From 60dac454617c5013db11bf3a5034ba05eeb6a972 Mon Sep 17 00:00:00 2001 From: Sam Blackshear Date: Wed, 15 Mar 2017 08:32:00 -0700 Subject: [PATCH] [quandary] don't call read_summary on the current procedure while creating a trace Reviewed By: jeremydubreil Differential Revision: D4704259 fbshipit-source-id: 882493e --- infer/src/quandary/TaintAnalysis.ml | 21 ++++++++++++------- .../codetoanalyze/java/quandary/issues.exp | 2 +- 2 files changed, 14 insertions(+), 9 deletions(-) diff --git a/infer/src/quandary/TaintAnalysis.ml b/infer/src/quandary/TaintAnalysis.ml index d1faa20b0..44a7e3ed3 100644 --- a/infer/src/quandary/TaintAnalysis.ml +++ b/infer/src/quandary/TaintAnalysis.ml @@ -158,14 +158,19 @@ module Make (TaintSpecification : TaintSpec.S) = struct (** log any new reportable source-sink flows in [trace] *) let report_trace trace cur_site (proc_data : FormalMap.t ProcData.t) = let trace_of_pname pname = - match Summary.read_summary proc_data.pdesc pname with - | Some summary -> - TaintDomain.fold - (fun acc _ trace -> TraceDomain.join trace acc) - (TaintSpecification.of_summary_access_tree summary) - TraceDomain.empty - | None -> - TraceDomain.empty in + if Typ.Procname.equal pname (Procdesc.get_proc_name proc_data.pdesc) + then + (* read_summary will trigger ondemand analysis of the current proc. we don't want that. *) + TraceDomain.empty + else + match Summary.read_summary proc_data.pdesc pname with + | Some summary -> + TaintDomain.fold + (fun acc _ trace -> TraceDomain.join trace acc) + (TaintSpecification.of_summary_access_tree summary) + TraceDomain.empty + | None -> + TraceDomain.empty in let pp_path_short fmt (_, sources_passthroughs, sinks_passthroughs) = let original_source = fst (List.hd_exn sources_passthroughs) in diff --git a/infer/tests/codetoanalyze/java/quandary/issues.exp b/infer/tests/codetoanalyze/java/quandary/issues.exp index 3b3b952c9..4d657e376 100644 --- a/infer/tests/codetoanalyze/java/quandary/issues.exp +++ b/infer/tests/codetoanalyze/java/quandary/issues.exp @@ -154,7 +154,7 @@ codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.log codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 39, QUANDARY_TAINT_ERROR, [return from float Location.getSpeed(),call to int Log.wtf(String,String)] codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 39, QUANDARY_TAINT_ERROR, [return from double Location.getLongitude(),call to int Log.wtf(String,String)] codetoanalyze/java/quandary/Recursion.java, void Recursion.callSinkThenDivergeBad(), 1, QUANDARY_TAINT_ERROR, [return from Object InferTaint.inferSecretSource(),call to void Recursion.callSinkThenDiverge(Object),call to void InferTaint.inferSensitiveSink(Object)] -codetoanalyze/java/quandary/Recursion.java, void Recursion.recursionBad(int,Object), 3, QUANDARY_TAINT_ERROR, [return from Object InferTaint.inferSecretSource(),call to void Recursion.recursionBad(int,Object),call to void InferTaint.inferSensitiveSink(Object)] +codetoanalyze/java/quandary/Recursion.java, void Recursion.recursionBad(int,Object), 3, QUANDARY_TAINT_ERROR, [return from Object InferTaint.inferSecretSource(),call to void Recursion.recursionBad(int,Object)] codetoanalyze/java/quandary/Recursion.java, void Recursion.safeRecursionCallSinkBad(), 1, QUANDARY_TAINT_ERROR, [return from Object InferTaint.inferSecretSource(),call to void Recursion.safeRecursionCallSink(int,Object),call to void InferTaint.inferSensitiveSink(Object)] codetoanalyze/java/quandary/Strings.java, void Strings.viaFormatterBad(), 3, QUANDARY_TAINT_ERROR, [return from Object InferTaint.inferSecretSource(),call to void InferTaint.inferSensitiveSink(Object)] codetoanalyze/java/quandary/Strings.java, void Strings.viaFormatterIgnoreReturnBad(), 4, QUANDARY_TAINT_ERROR, [return from Object InferTaint.inferSecretSource(),call to void InferTaint.inferSensitiveSink(Object)]