results != null) && results.first())\n\t {\n\t\tec.addElement(new H1(\"Message Contents For: \"\n\t\t\t+ results.getString(TITLE_COL)));\n\t\tTable t = new Table(0).setCellSpacing(0).setCellPadding(0)\n\t\t\t.setBorder(0);\n\t\tTR row1 = new TR(new TD(new B(new StringElement(\"Title:\"))));\n" } } }, "message": { "text": "getString(this : return)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 95, "snippet": { "text": "\t\tthis.changeEmployeeProfile(s, userId, subjectId, employee);" } }, "contextRegion": { "startLine": 92, "endLine": 98, "snippet": { "text": "\n\t if (subjectId > 0)\n\t {\n\t\tthis.changeEmployeeProfile(s, userId, subjectId, employee);\n\t\tsetRequestAttribute(s, getLessonName() + \".\"\n\t\t\t+ CrossSiteScripting.EMPLOYEE_ID, Integer\n\t\t\t.toString(subjectId));\n" } } }, "message": { "text": "changeEmployeeProfile(3.address2)" } }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 228, "snippet": { "text": "\t\t + employee.getAddress2() + \"', manager = \"" } }, "contextRegion": { "startLine": 225, "endLine": 231, "snippet": { "text": "\t\t + \"', title = '\" + employee.getTitle() + \"', phone = '\"\n\t\t + employee.getPhoneNumber() + \"', address1 = '\"\n\t\t + employee.getAddress1() + \"', address2 = '\"\n\t\t + employee.getAddress2() + \"', manager = \"\n\t\t + employee.getManager()\n\t\t + \", start_date = '\"\n\t\t + employee.getStartDate()\n" } } }, "message": { "text": "getAddress2(this.address2 : return)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 5 }, "region": { "startLine": 142, "snippet": { "text": "\t String password = s.getParser().getRawParameter(PASSWORD, \"\");" } }, "contextRegion": { "startLine": 139, "endLine": 145, "snippet": { "text": "\t\treturn ec;\n\t }\n\n\t String password = s.getParser().getRawParameter(PASSWORD, \"\");\n\t if (password == null || password.length() == 0)\n\t {\n\t\tec.addElement(new P().addElement(new StringElement(\n" } } }, "message": { "text": "getRawParameter(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 5 }, "region": { "startLine": 142, "snippet": { "text": "\t String password = s.getParser().getRawParameter(PASSWORD, \"\");" } }, "contextRegion": { "startLine": 139, "endLine": 145, "snippet": { "text": "\t\treturn ec;\n\t }\n\n\t String password = s.getParser().getRawParameter(PASSWORD, \"\");\n\t if (password == null || password.length() == 0)\n\t {\n\t\tec.addElement(new P().addElement(new StringElement(\n" } } }, "message": { "text": "Assignment to password" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 5 }, "region": { "startLine": 156, "endLine": 157, "snippet": { "text": "\t String expression = \"/employees/employee[loginID/text()='\"\r\n\t\t + username + \"' and passwd/text()='\" + password + \"']\";" } }, "contextRegion": { "startLine": 153, "endLine": 160, "snippet": { "text": "\t XPathFactory factory = XPathFactory.newInstance();\n\t XPath xPath = factory.newXPath();\n\t InputSource inputSource = new InputSource(new FileInputStream(d));\n\t String expression = \"/employees/employee[loginID/text()='\"\n\t\t + username + \"' and passwd/text()='\" + password + \"']\";\n\t nodes = (NodeList) xPath.evaluate(expression, inputSource,\n\t\t XPathConstants.NODESET);\n\t int nodesLength = nodes.getLength();\n" } } }, "message": { "text": "Assignment to expression" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 42 }, "region": { "startLine": 67, "snippet": { "text": "\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getCcn()%>\"/>" } }, "contextRegion": { "startLine": 64, "endLine": 70, "snippet": { "text": "\t\t\t\t\t\tCredit Card: \n\t\t\t\t\t\n\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getCcn()%>\"/>\n\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\tCredit Card Limit: \n" } } }, "message": { "text": "getCcn(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 78 }, "region": { "startLine": 11, "snippet": { "text": "\t\t \"Screen=\" + request.getParameter(\"Screen\") +" } }, "contextRegion": { "startLine": 8, "endLine": 14, "snippet": { "text": "\n\n<% response.sendRedirect(\"/WebGoat/attack?\" +\n\t\t \"Screen=\" + request.getParameter(\"Screen\") +\n\t\t \"&menu=\" + request.getParameter(\"menu\") +\n\t\t \"&succeeded=yes\"); \n%>\n" } } }, "message": { "text": "getParameter(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 173, "snippet": { "text": "\t log(request, screen.getClass().getName() + \" | \"" } }, "contextRegion": { "startLine": 170, "endLine": 176, "snippet": { "text": "\t // log the access to this screen for this user\n\t UserTracker userTracker = UserTracker.instance();\n\t userTracker.update(mySession, screen);\n\t log(request, screen.getClass().getName() + \" | \"\n\t\t + mySession.getParser().toString());\n\n\t // Redirect the request to our View servlet\n" } } }, "message": { "text": "Read request" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 112 }, "region": { "startLine": 53, "snippet": { "text": "\t\t\t \t\t\" type=\"text\" value=\"<%=employee.getSsn()%>\"/> " } }, "contextRegion": { "startLine": 50, "endLine": 56, "snippet": { "text": "\t\t\t \t\tSSN: \n\t\t\t \t\n\t\t\t \t\t\" type=\"text\" value=\"<%=employee.getSsn()%>\"/> \n\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\tSalary: \n" } } }, "message": { "text": "Read org.owasp.webgoat.lessons.RoleBasedAccessControl.RoleBasedAccessControl.SSN" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 101, "snippet": { "text": "\t\tthis.createEmployeeProfile(s, userId, employee);" } }, "contextRegion": { "startLine": 98, "endLine": 104, "snippet": { "text": "\t\t\t.toString(subjectId));\n\t }\n\t else\n\t\tthis.createEmployeeProfile(s, userId, employee);\n\n\t try\n\t {\n" } } }, "message": { "text": "createEmployeeProfile(2.startDate)" } }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 327, "snippet": { "text": "\t\t + \",'\" + employee.getStartDate() + \"',\"" } }, "contextRegion": { "startLine": 324, "endLine": 330, "snippet": { "text": "\t\t + employee.getTitle() + \"','\" + employee.getPhoneNumber()\n\t\t + \"','\" + employee.getAddress1() + \"','\"\n\t\t + employee.getAddress2() + \"',\" + employee.getManager()\n\t\t + \",'\" + employee.getStartDate() + \"',\"\n\t\t + employee.getSalary() + \",'\" + employee.getCcn() + \"',\"\n\t\t + employee.getCcnLimit() + \",'\"\n\t\t + employee.getDisciplinaryActionDate() + \"','\"\n" } } }, "message": { "text": "getStartDate(this.startDate : return)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 101, "snippet": { "text": "\t\tthis.createEmployeeProfile(s, userId, employee);" } }, "contextRegion": { "startLine": 98, "endLine": 104, "snippet": { "text": "\t\t\t.toString(subjectId));\n\t }\n\t else\n\t\tthis.createEmployeeProfile(s, userId, employee);\n\n\t try\n\t {\n" } } }, "message": { "text": "createEmployeeProfile(2.ssn)" } }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 322, "snippet": { "text": "\t\t + \"','\" + employee.getSsn() + \"','\"" } }, "contextRegion": { "startLine": 319, "endLine": 325, "snippet": { "text": "\t // FIXME: Cannot choose the id because we cannot guarantee uniqueness\n\t String query = \"INSERT INTO employee VALUES ( max(userid)+1, '\"\n\t\t + employee.getFirstName() + \"','\" + employee.getLastName()\n\t\t + \"','\" + employee.getSsn() + \"','\"\n\t\t + employee.getFirstName().toLowerCase() + \"','\"\n\t\t + employee.getTitle() + \"','\" + employee.getPhoneNumber()\n\t\t + \"','\" + employee.getAddress1() + \"','\"\n" } } }, "message": { "text": "getSsn(this.ssn : return)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 440, "snippet": { "text": "\t\t\tt.addElement( makeRow( description, xorEncode( userInput, userKey ), xorDecode( userInput, userKey ) ) );" } }, "contextRegion": { "startLine": 437, "endLine": 443, "snippet": { "text": "\t\t\t\n\t\t\tdescription = \"XOR with password encoding is a weak encryption scheme that mixes a password into data.\";\n\n\t\t\tt.addElement( makeRow( description, xorEncode( userInput, userKey ), xorDecode( userInput, userKey ) ) );\n\t\t\t\n\t\t\tdescription = \"Double unicode encoding is...\";\n\n" } } }, "message": { "text": "xorDecode(1 : return)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 1008, "snippet": { "text": "\t\t\treturn new String( xor( decoded, userKey ) );" } }, "contextRegion": { "startLine": 1005, "endLine": 1011, "snippet": { "text": "\t\ttry\n\t\t{\n\t\t\tString decoded = base64Decode( input );\n\t\t\treturn new String( xor( decoded, userKey ) );\n\t\t}\n\t\tcatch ( Exception e )\n\t\t{\n" } } }, "message": { "text": "xor(1 : return[])" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 977, "snippet": { "text": "\t\tchar[] xorChars = userKey.toCharArray();" } }, "contextRegion": { "startLine": 974, "endLine": 980, "snippet": { "text": "\t\t{\n\t\t\tuserKey = \"Goober\";\n\t\t}\n\t\tchar[] xorChars = userKey.toCharArray();\n\t\tint keyLen = xorChars.length;\n\t\tchar[] inputChars = null;\n\t\tchar[] outputChars = null;\n" } } }, "message": { "text": "toCharArray(this : return[])" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 50 }, "region": { "startLine": 977, "snippet": { "text": "\t\tchar[] xorChars = userKey.toCharArray();" } }, "contextRegion": { "startLine": 974, "endLine": 980, "snippet": { "text": "\t\t{\n\t\t\tuserKey = \"Goober\";\n\t\t}\n\t\tchar[] xorChars = userKey.toCharArray();\n\t\tint keyLen = xorChars.length;\n\t\tchar[] inputChars = null;\n\t\tchar[] outputChars = null;\n" } } }, "message": { "text": "Assignment to xorChars" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 42 }, "region": { "startLine": 54, "snippet": { "text": "\t\t\t \t\t\" type=\"text\" value=\"<%=employee.getSsn()%>\"/> " } }, "contextRegion": { "startLine": 51, "endLine": 57, "snippet": { "text": "\t\t\t \t\tSSN: \n\t\t\t \t\n\t\t\t \t\t\" type=\"text\" value=\"<%=employee.getSsn()%>\"/> \n\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\tSalary: \n" } } }, "message": { "text": "getSsn(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 46 }, "region": { "startLine": 287, "snippet": { "text": "\t\t\tnew RefreshDBScreen().refreshDB( this );" } }, "contextRegion": { "startLine": 284, "endLine": 290, "snippet": { "text": "\t\t// FIXME: need to solve concurrency problem here -- make tables for this user\n\t\tif ( !databaseBuilt )\n\t\t{\n\t\t\tnew RefreshDBScreen().refreshDB( this );\n\t\t\tdatabaseBuilt = true;\n\t\t}\n\t}\n" } } }, "message": { "text": "refreshDB(0.databaseDriver)" } }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 36 }, "region": { "startLine": 158, "snippet": { "text": "\t\tconnection = DatabaseUtilities.makeConnection(s);" } }, "contextRegion": { "startLine": 155, "endLine": 161, "snippet": { "text": "\t{\n\t if (connection == null)\n\t {\n\t\tconnection = DatabaseUtilities.makeConnection(s);\n\t }\n\n\t CreateDB db = new CreateDB();\n" } } }, "message": { "text": "makeConnection(0.databaseDriver)" } }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 17 }, "region": { "startLine": 66, "snippet": { "text": "\tClass.forName(s.getDatabaseDriver());" } }, "contextRegion": { "startLine": 63, "endLine": 69, "snippet": { "text": " public static Connection makeConnection(WebSession s)\n\t throws ClassNotFoundException, SQLException\n {\n\tClass.forName(s.getDatabaseDriver());\n\n\treturn (DriverManager.getConnection(s.getDatabaseConnectionString()));\n }\n" } } }, "message": { "text": "getDatabaseDriver(this.databaseDriver : return)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 132 }, "region": { "startLine": 126, "snippet": { "text": "\tString username = s.getParser().getStringParameter(USERNAME, \"\");" } }, "contextRegion": { "startLine": 123, "endLine": 129, "snippet": { "text": " */\n protected String checkParams(WebSession s) throws Exception\n {\n\tString username = s.getParser().getStringParameter(USERNAME, \"\");\n\tString password = s.getParser().getStringParameter(PASSWORD, \"\");\n\n\tif ((username.length() > 0) && (password.length() > 0))\n" } } }, "message": { "text": "getStringParameter(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 132 }, "region": { "startLine": 126, "snippet": { "text": "\tString username = s.getParser().getStringParameter(USERNAME, \"\");" } }, "contextRegion": { "startLine": 123, "endLine": 129, "snippet": { "text": " */\n protected String checkParams(WebSession s) throws Exception\n {\n\tString username = s.getParser().getStringParameter(USERNAME, \"\");\n\tString password = s.getParser().getStringParameter(PASSWORD, \"\");\n\n\tif ((username.length() > 0) && (password.length() > 0))\n" } } }, "message": { "text": "Assignment to username" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 132 }, "region": { "startLine": 148, "snippet": { "text": "\t\treturn (username);" } }, "contextRegion": { "startLine": 145, "endLine": 151, "snippet": { "text": "\t\ts.setMessage(\"Your identity has been remembered\");\n\t\ts.getResponse().addCookie(newCookie);\n\n\t\treturn (username);\n\t }\n\t else\n\t {\n" } } }, "message": { "text": "Return username" } }, "kinds": [ "return", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 132 }, "region": { "startLine": 187, "snippet": { "text": "\t user = checkParams(s);" } }, "contextRegion": { "startLine": 184, "endLine": 190, "snippet": { "text": "\t\treturn (makeUser(s, user, \"COOKIE\"));\n\t }\n\n\t user = checkParams(s);\n\n\t if ((user != null) && (user.length() > 0))\n\t {\n" } } }, "message": { "text": "checkParams(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 99 }, "region": { "startLine": 151, "snippet": { "text": "\taccountNumber = s.getParser().getRawParameter(ACCT_NUM, \"101\");" } }, "contextRegion": { "startLine": 148, "endLine": 154, "snippet": { "text": "\n\tec.addElement(new P().addElement(\"Enter your Account Number: \"));\n\n\taccountNumber = s.getParser().getRawParameter(ACCT_NUM, \"101\");\n\tInput input = new Input(Input.TEXT, ACCT_NUM, accountNumber.toString());\n\tec.addElement(input);\n\n" } } }, "message": { "text": "getRawParameter(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 132 }, "region": { "startLine": 187, "snippet": { "text": "\t user = checkParams(s);" } }, "contextRegion": { "startLine": 184, "endLine": 190, "snippet": { "text": "\t\treturn (makeUser(s, user, \"COOKIE\"));\n\t }\n\n\t user = checkParams(s);\n\n\t if ((user != null) && (user.length() > 0))\n\t {\n" } } }, "message": { "text": "Assignment to user" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 132 }, "region": { "startLine": 191, "snippet": { "text": "\t\treturn (makeUser(s, user, \"PARAMETERS\"));" } }, "contextRegion": { "startLine": 188, "endLine": 194, "snippet": { "text": "\n\t if ((user != null) && (user.length() > 0))\n\t {\n\t\treturn (makeUser(s, user, \"PARAMETERS\"));\n\t }\n\t}\n\tcatch (Exception e)\n" } } }, "message": { "text": "makeUser(1)" } }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 99 }, "region": { "startLine": 151, "snippet": { "text": "\taccountNumber = s.getParser().getRawParameter(ACCT_NUM, \"101\");" } }, "contextRegion": { "startLine": 148, "endLine": 154, "snippet": { "text": "\n\tec.addElement(new P().addElement(\"Enter your Account Number: \"));\n\n\taccountNumber = s.getParser().getRawParameter(ACCT_NUM, \"101\");\n\tInput input = new