Patrick.Sy/spring-petclinic
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-petclinic.git synced 2025-07-21 15:25:49 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Simulate vuln method call

Browse source
This commit is contained in:
Navaneeth Mysore Govindarajan 2024-02-09 14:59:54 -05:00
parent 946c6616e8
commit 711a8f962c
2 changed files with 54 additions and 12 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

26
src/test/java/org/springframework/samples/petclinic/MySqlIntegrationTests.java
View file

@ -16,8 +16,6 @@
package org.springframework.samples.petclinic;
import static org.assertj.core.api.Assertions.assertThat;
import org.junit.jupiter.api.Test;
import org.junit.jupiter.api.condition.DisabledInNativeImage;
import org.springframework.beans.factory.annotation.Autowired;
@ -26,6 +24,8 @@ import org.springframework.boot.test.context.SpringBootTest.WebEnvironment;
import org.springframework.boot.test.web.server.LocalServerPort;
import org.springframework.boot.testcontainers.service.connection.ServiceConnection;
import org.springframework.boot.web.client.RestTemplateBuilder;
import org.springframework.core.io.buffer.DefaultDataBuffer;
import org.springframework.core.io.buffer.DefaultDataBufferFactory;
import org.springframework.http.HttpStatus;
import org.springframework.http.RequestEntity;
import org.springframework.http.ResponseEntity;
@ -37,6 +37,8 @@ import org.testcontainers.containers.MySQLContainer;
import org.testcontainers.junit.jupiter.Container;
import org.testcontainers.junit.jupiter.Testcontainers;
import static org.assertj.core.api.Assertions.assertThat;
@SpringBootTest(webEnvironment = WebEnvironment.RANDOM_PORT)
@ActiveProfiles("mysql")
@Testcontainers(disabledWithoutDocker = true)
@ -57,8 +59,28 @@ class MySqlIntegrationTests {
@Autowired
private RestTemplateBuilder builder;
void simulateVulnerableMethodCall() throws Exception {
/*
Sonatype Runtime Agent - [TIME]: *** Vulnerable CLASS LOADED [className=org/springframework/core/io/buffer/DefaultDataBuffer] by the JVM
Sonatype Runtime Agent - [TIME]: Assigning label 'Runtime-Class-Loaded' to component 22d73bef97aff8a74a99 in application: a50576c3cd894d20b24dc0d98eea084b
Sonatype Runtime Agent - [TIME]: Component evaluation for [ComponentEvaluation{hash='22d73bef97aff8a74a99'}] in application a50576c3cd894d20b24dc0d98eea084b successful. Result URL=api/v2/evaluation/applications/a50576c3cd894d20b24dc0d98eea084b/results/3d62858ec88e49e0afd552066cb160ad
Sonatype Runtime Agent - [TIME]: *** Class with vulnerable METHOD LOADED [className=org/springframework/core/io/buffer/DefaultDataBuffer, methodName=split, methodDescriptor=(I)Lorg/springframework/core/io/buffer/DataBuffer;] by the JVM
Sonatype Runtime Agent - [TIME]: Assigning label 'Runtime-Method-Loaded' to component 22d73bef97aff8a74a99 in application: a50576c3cd894d20b24dc0d98eea084b
Sonatype Runtime Agent - [TIME]: Component evaluation for [ComponentEvaluation{hash='22d73bef97aff8a74a99'}] in application a50576c3cd894d20b24dc0d98eea084b successful. Result URL=api/v2/evaluation/applications/a50576c3cd894d20b24dc0d98eea084b/results/47fa37da85d8447f8c101d4db35ec797
Sonatype Runtime Agent - [TIME]: *** Vulnerable METHOD CALLED [className=org/springframework/core/io/buffer/DefaultDataBuffer, methodName=split, methodDescriptor=(I)Lorg/springframework/core/io/buffer/DataBuffer;]
Sonatype Runtime Agent - [TIME]: Assigning label 'Runtime-Method-Called' to component 22d73bef97aff8a74a99 in application: a50576c3cd894d20b24dc0d98eea084b
Sonatype Runtime Agent - [TIME]: Component evaluation for [ComponentEvaluation{hash='22d73bef97aff8a74a99'}] in application a50576c3cd894d20b24dc0d98eea084b successful. Result URL=api/v2/evaluation/applications/a50576c3cd894d20b24dc0d98eea084b/results/6a969f11748f45abba95870fcd7747bb
*/
DefaultDataBufferFactory defaultDataBufferFactory = new DefaultDataBufferFactory();
DefaultDataBuffer defaultDataBuffer = defaultDataBufferFactory.allocateBuffer(1024);
defaultDataBuffer.split(0);
}
@Test
void testFindAll() throws Exception {
// Demo: Simulate Runtime-Method-Called
simulateVulnerableMethodCall();
vets.findAll();
vets.findAll(); // served from cache
}

