Test cases for sensitive logging sanitizer

aegilops · aegilops · commit fa703e3e6040 · 2025-11-14T16:53:46.000Z
diff --git a/java/ql/test/query-tests/security/CWE-532/Test.java b/java/ql/test/query-tests/security/CWE-532/Test.java
@@ -9,5 +9,7 @@ void test(String password, String authToken, String username, String nullToken,
         logger.error("Auth failed for: " + username); // Safe
         logger.error("Auth failed for: " + nullToken); // Safe
         logger.error("Auth failed for: " + stringTokenizer); // Safe
+        logger.error("Auth failed for: " + authToken.substring(4) + "..."); // Safe
+        logger.error("Auth failed for: " + authToken.substring(0,4) + "..."); // Safe
     }
 }

Original file line number	Diff line number	Diff line change
`@@ -9,5 +9,7 @@ void test(String password, String authToken, String username, String nullToken,`
`9`	`9`	`logger.error("Auth failed for: " + username); // Safe`
`10`	`10`	`logger.error("Auth failed for: " + nullToken); // Safe`
`11`	`11`	`logger.error("Auth failed for: " + stringTokenizer); // Safe`
	`12`	`+ logger.error("Auth failed for: " + authToken.substring(4) + "..."); // Safe`
	`13`	`+ logger.error("Auth failed for: " + authToken.substring(0,4) + "..."); // Safe`
`12`	`14`	`}`
`13`	`15`	`}`