stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 16 Releases Wiki Activity

up

Browse Source
This commit is contained in:
StellaOps Bot
2025-12-09 09:40:36 +02:00
parent 108d1c64b3
commit 689c656f20
46 changed files with 294 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
bench/reachability-benchmark/cases/java/micronaut-deserialize/outputs/attestation.json Normal file
View File

@@ -0,0 +1,22 @@
{
"_type": "https://in-toto.io/Statement/v0.1",
"predicate": {
"buildType": "stub",
"builder": {
"id": "stub"
},
"metadata": {
"buildFinishedOn": "1970-01-01T00:00:00Z",
"buildStartedOn": "1970-01-01T00:00:00Z"
}
},
"predicateType": "https://slsa.dev/provenance/v0.2",
"subject": [
{
"digest": {
"sha256": "stub"
},
"name": "java-micronaut-deserialize:203"
}
]
}

BIN
bench/reachability-benchmark/cases/java/micronaut-deserialize/outputs/binary.tar.gz Normal file
View File

Binary file not shown.

BIN
bench/reachability-benchmark/cases/java/micronaut-deserialize/outputs/classes/bench/reachability/micronaut/Controller$Response.class Normal file
View File

Binary file not shown.

BIN
bench/reachability-benchmark/cases/java/micronaut-deserialize/outputs/classes/bench/reachability/micronaut/Controller.class Normal file
View File

Binary file not shown.

BIN
bench/reachability-benchmark/cases/java/micronaut-deserialize/outputs/classes/bench/reachability/micronaut/ControllerTest.class Normal file
View File

Binary file not shown.

1
bench/reachability-benchmark/cases/java/micronaut-deserialize/outputs/classes/outputs/SINK_REACHED Normal file
View File

@@ -0,0 +1 @@
true

13
bench/reachability-benchmark/cases/java/micronaut-deserialize/outputs/coverage.json Normal file
View File

@@ -0,0 +1,13 @@
{
"files": {
"src/Controller.java": {
"lines_covered": [
11,
14,
15,
17
],
"lines_total": 40
}
}
}

14
bench/reachability-benchmark/cases/java/micronaut-deserialize/outputs/sbom.cdx.json Normal file
View File

@@ -0,0 +1,14 @@
{
"bomFormat": "CycloneDX",
"components": [],
"metadata": {
"component": {
"name": "micronaut-deserialize",
"type": "application",
"version": "1.0.0"
},
"timestamp": "1970-01-01T00:00:00Z"
},
"specVersion": "1.5",
"version": 1
}

9
bench/reachability-benchmark/cases/java/micronaut-deserialize/outputs/traces/trace.json Normal file
View File

@@ -0,0 +1,9 @@
{
"entry": "POST /mn/upload",
"notes": "Base64 payload flows into ObjectInputStream without guard",
"path": [
"Controller.handleUpload",
"ObjectInputStream.readObject"
],
"sink": "MicronautDeserialize::handleUpload"
}

22
bench/reachability-benchmark/cases/java/micronaut-guarded/outputs/attestation.json Normal file
View File

@@ -0,0 +1,22 @@
{
"_type": "https://in-toto.io/Statement/v0.1",
"predicate": {
"buildType": "stub",
"builder": {
"id": "stub"
},
"metadata": {
"buildFinishedOn": "1970-01-01T00:00:00Z",
"buildStartedOn": "1970-01-01T00:00:00Z"
}
},
"predicateType": "https://slsa.dev/provenance/v0.2",
"subject": [
{
"digest": {
"sha256": "stub"
},
"name": "java-micronaut-guarded:204"
}
]
}

BIN
bench/reachability-benchmark/cases/java/micronaut-guarded/outputs/binary.tar.gz Normal file
View File

Binary file not shown.

BIN
bench/reachability-benchmark/cases/java/micronaut-guarded/outputs/classes/bench/reachability/micronautguard/Controller$Response.class Normal file
View File

Binary file not shown.

BIN
bench/reachability-benchmark/cases/java/micronaut-guarded/outputs/classes/bench/reachability/micronautguard/Controller.class Normal file
View File

Binary file not shown.

BIN
bench/reachability-benchmark/cases/java/micronaut-guarded/outputs/classes/bench/reachability/micronautguard/ControllerTest.class Normal file
View File

Binary file not shown.

