pghs975uc
/
infer_clone
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Fixed incorrect reporting of tainted index in function call by quandary

Browse Source 
Reviewed By: mbouaziz

Differential Revision: D9315815

fbshipit-source-id: 943ab2a14
master
Julian Sutherland 7 years ago committed by Facebook Github Bot
parent 90a3315042
commit b7c90c3fe0
9 changed files with 283 additions and 250 deletions
Show Stats Download Patch File Download Diff File

4
infer/src/checkers/Sink.ml
Unescape View File

@ -20,6 +20,8 @@ module type S = sig
val get : CallSite.t -> HilExp.t list -> CallFlags.t -> Tenv.t -> t option
val indexes : t -> IntSet.t
val with_indexes : t -> IntSet.t -> t
end
module Make (Kind : Kind) = struct
@ -45,6 +47,8 @@ module Make (Kind : Kind) = struct
let with_callsite t callee_site = {t with site= callee_site}
let with_indexes t indexes = {t with indexes}
let pp fmt s = F.fprintf fmt "%a(%a)" Kind.pp s.kind CallSite.pp s.site
module Set = PrettyPrintable.MakePPSet (struct

2
infer/src/checkers/Sink.mli
Unescape View File

@ -22,6 +22,8 @@ module type S = sig
val indexes : t -> IntSet.t
(** return the indexes where taint can flow into the sink *)
val with_indexes : t -> IntSet.t -> t
end
module Make (Kind : Kind) : S with module Kind = Kind

2
infer/src/checkers/SinkTrace.ml
Unescape View File

@ -33,6 +33,8 @@ module MakeSink (TraceElem : TraceElem.S) = struct
let get _ _ _ _ = None
let indexes _ = IntSet.empty
let with_indexes _ _ = assert false
end
module Make (TraceElem : TraceElem.S) = struct

12
infer/src/checkers/Trace.ml
Unescape View File

@ -515,7 +515,7 @@ module Make (Spec : Spec) = struct
else
let known =
List.map
~f:(fun sink -> Source.with_callsite sink callee_site)
~f:(fun source -> Source.with_callsite source callee_site)
(Sources.Known.elements non_footprint_callee_sources)
|> Sources.Known.of_list |> Sources.Known.union caller_trace.sources.known
in
@ -524,8 +524,16 @@ module Make (Spec : Spec) = struct
let sinks =
if Sinks.subset callee_trace.sinks caller_trace.sinks then caller_trace.sinks
else
let footprint_indices =
Sources.Footprint.BaseMap.fold
(fun (vname, _) _ s ->
match Var.get_footprint_index vname with Some ind -> IntSet.add ind s | None -> s
)
callee_trace.sources.footprint IntSet.empty
in
List.map
~f:(fun sink -> Sink.with_callsite sink callee_site)
~f:(fun sink ->
Sink.with_indexes (Sink.with_callsite sink callee_site) footprint_indices )
(Sinks.elements callee_trace.sinks)
|> Sinks.of_list |> Sinks.union caller_trace.sinks
in

2
infer/src/unit/TraceTests.ml
Unescape View File

@ -45,6 +45,8 @@ module MockTraceElem = struct
end)
let with_callsite t _ = t
let with_indexes t _ = t
end
module MockSource = struct

4
infer/tests/codetoanalyze/cpp/quandary/basics.cpp
Unescape View File

@ -170,6 +170,10 @@ std::string* unsanitized_bad(Obj* obj) {
return sanitized;
}
void funCall_bad2(int x, void* t) { __infer_taint_sink(t); }
void funCall_bad1() { funCall_bad2(0, __infer_taint_source()); }
void atomic_eq(std::atomic<std::chrono::duration<int, std::centi>> x,
std::chrono::duration<int, std::centi> y) {
// this gets translated as operator=(x, y, &tmp_return), which used to cause a

1
infer/tests/codetoanalyze/cpp/quandary/issues.exp
Unescape View File

@ -22,6 +22,7 @@ codetoanalyze/cpp/quandary/arrays.cpp, arrays::wmemcpy_bad, 2, QUANDARY_TAINT_ER
codetoanalyze/cpp/quandary/arrays.cpp, arrays::wmemmove_bad, 2, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from __infer_taint_source,Call to wmemmove with tainted index 2]
codetoanalyze/cpp/quandary/basics.cpp, basics::Obj_endpoint, 1, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from basics::Obj_endpoint,Call to basics::Obj_string_sink with tainted index 1]
codetoanalyze/cpp/quandary/basics.cpp, basics::Obj_endpoint, 2, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from basics::Obj_endpoint,Call to __infer_taint_sink with tainted index 0]
codetoanalyze/cpp/quandary/basics.cpp, basics::funCall_bad1, 0, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from __infer_taint_source,Call to basics::funCall_bad2 with tainted index 1,Call to __infer_taint_sink with tainted index 0]
codetoanalyze/cpp/quandary/basics.cpp, basics::object_source_sink_bad, 2, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from basics::Obj_method_source,Call to basics::Obj_method_sink with tainted index 1]
codetoanalyze/cpp/quandary/basics.cpp, basics::propagateBad, 3, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from __infer_taint_source,Call to basics::callSink with tainted index 0,Call to __infer_taint_sink with tainted index 0]
codetoanalyze/cpp/quandary/basics.cpp, basics::returnSourceToSinkBad, 2, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from __infer_taint_source with tainted data return*,Return from basics::returnSource,Call to __infer_taint_sink with tainted index 0]

9
infer/tests/codetoanalyze/java/quandary/Basics.java
Unescape View File

@ -164,6 +164,15 @@ public class Basics {
InferTaint.inferSensitiveSink(arr);
}
void funCallBad1() {
Object src = InferTaint.inferSecretSource();
funCallBad2(2, src);
}
void funCallBad2(int x, Object src) {
InferTaint.inferSensitiveSink(src);
}
/** should not report on these tests */
void directOk1() {

