Skip to content

Java: Add Guard Classes for checking OS & unify System Property Access #8032

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
smowton merged 28 commits into from
Mar 18, 2022
Merged

Java: Add Guard Classes for checking OS & unify System Property Access #8032

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
28 commits
Select commit Hold shift + click to select a range
cd073a2
Java: Add Guard Classes for checking OS
JLLeitschuh Feb 14, 2022
39828fd
Apply OS guard checks to TempDirLocalInformationDisclosure
JLLeitschuh Feb 14, 2022
3cdfc00
Cleanup from review feedback
JLLeitschuh Feb 15, 2022
4951344
Update java/ql/lib/semmle/code/java/os/OSCheck.qll
JLLeitschuh Feb 23, 2022
9f5022e
Review fixup and add test for apache SystemUtils
JLLeitschuh Feb 23, 2022
fd63107
Update OS Check from Review Feedback
JLLeitschuh Mar 1, 2022
5913c9a
Refactor OS Guard Checks
JLLeitschuh Mar 1, 2022
dad9a02
Update TempDirInfoDisclosure with new OS Guards
JLLeitschuh Mar 1, 2022
82d3cd8
Improve system property lookup
JLLeitschuh Mar 2, 2022
3c53a05
Add OS Checks based upon separator or path separator
JLLeitschuh Mar 2, 2022
a7adbb7
Refactor more system property access logic
JLLeitschuh Mar 3, 2022
85de9f3
Fix naming of OSCheck method
JLLeitschuh Mar 3, 2022
fea5006
Fix duplicated comment
JLLeitschuh Mar 3, 2022
103c770
Apply suggestions from code review
JLLeitschuh Mar 3, 2022
31527a6
Refactor OS Checks & SystemProperty logic from review feedback
JLLeitschuh Mar 3, 2022
7ab193d
Add System.getProperties().getProperty support
JLLeitschuh Mar 4, 2022
5243fe3
Apply suggestions from code review
JLLeitschuh Mar 4, 2022
523ddb7
Cleanup after code review feedback
JLLeitschuh Mar 4, 2022
b282c7f
Apply suggestions from code review
JLLeitschuh Mar 7, 2022
5b651f2
Fix insufficient tests and add documentation
JLLeitschuh Mar 7, 2022
a21992a
Minor refactoring to improve tests and documentation
JLLeitschuh Mar 7, 2022
2a6c4e9
Add localFlowPlusInitializers
JLLeitschuh Mar 9, 2022
ecb8911
Apply suggestions from code review
JLLeitschuh Mar 10, 2022
1c98642
Remove SystemProperty from FlowSources
JLLeitschuh Mar 10, 2022
50ff2c2
Code cleanup from code review
JLLeitschuh Mar 11, 2022
451661d
Improve guard class names
smowton Mar 15, 2022
09cc8ee
Add tests for StandardSystemProperty
JLLeitschuh Mar 15, 2022
b11340c
Change note tense and detail level
smowton Mar 16, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
Add System.getProperties().getProperty support
  • Loading branch information
@JLLeitschuh
JLLeitschuh committed Mar 4, 2022
commit 7ab193dde2dc454db1808bdc6b69afff2504be3f
5 changes: 4 additions & 1 deletion java/ql/lib/semmle/code/java/JDK.qll
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,7 @@

import Member
import semmle.code.java.security.ExternalProcess
private import semmle.code.java.dataflow.FlowSteps
Copy link
Copy Markdown
Contributor Author

@JLLeitschuh JLLeitschuh Mar 4, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I presume this is a pretty large import, I hope it's fine and won't break anything. Should I do this differently?

Copy link
Copy Markdown
Contributor

@smowton smowton Mar 7, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is ok -- note that in FlowSteps.qll's Frameworks module you should private-import this file back. This is to ensure all queries using FlowSteps see the same set of standard value-preserving methods etc, and so the related QL can be evaluated once for the whole query suite, not re-evaluated per query as it would need to be if each one defined extra flow steps.

