NameDescriptionBug count
arrays
Arrays1.javaa simple array test 1
Arrays2.javaa more complex array test 1
Arrays3.javaa more complex array test 1
Arrays4.javaa test of array indeces 1
Arrays5.javastrong updates to array elements 0
Arrays6.javastrong updates to array elements 1
Arrays7.javatest of array initializers 1
Arrays8.javatest of array initializers 1
Arrays9.javamultidimentional arrays 1
Arrays10.javacomple multidimentional array test 1
basic
Basic1.javavery simple XSS 1
Basic2.javaXSS combined with a simple conditional 1
Basic3.javasimple derived string test 1
Basic4.javatest path sensitivity just a bit 1
Basic5.javamoderately complex test of derived strings 3
Basic6.javacomplex test of derived strings 1
Basic7.javacomplex test of derived strings involving a string buffer...1
Basic8.javatest of complex conditionals 1
Basic9.javachains of value assignments 1
Basic10.javachains of value assignments 1
Basic11.javaa simple false positive because of two calls to String.to...2
Basic12.javaa simple conditional; both branches should be taken 2
Basic13.javause getInitParameter instead 1
Basic14.javause the servlet context and casts 1
Basic15.javatest casts more exhaustively 1
Basic16.javasimple heap-allocated data strucure 1
Basic17.javasimple heap-allocated data strucure 1
Basic18.javaprotect agains simple loop unrolling 1
Basic19.javasimple SQL injection with prepared statements 1
Basic20.javasimple SQL injection 1
Basic21.javaSQL injection with less commonly used methods 4
Basic22.javabasic path traversal 1
Basic23.javapath traversal 3
Basic24.javaunsafe redirect 1
Basic25.javatest getParameterValues 1
Basic26.javatest getParameterMap 1
Basic27.javatest getParameterMap 1
Basic28.javacomplicated control flow 2
Basic29.javarecursive data structures 2
Basic30.javafield sensitivity 1
Basic31.javavalues obtained from cookies 2
Basic32.javavalues obtained from headers 1
Basic33.javavalues obtained from headers 1
Basic34.javavalues obtained from headers 2
Basic35.javavalues obtained from HttpServletRequest 6
Basic36.javavalues obtained from HttpServletRequest input stream 1
Basic37.javaStringTokenizer test 1
Basic38.javaStringTokenizer test with a false positive 1
Basic39.javaStringTokenizer test 1
Basic40.javaMultipartRequest test 1
Basic41.javause getInitParameter instead 1
Basic42.javause getInitParameterNames 1
collections
Collections1.javasimple collection deposit/retrieve 1
Collections2.javacollection deposit/retrieve, check for false positives 1
Collections3.javacollection of collections 2
Collections4.javatest of iterators 1
Collections5.javatest of iterators 1
Collections6.javatest of maps 1
Collections7.javatest of map iterators 1
Collections8.javacollection copying 1
Collections9.javamore complex collection copying 0
Collections10.javamore complex collection copying 0
Collections11.javainterprocedural collection passing 1
Collections11b.javasimple collection deposit/retrieve 1
Collections12.javacollection copying through an array 1
Collections13.javamore complex collection copying through an array 1
Collections14.javamore complex collection copying through an array 1
factories
Factories1.javasimple factory problem with toLowerCase 1
Factories2.javasimple factory problem with String.toString 1
Factories3.javafactory problem with a string wrapper 1
inter
Inter1.javasimple id method call 1
Inter2.javasimple id method call 2
Inter3.javachains of method calls 1
Inter4.javastore stuff in a field 1
Inter5.javastore stuff in a field 1
Inter6.javabug in class initializer 1
Inter7.javabug in class initializer 1
Inter8.javamulti-level context sensitivity test 1
Inter9.javasimple object sensitivity 2
Inter10.javamore complex object sensitivity 2
Inter11.javaobject sensitivity and context sensitivity combined 1
Inter12.javacollection as a static field 1
Inter13.javarecursive case 1
Inter14.javainterprocedural loop 1
pred
Pred1.javasimple if(false) test 0
Pred2.javasimple correlated tests 0
Pred3.javasimple correlated tests 0
Pred4.javacorrelated test with an int variable 1
Pred5.javacorrelated test with a complex conditional 1
Pred6.javacorrelated test with addition 0
Pred7.javacorrelated test with multiple variables 0
Pred8.javausing an array element as in a predicate 1
Pred9.javausing an array element as in a predicate 1
reflection
Refl1.javareflective call of a method 1
Refl2.javareflectively access a field 1
Refl3.javareflectively create a class and access its field 1
Refl4.javabug in class initializer 1
sanitizers
Sanitizers1.javasimple sanitization check 1
Sanitizers2.javasimple sanitization check 0
Sanitizers3.javasafe redirect 0
Sanitizers4.javabuggy sanitizer 2
Sanitizers5.javaencode and then decode 1
Sanitizers6.javasanitizers for directory traversal 0
session
Session1.javasimple session test 1
Session2.javatest of session false positives 1
Session3.javatest of session enumeration 1
strong_updates
StrongUpdates1.javasimple test of strong updates 0
StrongUpdates2.javasimple test of strong updates 0
StrongUpdates3.javastrong updates in data structures 0
StrongUpdates4.javaa more tricky test of when we can't assume a strong updat...1
StrongUpdates5.javamaking a shared servlet field thread-local 0
aliasing
Aliasing1.javasimple aliasing because of assignment 1
Aliasing2.javasimple aliasing false positive 1
Aliasing3.javasimple aliasing of an array element 1
Aliasing4.javasimple aliasing with casts 1
Aliasing5.javainterprocedural argument aliasing 1
Aliasing6.javaaliasing with copy propagation 7
datastructures
Datastructures1.javasimple test of field assignment 1
Datastructures2.javamultiple objects of the same type 1
Datastructures3.javasimple nexted data 1
Datastructures4.javasimple nexted data (false positive) 1
Datastructures5.javanested data in a loop 1
Datastructures6.javanested data in a loop 1