Input(Input.TEXT, ACCT_NUM, accountNumber.toString());\n\tec.addElement(input);\n\n" } } }, "message": { "text": "Assignment to this.accountNumber" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 99 }, "region": { "startLine": 151, "snippet": { "text": "\taccountNumber = s.getParser().getRawParameter(ACCT_NUM, \"101\");" } }, "contextRegion": { "startLine": 148, "endLine": 154, "snippet": { "text": "\n\tec.addElement(new P().addElement(\"Enter your Account Number: \"));\n\n\taccountNumber = s.getParser().getRawParameter(ACCT_NUM, \"101\");\n\tInput input = new Input(Input.TEXT, ACCT_NUM, accountNumber.toString());\n\tec.addElement(input);\n\n" } } }, "message": { "text": "Taint change on this.accountNumber" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 99 }, "region": { "startLine": 171, "snippet": { "text": "\t ec.addElement(makeAccountLine(s));" } }, "contextRegion": { "startLine": 168, "endLine": 174, "snippet": { "text": "\t {\n\t\tconnection = DatabaseUtilities.makeConnection(s);\n\t }\n\t ec.addElement(makeAccountLine(s));\n\n\t String query = \"SELECT * FROM user_data WHERE userid = \"\n\t\t + accountNumber;\n" } } }, "message": { "text": "makeAccountLine(this.accountNumber)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 99 }, "region": { "startLine": 187, "snippet": { "text": "\t\tResultSet results = getResults(accountNumber);" } }, "contextRegion": { "startLine": 184, "endLine": 190, "snippet": { "text": "\t }\n\t try\n\t {\n\t\tResultSet results = getResults(accountNumber);\n\t\tif ((results != null) && (results.first() == true))\n\t\t{\n\t\t ResultSetMetaData resultsMetaData = results.getMetaData();\n" } } }, "message": { "text": "getResults(0)" } }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 46 }, "region": { "startLine": 461, "snippet": { "text": "\t\treturn ( databaseDriver );" } }, "contextRegion": { "startLine": 458, "endLine": 464, "snippet": { "text": "\t */\n\tpublic String getDatabaseDriver()\n\t{\n\t\treturn ( databaseDriver );\n\t}\n\t\n\tpublic String getRestartLink()\n" } } }, "message": { "text": "Return this.databaseDriver" } }, "kinds": [ "return", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 99 }, "region": { "startLine": 234, "snippet": { "text": "\t String query = \"SELECT * FROM user_data WHERE userid = \" + id;" } }, "contextRegion": { "startLine": 231, "endLine": 237, "snippet": { "text": "\t {\n\t\treturn null;\n\t }\n\t String query = \"SELECT * FROM user_data WHERE userid = \" + id;\n\t try\n\t {\n\t\tStatement statement = connection.createStatement(\n" } } }, "message": { "text": "Assignment to query" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 146, "snippet": { "text": "\t screen = makeScreen(mySession); // This calls the lesson's" } }, "contextRegion": { "startLine": 143, "endLine": 149, "snippet": { "text": "\t // where the lesson \"knows\" what has happened. To track it at a\n\t // latter point would\n\t // require the lesson to have memory.\n\t screen = makeScreen(mySession); // This calls the lesson's\n\t // handleRequest()\n\t if (response.isCommitted())\n\t\treturn;\n" } } }, "message": { "text": "makeScreen(0.databaseDriver)" } }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 373, "snippet": { "text": "\t\t lesson.handleRequest(s);" } }, "contextRegion": { "startLine": 370, "endLine": 376, "snippet": { "text": "\n\t\t s.setHasHackableAdmin(screen.getRole());\n\n\t\t lesson.handleRequest(s);\n\t\t s.setCurrentMenu(lesson.getCategory().getRanking());\n\t\t}\n\t\telse\n" } } }, "message": { "text": "handleRequest(0.databaseDriver)" } }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 70 }, "region": { "startLine": 338, "snippet": { "text": "\t\tconnection = DatabaseUtilities.makeConnection(s);" } }, "contextRegion": { "startLine": 335, "endLine": 341, "snippet": { "text": "\n\t if (connection == null)\n\t {\n\t\tconnection = DatabaseUtilities.makeConnection(s);\n\t }\n\t}\n\tcatch (Exception e)\n" } } }, "message": { "text": "makeConnection(0.databaseDriver)" } }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 65 }, "region": { "startLine": 395, "snippet": { "text": "\t\tconnection = DatabaseUtilities.makeConnection(s);" } }, "contextRegion": { "startLine": 392, "endLine": 398, "snippet": { "text": "\n\t if (connection == null)\n\t {\n\t\tconnection = DatabaseUtilities.makeConnection(s);\n\t }\n\t}\n\tcatch (Exception e)\n" } } }, "message": { "text": "makeConnection(0.databaseDriver)" } }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 13 }, "region": { "startLine": 311, "snippet": { "text": "\t\tconnection = DatabaseUtilities.makeConnection(s);" } }, "contextRegion": { "startLine": 308, "endLine": 314, "snippet": { "text": "\n\t if (connection == null)\n\t {\n\t\tconnection = DatabaseUtilities.makeConnection(s);\n\t }\n\t}\n\tcatch (Exception e)\n" } } }, "message": { "text": "makeConnection(0.databaseDriver)" } }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 12 }, "region": { "startLine": 211, "snippet": { "text": "\t\tconnection = DatabaseUtilities.makeConnection(s);" } }, "contextRegion": { "startLine": 208, "endLine": 214, "snippet": { "text": "\n\t if (connection == null)\n\t {\n\t\tconnection = DatabaseUtilities.makeConnection(s);\n\t }\n\t}\n\tcatch (Exception e)\n" } } }, "message": { "text": "makeConnection(0.databaseDriver)" } }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 46 }, "region": { "startLine": 507, "snippet": { "text": "\t\tEnumeration e = request.getParameterNames();" } }, "contextRegion": { "startLine": 504, "endLine": 510, "snippet": { "text": "\tpublic String getCurrentLink()\n\t{\n\t\tString thisLink = \"attack\";\n\t\tEnumeration e = request.getParameterNames();\n\t\tboolean isFirstParameter = true;\n\t\twhile (e.hasMoreElements())\n\t\t{\n" } } }, "message": { "text": "getParameterNames(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 46 }, "region": { "startLine": 440, "snippet": { "text": "\t\t\tString realConnectionString = databaseConnectionString.replaceAll( \"PATH\", path );" } }, "contextRegion": { "startLine": 437, "endLine": 443, "snippet": { "text": "\t\t{\n\t\t\tString path = context.getRealPath( \"/database\" ).replace( '\\\\', '/' );\n\t\t\tSystem.out.println( \"PATH: \" + path );\n\t\t\tString realConnectionString = databaseConnectionString.replaceAll( \"PATH\", path );\n\t\t\tSystem.out.println( \"Database Connection String: \" + realConnectionString );\n\n\t\t\treturn realConnectionString;\n" } } }, "message": { "text": "replaceAll(1 : return)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 46 }, "region": { "startLine": 507, "snippet": { "text": "\t\tEnumeration e = request.getParameterNames();" } }, "contextRegion": { "startLine": 504, "endLine": 510, "snippet": { "text": "\tpublic String getCurrentLink()\n\t{\n\t\tString thisLink = \"attack\";\n\t\tEnumeration e = request.getParameterNames();\n\t\tboolean isFirstParameter = true;\n\t\twhile (e.hasMoreElements())\n\t\t{\n" } } }, "message": { "text": "Assignment to e" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 46 }, "region": { "startLine": 511, "snippet": { "text": "\t\t\tString name = (String) e.nextElement();" } }, "contextRegion": { "startLine": 508, "endLine": 514, "snippet": { "text": "\t\tboolean isFirstParameter = true;\n\t\twhile (e.hasMoreElements())\n\t\t{\n\t\t\tString name = (String) e.nextElement();\n\t\t\tif (isFirstParameter)\n\t\t\t{\n\t\t\t\tisFirstParameter = false;\n" } } }, "message": { "text": "nextElement(this : return)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 46 }, "region": { "startLine": 440, "snippet": { "text": "\t\t\tString realConnectionString = databaseConnectionString.replaceAll( \"PATH\", path );" } }, "contextRegion": { "startLine": 437, "endLine": 443, "snippet": { "text": "\t\t{\n\t\t\tString path = context.getRealPath( \"/database\" ).replace( '\\\\', '/' );\n\t\t\tSystem.out.println( \"PATH: \" + path );\n\t\t\tString realConnectionString = databaseConnectionString.replaceAll( \"PATH\", path );\n\t\t\tSystem.out.println( \"Database Connection String: \" + realConnectionString );\n\n\t\t\treturn realConnectionString;\n" } } }, "message": { "text": "Assignment to realConnectionString" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 46 }, "region": { "startLine": 511, "snippet": { "text": "\t\t\tString name = (String) e.nextElement();" } }, "contextRegion": { "startLine": 508, "endLine": 514, "snippet": { "text": "\t\tboolean isFirstParameter = true;\n\t\twhile (e.hasMoreElements())\n\t\t{\n\t\t\tString name = (String) e.nextElement();\n\t\t\tif (isFirstParameter)\n\t\t\t{\n\t\t\t\tisFirstParameter = false;\n" } } }, "message": { "text": "Assignment to name" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 88 }, "region": { "startLine": 271, "snippet": { "text": "\t String password = s.getParser().getRawParameter(" } }, "contextRegion": { "startLine": 268, "endLine": 274, "snippet": { "text": "\t{\n\t String employeeId = s.getParser().getStringParameter(\n\t\t SQLInjection.EMPLOYEE_ID);\n\t String password = s.getParser().getRawParameter(\n\t\t SQLInjection.PASSWORD);\n\t switch (getStage(s))\n\t {\n" } } }, "message": { "text": "getRawParameter(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 88 }, "region": { "startLine": 271, "snippet": { "text": "\t String password = s.getParser().getRawParameter(" } }, "contextRegion": { "startLine": 268, "endLine": 274, "snippet": { "text": "\t{\n\t String employeeId = s.getParser().getStringParameter(\n\t\t SQLInjection.EMPLOYEE_ID);\n\t String password = s.getParser().getRawParameter(\n\t\t SQLInjection.PASSWORD);\n\t switch (getStage(s))\n\t {\n" } } }, "message": { "text": "Assignment to password" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 88 }, "region": { "startLine": 287, "snippet": { "text": "\t\t\t && login_BACKUP(s, employeeId, password))" } }, "contextRegion": { "startLine": 284, "endLine": 290, "snippet": { "text": "\t\t // This assumes the student hasn't modified login_BACKUP().\n\t\t if (Integer.parseInt(employeeId) == SQLInjection.PRIZE_EMPLOYEE_ID\n\t\t\t && !isAuthenticated(s)\n\t\t\t && login_BACKUP(s, employeeId, password))\n\t\t {\n\t\t\ts.setMessage(\"Welcome to stage 3\");\n\t\t\tsetStage(s, 3);\n" } } }, "message": { "text": "login_BACKUP(2)" } }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 72 }, "region": { "startLine": 7, "snippet": { "text": "\t\t\tString searchedName = request.getParameter(RoleBasedAccessControl.SEARCHNAME);" } }, "contextRegion": { "startLine": 4, "endLine": 10, "snippet": { "text": "\t
\n\t\t\t<% \n\t\t\tWebSession webSession = ((WebSession)session.getAttribute(\"websession\"));\n\t\t\tString searchedName = request.getParameter(RoleBasedAccessControl.SEARCHNAME);\n\t\t\tif (searchedName != null)\n\t\t\t{\n\t\t\t%>\n" } } }, "message": { "text": "getParameter(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 88 }, "region": { "startLine": 183, "endLine": 184, "snippet": { "text": "\t String query = \"SELECT * FROM employee WHERE userid = \" + userId\r\n\t\t + \" and password = '\" + password + \"'\";" } }, "contextRegion": { "startLine": 180, "endLine": 187, "snippet": { "text": "\n\ttry\n\t{\n\t String query = \"SELECT * FROM employee WHERE userid = \" + userId\n\t\t + \" and password = '\" + password + \"'\";\n\t //System.out.println(\"Query:\" + query);\t\t\t\n\t try\n\t {\n" } } }, "message": { "text": "Assignment to query" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 72 }, "region": { "startLine": 7, "snippet": { "text": "\t\t\tString searchedName = request.getParameter(RoleBasedAccessControl.SEARCHNAME);" } }, "contextRegion": { "startLine": 4, "endLine": 10, "snippet": { "text": "\t
\n\t\t\t<% \n\t\t\tWebSession webSession = ((WebSession)session.getAttribute(\"websession\"));\n\t\t\tString searchedName = request.getParameter(RoleBasedAccessControl.SEARCHNAME);\n\t\t\tif (searchedName != null)\n\t\t\t{\n\t\t\t%>\n" } } }, "message": { "text": "Assignment to searchedName" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 132, "snippet": { "text": "\tString lastName = request.getParameter(CrossSiteScripting.LAST_NAME);" } }, "contextRegion": { "startLine": 129, "endLine": 135, "snippet": { "text": "\n\tHttpServletRequest request = s.getRequest();\n\tString firstName = request.getParameter(CrossSiteScripting.FIRST_NAME);\n\tString lastName = request.getParameter(CrossSiteScripting.LAST_NAME);\n\tString ssn = request.getParameter(CrossSiteScripting.SSN);\n\tString title = request.getParameter(CrossSiteScripting.TITLE);\n\tString phone = request.getParameter(CrossSiteScripting.PHONE_NUMBER);\n" } } }, "message": { "text": "getParameter(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 132, "snippet": { "text": "\tString lastName = request.getParameter(CrossSiteScripting.LAST_NAME);" } }, "contextRegion": { "startLine": 129, "endLine": 135, "snippet": { "text": "\n\tHttpServletRequest request = s.getRequest();\n\tString firstName = request.getParameter(CrossSiteScripting.FIRST_NAME);\n\tString lastName = request.getParameter(CrossSiteScripting.LAST_NAME);\n\tString ssn = request.getParameter(CrossSiteScripting.SSN);\n\tString title = request.getParameter(CrossSiteScripting.TITLE);\n\tString phone = request.getParameter(CrossSiteScripting.PHONE_NUMBER);\n" } } }, "message": { "text": "Assignment to lastName" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 153, "snippet": { "text": "\tEmployee employee = new Employee(subjectId, firstName, lastName, ssn," } }, "contextRegion": { "startLine": 150, "endLine": 156, "snippet": { "text": "\tString personalDescription = request\n\t\t.getParameter(CrossSiteScripting.DESCRIPTION);\n\n\tEmployee employee = new Employee(subjectId, firstName, lastName, ssn,\n\t\ttitle, phone, address1, address2, manager, startDate, salary,\n\t\tccn, ccnLimit, disciplinaryActionDate, disciplinaryActionNotes,\n\t\tpersonalDescription);\n" } } }, "message": { "text": "Employee(2 : this.lastName)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 80, "snippet": { "text": "\t\temployee = parseEmployeeProfile(subjectId, s);" } }, "contextRegion": { "startLine": 77, "endLine": 83, "snippet": { "text": "\t Employee employee = null;\n\t try\n\t {\n\t\temployee = parseEmployeeProfile(subjectId, s);\n\t }\n\t catch (ValidationException e)\n\t {\n" } } }, "message": { "text": "parseEmployeeProfile(return.lastName)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 101, "snippet": { "text": "\t\tthis.createEmployeeProfile(s, userId, employee);" } }, "contextRegion": { "startLine": 98, "endLine": 104, "snippet": { "text": "\t\t\t.toString(subjectId));\n\t }\n\t else\n\t\tthis.createEmployeeProfile(s, userId, employee);\n\n\t try\n\t {\n" } } }, "message": { "text": "createEmployeeProfile(2.lastName)" } }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 321, "snippet": { "text": "\t\t + employee.getFirstName() + \"','\" + employee.getLastName()" } }, "contextRegion": { "startLine": 318, "endLine": 324, "snippet": { "text": "\t{\n\t // FIXME: Cannot choose the id because we cannot guarantee uniqueness\n\t String query = \"INSERT INTO employee VALUES ( max(userid)+1, '\"\n\t\t + employee.getFirstName() + \"','\" + employee.getLastName()\n\t\t + \"','\" + employee.getSsn() + \"','\"\n\t\t + employee.getFirstName().toLowerCase() + \"','\"\n\t\t + employee.getTitle() + \"','\" + employee.getPhoneNumber()\n" } } }, "message": { "text": "getLastName(this.lastName : return)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 56 }, "region": { "startLine": 92, "snippet": { "text": "\t headerName = new String(s.getParser().getStringParameter(" } }, "contextRegion": { "startLine": 89, "endLine": 95, "snippet": { "text": "\tString headerValue = null;\n\ttry\n\t{\n\t headerName = new String(s.getParser().getStringParameter(\n\t\t HEADER_NAME, EMPTY_STRING));\n\t headerValue = new String(s.getParser().getStringParameter(\n\t\t HEADER_VALUE, EMPTY_STRING));\n" } } }, "message": { "text": "getStringParameter(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 56 }, "region": { "startLine": 92, "snippet": { "text": "\t headerName = new String(s.getParser().getStringParameter(" } }, "contextRegion": { "startLine": 89, "endLine": 95, "snippet": { "text": "\tString headerValue = null;\n\ttry\n\t{\n\t headerName = new String(s.getParser().getStringParameter(\n\t\t HEADER_NAME, EMPTY_STRING));\n\t headerValue = new String(s.getParser().getStringParameter(\n\t\t HEADER_VALUE, EMPTY_STRING));\n" } } }, "message": { "text": "String(0 : this)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 56 }, "region": { "startLine": 92, "snippet": { "text": "\t headerName = new String(s.getParser().getStringParameter(" } }, "contextRegion": { "startLine": 89, "endLine": 95, "snippet": { "text": "\tString headerValue = null;\n\ttry\n\t{\n\t headerName = new String(s.getParser().getStringParameter(\n\t\t HEADER_NAME, EMPTY_STRING));\n\t headerValue = new String(s.getParser().getStringParameter(\n\t\t HEADER_VALUE, EMPTY_STRING));\n" } } }, "message": { "text": "Assignment to headerName" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 56 }, "region": { "startLine": 143, "snippet": { "text": "\t\t headerName.toString())));" } }, "contextRegion": { "startLine": 140, "endLine": 146, "snippet": { "text": "\t\t\t\t \"What is the decoded value of the authentication header: \")));\n\n\t row1.addElement(new TD(new Input(Input.TEXT, HEADER_NAME,\n\t\t headerName.toString())));\n\t row2.addElement(new TD(new Input(Input.TEXT, HEADER_VALUE,\n\t\t headerValue.toString())));\n\n" } } }, "message": { "text": "toString(this : return)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 95, "snippet": { "text": "\t\tthis.changeEmployeeProfile(s, userId, subjectId, employee);" } }, "contextRegion": { "startLine": 92, "endLine": 98, "snippet": { "text": "\n\t if (subjectId > 0)\n\t {\n\t\tthis.changeEmployeeProfile(s, userId, subjectId, employee);\n\t\tsetRequestAttribute(s, getLessonName() + \".\"\n\t\t\t+ CrossSiteScripting.EMPLOYEE_ID, Integer\n\t\t\t.toString(subjectId));\n" } } }, "message": { "text": "changeEmployeeProfile(3.lastName)" } }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 224, "snippet": { "text": "\t\t + employee.getLastName() + \"', ssn = '\" + employee.getSsn()" } }, "contextRegion": { "startLine": 221, "endLine": 227, "snippet": { "text": "\t // Note: The password field is ONLY set by ChangePassword\n\t String query = \"UPDATE employee SET first_name = '\"\n\t\t + employee.getFirstName() + \"', last_name = '\"\n\t\t + employee.getLastName() + \"', ssn = '\" + employee.getSsn()\n\t\t + \"', title = '\" + employee.getTitle() + \"', phone = '\"\n\t\t + employee.getPhoneNumber() + \"', address1 = '\"\n\t\t + employee.getAddress1() + \"', address2 = '\"\n" } } }, "message": { "text": "getLastName(this.lastName : return)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 44 }, "region": { "startLine": 9, "snippet": { "text": "\t\t
Welcome Back <%=webSession.getUserNameInLesson()%> - View Profile Page
" } }, "contextRegion": { "startLine": 6, "endLine": 12, "snippet": { "text": "\tWebSession webSession = ((WebSession)session.getAttribute(\"websession\"));\n//\tint myUserId = getIntSessionAttribute(webSession, \"RoleBasedAccessControl.\" + RoleBasedAccessControl.USER_ID);\n%>\n\t\t
Welcome Back <%=webSession.getUserNameInLesson()%> - View Profile Page
\n\t\t
\n\t\t\t\t\n\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t
\n" } } }, "message": { "text": "getUserNameInLesson(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 114 }, "region": { "startLine": 72, "snippet": { "text": "\t Input input = new Input(Input.TEXT, SQL, sqlStatement.toString());" } }, "contextRegion": { "startLine": 69, "endLine": 75, "snippet": { "text": "\n\t StringBuffer sqlStatement = new StringBuffer(s.getParser()\n\t\t .getRawParameter(SQL, \"\"));\n\t Input input = new Input(Input.TEXT, SQL, sqlStatement.toString());\n\t ec.addElement(input);\n\n\t Element b = ECSFactory.makeButton(\"Go!\");\n" } } }, "message": { "text": "toString(this : return)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 95, "snippet": { "text": "\t\tthis.changeEmployeeProfile(s, userId, subjectId, employee);" } }, "contextRegion": { "startLine": 92, "endLine": 98, "snippet": { "text": "\n\t if (subjectId > 0)\n\t {\n\t\tthis.changeEmployeeProfile(s, userId, subjectId, employee);\n\t\tsetRequestAttribute(s, getLessonName() + \".\"\n\t\t\t+ CrossSiteScripting.EMPLOYEE_ID, Integer\n\t\t\t.toString(subjectId));\n" } } }, "message": { "text": "changeEmployeeProfile(3.address1)" } }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 227, "snippet": { "text": "\t\t + employee.getAddress1() + \"', address2 = '\"" } }, "contextRegion": { "startLine": 224, "endLine": 230, "snippet": { "text": "\t\t + employee.getLastName() + \"', ssn = '\" + employee.getSsn()\n\t\t + \"', title = '\" + employee.getTitle() + \"', phone = '\"\n\t\t + employee.getPhoneNumber() + \"', address1 = '\"\n\t\t + employee.getAddress1() + \"', address2 = '\"\n\t\t + employee.getAddress2() + \"', manager = \"\n\t\t + employee.getManager()\n\t\t + \", start_date = '\"\n" } } }, "message": { "text": "getAddress1(this.address1 : return)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 114 }, "region": { "startLine": 89, "snippet": { "text": "\t\tResultSet results = statement.executeQuery(sqlStatement" } }, "contextRegion": { "startLine": 86, "endLine": 92, "snippet": { "text": "\t\tStatement statement = connection.createStatement(\n\t\t\tResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tResultSet results = statement.executeQuery(sqlStatement\n\t\t\t.toString());\n\n\t\tif ((results != null) && (results.first() == true))\n" } } }, "message": { "text": "executeQuery(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 114 }, "region": { "startLine": 89, "snippet": { "text": "\t\tResultSet results = statement.executeQuery(sqlStatement" } }, "contextRegion": { "startLine": 86, "endLine": 92, "snippet": { "text": "\t\tStatement statement = connection.createStatement(\n\t\t\tResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tResultSet results = statement.executeQuery(sqlStatement\n\t\t\t.toString());\n\n\t\tif ((results != null) && (results.first() == true))\n" } } }, "message": { "text": "Assignment to results" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 114 }, "region": { "startLine": 96, "snippet": { "text": "\t\t ec.addElement(DatabaseUtilities.writeTable(results," } }, "contextRegion": { "startLine": 93, "endLine": 99, "snippet": { "text": "\t\t{\n\t\t makeSuccess(s);\n\t\t ResultSetMetaData resultsMetaData = results.getMetaData();\n\t\t ec.addElement(DatabaseUtilities.writeTable(results,\n\t\t\t resultsMetaData));\n\t\t}\n\n" } } }, "message": { "text": "writeTable(0)" } }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 65 }, "region": { "startLine": 195, "snippet": { "text": "\t station = s.getParser().getRawParameter(STATION_ID, null);" } }, "contextRegion": { "startLine": 192, "endLine": 198, "snippet": { "text": "\n\t String query = \"SELECT * FROM weather_data WHERE station = ?\";\n\n\t station = s.getParser().getRawParameter(STATION_ID, null);\n\n\t ec.addElement(new PRE(query));\n\n" } } }, "message": { "text": "getRawParameter(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 65 }, "region": { "startLine": 195, "snippet": { "text": "\t station = s.getParser().getRawParameter(STATION_ID, null);" } }, "contextRegion": { "startLine": 192, "endLine": 198, "snippet": { "text": "\n\t String query = \"SELECT * FROM weather_data WHERE station = ?\";\n\n\t station = s.getParser().getRawParameter(STATION_ID, null);\n\n\t ec.addElement(new PRE(query));\n\n" } } }, "message": { "text": "Assignment to this.station" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 65 }, "region": { "startLine": 207, "snippet": { "text": "\t\tstatement.setInt(1, Integer.parseInt(station));" } }, "contextRegion": { "startLine": 204, "endLine": 210, "snippet": { "text": "\t\tPreparedStatement statement = connection.prepareStatement(\n\t\t\tquery, ResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tstatement.setInt(1, Integer.parseInt(station));\n\t\tResultSet results = statement.executeQuery();\n\n\t\tif ((results != null) && (results.first() == true))\n" } } }, "message": { "text": "parseInt(0 : return)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 60 }, "region": { "startLine": 90, "snippet": { "text": "\t String title = HtmlEncoder.encode(s.getParser().getRawParameter(" } }, "contextRegion": { "startLine": 87, "endLine": 93, "snippet": { "text": " {\n\ttry\n\t{\n\t String title = HtmlEncoder.encode(s.getParser().getRawParameter(\n\t\t TITLE, \"\"));\n\t String message = s.getParser().getRawParameter(MESSAGE, \"\");\n\n" } } }, "message": { "text": "getRawParameter(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 60 }, "region": { "startLine": 90, "snippet": { "text": "\t String title = HtmlEncoder.encode(s.getParser().getRawParameter(" } }, "contextRegion": { "startLine": 87, "endLine": 93, "snippet": { "text": " {\n\ttry\n\t{\n\t String title = HtmlEncoder.encode(s.getParser().getRawParameter(\n\t\t TITLE, \"\"));\n\t String message = s.getParser().getRawParameter(MESSAGE, \"\");\n\n" } } }, "message": { "text": "encode(0 : return)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 60 }, "region": { "startLine": 90, "snippet": { "text": "\t String title = HtmlEncoder.encode(s.getParser().getRawParameter(" } }, "contextRegion": { "startLine": 87, "endLine": 93, "snippet": { "text": " {\n\ttry\n\t{\n\t String title = HtmlEncoder.encode(s.getParser().getRawParameter(\n\t\t TITLE, \"\"));\n\t String message = s.getParser().getRawParameter(MESSAGE, \"\");\n\n" } } }, "message": { "text": "Assignment to title" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 56 }, "region": { "startLine": 94, "snippet": { "text": "\t headerValue = new String(s.getParser().getStringParameter(" } }, "contextRegion": { "startLine": 91, "endLine": 97, "snippet": { "text": "\t{\n\t headerName = new String(s.getParser().getStringParameter(\n\t\t HEADER_NAME, EMPTY_STRING));\n\t headerValue = new String(s.getParser().getStringParameter(\n\t\t HEADER_VALUE, EMPTY_STRING));\n\n\t //\n" } } }, "message": { "text": "getStringParameter(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 56 }, "region": { "startLine": 94, "snippet": { "text": "\t headerValue = new String(s.getParser().getStringParameter(" } }, "contextRegion": { "startLine": 91, "endLine": 97, "snippet": { "text": "\t{\n\t headerName = new String(s.getParser().getStringParameter(\n\t\t HEADER_NAME, EMPTY_STRING));\n\t headerValue = new String(s.getParser().getStringParameter(\n\t\t HEADER_VALUE, EMPTY_STRING));\n\n\t //\n" } } }, "message": { "text": "String(0 : this)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 56 }, "region": { "startLine": 94, "snippet": { "text": "\t headerValue = new String(s.getParser().getStringParameter(" } }, "contextRegion": { "startLine": 91, "endLine": 97, "snippet": { "text": "\t{\n\t headerName = new String(s.getParser().getStringParameter(\n\t\t HEADER_NAME, EMPTY_STRING));\n\t headerValue = new String(s.getParser().getStringParameter(\n\t\t HEADER_VALUE, EMPTY_STRING));\n\n\t //\n" } } }, "message": { "text": "Assignment to headerValue" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 56 }, "region": { "startLine": 145, "snippet": { "text": "\t\t headerValue.toString())));" } }, "contextRegion": { "startLine": 142, "endLine": 148, "snippet": { "text": "\t row1.addElement(new TD(new Input(Input.TEXT, HEADER_NAME,\n\t\t headerName.toString())));\n\t row2.addElement(new TD(new Input(Input.TEXT, HEADER_VALUE,\n\t\t headerValue.toString())));\n\n\t t.addElement(row1);\n\t t.addElement(row2);\n" } } }, "message": { "text": "toString(this : return)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 75 }, "region": { "startLine": 844, "snippet": { "text": "\t Enumeration e = s.getParser().getParameterNames();" } }, "contextRegion": { "startLine": 841, "endLine": 847, "snippet": { "text": "\n\tif (s.getParser() != null)\n\t{\n\t Enumeration e = s.getParser().getParameterNames();\n\n\t while ((e != null) && e.hasMoreElements())\n\t {\n" } } }, "message": { "text": "getParameterNames(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 75 }, "region": { "startLine": 844, "snippet": { "text": "\t Enumeration e = s.getParser().getParameterNames();" } }, "contextRegion": { "startLine": 841, "endLine": 847, "snippet": { "text": "\n\tif (s.getParser() != null)\n\t{\n\t Enumeration e = s.getParser().getParameterNames();\n\n\t while ((e != null) && e.hasMoreElements())\n\t {\n" } } }, "message": { "text": "Assignment to e" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 75 }, "region": { "startLine": 848, "snippet": { "text": "\t\tString name = (String) e.nextElement();" } }, "contextRegion": { "startLine": 845, "endLine": 851, "snippet": { "text": "\n\t while ((e != null) && e.hasMoreElements())\n\t {\n\t\tString name = (String) e.nextElement();\n\t\tString[] values = s.getParser().getParameterValues(name);\n\n\t\tfor (int loop = 0; (values != null) && (loop < values.length); loop++)\n" } } }, "message": { "text": "nextElement(this : return)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 75 }, "region": { "startLine": 848, "snippet": { "text": "\t\tString name = (String) e.nextElement();" } }, "contextRegion": { "startLine": 845, "endLine": 851, "snippet": { "text": "\n\t while ((e != null) && e.hasMoreElements())\n\t {\n\t\tString name = (String) e.nextElement();\n\t\tString[] values = s.getParser().getParameterValues(name);\n\n\t\tfor (int loop = 0; (values != null) && (loop < values.length); loop++)\n" } } }, "message": { "text": "Assignment to name" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 75 }, "region": { "startLine": 853, "snippet": { "text": "\t\t v.add(name + \" -> \" + values[loop]);" } }, "contextRegion": { "startLine": 850, "endLine": 856, "snippet": { "text": "\n\t\tfor (int loop = 0; (values != null) && (loop < values.length); loop++)\n\t\t{\n\t\t v.add(name + \" -> \" + values[loop]);\n\t\t}\n\t }\n\n" } } }, "message": { "text": "add(0 : this)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 75 }, "region": { "startLine": 867, "snippet": { "text": "\tIterator i = v.iterator();" } }, "contextRegion": { "startLine": 864, "endLine": 870, "snippet": { "text": "\t list.addElement(new LI(\"No parameters\"));\n\t}\n\n\tIterator i = v.iterator();\n\n\twhile (i.hasNext())\n\t{\n" } } }, "message": { "text": "iterator(this : return)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 75 }, "region": { "startLine": 867, "snippet": { "text": "\tIterator i = v.iterator();" } }, "contextRegion": { "startLine": 864, "endLine": 870, "snippet": { "text": "\t list.addElement(new LI(\"No parameters\"));\n\t}\n\n\tIterator i = v.iterator();\n\n\twhile (i.hasNext())\n\t{\n" } } }, "message": { "text": "Assignment to i" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 38 }, "region": { "startLine": 225, "snippet": { "text": "\t String employeeId = s.getParser().getRawParameter(" } }, "contextRegion": { "startLine": 222, "endLine": 228, "snippet": { "text": "\t{\n\t String userId = getSessionAttribute(s, getLessonName() + \".