From 3e94c868f4a534f62b78bd3cceaa8042ce519f4b Mon Sep 17 00:00:00 2001 From: Jeremy Dubreil Date: Mon, 4 Dec 2017 00:17:34 -0800 Subject: [PATCH] [infer] use the classname without the package name to compute the bug hash Summary: This will avoid collisions when the inner classes are implementing the same methods. For example, the previous version of the bug hash could conflate the issues when several annonymous inner classes are implementing the same method, e.g. a annonymous subclass of `Runnable` implementing `run()`. Reviewed By: sblackshear Differential Revision: D6461594 fbshipit-source-id: 2bb8545 --- infer/src/backend/InferPrint.ml | 9 ++- infer/tests/build_systems/ant/issues.exp | 2 +- infer/tests/codetoanalyze/cpp/siof/issues.exp | 2 +- .../tests/codetoanalyze/java/infer/issues.exp | 2 +- .../codetoanalyze/java/quandary/issues.exp | 46 ++++++------- scripts/check_duplicates.py | 67 +++++++++++++++++++ 6 files changed, 101 insertions(+), 27 deletions(-) create mode 100755 scripts/check_duplicates.py diff --git a/infer/src/backend/InferPrint.ml b/infer/src/backend/InferPrint.ml index d4b30d4c4..e01bc706b 100644 --- a/infer/src/backend/InferPrint.ml +++ b/infer/src/backend/InferPrint.ml @@ -48,8 +48,15 @@ let error_desc_to_dotty_string error_desc = Localise.error_desc_get_dotty error_ let compute_hash (kind: string) (type_str: string) (proc_name: Typ.Procname.t) (filename: string) (qualifier: string) = let base_filename = Filename.basename filename in - let simple_procedure_name = Typ.Procname.to_simplified_string proc_name in + let simple_procedure_name = + (* Force the anonymous inner class to have the same class by removing the index + in order to make the hash invariant when introducing new annonynous classes *) + Str.global_replace (Str.regexp "[0-9]+") "_" + (Typ.Procname.to_simplified_string ~withclass:true proc_name) + in let location_independent_qualifier = + (* Removing the line and column information from the error message to make the + hash invariant when moving the source code in the file *) Str.global_replace (Str.regexp "\\(line\\|column\\)\\ [0-9]+") "_" qualifier in Utils.better_hash diff --git a/infer/tests/build_systems/ant/issues.exp b/infer/tests/build_systems/ant/issues.exp index 957cb90e0..e0a127af3 100644 --- a/infer/tests/build_systems/ant/issues.exp +++ b/infer/tests/build_systems/ant/issues.exp @@ -160,8 +160,8 @@ codetoanalyze/java/infer/ResourceLeaks.java, int ResourceLeaks.fileOutputStreamT codetoanalyze/java/infer/ResourceLeaks.java, int ResourceLeaks.readConfigNotCloseStream(String), 5, RESOURCE_LEAK, [start of procedure readConfigNotCloseStream(...)] codetoanalyze/java/infer/ResourceLeaks.java, void ResourceLeaks.activityObtainTypedArrayAndLeak(Activity), 2, RESOURCE_LEAK, [start of procedure activityObtainTypedArrayAndLeak(...),start of procedure ignore(...),return from a call to void ResourceLeaks.ignore(TypedArray)] codetoanalyze/java/infer/ResourceLeaks.java, void ResourceLeaks.contextObtainTypedArrayAndLeak(Context), 2, RESOURCE_LEAK, [start of procedure contextObtainTypedArrayAndLeak(...),start of procedure ignore(...),return from a call to void ResourceLeaks.ignore(TypedArray)] -codetoanalyze/java/infer/ResourceLeaks.java, void ResourceLeaks.copyFileLeak(File,File), 11, RESOURCE_LEAK, [start of procedure copyFileLeak(...),exception java.io.FileNotFoundException] codetoanalyze/java/infer/ResourceLeaks.java, void ResourceLeaks.copyFileLeak(File,File), 11, RESOURCE_LEAK, [start of procedure copyFileLeak(...),Skipping transferTo(...): unknown method,Taking true branch,exception java.io.IOException] +codetoanalyze/java/infer/ResourceLeaks.java, void ResourceLeaks.copyFileLeak(File,File), 11, RESOURCE_LEAK, [start of procedure copyFileLeak(...),exception java.io.FileNotFoundException] codetoanalyze/java/infer/ResourceLeaks.java, void ResourceLeaks.deflaterLeak(), 1, RESOURCE_LEAK, [start of procedure deflaterLeak()] codetoanalyze/java/infer/ResourceLeaks.java, void