diff --git a/infer/models/java/src/java/lang/String.java b/infer/models/java/src/java/lang/String.java index 02755bb43..5a4b6f153 100644 --- a/infer/models/java/src/java/lang/String.java +++ b/infer/models/java/src/java/lang/String.java @@ -54,24 +54,4 @@ public final class String { throw new StringIndexOutOfBoundsException(offset + length); } - - public boolean equals(Object anObject) { - InferBuiltins.__check_untainted(anObject); - return this == anObject; - } - - public int compareTo(String aString) { - InferBuiltins.__check_untainted(aString); - return InferUndefined.nonneg_int(); - } - - public boolean endsWith(String aString) { - InferBuiltins.__check_untainted(aString); - return InferUndefined.boolean_undefined(); - } - - public boolean startsWith(String aString) { - InferBuiltins.__check_untainted(aString); - return InferUndefined.boolean_undefined(); - } } diff --git a/infer/tests/ant_report.json b/infer/tests/ant_report.json index 5d614b4a7..26c58a2ae 100644 --- a/infer/tests/ant_report.json +++ b/infer/tests/ant_report.json @@ -44,106 +44,6 @@ "file": "codetoanalyze/java/infer/TaintExample.java", "bug_type": "TAINTED_VALUE_REACHING_SENSITIVE_FUNCTION" }, - { - "procedure": "String TaintExample.taintGetAuthorityCompareTo(String)", - "file": "codetoanalyze/java/infer/TaintExample.java", - "bug_type": "TAINTED_VALUE_REACHING_SENSITIVE_FUNCTION" - }, - { - "procedure": "String TaintExample.taintGetAuthorityEndsWith(String)", - "file": "codetoanalyze/java/infer/TaintExample.java", - "bug_type": "TAINTED_VALUE_REACHING_SENSITIVE_FUNCTION" - }, - { - "procedure": "String TaintExample.taintGetAuthorityStartsWith(String)", - "file": "codetoanalyze/java/infer/TaintExample.java", - "bug_type": "TAINTED_VALUE_REACHING_SENSITIVE_FUNCTION" - }, - { - "procedure": "String TaintExample.taintGetAuthoriyEquals(String)", - "file": "codetoanalyze/java/infer/TaintExample.java", - "bug_type": "TAINTED_VALUE_REACHING_SENSITIVE_FUNCTION" - }, - { - "procedure": "String TaintExample.taintGetHostCompareTo(String)", - "file": "codetoanalyze/java/infer/TaintExample.java", - "bug_type": "TAINTED_VALUE_REACHING_SENSITIVE_FUNCTION" - }, - { - "procedure": "String TaintExample.taintGetHostEndsWith(String)", - "file": "codetoanalyze/java/infer/TaintExample.java", - "bug_type": "TAINTED_VALUE_REACHING_SENSITIVE_FUNCTION" - }, - { - "procedure": "String TaintExample.taintGetHostEquals(String)", - "file": "codetoanalyze/java/infer/TaintExample.java", - "bug_type": "TAINTED_VALUE_REACHING_SENSITIVE_FUNCTION" - }, - { - "procedure": "String TaintExample.taintGetHostStartsWith(String)", - "file": "codetoanalyze/java/infer/TaintExample.java", - "bug_type": "TAINTED_VALUE_REACHING_SENSITIVE_FUNCTION" - }, - { - "procedure": "String TaintExample.taintGetProtocolCompareTo(String)", - "file": "codetoanalyze/java/infer/TaintExample.java", - "bug_type": "TAINTED_VALUE_REACHING_SENSITIVE_FUNCTION" - }, - { - "procedure": "String TaintExample.taintGetProtocolEndsWith(String)", - "file": "codetoanalyze/java/infer/TaintExample.java", - "bug_type": "TAINTED_VALUE_REACHING_SENSITIVE_FUNCTION" - }, - { - "procedure": "String TaintExample.taintGetProtocolEquals(String)", - "file": "codetoanalyze/java/infer/TaintExample.java", - "bug_type": "TAINTED_VALUE_REACHING_SENSITIVE_FUNCTION" - }, - { - "procedure": "String TaintExample.taintGetProtocolStartsWith(String)", - "file": "codetoanalyze/java/infer/TaintExample.java", - "bug_type": "TAINTED_VALUE_REACHING_SENSITIVE_FUNCTION" - }, - { - "procedure": "String TaintExample.taintToExternalFormCompareTo(String)", - "file": "codetoanalyze/java/infer/TaintExample.java", - "bug_type": "TAINTED_VALUE_REACHING_SENSITIVE_FUNCTION" - }, - { - "procedure": "String TaintExample.taintToExternalFormEndsWith(String)", - "file": "codetoanalyze/java/infer/TaintExample.java", - "bug_type": "TAINTED_VALUE_REACHING_SENSITIVE_FUNCTION" - }, - { - "procedure": "String TaintExample.taintToExternalFormEquals(String)", - "file": "codetoanalyze/java/infer/TaintExample.java", - "bug_type": "TAINTED_VALUE_REACHING_SENSITIVE_FUNCTION" - }, - { - "procedure": "String