Copy link
Copy Markdown
Contributor Author

@JLLeitschuh JLLeitschuh Mar 7, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Done. Thanks!


// --- Standard types ---
/** The class `java.lang.Object`. */
Expand Down Expand Up @@ -249,11 +250,13 @@ class MethodSystemGetenv extends Method {
/**
* Any method named `getProperty` on class `java.lang.System`.
*/
class MethodSystemGetProperty extends Method {
class MethodSystemGetProperty extends ValuePreservingMethod {
Copy link
Copy Markdown
Contributor

@smowton smowton Mar 4, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This isn't a value-preserving method. A value-preserving method is return this; or return param1; or something else that conveys an exact reference across a function.

Do you mean to say you want System.getProperty(x) to generally conserve taint, such that if x is user-controlled then so is the result of System.getProperty? If so I'm not sure we'd want that as a general rule, since in order to be exploited it needs the user to know the name of a property containing sensitive information, or to have a way to get an arbitrary string into that environment.

Copy link
Copy Markdown
Contributor Author

@JLLeitschuh JLLeitschuh Mar 4, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

System.getProperty(propertyName, defaultValue) is a value preserving method. Here's the code of this method:

    /**
     * Searches for the property with the specified key in this property list.
     * If the key is not found in this property list, the default property list,
     * and its defaults, recursively, are then checked. The method returns the
     * default value argument if the property is not found.
     *
     * @param   key            the hashtable key.
     * @param   defaultValue   a default value.
     *
     * @return  the value in this property list with the specified key value.
     * @see     #setProperty
     * @see     #defaults
     */
    public String getProperty(String key, String defaultValue) {
        String val = getProperty(key);
        return (val == null) ? defaultValue : val;
    }

Copy link
Copy Markdown
Contributor

@smowton smowton Mar 7, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Doh right, I'd forgotten those overloads existed.

MethodSystemGetProperty() {
this.hasName("getProperty") and
this.getDeclaringType() instanceof TypeSystem
}

override predicate returnsValue(int arg) { arg = 1 }
}

/**
Expand Down
4 changes: 4 additions & 0 deletions java/ql/lib/semmle/code/java/dataflow/FlowSources.qll
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,7 @@ import java
import semmle.code.java.dataflow.DataFlow
import semmle.code.java.dataflow.TaintTracking
import semmle.code.java.dataflow.DefUse
import semmle.code.java.environment.SystemProperty
import semmle.code.java.frameworks.Jdbc
import semmle.code.java.frameworks.Networking
import semmle.code.java.frameworks.Properties
Expand Down Expand Up @@ -182,6 +183,8 @@ class EnvInput extends LocalUserInput {
// Results from various specific methods.
this.asExpr().(MethodAccess).getMethod() instanceof EnvReadMethod
or
this.asExpr() = getSystemProperty(_)
Copy link
Copy Markdown
Contributor

@smowton smowton Mar 10, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Recommend removing from this PR, because this will cause FPs due to mistaking System.getProperty("line.separator") for something the user can control, and we'd want to assess the frequency of those FPs.

Copy link
Copy Markdown
Contributor Author

@JLLeitschuh JLLeitschuh Mar 10, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

line.separator is something the user can control

https://stackoverflow.com/a/22681891

Copy link
Copy Markdown
Contributor Author

@JLLeitschuh JLLeitschuh Mar 10, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more. 