\"\n\t\t + SQLInjection.USER_ID);\n\t String employeeId = s.getParser().getRawParameter(\n\t\t SQLInjection.EMPLOYEE_ID);\n\t switch (getStage(s))\n\t {\n" } } }, "message": { "text": "getRawParameter(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 75 }, "region": { "startLine": 871, "snippet": { "text": "\t String str = (String) i.next();" } }, "contextRegion": { "startLine": 868, "endLine": 874, "snippet": { "text": "\n\twhile (i.hasNext())\n\t{\n\t String str = (String) i.next();\n\t list.addElement(new LI(str));\n\t}\n\n" } } }, "message": { "text": "next(this : return)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 75 }, "region": { "startLine": 871, "snippet": { "text": "\t String str = (String) i.next();" } }, "contextRegion": { "startLine": 868, "endLine": 874, "snippet": { "text": "\n\twhile (i.hasNext())\n\t{\n\t String str = (String) i.next();\n\t list.addElement(new LI(str));\n\t}\n\n" } } }, "message": { "text": "Assignment to str" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 38 }, "region": { "startLine": 225, "snippet": { "text": "\t String employeeId = s.getParser().getRawParameter(" } }, "contextRegion": { "startLine": 222, "endLine": 228, "snippet": { "text": "\t{\n\t String userId = getSessionAttribute(s, getLessonName() + \".\"\n\t\t + SQLInjection.USER_ID);\n\t String employeeId = s.getParser().getRawParameter(\n\t\t SQLInjection.EMPLOYEE_ID);\n\t switch (getStage(s))\n\t {\n" } } }, "message": { "text": "Assignment to employeeId" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 38 }, "region": { "startLine": 225, "snippet": { "text": "\t String employeeId = s.getParser().getRawParameter(" } }, "contextRegion": { "startLine": 222, "endLine": 228, "snippet": { "text": "\t{\n\t String userId = getSessionAttribute(s, getLessonName() + \".\"\n\t\t + SQLInjection.USER_ID);\n\t String employeeId = s.getParser().getRawParameter(\n\t\t SQLInjection.EMPLOYEE_ID);\n\t switch (getStage(s))\n\t {\n" } } }, "message": { "text": "Taint change on employeeId" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 38 }, "region": { "startLine": 251, "snippet": { "text": "\t\t\t\t userId, employeeId);" } }, "contextRegion": { "startLine": 248, "endLine": 254, "snippet": { "text": "\t\t\ttry\n\t\t\t{\n\t\t\t targetEmployee = getEmployeeProfile_BACKUP(s,\n\t\t\t\t userId, employeeId);\n\t\t\t}\n\t\t\tcatch (UnauthorizedException e)\n\t\t\t{}\n" } } }, "message": { "text": "getEmployeeProfile_BACKUP(2)" } }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 38 }, "region": { "startLine": 170, "endLine": 171, "snippet": { "text": "\t String query = \"SELECT * FROM employee WHERE userid = \"\r\n\t\t + subjectUserId;" } }, "contextRegion": { "startLine": 167, "endLine": 174, "snippet": { "text": "\t// Query the database for the profile data of the given employee\n\ttry\n\t{\n\t String query = \"SELECT * FROM employee WHERE userid = \"\n\t\t + subjectUserId;\n\n\t try\n\t {\n" } } }, "message": { "text": "Assignment to query" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 62 }, "region": { "startLine": 151, "snippet": { "text": "\t\t\t .getStringParameter(\"QTY3\", \"1\")))" } }, "contextRegion": { "startLine": 148, "endLine": 154, "snippet": { "text": "\t tr.addElement(new TD().addElement(\"1599.99\").setAlign(\"right\"));\n\t tr.addElement(new TD().addElement(\n\t\t new Input(Input.TEXT, \"QTY3\", s.getParser()\n\t\t\t .getStringParameter(\"QTY3\", \"1\")))\n\t\t .setAlign(\"right\"));\n\t quantity = s.getParser().getFloatParameter(\"QTY3\", 1.0f);\n\t total = quantity * 1599.99f;\n" } } }, "message": { "text": "getStringParameter(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 8 }, "region": { "startLine": 142, "snippet": { "text": "\t String param3 = s.getParser().getRawParameter(\"field3\"," } }, "contextRegion": { "startLine": 139, "endLine": 145, "snippet": { "text": "\t{\n\t String param1 = s.getParser().getRawParameter(\"field1\", \"abc\");\n\t String param2 = s.getParser().getRawParameter(\"field2\", \"123\");\n\t String param3 = s.getParser().getRawParameter(\"field3\",\n\t\t \"abc 123 ABC\");\n\t String param4 = s.getParser().getRawParameter(\"field4\", \"seven\");\n\t String param5 = s.getParser().getRawParameter(\"field5\", \"90210\");\n" } } }, "message": { "text": "getRawParameter(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 8 }, "region": { "startLine": 142, "snippet": { "text": "\t String param3 = s.getParser().getRawParameter(\"field3\"," } }, "contextRegion": { "startLine": 139, "endLine": 145, "snippet": { "text": "\t{\n\t String param1 = s.getParser().getRawParameter(\"field1\", \"abc\");\n\t String param2 = s.getParser().getRawParameter(\"field2\", \"123\");\n\t String param3 = s.getParser().getRawParameter(\"field3\",\n\t\t \"abc 123 ABC\");\n\t String param4 = s.getParser().getRawParameter(\"field4\", \"seven\");\n\t String param5 = s.getParser().getRawParameter(\"field5\", \"90210\");\n" } } }, "message": { "text": "Assignment to param3" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 138 }, "region": { "startLine": 97, "snippet": { "text": "\t\tResultSet answer_results = answer_statement.executeQuery();" } }, "contextRegion": { "startLine": 94, "endLine": 100, "snippet": { "text": "\t\t\t\tResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tanswer_statement.setInt(1, subjectUserId);\n\t\tResultSet answer_results = answer_statement.executeQuery();\n\t\tif (answer_results.next())\n\t\t{\n\t\t // Note: Do NOT get the password field.\n" } } }, "message": { "text": "executeQuery(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 138 }, "region": { "startLine": 97, "snippet": { "text": "\t\tResultSet answer_results = answer_statement.executeQuery();" } }, "contextRegion": { "startLine": 94, "endLine": 100, "snippet": { "text": "\t\t\t\tResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tanswer_statement.setInt(1, subjectUserId);\n\t\tResultSet answer_results = answer_statement.executeQuery();\n\t\tif (answer_results.next())\n\t\t{\n\t\t // Note: Do NOT get the password field.\n" } } }, "message": { "text": "Assignment to answer_results" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 138 }, "region": { "startLine": 102, "snippet": { "text": "\t\t\t answer_results.getString(\"first_name\")," } }, "contextRegion": { "startLine": 99, "endLine": 105, "snippet": { "text": "\t\t{\n\t\t // Note: Do NOT get the password field.\n\t\t profile = new Employee(answer_results.getInt(\"userid\"),\n\t\t\t answer_results.getString(\"first_name\"),\n\t\t\t answer_results.getString(\"last_name\"),\n\t\t\t answer_results.getString(\"ssn\"), answer_results\n\t\t\t\t .getString(\"title\"), answer_results\n" } } }, "message": { "text": "getString(this : return)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 138 }, "region": { "startLine": 102, "snippet": { "text": "\t\t\t answer_results.getString(\"first_name\")," } }, "contextRegion": { "startLine": 99, "endLine": 105, "snippet": { "text": "\t\t{\n\t\t // Note: Do NOT get the password field.\n\t\t profile = new Employee(answer_results.getInt(\"userid\"),\n\t\t\t answer_results.getString(\"first_name\"),\n\t\t\t answer_results.getString(\"last_name\"),\n\t\t\t answer_results.getString(\"ssn\"), answer_results\n\t\t\t\t .getString(\"title\"), answer_results\n" } } }, "message": { "text": "Employee(1 : this.firstName)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 138 }, "region": { "startLine": 101, "snippet": { "text": "\t\t profile = new Employee(answer_results.getInt(\"userid\")," } }, "contextRegion": { "startLine": 98, "endLine": 104, "snippet": { "text": "\t\tif (answer_results.next())\n\t\t{\n\t\t // Note: Do NOT get the password field.\n\t\t profile = new Employee(answer_results.getInt(\"userid\"),\n\t\t\t answer_results.getString(\"first_name\"),\n\t\t\t answer_results.getString(\"last_name\"),\n\t\t\t answer_results.getString(\"ssn\"), answer_results\n" } } }, "message": { "text": "Assignment to profile" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 138 }, "region": { "startLine": 134, "snippet": { "text": "\treturn profile;" } }, "contextRegion": { "startLine": 131, "endLine": 137, "snippet": { "text": "\t e.printStackTrace();\n\t}\n\n\treturn profile;\n }\n\n\n" } } }, "message": { "text": "Return profile" } }, "kinds": [ "return", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 138 }, "region": { "startLine": 65, "snippet": { "text": "\t Employee employee = getEmployeeProfile(s, userId, employeeId);" } }, "contextRegion": { "startLine": 62, "endLine": 68, "snippet": { "text": "\t int employeeId = s.getParser().getIntParameter(\n\t\t RoleBasedAccessControl.EMPLOYEE_ID);\n\n\t Employee employee = getEmployeeProfile(s, userId, employeeId);\n\t setSessionAttribute(s, getLessonName() + \".\"\n\t\t + RoleBasedAccessControl.EMPLOYEE_ATTRIBUTE_KEY, employee);\n\t}\n" } } }, "message": { "text": "getEmployeeProfile(return.firstName)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 138 }, "region": { "startLine": 65, "snippet": { "text": "\t Employee employee = getEmployeeProfile(s, userId, employeeId);" } }, "contextRegion": { "startLine": 62, "endLine": 68, "snippet": { "text": "\t int employeeId = s.getParser().getIntParameter(\n\t\t RoleBasedAccessControl.EMPLOYEE_ID);\n\n\t Employee employee = getEmployeeProfile(s, userId, employeeId);\n\t setSessionAttribute(s, getLessonName() + \".\"\n\t\t + RoleBasedAccessControl.EMPLOYEE_ATTRIBUTE_KEY, employee);\n\t}\n" } } }, "message": { "text": "Assignment to employee" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 51 }, "region": { "startLine": 86, "snippet": { "text": "\t\t\t \"Employee \" + searchName + \" not found.\");" } }, "contextRegion": { "startLine": 83, "endLine": 89, "snippet": { "text": "\t\t{\n\t\t setSessionAttribute(s, getLessonName() + \".\"\n\t\t\t + CrossSiteScripting.SEARCHRESULT_ATTRIBUTE_KEY,\n\t\t\t \"Employee \" + searchName + \" not found.\");\n\t\t}\n\t }\n\t catch (ValidationException e)\n" } } }, "message": { "text": "setSessionAttribute(2)" } }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 138 }, "region": { "startLine": 67, "snippet": { "text": "\t\t + RoleBasedAccessControl.EMPLOYEE_ATTRIBUTE_KEY, employee);" } }, "contextRegion": { "startLine": 64, "endLine": 70, "snippet": { "text": "\n\t Employee employee = getEmployeeProfile(s, userId, employeeId);\n\t setSessionAttribute(s, getLessonName() + \".\"\n\t\t + RoleBasedAccessControl.EMPLOYEE_ATTRIBUTE_KEY, employee);\n\t}\n\telse\n\t throw new UnauthenticatedException();\n" } } }, "message": { "text": "setSessionAttribute(2)" } }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 138 }, "region": { "startLine": 103, "snippet": { "text": "\t\t\t answer_results.getString(\"last_name\")," } }, "contextRegion": { "startLine": 100, "endLine": 106, "snippet": { "text": "\t\t // Note: Do NOT get the password field.\n\t\t profile = new Employee(answer_results.getInt(\"userid\"),\n\t\t\t answer_results.getString(\"first_name\"),\n\t\t\t answer_results.getString(\"last_name\"),\n\t\t\t answer_results.getString(\"ssn\"), answer_results\n\t\t\t\t .getString(\"title\"), answer_results\n\t\t\t\t .getString(\"phone\"), answer_results\n" } } }, "message": { "text": "getString(this : return)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 138 }, "region": { "startLine": 103, "snippet": { "text": "\t\t\t answer_results.getString(\"last_name\")," } }, "contextRegion": { "startLine": 100, "endLine": 106, "snippet": { "text": "\t\t // Note: Do NOT get the password field.\n\t\t profile = new Employee(answer_results.getInt(\"userid\"),\n\t\t\t answer_results.getString(\"first_name\"),\n\t\t\t answer_results.getString(\"last_name\"),\n\t\t\t answer_results.getString(\"ssn\"), answer_results\n\t\t\t\t .getString(\"title\"), answer_results\n\t\t\t\t .getString(\"phone\"), answer_results\n" } } }, "message": { "text": "Employee(2 : this.lastName)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 138 }, "region": { "startLine": 65, "snippet": { "text": "\t Employee employee = getEmployeeProfile(s, userId, employeeId);" } }, "contextRegion": { "startLine": 62, "endLine": 68, "snippet": { "text": "\t int employeeId = s.getParser().getIntParameter(\n\t\t RoleBasedAccessControl.EMPLOYEE_ID);\n\n\t Employee employee = getEmployeeProfile(s, userId, employeeId);\n\t setSessionAttribute(s, getLessonName() + \".\"\n\t\t + RoleBasedAccessControl.EMPLOYEE_ATTRIBUTE_KEY, employee);\n\t}\n" } } }, "message": { "text": "getEmployeeProfile(return.lastName)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 138 }, "region": { "startLine": 104, "snippet": { "text": "\t\t\t answer_results.getString(\"ssn\"), answer_results" } }, "contextRegion": { "startLine": 101, "endLine": 107, "snippet": { "text": "\t\t profile = new Employee(answer_results.getInt(\"userid\"),\n\t\t\t answer_results.getString(\"first_name\"),\n\t\t\t answer_results.getString(\"last_name\"),\n\t\t\t answer_results.getString(\"ssn\"), answer_results\n\t\t\t\t .getString(\"title\"), answer_results\n\t\t\t\t .getString(\"phone\"), answer_results\n\t\t\t\t .getString(\"address1\"), answer_results\n" } } }, "message": { "text": "getString(this : return)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 138 }, "region": { "startLine": 104, "snippet": { "text": "\t\t\t answer_results.getString(\"ssn\"), answer_results" } }, "contextRegion": { "startLine": 101, "endLine": 107, "snippet": { "text": "\t\t profile = new Employee(answer_results.getInt(\"userid\"),\n\t\t\t answer_results.getString(\"first_name\"),\n\t\t\t answer_results.getString(\"last_name\"),\n\t\t\t answer_results.getString(\"ssn\"), answer_results\n\t\t\t\t .getString(\"title\"), answer_results\n\t\t\t\t .getString(\"phone\"), answer_results\n\t\t\t\t .getString(\"address1\"), answer_results\n" } } }, "message": { "text": "Employee(3 : this.ssn)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 138 }, "region": { "startLine": 65, "snippet": { "text": "\t Employee employee = getEmployeeProfile(s, userId, employeeId);" } }, "contextRegion": { "startLine": 62, "endLine": 68, "snippet": { "text": "\t int employeeId = s.getParser().getIntParameter(\n\t\t RoleBasedAccessControl.EMPLOYEE_ID);\n\n\t Employee employee = getEmployeeProfile(s, userId, employeeId);\n\t setSessionAttribute(s, getLessonName() + \".