ResourceLeaks.fileInputStreamNotClosedAfterRead(), 6, RESOURCE_LEAK, [start of procedure fileInputStreamNotClosedAfterRead(),exception java.io.IOException] codetoanalyze/java/infer/ResourceLeaks.java, void ResourceLeaks.fileOutputStreamNotClosed(), 1, RESOURCE_LEAK, [start of procedure fileOutputStreamNotClosed()] diff --git a/infer/tests/codetoanalyze/cpp/siof/issues.exp b/infer/tests/codetoanalyze/cpp/siof/issues.exp index 06eb13c71..ccd55da7e 100644 --- a/infer/tests/codetoanalyze/cpp/siof/issues.exp +++ b/infer/tests/codetoanalyze/cpp/siof/issues.exp @@ -10,8 +10,8 @@ codetoanalyze/cpp/siof/siof/siof.cpp, __infer_globals_initializer_initWithGlobal codetoanalyze/cpp/siof/siof/siof.cpp, __infer_globals_initializer_initWithGlobal_bad, 0, STATIC_INITIALIZATION_ORDER_FIASCO, [initialization of initWithGlobal_bad,call to getGlobalNonPOD,access to some_other_global_object2|codetoanalyze/cpp/siof/siof/siof_different_tu.cpp] codetoanalyze/cpp/siof/siof/siof.cpp, __infer_globals_initializer_pod_accesses_non_pod_bad, 0, STATIC_INITIALIZATION_ORDER_FIASCO, [initialization of pod_accesses_non_pod_bad,call to access_to_non_pod,access to global_object2|codetoanalyze/cpp/siof/siof/siof_different_tu.cpp] codetoanalyze/cpp/siof/siof/siof.cpp, __infer_globals_initializer_pod_accesses_non_pod_bad, 0, STATIC_INITIALIZATION_ORDER_FIASCO, [initialization of pod_accesses_non_pod_bad,call to access_to_non_pod,access to some_other_global_object2|codetoanalyze/cpp/siof/siof/siof_different_tu.cpp] -codetoanalyze/cpp/siof/siof/siof_templated.cpp, __infer_globals_initializer_another_templated_global_object2_bad, 0, STATIC_INITIALIZATION_ORDER_FIASCO, [initialization of another_templated_global_object2_bad,call to access_to_non_pod,access to global_object2|codetoanalyze/cpp/siof/siof/siof_different_tu.cpp] codetoanalyze/cpp/siof/siof/siof_templated.cpp, __infer_globals_initializer_another_templated_global_object2_bad, 0, STATIC_INITIALIZATION_ORDER_FIASCO, [initialization of another_templated_global_object2_bad,call to access_to_non_pod,access to some_other_global_object2|codetoanalyze/cpp/siof/siof/siof_different_tu.cpp] +codetoanalyze/cpp/siof/siof/siof_templated.cpp, __infer_globals_initializer_another_templated_global_object2_bad, 0, STATIC_INITIALIZATION_ORDER_FIASCO, [initialization of another_templated_global_object2_bad,call to access_to_non_pod,access to global_object2|codetoanalyze/cpp/siof/siof/siof_different_tu.cpp] codetoanalyze/cpp/siof/siof/siof_templated.cpp, __infer_globals_initializer_another_templated_global_object3_bad, 0, STATIC_INITIALIZATION_ORDER_FIASCO, [initialization of another_templated_global_object3_bad,call to access_to_templated_non_pod,access to global_object3|codetoanalyze/cpp/siof/siof/siof_different_tu.cpp] codetoanalyze/cpp/siof/siof/siof_templated.cpp, __infer_globals_initializer_another_templated_global_object_bad, 0, STATIC_INITIALIZATION_ORDER_FIASCO, [initialization of another_templated_global_object_bad,call to SomeOtherTemplatedNonPODObject<_Bool>_SomeOtherTemplatedNonPODObject,access to extern_global_object|EXTERN] codetoanalyze/cpp/siof/siof/std_ios_base_init.cpp, __infer_globals_initializer_global_std_cerr_access_bad, 0, STATIC_INITIALIZATION_ORDER_FIASCO, [initialization of global_std_cerr_access_bad,call to return_4_SIOF,call to printing_SIOF,access to std::cerr|EXTERN] diff --git a/infer/tests/codetoanalyze/java/infer/issues.exp b/infer/tests/codetoanalyze/java/infer/issues.exp index f7a3fa741..3566db993 100644 --- a/infer/tests/codetoanalyze/java/infer/issues.exp +++ b/infer/tests/codetoanalyze/java/infer/issues.exp @@ -169,8 +169,8 @@ codetoanalyze/java/infer/ResourceLeaks.java, int ResourceLeaks.readConfigNotClos codetoanalyze/java/infer/ResourceLeaks.java, void ResourceLeaks.NoResourceLeakWarningAfterCheckState(File,int), 2, PRECONDITION_NOT_MET, [start of procedure NoResourceLeakWarningAfterCheckState(...),Taking false branch] codetoanalyze/java/infer/ResourceLeaks.java, void ResourceLeaks.activityObtainTypedArrayAndLeak(Activity), 