diff --git a/infer/src/backend/InferPrint.ml b/infer/src/backend/InferPrint.ml index d4b30d4c4..e01bc706b 100644 --- a/infer/src/backend/InferPrint.ml +++ b/infer/src/backend/InferPrint.ml @@ -48,8 +48,15 @@ let error_desc_to_dotty_string error_desc = Localise.error_desc_get_dotty error_ let compute_hash (kind: string) (type_str: string) (proc_name: Typ.Procname.t) (filename: string) (qualifier: string) = let base_filename = Filename.basename filename in - let simple_procedure_name = Typ.Procname.to_simplified_string proc_name in + let simple_procedure_name = + (* Force the anonymous inner class to have the same class by removing the index + in order to make the hash invariant when introducing new annonynous classes *) + Str.global_replace (Str.regexp "[0-9]+") "_" + (Typ.Procname.to_simplified_string ~withclass:true proc_name) + in let location_independent_qualifier = + (* Removing the line and column information from the error message to make the + hash invariant when moving the source code in the file *) Str.global_replace (Str.regexp "\\(line\\|column\\)\\ [0-9]+") "_" qualifier in Utils.better_hash diff --git a/infer/tests/build_systems/ant/issues.exp b/infer/tests/build_systems/ant/issues.exp index 957cb90e0..e0a127af3 100644 --- a/infer/tests/build_systems/ant/issues.exp +++ b/infer/tests/build_systems/ant/issues.exp @@ -160,8 +160,8 @@ codetoanalyze/java/infer/ResourceLeaks.java, int ResourceLeaks.fileOutputStreamT codetoanalyze/java/infer/ResourceLeaks.java, int ResourceLeaks.readConfigNotCloseStream(String), 5, RESOURCE_LEAK, [start of procedure readConfigNotCloseStream(...)] codetoanalyze/java/infer/ResourceLeaks.java, void ResourceLeaks.activityObtainTypedArrayAndLeak(Activity), 2, RESOURCE_LEAK, [start of procedure activityObtainTypedArrayAndLeak(...),start of procedure ignore(...),return from a call to void ResourceLeaks.ignore(TypedArray)] codetoanalyze/java/infer/ResourceLeaks.java, void ResourceLeaks.contextObtainTypedArrayAndLeak(Context), 2, RESOURCE_LEAK, [start of procedure contextObtainTypedArrayAndLeak(...),start of procedure ignore(...),return from a call to void ResourceLeaks.ignore(TypedArray)] -codetoanalyze/java/infer/ResourceLeaks.java, void ResourceLeaks.copyFileLeak(File,File), 11, RESOURCE_LEAK, [start of procedure copyFileLeak(...),exception java.io.FileNotFoundException] codetoanalyze/java/infer/ResourceLeaks.java, void ResourceLeaks.copyFileLeak(File,File), 11, RESOURCE_LEAK, [start of procedure copyFileLeak(...),Skipping transferTo(...): unknown method,Taking true branch,exception java.io.IOException] +codetoanalyze/java/infer/ResourceLeaks.java, void ResourceLeaks.copyFileLeak(File,File), 11, RESOURCE_LEAK, [start of procedure copyFileLeak(...),exception java.io.FileNotFoundException] codetoanalyze/java/infer/ResourceLeaks.java, void ResourceLeaks.deflaterLeak(), 1, RESOURCE_LEAK, [start of procedure deflaterLeak()] codetoanalyze/java/infer/ResourceLeaks.java, void ResourceLeaks.fileInputStreamNotClosedAfterRead(), 6, RESOURCE_LEAK, [start of procedure fileInputStreamNotClosedAfterRead(),exception java.io.IOException] codetoanalyze/java/infer/ResourceLeaks.java, void ResourceLeaks.fileOutputStreamNotClosed(), 1, RESOURCE_LEAK, [start of procedure fileOutputStreamNotClosed()] diff --git a/infer/tests/codetoanalyze/cpp/siof/issues.exp b/infer/tests/codetoanalyze/cpp/siof/issues.exp index 06eb13c71..ccd55da7e 100644 --- a/infer/tests/codetoanalyze/cpp/siof/issues.exp +++ b/infer/tests/codetoanalyze/cpp/siof/issues.exp @@ -10,8 +10,8 @@ codetoanalyze/cpp/siof/siof/siof.cpp, __infer_globals_initializer_initWithGlobal codetoanalyze/cpp/siof/siof/siof.cpp, __infer_globals_initializer_initWithGlobal_bad, 0, STATIC_INITIALIZATION_ORDER_FIASCO, [initialization of initWithGlobal_bad,call to getGlobalNonPOD,access to