pghs975uc
/
infer_clone
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

[quandary] simplifying Source module interface now that calls have single retval

Browse Source 
Reviewed By: jberdine

Differential Revision: D3998163

fbshipit-source-id: 399db5a
master
Sam Blackshear 8 years ago committed by Facebook Github Bot
parent 35bb540bf4
commit 1a958d1d8b
4 changed files with 20 additions and 28 deletions
Show Stats Download Patch File Download Diff File

10
infer/src/quandary/JavaTrace.ml
Unescape View File

@ -67,15 +67,15 @@ module JavaSource = struct
begin
match Procname.java_get_class_name pname, Procname.java_get_method pname with
| "android.content.Intent", ("parseUri" | "parseIntent") ->
[0, make Intent site]
Some (make Intent site)
| "android.content.SharedPreferences", "getString" ->
[0, make SharedPreferences site]
Some (make SharedPreferences site)
| "com.facebook.infer.builtins.InferTaint", "inferSecretSource" ->
[0, make Other site]
Some (make Other site)
| _ ->
[]
None
end
| pname when Builtin.is_registered pname -> []
| pname when Builtin.is_registered pname -> None
| pname -> failwithf "Non-Java procname %a in Java analysis@." Procname.pp pname
let compare src1 src2 =

4
infer/src/quandary/Source.ml
Unescape View File

@ -16,6 +16,6 @@ module type S = sig
val get_footprint_access_path: t -> AccessPath.t option
(** ith return value * ith sink kind *)
val get : CallSite.t -> (int * t) list
(** return Some (kind) if the call site is a taint source, None otherwise *)
val get : CallSite.t -> t option
end

30
infer/src/quandary/TaintAnalysis.ml
Unescape View File

@ -297,7 +297,7 @@ module Make (TaintSpec : TaintSpec.S) = struct
Location.pp loc
else
astate
| Sil.Call (ret_id, Const (Cfun callee_pname), actuals, callee_loc, _) ->
| Sil.Call (ret, Const (Cfun callee_pname), actuals, callee_loc, _) ->
let call_site = CallSite.make callee_pname callee_loc in
let astate_with_sink =
@ -305,32 +305,24 @@ module Make (TaintSpec : TaintSpec.S) = struct
| [] -> astate
| sinks -> add_sinks sinks actuals astate proc_data callee_loc in
let ret_typ =
match callee_pname with
| Procname.Java java_pname ->
Typ.java_proc_return_typ java_pname
| Procname.C _ ->
Typ.Tvoid (* for tests only, since tests use C-style procnames *)
| _ ->
failwith "Unimp: looking up return type for non-Java procedure" in
let astate_with_source =
match TraceDomain.Source.get call_site, ret_id with
| [(0, source)], Some (ret_id, _) ->
match TraceDomain.Source.get call_site, ret with
| Some source, Some (ret_id, ret_typ) ->
let access_tree = add_source source ret_id ret_typ astate_with_sink.access_tree in
{ astate_with_sink with access_tree; }
| [], _ | _, None ->
astate_with_sink
| _ ->
(* this is allowed by SIL, but not currently used in any frontends *)
failwith "Unimp: handling multiple return ids" in
| Some _, None ->
failwithf
"%a is marked as a source, but has no return value" Procname.pp callee_pname
| None, _ ->
astate_with_sink in
let astate_with_summary =
let summary =
match Summary.read_summary proc_data.tenv proc_data.pdesc callee_pname with
| Some summary -> summary
| None -> TaintSpec.handle_unknown_call call_site (Option.map snd ret_id) in
apply_summary ret_id actuals summary astate_with_source proc_data call_site in
| None -> TaintSpec.handle_unknown_call call_site (Option.map snd ret) in
apply_summary ret actuals summary astate_with_source proc_data call_site in
astate_with_summary
| Sil.Call _ ->

4
infer/src/unit/TaintTests.ml
Unescape View File

@ -38,8 +38,8 @@ module MockTrace = Trace.Make(struct
let get site =
if string_is_prefix "SOURCE" (Procname.to_string (CallSite.pname site))
then [(0, site)]
else []
then Some site
else None
let is_footprint _ = assert false
let make_footprint _ = assert false

Write Preview
Loading…
Cancel
Save