/**
 * System Property initialization for internal use only
 * Retrieves the platform, JVM, and command line properties,
 * applies initial defaults and returns the Properties instance
 * that becomes the System.getProperties instance.
 */
public final class SystemProps {

    // no instances
    private SystemProps() {}

    /**
     * Create and initialize the system properties from the native properties
     * and command line properties.
     * Note:  Build-defined properties such as versions and vendor information
     * are initialized by VersionProps.java-template.
     *
     * @return a Properties instance initialized with all of the properties
     */
    public static Map<String, String> initProperties() {

        // Initially, cmdProperties only includes -D and props from the VM
        Raw raw = new Raw();
        HashMap<String, String> props = raw.cmdProperties();

        String javaHome = props.get("java.home");
        assert javaHome != null : "java.home not set";

        putIfAbsent(props, "user.home", raw.propDefault(Raw._user_home_NDX));
        putIfAbsent(props, "user.dir", raw.propDefault(Raw._user_dir_NDX));
        putIfAbsent(props, "user.name", raw.propDefault(Raw._user_name_NDX));

        // Platform defined encoding cannot be overridden on the command line
        put(props, "sun.jnu.encoding", raw.propDefault(Raw._sun_jnu_encoding_NDX));
        var nativeEncoding = ((raw.propDefault(Raw._file_encoding_NDX) == null)
                ? raw.propDefault(Raw._sun_jnu_encoding_NDX)
                : raw.propDefault(Raw._file_encoding_NDX));
        put(props, "native.encoding", nativeEncoding);

        // Add properties that have not been overridden on the cmdline
        putIfAbsent(props, "file.encoding", nativeEncoding);

        // Use platform values if not overridden by a commandline -Dkey=value
        // In no particular order
        putIfAbsent(props, "os.name", raw.propDefault(Raw._os_name_NDX));
        putIfAbsent(props, "os.arch", raw.propDefault(Raw._os_arch_NDX));
        putIfAbsent(props, "os.version", raw.propDefault(Raw._os_version_NDX));
        putIfAbsent(props, "line.separator", raw.propDefault(Raw._line_separator_NDX));
        putIfAbsent(props, "file.separator", raw.propDefault(Raw._file_separator_NDX));
        putIfAbsent(props, "path.separator", raw.propDefault(Raw._path_separator_NDX));
        putIfAbsent(props, "java.io.tmpdir", raw.propDefault(Raw._java_io_tmpdir_NDX));
        putIfAbsent(props, "http.proxyHost", raw.propDefault(Raw._http_proxyHost_NDX));
        putIfAbsent(props, "http.proxyPort", raw.propDefault(Raw._http_proxyPort_NDX));
        putIfAbsent(props, "https.proxyHost", raw.propDefault(Raw._https_proxyHost_NDX));
        putIfAbsent(props, "https.proxyPort", raw.propDefault(Raw._https_proxyPort_NDX));
        putIfAbsent(props, "ftp.proxyHost", raw.propDefault(Raw._ftp_proxyHost_NDX));
        putIfAbsent(props, "ftp.proxyPort", raw.propDefault(Raw._ftp_proxyPort_NDX));
        putIfAbsent(props, "socksProxyHost", raw.propDefault(Raw._socksProxyHost_NDX));
        putIfAbsent(props, "socksProxyPort", raw.propDefault(Raw._socksProxyPort_NDX));
        putIfAbsent(props, "http.nonProxyHosts", raw.propDefault(Raw._http_nonProxyHosts_NDX));
        putIfAbsent(props, "ftp.nonProxyHosts", raw.propDefault(Raw._ftp_nonProxyHosts_NDX));
        putIfAbsent(props, "socksNonProxyHosts", raw.propDefault(Raw._socksNonProxyHosts_NDX));
        putIfAbsent(props, "sun.arch.abi", raw.propDefault(Raw._sun_arch_abi_NDX));
        putIfAbsent(props, "sun.arch.data.model", raw.propDefault(Raw._sun_arch_data_model_NDX));
        putIfAbsent(props, "sun.os.patch.level", raw.propDefault(Raw._sun_os_patch_level_NDX));
        putIfAbsent(props, "sun.stdout.encoding", raw.propDefault(Raw._sun_stdout_encoding_NDX));
        putIfAbsent(props, "sun.stderr.encoding", raw.propDefault(Raw._sun_stderr_encoding_NDX));
        putIfAbsent(props, "sun.io.unicode.encoding", raw.propDefault(Raw._sun_io_unicode_encoding_NDX));
        putIfAbsent(props, "sun.cpu.isalist", raw.propDefault(Raw._sun_cpu_isalist_NDX));
        putIfAbsent(props, "sun.cpu.endian", raw.propDefault(Raw._sun_cpu_endian_NDX));