some_other_global_object2|codetoanalyze/cpp/siof/siof/siof_different_tu.cpp] codetoanalyze/cpp/siof/siof/siof.cpp, __infer_globals_initializer_pod_accesses_non_pod_bad, 0, STATIC_INITIALIZATION_ORDER_FIASCO, [initialization of pod_accesses_non_pod_bad,call to access_to_non_pod,access to global_object2|codetoanalyze/cpp/siof/siof/siof_different_tu.cpp] codetoanalyze/cpp/siof/siof/siof.cpp, __infer_globals_initializer_pod_accesses_non_pod_bad, 0, STATIC_INITIALIZATION_ORDER_FIASCO, [initialization of pod_accesses_non_pod_bad,call to access_to_non_pod,access to some_other_global_object2|codetoanalyze/cpp/siof/siof/siof_different_tu.cpp] -codetoanalyze/cpp/siof/siof/siof_templated.cpp, __infer_globals_initializer_another_templated_global_object2_bad, 0, STATIC_INITIALIZATION_ORDER_FIASCO, [initialization of another_templated_global_object2_bad,call to access_to_non_pod,access to global_object2|codetoanalyze/cpp/siof/siof/siof_different_tu.cpp] codetoanalyze/cpp/siof/siof/siof_templated.cpp, __infer_globals_initializer_another_templated_global_object2_bad, 0, STATIC_INITIALIZATION_ORDER_FIASCO, [initialization of another_templated_global_object2_bad,call to access_to_non_pod,access to some_other_global_object2|codetoanalyze/cpp/siof/siof/siof_different_tu.cpp] +codetoanalyze/cpp/siof/siof/siof_templated.cpp, __infer_globals_initializer_another_templated_global_object2_bad, 0, STATIC_INITIALIZATION_ORDER_FIASCO, [initialization of another_templated_global_object2_bad,call to access_to_non_pod,access to global_object2|codetoanalyze/cpp/siof/siof/siof_different_tu.cpp] codetoanalyze/cpp/siof/siof/siof_templated.cpp, __infer_globals_initializer_another_templated_global_object3_bad, 0, STATIC_INITIALIZATION_ORDER_FIASCO, [initialization of another_templated_global_object3_bad,call to access_to_templated_non_pod,access to global_object3|codetoanalyze/cpp/siof/siof/siof_different_tu.cpp] codetoanalyze/cpp/siof/siof/siof_templated.cpp, __infer_globals_initializer_another_templated_global_object_bad, 0, STATIC_INITIALIZATION_ORDER_FIASCO, [initialization of another_templated_global_object_bad,call to SomeOtherTemplatedNonPODObject<_Bool>_SomeOtherTemplatedNonPODObject,access to extern_global_object|EXTERN] codetoanalyze/cpp/siof/siof/std_ios_base_init.cpp, __infer_globals_initializer_global_std_cerr_access_bad, 0, STATIC_INITIALIZATION_ORDER_FIASCO, [initialization of global_std_cerr_access_bad,call to return_4_SIOF,call to printing_SIOF,access to std::cerr|EXTERN] diff --git a/infer/tests/codetoanalyze/java/infer/issues.exp b/infer/tests/codetoanalyze/java/infer/issues.exp index f7a3fa741..3566db993 100644 --- a/infer/tests/codetoanalyze/java/infer/issues.exp +++ b/infer/tests/codetoanalyze/java/infer/issues.exp @@ -169,8 +169,8 @@ codetoanalyze/java/infer/ResourceLeaks.java, int ResourceLeaks.readConfigNotClos codetoanalyze/java/infer/ResourceLeaks.java, void ResourceLeaks.NoResourceLeakWarningAfterCheckState(File,int), 2, PRECONDITION_NOT_MET, [start of procedure NoResourceLeakWarningAfterCheckState(...),Taking false branch] codetoanalyze/java/infer/ResourceLeaks.java, void ResourceLeaks.activityObtainTypedArrayAndLeak(Activity), 2, RESOURCE_LEAK, [start of procedure activityObtainTypedArrayAndLeak(...),start of procedure ignore(...),return from a call to void ResourceLeaks.ignore(TypedArray)] codetoanalyze/java/infer/ResourceLeaks.java, void ResourceLeaks.contextObtainTypedArrayAndLeak(Context), 2, RESOURCE_LEAK, [start of procedure contextObtainTypedArrayAndLeak(...),start of procedure ignore(...),return from a call to void ResourceLeaks.ignore(TypedArray)] -codetoanalyze/java/infer/ResourceLeaks.java, void ResourceLeaks.copyFileLeak(File,File), 11, RESOURCE_LEAK, [start of procedure copyFileLeak(...),exception java.io.FileNotFoundException] codetoanalyze/java/infer/ResourceLeaks.java, void