497
infer/tests/codetoanalyze/java/quandary/issues.exp
Unescape View File

@ -1,248 +1,249 @@
codetoanalyze/java/quandary/Arrays.java, codetoanalyze.java.quandary.Arrays.FP_viaArrayOk1(java.lang.Object,java.lang.Object[]):void, 3, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Arrays.java, codetoanalyze.java.quandary.Arrays.FP_viaArrayOk2(java.lang.Object,java.lang.Object[]):void, 4, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Arrays.java, codetoanalyze.java.quandary.Arrays.viaArrayBad():void, 3, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Arrays.java, codetoanalyze.java.quandary.Arrays.viaArrayThenFieldBad():void, 3, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Arrays.java, codetoanalyze.java.quandary.Arrays.viaFieldThenArrayBad1(codetoanalyze.java.quandary.Arrays$Obj):void, 2, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Arrays.java, codetoanalyze.java.quandary.Arrays.viaFieldThenArrayBad2():void, 4, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Basics.java, codetoanalyze.java.quandary.Basics.FP_deadCodeOk():void, 4, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Basics.java, codetoanalyze.java.quandary.Basics.FP_loopInvariantOk():void, 5, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Basics.java, codetoanalyze.java.quandary.Basics.arrayWithTaintedContentsBad():void, 3, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Basics.java, codetoanalyze.java.quandary.Basics.directBad():void, 1, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Basics.java, codetoanalyze.java.quandary.Basics.ifBad1(boolean):void, 5, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Basics.java, codetoanalyze.java.quandary.Basics.ifBad2(boolean):void, 5, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Basics.java, codetoanalyze.java.quandary.Basics.ifBad3(boolean):void, 7, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Basics.java, codetoanalyze.java.quandary.Basics.ifBad4(boolean,boolean):void, 9, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Basics.java, codetoanalyze.java.quandary.Basics.ifBad5(boolean):void, 3, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Basics.java, codetoanalyze.java.quandary.Basics.noTripleReportBad():void, 2, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Basics.java, codetoanalyze.java.quandary.Basics.noTripleReportBad():void, 3, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Basics.java, codetoanalyze.java.quandary.Basics.switchBad1(int):void, 4, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Basics.java, codetoanalyze.java.quandary.Basics.switchBad2(int):void, 6, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Basics.java, codetoanalyze.java.quandary.Basics.switchBad3(int):void, 7, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Basics.java, codetoanalyze.java.quandary.Basics.viaCastBad1():void, 1, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Basics.java, codetoanalyze.java.quandary.Basics.viaCastBad2():void, 2, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Basics.java, codetoanalyze.java.quandary.Basics.viaVarBad1():void, 2, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Basics.java, codetoanalyze.java.quandary.Basics.viaVarBad2():void, 3, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Basics.java, codetoanalyze.java.quandary.Basics.viaVarBad3():void, 4, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Basics.java, codetoanalyze.java.quandary.Basics.whileBad1(int):void, 3, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Basics.java, codetoanalyze.java.quandary.Basics.whileBad2(int):void, 6, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/ContentProviders.java, codetoanalyze.java.quandary.ContentProviders.bulkInsert(android.net.Uri,android.content.ContentValues[]):int, 1, UNTRUSTED_FILE, no_bucket, ERROR, [Return from int ContentProviders.bulkInsert(Uri,android.content.ContentValues[]),Call to File.<init>(String) with tainted index 1]
codetoanalyze/java/quandary/ContentProviders.java, codetoanalyze.java.quandary.ContentProviders.call(java.lang.String,java.lang.String,android.os.Bundle):android.os.Bundle, 1, UNTRUSTED_FILE, no_bucket, ERROR, [Return from Bundle ContentProviders.call(String,String,Bundle),Call to File.<init>(String) with tainted index 1]
codetoanalyze/java/quandary/ContentProviders.java, codetoanalyze.java.quandary.ContentProviders.delete(android.net.Uri,java.lang.String,java.lang.String[]):int, 1, UNTRUSTED_FILE, no_bucket, ERROR, [Return from int ContentProviders.delete(Uri,String,java.lang.String[]),Call to File.<init>(String) with tainted index 1]
codetoanalyze/java/quandary/ContentProviders.java, codetoanalyze.java.quandary.ContentProviders.getType(android.net.Uri):java.lang.String, 1, UNTRUSTED_FILE, no_bucket, ERROR, [Return from String ContentProviders.getType(Uri),Call to File.<init>(String) with tainted index 1]
codetoanalyze/java/quandary/ContentProviders.java, codetoanalyze.java.quandary.ContentProviders.insert(android.net.Uri,android.content.ContentValues):android.net.Uri, 1, UNTRUSTED_FILE, no_bucket, ERROR, [Return from Uri ContentProviders.insert(Uri,ContentValues),Call to File.<init>(String) with tainted index 1]
codetoanalyze/java/quandary/ContentProviders.java, codetoanalyze.java.quandary.ContentProviders.openAssetFile(android.net.Uri,java.lang.String,android.os.CancellationSignal):android.content.res.AssetFileDescriptor, 1, UNTRUSTED_FILE, no_bucket, ERROR, [Return from AssetFileDescriptor ContentProviders.openAssetFile(Uri,String,CancellationSignal),Call to File.<init>(String) with tainted index 1]
codetoanalyze/java/quandary/ContentProviders.java, codetoanalyze.java.quandary.ContentProviders.openFile(android.net.Uri,java.lang.String,android.os.CancellationSignal):android.os.ParcelFileDescriptor, 1, UNTRUSTED_FILE, no_bucket, ERROR, [Return from ParcelFileDescriptor ContentProviders.openFile(Uri,String,CancellationSignal),Call to File.<init>(String) with tainted index 1]
codetoanalyze/java/quandary/ContentProviders.java, codetoanalyze.java.quandary.ContentProviders.openTypedAssetFile(android.net.Uri,java.lang.String,android.os.Bundle,android.os.CancellationSignal):android.content.res.AssetFileDescriptor, 2, UNTRUSTED_FILE, no_bucket, ERROR, [Return from AssetFileDescriptor ContentProviders.openTypedAssetFile(Uri,String,Bundle,CancellationSignal),Call to File.<init>(String) with tainted index 1]
codetoanalyze/java/quandary/ContentProviders.java, codetoanalyze.java.quandary.ContentProviders.query(android.net.Uri,java.lang.String[],java.lang.String,java.lang.String[],java.lang.String):android.database.Cursor, 2, UNTRUSTED_FILE, no_bucket, ERROR, [Return from Cursor ContentProviders.query(Uri,java.lang.String[],String,java.lang.String[],String),Call to File.<init>(String) with tainted index 1]
codetoanalyze/java/quandary/ContentProviders.java, codetoanalyze.java.quandary.ContentProviders.update(android.net.Uri,android.content.ContentValues,java.lang.String,java.lang.String[]):int, 1, UNTRUSTED_FILE, no_bucket, ERROR, [Return from int ContentProviders.update(Uri,ContentValues,String,java.lang.String[]),Call to File.<init>(String) with tainted index 1]
codetoanalyze/java/quandary/DynamicDispatch.java, codetoanalyze.java.quandary.DynamicDispatch.propagateViaInterfaceBad(codetoanalyze.java.quandary.DynamicDispatch$Interface):void, 3, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Exceptions.java, codetoanalyze.java.quandary.Exceptions.callSinkThenThrowBad():void, 1, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void Exceptions.callSinkThenThrow(Object) with tainted index 0,Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Exceptions.java, codetoanalyze.java.quandary.Exceptions.sinkAfterCatchBad():void, 7, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Exceptions.java, codetoanalyze.java.quandary.Exceptions.sinkInCatchBad1():void, 5, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Exceptions.java, codetoanalyze.java.quandary.Exceptions.sinkInCatchBad2():void, 6, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Exceptions.java, codetoanalyze.java.quandary.Exceptions.sinkInFinallyBad1():void, 5, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Exceptions.java, codetoanalyze.java.quandary.Exceptions.sinkInFinallyBad2():void, 6, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Exceptions.java, codetoanalyze.java.quandary.Exceptions.sinkInFinallyBad3():void, 7, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/ExternalSpecs.java, codetoanalyze.java.quandary.ConstructorSink.constructorSinkBad():codetoanalyze.java.quandary.ConstructorSink, 2, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to ConstructorSink.<init>(Object) with tainted index 1]