TaintExample.taintToExternalFormStartsWith(String)", - "file": "codetoanalyze/java/infer/TaintExample.java", - "bug_type": "TAINTED_VALUE_REACHING_SENSITIVE_FUNCTION" - }, - { - "procedure": "String TaintExample.taintToStringCompareTo(String)", - "file": "codetoanalyze/java/infer/TaintExample.java", - "bug_type": "TAINTED_VALUE_REACHING_SENSITIVE_FUNCTION" - }, - { - "procedure": "String TaintExample.taintToStringEndsWith(String)", - "file": "codetoanalyze/java/infer/TaintExample.java", - "bug_type": "TAINTED_VALUE_REACHING_SENSITIVE_FUNCTION" - }, - { - "procedure": "String TaintExample.taintToStringEquals(String)", - "file": "codetoanalyze/java/infer/TaintExample.java", - "bug_type": "TAINTED_VALUE_REACHING_SENSITIVE_FUNCTION" - }, - { - "procedure": "String TaintExample.taintToStringStartsWith(String)", - "file": "codetoanalyze/java/infer/TaintExample.java", - "bug_type": "TAINTED_VALUE_REACHING_SENSITIVE_FUNCTION" - }, { "procedure": "InputStream TaintExample.taintingShouldNotPreventInference(SSLSocketFactory)", "file": "codetoanalyze/java/infer/TaintExample.java", diff --git a/infer/tests/buck_report.json b/infer/tests/buck_report.json index 606715f19..aa3013f4c 100644 --- a/infer/tests/buck_report.json +++ b/infer/tests/buck_report.json @@ -44,106 +44,6 @@ "file": "infer/tests/codetoanalyze/java/infer/TaintExample.java", "bug_type": "TAINTED_VALUE_REACHING_SENSITIVE_FUNCTION" }, - { - "procedure": "String TaintExample.taintGetAuthorityCompareTo(String)", - "file": "infer/tests/codetoanalyze/java/infer/TaintExample.java", - "bug_type": "TAINTED_VALUE_REACHING_SENSITIVE_FUNCTION" - }, - { - "procedure": "String TaintExample.taintGetAuthorityEndsWith(String)", - "file": "infer/tests/codetoanalyze/java/infer/TaintExample.java", - "bug_type": "TAINTED_VALUE_REACHING_SENSITIVE_FUNCTION" - }, - { - "procedure": "String TaintExample.taintGetAuthorityStartsWith(String)", - "file": "infer/tests/codetoanalyze/java/infer/TaintExample.java", - "bug_type": "TAINTED_VALUE_REACHING_SENSITIVE_FUNCTION" - }, - { - "procedure": "String TaintExample.taintGetAuthoriyEquals(String)", - "file": "infer/tests/codetoanalyze/java/infer/TaintExample.java", - "bug_type": "TAINTED_VALUE_REACHING_SENSITIVE_FUNCTION" - }, - { - "procedure": "String TaintExample.taintGetHostCompareTo(String)", - "file": "infer/tests/codetoanalyze/java/infer/TaintExample.java", - "bug_type": "TAINTED_VALUE_REACHING_SENSITIVE_FUNCTION" - }, - { - "procedure": "String TaintExample.taintGetHostEndsWith(String)", - "file": "infer/tests/codetoanalyze/java/infer/TaintExample.java", - "bug_type": "TAINTED_VALUE_REACHING_SENSITIVE_FUNCTION" - }, - { - "procedure": "String TaintExample.taintGetHostEquals(String)", - "file": "infer/tests/codetoanalyze/java/infer/TaintExample.java", - "bug_type": "TAINTED_VALUE_REACHING_SENSITIVE_FUNCTION" - }, - { - "procedure": "String TaintExample.taintGetHostStartsWith(String)", - "file": "infer/tests/codetoanalyze/java/infer/TaintExample.java", - "bug_type": "TAINTED_VALUE_REACHING_SENSITIVE_FUNCTION" - }, - { - "procedure": "String TaintExample.taintGetProtocolCompareTo(String)", - "file": "infer/tests/codetoanalyze/java/infer/TaintExample.java", - "bug_type": "TAINTED_VALUE_REACHING_SENSITIVE_FUNCTION" - }, - { - "procedure": "String TaintExample.taintGetProtocolEndsWith(String)", - "file": "infer/tests/codetoanalyze/java/infer/TaintExample.java", - "bug_type": "TAINTED_VALUE_REACHING_SENSITIVE_FUNCTION" - }, - { - "procedure": "String TaintExample.taintGetProtocolEquals(String)", - "file": "infer/tests/codetoanalyze/java/infer/TaintExample.java", - "bug_type": "TAINTED_VALUE_REACHING_SENSITIVE_FUNCTION" - }, - { - "procedure": "String TaintExample.taintGetProtocolStartsWith(String)", - "file": "infer/tests/codetoanalyze/java/infer/TaintExample.java", - "bug_type": "TAINTED_VALUE_REACHING_SENSITIVE_FUNCTION" - }, - { - "procedure": "String