This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| public class Main { | |
| public static void main(String[] args) { | |
| MyInterface i = new MyImplementer(); | |
| i.foo(1); | |
| /* | |
| Since we actually call the vulnerable method, the call chain that we expect is: | |
| Main.main(String[] args): 5 | |
| -> MyImplementer.foo(Integer): 36 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /** | |
| * level0 0 | |
| * / | \ | |
| * level1 0 1 2 | |
| * / | \ |\ | | |
| * level2 0 1 2 34 5 | |
| * | | | || | | |
| * \ \\ // / | |
| * level0 main | |
| */ |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| public class Main { | |
| public static void main(String[] args) { | |
| Object a = new VulnerableClass(); | |
| a.toString(); | |
| } | |
| } | |
| class VulnerableClass { |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| public class Main { | |
| public static void main(String[] args) { | |
| VulnerableClass a = new VulnerableClass(1); | |
| VulnerableClass b = new VulnerableClass(2); | |
| a.equals(b); | |
| } | |
| } | |
| class VulnerableClass { |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| public class Main { | |
| public static void main(String[] args) { | |
| MyClass<Integer> c = new MyClass<Integer>(); | |
| c.vulnerableMethod(42); | |
| } | |
| } | |
| class MyClass<T extends Comparable> { | |
| void vulnerableMethod(T t) { |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| public class Main { | |
| public static void main(String[] args) { | |
| Rectangle r = new Rectangle(); | |
| vulnerableDrawShape(r); | |
| } | |
| static <T extends Shape> void vulnerableDrawShape(T shape) { | |
| } |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| public class Main { | |
| public static void main(String[] args) { | |
| MyClass<Integer> c = new MyClass<>(); | |
| c.vulnerableMethod(1); | |
| } | |
| } | |
| class MyClass<T> { | |
| void vulnerableMethod(T t) { |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| public class Main { | |
| public static void main(String[] args) { | |
| // Our code doesn't call the vulnerable method at all | |
| } | |
| } | |
| /* | |
| * This is our vulnerable class | |
| */ |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| public class Main { | |
| public static void main(String[] args) { | |
| A a = new C(); | |
| a.m(); | |
| } | |
| } | |
| class A { | |
| void m() { | |
| } |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| public class Main { | |
| public static void main(String[] args) { | |
| SuperInterface a = new ImplementerA(); | |
| a.foo(); | |
| SuperInterface b = new ImplementerB(); | |
| b.foo(); | |
| } | |
| } |