[quandary] don't call read_summary on the current procedure while creating a trace

Reviewed By: jeremydubreil Differential Revision: D4704259 fbshipit-source-id: 882493e
8 years ago · 60dac45461
parent aa4abea2e6
commit 60dac45461
2 changed files with 14 additions and 9 deletions
--- a/infer/src/quandary/TaintAnalysis.ml
+++ b/infer/src/quandary/TaintAnalysis.ml
@ -158,14 +158,19 @@ module Make (TaintSpecification : TaintSpec.S) = struct
    (** log any new reportable source-sink flows in [trace] *)
    let report_trace trace cur_site (proc_data : FormalMap.t ProcData.t) =
      let trace_of_pname pname =
-        match Summary.read_summary proc_data.pdesc pname with
-        | Some summary ->
-            TaintDomain.fold
-              (fun acc _ trace -> TraceDomain.join trace acc)
-              (TaintSpecification.of_summary_access_tree summary)
-              TraceDomain.empty
-        | None ->
-            TraceDomain.empty in
+        if Typ.Procname.equal pname (Procdesc.get_proc_name proc_data.pdesc)
+        then
+          (* read_summary will trigger ondemand analysis of the current proc. we don't want that. *)
+          TraceDomain.empty
+        else
+          match Summary.read_summary proc_data.pdesc pname with
+          | Some summary ->
+              TaintDomain.fold
+                (fun acc _ trace -> TraceDomain.join trace acc)
+                (TaintSpecification.of_summary_access_tree summary)
+                TraceDomain.empty
+          | None ->
+              TraceDomain.empty in

      let pp_path_short fmt (_, sources_passthroughs, sinks_passthroughs) =
        let original_source = fst (List.hd_exn sources_passthroughs) in
--- a/infer/tests/codetoanalyze/java/quandary/issues.exp
+++ b/infer/tests/codetoanalyze/java/quandary/issues.exp
@ -154,7 +154,7 @@ codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.log
 codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 39, QUANDARY_TAINT_ERROR, [return from float Location.getSpeed(),call to int Log.wtf(String,String)]
 codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 39, QUANDARY_TAINT_ERROR, [return from double Location.getLongitude(),call to int Log.wtf(String,String)]
 codetoanalyze/java/quandary/Recursion.java, void Recursion.callSinkThenDivergeBad(), 1, QUANDARY_TAINT_ERROR, [return from Object InferTaint.inferSecretSource(),call to void Recursion.callSinkThenDiverge(Object),call to void InferTaint.inferSensitiveSink(Object)]
-codetoanalyze/java/quandary/Recursion.java, void Recursion.recursionBad(int,Object), 3, QUANDARY_TAINT_ERROR, [return from Object InferTaint.inferSecretSource(),call to void Recursion.recursionBad(int,Object),call to void InferTaint.inferSensitiveSink(Object)]
+codetoanalyze/java/quandary/Recursion.java, void Recursion.recursionBad(int,Object), 3, QUANDARY_TAINT_ERROR, [return from Object InferTaint.inferSecretSource(),call to void Recursion.recursionBad(int,Object)]
 codetoanalyze/java/quandary/Recursion.java, void Recursion.safeRecursionCallSinkBad(), 1, QUANDARY_TAINT_ERROR, [return from Object InferTaint.inferSecretSource(),call to void Recursion.safeRecursionCallSink(int,Object),call to void InferTaint.inferSensitiveSink(Object)]
 codetoanalyze/java/quandary/Strings.java, void Strings.viaFormatterBad(), 3, QUANDARY_TAINT_ERROR, [return from Object InferTaint.inferSecretSource(),call to void InferTaint.inferSensitiveSink(Object)]
 codetoanalyze/java/quandary/Strings.java, void Strings.viaFormatterIgnoreReturnBad(), 4, QUANDARY_TAINT_ERROR, [return from Object InferTaint.inferSecretSource(),call to void InferTaint.inferSensitiveSink(Object)]