2, RESOURCE_LEAK, [start of procedure activityObtainTypedArrayAndLeak(...),start of procedure ignore(...),return from a call to void ResourceLeaks.ignore(TypedArray)] codetoanalyze/java/infer/ResourceLeaks.java, void ResourceLeaks.contextObtainTypedArrayAndLeak(Context), 2, RESOURCE_LEAK, [start of procedure contextObtainTypedArrayAndLeak(...),start of procedure ignore(...),return from a call to void ResourceLeaks.ignore(TypedArray)] -codetoanalyze/java/infer/ResourceLeaks.java, void ResourceLeaks.copyFileLeak(File,File), 11, RESOURCE_LEAK, [start of procedure copyFileLeak(...),exception java.io.FileNotFoundException] codetoanalyze/java/infer/ResourceLeaks.java, void ResourceLeaks.copyFileLeak(File,File), 11, RESOURCE_LEAK, [start of procedure copyFileLeak(...),Skipping transferTo(...): unknown method,Taking true branch,exception java.io.IOException] +codetoanalyze/java/infer/ResourceLeaks.java, void ResourceLeaks.copyFileLeak(File,File), 11, RESOURCE_LEAK, [start of procedure copyFileLeak(...),exception java.io.FileNotFoundException] codetoanalyze/java/infer/ResourceLeaks.java, void ResourceLeaks.deflaterLeak(), 1, RESOURCE_LEAK, [start of procedure deflaterLeak()] codetoanalyze/java/infer/ResourceLeaks.java, void ResourceLeaks.fileInputStreamNotClosedAfterRead(), 6, RESOURCE_LEAK, [start of procedure fileInputStreamNotClosedAfterRead(),exception java.io.IOException] codetoanalyze/java/infer/ResourceLeaks.java, void ResourceLeaks.fileOutputStreamNotClosed(), 1, RESOURCE_LEAK, [start of procedure fileOutputStreamNotClosed()] diff --git a/infer/tests/codetoanalyze/java/quandary/issues.exp b/infer/tests/codetoanalyze/java/quandary/issues.exp index 68055d1ae..28814de89 100644 --- a/infer/tests/codetoanalyze/java/quandary/issues.exp +++ b/infer/tests/codetoanalyze/java/quandary/issues.exp @@ -138,46 +138,46 @@ codetoanalyze/java/quandary/Interprocedural.java, void Interprocedural.returnSou codetoanalyze/java/quandary/Interprocedural.java, void Interprocedural.returnSourceViaParameter2Bad(Interprocedural$Obj,Interprocedural$Obj), 3, QUANDARY_TAINT_ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void InferTaint.inferSensitiveSink(Object)] codetoanalyze/java/quandary/Interprocedural.java, void Interprocedural.setGlobalThenCallSinkBad(), 2, QUANDARY_TAINT_ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void Interprocedural.callSinkOnGlobal(),Call to void InferTaint.inferSensitiveSink(Object)] codetoanalyze/java/quandary/Interprocedural.java, void Interprocedural.singlePassthroughBad(), 3, QUANDARY_TAINT_ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void InferTaint.inferSensitiveSink(Object)] +codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 36, QUANDARY_TAINT_ERROR, [Return from float Location.getBearing(),Call to int Log.e(String,String)] +codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 36, QUANDARY_TAINT_ERROR, [Return from float Location.getSpeed(),Call to int Log.e(String,String)] +codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 36, QUANDARY_TAINT_ERROR, [Return from double Location.getLatitude(),Call to int Log.e(String,String)] +codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 36, QUANDARY_TAINT_ERROR, [Return from double Location.getLongitude(),Call to int Log.e(String,String)] codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 36, QUANDARY_TAINT_ERROR, [Return from String TelephonyManager.getDeviceId(),Call to int Log.e(String,String)] codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 36, QUANDARY_TAINT_ERROR, [Return from double Location.getAltitude(),Call to int Log.e(String,String)] -codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 36, QUANDARY_TAINT_ERROR, [Return from double Location.getLongitude(),Call to int Log.e(String,String)] -codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 36, QUANDARY_TAINT_ERROR, [Return from String TelephonyManager.getSimSerialNumber(),Call to int Log.e(String,String)] -codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 