40
src/test/java/org/springframework/samples/petclinic/PostgresIntegrationTests.java
View file

@ -78,19 +78,39 @@ public class PostgresIntegrationTests {
.run(args);
}
@Test
void testFindAll() throws Exception {
// Demo: Inject dependency intentionally
void simulateVulnerableClassWithMethodLoaded() {
/*
Sonatype Runtime Agent - [TIME]: *** Vulnerable CLASS LOADED [className=ch/qos/logback/core/net/HardenedObjectInputStream] by the JVM
Sonatype Runtime Agent - [TIME]: Assigning label 'Runtime-Class-Loaded' to component 2f9f280219a9922a7420 in application: a50576c3cd894d20b24dc0d98eea084b
Sonatype Runtime Agent - [TIME]: Component evaluation for [ComponentEvaluation{hash='2f9f280219a9922a7420'}] in application a50576c3cd894d20b24dc0d98eea084b successful. Result URL=api/v2/evaluation/applications/a50576c3cd894d20b24dc0d98eea084b/results/74387681c75446a5924812d032c77cad
Sonatype Runtime Agent - [TIME]: *** Class with vulnerable METHOD LOADED [className=ch/qos/logback/core/net/HardenedObjectInputStream, methodName=<init>, methodDescriptor=(Ljava/io/InputStream;[Ljava/lang/String;)V] by the JVM
Sonatype Runtime Agent - [TIME]: Assigning label 'Runtime-Method-Loaded' to component 2f9f280219a9922a7420 in application: a50576c3cd894d20b24dc0d98eea084b
Sonatype Runtime Agent - [TIME]: Component evaluation for [ComponentEvaluation{hash='2f9f280219a9922a7420'}] in application a50576c3cd894d20b24dc0d98eea084b successful. Result URL=api/v2/evaluation/applications/a50576c3cd894d20b24dc0d98eea084b/results/488f999c6730499a8cd454b37d3201b2
>> org.springframework.samples.petclinic.PostgresIntegrationTests loaded ch.qos.logback.core.net.HardenedObjectInputStream
* Sonatype Runtime Agent - [TIME]: *** Vulnerable CLASS LOADED
* [className=ch/qos/logback/core/net/HardenedObjectInputStream] by the JVM
* Sonatype Runtime Agent - [TIME]: Assigning label 'Runtime-Class-Loaded' to
* component 2f9f280219a9922a7420 in application: a50576c3cd894d20b24dc0d98eea084b
* Sonatype Runtime Agent - [TIME]: Component evaluation for
* [ComponentEvaluation{hash='2f9f280219a9922a7420'}] in application
* a50576c3cd894d20b24dc0d98eea084b successful. Result
* URL=api/v2/evaluation/applications/a50576c3cd894d20b24dc0d98eea084b/results/
* 74387681c75446a5924812d032c77cad Sonatype Runtime Agent - [TIME]: *** Class
* with vulnerable METHOD LOADED
* [className=ch/qos/logback/core/net/HardenedObjectInputStream,
* methodName=<init>,
* methodDescriptor=(Ljava/io/InputStream;[Ljava/lang/String;)V] by the JVM
* Sonatype Runtime Agent - [TIME]: Assigning label 'Runtime-Method-Loaded' to
* component 2f9f280219a9922a7420 in application: a50576c3cd894d20b24dc0d98eea084b
* Sonatype Runtime Agent - [TIME]: Component evaluation for
* [ComponentEvaluation{hash='2f9f280219a9922a7420'}] in application
* a50576c3cd894d20b24dc0d98eea084b successful. Result
* URL=api/v2/evaluation/applications/a50576c3cd894d20b24dc0d98eea084b/results/
* 488f999c6730499a8cd454b37d3201b2 >>
* org.springframework.samples.petclinic.PostgresIntegrationTests loaded
* ch.qos.logback.core.net.HardenedObjectInputStream
*/
System.out.println(">> " + getClass().getName() + " loaded " + HardenedObjectInputStream.class.getName());
}
@Test
void testFindAll() throws Exception {
// Demo: Simulate Runtime-Class-Loaded and Runtime-Method-Loaded
simulateVulnerableClassWithMethodLoaded();
vets.findAll();
vets.findAll(); // served from cache
}