codetoanalyze/java/quandary/ExternalSpecs.java, codetoanalyze.java.quandary.ExternalSpecs.callExternalSink2Bad1():void, 1, LOGGING_PRIVATE_DATA, no_bucket, ERROR, [Return from Object ExternalSpecs.privateDataSource(),Call to void ExternalSpecs.loggingSink2(Object,Object) with tainted index 0]
codetoanalyze/java/quandary/ExternalSpecs.java, codetoanalyze.java.quandary.ExternalSpecs.callExternalSink2Bad2():void, 1, LOGGING_PRIVATE_DATA, no_bucket, ERROR, [Return from Object ExternalSpecs.privateDataSource(),Call to void ExternalSpecs.loggingSink2(Object,Object) with tainted index 1]
codetoanalyze/java/quandary/ExternalSpecs.java, codetoanalyze.java.quandary.ExternalSpecs.callExternalSinkBad():void, 1, LOGGING_PRIVATE_DATA, no_bucket, ERROR, [Return from Object ExternalSpecs.privateDataSource(),Call to void ExternalSpecs.loggingSink1(Object,Object) with tainted index 1]
codetoanalyze/java/quandary/ExternalSpecs.java, codetoanalyze.java.quandary.ExternalSpecs.callSinkThatPropagatesBad():void, 2, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to Object ExternalSpecs.sinkThatPropagates(Object) with tainted index 0]
codetoanalyze/java/quandary/ExternalSpecs.java, codetoanalyze.java.quandary.ExternalSpecs.callSinkThatPropagatesBad():void, 3, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void ExternalSpecs.loggingSink1(Object,Object) with tainted index 1]
codetoanalyze/java/quandary/ExternalSpecs.java, codetoanalyze.java.quandary.ExternalSpecs.logExternalSourceBad():void, 1, LOGGING_PRIVATE_DATA, no_bucket, ERROR, [Return from Object ExternalSpecs.privateDataSource(),Call to int Log.e(String,String) with tainted index 1]
codetoanalyze/java/quandary/ExternalSpecs.java, codetoanalyze.java.quandary.ExternalSpecs.missedSanitizerBad():java.lang.Object, 3, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/ExternalSpecs.java, codetoanalyze.java.quandary.InterfaceSpecImpl.externalSpecBad():void, 1, LOGGING_PRIVATE_DATA, no_bucket, ERROR, [Return from Object InterfaceSpecImpl.source(),Call to void InterfaceSpecImpl.sink(Object) with tainted index 1]
codetoanalyze/java/quandary/Fields.java, codetoanalyze.java.quandary.Fields.instanceFieldBad():void, 2, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Fields.java, codetoanalyze.java.quandary.Fields.staticFieldBad():void, 2, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Fields.java, codetoanalyze.java.quandary.Fields.viaFieldBad1(codetoanalyze.java.quandary.Fields$Obj):void, 2, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Fields.java, codetoanalyze.java.quandary.Fields.viaFieldBad2():void, 3, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Fields.java, codetoanalyze.java.quandary.Fields.viaFieldBad3():void, 4, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Fields.java, codetoanalyze.java.quandary.Fields.viaNestedFieldBad1(codetoanalyze.java.quandary.Fields$Obj):void, 2, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Fields.java, codetoanalyze.java.quandary.Fields.viaNestedFieldBad2():void, 4, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Files.java, codetoanalyze.java.quandary.Files.fileConstructorSinkBad():java.io.File, 2, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to File.<init>(String) with tainted index 1]
codetoanalyze/java/quandary/Files.java, codetoanalyze.java.quandary.Files.fileSystemConstructorSinkBad1():java.nio.file.Path, 2, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to Path FileSystem.getPath(String,java.lang.String[]) with tainted index 1]
codetoanalyze/java/quandary/Files.java, codetoanalyze.java.quandary.Files.fileSystemConstructorSinkBad2():java.nio.file.Path, 2, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to Path FileSystem.getPath(String,java.lang.String[]) with tainted index 2]
codetoanalyze/java/quandary/Files.java, codetoanalyze.java.quandary.Files.pathsSinkBad1():java.nio.file.Path, 2, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to Path Paths.get(String,java.lang.String[]) with tainted index 0]
codetoanalyze/java/quandary/Files.java, codetoanalyze.java.quandary.Files.pathsSinkBad2():java.nio.file.Path, 2, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to Path Paths.get(String,java.lang.String[]) with tainted index 1]
codetoanalyze/java/quandary/FlowSensitivity.java, codetoanalyze.java.quandary.FlowSensitivity.callSourceAndSinkBad1(codetoanalyze.java.quandary.FlowSensitivity$Obj):void, 2, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource() with tainted data @val$0.codetoanalyze.java.quandary.FlowSensitivity$Obj.f*,Return from void FlowSensitivity.sourceAndSink(FlowSensitivity$Obj),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/FlowSensitivity.java, codetoanalyze.java.quandary.FlowSensitivity.callSourceAndSinkBad2(codetoanalyze.java.quandary.FlowSensitivity$Obj):void, 2, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void FlowSensitivity.sourceAndSink(FlowSensitivity$Obj) with tainted index 0,Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/FlowSensitivity.java, codetoanalyze.java.quandary.FlowSensitivity.interproceduralFlowSensitivityBad(codetoanalyze.java.quandary.FlowSensitivity$Obj):void, 2, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource() with tainted data @val$0.codetoanalyze.java.quandary.FlowSensitivity$Obj.f*,Return from void FlowSensitivity.returnSource(FlowSensitivity$Obj),Call to void FlowSensitivity.callSink(FlowSensitivity$Obj) with tainted index 0,Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Intents.java, codetoanalyze.java.quandary.Intents.callAllActivitySinksBad(android.app.Activity,java.lang.String):void, 4, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to boolean ContextWrapper.bindService(Intent,ServiceConnection,int) with tainted index 1]
codetoanalyze/java/quandary/Intents.java, codetoanalyze.java.quandary.Intents.callAllActivitySinksBad(android.app.Activity,java.lang.String):void, 5, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void ContextWrapper.sendBroadcast(Intent) with tainted index 1]
codetoanalyze/java/quandary/Intents.java, codetoanalyze.java.quandary.Intents.callAllActivitySinksBad(android.app.Activity,java.lang.String):void, 6, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void ContextWrapper.sendBroadcastAsUser(Intent,UserHandle) with tainted index 1]
codetoanalyze/java/quandary/Intents.java, codetoanalyze.java.quandary.Intents.callAllActivitySinksBad(android.app.Activity,java.lang.String):void, 7, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void ContextWrapper.sendOrderedBroadcast(Intent,String) with tainted index 1]
codetoanalyze/java/quandary/Intents.java, codetoanalyze.java.quandary.Intents.callAllActivitySinksBad(android.app.Activity,java.lang.String):void, 8, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void ContextWrapper.sendOrderedBroadcastAsUser(Intent,UserHandle,String,BroadcastReceiver,Handler,int,String,Bundle) with tainted index 1]
codetoanalyze/java/quandary/Intents.java, codetoanalyze.java.quandary.Intents.callAllActivitySinksBad(android.app.Activity,java.lang.String):void, 9, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void ContextWrapper.sendStickyBroadcast(Intent) with tainted index 1]
codetoanalyze/java/quandary/Intents.java, codetoanalyze.java.quandary.Intents.callAllActivitySinksBad(android.app.Activity,java.lang.String):void, 10, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void ContextWrapper.sendStickyBroadcastAsUser(Intent,UserHandle) with tainted index 1]
codetoanalyze/java/quandary/Intents.java, codetoanalyze.java.quandary.Intents.callAllActivitySinksBad(android.app.Activity,java.lang.String):void, 11, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void ContextWrapper.sendStickyOrderedBroadcast(Intent,BroadcastReceiver,Handler,int,String,Bundle) with tainted index 1]