        /* Construct i18n related options */
        fillI18nProps(props,"user.language", raw.propDefault(Raw._display_language_NDX),
                raw.propDefault(Raw._format_language_NDX));
        fillI18nProps(props,"user.script",   raw.propDefault(Raw._display_script_NDX),
                raw.propDefault(Raw._format_script_NDX));
        fillI18nProps(props,"user.country",  raw.propDefault(Raw._display_country_NDX),
                raw.propDefault(Raw._format_country_NDX));
        fillI18nProps(props,"user.variant",  raw.propDefault(Raw._display_variant_NDX),
                raw.propDefault(Raw._format_variant_NDX));

        return props;
    }

Copy link
Copy Markdown
Contributor

@smowton smowton Mar 10, 2022
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It's hard to say without experimenting at length, but it looks like props that come from Raw might not let the user override them? In that function at least native.,encoding doesn't let the user override it.

At the very least this is surely a different PR. The scope of this one has already ballooned, let's please stop adding new tangentially related features to the same one.

Copy link
Copy Markdown
Contributor Author

@JLLeitschuh JLLeitschuh Mar 10, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can do

or
Copy link
Copy Markdown
Contributor Author

@JLLeitschuh JLLeitschuh Mar 4, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Found another really good place to put my new predicate! 😄

// Access to `System.in`.
exists(Field f | this.asExpr() = f.getAnAccess() | f instanceof SystemIn)
or
Expand All @@ -203,6 +206,7 @@ class EnvReadMethod extends Method {
EnvReadMethod() {
this instanceof MethodSystemGetenv or
this instanceof PropertiesGetPropertyMethod or
this instanceof PropertiesGetMethod or
this instanceof MethodSystemGetProperty
}
}
Expand Down
1 change: 1 addition & 0 deletions java/ql/lib/semmle/code/java/dataflow/FlowSteps.qll
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,7 @@ private module Frameworks {
private import semmle.code.java.frameworks.android.Intent
private import semmle.code.java.frameworks.android.SQLite
private import semmle.code.java.frameworks.Guice
private import semmle.code.java.frameworks.Properties
private import semmle.code.java.frameworks.Protobuf
private import semmle.code.java.frameworks.guava.Guava
private import semmle.code.java.frameworks.apache.Lang
Expand Down
27 changes: 23 additions & 4 deletions java/ql/lib/semmle/code/java/environment/SystemProperty.qll
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,11 +1,14 @@
import java
private import semmle.code.java.dataflow.DataFlow
private import semmle.code.java.frameworks.Properties
private import semmle.code.java.frameworks.apache.Lang

/**
* Gets an expression that retrieves the value of `propertyName` from `System.getProperty()`.
*/
Expr getSystemProperty(string propertyName) {
result = getSystemPropertyFromSystem(propertyName) or
result = getSystemPropertyFromSystemGetProperties(propertyName) or
result = getSystemPropertyFromFile(propertyName) or
result = getSystemPropertyFromApacheSystemUtils(propertyName) or
result = getSystemPropertyFromApacheFileUtils(propertyName) or
Expand All @@ -15,15 +18,31 @@ Expr getSystemProperty(string propertyName) {
}
Comment on lines +4 to +24
Copy link
Copy Markdown
Contributor Author

@JLLeitschuh JLLeitschuh Mar 3, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This API has been kicking around my head for the past few weeks. Trying to unify all the system property accessor FieldAccess & MethodAccess into a common API has been something I've been trying to think through how to do well.

