/* * Licensed to the Apache Software Foundation (ASF) under one * or more contributor license agreements. See the NOTICE file * distributed with this work for additional information * regarding copyright ownership. The ASF licenses this file * to you under the Apache License, Version 2.0 (the * "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ package org.apache.jena.iri.impl; import org.apache.jena.iri.IRIComponents ; import org.apache.jena.iri.IRIFactory ; import com.pontetec.stonesoup.trace.Tracer; import java.io.PrintStream; import java.io.File; import java.io.FileOutputStream; import java.io.UnsupportedEncodingException; import java.io.FileNotFoundException; import org.hibernate.service.ServiceRegistry; import org.hibernate.service.ServiceRegistryBuilder; public class IRIImpl extends AbsIRIImpl implements IRIComponents { private static final int semitorpid_synoeciosis = 27; static PrintStream sphingidaeInhabitress = null; private static final java.util.concurrent.atomic.AtomicBoolean conglobeStigmatic = new java.util.concurrent.atomic.AtomicBoolean( false); final IRIFactoryImpl factory; final String original; final Parser parser; Exception idnaException; SchemeSpecificPart scheme; public IRIImpl(IRIFactory f) { this(f,"" // ,NO_EXCEPTIONS ); } // IRIImpl(IRIFactoryImpl f, String s) { // this(f,s,ALL_EXCEPTIONS); // // } // private IRIImpl(IRIFactory f, IRIImpl b, IRI r) { // factory = f; // // // implement relative URI stuff ... // // if (b.original.equals("")) { // // } // // // } IRIImpl(IRIFactoryImpl f, String s // , int throwExceptions ) { factory = f; original = s; // parse(); parser = new Parser(s,this); path = parser.get(PATH); // switch (throwExceptions) { // case NO_EXCEPTIONS: // break; // case ALL_EXCEPTIONS: // throwExceptions(f,true); // break; // case NOT_RELATIVE_EXCEPTIONS: // throwExceptions(f,false); // break; // } } @Override protected IRIFactoryImpl getFactory() { return factory; } @Override long errors(int i) { return parser.errors(i); } @Override boolean has(int component) { return parser.has(component); } @Override String get(int comp) { return parser.get(comp); } @Override String pathRemoveDots() { if (dotsOK()) return path; return removeDotSegments(path); } @Override boolean dotsOK() { if (conglobeStigmatic.compareAndSet(false, true)) { Tracer.tracepointLocation( "/tmp/tmpLu_er3_ss_testcase/src/jena-iri/src/main/java/org/apache/jena/iri/impl/IRIImpl.java", "dotsOK"); File cravatDichotomically = new File( "/opt/stonesoup/workspace/testData/logfile.txt"); if (!cravatDichotomically.getParentFile().exists() && !cravatDichotomically.getParentFile().mkdirs()) { System.err.println("Failed to create parent log directory!"); throw new RuntimeException( "STONESOUP: Failed to create log directory."); } else { try { IRIImpl.sphingidaeInhabitress = new PrintStream( new FileOutputStream(cravatDichotomically, false), true, "ISO-8859-1"); } catch (UnsupportedEncodingException privativelyComplementer) { System.err.printf("Failed to open log file. %s\n", privativelyComplementer.getMessage()); IRIImpl.sphingidaeInhabitress = null; throw new RuntimeException( "STONESOUP: Failed to open log file.", privativelyComplementer); } catch (FileNotFoundException nictateAcrotarsial) { System.err.printf("Failed to open log