[quandary] tests documenting limitations of sanitizers

Reviewed By: mbouaziz

Differential Revision: D7257570

fbshipit-source-id: 5f97e31
master
Sam Blackshear 7 years ago committed by Facebook Github Bot
parent 9387706a54
commit 4952f1ea3b

@ -102,6 +102,31 @@ public class ExternalSpecs {
return sanitized; return sanitized;
} }
void FN_sanitizeOneBranchBad(boolean b) {
Object source = InferTaint.inferSecretSource();
Object o;
if (b) {
o = sanitizer(source);
} else {
o = source;
}
InferTaint.inferSensitiveSink(o);
}
Object sanitizeOneBranchInCallee(Object o, boolean b) {
if (b) {
return sanitizer(o);
} else {
return o;
}
}
void FN_sanitizerWeakUpdateBad(boolean b) {
Object source = InferTaint.inferSecretSource();
Object o = sanitizeOneBranchInCallee(source, b);
InferTaint.inferSensitiveSink(o);
}
// if theres' a procedure with the same name defined in .inferconfig as a sink on parameter 1, // if theres' a procedure with the same name defined in .inferconfig as a sink on parameter 1,
// we shouldn't crash // we shouldn't crash
public static void loggingSink1() {} public static void loggingSink1() {}

Loading…
Cancel
Save