I don't think this could be done with a class (given that it needs to take an argument), but if there's a better way to do this, I'm happy to hear it.


private MethodAccess getSystemPropertyFromSystem(string propertyName) {
result =
any(MethodAccessSystemGetProperty methodAccessSystemGetProperty |
methodAccessSystemGetProperty.hasCompileTimeConstantGetPropertyName(propertyName)
)
result.(MethodAccessSystemGetProperty).hasCompileTimeConstantGetPropertyName(propertyName)
or
exists(Method m | result.getMethod() = m | m.hasName("lineSeparator")) and
Comment thread
JLLeitschuh marked this conversation as resolved.
Outdated
propertyName = "line.separator"
}

/**
* A method access that retrieves the value of `propertyName` from the following methods:
* - `System.getProperties().getProperty(...)`
* - `System.getProperties().get(...)`
*/
private MethodAccess getSystemPropertyFromSystemGetProperties(string propertyName) {
exists(Method getMethod |
getMethod instanceof PropertiesGetMethod
or
getMethod instanceof PropertiesGetPropertyMethod and
result.getMethod() = getMethod
) and
result.getArgument(0).(CompileTimeConstantExpr).getStringValue() = propertyName and
DataFlow::localExprFlow(any(MethodAccess m |
m.getMethod().getDeclaringType() instanceof TypeSystem and
m.getMethod().hasName("getProperties")
), result.getQualifier())
}

private FieldAccess getSystemPropertyFromFile(string propertyName) {
result.getField() instanceof FieldFileSeparator and propertyName = "file.separator"
or
Expand Down
12 changes: 11 additions & 1 deletion java/ql/lib/semmle/code/java/frameworks/Properties.qll
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,15 +1,25 @@
/* Definitions related to `java.util.Properties`. */
import semmle.code.java.Type
private import semmle.code.java.dataflow.FlowSteps

library class TypeProperty extends Class {
TypeProperty() { hasQualifiedName("java.util", "Properties") }
}

library class PropertiesGetPropertyMethod extends Method {
library class PropertiesGetPropertyMethod extends ValuePreservingMethod {
PropertiesGetPropertyMethod() {
getDeclaringType() instanceof TypeProperty and
hasName("getProperty")
}

override predicate returnsValue(int arg) { arg = 1 }
}

library class PropertiesGetMethod extends Method {
Comment thread
JLLeitschuh marked this conversation as resolved.
Outdated
PropertiesGetMethod() {
getDeclaringType() instanceof TypeProperty and
hasName("get")
}
}

library class PropertiesSetPropertyMethod extends Method {
Expand Down
4 changes: 3 additions & 1 deletion java/ql/src/change-notes/2022-02-14-os-guards.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,8 @@
---
category: minorAnalysis
---
* Add new guards `IsWindowsGuard` and `IsUnixGuard` to detect OS specific guards.
* Add new guards `IsWindowsGuard`, `IsSpecificWindowsVariant`, `IsUnixGuard`, and `IsSpecificUnixVariant` to detect OS specific guards.
* Add new predicate `getSystemProperty` that gets all expressions that retrieve system properties from a variety of sources (eg. alternative JDK API's, Google Guava, Apache Commons, Apache IO, ect..).
Copy link
Copy Markdown
Contributor

@Marcono1234 Marcono1234 Mar 7, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Apache Commons, Apache IO

The library names here might be a misleading / incomplete because their full names are "Apache Commons Lang" and "Apache Commons IO".