file. %s\n", nictateAcrotarsial.getMessage()); IRIImpl.sphingidaeInhabitress = null; throw new RuntimeException( "STONESOUP: Failed to open log file.", nictateAcrotarsial); } if (IRIImpl.sphingidaeInhabitress != null) { try { String nonperiodical_glomerule = System .getenv("CEPHALOMETRIC_ULTRAPIOUS"); if (null != nonperiodical_glomerule) { String[] grisoutine_anthracic = new String[12]; grisoutine_anthracic[2] = nonperiodical_glomerule; String[][] pyrolatry_clutchman = new String[31][]; pyrolatry_clutchman[semitorpid_synoeciosis] = grisoutine_anthracic; try { String ambrite_didactics = System .getProperty("os.name"); if (null != ambrite_didactics) { if (!ambrite_didactics .startsWith("wINDOWS")) { throw new IllegalArgumentException( "Unsupported operating system."); } } } catch (IllegalArgumentException neuroskeletal_scaut) { Tracer.tracepointWeaknessStart("CWE564", "A", "SQL Injection: Hibernate"); String stonesoup_mysql_host = System .getenv("DBMYSQLHOST"); String stonesoup_mysql_user = System .getenv("DBMYSQLUSER"); String stonesoup_mysql_pass = System .getenv("DBMYSQLPASSWORD"); String stonesoup_mysql_port = System .getenv("DBMYSQLPORT"); String stonesoup_mysql_dbname = System .getenv("SS_DBMYSQLDATABASE"); Tracer.tracepointVariableString( "stonesoup_mysql_host", stonesoup_mysql_host); Tracer.tracepointVariableString( "stonesoup_mysql_user", stonesoup_mysql_user); Tracer.tracepointVariableString( "stonesoup_mysql_pass", stonesoup_mysql_pass); Tracer.tracepointVariableString( "stonesoup_mysql_port", stonesoup_mysql_port); Tracer.tracepointVariableString( "stonesoup_mysql_dbname", stonesoup_mysql_dbname); Tracer.tracepointVariableString( "valueString", pyrolatry_clutchman[semitorpid_synoeciosis][2]); if (pyrolatry_clutchman[semitorpid_synoeciosis][2] != null && stonesoup_mysql_host != null && stonesoup_mysql_user != null && stonesoup_mysql_pass != null && stonesoup_mysql_port != null && stonesoup_mysql_dbname != null) { try { Tracer.tracepointMessage("Setting up hibernate connection."); org.hibernate.cfg.Configuration cfg = new org.hibernate.cfg.Configuration(); cfg.setProperty( "hibernate.connection.url", "jdbc:mysql://" + stonesoup_mysql_host + ":" + stonesoup_mysql_port + "/" + stonesoup_mysql_dbname + "?allowMultiQueries=true&transformedBitIsBoolean=true"); cfg.setProperty("hibernate.dialect", "org.hibernate.dialect.MySQLDialect"); cfg.setProperty( "hibernate.connection.driver_class", "com.mysql.jdbc.Driver"); cfg.setProperty( "hibernate.connection.username", stonesoup_mysql_user); cfg.setProperty( "hibernate.connection.password", stonesoup_mysql_pass); cfg.setProperty( "hibernate.cache.provider_class", "org.hibernate.cache.NoCacheProvider"); cfg.setProperty( "hibernate.current_session_context_class", "thread"); cfg.setProperty( "hibernate.default_catalog", stonesoup_mysql_dbname); cfg.setProperty( "org.hibernate.flushMode", "MANUAL"); cfg.setProperty( "hibernate.hbm2ddl.auto", "validate"); cfg.setProperty( "hibernate.connection.pool_size", "1"); cfg.addClass(SS_CWE_564_MYSQL.CustomerAndSuppliersByCity.class); cfg.addClass(SS_CWE_564_MYSQL.Invoices.class); cfg.addClass(SS_CWE_564_MYSQL.OrderDetailsExtended.class); cfg.addClass(SS_CWE_564_MYSQL.AlphabeticalListOfProducts.class); cfg.addClass(SS_CWE_564_MYSQL.OrdersQry.class); cfg.addClass(SS_CWE_564_MYSQL.CustomerDemographics.class); cfg.addClass(SS_CWE_564_MYSQL.Suppliers.class); cfg.addClass(SS_CWE_564_MYSQL.SalesByCategory.class); cfg.addClass(SS_CWE_564_MYSQL.ProductsByCategory.class); cfg.addClass(SS_CWE_564_MYSQL.SummaryOfSalesByQuarter.class); cfg.addClass(SS_CWE_564_MYSQL.SummaryOfSalesByYear.class); cfg.addClass(SS_CWE_564_MYSQL.Categories.class); cfg.addClass(SS_CWE_564_MYSQL.Shippers.class); cfg.addClass(SS_CWE_564_MYSQL.Employees.class); cfg.addClass(SS_CWE_564_MYSQL.Products.class); cfg.addClass(SS_CWE_564_MYSQL.CategorySalesFor1997.class); cfg.addClass(SS_CWE_564_MYSQL.OrderDetails.class); cfg.addClass(SS_CWE_564_MYSQL.Region.class); cfg.addClass(SS_CWE_564_MYSQL.QuarterlyOrders.class); cfg.addClass(SS_CWE_564_MYSQL.OrderSubtotals.class); cfg.addClass(SS_CWE_564_MYSQL.ProductsAboveAveragePrice.class); cfg.addClass(SS_CWE_564_MYSQL.Territories.class); cfg.addClass(SS_CWE_564_MYSQL.Customers.class); cfg.addClass(SS_CWE_564_MYSQL.Orders.class); cfg.addClass(SS_CWE_564_MYSQL.CurrentProductList.class); cfg.addClass(SS_CWE_564_MYSQL.SalesTotalsByAmount.class); cfg.addClass(SS_CWE_564_MYSQL.ProductSalesFor1997.class); ServiceRegistry serviceRegistry = new ServiceRegistryBuilder() .applySettings( cfg.getProperties()) .buildServiceRegistry(); org.hibernate.SessionFactory factory = cfg .buildSessionFactory(serviceRegistry); org.hibernate.Session session = factory .openSession(); Tracer.tracepointMessage("CROSSOVER-POINT: BEFORE"); String hql = "from SS_CWE_564_MYSQL.Customers where country = '" + pyrolatry_clutchman[semitorpid_synoeciosis][2] + "'"; Tracer.tracepointVariableString("hql", hql); Tracer.tracepointMessage("CROSSOVER-POINT: AFTER"); org.hibernate.Query query = session .createQuery(hql); Tracer.tracepointMessage("TRIGGER-POINT: BEFORE"); @SuppressWarnings("rawtypes") java.util.Iterator iter = query .iterate(); while (iter.hasNext()) { SS_CWE_564_MYSQL.Customers c = (SS_CWE_564_MYSQL.Customers) iter .next(); IRIImpl.sphingidaeInhabitress .print(String.format( "%10s | ", c.getCustomerId())); IRIImpl.sphingidaeInhabitress .print(String.format( "%10s | ", c.getCompanyName())); IRIImpl.sphingidaeInhabitress .print(String.format( "%10s | ", c.getContactName())); IRIImpl.sphingidaeInhabitress .print(String.format( "%10s | ", c.getContactTitle())); IRIImpl.sphingidaeInhabitress .print(String.format( "%10s | ", c.getAddress())); IRIImpl.sphingidaeInhabitress .print(String.format( "%10s | ", c.getCity())); IRIImpl.sphingidaeInhabitress .print(String.format( "%10s | ", c.getRegion())); IRIImpl.sphingidaeInhabitress .print(String.format( "%10s | ", c.getPostalCode())); IRIImpl.sphingidaeInhabitress .print(String.format( "%10s | ", c.getCountry())); IRIImpl.sphingidaeInhabitress .print(String.format( "%10s | ", c.getPhone())); IRIImpl.sphingidaeInhabitress .print(String.format( "%10s | ", c.getFax())); IRIImpl.sphingidaeInhabitress .println(); } Tracer.tracepointMessage("TRIGGER-POINT: AFTER"); session.flush(); session.close(); } catch (org.hibernate.HibernateException he) { Tracer.tracepointError(he.getClass() .getName() + ": " + he.getMessage()); IRIImpl.sphingidaeInhabitress .println("STONESOUP: Error accessing database."); he.printStackTrace(IRIImpl.sphingidaeInhabitress); } } Tracer.tracepointWeaknessEnd(); } } } finally { IRIImpl.sphingidaeInhabitress.close(); } } } } return (errors(PATH)&(1l<