36, QUANDARY_TAINT_ERROR, [Return from String TelephonyManager.getVoiceMailNumber(),Call to int Log.e(String,String)] -codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 36, QUANDARY_TAINT_ERROR, [Return from double Location.getLatitude(),Call to int Log.e(String,String)] codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 36, QUANDARY_TAINT_ERROR, [Return from String TelephonyManager.getSubscriberId(),Call to int Log.e(String,String)] -codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 36, QUANDARY_TAINT_ERROR, [Return from float Location.getSpeed(),Call to int Log.e(String,String)] +codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 36, QUANDARY_TAINT_ERROR, [Return from String TelephonyManager.getVoiceMailNumber(),Call to int Log.e(String,String)] codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 36, QUANDARY_TAINT_ERROR, [Return from String TelephonyManager.getLine1Number(),Call to int Log.e(String,String)] -codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 36, QUANDARY_TAINT_ERROR, [Return from float Location.getBearing(),Call to int Log.e(String,String)] +codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 36, QUANDARY_TAINT_ERROR, [Return from String TelephonyManager.getSimSerialNumber(),Call to int Log.e(String,String)] +codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 37, QUANDARY_TAINT_ERROR, [Return from String TelephonyManager.getSubscriberId(),Call to int Log.println(int,String,String)] +codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 37, QUANDARY_TAINT_ERROR, [Return from String TelephonyManager.getSimSerialNumber(),Call to int Log.println(int,String,String)] codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 37, QUANDARY_TAINT_ERROR, [Return from String TelephonyManager.getLine1Number(),Call to int Log.println(int,String,String)] +codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 37, QUANDARY_TAINT_ERROR, [Return from double Location.getLongitude(),Call to int Log.println(int,String,String)] codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 37, QUANDARY_TAINT_ERROR, [Return from double Location.getLatitude(),Call to int Log.println(int,String,String)] +codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 37, QUANDARY_TAINT_ERROR, [Return from String TelephonyManager.getDeviceId(),Call to int Log.println(int,String,String)] codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 37, QUANDARY_TAINT_ERROR, [Return from double Location.getAltitude(),Call to int Log.println(int,String,String)] -codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 37, QUANDARY_TAINT_ERROR, [Return from float Location.getSpeed(),Call to int Log.println(int,String,String)] -codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 37, QUANDARY_TAINT_ERROR, [Return from String TelephonyManager.getSimSerialNumber(),Call to int Log.println(int,String,String)] -codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 37, QUANDARY_TAINT_ERROR, [Return from String TelephonyManager.getVoiceMailNumber(),Call to int Log.println(int,String,String)] codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 37, QUANDARY_TAINT_ERROR, [Return from float Location.getBearing(),Call to int Log.println(int,String,String)] -codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 37, QUANDARY_TAINT_ERROR, [Return from String TelephonyManager.getSubscriberId(),Call to int Log.println(int,String,String)] -codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 37, QUANDARY_TAINT_ERROR, [Return from String TelephonyManager.getDeviceId(),Call to int Log.println(int,String,String)] -codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 37, QUANDARY_TAINT_ERROR, [Return from double Location.getLongitude(),Call to int Log.println(int,String,String)] -codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 38, QUANDARY_TAINT_ERROR, [Return from String TelephonyManager.getDeviceId(),Call to int Log.w(String,String)] +codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 