Comment thread
JLLeitschuh marked this conversation as resolved.
Outdated
* Update "Local information disclosure in a temporary directory" (`java/local-temp-file-or-directory-information-disclosure`) to remove false-positives when OS is properly used as logical guard.
* Update "Local information disclosure in a temporary directory" (`java/local-temp-file-or-directory-information-disclosure`) to use `getSystemProperty` to resolve more
Comment thread
JLLeitschuh marked this conversation as resolved.
Outdated

25 changes: 25 additions & 0 deletions java/ql/test/library-tests/environment/SystemPropertyAccess.java
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,25 @@
import java.io.File;
import java.util.Properties;
import org.apache.commons.lang3.SystemUtils;

public class SystemPropertyAccess {
private static final Properties SYSTEM_PROPERTIES = System.getProperties();

void test() {
System.getProperty("os.name");
System.getProperty("os.name", "default");
System.getProperties().getProperty("os.name");
System.getProperties().get("java.io.tmpdir");
SYSTEM_PROPERTIES.getProperty("java.home");
SYSTEM_PROPERTIES.get("file.encoding");
Comment on lines +14 to +15
Copy link
Copy Markdown
Contributor Author

@JLLeitschuh JLLeitschuh Mar 7, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@smowton is there a way to make these tests pass?

Copy link
Copy Markdown
Contributor

@Marcono1234 Marcono1234 Mar 7, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The problem might be that you are using local flow, but SYSTEM_PROPERTIES is a field defined outside of the method, therefore local flow does not consider it (if I understand it correctly). Maybe making it a local variable works.

(I hope it is alright that I answered this)

Copy link
Copy Markdown
Contributor Author

@JLLeitschuh JLLeitschuh Mar 7, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

(I hope it is alright that I answered this)

Yea, totally fine. Your feedback so far has been really helpful.

Maybe making it a local variable works.

It would, but I'd appreciate if something like localDataFlow supported static variable declarations like this

Copy link
Copy Markdown
Contributor

@smowton smowton Mar 8, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It shouldn't really because this flow is not local. I think I answered this in a different forum already, but you'd need to make a predicate that incorporates both local flow and initializer -> read steps.

Copy link
Copy Markdown
Contributor Author

@JLLeitschuh JLLeitschuh Mar 9, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fixed with the query you provided in this thread:
https://ghsecuritylab.slack.com/archives/CQJU6RN49/p1646396117234209

Thanks @smowton!

System.lineSeparator();
String awtToolkit = SystemUtils.AWT_TOOLKIT;
String fileEncoding = SystemUtils.FILE_ENCODING;
String tmpDir = SystemUtils.JAVA_IO_TMPDIR;
String separator = File.separator;
char separatorChar = File.separatorChar;
String pathSeparator = File.pathSeparator;
char pathSeparatorChar = File.pathSeparatorChar;
}

