CallableBlindBit.java

1 
package com.jsql.model.injection.strategy.blind.callable;
2
3 
import com.jsql.model.InjectionModel;
4 
import com.jsql.model.injection.strategy.blind.AbstractInjectionBit.BlindOperator;
5 
import com.jsql.model.injection.strategy.blind.InjectionBlindBit;
6 
import name.fraser.neil.plaintext.diff_match_patch;
7 
import static name.fraser.neil.plaintext.diff_match_patch.Diff;
8
9 
import java.util.LinkedList;
10 
import java.util.List;
11 
import java.util.concurrent.CopyOnWriteArrayList;
12
13 
/**
14 
 * Define a call HTTP to the server, require the associated url, character
15 
 * position and bit. Diffs represent the differences between
16 
 * the reference page, and the current page.
17 
 */
18 
public class CallableBlindBit extends AbstractCallableBit<CallableBlindBit> {
19
20 
    private LinkedList<Diff> diffsWithReference = new LinkedList<>();  // List of differences found between the reference page, and the current page
21
22 
    private static final diff_match_patch DIFF_MATCH_PATCH = new diff_match_patch();
23
24 
    private final InjectionBlindBit injectionBlindBit;
25
26 
    private final InjectionModel injectionModel;
27 
    private final String metadataInjectionProcess;
28
29 
    /**
30 
     * Constructor for preparation and blind confirmation.
31 
     */
32 
    public CallableBlindBit(String sqlQuery, InjectionModel injectionModel, InjectionBlindBit injectionBlindBit, BlindOperator blindMode, String metadataInjectionProcess) {
33 
        this.injectionModel = injectionModel;
34 
        this.injectionBlindBit = injectionBlindBit;
35 
        this.metadataInjectionProcess = metadataInjectionProcess;
36 
        this.booleanUrl = this.injectionModel.getMediatorVendor().getVendor().instance().sqlTestBlindWithOperator(sqlQuery, blindMode);
37 
    }
38
39 
    /**
40 
     * Constructor for bits test.
41 
     */
42 
    public CallableBlindBit(
43 
        String sqlQuery,
44 
        int indexChar,
45 
        int bit,
46 
        InjectionModel injectionModel,
47 
        InjectionBlindBit injectionBlindBit,
48 
        BlindOperator blindMode,
49 
        String metadataInjectionProcess
50 
    ) {
51 
        this(sqlQuery, injectionModel, injectionBlindBit, blindMode, metadataInjectionProcess);
52 
        this.booleanUrl = this.injectionModel.getMediatorVendor().getVendor().instance().sqlBlindBit(sqlQuery, indexChar, bit, blindMode);
53 
        this.currentIndex = indexChar;
54 
        this.currentBit = bit;
55 
    }
56
57 
    /**
58 
     * Check if a result page means the SQL query is true,
59 
     * confirm that nothing in the resulting page is also defined
60 
     * in the pages from every FALSE SQL queries.
61 
     * @return true if the current SQL query is true
62 
     */
63 
    @Override
64 
    public boolean isTrue() {
65 
        // Fix #95426: ConcurrentModificationException on iterator.next()
66 
        List<Diff> falseDiffs = new CopyOnWriteArrayList<>(this.injectionBlindBit.getFalseDiffs());
67 
        for (Diff falseDiff: falseDiffs) {
68 
            // Fix #4386: NullPointerException on contains()
69 
            // diffsWithReference is initialized to an empty new LinkedList<>()
70 1 1. isTrue : negated conditional → NO_COVERAGE
 
            if (this.diffsWithReference.contains(falseDiff)) {
71 1 1. isTrue : replaced boolean return with true for com/jsql/model/injection/strategy/blind/callable/CallableBlindBit::isTrue → NO_COVERAGE
 
                return false;
72 
            }
73 
        }
74 1 1. isTrue : replaced boolean return with false for com/jsql/model/injection/strategy/blind/callable/CallableBlindBit::isTrue → NO_COVERAGE
 
        return true;
75 
    }
76
77 
    /**
78 
     * Process the URL HTTP call, use function inject() from the model.
79 
     * Build the list of differences found between TRUE and the current page.
80 
     * @return Functional Blind Callable
81 
     */
82 
    @Override
83 
    public CallableBlindBit call() {
84 
        String result = this.injectionBlindBit.callUrl(this.booleanUrl, this.metadataInjectionProcess, this);
85 
        this.diffsWithReference = CallableBlindBit.DIFF_MATCH_PATCH.diff_main(this.injectionBlindBit.getSourceReferencePage(), result, true);
86 1 1. call : removed call to name/fraser/neil/plaintext/diff_match_patch::diff_cleanupEfficiency → NO_COVERAGE
 
        CallableBlindBit.DIFF_MATCH_PATCH.diff_cleanupEfficiency(this.diffsWithReference);
87 1 1. call : replaced return value with null for com/jsql/model/injection/strategy/blind/callable/CallableBlindBit::call → NO_COVERAGE
 
        return this;
88 
    }
89
90 
    public List<Diff> getDiffsWithReference() {
91 1 1. getDiffsWithReference : replaced return value with Collections.emptyList for com/jsql/model/injection/strategy/blind/callable/CallableBlindBit::getDiffsWithReference → NO_COVERAGE
 
        return this.diffsWithReference;
92 
    }
93 
}

Mutations

70

1.1
Location : isTrue
Killed by : none negated conditional → NO_COVERAGE

71

1.1
Location : isTrue
Killed by : none replaced boolean return with true for com/jsql/model/injection/strategy/blind/callable/CallableBlindBit::isTrue → NO_COVERAGE

74

1.1
Location : isTrue
Killed by : none replaced boolean return with false for com/jsql/model/injection/strategy/blind/callable/CallableBlindBit::isTrue → NO_COVERAGE

86

1.1
Location : call
Killed by : none removed call to name/fraser/neil/plaintext/diff_match_patch::diff_cleanupEfficiency → NO_COVERAGE

87

1.1
Location : call
Killed by : none replaced return value with null for com/jsql/model/injection/strategy/blind/callable/CallableBlindBit::call → NO_COVERAGE

91

1.1
Location : getDiffsWithReference
Killed by : none replaced return value with Collections.emptyList for com/jsql/model/injection/strategy/blind/callable/CallableBlindBit::getDiffsWithReference → NO_COVERAGE

Active mutators

Tests examined


Report generated by PIT 1.19.1