codetoanalyze/java/quandary/Intents.java, codetoanalyze.java.quandary.Intents.callAllActivitySinksBad(android.app.Activity,java.lang.String):void, 12, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void ContextWrapper.sendStickyOrderedBroadcastAsUser(Intent,UserHandle,BroadcastReceiver,Handler,int,String,Bundle) with tainted index 1]
codetoanalyze/java/quandary/Intents.java, codetoanalyze.java.quandary.Intents.callAllActivitySinksBad(android.app.Activity,java.lang.String):void, 13, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void Activity.startActivities(android.content.Intent[]) with tainted index 1]
codetoanalyze/java/quandary/Intents.java, codetoanalyze.java.quandary.Intents.callAllActivitySinksBad(android.app.Activity,java.lang.String):void, 14, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void Activity.startActivity(Intent) with tainted index 1]
codetoanalyze/java/quandary/Intents.java, codetoanalyze.java.quandary.Intents.callAllActivitySinksBad(android.app.Activity,java.lang.String):void, 15, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void Activity.startActivityForResult(Intent,int) with tainted index 1]
codetoanalyze/java/quandary/Intents.java, codetoanalyze.java.quandary.Intents.callAllActivitySinksBad(android.app.Activity,java.lang.String):void, 16, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to boolean Activity.startActivityIfNeeded(Intent,int) with tainted index 1]
codetoanalyze/java/quandary/Intents.java, codetoanalyze.java.quandary.Intents.callAllActivitySinksBad(android.app.Activity,java.lang.String):void, 17, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void Activity.startActivityFromChild(Activity,Intent,int) with tainted index 2]
codetoanalyze/java/quandary/Intents.java, codetoanalyze.java.quandary.Intents.callAllActivitySinksBad(android.app.Activity,java.lang.String):void, 18, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void Activity.startActivityFromFragment(Fragment,Intent,int) with tainted index 2]
codetoanalyze/java/quandary/Intents.java, codetoanalyze.java.quandary.Intents.callAllActivitySinksBad(android.app.Activity,java.lang.String):void, 19, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void Activity.startIntentSender(IntentSender,Intent,int,int,int) with tainted index 2]
codetoanalyze/java/quandary/Intents.java, codetoanalyze.java.quandary.Intents.callAllActivitySinksBad(android.app.Activity,java.lang.String):void, 20, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void Activity.startIntentSenderForResult(IntentSender,int,Intent,int,int,int) with tainted index 3]
codetoanalyze/java/quandary/Intents.java, codetoanalyze.java.quandary.Intents.callAllActivitySinksBad(android.app.Activity,java.lang.String):void, 21, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void Activity.startIntentSenderFromChild(Activity,IntentSender,int,Intent,int,int,int) with tainted index 4]
codetoanalyze/java/quandary/Intents.java, codetoanalyze.java.quandary.Intents.callAllActivitySinksBad(android.app.Activity,java.lang.String):void, 22, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to ComponentName ContextWrapper.startService(Intent) with tainted index 1]
codetoanalyze/java/quandary/Intents.java, codetoanalyze.java.quandary.Intents.callAllActivitySinksBad(android.app.Activity,java.lang.String):void, 23, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to boolean ContextWrapper.stopService(Intent) with tainted index 1]
codetoanalyze/java/quandary/Intents.java, codetoanalyze.java.quandary.Intents.callAllIntentSinks():void, 2, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to Intent Intent.parseUri(String,int) with tainted index 0]
codetoanalyze/java/quandary/Intents.java, codetoanalyze.java.quandary.Intents.callAllIntentSinks():void, 3, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to Intent Intent.getIntent(String) with tainted index 0]
codetoanalyze/java/quandary/Intents.java, codetoanalyze.java.quandary.Intents.callAllIntentSinks():void, 4, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to Intent Intent.getIntentOld(String) with tainted index 0]
codetoanalyze/java/quandary/Intents.java, codetoanalyze.java.quandary.Intents.callAllIntentSinks():void, 8, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to Intent Intent.setClassName(String,String) with tainted index 1]
codetoanalyze/java/quandary/Intents.java, codetoanalyze.java.quandary.Intents.callAllIntentSinks():void, 9, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to Intent Intent.setData(Uri) with tainted index 1]
codetoanalyze/java/quandary/Intents.java, codetoanalyze.java.quandary.Intents.callAllIntentSinks():void, 10, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to Intent Intent.setDataAndNormalize(Uri) with tainted index 1]
codetoanalyze/java/quandary/Intents.java, codetoanalyze.java.quandary.Intents.callAllIntentSinks():void, 11, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to Intent Intent.setDataAndType(Uri,String) with tainted index 1]
codetoanalyze/java/quandary/Intents.java, codetoanalyze.java.quandary.Intents.callAllIntentSinks():void, 12, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to Intent Intent.setDataAndTypeAndNormalize(Uri,String) with tainted index 1]
codetoanalyze/java/quandary/Intents.java, codetoanalyze.java.quandary.Intents.callAllIntentSinks():void, 13, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to Intent Intent.setPackage(String) with tainted index 1]
codetoanalyze/java/quandary/Intents.java, codetoanalyze.java.quandary.Intents.extraToDataBad():void, 5, UNTRUSTED_INTENT_CREATION, no_bucket, ERROR, [Return from String Intent.getStringExtra(String),Call to Intent Intent.setData(Uri) with tainted index 1]
codetoanalyze/java/quandary/Intents.java, codetoanalyze.java.quandary.Intents.extraToDataBad():void, 7, UNTRUSTED_INTENT_CREATION, no_bucket, ERROR, [Return from String Intent.getStringExtra(String),Call to Intent Intent.setData(Uri) with tainted index 1]
codetoanalyze/java/quandary/Intents.java, codetoanalyze.java.quandary.Intents.startWithUri1Bad(android.net.Uri):void, 1, CREATE_INTENT_FROM_URI, no_bucket, ERROR, [Return from Intent.<init>(String,Uri),Call to void Activity.startActivity(Intent) with tainted index 1]
codetoanalyze/java/quandary/Intents.java, codetoanalyze.java.quandary.Intents.startWithUri2Bad(android.net.Uri):void, 1, CREATE_INTENT_FROM_URI, no_bucket, ERROR, [Return from Intent.<init>(String,Uri,Context,Class),Call to void Activity.startActivity(Intent) with tainted index 1]
codetoanalyze/java/quandary/Intents.java, codetoanalyze.java.quandary.Intents.subclassCallBad(codetoanalyze.java.quandary.IntentSubclass,codetoanalyze.java.quandary.ContextSubclass):void, 3, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void Context.startActivity(Intent) with tainted index 1]
codetoanalyze/java/quandary/Intents.java, codetoanalyze.java.quandary.MyActivity.startServiceWithTaintedIntent():void, 2, CREATE_INTENT_FROM_URI, no_bucket, ERROR, [Return from Intent.<init>(String,Uri),Call to ComponentName ContextWrapper.startService(Intent) with tainted index 1]