\"\n\t\t + RoleBasedAccessControl.EMPLOYEE_ATTRIBUTE_KEY, employee);\n\t}\n" } } }, "message": { "text": "getEmployeeProfile(return.ssn)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 138 }, "region": { "startLine": 105, "snippet": { "text": "\t\t\t\t .getString(\"title\"), answer_results" } }, "contextRegion": { "startLine": 102, "endLine": 108, "snippet": { "text": "\t\t\t answer_results.getString(\"first_name\"),\n\t\t\t answer_results.getString(\"last_name\"),\n\t\t\t answer_results.getString(\"ssn\"), answer_results\n\t\t\t\t .getString(\"title\"), answer_results\n\t\t\t\t .getString(\"phone\"), answer_results\n\t\t\t\t .getString(\"address1\"), answer_results\n\t\t\t\t .getString(\"address2\"), answer_results\n" } } }, "message": { "text": "Employee(4 : this.title)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 138 }, "region": { "startLine": 65, "snippet": { "text": "\t Employee employee = getEmployeeProfile(s, userId, employeeId);" } }, "contextRegion": { "startLine": 62, "endLine": 68, "snippet": { "text": "\t int employeeId = s.getParser().getIntParameter(\n\t\t RoleBasedAccessControl.EMPLOYEE_ID);\n\n\t Employee employee = getEmployeeProfile(s, userId, employeeId);\n\t setSessionAttribute(s, getLessonName() + \".\"\n\t\t + RoleBasedAccessControl.EMPLOYEE_ATTRIBUTE_KEY, employee);\n\t}\n" } } }, "message": { "text": "getEmployeeProfile(return.title)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 138 }, "region": { "startLine": 105, "snippet": { "text": "\t\t\t\t .getString(\"title\"), answer_results" } }, "contextRegion": { "startLine": 102, "endLine": 108, "snippet": { "text": "\t\t\t answer_results.getString(\"first_name\"),\n\t\t\t answer_results.getString(\"last_name\"),\n\t\t\t answer_results.getString(\"ssn\"), answer_results\n\t\t\t\t .getString(\"title\"), answer_results\n\t\t\t\t .getString(\"phone\"), answer_results\n\t\t\t\t .getString(\"address1\"), answer_results\n\t\t\t\t .getString(\"address2\"), answer_results\n" } } }, "message": { "text": "getString(this : return)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 138 }, "region": { "startLine": 106, "snippet": { "text": "\t\t\t\t .getString(\"phone\"), answer_results" } }, "contextRegion": { "startLine": 103, "endLine": 109, "snippet": { "text": "\t\t\t answer_results.getString(\"last_name\"),\n\t\t\t answer_results.getString(\"ssn\"), answer_results\n\t\t\t\t .getString(\"title\"), answer_results\n\t\t\t\t .getString(\"phone\"), answer_results\n\t\t\t\t .getString(\"address1\"), answer_results\n\t\t\t\t .getString(\"address2\"), answer_results\n\t\t\t\t .getInt(\"manager\"), answer_results\n" } } }, "message": { "text": "Employee(5 : this.phone)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 138 }, "region": { "startLine": 65, "snippet": { "text": "\t Employee employee = getEmployeeProfile(s, userId, employeeId);" } }, "contextRegion": { "startLine": 62, "endLine": 68, "snippet": { "text": "\t int employeeId = s.getParser().getIntParameter(\n\t\t RoleBasedAccessControl.EMPLOYEE_ID);\n\n\t Employee employee = getEmployeeProfile(s, userId, employeeId);\n\t setSessionAttribute(s, getLessonName() + \".\"\n\t\t + RoleBasedAccessControl.EMPLOYEE_ATTRIBUTE_KEY, employee);\n\t}\n" } } }, "message": { "text": "getEmployeeProfile(return.phone)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 129 }, "region": { "startLine": 258, "snippet": { "text": "\t\t username = s.getParser().getStringParameter(USERNAME, \"\");" } }, "contextRegion": { "startLine": 255, "endLine": 261, "snippet": { "text": "\t\t}\n\t\telse if (STAGE == 1)\n\t\t{\n\t\t username = s.getParser().getStringParameter(USERNAME, \"\");\n\t\n\t\t if (USERS.containsKey(username))\n\t\t {\n" } } }, "message": { "text": "getStringParameter(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 129 }, "region": { "startLine": 258, "snippet": { "text": "\t\t username = s.getParser().getStringParameter(USERNAME, \"\");" } }, "contextRegion": { "startLine": 255, "endLine": 261, "snippet": { "text": "\t\t}\n\t\telse if (STAGE == 1)\n\t\t{\n\t\t username = s.getParser().getStringParameter(USERNAME, \"\");\n\t\n\t\t if (USERS.containsKey(username))\n\t\t {\n" } } }, "message": { "text": "Assignment to username" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 129 }, "region": { "startLine": 263, "snippet": { "text": "\t\t\t\tUSERNAME_RESPONSE = username;" } }, "contextRegion": { "startLine": 260, "endLine": 266, "snippet": { "text": "\t\t if (USERS.containsKey(username))\n\t\t {\n\t\t\t\tSTAGE = 2;\n\t\t\t\tUSERNAME_RESPONSE = username;\n\t\t\t\tec.addElement(doStage2(s));\n\t\t }\n\t\t else\n" } } }, "message": { "text": "Assignment to org.owasp.webgoat.lessons.ForgotPassword.USERNAME_RESPONSE" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 129 }, "region": { "startLine": 242, "snippet": { "text": "\t\t color = s.getParser().getStringParameter(COLOR, \"\");" } }, "contextRegion": { "startLine": 239, "endLine": 245, "snippet": { "text": "\t\n\t\tif (STAGE == 2)\n\t\t{\n\t\t color = s.getParser().getStringParameter(COLOR, \"\");\n\t\n\t\t if (COLORS.get(USERNAME_RESPONSE).equals(color))\n\t\t {\n" } } }, "message": { "text": "getStringParameter(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 129 }, "region": { "startLine": 242, "snippet": { "text": "\t\t color = s.getParser().getStringParameter(COLOR, \"\");" } }, "contextRegion": { "startLine": 239, "endLine": 245, "snippet": { "text": "\t\n\t\tif (STAGE == 2)\n\t\t{\n\t\t color = s.getParser().getStringParameter(COLOR, \"\");\n\t\n\t\t if (COLORS.get(USERNAME_RESPONSE).equals(color))\n\t\t {\n" } } }, "message": { "text": "Assignment to color" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 129 }, "region": { "startLine": 247, "snippet": { "text": "\t\t\t\tCOLOR_RESPONSE = color;" } }, "contextRegion": { "startLine": 244, "endLine": 250, "snippet": { "text": "\t\t if (COLORS.get(USERNAME_RESPONSE).equals(color))\n\t\t {\n\t\t\t\tSTAGE = 1;\n\t\t\t\tCOLOR_RESPONSE = color;\n\t\t\t\tec.addElement(doStage3(s));\n\t\t }\n\t\t else\n" } } }, "message": { "text": "Assignment to org.owasp.webgoat.lessons.ForgotPassword.COLOR_RESPONSE" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 129 }, "region": { "startLine": 195, "snippet": { "text": "\t\ttr.addElement(new TD().addElement(new StringElement(\"Color: \" + COLOR_RESPONSE)));" } }, "contextRegion": { "startLine": 192, "endLine": 198, "snippet": { "text": "\t\tt.addElement(tr);\n\t\n\t\ttr = new TR();\n\t\ttr.addElement(new TD().addElement(new StringElement(\"Color: \" + COLOR_RESPONSE)));\n\t\tt.addElement(tr);\n\t\n\t\ttr = new TR();\n" } } }, "message": { "text": "Read org.owasp.webgoat.lessons.ForgotPassword.COLOR_RESPONSE" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 129 }, "region": { "startLine": 195, "snippet": { "text": "\t\ttr.addElement(new TD().addElement(new StringElement(\"Color: \" + COLOR_RESPONSE)));" } }, "contextRegion": { "startLine": 192, "endLine": 198, "snippet": { "text": "\t\tt.addElement(tr);\n\t\n\t\ttr = new TR();\n\t\ttr.addElement(new TD().addElement(new StringElement(\"Color: \" + COLOR_RESPONSE)));\n\t\tt.addElement(tr);\n\t\n\t\ttr = new TR();\n" } } }, "message": { "text": "StringElement(0 : this)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 129 }, "region": { "startLine": 191, "snippet": { "text": "\t\ttr.addElement(new TD().addElement(new StringElement(\"Username: \" + USERNAME_RESPONSE)));" } }, "contextRegion": { "startLine": 188, "endLine": 194, "snippet": { "text": "\t\tt.addElement(tr);\n\t\n\t\ttr = new TR();\n\t\ttr.addElement(new TD().addElement(new StringElement(\"Username: \" + USERNAME_RESPONSE)));\n\t\tt.addElement(tr);\n\t\n\t\ttr = new TR();\n" } } }, "message": { "text": "Read org.owasp.webgoat.lessons.ForgotPassword.USERNAME_RESPONSE" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 129 }, "region": { "startLine": 191, "snippet": { "text": "\t\ttr.addElement(new TD().addElement(new StringElement(\"Username: \" + USERNAME_RESPONSE)));" } }, "contextRegion": { "startLine": 188, "endLine": 194, "snippet": { "text": "\t\tt.addElement(tr);\n\t\n\t\ttr = new TR();\n\t\ttr.addElement(new TD().addElement(new StringElement(\"Username: \" + USERNAME_RESPONSE)));\n\t\tt.addElement(tr);\n\t\n\t\ttr = new TR();\n" } } }, "message": { "text": "StringElement(0 : this)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 42 }, "region": { "startLine": 67, "snippet": { "text": "\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getCcn()%>\"/>" } }, "contextRegion": { "startLine": 64, "endLine": 70, "snippet": { "text": "\t\t\t\t\t\tCredit Card: \n\t\t\t\t\t\n\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getCcn()%>\"/>\n\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\tCredit Card Limit: \n" } } }, "message": { "text": "Read org.owasp.webgoat.lessons.CrossSiteScripting.CrossSiteScripting.CCN" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 65 }, "region": { "startLine": 130, "snippet": { "text": "\t\tResultSet results = statement.executeQuery(query);" } }, "contextRegion": { "startLine": 127, "endLine": 133, "snippet": { "text": "\t\tStatement statement = connection.createStatement(\n\t\t\tResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tResultSet results = statement.executeQuery(query);\n\n\t\tif ((results != null) && (results.first() == true))\n\t\t{\n" } } }, "message": { "text": "executeQuery(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 65 }, "region": { "startLine": 130, "snippet": { "text": "\t\tResultSet results = statement.executeQuery(query);" } }, "contextRegion": { "startLine": 127, "endLine": 133, "snippet": { "text": "\t\tStatement statement = connection.createStatement(\n\t\t\tResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tResultSet results = statement.executeQuery(query);\n\n\t\tif ((results != null) && (results.first() == true))\n\t\t{\n" } } }, "message": { "text": "Assignment to results" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 65 }, "region": { "startLine": 135, "snippet": { "text": "\t\t ec.addElement(DatabaseUtilities.writeTable(results," } }, "contextRegion": { "startLine": 132, "endLine": 138, "snippet": { "text": "\t\tif ((results != null) && (results.first() == true))\n\t\t{\n\t\t ResultSetMetaData resultsMetaData = results.getMetaData();\n\t\t ec.addElement(DatabaseUtilities.writeTable(results,\n\t\t\t resultsMetaData));\n\t\t results.last();\n\n" } } }, "message": { "text": "writeTable(0)" } }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 99 }, "region": { "startLine": 173, "snippet": { "text": "\t String query = \"SELECT * FROM user_data WHERE userid = \"" } }, "contextRegion": { "startLine": 170, "endLine": 176, "snippet": { "text": "\t }\n\t ec.addElement(makeAccountLine(s));\n\n\t String query = \"SELECT * FROM user_data WHERE userid = \"\n\t\t + accountNumber;\n\t ec.addElement(new PRE(query));\n\t for (int i = 0; i < accountNumber.length(); i++)\n" } } }, "message": { "text": "Assignment to query" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 75 }, "region": { "startLine": 849, "snippet": { "text": "\t\tString[] values = s.getParser().getParameterValues(name);" } }, "contextRegion": { "startLine": 846, "endLine": 852, "snippet": { "text": "\t while ((e != null) && e.hasMoreElements())\n\t {\n\t\tString name = (String) e.nextElement();\n\t\tString[] values = s.getParser().getParameterValues(name);\n\n\t\tfor (int loop = 0; (values != null) && (loop < values.length); loop++)\n\t\t{\n" } } }, "message": { "text": "getParameterValues(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 75 }, "region": { "startLine": 849, "snippet": { "text": "\t\tString[] values = s.getParser().getParameterValues(name);" } }, "contextRegion": { "startLine": 846, "endLine": 852, "snippet": { "text": "\t while ((e != null) && e.hasMoreElements())\n\t {\n\t\tString name = (String) e.nextElement();\n\t\tString[] values = s.getParser().getParameterValues(name);\n\n\t\tfor (int loop = 0; (values != null) && (loop < values.length); loop++)\n\t\t{\n" } } }, "message": { "text": "Assignment to values" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 46 }, "region": { "startLine": 719, "snippet": { "text": "\t\treturn ( context.getRealPath( fileName ));" } }, "contextRegion": { "startLine": 716, "endLine": 722, "snippet": { "text": "\tpublic String getWebResource( String fileName )\n\t{\n\t\t// Note: doesn't work for admin path! Maybe with a ../ attack\n\t\treturn ( context.getRealPath( fileName ));\n\t}\n\n\t/**\n" } } }, "message": { "text": "getRealPath(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 46 }, "region": { "startLine": 719, "snippet": { "text": "\t\treturn ( context.getRealPath( fileName ));" } }, "contextRegion": { "startLine": 716, "endLine": 722, "snippet": { "text": "\tpublic String getWebResource( String fileName )\n\t{\n\t\t// Note: doesn't work for admin path! Maybe with a ../ attack\n\t\treturn ( context.getRealPath( fileName ));\n\t}\n\n\t/**\n" } } }, "message": { "text": "Return" } }, "kinds": [ "return", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 75 }, "region": { "startLine": 940, "snippet": { "text": "\tString filename = s.getWebResource(this.getClass().getName());" } }, "contextRegion": { "startLine": 937, "endLine": 943, "snippet": { "text": "\t return new StringElement();\n\t}\n\n\tString filename = s.getWebResource(this.getClass().getName());\n\tTable t = new Table().setWidth(Screen.MAIN_SIZE);\n\n\t/*\n" } } }, "message": { "text": "getWebResource(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 75 }, "region": { "startLine": 940, "snippet": { "text": "\tString filename = s.getWebResource(this.getClass().getName());" } }, "contextRegion": { "startLine": 937, "endLine": 943, "snippet": { "text": "\t return new StringElement();\n\t}\n\n\tString filename = s.getWebResource(this.getClass().getName());\n\tTable t = new Table().setWidth(Screen.MAIN_SIZE);\n\n\t/*\n" } } }, "message": { "text": "Assignment to filename" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 84 }, "region": { "startLine": 34, "snippet": { "text": "String menu = request.getParameter(m);" } }, "contextRegion": { "startLine": 31, "endLine": 37, "snippet": { "text": "String printCookies = \"\";\nString lessonComplete = \"\";\nString m = \"menu\";\nString menu = request.getParameter(m);\n\nList categories = course.getCategories();\n\n" } } }, "message": { "text": "getParameter(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 84 }, "region": { "startLine": 34, "snippet": { "text": "String menu = request.getParameter(m);" } }, "contextRegion": { "startLine": 31, "endLine": 37, "snippet": { "text": "String printCookies = \"\";\nString lessonComplete = \"\";\nString m = \"menu\";\nString menu = request.getParameter(m);\n\nList categories = course.getCategories();\n\n" } } }, "message": { "text": "Assignment to menu" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 65 }, "region": { "startLine": 400, "snippet": { "text": "\t System.out.println(\"Exception caught: \" + e);" } }, "contextRegion": { "startLine": 397, "endLine": 403, "snippet": { "text": "\t}\n\tcatch (Exception e)\n\t{\n\t System.out.println(\"Exception caught: \" + e);\n\t e.printStackTrace(System.out);\n\t}\n }\n" } } }, "message": { "text": "Read e" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 65 }, "region": { "startLine": 400, "snippet": { "text": "\t System.out.println(\"Exception caught: \" + e);" } }, "contextRegion": { "startLine": 397, "endLine": 403, "snippet": { "text": "\t}\n\tcatch (Exception e)\n\t{\n\t