pghs975uc
/
infer_clone
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

[quandary] more privacy sources

Browse Source 
Reviewed By: mburman

Differential Revision: D4081300

fbshipit-source-id: 08c3a3d
master
Sam Blackshear 8 years ago committed by Facebook Github Bot
parent 2c0bf042b4
commit 3ba67bac1a
3 changed files with 63 additions and 7 deletions
Show Stats Download Patch File Download Diff File

19
infer/src/quandary/JavaTrace.ml
Unescape View File

@ -16,12 +16,13 @@ module JavaSource = struct
module SourceKind = struct
type t =
| SharedPreferences (** private data read from SharedPreferences *)
| PrivateData (** private user or device-specific data *)
| Footprint of AccessPath.t (** source that was read from the environment. *)
| Intent
| Other (** for testing or uncategorized sources *)
let compare sk1 sk2 = match sk1, sk2 with
| PrivateData, PrivateData -> 0
| Footprint ap1, Footprint ap2 -> AccessPath.compare ap1 ap2
| _ -> tags_compare sk1 sk2
end
@ -61,7 +62,17 @@ module JavaSource = struct
| "android.content.Intent", ("parseUri" | "parseIntent") ->
Some (make Intent site)
| "android.content.SharedPreferences", "getString" ->
Some (make SharedPreferences site)
Some (make PrivateData site)
| "android.location.Location",
("getAltitude" | "getBearing" | "getLatitude" | "getLongitude" | "getSpeed") ->
Some (make PrivateData site)
| "android.telephony.TelephonyManager",
("getDeviceId" |
"getLine1Number" |
"getSimSerialNumber" |
"getSubscriberId" |
"getVoiceMailNumber") ->
Some (make PrivateData site)
| "com.facebook.infer.builtins.InferTaint", "inferSecretSource" ->
Some (make Other site)
| _ ->
@ -79,7 +90,7 @@ module JavaSource = struct
let pp_kind fmt (kind : kind) = match kind with
| Intent -> F.fprintf fmt "Intent"
| SharedPreferences -> F.fprintf fmt "SharedPreferences"
| PrivateData -> F.fprintf fmt "PrivateData"
| Footprint ap -> F.fprintf fmt "Footprint[%a]" AccessPath.pp ap
| Other -> F.fprintf fmt "Other"
@ -204,7 +215,7 @@ include
let open Sink in
match Source.kind source, Sink.kind sink with
| SourceKind.Other, SinkKind.Other
| SourceKind.SharedPreferences, SinkKind.Logging ->
| SourceKind.PrivateData, SinkKind.Logging ->
true
| SourceKind.Intent, SinkKind.Intent ->
true

35
infer/tests/codetoanalyze/java/quandary/LoggingPrivateData.java
Unescape View File

@ -10,6 +10,8 @@
package codetoanalyze.java.quandary;
import android.content.SharedPreferences;
import android.location.Location;
import android.telephony.TelephonyManager;
import android.util.Log;
public class LoggingPrivateData {
@ -41,4 +43,37 @@ public class LoggingPrivateData {
Log.d("tag", "value");
}
private native int rand();
public String returnAllSources(Location l, TelephonyManager t) {
switch (rand()) {
case 1:
return String.valueOf(l.getAltitude());
case 2:
return String.valueOf(l.getBearing());
case 3:
return String.valueOf(l.getLatitude());
case 4:
return String.valueOf(l.getLongitude());
case 5:
return String.valueOf(l.getSpeed());
case 6:
return t.getDeviceId();
case 7:
return t.getLine1Number();
case 8:
return t.getSimSerialNumber();
case 9:
return t.getSubscriberId();
case 10:
return t.getVoiceMailNumber();
}
return null;
}
public void logAllSourcesBad(Location l, TelephonyManager t) {
String source = returnAllSources(l, t);
Log.d("tag", source);
}
}

