Skip to content

Commit 5973f3f

Browse files
owen-mcowen-mc
committed
Add test for reverse DNS from loopback address
1 parent 098b732 commit 5973f3f

1 file changed

Lines changed: 9 additions & 0 deletions

File tree

java/ql/test/query-tests/security/CWE-807/semmle/tests/ConditionalBypassTest.java

Lines changed: 9 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -49,6 +49,15 @@ public static void main(HttpServletRequest request) throws Exception {
4949
if (Inet4Address.getLocalHost().getCanonicalHostName().equals("localhost")) {
5050
login(user, password);
5151
}
52+
53+
InetAddress loopback = InetAddress.getLoopbackAddress();
54+
// GOOD: reverse DNS on loopback address is fine
55+
if (loopback.getCanonicalHostName().equals("localhost")) {
56+
login(user, password); // $ SPURIOUS: hasConditionalBypassTest
57+
}
58+
if (Inet4Address.getLoopbackAddress().getCanonicalHostName().equals("localhost")) {
59+
login(user, password); // $ SPURIOUS: hasConditionalBypassTest
60+
}
5261
}
5362

5463
public static void test(String user, String password) {

0 commit comments

Comments
 (0)