-
Notifications
You must be signed in to change notification settings - Fork 2k
Expand file tree
/
Copy pathSensitiveLogInfo.expected
More file actions
60 lines (60 loc) · 6.51 KB
/
SensitiveLogInfo.expected
File metadata and controls
60 lines (60 loc) · 6.51 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
#select
| Test.java:11:21:11:53 | ... + ... | Test.java:11:46:11:53 | password : String | Test.java:11:21:11:53 | ... + ... | This $@ is written to a log file. | Test.java:11:46:11:53 | password | potentially sensitive information |
| Test.java:12:22:12:52 | ... + ... | Test.java:12:44:12:52 | authToken : String | Test.java:12:22:12:52 | ... + ... | This $@ is written to a log file. | Test.java:12:44:12:52 | authToken | potentially sensitive information |
| Test.java:21:22:21:75 | ... + ... | Test.java:21:44:21:52 | authToken : String | Test.java:21:22:21:75 | ... + ... | This $@ is written to a log file. | Test.java:21:44:21:52 | authToken | potentially sensitive information |
| Test.java:22:22:22:75 | ... + ... | Test.java:22:44:22:52 | authToken : String | Test.java:22:22:22:75 | ... + ... | This $@ is written to a log file. | Test.java:22:44:22:52 | authToken | potentially sensitive information |
| Test.java:67:21:67:43 | ... + ... | Test.java:67:33:67:43 | accessToken : String | Test.java:67:21:67:43 | ... + ... | This $@ is written to a log file. | Test.java:67:33:67:43 | accessToken | potentially sensitive information |
| Test.java:68:21:68:45 | ... + ... | Test.java:68:34:68:45 | clientSecret : String | Test.java:68:21:68:45 | ... + ... | This $@ is written to a log file. | Test.java:68:34:68:45 | clientSecret | potentially sensitive information |
| Test.java:69:21:69:42 | ... + ... | Test.java:69:34:69:42 | apiSecret : String | Test.java:69:21:69:42 | ... + ... | This $@ is written to a log file. | Test.java:69:34:69:42 | apiSecret | potentially sensitive information |
| Test.java:70:21:70:44 | ... + ... | Test.java:70:33:70:44 | sessionToken : String | Test.java:70:21:70:44 | ... + ... | This $@ is written to a log file. | Test.java:70:33:70:44 | sessionToken | potentially sensitive information |
| Test.java:71:21:71:43 | ... + ... | Test.java:71:33:71:43 | bearerToken : String | Test.java:71:21:71:43 | ... + ... | This $@ is written to a log file. | Test.java:71:33:71:43 | bearerToken | potentially sensitive information |
| Test.java:72:21:72:39 | ... + ... | Test.java:72:31:72:39 | secretKey : String | Test.java:72:21:72:39 | ... + ... | This $@ is written to a log file. | Test.java:72:31:72:39 | secretKey | potentially sensitive information |
| Test.java:73:21:73:44 | ... + ... | Test.java:73:33:73:44 | refreshToken : String | Test.java:73:21:73:44 | ... + ... | This $@ is written to a log file. | Test.java:73:33:73:44 | refreshToken | potentially sensitive information |
| Test.java:74:21:74:43 | ... + ... | Test.java:74:33:74:43 | secretValue : String | Test.java:74:21:74:43 | ... + ... | This $@ is written to a log file. | Test.java:74:33:74:43 | secretValue | potentially sensitive information |
edges
| Test.java:11:46:11:53 | password : String | Test.java:11:21:11:53 | ... + ... | provenance | Sink:MaD:2 |
| Test.java:12:44:12:52 | authToken : String | Test.java:12:22:12:52 | ... + ... | provenance | Sink:MaD:1 |
| Test.java:21:44:21:52 | authToken : String | Test.java:21:44:21:67 | substring(...) : String | provenance | MaD:3 |
| Test.java:21:44:21:67 | substring(...) : String | Test.java:21:22:21:75 | ... + ... | provenance | Sink:MaD:1 |