codetoanalyze/java/quandary/Interprocedural.java, codetoanalyze.java.quandary.Interprocedural.FP_divergenceInCallee():void, 3, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Interprocedural.java, codetoanalyze.java.quandary.Interprocedural.FP_reassignInCallee():void, 4, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Interprocedural.java, codetoanalyze.java.quandary.Interprocedural.FP_trackParamsOk():void, 1, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource() with tainted data return*,Return from Object Interprocedural.returnSourceConditional(boolean),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Interprocedural.java, codetoanalyze.java.quandary.Interprocedural.callDeepSink1Bad():void, 2, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void Interprocedural.callSinkA(Interprocedural$Obj) with tainted index 0,Call to void Interprocedural.callSink1(Interprocedural$Obj) with tainted index 0,Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Interprocedural.java, codetoanalyze.java.quandary.Interprocedural.callDeepSink3Bad():void, 2, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void Interprocedural.callSinkC(Interprocedural$Obj) with tainted index 0,Call to void Interprocedural.callSink3(Interprocedural$Obj) with tainted index 0,Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Interprocedural.java, codetoanalyze.java.quandary.Interprocedural.callDeepSink4Bad():void, 2, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void Interprocedural.callSinkD(Interprocedural$Obj) with tainted index 0,Call to void Interprocedural.callSink4(Interprocedural$Obj) with tainted index 0,Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Interprocedural.java, codetoanalyze.java.quandary.Interprocedural.callDeepSinkIndirectBad():void, 2, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void Interprocedural.callSinkIndirectOnParam(Object) with tainted index 0,Call to void Interprocedural.callSinkOnParam(Object) with tainted index 0,Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Interprocedural.java, codetoanalyze.java.quandary.Interprocedural.callSinkNoTripleReportBad():void, 2, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void Interprocedural.callSinkParam1(Object,Object) with tainted index 0,Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Interprocedural.java, codetoanalyze.java.quandary.Interprocedural.callSinkNoTripleReportBad():void, 3, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void Interprocedural.callSinkParam2(Object,Object) with tainted index 0,Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Interprocedural.java, codetoanalyze.java.quandary.Interprocedural.callSinkOnFieldDirectBad():void, 2, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void Interprocedural.callSinkOnFieldDirect() with tainted index 0,Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Interprocedural.java, codetoanalyze.java.quandary.Interprocedural.callSinkOnFieldIndirectBad():void, 3, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void Interprocedural.callSinkOnFieldIndirect(Interprocedural$Obj) with tainted index 0,Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Interprocedural.java, codetoanalyze.java.quandary.Interprocedural.callSinkOnGlobalBad():void, 2, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void Interprocedural.callSinkOnGlobal() with tainted index 0,Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Interprocedural.java, codetoanalyze.java.quandary.Interprocedural.callSinkOnLocalBad():void, 2, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void Interprocedural.callSinkOnLocal() with tainted index 0,Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Interprocedural.java, codetoanalyze.java.quandary.Interprocedural.callSinkParam1Bad():void, 1, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void Interprocedural.callSinkParam1(Object,Object) with tainted index 0,Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Interprocedural.java, codetoanalyze.java.quandary.Interprocedural.callSinkParam2Bad():void, 1, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void Interprocedural.callSinkParam2(Object,Object) with tainted index 0,Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Interprocedural.java, codetoanalyze.java.quandary.Interprocedural.callSinkThenDivergeBad():void, 1, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void Interprocedural.callSinkThenDiverge(Object) with tainted index 0,Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Interprocedural.java, codetoanalyze.java.quandary.Interprocedural.callSinkVariadicBad():void, 1, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void Interprocedural.callSinkVariadic(java.lang.Object[]) with tainted index 0,Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Interprocedural.java, codetoanalyze.java.quandary.Interprocedural.doublePassthroughBad():void, 4, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Interprocedural.java, codetoanalyze.java.quandary.Interprocedural.getGlobalThenCallSinkBad():void, 2, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void Interprocedural.getGlobalThenCallSink() with tainted index 0,Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Interprocedural.java, codetoanalyze.java.quandary.Interprocedural.irrelevantPassthroughsIntraprocedural(java.lang.Object):java.lang.Object, 4, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Interprocedural.java, codetoanalyze.java.quandary.Interprocedural.irrelevantPassthroughsSinkInterprocedural(java.lang.Object):java.lang.Object, 3, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to Object Interprocedural.callSinkIrrelevantPassthrough(Object) with tainted index 0,Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Interprocedural.java, codetoanalyze.java.quandary.Interprocedural.irrelevantPassthroughsSourceAndSinkInterprocedural(java.lang.Object):java.lang.Object, 4, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource() with tainted data return,Return from Object Interprocedural.returnSourceIrrelevantPassthrough(Object),Call to Object Interprocedural.callSinkIrrelevantPassthrough(Object) with tainted index 0,Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Interprocedural.java, codetoanalyze.java.quandary.Interprocedural.irrelevantPassthroughsSourceInterprocedural(java.lang.Object):java.lang.Object, 4, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource() with tainted data return,Return from Object Interprocedural.returnSourceIrrelevantPassthrough(Object),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Interprocedural.java, codetoanalyze.java.quandary.Interprocedural.returnSourceDirectBad():void, 1, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource() with tainted data return*,Return from Object Interprocedural.returnSourceDirect(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Interprocedural.java, codetoanalyze.java.quandary.Interprocedural.returnSourceDirectViaVarBad():void, 2, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource() with tainted data return*,Return from Object Interprocedural.returnSourceDirect(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Interprocedural.java, codetoanalyze.java.quandary.Interprocedural.returnSourceIndirectBad():void, 1, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource() with tainted data return*,Return from Object Interprocedural.returnSourceDirect() with tainted data return*,Return from Object Interprocedural.returnSourceIndirect(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Interprocedural.java, codetoanalyze.java.quandary.Interprocedural.returnSourceViaFieldBad():void, 1, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource() with tainted data return.codetoanalyze.java.quandary.Interprocedural$Obj.f*,Return from Interprocedural$Obj Interprocedural.returnSourceViaField(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Interprocedural.java, codetoanalyze.java.quandary.Interprocedural.returnSourceViaGlobalBad():void, 2, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource() with tainted data quandary.Interprocedural.codetoanalyze.java.quandary.Interprocedural.sGlobal*,Return from void Interprocedural.returnSourceViaGlobal(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Interprocedural.java, codetoanalyze.java.quandary.Interprocedural.returnSourceViaParameter1Bad(codetoanalyze.java.quandary.Interprocedural$Obj):void, 2, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource() with tainted data @val$0.codetoanalyze.java.quandary.Interprocedural$Obj.f*,Return from void Interprocedural.returnSourceViaParameter1(Interprocedural$Obj),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Interprocedural.java, codetoanalyze.java.quandary.Interprocedural.returnSourceViaParameter2Bad(codetoanalyze.java.quandary.Interprocedural$Obj,codetoanalyze.java.quandary.Interprocedural$Obj):void, 3, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Interprocedural.java, codetoanalyze.java.quandary.Interprocedural.setGlobalThenCallSinkBad():void, 2, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void Interprocedural.callSinkOnGlobal() with tainted index 0,Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Interprocedural.java, codetoanalyze.java.quandary.Interprocedural.singlePassthroughBad():void, 3, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/LoggingPrivateData.java, codetoanalyze.java.quandary.LoggingPrivateData.logAllSourcesBad(android.location.Location,android.telephony.TelephonyManager):void, 36, LOGGING_PRIVATE_DATA, no_bucket, ERROR, [Return from String TelephonyManager.getVoiceMailNumber(),Call to int Log.e(String,String) with tainted index 1]
