diff --git a/Makefile b/Makefile index 68e0c8b1a..2d9f198b0 100644 --- a/Makefile +++ b/Makefile @@ -15,7 +15,7 @@ TARGETS_TO_TEST += c cpp endif ifeq ($(BUILD_JAVA_ANALYZERS),yes) TARGETS_TO_TEST += java -DIRECT_TESTS += java_checkers_test java_eradicate_test java_infer_test java_tracing_test +DIRECT_TESTS += java_checkers_test java_eradicate_test java_infer_test java_tracing_test java_quandary_test endif ifneq ($(XCODE_SELECT),no) TARGETS_TO_TEST += objc objcpp @@ -109,6 +109,8 @@ java_infer_test: java_tracing_test: make -C ./infer/tests/codetoanalyze/java/tracing test +java_quandary_test: + make -C ./infer/tests/codetoanalyze/java/quandary test buck_test: infer make $(DIRECT_TESTS) diff --git a/infer/tests/codetoanalyze/java/Makefile b/infer/tests/codetoanalyze/java/Makefile index ee5bc3a05..504d6504d 100644 --- a/infer/tests/codetoanalyze/java/Makefile +++ b/infer/tests/codetoanalyze/java/Makefile @@ -19,10 +19,12 @@ MODELS = $(JAVA_LIB_DIR)/models.jar CLASSPATH=$(ANDROID19):$(ANDROIDSUPPORT):$(ANNOTATIONS):$(BUTTERKNIFE):$(JACKSON):$(JSR305):$(INJECT):$(MODELS):. +INFERPRINT_OPTIONS = --issues-tests + default: compile print: analyze - $(INFERPRINT_BIN) -q -a $(ANALYZER) --issues-tests issues.exp.test + $(INFERPRINT_BIN) -q -a $(ANALYZER) $(INFERPRINT_OPTIONS) issues.exp.test LC_ALL=C sort -o issues.exp.test issues.exp.test test: analyze print diff --git a/infer/tests/codetoanalyze/java/quandary/LoggingPrivateData.java b/infer/tests/codetoanalyze/java/quandary/LoggingPrivateData.java new file mode 100644 index 000000000..0ed581162 --- /dev/null +++ b/infer/tests/codetoanalyze/java/quandary/LoggingPrivateData.java @@ -0,0 +1,29 @@ +/* + * Copyright (c) 2015 - present Facebook, Inc. + * All rights reserved. + * + * This source code is licensed under the BSD style license found in the + * LICENSE file in the root directory of this source tree. An additional grant + * of patent rights can be found in the PATENTS file in the same directory. + */ + +package codetoanalyze.java.quandary; + +import android.content.SharedPreferences; +import android.util.Log; + +public class LoggingPrivateData { + + public void logSharedPreferencesDataBad(SharedPreferences prefs) { + Log.d("tag", prefs.getString("some", "data")); + } + + public void logSharedPreferencesDataInTagBad(SharedPreferences prefs) { + Log.d(prefs.getString("some", "data"), "value"); + } + + public void logDataOk(SharedPreferences prefs) { + Log.d("tag", "value"); + } + +} diff --git a/infer/tests/codetoanalyze/java/quandary/Makefile b/infer/tests/codetoanalyze/java/quandary/Makefile new file mode 100644 index 000000000..66fc87f29 --- /dev/null +++ b/infer/tests/codetoanalyze/java/quandary/Makefile @@ -0,0 +1,20 @@ +# Copyright (c) 2016 - present Facebook, Inc. +# All rights reserved. +# +# This source code is licensed under the BSD style license found in the +# LICENSE file in the root directory of this source tree. An additional grant +# of patent rights can be found in the PATENTS file in the same directory. + +include ../Makefile + +ANALYZER = quandary +INFERPRINT_OPTIONS = --issues-txt + +FILES = \ + LoggingPrivateData.java \ + +compile: + javac -cp $(CLASSPATH) $(FILES) + +analyze: + $(INFER_BIN) -a $(ANALYZER) -- javac -cp $(CLASSPATH) $(FILES) >/dev/null 2>/dev/null diff --git a/infer/tests/codetoanalyze/java/quandary/issues.exp b/infer/tests/codetoanalyze/java/quandary/issues.exp new file mode 100644 index 000000000..1c5456a95 --- /dev/null +++ b/infer/tests/codetoanalyze/java/quandary/issues.exp @@ -0,0 +1,2 @@ +LoggingPrivateData.java:18: ERROR: QUANDARY_TAINT_ERROR Error: SharedPreferences(String SharedPreferences.getString(String,String) at [line 18]) -> Logging(int Log.d(String,String) at [line 18]) via { } +LoggingPrivateData.java:22: ERROR: QUANDARY_TAINT_ERROR Error: SharedPreferences(String SharedPreferences.getString(String,String) at [line 22]) -> Logging(int Log.d(String,String) at [line 22]) via { }