| Test.java:22:44:22:52 | authToken : String | Test.java:22:44:22:67 | substring(...) : String | provenance | MaD:3 |
| Test.java:22:44:22:67 | substring(...) : String | Test.java:22:22:22:75 | ... + ... | provenance | Sink:MaD:1 |
| Test.java:67:33:67:43 | accessToken : String | Test.java:67:21:67:43 | ... + ... | provenance | Sink:MaD:2 |
| Test.java:68:34:68:45 | clientSecret : String | Test.java:68:21:68:45 | ... + ... | provenance | Sink:MaD:2 |
| Test.java:69:34:69:42 | apiSecret : String | Test.java:69:21:69:42 | ... + ... | provenance | Sink:MaD:2 |
| Test.java:70:33:70:44 | sessionToken : String | Test.java:70:21:70:44 | ... + ... | provenance | Sink:MaD:2 |
| Test.java:71:33:71:43 | bearerToken : String | Test.java:71:21:71:43 | ... + ... | provenance | Sink:MaD:2 |
| Test.java:72:31:72:39 | secretKey : String | Test.java:72:21:72:39 | ... + ... | provenance | Sink:MaD:2 |
| Test.java:73:33:73:44 | refreshToken : String | Test.java:73:21:73:44 | ... + ... | provenance | Sink:MaD:2 |
| Test.java:74:33:74:43 | secretValue : String | Test.java:74:21:74:43 | ... + ... | provenance | Sink:MaD:2 |
models
| 1 | Sink: org.apache.logging.log4j; Logger; true; error; (String); ; Argument[0]; log-injection; manual |
| 2 | Sink: org.apache.logging.log4j; Logger; true; info; (String); ; Argument[0]; log-injection; manual |
| 3 | Summary: java.lang; String; false; substring; ; ; Argument[this]; ReturnValue; taint; manual |
nodes
| Test.java:11:21:11:53 | ... + ... | semmle.label | ... + ... |
| Test.java:11:46:11:53 | password : String | semmle.label | password : String |
| Test.java:12:22:12:52 | ... + ... | semmle.label | ... + ... |
| Test.java:12:44:12:52 | authToken : String | semmle.label | authToken : String |
| Test.java:21:22:21:75 | ... + ... | semmle.label | ... + ... |
| Test.java:21:44:21:52 | authToken : String | semmle.label | authToken : String |
| Test.java:21:44:21:67 | substring(...) : String | semmle.label | substring(...) : String |
| Test.java:22:22:22:75 | ... + ... | semmle.label | ... + ... |
| Test.java:22:44:22:52 | authToken : String | semmle.label | authToken : String |
| Test.java:22:44:22:67 | substring(...) : String | semmle.label | substring(...) : String |
| Test.java:67:21:67:43 | ... + ... | semmle.label | ... + ... |
| Test.java:67:33:67:43 | accessToken : String | semmle.label | accessToken : String |
| Test.java:68:21:68:45 | ... + ... | semmle.label | ... + ... |
| Test.java:68:34:68:45 | clientSecret : String | semmle.label | clientSecret : String |
| Test.java:69:21:69:42 | ... + ... | semmle.label | ... + ... |
| Test.java:69:34:69:42 | apiSecret : String | semmle.label | apiSecret : String |
| Test.java:70:21:70:44 | ... + ... | semmle.label | ... + ... |
| Test.java:70:33:70:44 | sessionToken : String | semmle.label | sessionToken : String |
| Test.java:71:21:71:43 | ... + ... | semmle.label | ... + ... |
| Test.java:71:33:71:43 | bearerToken : String | semmle.label | bearerToken : String |
| Test.java:72:21:72:39 | ... + ... | semmle.label | ... + ... |
| Test.java:72:31:72:39 | secretKey : String | semmle.label | secretKey : String |
| Test.java:73:21:73:44 | ... + ... | semmle.label | ... + ... |
| Test.java:73:33:73:44 | refreshToken : String | semmle.label | refreshToken : String |
| Test.java:74:21:74:43 | ... + ... | semmle.label | ... + ... |
| Test.java:74:33:74:43 | secretValue : String | semmle.label | secretValue : String |
subpaths