ResourceLeaks.copyFileLeak(File,File), 11, RESOURCE_LEAK, [start of procedure copyFileLeak(...),Skipping transferTo(...): unknown method,Taking true branch,exception java.io.IOException] +codetoanalyze/java/infer/ResourceLeaks.java, void ResourceLeaks.copyFileLeak(File,File), 11, RESOURCE_LEAK, [start of procedure copyFileLeak(...),exception java.io.FileNotFoundException] codetoanalyze/java/infer/ResourceLeaks.java, void ResourceLeaks.deflaterLeak(), 1, RESOURCE_LEAK, [start of procedure deflaterLeak()] codetoanalyze/java/infer/ResourceLeaks.java, void ResourceLeaks.fileInputStreamNotClosedAfterRead(), 6, RESOURCE_LEAK, [start of procedure fileInputStreamNotClosedAfterRead(),exception java.io.IOException] codetoanalyze/java/infer/ResourceLeaks.java, void ResourceLeaks.fileOutputStreamNotClosed(), 1, RESOURCE_LEAK, [start of procedure fileOutputStreamNotClosed()] diff --git a/infer/tests/codetoanalyze/java/quandary/issues.exp b/infer/tests/codetoanalyze/java/quandary/issues.exp index 68055d1ae..28814de89 100644 --- a/infer/tests/codetoanalyze/java/quandary/issues.exp +++ b/infer/tests/codetoanalyze/java/quandary/issues.exp @@ -138,46 +138,46 @@ codetoanalyze/java/quandary/Interprocedural.java, void Interprocedural.returnSou codetoanalyze/java/quandary/Interprocedural.java, void Interprocedural.returnSourceViaParameter2Bad(Interprocedural$Obj,Interprocedural$Obj), 3, QUANDARY_TAINT_ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void InferTaint.inferSensitiveSink(Object)] codetoanalyze/java/quandary/Interprocedural.java, void Interprocedural.setGlobalThenCallSinkBad(), 2, QUANDARY_TAINT_ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void Interprocedural.callSinkOnGlobal(),Call to void InferTaint.inferSensitiveSink(Object)] codetoanalyze/java/quandary/Interprocedural.java, void Interprocedural.singlePassthroughBad(), 3, QUANDARY_TAINT_ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void InferTaint.inferSensitiveSink(Object)] +codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 36, QUANDARY_TAINT_ERROR, [Return from float Location.getBearing(),Call to int Log.e(String,String)] +codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 36, QUANDARY_TAINT_ERROR, [Return from float Location.getSpeed(),Call to int Log.e(String,String)] +codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 36, QUANDARY_TAINT_ERROR, [Return from double Location.getLatitude(),Call to int Log.e(String,String)] +codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 36, QUANDARY_TAINT_ERROR, [Return from double Location.getLongitude(),Call to int Log.e(String,String)] codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 36, QUANDARY_TAINT_ERROR, [Return from String TelephonyManager.getDeviceId(),Call to int Log.e(String,String)] codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 36, QUANDARY_TAINT_ERROR, [Return from double Location.getAltitude(),Call to int Log.e(String,String)] -codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 36, QUANDARY_TAINT_ERROR, [Return from double Location.getLongitude(),Call to int Log.e(String,String)] -codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 36, QUANDARY_TAINT_ERROR, [Return from String TelephonyManager.getSimSerialNumber(),Call to int Log.e(String,String)] -codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 36, QUANDARY_TAINT_ERROR, [Return from String TelephonyManager.getVoiceMailNumber(),Call to int Log.e(String,String)] -codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 36, QUANDARY_TAINT_ERROR, [Return from double Location.getLatitude(),Call to int Log.e(String,String)] codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 36, QUANDARY_TAINT_ERROR, [Return from String TelephonyManager.getSubscriberId(),Call to int Log.e(String,String)] -codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 