codetoanalyze/java/quandary/LoggingPrivateData.java, codetoanalyze.java.quandary.LoggingPrivateData.logAllSourcesBad(android.location.Location,android.telephony.TelephonyManager):void, 36, LOGGING_PRIVATE_DATA, no_bucket, ERROR, [Return from float Location.getSpeed(),Call to int Log.e(String,String) with tainted index 1]
codetoanalyze/java/quandary/LoggingPrivateData.java, codetoanalyze.java.quandary.LoggingPrivateData.logAllSourcesBad(android.location.Location,android.telephony.TelephonyManager):void, 36, LOGGING_PRIVATE_DATA, no_bucket, ERROR, [Return from String TelephonyManager.getDeviceId(),Call to int Log.e(String,String) with tainted index 1]
codetoanalyze/java/quandary/LoggingPrivateData.java, codetoanalyze.java.quandary.LoggingPrivateData.logAllSourcesBad(android.location.Location,android.telephony.TelephonyManager):void, 36, LOGGING_PRIVATE_DATA, no_bucket, ERROR, [Return from String TelephonyManager.getSimSerialNumber(),Call to int Log.e(String,String) with tainted index 1]
codetoanalyze/java/quandary/LoggingPrivateData.java, codetoanalyze.java.quandary.LoggingPrivateData.logAllSourcesBad(android.location.Location,android.telephony.TelephonyManager):void, 36, LOGGING_PRIVATE_DATA, no_bucket, ERROR, [Return from String TelephonyManager.getLine1Number(),Call to int Log.e(String,String) with tainted index 1]
codetoanalyze/java/quandary/LoggingPrivateData.java, codetoanalyze.java.quandary.LoggingPrivateData.logAllSourcesBad(android.location.Location,android.telephony.TelephonyManager):void, 36, LOGGING_PRIVATE_DATA, no_bucket, ERROR, [Return from double Location.getAltitude(),Call to int Log.e(String,String) with tainted index 1]
codetoanalyze/java/quandary/LoggingPrivateData.java, codetoanalyze.java.quandary.LoggingPrivateData.logAllSourcesBad(android.location.Location,android.telephony.TelephonyManager):void, 36, LOGGING_PRIVATE_DATA, no_bucket, ERROR, [Return from String TelephonyManager.getSubscriberId(),Call to int Log.e(String,String) with tainted index 1]
codetoanalyze/java/quandary/LoggingPrivateData.java, codetoanalyze.java.quandary.LoggingPrivateData.logAllSourcesBad(android.location.Location,android.telephony.TelephonyManager):void, 36, LOGGING_PRIVATE_DATA, no_bucket, ERROR, [Return from double Location.getLongitude(),Call to int Log.e(String,String) with tainted index 1]
codetoanalyze/java/quandary/LoggingPrivateData.java, codetoanalyze.java.quandary.LoggingPrivateData.logAllSourcesBad(android.location.Location,android.telephony.TelephonyManager):void, 36, LOGGING_PRIVATE_DATA, no_bucket, ERROR, [Return from float Location.getBearing(),Call to int Log.e(String,String) with tainted index 1]
codetoanalyze/java/quandary/LoggingPrivateData.java, codetoanalyze.java.quandary.LoggingPrivateData.logAllSourcesBad(android.location.Location,android.telephony.TelephonyManager):void, 36, LOGGING_PRIVATE_DATA, no_bucket, ERROR, [Return from double Location.getLatitude(),Call to int Log.e(String,String) with tainted index 1]
codetoanalyze/java/quandary/LoggingPrivateData.java, codetoanalyze.java.quandary.LoggingPrivateData.logAllSourcesBad(android.location.Location,android.telephony.TelephonyManager):void, 37, LOGGING_PRIVATE_DATA, no_bucket, ERROR, [Return from String TelephonyManager.getSubscriberId(),Call to int Log.println(int,String,String) with tainted index 2]
codetoanalyze/java/quandary/LoggingPrivateData.java, codetoanalyze.java.quandary.LoggingPrivateData.logAllSourcesBad(android.location.Location,android.telephony.TelephonyManager):void, 37, LOGGING_PRIVATE_DATA, no_bucket, ERROR, [Return from String TelephonyManager.getDeviceId(),Call to int Log.println(int,String,String) with tainted index 2]
codetoanalyze/java/quandary/LoggingPrivateData.java, codetoanalyze.java.quandary.LoggingPrivateData.logAllSourcesBad(android.location.Location,android.telephony.TelephonyManager):void, 37, LOGGING_PRIVATE_DATA, no_bucket, ERROR, [Return from double Location.getLongitude(),Call to int Log.println(int,String,String) with tainted index 2]
codetoanalyze/java/quandary/LoggingPrivateData.java, codetoanalyze.java.quandary.LoggingPrivateData.logAllSourcesBad(android.location.Location,android.telephony.TelephonyManager):void, 37, LOGGING_PRIVATE_DATA, no_bucket, ERROR, [Return from String TelephonyManager.getLine1Number(),Call to int Log.println(int,String,String) with tainted index 2]
codetoanalyze/java/quandary/LoggingPrivateData.java, codetoanalyze.java.quandary.LoggingPrivateData.logAllSourcesBad(android.location.Location,android.telephony.TelephonyManager):void, 37, LOGGING_PRIVATE_DATA, no_bucket, ERROR, [Return from double Location.getAltitude(),Call to int Log.println(int,String,String) with tainted index 2]
codetoanalyze/java/quandary/LoggingPrivateData.java, codetoanalyze.java.quandary.LoggingPrivateData.logAllSourcesBad(android.location.Location,android.telephony.TelephonyManager):void, 37, LOGGING_PRIVATE_DATA, no_bucket, ERROR, [Return from String TelephonyManager.getVoiceMailNumber(),Call to int Log.println(int,String,String) with tainted index 2]
codetoanalyze/java/quandary/LoggingPrivateData.java, codetoanalyze.java.quandary.LoggingPrivateData.logAllSourcesBad(android.location.Location,android.telephony.TelephonyManager):void, 37, LOGGING_PRIVATE_DATA, no_bucket, ERROR, [Return from float Location.getBearing(),Call to int Log.println(int,String,String) with tainted index 2]
codetoanalyze/java/quandary/LoggingPrivateData.java, codetoanalyze.java.quandary.LoggingPrivateData.logAllSourcesBad(android.location.Location,android.telephony.TelephonyManager):void, 37, LOGGING_PRIVATE_DATA, no_bucket, ERROR, [Return from double Location.getLatitude(),Call to int Log.println(int,String,String) with tainted index 2]
codetoanalyze/java/quandary/LoggingPrivateData.java, codetoanalyze.java.quandary.LoggingPrivateData.logAllSourcesBad(android.location.Location,android.telephony.TelephonyManager):void, 37, LOGGING_PRIVATE_DATA, no_bucket, ERROR, [Return from float Location.getSpeed(),Call to int Log.println(int,String,String) with tainted index 2]
codetoanalyze/java/quandary/LoggingPrivateData.java, codetoanalyze.java.quandary.LoggingPrivateData.logAllSourcesBad(android.location.Location,android.telephony.TelephonyManager):void, 37, LOGGING_PRIVATE_DATA, no_bucket, ERROR, [Return from String TelephonyManager.getSimSerialNumber(),Call to int Log.println(int,String,String) with tainted index 2]
codetoanalyze/java/quandary/LoggingPrivateData.java, codetoanalyze.java.quandary.LoggingPrivateData.logAllSourcesBad(android.location.Location,android.telephony.TelephonyManager):void, 38, LOGGING_PRIVATE_DATA, no_bucket, ERROR, [Return from String TelephonyManager.getSimSerialNumber(),Call to int Log.w(String,String) with tainted index 1]
codetoanalyze/java/quandary/LoggingPrivateData.java, codetoanalyze.java.quandary.LoggingPrivateData.logAllSourcesBad(android.location.Location,android.telephony.TelephonyManager):void, 38, LOGGING_PRIVATE_DATA, no_bucket, ERROR, [Return from String TelephonyManager.getSubscriberId(),Call to int Log.w(String,String) with tainted index 1]
codetoanalyze/java/quandary/LoggingPrivateData.java, codetoanalyze.java.quandary.LoggingPrivateData.logAllSourcesBad(android.location.Location,android.telephony.TelephonyManager):void, 38, LOGGING_PRIVATE_DATA, no_bucket, ERROR, [Return from String TelephonyManager.getVoiceMailNumber(),Call to int Log.w(String,String) with tainted index 1]
codetoanalyze/java/quandary/LoggingPrivateData.java, codetoanalyze.java.quandary.LoggingPrivateData.logAllSourcesBad(android.location.Location,android.telephony.TelephonyManager):void, 38, LOGGING_PRIVATE_DATA, no_bucket, ERROR, [Return from double Location.getAltitude(),Call to int Log.w(String,String) with tainted index 1]