System.out.println(\"Exception caught: \" + e);\n\t e.printStackTrace(System.out);\n\t}\n }\n" } } }, "message": { "text": "toString(this : return)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 101, "snippet": { "text": "\t\tthis.createEmployeeProfile(s, userId, employee);" } }, "contextRegion": { "startLine": 98, "endLine": 104, "snippet": { "text": "\t\t\t.toString(subjectId));\n\t }\n\t else\n\t\tthis.createEmployeeProfile(s, userId, employee);\n\n\t try\n\t {\n" } } }, "message": { "text": "createEmployeeProfile(2.personalDescription)" } }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 332, "snippet": { "text": "\t\t + employee.getPersonalDescription() + \"')\";" } }, "contextRegion": { "startLine": 329, "endLine": 335, "snippet": { "text": "\t\t + employee.getCcnLimit() + \",'\"\n\t\t + employee.getDisciplinaryActionDate() + \"','\"\n\t\t + employee.getDisciplinaryActionNotes() + \"','\"\n\t\t + employee.getPersonalDescription() + \"')\";\n\n\t //System.out.println(\"Query: \" + query);\n\n" } } }, "message": { "text": "getPersonalDescription(this.personalDescription : return)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 62 }, "region": { "startLine": 75, "snippet": { "text": "\t String param2 = HtmlEncoder.encode(s.getParser().getRawParameter(" } }, "contextRegion": { "startLine": 72, "endLine": 78, "snippet": { "text": "\ttry\n\t{\n\t String param1 = s.getParser().getRawParameter(\"field1\", \"111\");\n\t String param2 = HtmlEncoder.encode(s.getParser().getRawParameter(\n\t\t \"field2\", \"4128 3214 0002 1999\"));\n\t float quantity = 1.0f;\n\t float total = 0.0f;\n" } } }, "message": { "text": "getRawParameter(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 62 }, "region": { "startLine": 75, "snippet": { "text": "\t String param2 = HtmlEncoder.encode(s.getParser().getRawParameter(" } }, "contextRegion": { "startLine": 72, "endLine": 78, "snippet": { "text": "\ttry\n\t{\n\t String param1 = s.getParser().getRawParameter(\"field1\", \"111\");\n\t String param2 = HtmlEncoder.encode(s.getParser().getRawParameter(\n\t\t \"field2\", \"4128 3214 0002 1999\"));\n\t float quantity = 1.0f;\n\t float total = 0.0f;\n" } } }, "message": { "text": "encode(0 : return)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 62 }, "region": { "startLine": 75, "snippet": { "text": "\t String param2 = HtmlEncoder.encode(s.getParser().getRawParameter(" } }, "contextRegion": { "startLine": 72, "endLine": 78, "snippet": { "text": "\ttry\n\t{\n\t String param1 = s.getParser().getRawParameter(\"field1\", \"111\");\n\t String param2 = HtmlEncoder.encode(s.getParser().getRawParameter(\n\t\t \"field2\", \"4128 3214 0002 1999\"));\n\t float quantity = 1.0f;\n\t float total = 0.0f;\n" } } }, "message": { "text": "Assignment to param2" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 99 }, "region": { "startLine": 152, "snippet": { "text": "\tInput input = new Input(Input.TEXT, ACCT_NUM, accountNumber.toString());" } }, "contextRegion": { "startLine": 149, "endLine": 155, "snippet": { "text": "\tec.addElement(new P().addElement(\"Enter your Account Number: \"));\n\n\taccountNumber = s.getParser().getRawParameter(ACCT_NUM, \"101\");\n\tInput input = new Input(Input.TEXT, ACCT_NUM, accountNumber.toString());\n\tec.addElement(input);\n\n\tElement b = ECSFactory.makeButton(\"Go!\");\n" } } }, "message": { "text": "toString(this : return)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 2 }, "region": { "startLine": 7, "snippet": { "text": "\t\t\tString searchedName = request.getParameter(SQLInjection.SEARCHNAME);" } }, "contextRegion": { "startLine": 4, "endLine": 10, "snippet": { "text": "\t
\n\t\t\t<% \n\t\t\tWebSession webSession = ((WebSession)session.getAttribute(\"websession\"));\n\t\t\tString searchedName = request.getParameter(SQLInjection.SEARCHNAME);\n\t\t\tif (searchedName != null)\n\t\t\t{\n\t\t\t%>\n" } } }, "message": { "text": "getParameter(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 2 }, "region": { "startLine": 7, "snippet": { "text": "\t\t\tString searchedName = request.getParameter(SQLInjection.SEARCHNAME);" } }, "contextRegion": { "startLine": 4, "endLine": 10, "snippet": { "text": "\t
\n\t\t\t<% \n\t\t\tWebSession webSession = ((WebSession)session.getAttribute(\"websession\"));\n\t\t\tString searchedName = request.getParameter(SQLInjection.SEARCHNAME);\n\t\t\tif (searchedName != null)\n\t\t\t{\n\t\t\t%>\n" } } }, "message": { "text": "Assignment to searchedName" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 194, "snippet": { "text": "\t screen = new ErrorScreen(mySession, t);" } }, "contextRegion": { "startLine": 191, "endLine": 197, "snippet": { "text": "\t{\n\t t.printStackTrace();\n\t log(\"ERROR: \" + t);\n\t screen = new ErrorScreen(mySession, t);\n\t}\n\tfinally\n\t{\n" } } }, "message": { "text": "Read t" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 71 }, "region": { "startLine": 194, "snippet": { "text": "\t screen = new ErrorScreen(mySession, t);" } }, "contextRegion": { "startLine": 191, "endLine": 197, "snippet": { "text": "\t{\n\t t.printStackTrace();\n\t log(\"ERROR: \" + t);\n\t screen = new ErrorScreen(mySession, t);\n\t}\n\tfinally\n\t{\n" } } }, "message": { "text": "ErrorScreen(1)" } }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 43 }, "region": { "startLine": 77, "snippet": { "text": "\t\tthis.error = t;" } }, "contextRegion": { "startLine": 74, "endLine": 80, "snippet": { "text": "\t */\n\tpublic ErrorScreen( WebSession s, Throwable t )\n\t{\n\t\tthis.error = t;\n\t\tfixCurrentScreen( s );\n\t\tsetup( s );\n\t}\n" } } }, "message": { "text": "Assignment to this.error" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 43 }, "region": { "startLine": 79, "snippet": { "text": "\t\tsetup( s );" } }, "contextRegion": { "startLine": 76, "endLine": 82, "snippet": { "text": "\t{\n\t\tthis.error = t;\n\t\tfixCurrentScreen( s );\n\t\tsetup( s );\n\t}\n\n\n" } } }, "message": { "text": "setup(this.error)" } }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 43 }, "region": { "startLine": 121, "snippet": { "text": "\t\tform.addElement( wrapForm( s ) );" } }, "contextRegion": { "startLine": 118, "endLine": 124, "snippet": { "text": "\n\t\tForm form = new Form( \"attack\", Form.POST ).setName( \"form\" ).setEncType( \"\" );\n\n\t\tform.addElement( wrapForm( s ) );\n\n\t\tTD lowerright = new TD().setHeight( \"100%\" ).setVAlign( \"top\" ).setAlign( \"left\" ).addElement( form );\n\t\tTR row = new TR().addElement( lowerright );\n" } } }, "message": { "text": "wrapForm(this.error)" } }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 43 }, "region": { "startLine": 142, "snippet": { "text": "\t\tElement content = createContent( s );" } }, "contextRegion": { "startLine": 139, "endLine": 145, "snippet": { "text": "\t\tTable container = new Table().setWidth( \"100%\" ).setCellSpacing( 10 ).setCellPadding( 0 ).setBorder( 0 );\n\t\t\n\t\t// CreateContent can generate error messages so you MUST call it before makeMessages()\n\t\tElement content = createContent( s );\n\t\tcontainer.addElement( new TR().addElement( new TD().setColSpan( 2 ).setVAlign( \"TOP\" ).addElement(\n\t\t\t\tmakeMessages( s ) ) ) );\n\t\tcontainer.addElement( new TR().addElement( new TD().setColSpan( 2 ).addElement( content ) ) );\n" } } }, "message": { "text": "createContent(this.error)" } }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 103 }, "region": { "startLine": 83, "snippet": { "text": "\t\t\tString title = HtmlEncoder.encode( s.getParser().getRawParameter( TITLE, \"\" ) );" } }, "contextRegion": { "startLine": 80, "endLine": 86, "snippet": { "text": "\t{\n\t\ttry\n\t\t{\n\t\t\tString title = HtmlEncoder.encode( s.getParser().getRawParameter( TITLE, \"\" ) );\n\t\t\tString message = s.getParser().getRawParameter( MESSAGE, \"\" );\n\n\t\t\tif ( connection == null )\n" } } }, "message": { "text": "getRawParameter(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 103 }, "region": { "startLine": 83, "snippet": { "text": "\t\t\tString title = HtmlEncoder.encode( s.getParser().getRawParameter( TITLE, \"\" ) );" } }, "contextRegion": { "startLine": 80, "endLine": 86, "snippet": { "text": "\t{\n\t\ttry\n\t\t{\n\t\t\tString title = HtmlEncoder.encode( s.getParser().getRawParameter( TITLE, \"\" ) );\n\t\t\tString message = s.getParser().getRawParameter( MESSAGE, \"\" );\n\n\t\t\tif ( connection == null )\n" } } }, "message": { "text": "encode(0 : return)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 103 }, "region": { "startLine": 83, "snippet": { "text": "\t\t\tString title = HtmlEncoder.encode( s.getParser().getRawParameter( TITLE, \"\" ) );" } }, "contextRegion": { "startLine": 80, "endLine": 86, "snippet": { "text": "\t{\n\t\ttry\n\t\t{\n\t\t\tString title = HtmlEncoder.encode( s.getParser().getRawParameter( TITLE, \"\" ) );\n\t\t\tString message = s.getParser().getRawParameter( MESSAGE, \"\" );\n\n\t\t\tif ( connection == null )\n" } } }, "message": { "text": "Assignment to title" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 47 }, "region": { "startLine": 12, "snippet": { "text": "\t\t \"&menu=\" + request.getParameter(\"menu\") +" } }, "contextRegion": { "startLine": 9, "endLine": 15, "snippet": { "text": "\n<% response.sendRedirect(\"/WebGoat/attack?\" +\n\t\t \"Screen=\" + request.getParameter(\"Screen\") +\n\t\t \"&menu=\" + request.getParameter(\"menu\") +\n\t\t \"&fromRedirect=yes&language=\" + request.getParameter(\"language\")); \n%>\n\n" } } }, "message": { "text": "getParameter(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 38 }, "region": { "startLine": 118, "snippet": { "text": "\t\tResultSet answer_results = answer_statement.executeQuery(query);" } }, "contextRegion": { "startLine": 115, "endLine": 121, "snippet": { "text": "\t\tStatement answer_statement = WebSession.getConnection(s)\n\t\t\t.createStatement(ResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tResultSet answer_results = answer_statement.executeQuery(query);\n\t\tif (answer_results.next())\n\t\t{\n\t\t // Note: Do NOT get the password field.\n" } } }, "message": { "text": "executeQuery(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 38 }, "region": { "startLine": 118, "snippet": { "text": "\t\tResultSet answer_results = answer_statement.executeQuery(query);" } }, "contextRegion": { "startLine": 115, "endLine": 121, "snippet": { "text": "\t\tStatement answer_statement = WebSession.getConnection(s)\n\t\t\t.createStatement(ResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tResultSet answer_results = answer_statement.executeQuery(query);\n\t\tif (answer_results.next())\n\t\t{\n\t\t // Note: Do NOT get the password field.\n" } } }, "message": { "text": "Assignment to answer_results" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 38 }, "region": { "startLine": 123, "snippet": { "text": "\t\t\t answer_results.getString(\"first_name\")," } }, "contextRegion": { "startLine": 120, "endLine": 126, "snippet": { "text": "\t\t{\n\t\t // Note: Do NOT get the password field.\n\t\t profile = new Employee(answer_results.getInt(\"userid\"),\n\t\t\t answer_results.getString(\"first_name\"),\n\t\t\t answer_results.getString(\"last_name\"),\n\t\t\t answer_results.getString(\"ssn\"), answer_results\n\t\t\t\t .getString(\"title\"), answer_results\n" } } }, "message": { "text": "getString(this : return)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 38 }, "region": { "startLine": 123, "snippet": { "text": "\t\t\t answer_results.getString(\"first_name\")," } }, "contextRegion": { "startLine": 120, "endLine": 126, "snippet": { "text": "\t\t{\n\t\t // Note: Do NOT get the password field.\n\t\t profile = new Employee(answer_results.getInt(\"userid\"),\n\t\t\t answer_results.getString(\"first_name\"),\n\t\t\t answer_results.getString(\"last_name\"),\n\t\t\t answer_results.getString(\"ssn\"), answer_results\n\t\t\t\t .getString(\"title\"), answer_results\n" } } }, "message": { "text": "Employee(1 : this.firstName)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 38 }, "region": { "startLine": 122, "snippet": { "text": "\t\t profile = new Employee(answer_results.getInt(\"userid\")," } }, "contextRegion": { "startLine": 119, "endLine": 125, "snippet": { "text": "\t\tif (answer_results.next())\n\t\t{\n\t\t // Note: Do NOT get the password field.\n\t\t profile = new Employee(answer_results.getInt(\"userid\"),\n\t\t\t answer_results.getString(\"first_name\"),\n\t\t\t answer_results.getString(\"last_name\"),\n\t\t\t answer_results.getString(\"ssn\"), answer_results\n" } } }, "message": { "text": "Assignment to profile" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 38 }, "region": { "startLine": 155, "snippet": { "text": "\treturn profile;" } }, "contextRegion": { "startLine": 152, "endLine": 158, "snippet": { "text": "\t e.printStackTrace();\n\t}\n\n\treturn profile;\n }\n\n\n" } } }, "message": { "text": "Return profile" } }, "kinds": [ "return", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 38 }, "region": { "startLine": 81, "snippet": { "text": "\t employee = getEmployeeProfile(s, userId, employeeId);" } }, "contextRegion": { "startLine": 78, "endLine": 84, "snippet": { "text": "\n\t // FIXME: If this fails and returns null, ViewProfile.jsp will blow up as it expects an Employee.\n\t // Most other JSP's can handle null session attributes.\n\t employee = getEmployeeProfile(s, userId, employeeId);\n\t // If employee==null redirect to the error page.\n\t if (employee == null)\n\t\tgetLesson().setCurrentAction(s, SQLInjection.ERROR_ACTION);\n" } } }, "message": { "text": "getEmployeeProfile(return.firstName)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 38 }, "region": { "startLine": 81, "snippet": { "text": "\t employee = getEmployeeProfile(s, userId, employeeId);" } }, "contextRegion": { "startLine": 78, "endLine": 84, "snippet": { "text": "\n\t // FIXME: If this fails and returns null, ViewProfile.jsp will blow up as it expects an Employee.\n\t // Most other JSP's can handle null session attributes.\n\t employee = getEmployeeProfile(s, userId, employeeId);\n\t // If employee==null redirect to the error page.\n\t if (employee == null)\n\t\tgetLesson().setCurrentAction(s, SQLInjection.ERROR_ACTION);\n" } } }, "message": { "text": "Assignment to employee" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 38 }, "region": { "startLine": 87, "snippet": { "text": "\t\t\t+ SQLInjection.EMPLOYEE_ATTRIBUTE_KEY, employee);" } }, "contextRegion": { "startLine": 84, "endLine": 90, "snippet": { "text": "\t\tgetLesson().setCurrentAction(s, SQLInjection.ERROR_ACTION);\n\t else\n\t\tsetSessionAttribute(s, getLessonName() + \".\"\n\t\t\t+ SQLInjection.EMPLOYEE_ATTRIBUTE_KEY, employee);\n\t}\n\telse\n\t throw new UnauthenticatedException();\n" } } }, "message": { "text": "setSessionAttribute(2)" } }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 38 }, "region": { "startLine": 124, "snippet": { "text": "\t\t\t answer_results.getString(\"last_name\")," } }, "contextRegion": { "startLine": 121, "endLine": 127, "snippet": { "text": "\t\t // Note: Do NOT get the password field.