TaintExample.taintToExternalFormCompareTo(String)", - "file": "infer/tests/codetoanalyze/java/infer/TaintExample.java", - "bug_type": "TAINTED_VALUE_REACHING_SENSITIVE_FUNCTION" - }, - { - "procedure": "String TaintExample.taintToExternalFormEndsWith(String)", - "file": "infer/tests/codetoanalyze/java/infer/TaintExample.java", - "bug_type": "TAINTED_VALUE_REACHING_SENSITIVE_FUNCTION" - }, - { - "procedure": "String TaintExample.taintToExternalFormEquals(String)", - "file": "infer/tests/codetoanalyze/java/infer/TaintExample.java", - "bug_type": "TAINTED_VALUE_REACHING_SENSITIVE_FUNCTION" - }, - { - "procedure": "String TaintExample.taintToExternalFormStartsWith(String)", - "file": "infer/tests/codetoanalyze/java/infer/TaintExample.java", - "bug_type": "TAINTED_VALUE_REACHING_SENSITIVE_FUNCTION" - }, - { - "procedure": "String TaintExample.taintToStringCompareTo(String)", - "file": "infer/tests/codetoanalyze/java/infer/TaintExample.java", - "bug_type": "TAINTED_VALUE_REACHING_SENSITIVE_FUNCTION" - }, - { - "procedure": "String TaintExample.taintToStringEndsWith(String)", - "file": "infer/tests/codetoanalyze/java/infer/TaintExample.java", - "bug_type": "TAINTED_VALUE_REACHING_SENSITIVE_FUNCTION" - }, - { - "procedure": "String TaintExample.taintToStringEquals(String)", - "file": "infer/tests/codetoanalyze/java/infer/TaintExample.java", - "bug_type": "TAINTED_VALUE_REACHING_SENSITIVE_FUNCTION" - }, - { - "procedure": "String TaintExample.taintToStringStartsWith(String)", - "file": "infer/tests/codetoanalyze/java/infer/TaintExample.java", - "bug_type": "TAINTED_VALUE_REACHING_SENSITIVE_FUNCTION" - }, { "procedure": "InputStream TaintExample.taintingShouldNotPreventInference(SSLSocketFactory)", "file": "infer/tests/codetoanalyze/java/infer/TaintExample.java", diff --git a/infer/tests/codetoanalyze/java/infer/TaintExample.java b/infer/tests/codetoanalyze/java/infer/TaintExample.java index a966bcff7..7eb8e6f7e 100644 --- a/infer/tests/codetoanalyze/java/infer/TaintExample.java +++ b/infer/tests/codetoanalyze/java/infer/TaintExample.java @@ -23,244 +23,6 @@ import javax.net.ssl.SSLSocketFactory; public class TaintExample { - String test_equals(String s) { - - String my_string ="a string"; - String res; - - if (my_string.equals(s)) { - res = "OK"; - } else { - res = "NOT OK"; - } - return res; - } - - String test_compareTo(String s) { - - String my_string ="a string"; - String res; - - if (my_string.compareTo(s) == 1) { - res = "OK"; - } else { - res = "NOT OK"; - } - return res; - } - - String test_endsWith(String s) { - - String my_string ="a string"; - String res; - - if (my_string.endsWith(s)) { - res = "OK"; - } else { - res = "NOT OK"; - } - return res; - } - - String test_startsWith(String s) { - - String my_string ="a string"; - String res; - - if (my_string.startsWith(s)) { - res = "OK"; - } else { - res = "NOT OK"; - } - return res; - } - - - public String taintGetHostEquals (String s) throws MalformedURLException { - - String res; - URL u = new URL(s); - String s1 = u.getHost(); - res = test_equals(s1); - return res; - } - - public String taintGetHostCompareTo (String s) throws MalformedURLException { - - String res; - URL u = new URL(s); - String s1 = u.getHost(); - res = test_compareTo(s1); - return res; - - } - - public String taintGetHostEndsWith (String s) throws MalformedURLException { - - String res; - URL u = new URL(s); - String s1 = u.getHost(); - res = test_endsWith(s1); - return res; - } - - public String taintGetHostStartsWith (String s) throws MalformedURLException { - - String res; - URL u = new URL(s); - String s1 = u.getHost(); - res = test_startsWith(s1); - return res; - } - - public String taintGetAuthoriyEquals (String s) throws MalformedURLException { - - String res; - URL u = new URL(s); - String s1 = u.getAuthority(); - res = test_equals(s1); - return res; - } - - public String taintGetAuthorityCompareTo (String s) throws MalformedURLException { - - String res; - URL u = new URL(s); - String s1 = u.getAuthority(); - res = test_compareTo(s1); - return res; - - } - - public