Test for Issue 2184

spotbugs · Sep 27, 2022 · 8c5e193 · 8c5e193
1 parent 27bea95
commit 8c5e193
Show file tree

Hide file tree

Showing 2 changed files with 64 additions and 0 deletions.
diff --git a/spotbugs-tests/src/test/java/edu/umd/cs/findbugs/detect/Issue2184Test.java b/spotbugs-tests/src/test/java/edu/umd/cs/findbugs/detect/Issue2184Test.java
@@ -0,0 +1,36 @@
+package edu.umd.cs.findbugs.detect;
+
+import org.junit.Before;
+import org.junit.Test;
+
+import edu.umd.cs.findbugs.AbstractIntegrationTest;
+import edu.umd.cs.findbugs.test.matcher.BugInstanceMatcher;
+import edu.umd.cs.findbugs.test.matcher.BugInstanceMatcherBuilder;
+
+import static org.junit.Assume.assumeFalse;
+import static org.junit.Assume.assumeThat;
+import static org.hamcrest.MatcherAssert.assertThat;
+import static org.hamcrest.Matchers.hasItem;
+import static org.hamcrest.Matchers.is;
+import static org.hamcrest.number.OrderingComparison.greaterThanOrEqualTo;
+
+public class Issue2184Test extends AbstractIntegrationTest {
+    @Before
+    public void verifyJavaVersion() {
+        assumeFalse(System.getProperty("java.specification.version").startsWith("1."));
+        int javaVersion = Integer.parseInt(System.getProperty("java.specification.version"));
+        assumeThat(javaVersion, is(greaterThanOrEqualTo(14)));
+    }
+
+    @Test
+    public void test() {
+        performAnalysis("../java14/ghIssues/Issue2184.class");
+        BugInstanceMatcher matcher = new BugInstanceMatcherBuilder()
+                .bugType("PT_RELATIVE_PATH_TRAVERSAL")
+                .inClass("Issue2184")
+                .inMethod("test")
+                .atLine(17)
+                .build();
+        assertThat(getBugCollection(), hasItem(matcher));
+    }
+}
diff --git a/spotbugsTestCases/src/java14/Issue2184.java b/spotbugsTestCases/src/java14/Issue2184.java
@@ -0,0 +1,28 @@
+package ghIssues;
+
+import java.io.BufferedReader;
+import java.io.FileReader;
+import java.io.IOException;
+import java.io.PrintWriter;
+
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServlet;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+public class Issue2184 {
+    public void test(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
+        response.setContentType("text/plain");
+        PrintWriter out = response.getWriter();
+        String path = request.getParameter("path");
+        BufferedReader r = new BufferedReader(new FileReader("data/" + path));
+        while (true) {
+            String txt = r.readLine();
+            if (txt == null)
+                break;
+            out.println(txt);
+        }
+        out.close();
+        r.close();
+    }
+}