36, QUANDARY_TAINT_ERROR, [Return from float Location.getSpeed(),Call to int Log.e(String,String)] +codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 36, QUANDARY_TAINT_ERROR, [Return from String TelephonyManager.getVoiceMailNumber(),Call to int Log.e(String,String)] codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 36, QUANDARY_TAINT_ERROR, [Return from String TelephonyManager.getLine1Number(),Call to int Log.e(String,String)] -codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 36, QUANDARY_TAINT_ERROR, [Return from float Location.getBearing(),Call to int Log.e(String,String)] +codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 36, QUANDARY_TAINT_ERROR, [Return from String TelephonyManager.getSimSerialNumber(),Call to int Log.e(String,String)] +codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 37, QUANDARY_TAINT_ERROR, [Return from String TelephonyManager.getSubscriberId(),Call to int Log.println(int,String,String)] +codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 37, QUANDARY_TAINT_ERROR, [Return from String TelephonyManager.getSimSerialNumber(),Call to int Log.println(int,String,String)] codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 37, QUANDARY_TAINT_ERROR, [Return from String TelephonyManager.getLine1Number(),Call to int Log.println(int,String,String)] +codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 37, QUANDARY_TAINT_ERROR, [Return from double Location.getLongitude(),Call to int Log.println(int,String,String)] codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 37, QUANDARY_TAINT_ERROR, [Return from double Location.getLatitude(),Call to int Log.println(int,String,String)] +codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 37, QUANDARY_TAINT_ERROR, [Return from String TelephonyManager.getDeviceId(),Call to int Log.println(int,String,String)] codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 37, QUANDARY_TAINT_ERROR, [Return from double Location.getAltitude(),Call to int Log.println(int,String,String)] -codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 37, QUANDARY_TAINT_ERROR, [Return from float Location.getSpeed(),Call to int Log.println(int,String,String)] -codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 37, QUANDARY_TAINT_ERROR, [Return from String TelephonyManager.getSimSerialNumber(),Call to int Log.println(int,String,String)] -codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 37, QUANDARY_TAINT_ERROR, [Return from String TelephonyManager.getVoiceMailNumber(),Call to int Log.println(int,String,String)] codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 37, QUANDARY_TAINT_ERROR, [Return from float Location.getBearing(),Call to int Log.println(int,String,String)] -codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 37, QUANDARY_TAINT_ERROR, [Return from String TelephonyManager.getSubscriberId(),Call to int Log.println(int,String,String)] -codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 37, QUANDARY_TAINT_ERROR, [Return from String TelephonyManager.getDeviceId(),Call to int Log.println(int,String,String)] -codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 37, QUANDARY_TAINT_ERROR, [Return from double Location.getLongitude(),Call to int Log.println(int,String,String)] -codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 38, QUANDARY_TAINT_ERROR, [Return from String TelephonyManager.getDeviceId(),Call to int Log.w(String,String)] +codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 37, QUANDARY_TAINT_ERROR, [Return from String TelephonyManager.getVoiceMailNumber(),Call to int Log.println(int,String,String)] +codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 37, QUANDARY_TAINT_ERROR, [Return from float Location.getSpeed(),Call to int