37, QUANDARY_TAINT_ERROR, [Return from String TelephonyManager.getVoiceMailNumber(),Call to int Log.println(int,String,String)] +codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 37, QUANDARY_TAINT_ERROR, [Return from float Location.getSpeed(),Call to int Log.println(int,String,String)] +codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 38, QUANDARY_TAINT_ERROR, [Return from double Location.getLatitude(),Call to int Log.w(String,String)] codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 38, QUANDARY_TAINT_ERROR, [Return from double Location.getAltitude(),Call to int Log.w(String,String)] +codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 38, QUANDARY_TAINT_ERROR, [Return from String TelephonyManager.getSubscriberId(),Call to int Log.w(String,String)] +codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 38, QUANDARY_TAINT_ERROR, [Return from String TelephonyManager.getDeviceId(),Call to int Log.w(String,String)] codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 38, QUANDARY_TAINT_ERROR, [Return from String TelephonyManager.getLine1Number(),Call to int Log.w(String,String)] -codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 38, QUANDARY_TAINT_ERROR, [Return from double Location.getLatitude(),Call to int Log.w(String,String)] -codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 38, QUANDARY_TAINT_ERROR, [Return from float Location.getSpeed(),Call to int Log.w(String,String)] codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 38, QUANDARY_TAINT_ERROR, [Return from String TelephonyManager.getVoiceMailNumber(),Call to int Log.w(String,String)] -codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 38, QUANDARY_TAINT_ERROR, [Return from String TelephonyManager.getSubscriberId(),Call to int Log.w(String,String)] -codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 38, QUANDARY_TAINT_ERROR, [Return from String TelephonyManager.getSimSerialNumber(),Call to int Log.w(String,String)] -codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 38, QUANDARY_TAINT_ERROR, [Return from double Location.getLongitude(),Call to int Log.w(String,String)] codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 38, QUANDARY_TAINT_ERROR, [Return from float Location.getBearing(),Call to int Log.w(String,String)] -codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 39, QUANDARY_TAINT_ERROR, [Return from float Location.getSpeed(),Call to int Log.wtf(String,String)] -codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 39, QUANDARY_TAINT_ERROR, [Return from String TelephonyManager.getVoiceMailNumber(),Call to int Log.wtf(String,String)] -codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 39, QUANDARY_TAINT_ERROR, [Return from double Location.getLatitude(),Call to int Log.wtf(String,String)] +codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 38, QUANDARY_TAINT_ERROR, [Return from double Location.getLongitude(),Call to int Log.w(String,String)] +codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 38, QUANDARY_TAINT_ERROR, [Return from float Location.getSpeed(),Call to int Log.w(String,String)] +codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 38, QUANDARY_TAINT_ERROR, [Return from String TelephonyManager.getSimSerialNumber(),Call to int Log.w(String,String)] +codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 39, QUANDARY_TAINT_ERROR, [Return from String TelephonyManager.getSimSerialNumber(),Call to int Log.wtf(String,String)] codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 39, QUANDARY_TAINT_ERROR, [Return from String TelephonyManager.getSubscriberId(),Call to int Log.wtf(String,String)] +codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 39, QUANDARY_TAINT_ERROR, [Return from String TelephonyManager.getVoiceMailNumber(),Call to int Log.wtf(String,String)] codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 39, QUANDARY_TAINT_ERROR, [Return from double Location.getAltitude(),Call to int