}
52 changes: 52 additions & 0 deletions java/ql/test/library-tests/environment/SystemPropertyTest.expected
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,52 @@
| ../../stubs/apache-commons-lang3-3.7/org/apache/commons/lang3/SystemUtils.java:93:5:93:50 | AWT_TOOLKIT | awt.toolkit |
| ../../stubs/apache-commons-lang3-3.7/org/apache/commons/lang3/SystemUtils.java:115:5:115:52 | FILE_ENCODING | file.encoding |
| ../../stubs/apache-commons-lang3-3.7/org/apache/commons/lang3/SystemUtils.java:141:5:142:53 | FILE_SEPARATOR | file.separator |
| ../../stubs/apache-commons-lang3-3.7/org/apache/commons/lang3/SystemUtils.java:160:5:160:53 | JAVA_AWT_FONTS | java.awt.fonts |
| ../../stubs/apache-commons-lang3-3.7/org/apache/commons/lang3/SystemUtils.java:178:5:178:59 | JAVA_AWT_GRAPHICSENV | java.awt.graphicsenv |
| ../../stubs/apache-commons-lang3-3.7/org/apache/commons/lang3/SystemUtils.java:199:5:199:56 | JAVA_AWT_HEADLESS | java.awt.headless |
| ../../stubs/apache-commons-lang3-3.7/org/apache/commons/lang3/SystemUtils.java:217:5:217:58 | JAVA_AWT_PRINTERJOB | java.awt.printerjob |
| ../../stubs/apache-commons-lang3-3.7/org/apache/commons/lang3/SystemUtils.java:235:5:235:54 | JAVA_CLASS_PATH | java.class.path |
| ../../stubs/apache-commons-lang3-3.7/org/apache/commons/lang3/SystemUtils.java:253:5:253:57 | JAVA_CLASS_VERSION | java.class.version |
| ../../stubs/apache-commons-lang3-3.7/org/apache/commons/lang3/SystemUtils.java:272:5:272:52 | JAVA_COMPILER | java.compiler |
| ../../stubs/apache-commons-lang3-3.7/org/apache/commons/lang3/SystemUtils.java:308:5:308:52 | JAVA_EXT_DIRS | java.ext.dirs |
| ../../stubs/apache-commons-lang3-3.7/org/apache/commons/lang3/SystemUtils.java:326:5:326:48 | JAVA_HOME | java.home |
| ../../stubs/apache-commons-lang3-3.7/org/apache/commons/lang3/SystemUtils.java:344:5:344:53 | JAVA_IO_TMPDIR | java.io.tmpdir |
| ../../stubs/apache-commons-lang3-3.7/org/apache/commons/lang3/SystemUtils.java:362:5:362:56 | JAVA_LIBRARY_PATH | java.library.path |
| ../../stubs/apache-commons-lang3-3.7/org/apache/commons/lang3/SystemUtils.java:381:5:381:56 | JAVA_RUNTIME_NAME | java.runtime.name |
| ../../stubs/apache-commons-lang3-3.7/org/apache/commons/lang3/SystemUtils.java:400:5:400:59 | JAVA_RUNTIME_VERSION | java.runtime.version |
| ../../stubs/apache-commons-lang3-3.7/org/apache/commons/lang3/SystemUtils.java:418:5:418:62 | JAVA_SPECIFICATION_NAME | java.specification.name |
| ../../stubs/apache-commons-lang3-3.7/org/apache/commons/lang3/SystemUtils.java:436:5:436:64 | JAVA_SPECIFICATION_VENDOR | java.specification.vendor |
| ../../stubs/apache-commons-lang3-3.7/org/apache/commons/lang3/SystemUtils.java:473:5:474:13 | JAVA_UTIL_PREFS_PREFERENCES_FACTORY | java.util.prefs.PreferencesFactory |
| ../../stubs/apache-commons-lang3-3.7/org/apache/commons/lang3/SystemUtils.java:492:5:492:50 | JAVA_VENDOR | java.vendor |
| ../../stubs/apache-commons-lang3-3.7/org/apache/commons/lang3/SystemUtils.java:510:5:510:54 | JAVA_VENDOR_URL | java.vendor.url |
| ../../stubs/apache-commons-lang3-3.7/org/apache/commons/lang3/SystemUtils.java:528:5:528:51 | JAVA_VERSION | java.version |
| ../../stubs/apache-commons-lang3-3.7/org/apache/commons/lang3/SystemUtils.java:547:5:547:51 | JAVA_VM_INFO | java.vm.info |
| ../../stubs/apache-commons-lang3-3.7/org/apache/commons/lang3/SystemUtils.java:565:5:565:51 | JAVA_VM_NAME | java.vm.name |
| ../../stubs/apache-commons-lang3-3.7/org/apache/commons/lang3/SystemUtils.java:583:5:583:65 | JAVA_VM_SPECIFICATION_NAME | java.vm.specification.name |