String taintGetAuthorityEndsWith (String s) throws MalformedURLException { - - String res; - URL u = new URL(s); - String s1 = u.getAuthority(); - res = test_endsWith(s1); - return res; - } - - public String taintGetAuthorityStartsWith (String s) throws MalformedURLException { - - String res; - URL u = new URL(s); - String s1 = u.getAuthority(); - res = test_startsWith(s1); - return res; - } - - public String taintGetProtocolEquals (String s) throws MalformedURLException { - - String res; - URL u = new URL(s); - String s1 = u.getProtocol(); - res = test_equals(s1); - return res; - } - - public String taintGetProtocolCompareTo (String s) throws MalformedURLException { - - String res; - URL u = new URL(s); - String s1 = u.getProtocol(); - res = test_compareTo(s1); - return res; - - } - - public String taintGetProtocolEndsWith (String s) throws MalformedURLException { - - String res; - URL u = new URL(s); - String s1 = u.getProtocol(); - res = test_endsWith(s1); - return res; - } - - public String taintGetProtocolStartsWith (String s) throws MalformedURLException { - - String res; - URL u = new URL(s); - String s1 = u.getProtocol(); - res = test_startsWith(s1); - return res; - } - - public String taintToExternalFormEquals (String s) throws MalformedURLException { - - String res; - URL u = new URL(s); - String s1 = u.toExternalForm(); - res = test_equals(s1); - return res; - } - - public String taintToExternalFormCompareTo (String s) throws MalformedURLException { - - String res; - URL u = new URL(s); - String s1 = u.toExternalForm(); - res = test_compareTo(s1); - return res; - - } - - public String taintToExternalFormEndsWith (String s) throws MalformedURLException { - - String res; - URL u = new URL(s); - String s1 = u.toExternalForm(); - res = test_endsWith(s1); - return res; - } - - public String taintToExternalFormStartsWith (String s) throws MalformedURLException { - - String res; - URL u = new URL(s); - String s1 = u.toExternalForm(); - res = test_startsWith(s1); - return res; - } - - public String taintToStringEquals (String s) throws MalformedURLException { - - String res; - URL u = new URL(s); - String s1 = u.toString(); - res = test_equals(s1); - return res; - } - - public String taintToStringCompareTo (String s) throws MalformedURLException { - - String res; - URL u = new URL(s); - String s1 = u.toString(); - res = test_compareTo(s1); - return res; - - } - - public String taintToStringEndsWith (String s) throws MalformedURLException { - - String res; - URL u = new URL(s); - String s1 = u.toString(); - res = test_endsWith(s1); - return res; - } - - public String taintToStringStartsWith (String s) throws MalformedURLException { - - String res; - URL u = new URL(s); - String s1 = u.toString(); - res = test_startsWith(s1); - return res; - } - public InputStream socketNotVerifiedSimple(SSLSocketFactory f) throws IOException { Socket socket = f.createSocket(); diff --git a/infer/tests/endtoend/java/infer/TaintTest.java b/infer/tests/endtoend/java/infer/TaintTest.java index eff6bd493..77b409153 100644 --- a/infer/tests/endtoend/java/infer/TaintTest.java +++ b/infer/tests/endtoend/java/infer/TaintTest.java @@ -38,26 +38,6 @@ public class TaintTest { public void whenInferRunsOnTaintFileErrorFound() throws InterruptedException, IOException, InferException { String[] methods = { - "taintGetHostEquals", - "taintGetHostCompareTo", - "taintGetHostEndsWith", - "taintGetHostStartsWith", - "taintGetAuthoriyEquals", - "taintGetAuthorityCompareTo", - "taintGetAuthorityEndsWith", - "taintGetAuthorityStartsWith", - "taintGetProtocolEquals", - "taintGetProtocolCompareTo", - "taintGetProtocolEndsWith", - "taintGetProtocolStartsWith", - "taintToExternalFormEquals", - "taintToExternalFormCompareTo", - "taintToExternalFormEndsWith", - "taintToExternalFormStartsWith", - "taintToStringEquals", - "taintToStringCompareTo", - "taintToStringEndsWith", - "taintToStringStartsWith", "socketNotVerifiedSimple", "socketVerifiedForgotToCheckRetval", "socketIgnoreExceptionNoVerify",