[quandary] tests documenting limitations of sanitizers

Reviewed By: mbouaziz Differential Revision: D7257570 fbshipit-source-id: 5f97e31
7 years ago · 4952f1ea3b
parent 9387706a54
commit 4952f1ea3b
1 changed files with 25 additions and 0 deletions
--- a/infer/tests/codetoanalyze/java/quandary/ExternalSpecs.java
+++ b/infer/tests/codetoanalyze/java/quandary/ExternalSpecs.java
@ -102,6 +102,31 @@ public class ExternalSpecs {
    return sanitized;
  }

+  void FN_sanitizeOneBranchBad(boolean b) {
+    Object source = InferTaint.inferSecretSource();
+    Object o;
+    if (b) {
+      o = sanitizer(source);
+    } else {
+      o = source;
+    }
+    InferTaint.inferSensitiveSink(o);
+  }
+
+  Object sanitizeOneBranchInCallee(Object o, boolean b) {
+    if (b) {
+      return sanitizer(o);
+    } else {
+      return o;
+    }
+  }
+
+  void FN_sanitizerWeakUpdateBad(boolean b) {
+    Object source = InferTaint.inferSecretSource();
+    Object o = sanitizeOneBranchInCallee(source, b);
+    InferTaint.inferSensitiveSink(o);
+  }
+
  // if theres' a procedure with the same name defined in .inferconfig as a sink on parameter 1,
  // we shouldn't crash
  public static void loggingSink1() {}