codetoanalyze/java/quandary/LoggingPrivateData.java, codetoanalyze.java.quandary.LoggingPrivateData.logAllSourcesBad(android.location.Location,android.telephony.TelephonyManager):void, 38, LOGGING_PRIVATE_DATA, no_bucket, ERROR, [Return from double Location.getLatitude(),Call to int Log.w(String,String) with tainted index 1]
codetoanalyze/java/quandary/LoggingPrivateData.java, codetoanalyze.java.quandary.LoggingPrivateData.logAllSourcesBad(android.location.Location,android.telephony.TelephonyManager):void, 38, LOGGING_PRIVATE_DATA, no_bucket, ERROR, [Return from float Location.getBearing(),Call to int Log.w(String,String) with tainted index 1]
codetoanalyze/java/quandary/LoggingPrivateData.java, codetoanalyze.java.quandary.LoggingPrivateData.logAllSourcesBad(android.location.Location,android.telephony.TelephonyManager):void, 38, LOGGING_PRIVATE_DATA, no_bucket, ERROR, [Return from double Location.getLongitude(),Call to int Log.w(String,String) with tainted index 1]
codetoanalyze/java/quandary/LoggingPrivateData.java, codetoanalyze.java.quandary.LoggingPrivateData.logAllSourcesBad(android.location.Location,android.telephony.TelephonyManager):void, 38, LOGGING_PRIVATE_DATA, no_bucket, ERROR, [Return from String TelephonyManager.getLine1Number(),Call to int Log.w(String,String) with tainted index 1]
codetoanalyze/java/quandary/LoggingPrivateData.java, codetoanalyze.java.quandary.LoggingPrivateData.logAllSourcesBad(android.location.Location,android.telephony.TelephonyManager):void, 38, LOGGING_PRIVATE_DATA, no_bucket, ERROR, [Return from String TelephonyManager.getDeviceId(),Call to int Log.w(String,String) with tainted index 1]
codetoanalyze/java/quandary/LoggingPrivateData.java, codetoanalyze.java.quandary.LoggingPrivateData.logAllSourcesBad(android.location.Location,android.telephony.TelephonyManager):void, 38, LOGGING_PRIVATE_DATA, no_bucket, ERROR, [Return from float Location.getSpeed(),Call to int Log.w(String,String) with tainted index 1]
codetoanalyze/java/quandary/LoggingPrivateData.java, codetoanalyze.java.quandary.LoggingPrivateData.logAllSourcesBad(android.location.Location,android.telephony.TelephonyManager):void, 39, LOGGING_PRIVATE_DATA, no_bucket, ERROR, [Return from String TelephonyManager.getVoiceMailNumber(),Call to int Log.wtf(String,String) with tainted index 1]
codetoanalyze/java/quandary/LoggingPrivateData.java, codetoanalyze.java.quandary.LoggingPrivateData.logAllSourcesBad(android.location.Location,android.telephony.TelephonyManager):void, 39, LOGGING_PRIVATE_DATA, no_bucket, ERROR, [Return from float Location.getSpeed(),Call to int Log.wtf(String,String) with tainted index 1]
codetoanalyze/java/quandary/LoggingPrivateData.java, codetoanalyze.java.quandary.LoggingPrivateData.logAllSourcesBad(android.location.Location,android.telephony.TelephonyManager):void, 39, LOGGING_PRIVATE_DATA, no_bucket, ERROR, [Return from double Location.getLongitude(),Call to int Log.wtf(String,String) with tainted index 1]
codetoanalyze/java/quandary/LoggingPrivateData.java, codetoanalyze.java.quandary.LoggingPrivateData.logAllSourcesBad(android.location.Location,android.telephony.TelephonyManager):void, 39, LOGGING_PRIVATE_DATA, no_bucket, ERROR, [Return from String TelephonyManager.getSubscriberId(),Call to int Log.wtf(String,String) with tainted index 1]
codetoanalyze/java/quandary/LoggingPrivateData.java, codetoanalyze.java.quandary.LoggingPrivateData.logAllSourcesBad(android.location.Location,android.telephony.TelephonyManager):void, 39, LOGGING_PRIVATE_DATA, no_bucket, ERROR, [Return from String TelephonyManager.getSimSerialNumber(),Call to int Log.wtf(String,String) with tainted index 1]
codetoanalyze/java/quandary/LoggingPrivateData.java, codetoanalyze.java.quandary.LoggingPrivateData.logAllSourcesBad(android.location.Location,android.telephony.TelephonyManager):void, 39, LOGGING_PRIVATE_DATA, no_bucket, ERROR, [Return from double Location.getLatitude(),Call to int Log.wtf(String,String) with tainted index 1]
codetoanalyze/java/quandary/LoggingPrivateData.java, codetoanalyze.java.quandary.LoggingPrivateData.logAllSourcesBad(android.location.Location,android.telephony.TelephonyManager):void, 39, LOGGING_PRIVATE_DATA, no_bucket, ERROR, [Return from double Location.getAltitude(),Call to int Log.wtf(String,String) with tainted index 1]
codetoanalyze/java/quandary/LoggingPrivateData.java, codetoanalyze.java.quandary.LoggingPrivateData.logAllSourcesBad(android.location.Location,android.telephony.TelephonyManager):void, 39, LOGGING_PRIVATE_DATA, no_bucket, ERROR, [Return from float Location.getBearing(),Call to int Log.wtf(String,String) with tainted index 1]
codetoanalyze/java/quandary/LoggingPrivateData.java, codetoanalyze.java.quandary.LoggingPrivateData.logAllSourcesBad(android.location.Location,android.telephony.TelephonyManager):void, 39, LOGGING_PRIVATE_DATA, no_bucket, ERROR, [Return from String TelephonyManager.getDeviceId(),Call to int Log.wtf(String,String) with tainted index 1]
codetoanalyze/java/quandary/LoggingPrivateData.java, codetoanalyze.java.quandary.LoggingPrivateData.logAllSourcesBad(android.location.Location,android.telephony.TelephonyManager):void, 39, LOGGING_PRIVATE_DATA, no_bucket, ERROR, [Return from String TelephonyManager.getLine1Number(),Call to int Log.wtf(String,String) with tainted index 1]
codetoanalyze/java/quandary/Recursion.java, codetoanalyze.java.quandary.Recursion.callSinkThenDivergeBad():void, 1, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void Recursion.callSinkThenDiverge(Object) with tainted index 0,Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Recursion.java, codetoanalyze.java.quandary.Recursion.safeRecursionCallSinkBad():void, 1, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void Recursion.safeRecursionCallSink(int,Object) with tainted index 0,Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Serialization.java, codetoanalyze.java.quandary.Serialization.taintedObjectInputStreamBad():java.lang.Object, 2, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to ObjectInputStream.<init>(InputStream) with tainted index 1]
codetoanalyze/java/quandary/Services.java, codetoanalyze.java.quandary.Service1.packageProtectedServiceMethodBad(java.lang.String):void, 1, SHELL_INJECTION_RISK, no_bucket, ERROR, [Return from void Service1.packageProtectedServiceMethodBad(String),Call to Process Runtime.exec(String) with tainted index 1]
codetoanalyze/java/quandary/Services.java, codetoanalyze.java.quandary.Service1.paramToSql1Bad(java.lang.String):void, 1, SQL_INJECTION_RISK, no_bucket, ERROR, [Return from void Service1.paramToSql1Bad(String),Call to boolean Statement.execute(String) with tainted index 1]
codetoanalyze/java/quandary/Services.java, codetoanalyze.java.quandary.Service1.paramToSql2Bad(java.lang.String):void, 1, USER_CONTROLLED_SQL_RISK, no_bucket, ERROR, [Return from void Service1.paramToSql2Bad(String),Call to long Statement.executeLargeUpdate(String) with tainted index 1]
codetoanalyze/java/quandary/Services.java, codetoanalyze.java.quandary.Service1.paramToSql3Bad(java.lang.String):void, 1, USER_CONTROLLED_SQL_RISK, no_bucket, ERROR, [Return from void Service1.paramToSql3Bad(String),Call to ResultSet Statement.executeQuery(String) with tainted index 1]
codetoanalyze/java/quandary/Services.java, codetoanalyze.java.quandary.Service1.paramToSql4Bad(java.lang.String):void, 1, USER_CONTROLLED_SQL_RISK, no_bucket, ERROR, [Return from void Service1.paramToSql4Bad(String),Call to int Statement.executeUpdate(String) with tainted index 1]
codetoanalyze/java/quandary/Services.java, codetoanalyze.java.quandary.Service1.paramToSql5Bad(java.lang.String):void, 1, SQL_INJECTION_RISK, no_bucket, ERROR, [Return from void Service1.paramToSql5Bad(String),Call to void Statement.addBatch(String) with tainted index 1]
codetoanalyze/java/quandary/Services.java, codetoanalyze.java.quandary.Service1.serviceMethodBad(java.lang.String):void, 1, SHELL_INJECTION_RISK, no_bucket, ERROR, [Return from void Service1.serviceMethodBad(String),Call to Process Runtime.exec(String) with tainted index 1]