Log.wtf(String,String)] -codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 39, QUANDARY_TAINT_ERROR, [Return from double Location.getLongitude(),Call to int Log.wtf(String,String)] +codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 39, QUANDARY_TAINT_ERROR, [Return from double Location.getLatitude(),Call to int Log.wtf(String,String)] codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 39, QUANDARY_TAINT_ERROR, [Return from String TelephonyManager.getLine1Number(),Call to int Log.wtf(String,String)] +codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 39, QUANDARY_TAINT_ERROR, [Return from double Location.getLongitude(),Call to int Log.wtf(String,String)] codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 39, QUANDARY_TAINT_ERROR, [Return from String TelephonyManager.getDeviceId(),Call to int Log.wtf(String,String)] +codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 39, QUANDARY_TAINT_ERROR, [Return from float Location.getSpeed(),Call to int Log.wtf(String,String)] codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 39, QUANDARY_TAINT_ERROR, [Return from float Location.getBearing(),Call to int Log.wtf(String,String)] -codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 39, QUANDARY_TAINT_ERROR, [Return from String TelephonyManager.getSimSerialNumber(),Call to int Log.wtf(String,String)] codetoanalyze/java/quandary/Recursion.java, void Recursion.callSinkThenDivergeBad(), 1, QUANDARY_TAINT_ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void Recursion.callSinkThenDiverge(Object),Call to void InferTaint.inferSensitiveSink(Object)] codetoanalyze/java/quandary/Recursion.java, void Recursion.safeRecursionCallSinkBad(), 1, QUANDARY_TAINT_ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void Recursion.safeRecursionCallSink(int,Object),Call to void InferTaint.inferSensitiveSink(Object)] codetoanalyze/java/quandary/Serialization.java, Object Serialization.taintedObjectInputStreamBad(), 2, QUANDARY_TAINT_ERROR, [Return from Object InferTaint.inferSecretSource(),Call to ObjectInputStream.(InputStream)] diff --git a/scripts/check_duplicates.py b/scripts/check_duplicates.py new file mode 100755 index 000000000..65f93d125 --- /dev/null +++ b/scripts/check_duplicates.py @@ -0,0 +1,67 @@ +#!/usr/bin/env python3 + +# Copyright (c) 2017 - present Facebook, Inc. +# All rights reserved. +# +# This source code is licensed under the BSD style license found in the +# LICENSE file in the root directory of this source tree. An additional grant +# of patent rights can be found in the PATENTS file in the same directory. + + +import json +import os +import sys + +REPORT_FILENAME = sys.argv[1] + + +def load_report(): + with open(REPORT_FILENAME, 'r') as file_in: + return json.load(file_in) + + +def compute_duplicates(report): + table = {} + for e in report: + bug_hash = e['hash'] + if bug_hash in table: + table[bug_hash].append(e) + else: + table[bug_hash] = [e] + duplicates = {} + for key, value in table.items(): + if len(value) >= 1: + duplicates[key] = value + return duplicates + + +def compute_max_hash(duplicates): + max_length = 0 + max_hash = 0 + for key, value in duplicates.items(): + length = len(value) + if length > max_length: + max_length = length + max_hash = key + return max_hash + + +def print_duplicates(duplicates): + with open('duplicates.txt', 'w') as file_out: + for key, value in duplicates.items(): + reports = set([(e['bug_type'], e['qualifier']) for e in value]) + messages = ['{} {}'.format(bug, msg) for (bug, msg) in reports] + if len(messages) > 1: + file_out.write('\nWith bug hash {}:\n\t{}\n'.format( + key, + '\n\t'.join(messages))) + + +report = load_report() +duplicates = compute_duplicates(report) +print_duplicates(duplicates) +max_hash = compute_max_hash(duplicates) +print('max hash: {}'.format(max_hash)) +duplicates = [e for e in report if e['hash'] == max_hash] +with open('duplicates.json', 'w') as file_out: + json.dump(duplicates, file_out, indent=2, separators=(',', ': '))