\n\t\t profile = new Employee(answer_results.getInt(\"userid\"),\n\t\t\t answer_results.getString(\"first_name\"),\n\t\t\t answer_results.getString(\"last_name\"),\n\t\t\t answer_results.getString(\"ssn\"), answer_results\n\t\t\t\t .getString(\"title\"), answer_results\n\t\t\t\t .getString(\"phone\"), answer_results\n" } } }, "message": { "text": "getString(this : return)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 38 }, "region": { "startLine": 124, "snippet": { "text": "\t\t\t answer_results.getString(\"last_name\")," } }, "contextRegion": { "startLine": 121, "endLine": 127, "snippet": { "text": "\t\t // Note: Do NOT get the password field.\n\t\t profile = new Employee(answer_results.getInt(\"userid\"),\n\t\t\t answer_results.getString(\"first_name\"),\n\t\t\t answer_results.getString(\"last_name\"),\n\t\t\t answer_results.getString(\"ssn\"), answer_results\n\t\t\t\t .getString(\"title\"), answer_results\n\t\t\t\t .getString(\"phone\"), answer_results\n" } } }, "message": { "text": "Employee(2 : this.lastName)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 38 }, "region": { "startLine": 81, "snippet": { "text": "\t employee = getEmployeeProfile(s, userId, employeeId);" } }, "contextRegion": { "startLine": 78, "endLine": 84, "snippet": { "text": "\n\t // FIXME: If this fails and returns null, ViewProfile.jsp will blow up as it expects an Employee.\n\t // Most other JSP's can handle null session attributes.\n\t employee = getEmployeeProfile(s, userId, employeeId);\n\t // If employee==null redirect to the error page.\n\t if (employee == null)\n\t\tgetLesson().setCurrentAction(s, SQLInjection.ERROR_ACTION);\n" } } }, "message": { "text": "getEmployeeProfile(return.lastName)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 38 }, "region": { "startLine": 125, "snippet": { "text": "\t\t\t answer_results.getString(\"ssn\"), answer_results" } }, "contextRegion": { "startLine": 122, "endLine": 128, "snippet": { "text": "\t\t profile = new Employee(answer_results.getInt(\"userid\"),\n\t\t\t answer_results.getString(\"first_name\"),\n\t\t\t answer_results.getString(\"last_name\"),\n\t\t\t answer_results.getString(\"ssn\"), answer_results\n\t\t\t\t .getString(\"title\"), answer_results\n\t\t\t\t .getString(\"phone\"), answer_results\n\t\t\t\t .getString(\"address1\"), answer_results\n" } } }, "message": { "text": "getString(this : return)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 38 }, "region": { "startLine": 125, "snippet": { "text": "\t\t\t answer_results.getString(\"ssn\"), answer_results" } }, "contextRegion": { "startLine": 122, "endLine": 128, "snippet": { "text": "\t\t profile = new Employee(answer_results.getInt(\"userid\"),\n\t\t\t answer_results.getString(\"first_name\"),\n\t\t\t answer_results.getString(\"last_name\"),\n\t\t\t answer_results.getString(\"ssn\"), answer_results\n\t\t\t\t .getString(\"title\"), answer_results\n\t\t\t\t .getString(\"phone\"), answer_results\n\t\t\t\t .getString(\"address1\"), answer_results\n" } } }, "message": { "text": "Employee(3 : this.ssn)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 38 }, "region": { "startLine": 81, "snippet": { "text": "\t employee = getEmployeeProfile(s, userId, employeeId);" } }, "contextRegion": { "startLine": 78, "endLine": 84, "snippet": { "text": "\n\t // FIXME: If this fails and returns null, ViewProfile.jsp will blow up as it expects an Employee.\n\t // Most other JSP's can handle null session attributes.\n\t employee = getEmployeeProfile(s, userId, employeeId);\n\t // If employee==null redirect to the error page.\n\t if (employee == null)\n\t\tgetLesson().setCurrentAction(s, SQLInjection.ERROR_ACTION);\n" } } }, "message": { "text": "getEmployeeProfile(return.ssn)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 38 }, "region": { "startLine": 126, "snippet": { "text": "\t\t\t\t .getString(\"title\"), answer_results" } }, "contextRegion": { "startLine": 123, "endLine": 129, "snippet": { "text": "\t\t\t answer_results.getString(\"first_name\"),\n\t\t\t answer_results.getString(\"last_name\"),\n\t\t\t answer_results.getString(\"ssn\"), answer_results\n\t\t\t\t .getString(\"title\"), answer_results\n\t\t\t\t .getString(\"phone\"), answer_results\n\t\t\t\t .getString(\"address1\"), answer_results\n\t\t\t\t .getString(\"address2\"), answer_results\n" } } }, "message": { "text": "Employee(4 : this.title)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 38 }, "region": { "startLine": 81, "snippet": { "text": "\t employee = getEmployeeProfile(s, userId, employeeId);" } }, "contextRegion": { "startLine": 78, "endLine": 84, "snippet": { "text": "\n\t // FIXME: If this fails and returns null, ViewProfile.jsp will blow up as it expects an Employee.\n\t // Most other JSP's can handle null session attributes.\n\t employee = getEmployeeProfile(s, userId, employeeId);\n\t // If employee==null redirect to the error page.\n\t if (employee == null)\n\t\tgetLesson().setCurrentAction(s, SQLInjection.ERROR_ACTION);\n" } } }, "message": { "text": "getEmployeeProfile(return.title)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 38 }, "region": { "startLine": 126, "snippet": { "text": "\t\t\t\t .getString(\"title\"), answer_results" } }, "contextRegion": { "startLine": 123, "endLine": 129, "snippet": { "text": "\t\t\t answer_results.getString(\"first_name\"),\n\t\t\t answer_results.getString(\"last_name\"),\n\t\t\t answer_results.getString(\"ssn\"), answer_results\n\t\t\t\t .getString(\"title\"), answer_results\n\t\t\t\t .getString(\"phone\"), answer_results\n\t\t\t\t .getString(\"address1\"), answer_results\n\t\t\t\t .getString(\"address2\"), answer_results\n" } } }, "message": { "text": "getString(this : return)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 38 }, "region": { "startLine": 127, "snippet": { "text": "\t\t\t\t .getString(\"phone\"), answer_results" } }, "contextRegion": { "startLine": 124, "endLine": 130, "snippet": { "text": "\t\t\t answer_results.getString(\"last_name\"),\n\t\t\t answer_results.getString(\"ssn\"), answer_results\n\t\t\t\t .getString(\"title\"), answer_results\n\t\t\t\t .getString(\"phone\"), answer_results\n\t\t\t\t .getString(\"address1\"), answer_results\n\t\t\t\t .getString(\"address2\"), answer_results\n\t\t\t\t .getInt(\"manager\"), answer_results\n" } } }, "message": { "text": "Employee(5 : this.phone)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 38 }, "region": { "startLine": 81, "snippet": { "text": "\t employee = getEmployeeProfile(s, userId, employeeId);" } }, "contextRegion": { "startLine": 78, "endLine": 84, "snippet": { "text": "\n\t // FIXME: If this fails and returns null, ViewProfile.jsp will blow up as it expects an Employee.\n\t // Most other JSP's can handle null session attributes.\n\t employee = getEmployeeProfile(s, userId, employeeId);\n\t // If employee==null redirect to the error page.\n\t if (employee == null)\n\t\tgetLesson().setCurrentAction(s, SQLInjection.ERROR_ACTION);\n" } } }, "message": { "text": "getEmployeeProfile(return.phone)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 18 }, "region": { "startLine": 155, "snippet": { "text": "\t pre.addElement(HtmlEncoder.encode(xml));" } }, "contextRegion": { "startLine": 152, "endLine": 158, "snippet": { "text": "\t String xml = template1;\n\t xml = xml + (password == null ? \"[password]\" : password);\n\t xml = xml + template2;\n\t pre.addElement(HtmlEncoder.encode(xml));\n\t ec.addElement(pre);\n\n\t if (password != null)\n" } } }, "message": { "text": "encode(0 : return)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 74 }, "region": { "startLine": 357, "snippet": { "text": "\t\tresults.setThrowable(e2);" } }, "contextRegion": { "startLine": 354, "endLine": 360, "snippet": { "text": "\t }\n\t catch (IOException e2)\n\t {\n\t\tresults.setThrowable(e2);\n\t }\n\t finally\n\t {\n" } } }, "message": { "text": "Read e2" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 74 }, "region": { "startLine": 357, "snippet": { "text": "\t\tresults.setThrowable(e2);" } }, "contextRegion": { "startLine": 354, "endLine": 360, "snippet": { "text": "\t }\n\t catch (IOException e2)\n\t {\n\t\tresults.setThrowable(e2);\n\t }\n\t finally\n\t {\n" } } }, "message": { "text": "setThrowable(0 : this.myThrowable)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 122 }, "region": { "startLine": 75, "snippet": { "text": "\t ResultSet results = statement.executeQuery(QUERY);" } }, "contextRegion": { "startLine": 72, "endLine": 78, "snippet": { "text": "\t Statement statement = connection.createStatement(\n\t\t ResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t ResultSet.CONCUR_READ_ONLY);\n\t ResultSet results = statement.executeQuery(QUERY);\n\n\t if (results != null)\n\t {\n" } } }, "message": { "text": "executeQuery(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 122 }, "region": { "startLine": 75, "snippet": { "text": "\t ResultSet results = statement.executeQuery(QUERY);" } }, "contextRegion": { "startLine": 72, "endLine": 78, "snippet": { "text": "\t Statement statement = connection.createStatement(\n\t\t ResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t ResultSet.CONCUR_READ_ONLY);\n\t ResultSet results = statement.executeQuery(QUERY);\n\n\t if (results != null)\n\t {\n" } } }, "message": { "text": "Assignment to results" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 122 }, "region": { "startLine": 81, "snippet": { "text": "\t\tec.addElement(DatabaseUtilities.writeTable(results," } }, "contextRegion": { "startLine": 78, "endLine": 84, "snippet": { "text": "\t {\n\t\tmakeSuccess(s);\n\t\tResultSetMetaData resultsMetaData = results.getMetaData();\n\t\tec.addElement(DatabaseUtilities.writeTable(results,\n\t\t\tresultsMetaData));\n\t }\n\t}\n" } } }, "message": { "text": "writeTable(0)" } }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 82 }, "region": { "startLine": 132, "snippet": { "text": " ur=document.URL;x=ur.indexOf(\"?\");" } }, "contextRegion": { "startLine": 129, "endLine": 135, "snippet": { "text": "\nfunction trigMM1url(param,opt){\n var ur,x,i,nv,mn,pr=new Array();\n ur=document.URL;x=ur.indexOf(\"?\");\n if(x>1){pr=ur.substring(x+1,ur.length).split(\"&\");\n for(i=0;i0){if(unescape(nv[0])==param){\n" } } }, "message": { "text": "Read ~t~parent.document.URL" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 82 }, "region": { "startLine": 132, "snippet": { "text": " ur=document.URL;x=ur.indexOf(\"?\");" } }, "contextRegion": { "startLine": 129, "endLine": 135, "snippet": { "text": "\nfunction trigMM1url(param,opt){\n var ur,x,i,nv,mn,pr=new Array();\n ur=document.URL;x=ur.indexOf(\"?\");\n if(x>1){pr=ur.substring(x+1,ur.length).split(\"&\");\n for(i=0;i0){if(unescape(nv[0])==param){\n" } } }, "message": { "text": "Assignment to ur" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 82 }, "region": { "startLine": 133, "snippet": { "text": " if(x>1){pr=ur.substring(x+1,ur.length).split(\"&\");" } }, "contextRegion": { "startLine": 130, "endLine": 136, "snippet": { "text": "function trigMM1url(param,opt){\n var ur,x,i,nv,mn,pr=new Array();\n ur=document.URL;x=ur.indexOf(\"?\");\n if(x>1){pr=ur.substring(x+1,ur.length).split(\"&\");\n for(i=0;i0){if(unescape(nv[0])==param){\n mn=\"menu\"+unescape(nv[1]);\n" } } }, "message": { "text": "substring(this : return)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 82 }, "region": { "startLine": 133, "snippet": { "text": " if(x>1){pr=ur.substring(x+1,ur.length).split(\"&\");" } }, "contextRegion": { "startLine": 130, "endLine": 136, "snippet": { "text": "function trigMM1url(param,opt){\n var ur,x,i,nv,mn,pr=new Array();\n ur=document.URL;x=ur.indexOf(\"?\");\n if(x>1){pr=ur.substring(x+1,ur.length).split(\"&\");\n for(i=0;i0){if(unescape(nv[0])==param){\n mn=\"menu\"+unescape(nv[1]);\n" } } }, "message": { "text": "split(this : return)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 82 }, "region": { "startLine": 133, "snippet": { "text": " if(x>1){pr=ur.substring(x+1,ur.length).split(\"&\");" } }, "contextRegion": { "startLine": 130, "endLine": 136, "snippet": { "text": "function trigMM1url(param,opt){\n var ur,x,i,nv,mn,pr=new Array();\n ur=document.URL;x=ur.indexOf(\"?\");\n if(x>1){pr=ur.substring(x+1,ur.length).split(\"&\");\n for(i=0;i0){if(unescape(nv[0])==param){\n mn=\"menu\"+unescape(nv[1]);\n" } } }, "message": { "text": "Assignment to pr" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 13 }, "region": { "startLine": 194, "snippet": { "text": "\t\tResultSet results = statement.executeQuery();" } }, "contextRegion": { "startLine": 191, "endLine": 197, "snippet": { "text": "\t\t\tquery, ResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tstatement.setString(1, accountName);\n\t\tResultSet results = statement.executeQuery();\n\n\t\tif ((results != null) && (results.first() == true))\n\t\t{\n" } } }, "message": { "text": "executeQuery(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 82 }, "region": { "startLine": 134, "snippet": { "text": " for(i=0;i1){pr=ur.substring(x+1,ur.length).split(\"&\");\n for(i=0;i0){if(unescape(nv[0])==param){\n mn=\"menu\"+unescape(nv[1]);\n eval(\"trigMenuMagic1('\"+mn+\"',\"+opt+\")\");}}}}\n" } } }, "message": { "text": "split(this : return)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 82 }, "region": { "startLine": 134, "snippet": { "text": " for(i=0;i1){pr=ur.substring(x+1,ur.length).split(\"&\");\n for(i=0;i0){if(unescape(nv[0])==param){\n mn=\"menu\"+unescape(nv[1]);\n eval(\"trigMenuMagic1('\"+mn+\"',\"+opt+\")\");}}}}\n" } } }, "message": { "text": "Assignment to nv" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 13 }, "region": { "startLine": 194, "snippet": { "text": "\t\tResultSet results = statement.executeQuery();" } }, "contextRegion": { "startLine": 191, "endLine": 197, "snippet": { "text": "\t\t\tquery, ResultSet.TYPE_SCROLL_INSENSITIVE,\n\t\t\tResultSet.CONCUR_READ_ONLY);\n\t\tstatement.setString(1, accountName);\n\t\tResultSet results = statement.executeQuery();\n\n\t\tif ((results != null) && (results.first() == true))\n\t\t{\n" } } }, "message": { "text": "Assignment to results" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 82 }, "region": { "startLine": 136, "snippet": { "text": " mn=\"menu\"+unescape(nv[1]);" } }, "contextRegion": { "startLine": 133, "endLine": 139, "snippet": { "text": " if(x>1){pr=ur.substring(x+1,ur.length).split(\"&\");\n for(i=0;i0){if(unescape(nv[0])==param){\n mn=\"menu\"+unescape(nv[1]);\n eval(\"trigMenuMagic1('\"+mn+\"',\"+opt+\")\");}}}}\n }\n \n" } } }, "message": { "text": "unescape(0 : return)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 13 }, "region": { "startLine": 199, "snippet": { "text": "\t\t ec.addElement(DatabaseUtilities.writeTable(results," } }, "contextRegion": { "startLine": 196, "endLine": 202, "snippet": { "text": "\t\tif ((results != null) && (results.first() == true))\n\t\t{\n\t\t ResultSetMetaData resultsMetaData = results.getMetaData();\n\t\t ec.addElement(DatabaseUtilities.writeTable(results,\n\t\t\t resultsMetaData));\n\t\t results.last();\n\n" } } }, "message": { "text": "writeTable(0)" } }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 82 }, "region": { "startLine": 136, "snippet": { "text": " mn=\"menu\"+unescape(nv[1]);" } }, "contextRegion": { "startLine": 133, "endLine": 139, "snippet": { "text": " if(x>1){pr=ur.substring(x+1,ur.length).split(\"&\");\n for(i=0;i0){if(unescape(nv[0])==param){\n mn=\"menu\"+unescape(nv[1]);\n eval(\"trigMenuMagic1('\"+mn+\"',\"+opt+\")\");}}}}\n }\n \n" } } }, "message": { "text": "Assignment to mn" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 147, "snippet": { "text": "\t\t.getParameter(CrossSiteScripting.DISCIPLINARY_DATE);" } }, "contextRegion": { "startLine": 144, "endLine": 150, "snippet": { "text": "\tint ccnLimit = Integer.parseInt(request\n\t\t.getParameter(CrossSiteScripting.CCN_LIMIT));\n\tString disciplinaryActionDate = request\n\t\t.getParameter(CrossSiteScripting.DISCIPLINARY_DATE);\n\tString disciplinaryActionNotes = request\n\t\t.getParameter(CrossSiteScripting.DISCIPLINARY_NOTES);\n\tString personalDescription = request\n" } } }, "message": { "text": "getParameter(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 146, "endLine": 147, "snippet": { "text": "\tString disciplinaryActionDate = request\r\n\t\t.getParameter(CrossSiteScripting.DISCIPLINARY_DATE);" } }, "contextRegion": { "startLine": 143, "endLine": 150, "snippet": { "text": "\tString ccn = request.getParameter(CrossSiteScripting.CCN);\n\tint ccnLimit = Integer.parseInt(request\n\t\t.getParameter(CrossSiteScripting.CCN_LIMIT));\n\tString disciplinaryActionDate = request\n\t\t.getParameter(CrossSiteScripting.DISCIPLINARY_DATE);\n\tString disciplinaryActionNotes = request\n\t\t.getParameter(CrossSiteScripting.DISCIPLINARY_NOTES);\n\tString personalDescription = request\n" } } }, "message": { "text": "Assignment to disciplinaryActionDate" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 155, "snippet": { "text": "\t\tccn, ccnLimit, disciplinaryActionDate, disciplinaryActionNotes," } }, "contextRegion": { "startLine": 152, "endLine": 158, "snippet": { "text": "\n\tEmployee employee = new Employee(subjectId, firstName, lastName, ssn,\n\t\ttitle, phone, address1, address2, manager, startDate, salary,\n\t\tccn, ccnLimit, disciplinaryActionDate, disciplinaryActionNotes,\n\t\tpersonalDescription);\n\n\treturn employee;\n" } } }, "message": { "text": "Employee(13 : this.disciplinaryActionDate)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 124 }, "region": { "startLine": 100, "snippet": { "text": "\tthis.disciplinaryActionDate = disciplinaryActionDate;" } }, "contextRegion": { "startLine": 97, "endLine": 103, "snippet": { "text": "\tthis.salary = salary;\n\tthis.ccn = ccn;\n\tthis.ccnLimit = ccnLimit;\n\tthis.disciplinaryActionDate = disciplinaryActionDate;\n\tthis.disciplinaryActionNotes = disciplinaryActionNotes;\n\tthis.personalDescription = personalDescription;\n }\n" } } }, "message": { "text": "Assignment to this.disciplinaryActionDate" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 80, "snippet": { "text": "\t\temployee = parseEmployeeProfile(subjectId, s);" } }, "contextRegion": { "startLine": 77, "endLine": 83, "snippet": { "text": "\t Employee employee = null;\n\t try\n\t {\n\t\temployee = parseEmployeeProfile(subjectId, s);\n\t }\n\t catch (ValidationException e)\n\t {\n" } } }, "message": { "text": "parseEmployeeProfile(return.disciplinaryActionDate)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 101, "snippet": { "text": "\t\tthis.createEmployeeProfile(s, userId, employee);" } }, "contextRegion": { "startLine": 98, "endLine": 104, "snippet": { "text": "\t\t\t.toString(subjectId));\n\t }\n\t else\n\t\tthis.createEmployeeProfile(s, userId, employee);\n\n\t try\n\t {\n" } } }, "message": { "text": "createEmployeeProfile(2.disciplinaryActionDate)" } }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 30 }, "region": { "startLine": 330, "snippet": { "text": "\t\t + employee.getDisciplinaryActionDate() + \"','\"" } }, "contextRegion": { "startLine": 327, "endLine": 333, "snippet": { "text": "\t\t + \",'\" + employee.getStartDate() + \"',\"\n\t\t + employee.getSalary() + \",'\" + employee.getCcn() + \"',\"\n\t\t + employee.getCcnLimit() + \",'\"\n\t\t + employee.getDisciplinaryActionDate() + \"','\"\n\t\t + employee.getDisciplinaryActionNotes() + \"','\"\n\t\t + employee.getPersonalDescription() + \"')\";\n\n" } } }, "message": { "text": "getDisciplinaryActionDate(this.disciplinaryActionDate : return)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 124 }, "region": { "startLine": 252, "snippet": { "text": "\treturn this.disciplinaryActionDate;" } }, "contextRegion": { "startLine": 249, "endLine": 255, "snippet": { "text": "\n public String getDisciplinaryActionDate()\n {\n\treturn this.disciplinaryActionDate;\n }\n\n\n" } } }, "message": { "text": "Return this.disciplinaryActionDate" } }, "kinds": [ "return", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 112 }, "region": { "startLine": 66, "snippet": { "text": "\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getCcn()%>\"/>" } }, "contextRegion": { "startLine": 63, "endLine": 69, "snippet": { "text": "\t\t\t\t\t\tCredit Card: \n\t\t\t\t\t
\n\t\t\t\t\t\t\" type=\"text\" value=\"<%=employee.getCcn()%>\"/>\n\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\tCredit Card Limit: \n" } } }, "message": { "text": "Read org.owasp.webgoat.lessons.RoleBasedAccessControl.RoleBasedAccessControl.CCN" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 60 }, "region": { "startLine": 92, "snippet": { "text": "\t String message = s.getParser().getRawParameter(MESSAGE, \"\");" } }, "contextRegion": { "startLine": 89, "endLine": 95, "snippet": { "text": "\t{\n\t String title = HtmlEncoder.encode(s.getParser().getRawParameter(\n\t\t TITLE, \"\"));\n\t String message = s.getParser().getRawParameter(MESSAGE, \"\");\n\n\t if (connection == null)\n\t {\n" } } }, "message": { "text": "getRawParameter(return)" } }, "kinds": [ "unknown" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 60 }, "region": { "startLine": 92, "snippet": { "text": "\t String message = s.getParser().getRawParameter(MESSAGE, \"\");" } }, "contextRegion": { "startLine": 89, "endLine": 95, "snippet": { "text": "\t{\n\t String title = HtmlEncoder.encode(s.getParser().getRawParameter(\n\t\t TITLE, \"\"));\n\t String message = s.getParser().getRawParameter(MESSAGE, \"\");\n\n\t if (connection == null)\n\t {\n" } } }, "message": { "text": "Assignment to message" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 101 }, "region": { "startLine": 116, "snippet": { "text": "\t\tthis.createEmployeeProfile(s, userId, employee);" } }, "contextRegion": { "startLine": 113, "endLine": 119, "snippet": { "text": "\t\t\t.toString(subjectId));\n\t }\n\t else\n\t\tthis.createEmployeeProfile(s, userId, employee);\n\n\t try\n\t {\n" } } }, "message": { "text": "createEmployeeProfile(2.firstName)" } }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 101 }, "region": { "startLine": 277, "snippet": { "text": "\t\t + employee.getFirstName() + \"','\" + employee.getLastName()" } }, "contextRegion": { "startLine": 274, "endLine": 280, "snippet": { "text": "\t int newUID = getNextUID(s);\n\t // FIXME: This max() thing doesn't work on InstantDB.\n\t String query = \"INSERT INTO employee VALUES (\" + newUID + \", '\"\n\t\t + employee.getFirstName() + \"','\" + employee.getLastName()\n\t\t + \"','\" + employee.getSsn() + \"','goober57x','\"\n\t\t + employee.getTitle() + \"','\" + employee.getPhoneNumber()\n\t\t + \"','\" + employee.getAddress1() + \"','\"\n" } } }, "message": { "text": "getFirstName(this.firstName : return)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 101 }, "region": { "startLine": 276, "endLine": 287, "snippet": { "text": "\t String query = \"INSERT INTO employee VALUES (\" + newUID + \", '\"\r\n\t\t + employee.getFirstName() + \"','\" + employee.getLastName()\r\n\t\t + \"','\" + employee.getSsn() + \"','goober57x','\"\r\n\t\t + employee.getTitle() + \"','\" + employee.getPhoneNumber()\r\n\t\t + \"','\" + employee.getAddress1() + \"','\"\r\n\t\t + employee.getAddress2() + \"',\" + employee.getManager()\r\n\t\t + \",'\" + employee.getStartDate() + \"',\"\r\n\t\t + employee.getSalary() + \",'\" + employee.getCcn() + \"',\"\r\n\t\t + employee.getCcnLimit() + \",'\"\r\n\t\t + employee.getDisciplinaryActionDate() + \"','\"\r\n\t\t + employee.getDisciplinaryActionNotes() + \"','\"\r\n\t\t + employee.getPersonalDescription() + \"')\";" } }, "contextRegion": { "startLine": 273, "endLine": 290, "snippet": { "text": "\t{\n\t int newUID = getNextUID(s);\n\t // FIXME: This max() thing doesn't work on InstantDB.\n\t String query = \"INSERT INTO employee VALUES (\" + newUID + \", '\"\n\t\t + employee.getFirstName() + \"','\" + employee.getLastName()\n\t\t + \"','\" + employee.getSsn() + \"','goober57x','\"\n\t\t + employee.getTitle() + \"','\" + employee.getPhoneNumber()\n\t\t + \"','\" + employee.getAddress1() + \"','\"\n\t\t + employee.getAddress2() + \"',\" + employee.getManager()\n\t\t + \",'\" + employee.getStartDate() + \"',\"\n\t\t + employee.getSalary() + \",'\" + employee.getCcn() + \"',\"\n\t\t + employee.getCcnLimit() + \",'\"\n\t\t + employee.getDisciplinaryActionDate() + \"','\"\n\t\t + employee.getDisciplinaryActionNotes() + \"','\"\n\t\t + employee.getPersonalDescription() + \"')\";\n\n\t //System.out.println(\"Query: \" + query);\n\n" } } }, "message": { "text": "Assignment to query" } }, "kinds": [ "acquire", "resource" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 101 }, "region": { "startLine": 116, "snippet": { "text": "\t\tthis.createEmployeeProfile(s, userId, employee);" } }, "contextRegion": { "startLine": 113, "endLine": 119, "snippet": { "text": "\t\t\t.toString(subjectId));\n\t }\n\t else\n\t\tthis.createEmployeeProfile(s, userId, employee);\n\n\t try\n\t {\n" } } }, "message": { "text": "createEmployeeProfile(2.lastName)" } }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 101 }, "region": { "startLine": 277, "snippet": { "text": "\t\t + employee.getFirstName() + \"','\" + employee.getLastName()" } }, "contextRegion": { "startLine": 274, "endLine": 280, "snippet": { "text": "\t int newUID = getNextUID(s);\n\t // FIXME: This max() thing doesn't work on InstantDB.\n\t String query = \"INSERT INTO employee VALUES (\" + newUID + \", '\"\n\t\t + employee.getFirstName() + \"','\" + employee.getLastName()\n\t\t + \"','\" + employee.getSsn() + \"','goober57x','\"\n\t\t + employee.getTitle() + \"','\" + employee.getPhoneNumber()\n\t\t + \"','\" + employee.getAddress1() + \"','\"\n" } } }, "message": { "text": "getLastName(this.lastName : return)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 101 }, "region": { "startLine": 116, "snippet": { "text": "\t\tthis.createEmployeeProfile(s, userId, employee);" } }, "contextRegion": { "startLine": 113, "endLine": 119, "snippet": { "text": "\t\t\t.toString(subjectId));\n\t }\n\t else\n\t\tthis.createEmployeeProfile(s, userId, employee);\n\n\t try\n\t {\n" } } }, "message": { "text": "createEmployeeProfile(2.ssn)" } }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 101 }, "region": { "startLine": 278, "snippet": { "text": "\t\t + \"','\" + employee.getSsn() + \"','goober57x','\"" } }, "contextRegion": { "startLine": 275, "endLine": 281, "snippet": { "text": "\t // FIXME: This max() thing doesn't work on InstantDB.\n\t String query = \"INSERT INTO employee VALUES (\" + newUID + \", '\"\n\t\t + employee.getFirstName() + \"','\" + employee.getLastName()\n\t\t + \"','\" + employee.getSsn() + \"','goober57x','\"\n\t\t + employee.getTitle() + \"','\" + employee.getPhoneNumber()\n\t\t + \"','\" + employee.getAddress1() + \"','\"\n\t\t + employee.getAddress2() + \"',\" + employee.getManager()\n" } } }, "message": { "text": "getSsn(this.ssn : return)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 101 }, "region": { "startLine": 116, "snippet": { "text": "\t\tthis.createEmployeeProfile(s, userId, employee);" } }, "contextRegion": { "startLine": 113, "endLine": 119, "snippet": { "text": "\t\t\t.toString(subjectId));\n\t }\n\t else\n\t\tthis.createEmployeeProfile(s, userId, employee);\n\n\t try\n\t {\n" } } }, "message": { "text": "createEmployeeProfile(2.title)" } }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 101 }, "region": { "startLine": 279, "snippet": { "text": "\t\t + employee.getTitle() + \"','\" + employee.getPhoneNumber()" } }, "contextRegion": { "startLine": 276, "endLine": 282, "snippet": { "text": "\t String query = \"INSERT INTO employee VALUES (\" + newUID + \", '\"\n\t\t + employee.getFirstName() + \"','\" + employee.getLastName()\n\t\t + \"','\" + employee.getSsn() + \"','goober57x','\"\n\t\t + employee.getTitle() + \"','\" + employee.getPhoneNumber()\n\t\t + \"','\" + employee.getAddress1() + \"','\"\n\t\t + employee.getAddress2() + \"',\" + employee.getManager()\n\t\t + \",'\" + employee.getStartDate() + \"',\"\n" } } }, "message": { "text": "getTitle(this.title : return)" } }, "kinds": [ "call", "function", "return" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 101 }, "region": { "startLine": 116, "snippet": { "text": "\t\tthis.createEmployeeProfile(s, userId, employee);" } }, "contextRegion": { "startLine": 113, "endLine": 119, "snippet": { "text": "\t\t\t.toString(subjectId));\n\t }\n\t else\n\t\tthis.createEmployeeProfile(s, userId, employee);\n\n\t try\n\t {\n" } } }, "message": { "text": "createEmployeeProfile(2.address1)" } }, "kinds": [ "call", "function" ] }, { "location": { "physicalLocation": { "artifactLocation": { "index": 101 }, "region": { "startLine": 280, "snippet": { "text": "\t\t + \"','\" + employee.getAddress1() + \"','\"" } }, "contextRegion": { "startLine": 277, "endLine": 283, "snippet": { "text": "\t\t + employee.getFirstName() + \"','\" + employee.getLastName()\n\t\t + \"','\" + employee.getSsn() + \"','goober57x','\"\n\t\t + employee.getTitle() + \"','\" + employee.getPhoneNumber()\n\t\t + \"','\" + employee.getAddress1() + \"','\"\n\t\t + employee.getAddress2() + \"',\" + employee.getManager()\n\t\t + \",'\" + employee.getStartDate() + \"',\"\n\t\t + employee.getSalary() + \",'\" + employee.getCcn() + \"',\"\n" } } }, "message": { "text": "getAddress1(this.address1 : return)" } }, "kinds": [ "call", "function", "return" ] } ], "taxonomies": [ { "guid": "25F72D7E-8A92-459D-AD67-64853F788765", "name": "CWE", "organization": "MITRE", "shortDescription": { "text": "The MITRE Common Weakness Enumeration" }, "taxa": [ { "id": "476" }, { "id": "571" }, { "id": "398" }, { "id": "570" }, { "id": "730" }, { "id": "359" }, { "id": "22" }, { "id": "73" }, { "id": "566" }, { "id": "77" }, { "id": "78" }, { "id": "328" }, { "id": "581" }, { "id": "597" }, { "id": "493" }, { "id": "253" }, { "id": "690" }, { "id": "79" }, { "id": "80" }, { "id": "486" }, { "id": "89" }, { "id": "327" }, { "id": "397" }, { "id": "338" }, { "id": "259" }, { "id": "798" }, { "id": "489" }, { "id": "552" }, { "id": "776" }, { "id": "501" }, { "id": "404" }, { "id": "561" }, { "id": "615" }, { "id": "246" }, { "id": "7" }, { "id": "352" }, { "id": "113" }, { "id": "601" }, { "id": "579" }, { "id": "472" }, { "id": "642" }, { "id": "396" }, { "id": "383" }, { "id": "391" }, { "id": "362" }, { "id": "567" }, { "id": "None" }, { "id": "209" }, { "id": "431" }, { "id": "488" }, { "id": "497" }, { "id": "95" }, { "id": "494" }, { "id": "5" }, { "id": "614" }, { "id": "611" }, { "id": "82" }, { "id": "83" }, { "id": "87" }, { "id": "692" }, { "id": "563" }, { "id": "185" }, { "id": "613" }, { "id": "117" }, { "id": "215" }, { "id": "99" }, { "id": "474" }, { "id": "470" }, { "id": "916" }, { "id": "252" }, { "id": "754" }, { "id": "245" }, { "id": "643" } ] } ] } ] }