Log.println(int,String,String)] +codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 38, QUANDARY_TAINT_ERROR, [Return from double Location.getLatitude(),Call to int Log.w(String,String)] codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 38, QUANDARY_TAINT_ERROR, [Return from double Location.getAltitude(),Call to int Log.w(String,String)] +codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 38, QUANDARY_TAINT_ERROR, [Return from String TelephonyManager.getSubscriberId(),Call to int Log.w(String,String)] +codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 38, QUANDARY_TAINT_ERROR, [Return from String TelephonyManager.getDeviceId(),Call to int Log.w(String,String)] codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 38, QUANDARY_TAINT_ERROR, [Return from String TelephonyManager.getLine1Number(),Call to int Log.w(String,String)] -codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 38, QUANDARY_TAINT_ERROR, [Return from double Location.getLatitude(),Call to int Log.w(String,String)] -codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 38, QUANDARY_TAINT_ERROR, [Return from float Location.getSpeed(),Call to int Log.w(String,String)] codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 38, QUANDARY_TAINT_ERROR, [Return from String TelephonyManager.getVoiceMailNumber(),Call to int Log.w(String,String)] -codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 38, QUANDARY_TAINT_ERROR, [Return from String TelephonyManager.getSubscriberId(),Call to int Log.w(String,String)] -codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 38, QUANDARY_TAINT_ERROR, [Return from String TelephonyManager.getSimSerialNumber(),Call to int Log.w(String,String)] -codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 38, QUANDARY_TAINT_ERROR, [Return from double Location.getLongitude(),Call to int Log.w(String,String)] codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 38, QUANDARY_TAINT_ERROR, [Return from float Location.getBearing(),Call to int Log.w(String,String)] -codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 39, QUANDARY_TAINT_ERROR, [Return from float Location.getSpeed(),Call to int Log.wtf(String,String)] -codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 39, QUANDARY_TAINT_ERROR, [Return from String TelephonyManager.getVoiceMailNumber(),Call to int Log.wtf(String,String)] -codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 39, QUANDARY_TAINT_ERROR, [Return from double Location.getLatitude(),Call to int Log.wtf(String,String)] +codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 38, QUANDARY_TAINT_ERROR, [Return from double Location.getLongitude(),Call to int Log.w(String,String)] +codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 38, QUANDARY_TAINT_ERROR, [Return from float Location.getSpeed(),Call to int Log.w(String,String)] +codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 38, QUANDARY_TAINT_ERROR, [Return from String TelephonyManager.getSimSerialNumber(),Call to int Log.w(String,String)] +codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 39, QUANDARY_TAINT_ERROR, [Return from String TelephonyManager.getSimSerialNumber(),Call to int Log.wtf(String,String)] codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 39, QUANDARY_TAINT_ERROR, [Return from String TelephonyManager.getSubscriberId(),Call to int Log.wtf(String,String)] +codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 39, QUANDARY_TAINT_ERROR, [Return from String TelephonyManager.getVoiceMailNumber(),Call to int Log.wtf(String,String)] codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 39, QUANDARY_TAINT_ERROR, [Return from double Location.getAltitude(),Call to int Log.wtf(String,String)] -codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 39, QUANDARY_TAINT_ERROR, [Return from double Location.getLongitude(),Call to int