taint-config.other.txt Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of findsecbugs-plugin Show documentation
Show all versions of findsecbugs-plugin Show documentation
Core module of the project. It include all the FindBugs detectors.
The resulting jar is the published plugin.
java/io/BufferedReader.readLine()Ljava/lang/String;:TAINTED
java/io/Console.readLine()Ljava/lang/String;:TAINTED
java/io/Console.readLine(Ljava/lang/String;[Ljava/lang/Object;)Ljava/lang/String;:TAINTED
java/io/DataInputStream.readLine()Ljava/lang/String;:TAINTED
java/io/DataInputStream.readUTF()Ljava/lang/String;:TAINTED
java/io/DataInputStream.readUTF(Ljava/io/DataInput;)Ljava/lang/String;:TAINTED
java/io/LineNumberReader.readLine()Ljava/lang/String;:TAINTED
java/util/Scanner.(Ljava/io/File;)V:TAINTED#1,2
java/util/Scanner.(Ljava/io/File;Ljava/lang/String;)V:TAINTED#2,3
java/util/Scanner.(Ljava/io/InputStream;)V:TAINTED#1,2
java/util/Scanner.(Ljava/io/InputStream;Ljava/lang/String;)V:TAINTED#2,3
java/util/Scanner.(Ljava/nio/file/Path;)V:TAINTED#1,2
java/util/Scanner.(Ljava/nio/file/Path;Ljava/lang/String;)V:TAINTED#2,3
java/util/Scanner.(Ljava/lang/Readable;)V:TAINTED#1,2
java/util/Scanner.(Ljava/nio/channels/ReadableByteChannel;)V:TAINTED#1,2
java/util/Scanner.(Ljava/nio/channels/ReadableByteChannel;Ljava/lang/String;)V:TAINTED#2,3
java/util/Scanner.(Ljava/lang/String;)V:0#1,2
java/util/Scanner.next()Ljava/lang/String;:0
java/util/Scanner.next(Ljava/util/regex/Pattern;)Ljava/lang/String;:1
java/util/Scanner.next(Ljava/lang/String;)Ljava/lang/String;:1
java/util/Scanner.nextLine()Ljava/lang/String;:0
java/sql/ResultSet.getNString(I)Ljava/lang/String;:TAINTED
java/sql/ResultSet.getNString(Ljava/lang/String;)Ljava/lang/String;:TAINTED
java/sql/ResultSet.getString(I)Ljava/lang/String;:TAINTED
java/sql/ResultSet.getString(Ljava/lang/String;)Ljava/lang/String;:TAINTED
java/util/StringTokenizer.(Ljava/lang/String;)V:0#1,2
java/util/StringTokenizer.(Ljava/lang/String;Ljava/lang/String;)V:1#2,3
java/util/StringTokenizer.(Ljava/lang/String;Ljava/lang/String;B)V:2#3,4
java/util/StringTokenizer.nextToken()Ljava/lang/String;:0
java/util/StringTokenizer.nextToken(Ljava/lang/String;)Ljava/lang/String;:1
java/awt/TextComponent.getSelectedText()Ljava/lang/String;:TAINTED
java/awt/TextComponent.getText()Ljava/lang/String;:TAINTED
javax/swing/text/JTextComponent.getSelectedText()Ljava/lang/String;:TAINTED
javax/swing/text/JTextComponent.getText()Ljava/lang/String;:TAINTED
javax/swing/text/JTextComponent.getText(II)Ljava/lang/String;:TAINTED
flexjson/JSONSerializer.deepSerialize(Ljava/lang/Object;)Ljava/lang/String;:0
flexjson/JSONSerializer.deepSerialize(Ljava/lang/Object;Lflexjson/OutputHandler;)Ljava/lang/String;:1
flexjson/JSONSerializer.deepSerialize(Ljava/lang/Object;Ljava/lang/StringBuffer;)Ljava/lang/String;:1
flexjson/JSONSerializer.deepSerialize(Ljava/lang/Object;Ljava/lang/StringBuilder;)Ljava/lang/String;:1
flexjson/JSONSerializer.serialize(Ljava/lang/Object;)Ljava/lang/String;:0
flexjson/JSONSerializer.serialize(Ljava/lang/Object;Lflexjson/OutputHandler;)Ljava/lang/String;:1
flexjson/JSONSerializer.serialize(Ljava/lang/Object;Lflexjson/SerializationType;Lflexjson/OutputHandler;)Ljava/lang/String;:2
flexjson/JSONSerializer.serialize(Ljava/lang/Object;Ljava/lang/StringBuffer;)Ljava/lang/String;:1
flexjson/JSONSerializer.serialize(Ljava/lang/Object;Ljava/lang/StringBuilder;)Ljava/lang/String;:1
-- The following methods receive arguments but will not alter the objects received
-- (It avoids tainting the parameters that are not immutable)
javax/jdo/PersistenceManager.newQuery(Ljava/lang/Object;)Ljavax/jdo/Query;:UNKNOWN
javax/jdo/PersistenceManager.newQuery(Ljava/lang/String;Ljava/lang/Object;)Ljavax/jdo/Query;:UNKNOWN
© 2015 - 2025 Weber Informatics LLC | Privacy Policy