fixed taint in security

arcuri82 · arcuri82 · commit ce6d7d54ee68 · 2025-11-06T10:39:44.000+01:00
diff --git a/core/src/main/kotlin/org/evomaster/core/problem/rest/service/SecurityRest.kt b/core/src/main/kotlin/org/evomaster/core/problem/rest/service/SecurityRest.kt
@@ -214,6 +214,7 @@ class SecurityRest {
                             PUT /x BAR
                          */
                         val repeat = lastCall.copy() as RestCallAction
+                        repeat.forceNewTaints()
                         copy.addMainActionInEmptyEnterpriseGroup(action = repeat)
                         copy.resetLocalIdRecursively() //TODO what about links?
                         copy.doInitializeLocalId()
@@ -626,6 +627,7 @@ class SecurityRest {
 
         actions.forEach {
             it.resetLocalIdRecursively()
+            it.forceNewTaints()
             //make sure using same auth
             it.auth = lastAction.auth
             it.usePreviousLocationId = lastAction.usePreviousLocationId
@@ -819,7 +821,9 @@ class SecurityRest {
                 val copyNoAuthLast = copyLast.copy() as RestCallAction
 
                 copyLast.resetLocalIdRecursively()
+                copyLast.forceNewTaints()
                 copyNoAuthLast.resetLocalIdRecursively()
+                copyNoAuthLast.forceNewTaints()
 
 
                 val otherUsers = authSettings.getAllOthers(copyLast.auth.name, HttpWsAuthenticationInfo::class.java)
@@ -969,6 +973,7 @@ class SecurityRest {
         val targetAction = targetInd.seeMainExecutableActions()[targetActionIndex].copy() as RestCallAction
         assert(targetAction.verb == verb && targetAction.path.isEquivalent(path))
         targetAction.resetLocalIdRecursively()
+        targetAction.forceNewTaints()
         targetAction.auth =
             authSettings.getDifferentOne(creationAction.auth.name, HttpWsAuthenticationInfo::class.java, randomness)
 