Log.wtf(String,String)] +codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 39, QUANDARY_TAINT_ERROR, [Return from double Location.getLatitude(),Call to int Log.wtf(String,String)] codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 39, QUANDARY_TAINT_ERROR, [Return from String TelephonyManager.getLine1Number(),Call to int Log.wtf(String,String)] +codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 39, QUANDARY_TAINT_ERROR, [Return from double Location.getLongitude(),Call to int Log.wtf(String,String)] codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 39, QUANDARY_TAINT_ERROR, [Return from String TelephonyManager.getDeviceId(),Call to int Log.wtf(String,String)] +codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 39, QUANDARY_TAINT_ERROR, [Return from float Location.getSpeed(),Call to int Log.wtf(String,String)] codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 39, QUANDARY_TAINT_ERROR, [Return from float Location.getBearing(),Call to int Log.wtf(String,String)] -codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 39, QUANDARY_TAINT_ERROR, [Return from String TelephonyManager.getSimSerialNumber(),Call to int Log.wtf(String,String)] codetoanalyze/java/quandary/Recursion.java, void Recursion.callSinkThenDivergeBad(), 1, QUANDARY_TAINT_ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void Recursion.callSinkThenDiverge(Object),Call to void InferTaint.inferSensitiveSink(Object)] codetoanalyze/java/quandary/Recursion.java, void Recursion.safeRecursionCallSinkBad(), 1, QUANDARY_TAINT_ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void Recursion.safeRecursionCallSink(int,Object),Call to void InferTaint.inferSensitiveSink(Object)] codetoanalyze/java/quandary/Serialization.java, Object Serialization.taintedObjectInputStreamBad(), 2, QUANDARY_TAINT_ERROR, [Return from Object InferTaint.inferSecretSource(),Call to ObjectInputStream.(InputStream)] diff --git a/scripts/check_duplicates.py b/scripts/check_duplicates.py new file mode 100755 index 000000000..65f93d125 --- /dev/null +++ b/scripts/check_duplicates.py @@ -0,0 +1,67 @@ +#!/usr/bin/env python3 + +# Copyright (c) 2017 - present Facebook, Inc. +# All rights reserved. +# +# This source code is licensed under the BSD style license found in the +# LICENSE file in the root directory of this source tree. An additional grant +# of patent rights can be found in the PATENTS file in the same directory. + + +import json +import os +import sys + +REPORT_FILENAME = sys.argv[1] + + +def load_report(): + with open(REPORT_FILENAME, 'r') as file_in: + return json.load(file_in) + + +def compute_duplicates(report): + table = {} + for e in report: + bug_hash = e['hash'] + if bug_hash in table: + table[bug_hash].append(e) + else: + table[bug_hash] = [e] + duplicates = {} + for key, value in table.items(): + if len(value) >= 1: + duplicates[key] = value + return duplicates + + +def compute_max_hash(duplicates): + max_length = 0 + max_hash = 0 + for key, value in duplicates.items(): + length = len(value) + if length > max_length: + max_length = length + max_hash = key + return max_hash + + +def print_duplicates(duplicates): + with open('duplicates.txt', 'w') as file_out: + for key, value in duplicates.items(): + reports = set([(e['bug_type'], e['qualifier']) for e in value]) + messages = ['{} {}'.format(bug, msg) for (bug, msg) in reports] + if len(messages) > 1: + file_out.write('\nWith bug hash {}:\n\t{}\n'.format( + key, + '\n\t'.join(messages))) + + +report = load_report() +duplicates = compute_duplicates(report) +print_duplicates(duplicates) +max_hash = compute_max_hash(duplicates) +print('max hash: {}'.format(max_hash)) +duplicates = [e for e in report if e['hash'] == max_hash] +with open('duplicates.json', 'w') as file_out: + json.dump(duplicates, file_out, indent=2, separators=(',', ': '))