1
bench/reachability-benchmark/cases/java/micronaut-guarded/outputs/classes/outputs/SINK_BLOCKED Normal file
View File

@@ -0,0 +1 @@
true

13
bench/reachability-benchmark/cases/java/micronaut-guarded/outputs/coverage.json Normal file
View File

@@ -0,0 +1,13 @@
{
"files": {
"src/Controller.java": {
"lines_covered": [
12,
13,
15,
17
],
"lines_total": 42
}
}
}

14
bench/reachability-benchmark/cases/java/micronaut-guarded/outputs/sbom.cdx.json Normal file
View File

@@ -0,0 +1,14 @@
{
"bomFormat": "CycloneDX",
"components": [],
"metadata": {
"component": {
"name": "micronaut-guarded",
"type": "application",
"version": "1.0.0"
},
"timestamp": "1970-01-01T00:00:00Z"
},
"specVersion": "1.5",
"version": 1
}

8
bench/reachability-benchmark/cases/java/micronaut-guarded/outputs/traces/trace.json Normal file
View File

@@ -0,0 +1,8 @@
{
"entry": "POST /mn/upload",
"notes": "Guard enforces ALLOW_MN_DESER feature flag; sink not reached by default",
"path": [
"Controller.handleUpload"
],
"sink": "MicronautDeserializeGuarded::handleUpload"
}

22
bench/reachability-benchmark/cases/java/spring-deserialize/outputs/attestation.json Normal file
View File

@@ -0,0 +1,22 @@
{
"_type": "https://in-toto.io/Statement/v0.1",
"predicate": {
"buildType": "stub",
"builder": {
"id": "stub"
},
"metadata": {
"buildFinishedOn": "1970-01-01T00:00:00Z",
"buildStartedOn": "1970-01-01T00:00:00Z"
}
},
"predicateType": "https://slsa.dev/provenance/v0.2",
"subject": [
{
"digest": {
"sha256": "stub"
},
"name": "java-spring-deserialize:201"
}
]
}

BIN
bench/reachability-benchmark/cases/java/spring-deserialize/outputs/binary.tar.gz Normal file
View File

Binary file not shown.

BIN
bench/reachability-benchmark/cases/java/spring-deserialize/outputs/classes/bench/reachability/App$Response.class Normal file
View File

Binary file not shown.

BIN
bench/reachability-benchmark/cases/java/spring-deserialize/outputs/classes/bench/reachability/App.class Normal file
View File

Binary file not shown.

BIN
bench/reachability-benchmark/cases/java/spring-deserialize/outputs/classes/bench/reachability/AppTest.class Normal file
View File

Binary file not shown.

1
bench/reachability-benchmark/cases/java/spring-deserialize/outputs/classes/outputs/SINK_REACHED Normal file
View File

@@ -0,0 +1 @@
true

14
bench/reachability-benchmark/cases/java/spring-deserialize/outputs/coverage.json Normal file
View File

@@ -0,0 +1,14 @@
{
"files": {
"src/App.java": {
"lines_covered": [
9,
15,
16,
17,
19
],
"lines_total": 26
}
}
}

14
bench/reachability-benchmark/cases/java/spring-deserialize/outputs/sbom.cdx.json Normal file
View File

@@ -0,0 +1,14 @@
{
"bomFormat": "CycloneDX",
"components": [],
"metadata": {
"component": {
"name": "spring-deserialize",
"type": "application",
"version": "1.0.0"
},
"timestamp": "1970-01-01T00:00:00Z"
},
"specVersion": "1.5",
"version": 1
}

9
bench/reachability-benchmark/cases/java/spring-deserialize/outputs/traces/trace.json Normal file
View File

@@ -0,0 +1,9 @@
{
"entry": "POST /api/upload",
"notes": "No guard; base64 payload deserialized",
"path": [
"App.handleRequest",
"ObjectInputStream.readObject"
],
"sink": "JavaDeserialize::handleRequest"
}

22
bench/reachability-benchmark/cases/java/spring-guarded/outputs/attestation.json Normal file
View File

@@ -0,0 +1,22 @@
{
"_type": "https://in-toto.io/Statement/v0.1",
"predicate": {
"buildType": "stub",
"builder": {
"id": "stub"
},
"metadata": {
"buildFinishedOn": "1970-01-01T00:00:00Z",
"buildStartedOn": "1970-01-01T00:00:00Z"
}
},
"predicateType": "https://slsa.dev/provenance/v0.2",
"subject": [
{
"digest": {
"sha256": "stub"
},
"name": "java-spring-guarded:202"
}
]
}

BIN
bench/reachability-benchmark/cases/java/spring-guarded/outputs/binary.tar.gz Normal file
View File

Binary file not shown.

