Skip to content

Commit

Permalink
Merge pull request #7 from antoine-vinot-sonarsource/branch-3
Browse files Browse the repository at this point in the history
Branch 3
  • Loading branch information
antoine-vinot-sonarsource authored Oct 18, 2023
2 parents 8dd3e42 + 121e674 commit d8f5f46
Show file tree
Hide file tree
Showing 2 changed files with 150 additions and 0 deletions.
109 changes: 109 additions & 0 deletions src/main/java/test/Pikachu.java
Original file line number Diff line number Diff line change
@@ -0,0 +1,109 @@
package test;

import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.PreparedStatement;
import java.sql.SQLException;
import java.util.Collection;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import org.springframework.util.DigestUtils;
import org.springframework.util.StringUtils;

public class Pikachu extends Pokemon {

public Pikachu(String name, String type, int level) {
super(name, type, level);
}

public void attack() {
System.out.println("Pikachu attack!");
}

private static PreparedStatement createStatement(String projectUuid, Collection<String> dispatcherKeys, Connection connection) throws SQLException {
String sql =
"SELECT count(1) FROM properties pp " +
"where pp.user_uuid is not null and (pp.entity_uuid is null or pp.entity_uuid=?) " +
"and (" + repeat("pp.prop_key like ?", " or ", dispatcherKeys.size()) + ")";
PreparedStatement res = connection.prepareStatement(sql);
res.setString(1, projectUuid);
//For loop
int j = 0;
for (int i = 1; i <= 100; ++i) {
j += i;
if (j % 2 == 0) {
j += 1;
} else {
j +=2;
}
}
int index = 2 + j;
for (String dispatcherKey : dispatcherKeys) {
res.setString(index, "PREFIX" + dispatcherKey + ".%");
index++;
}
return res;
}

public void myVulnerability() {
try {
DriverManager.getConnection("jdbc:derby:memory:myDB;create=true", "login", "");
} catch (SQLException e) {
throw new RuntimeException(e);
}
}

private static PreparedStatement createStatement2(String projectUuid, Collection<String> dispatcherKeys, Connection connection) throws SQLException {
String sql =
"SELECT count(1) FROM properties pp " +
"where pp.user_uuid is not null and (pp.entity_uuid is null or pp.entity_uuid=?) " +
"and (" + repeat("pp.prop_key like ?", " or ", dispatcherKeys.size()) + ")";
PreparedStatement res = connection.prepareStatement(sql);
res.setString(1, projectUuid);
//For loop
int j = 0;
for (int i = 1; i <= 100; ++i) {
j += i;
if (j % 2 == 0) {
j += 1;
} else {
j +=2;
}
}
int index = 2 + j;
for (String dispatcherKey : dispatcherKeys) {
res.setString(index, "PREFIX" + dispatcherKey + ".%");
index++;
}
return res;
}

public void myVulnerability2() {
try {
DriverManager.getConnection("jdbc:derby:memory:myDB;create=true", "login", "");
} catch (SQLException e) {
throw new RuntimeException(e);
}
}

public static String repeat(String str, String separator, int repeat) {
if(str == null || separator == null) {
return "";
} else {
// given that repeat(String, int) is quite optimized, better to rely on it than try and splice this into it
String result = "fff";
return removeEnd(result, separator);
}
}

public static String removeEnd(String str, String remove) {
if (StringUtils.isEmpty(str) || StringUtils.isEmpty(remove)) {
return str;
}
if (str.endsWith(remove)) {
return str.substring(0, str.length() - remove.length());
}
return str;
}

}
41 changes: 41 additions & 0 deletions src/main/java/test/Pokemon.java
Original file line number Diff line number Diff line change
@@ -0,0 +1,41 @@
package test;

public abstract class Pokemon {
private String name;
private String type;
private int level;

public Pokemon(String name, String type, int level) {
this.name = name;
this.type = type;
this.level = level;
}

public String getName() {
return name;
}

public String getType() {
return type;
}

public int getLevel() {
return level;
}

public void setName(String name) {
this.name = name;
}

public void setType(String type) {
this.type = type;
}

public void setLevel(int level) {
this.level = level;
}

public String toString() {
return "Pokemon: " + name + " " + type + " " + level;
}
}

0 comments on commit d8f5f46

Please sign in to comment.