diff --git a/infer/src/quandary/JavaTrace.ml b/infer/src/quandary/JavaTrace.ml index abb138153..8d347c569 100644 --- a/infer/src/quandary/JavaTrace.ml +++ b/infer/src/quandary/JavaTrace.ml @@ -67,15 +67,15 @@ module JavaSource = struct begin match Procname.java_get_class_name pname, Procname.java_get_method pname with | "android.content.Intent", ("parseUri" | "parseIntent") -> - [0, make Intent site] + Some (make Intent site) | "android.content.SharedPreferences", "getString" -> - [0, make SharedPreferences site] + Some (make SharedPreferences site) | "com.facebook.infer.builtins.InferTaint", "inferSecretSource" -> - [0, make Other site] + Some (make Other site) | _ -> - [] + None end - | pname when Builtin.is_registered pname -> [] + | pname when Builtin.is_registered pname -> None | pname -> failwithf "Non-Java procname %a in Java analysis@." Procname.pp pname let compare src1 src2 = diff --git a/infer/src/quandary/Source.ml b/infer/src/quandary/Source.ml index 5de11858e..f349264d6 100644 --- a/infer/src/quandary/Source.ml +++ b/infer/src/quandary/Source.ml @@ -16,6 +16,6 @@ module type S = sig val get_footprint_access_path: t -> AccessPath.t option - (** ith return value * ith sink kind *) - val get : CallSite.t -> (int * t) list + (** return Some (kind) if the call site is a taint source, None otherwise *) + val get : CallSite.t -> t option end diff --git a/infer/src/quandary/TaintAnalysis.ml b/infer/src/quandary/TaintAnalysis.ml index 7ff576fcd..b3f801244 100644 --- a/infer/src/quandary/TaintAnalysis.ml +++ b/infer/src/quandary/TaintAnalysis.ml @@ -297,7 +297,7 @@ module Make (TaintSpec : TaintSpec.S) = struct Location.pp loc else astate - | Sil.Call (ret_id, Const (Cfun callee_pname), actuals, callee_loc, _) -> + | Sil.Call (ret, Const (Cfun callee_pname), actuals, callee_loc, _) -> let call_site = CallSite.make callee_pname callee_loc in let astate_with_sink = @@ -305,32 +305,24 @@ module Make (TaintSpec : TaintSpec.S) = struct | [] -> astate | sinks -> add_sinks sinks actuals astate proc_data callee_loc in - let ret_typ = - match callee_pname with - | Procname.Java java_pname -> - Typ.java_proc_return_typ java_pname - | Procname.C _ -> - Typ.Tvoid (* for tests only, since tests use C-style procnames *) - | _ -> - failwith "Unimp: looking up return type for non-Java procedure" in - let astate_with_source = - match TraceDomain.Source.get call_site, ret_id with - | [(0, source)], Some (ret_id, _) -> + match TraceDomain.Source.get call_site, ret with + | Some source, Some (ret_id, ret_typ) -> let access_tree = add_source source ret_id ret_typ astate_with_sink.access_tree in { astate_with_sink with access_tree; } - | [], _ | _, None -> - astate_with_sink - | _ -> - (* this is allowed by SIL, but not currently used in any frontends *) - failwith "Unimp: handling multiple return ids" in + | Some _, None -> + failwithf + "%a is marked as a source, but has no return value" Procname.pp callee_pname + | None, _ -> + astate_with_sink in let astate_with_summary = let summary = match Summary.read_summary proc_data.tenv proc_data.pdesc callee_pname with | Some summary -> summary - | None -> TaintSpec.handle_unknown_call call_site (Option.map snd ret_id) in - apply_summary ret_id actuals summary astate_with_source proc_data call_site in + + | None -> TaintSpec.handle_unknown_call call_site (Option.map snd ret) in + apply_summary ret actuals summary astate_with_source proc_data call_site in astate_with_summary | Sil.Call _ -> diff --git a/infer/src/unit/TaintTests.ml b/infer/src/unit/TaintTests.ml index 0d48cef00..b32c8b5a9 100644 --- a/infer/src/unit/TaintTests.ml +++ b/infer/src/unit/TaintTests.ml @@ -38,8 +38,8 @@ module MockTrace = Trace.Make(struct let get site = if string_is_prefix "SOURCE" (Procname.to_string (CallSite.pname site)) - then [(0, site)] - else [] + then Some site + else None let is_footprint _ = assert false let make_footprint _ = assert false