diff --git a/infer/src/quandary/JavaTrace.ml b/infer/src/quandary/JavaTrace.ml index 04d5da83d..64256171d 100644 --- a/infer/src/quandary/JavaTrace.ml +++ b/infer/src/quandary/JavaTrace.ml @@ -222,7 +222,9 @@ module SourceKind = struct | _ -> match Tenv.lookup tenv typename with | Some typ -> - if Annotations.struct_typ_has_annot typ Annotations.ia_is_thrift_service then + if Annotations.struct_typ_has_annot typ Annotations.ia_is_thrift_service + && PredSymb.equal_access (Procdesc.get_access pdesc) PredSymb.Public + then (* assume every non-this formal of a Thrift service is tainted *) (* TODO: may not want to taint numbers or Enum's *) Some (taint_all_but_this ~make_source:(fun name desc -> Endpoint (name, desc))) diff --git a/infer/tests/codetoanalyze/java/quandary/Services.java b/infer/tests/codetoanalyze/java/quandary/Services.java index 3b2b31697..a3ddc4314 100644 --- a/infer/tests/codetoanalyze/java/quandary/Services.java +++ b/infer/tests/codetoanalyze/java/quandary/Services.java @@ -33,6 +33,21 @@ class Service1 { Runtime.getRuntime().exec(s); // RCE if s is tainted, we should warn } + // assume protected methods aren't exported to Thrift + protected void protectedServiceMethodOk(String s) throws IOException { + Runtime.getRuntime().exec(s); + } + + // assume package-protected methods aren't exported to Thrift + void packageProtectedServiceMethodOk(String s) throws IOException { + Runtime.getRuntime().exec(s); + } + + // private methods can't be exported to thrift + private void privateMethodNotEndpointOk(String s) throws IOException { + Runtime.getRuntime().exec(s); + } + } @ThriftService