16
infer/tests/codetoanalyze/java/quandary/issues.exp
Unescape View File

@ -103,9 +103,19 @@ Interprocedural.java:221: ERROR: QUANDARY_TAINT_ERROR Error: Other(Object InferT
Interprocedural.java:232: ERROR: QUANDARY_TAINT_ERROR Error: Other(Object InferTaint.inferSecretSource() at [line 230]) -> Other(void InferTaint.inferSensitiveSink(Object) at [line 232]) via { }
Interprocedural.java:244: ERROR: QUANDARY_TAINT_ERROR Error: Other(Object InferTaint.inferSecretSource() at [line 244]) -> Other(void InferTaint.inferSensitiveSink(Object) at [line 240]) via { void Interprocedural.callSinkVariadic(java.lang.Object[]) at [line 244] }
Interprocedural.java:255: ERROR: QUANDARY_TAINT_ERROR Error: Other(Object InferTaint.inferSecretSource() at [line 253]) -> Other(void InferTaint.inferSensitiveSink(Object) at [line 255]) via { }
LoggingPrivateData.java:18: ERROR: QUANDARY_TAINT_ERROR Error: SharedPreferences(String SharedPreferences.getString(String,String) at [line 18]) -> Logging(int Log.d(String,String) at [line 18]) via { }
LoggingPrivateData.java:22: ERROR: QUANDARY_TAINT_ERROR Error: SharedPreferences(String SharedPreferences.getString(String,String) at [line 22]) -> Logging(int Log.d(String,String) at [line 22]) via { }
LoggingPrivateData.java:37: ERROR: QUANDARY_TAINT_ERROR Error: SharedPreferences(String SharedPreferences.getString(String,String) at [line 36]) -> Logging(int Log.w(String,Throwable) at [line 37]) via { }
LoggingPrivateData.java:20: ERROR: QUANDARY_TAINT_ERROR Error: PrivateData(String SharedPreferences.getString(String,String) at [line 20]) -> Logging(int Log.d(String,String) at [line 20]) via { }
LoggingPrivateData.java:24: ERROR: QUANDARY_TAINT_ERROR Error: PrivateData(String SharedPreferences.getString(String,String) at [line 24]) -> Logging(int Log.d(String,String) at [line 24]) via { }
LoggingPrivateData.java:39: ERROR: QUANDARY_TAINT_ERROR Error: PrivateData(String SharedPreferences.getString(String,String) at [line 38]) -> Logging(int Log.w(String,Throwable) at [line 39]) via { }
LoggingPrivateData.java:76: ERROR: QUANDARY_TAINT_ERROR Error: PrivateData(String TelephonyManager.getDeviceId() at [line 61]) -> Logging(int Log.d(String,String) at [line 76]) via { String LoggingPrivateData.returnAllSources(Location,TelephonyManager) at [line 75] }
LoggingPrivateData.java:76: ERROR: QUANDARY_TAINT_ERROR Error: PrivateData(String TelephonyManager.getLine1Number() at [line 63]) -> Logging(int Log.d(String,String) at [line 76]) via { String LoggingPrivateData.returnAllSources(Location,TelephonyManager) at [line 75] }
LoggingPrivateData.java:76: ERROR: QUANDARY_TAINT_ERROR Error: PrivateData(String TelephonyManager.getSimSerialNumber() at [line 65]) -> Logging(int Log.d(String,String) at [line 76]) via { String LoggingPrivateData.returnAllSources(Location,TelephonyManager) at [line 75] }
LoggingPrivateData.java:76: ERROR: QUANDARY_TAINT_ERROR Error: PrivateData(String TelephonyManager.getSubscriberId() at [line 67]) -> Logging(int Log.d(String,String) at [line 76]) via { String LoggingPrivateData.returnAllSources(Location,TelephonyManager) at [line 75] }
LoggingPrivateData.java:76: ERROR: QUANDARY_TAINT_ERROR Error: PrivateData(String TelephonyManager.getVoiceMailNumber() at [line 69]) -> Logging(int Log.d(String,String) at [line 76]) via { String LoggingPrivateData.returnAllSources(Location,TelephonyManager) at [line 75] }
LoggingPrivateData.java:76: ERROR: QUANDARY_TAINT_ERROR Error: PrivateData(double Location.getAltitude() at [line 51]) -> Logging(int Log.d(String,String) at [line 76]) via { String LoggingPrivateData.returnAllSources(Location,TelephonyManager) at [line 75] }
LoggingPrivateData.java:76: ERROR: QUANDARY_TAINT_ERROR Error: PrivateData(double Location.getLatitude() at [line 55]) -> Logging(int Log.d(String,String) at [line 76]) via { String LoggingPrivateData.returnAllSources(Location,TelephonyManager) at [line 75] }
LoggingPrivateData.java:76: ERROR: QUANDARY_TAINT_ERROR Error: PrivateData(double Location.getLongitude() at [line 57]) -> Logging(int Log.d(String,String) at [line 76]) via { String LoggingPrivateData.returnAllSources(Location,TelephonyManager) at [line 75] }
LoggingPrivateData.java:76: ERROR: QUANDARY_TAINT_ERROR Error: PrivateData(float Location.getBearing() at [line 53]) -> Logging(int Log.d(String,String) at [line 76]) via { String LoggingPrivateData.returnAllSources(Location,TelephonyManager) at [line 75] }
LoggingPrivateData.java:76: ERROR: QUANDARY_TAINT_ERROR Error: PrivateData(float Location.getSpeed() at [line 59]) -> Logging(int Log.d(String,String) at [line 76]) via { String LoggingPrivateData.returnAllSources(Location,TelephonyManager) at [line 75] }
Recursion.java:26: ERROR: QUANDARY_TAINT_ERROR Error: Other(Object InferTaint.inferSecretSource() at [line 26]) -> Other(void InferTaint.inferSensitiveSink(Object) at [line 21]) via { void Recursion.callSinkThenDiverge(Object) at [line 26] }
Recursion.java:36: ERROR: QUANDARY_TAINT_ERROR Error: Other(Object InferTaint.inferSecretSource() at [line 36]) -> Other(void InferTaint.inferSensitiveSink(Object) at [line 31]) via { void Recursion.safeRecursionCallSink(int,Object) at [line 36] }
Recursion.java:42: ERROR: QUANDARY_TAINT_ERROR Error: Other(Object InferTaint.inferSecretSource() at [line 42]) -> Other(void InferTaint.inferSensitiveSink(Object) at [line 41]) via { void Recursion.recursionBad(int,Object) at [line 42] }

Write Preview
Loading…
Cancel
Save