checker/tests/calledmethods-usevaluechecker/Cve.java

import com.amazonaws.services.ec2.AmazonEC2;
import com.amazonaws.services.ec2.AmazonEC2AsyncClient;
import com.amazonaws.services.ec2.AmazonEC2Client;
import com.amazonaws.services.ec2.model.DescribeImagesRequest;
import com.amazonaws.services.ec2.model.DescribeImagesResult;
import com.amazonaws.services.ec2.model.Filter;

// https://nvd.nist.gov/vuln/detail/CVE-2018-15869
public class Cve {
  private static final String IMG_NAME = "some_linux_img";

  public static void onlyNames(AmazonEC2 client) {
    // Should not be allowed unless .withOwner is also used
    DescribeImagesResult result =
        client.describeImages(
            new DescribeImagesRequest()
                // :: error: argument
                .withFilters(new Filter("name").withValues(IMG_NAME)));
  }

  public static void correct1(AmazonEC2 client) {
    DescribeImagesResult result =
        client.describeImages(
            new DescribeImagesRequest()
                .withFilters(new Filter("name").withValues(IMG_NAME))
                .withOwners("martin"));
  }

  public static void correct2(AmazonEC2 client) {
    DescribeImagesResult result =
        client.describeImages(new DescribeImagesRequest().withImageIds("myImageId"));
  }

  public static void correct3(AmazonEC2 client) {
    DescribeImagesResult result =
        client.describeImages(new DescribeImagesRequest().withExecutableUsers("myUsers"));
  }

  // Using impl class instead of interface
  public static void onlyNamesImpl(AmazonEC2Client client) {
    // Should not be allowed unless .withOwner is also used
    DescribeImagesResult result =
        client.describeImages(
            new DescribeImagesRequest()
                // :: error: argument
                .withFilters(new Filter("name").withValues(IMG_NAME)));
  }

  public static void correct1Impl(AmazonEC2Client client) {
    DescribeImagesResult result =
        client.describeImages(
            new DescribeImagesRequest()
                .withFilters(new Filter("name").withValues(IMG_NAME))
                .withOwners("martin"));
  }

  public static void correct2Impl(AmazonEC2Client client) {
    DescribeImagesResult result =
        client.describeImages(new DescribeImagesRequest().withImageIds("myImageId"));
  }

  // Using async impl class
  public static void onlyNamesAsync(AmazonEC2AsyncClient client) {
    // Should not be allowed unless .withOwner is also used
    DescribeImagesResult result =
        client.describeImages(
            new DescribeImagesRequest()
                // :: error: argument
                .withFilters(new Filter("name").withValues(IMG_NAME)));
  }

  public static void correct1Async(AmazonEC2AsyncClient client) {
    DescribeImagesResult result =
        client.describeImages(
            new DescribeImagesRequest()
                .withFilters(new Filter("name").withValues(IMG_NAME))
                .withOwners("martin"));
  }

  public static void correct2Async(AmazonEC2AsyncClient client) {
    DescribeImagesResult result =
        client.describeImages(new DescribeImagesRequest().withImageIds("myImageId"));
  }

  // Using async methods
  public static void onlyNamesAsync2(AmazonEC2AsyncClient client) {
    // Should not be allowed unless .withOwner is also used
    Object result =
        client.describeImagesAsync(
            new DescribeImagesRequest()
                // :: error: argument
                .withFilters(new Filter("name").withValues(IMG_NAME)));
  }

  public static void correct1Async2(AmazonEC2AsyncClient client) {
    Object result =
        client.describeImagesAsync(
            new DescribeImagesRequest()
                .withFilters(new Filter("name").withValues(IMG_NAME))
                .withOwners("martin"));
  }

  public static void correct2Async2(AmazonEC2AsyncClient client) {
    Object result =
        client.describeImagesAsync(new DescribeImagesRequest().withImageIds("myImageId"));
  }
}