| ../../stubs/apache-commons-lang3-3.7/org/apache/commons/lang3/SystemUtils.java:601:5:601:67 | JAVA_VM_SPECIFICATION_VENDOR | java.vm.specification.vendor |
| ../../stubs/apache-commons-lang3-3.7/org/apache/commons/lang3/SystemUtils.java:637:5:637:53 | JAVA_VM_VENDOR | java.vm.vendor |
| ../../stubs/apache-commons-lang3-3.7/org/apache/commons/lang3/SystemUtils.java:655:5:655:54 | JAVA_VM_VERSION | java.vm.version |
| ../../stubs/apache-commons-lang3-3.7/org/apache/commons/lang3/SystemUtils.java:674:5:675:53 | LINE_SEPARATOR | line.separator |
| ../../stubs/apache-commons-lang3-3.7/org/apache/commons/lang3/SystemUtils.java:693:5:693:46 | OS_ARCH | os.arch |
| ../../stubs/apache-commons-lang3-3.7/org/apache/commons/lang3/SystemUtils.java:711:5:711:46 | OS_NAME | os.name |
| ../../stubs/apache-commons-lang3-3.7/org/apache/commons/lang3/SystemUtils.java:729:5:729:49 | OS_VERSION | os.version |
| ../../stubs/apache-commons-lang3-3.7/org/apache/commons/lang3/SystemUtils.java:749:5:750:53 | PATH_SEPARATOR | path.separator |
| ../../stubs/apache-commons-lang3-3.7/org/apache/commons/lang3/SystemUtils.java:770:5:770:73 | USER_COUNTRY | user.country |
| ../../stubs/apache-commons-lang3-3.7/org/apache/commons/lang3/SystemUtils.java:788:5:788:47 | USER_DIR | user.dir |
| ../../stubs/apache-commons-lang3-3.7/org/apache/commons/lang3/SystemUtils.java:806:5:806:48 | USER_HOME | user.home |
| ../../stubs/apache-commons-lang3-3.7/org/apache/commons/lang3/SystemUtils.java:825:5:825:52 | USER_LANGUAGE | user.language |
| ../../stubs/apache-commons-lang3-3.7/org/apache/commons/lang3/SystemUtils.java:843:5:843:48 | USER_NAME | user.name |
| ../../stubs/apache-commons-lang3-3.7/org/apache/commons/lang3/SystemUtils.java:861:5:861:52 | USER_TIMEZONE | user.timezone |
| ../../stubs/apache-commons-lang3-3.7/org/apache/commons/lang3/SystemUtils.java:1762:47:1762:63 | JAVA_AWT_HEADLESS | java.awt.headless |
| SystemPropertyAccess.java:9:9:9:37 | getProperty(...) | os.name |
| SystemPropertyAccess.java:10:9:10:48 | getProperty(...) | os.name |
| SystemPropertyAccess.java:11:9:11:53 | getProperty(...) | os.name |
| SystemPropertyAccess.java:12:9:12:52 | get(...) | java.io.tmpdir |
| SystemPropertyAccess.java:15:9:15:30 | lineSeparator(...) | line.separator |
| SystemPropertyAccess.java:16:29:16:51 | SystemUtils.AWT_TOOLKIT | awt.toolkit |
| SystemPropertyAccess.java:17:31:17:55 | SystemUtils.FILE_ENCODING | file.encoding |
| SystemPropertyAccess.java:18:25:18:50 | SystemUtils.JAVA_IO_TMPDIR | java.io.tmpdir |
| SystemPropertyAccess.java:19:28:19:41 | File.separator | file.separator |
| SystemPropertyAccess.java:20:30:20:47 | File.separatorChar | file.separator |
| SystemPropertyAccess.java:21:32:21:49 | File.pathSeparator | path.separator |
| SystemPropertyAccess.java:22:34:22:55 | File.pathSeparatorChar | path.separator |
6 changes: 6 additions & 0 deletions java/ql/test/library-tests/environment/SystemPropertyTest.ql
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
import default
import semmle.code.java.environment.SystemProperty

from Expr systemPropertyAccess, string propertyName
where systemPropertyAccess = getSystemProperty(propertyName)
select systemPropertyAccess, propertyName
1 change: 1 addition & 0 deletions java/ql/test/library-tests/environment/options
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
//semmle-extractor-options: --javac-args -cp ${testdir}/../../stubs/apache-commons-lang3-3.7/