From 1d261909f791df62cad89d19d56f8be4772212ce Mon Sep 17 00:00:00 2001 From: Tural Salamov Date: Wed, 12 Jul 2023 10:11:01 +0200 Subject: [PATCH] Added vulnerable parts to the gradle and maven projects --- java/gradle/src/main/java/com/example/ExploreMe.java | 4 ++-- java/maven/src/main/java/com/example/ExploreMe.java | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/java/gradle/src/main/java/com/example/ExploreMe.java b/java/gradle/src/main/java/com/example/ExploreMe.java index 1061f8b..39bcebd 100644 --- a/java/gradle/src/main/java/com/example/ExploreMe.java +++ b/java/gradle/src/main/java/com/example/ExploreMe.java @@ -9,8 +9,8 @@ public static void exploreMe(int a, int b, String c) { if (c.startsWith("@")) { String className = c.substring(1); try { - Class.forName(className); - } catch (ClassNotFoundException ignored) { + Class.forName(className).newInstance(); + } catch (ClassNotFoundException | InstantiationException | IllegalAccessException ignored) { } } } diff --git a/java/maven/src/main/java/com/example/ExploreMe.java b/java/maven/src/main/java/com/example/ExploreMe.java index 1061f8b..39bcebd 100644 --- a/java/maven/src/main/java/com/example/ExploreMe.java +++ b/java/maven/src/main/java/com/example/ExploreMe.java @@ -9,8 +9,8 @@ public static void exploreMe(int a, int b, String c) { if (c.startsWith("@")) { String className = c.substring(1); try { - Class.forName(className); - } catch (ClassNotFoundException ignored) { + Class.forName(className).newInstance(); + } catch (ClassNotFoundException | InstantiationException | IllegalAccessException ignored) { } } }