BIN
bench/reachability-benchmark/cases/java/spring-guarded/outputs/classes/bench/reachability/App$Response.class Normal file
View File

Binary file not shown.

BIN
bench/reachability-benchmark/cases/java/spring-guarded/outputs/classes/bench/reachability/App.class Normal file
View File

Binary file not shown.

BIN
bench/reachability-benchmark/cases/java/spring-guarded/outputs/classes/bench/reachability/AppTest.class Normal file
View File

Binary file not shown.

1
bench/reachability-benchmark/cases/java/spring-guarded/outputs/classes/outputs/SINK_BLOCKED Normal file
View File

@@ -0,0 +1 @@
true

13
bench/reachability-benchmark/cases/java/spring-guarded/outputs/coverage.json Normal file
View File

@@ -0,0 +1,13 @@
{
"files": {
"src/App.java": {
"lines_covered": [
10,
11,
13,
15
],
"lines_total": 29
}
}
}

14
bench/reachability-benchmark/cases/java/spring-guarded/outputs/sbom.cdx.json Normal file
View File

@@ -0,0 +1,14 @@
{
"bomFormat": "CycloneDX",
"components": [],
"metadata": {
"component": {
"name": "spring-guarded",
"type": "application",
"version": "1.0.0"
},
"timestamp": "1970-01-01T00:00:00Z"
},
"specVersion": "1.5",
"version": 1
}

8
bench/reachability-benchmark/cases/java/spring-guarded/outputs/traces/trace.json Normal file
View File

@@ -0,0 +1,8 @@
{
"entry": "POST /api/upload",
"notes": "Guard requires ALLOW_DESER=true; sink not executed by default",
"path": [
"App.handleRequest"
],
"sink": "JavaDeserializeGuarded::handleRequest"
}

22
bench/reachability-benchmark/cases/java/spring-reflection/outputs/attestation.json Normal file
View File

@@ -0,0 +1,22 @@
{
"_type": "https://in-toto.io/Statement/v0.1",
"predicate": {
"buildType": "stub",
"builder": {
"id": "stub"
},
"metadata": {
"buildFinishedOn": "1970-01-01T00:00:00Z",
"buildStartedOn": "1970-01-01T00:00:00Z"
}
},
"predicateType": "https://slsa.dev/provenance/v0.2",
"subject": [
{
"digest": {
"sha256": "stub"
},
"name": "java-spring-reflection:205"
}
]
}

BIN
bench/reachability-benchmark/cases/java/spring-reflection/outputs/binary.tar.gz Normal file
View File

Binary file not shown.

BIN
bench/reachability-benchmark/cases/java/spring-reflection/outputs/classes/bench/reachability/springreflection/ReflectController$Marker.class Normal file
View File

Binary file not shown.

BIN
bench/reachability-benchmark/cases/java/spring-reflection/outputs/classes/bench/reachability/springreflection/ReflectController$Response.class Normal file
View File

Binary file not shown.

BIN
bench/reachability-benchmark/cases/java/spring-reflection/outputs/classes/bench/reachability/springreflection/ReflectController.class Normal file
View File

Binary file not shown.

BIN
bench/reachability-benchmark/cases/java/spring-reflection/outputs/classes/bench/reachability/springreflection/ReflectControllerTest.class Normal file
View File

Binary file not shown.

1
bench/reachability-benchmark/cases/java/spring-reflection/outputs/classes/outputs/SINK_REACHED Normal file
View File

@@ -0,0 +1 @@
true

13
bench/reachability-benchmark/cases/java/spring-reflection/outputs/coverage.json Normal file
View File

@@ -0,0 +1,13 @@
{
"files": {
"src/ReflectController.java": {
"lines_covered": [
7,
13,
14,
15
],
"lines_total": 29
}
}
}

14
bench/reachability-benchmark/cases/java/spring-reflection/outputs/sbom.cdx.json Normal file
View File

@@ -0,0 +1,14 @@
{
"bomFormat": "CycloneDX",
"components": [],
"metadata": {
"component": {
"name": "spring-reflection",
"type": "application",
"version": "1.0.0"
},
"timestamp": "1970-01-01T00:00:00Z"
},
"specVersion": "1.5",
"version": 1
}

9
bench/reachability-benchmark/cases/java/spring-reflection/outputs/traces/trace.json Normal file
View File

@@ -0,0 +1,9 @@
{
"entry": "POST /api/reflect",
"notes": "User controls class name flowing into Class.forName/newInstance",
"path": [
"ReflectController.run",
"Class.forName"
],
"sink": "SpringReflection::run"
}