codetoanalyze/java/quandary/Strings.java, Strings.viaFormatterBad():void, 3, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Strings.java, Strings.viaFormatterIgnoreReturnBad():void, 4, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Strings.java, Strings.viaStringBufferBad():void, 3, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Strings.java, Strings.viaStringBufferIgnoreReturnBad():void, 4, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Strings.java, Strings.viaStringBuilderBad():void, 3, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Strings.java, Strings.viaStringBuilderIgnoreReturnBad():void, 5, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Strings.java, Strings.viaStringBuilderSugarBad():void, 2, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Strings.java, Strings.viaStringFormatVarArgsDirectBad():void, 3, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Strings.java, Strings.viaStringFormatVarArgsIndirectBad():void, 1, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void Strings.viaStringFormatVarArgsIndirect(Object) with tainted index 0,Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/TaintExample.java, codetoanalyze.java.quandary.TaintExample.interprocTaintErrorWithModelMethods1():void, 1, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource() with tainted data return*,Return from Object TaintExample.returnTaintedSourceModelMethods(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/TaintExample.java, codetoanalyze.java.quandary.TaintExample.interprocTaintErrorWithModelMethods2():void, 1, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void TaintExample.callSinkMethodModelMethods(Object) with tainted index 0,Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/TaintExample.java, codetoanalyze.java.quandary.TaintExample.interprocTaintErrorWithModelMethods3():void, 1, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource() with tainted data return*,Return from Object TaintExample.returnTaintedSourceModelMethods(),Call to void TaintExample.callSinkMethodModelMethods(Object) with tainted index 0,Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/TaintExample.java, codetoanalyze.java.quandary.TaintExample.simpleTaintErrorWithModelMethods():void, 2, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/TaintedFormals.java, codetoanalyze.java.quandary.TaintedFormals.callTaintedContextBad1(java.lang.String):void, 2, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object TaintedFormals.taintedContextBad(String) with tainted data return*,Return from Object TaintedFormals.taintedContextBad(String),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/TaintedFormals.java, codetoanalyze.java.quandary.TaintedFormals.callTaintedContextBad2():void, 1, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void TaintedFormals.taintedContextBad(String,Intent,Integer) with tainted index 1,Call to ComponentName ContextWrapper.startService(Intent) with tainted index 1]
codetoanalyze/java/quandary/TaintedFormals.java, codetoanalyze.java.quandary.TaintedFormals.taintedContextBad(java.lang.String,android.content.Intent,java.lang.Integer):void, 3, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from void TaintedFormals.taintedContextBad(String,Intent,Integer),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/TaintedFormals.java, codetoanalyze.java.quandary.TaintedFormals.taintedContextBad(java.lang.String,android.content.Intent,java.lang.Integer):void, 4, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from void TaintedFormals.taintedContextBad(String,Intent,Integer),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/TaintedFormals.java, codetoanalyze.java.quandary.TaintedFormals.taintedContextBad(java.lang.String,android.content.Intent,java.lang.Integer):void, 5, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from void TaintedFormals.taintedContextBad(String,Intent,Integer),Call to void TaintedFormals.callSink(Object) with tainted index 0,Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/TaintedFormals.java, codetoanalyze.java.quandary.TaintedFormals.taintedContextBad(java.lang.String,android.content.Intent,java.lang.Integer):void, 6, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from void TaintedFormals.taintedContextBad(String,Intent,Integer),Call to void TaintedFormals.callSink(Object) with tainted index 0,Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Traces.java, codetoanalyze.java.quandary.Traces.sourceMethod():void, 2, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void Traces.callSameSink(Obj,Obj,Obj,Obj) with tainted index 0,Call to void Traces.callMySinkIndirect(Obj) with tainted index 0,Call to void Traces.callMySink(Obj) with tainted index 0,Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/UnknownCode.java, codetoanalyze.java.quandary.UnknownCode.callPropagateFootprintBad():void, 1, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void UnknownCode.propagateFootprint(String) with tainted index 0,Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/UnknownCode.java, codetoanalyze.java.quandary.UnknownCode.callUnknownSetterBad(android.content.Intent):void, 4, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/UnknownCode.java, codetoanalyze.java.quandary.UnknownCode.propagateEmptyBad():void, 6, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/UnknownCode.java, codetoanalyze.java.quandary.UnknownCode.propagateEmptyBad():void, 7, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/UnknownCode.java, codetoanalyze.java.quandary.UnknownCode.propagateViaInterfaceCodeBad(codetoanalyze.java.quandary.UnknownCode$Interface):void, 3, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/UnknownCode.java, codetoanalyze.java.quandary.UnknownCode.propagateViaUnknownAbstractCodeBad():void, 3, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/UnknownCode.java, codetoanalyze.java.quandary.UnknownCode.propagateViaUnknownConstructorBad():void, 4, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/UnknownCode.java, codetoanalyze.java.quandary.UnknownCode.propagateViaUnknownNativeCodeBad():void, 3, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/UserControlledStrings.java, codetoanalyze.java.quandary.UserControlledStrings.clipboardToHtmlBad():android.text.Spanned, 1, CROSS_SITE_SCRIPTING, no_bucket, ERROR, [Return from CharSequence ClipboardManager.getText(),Call to Spanned Html.fromHtml(String) with tainted index 0]
codetoanalyze/java/quandary/UserControlledStrings.java, codetoanalyze.java.quandary.UserControlledStrings.clipboardToProcessBuilder1Bad():java.lang.ProcessBuilder, 1, SHELL_INJECTION, no_bucket, ERROR, [Return from CharSequence ClipboardManager.getText(),Call to ProcessBuilder.<init>(java.lang.String[]) with tainted index 1]
codetoanalyze/java/quandary/UserControlledStrings.java, codetoanalyze.java.quandary.UserControlledStrings.clipboardToProcessBuilder2Bad():java.lang.ProcessBuilder, 1, SHELL_INJECTION, no_bucket, ERROR, [Return from CharSequence ClipboardManager.getText(),Call to ProcessBuilder.<init>(java.lang.String[]) with tainted index 1]
codetoanalyze/java/quandary/UserControlledStrings.java, codetoanalyze.java.quandary.UserControlledStrings.clipboardToProcessBuilder3Bad(java.lang.ProcessBuilder):java.lang.ProcessBuilder, 1, SHELL_INJECTION, no_bucket, ERROR, [Return from CharSequence ClipboardManager.getText(),Call to ProcessBuilder ProcessBuilder.command(java.lang.String[]) with tainted index 1]
codetoanalyze/java/quandary/UserControlledStrings.java, codetoanalyze.java.quandary.UserControlledStrings.clipboardToProcessBuilder4Bad(java.lang.ProcessBuilder):java.lang.ProcessBuilder, 3, SHELL_INJECTION, no_bucket, ERROR, [Return from CharSequence ClipboardManager.getText(),Call to ProcessBuilder ProcessBuilder.command(List) with tainted index 1]
codetoanalyze/java/quandary/UserControlledStrings.java, codetoanalyze.java.quandary.UserControlledStrings.clipboardToShellArrayBad():void, 2, SHELL_INJECTION, no_bucket, ERROR, [Return from CharSequence ClipboardManager.getText(),Call to Process Runtime.exec(java.lang.String[]) with tainted index 1]
codetoanalyze/java/quandary/UserControlledStrings.java, codetoanalyze.java.quandary.UserControlledStrings.clipboardToShellDirectBad():void, 1, SHELL_INJECTION, no_bucket, ERROR, [Return from CharSequence ClipboardManager.getText(),Call to Process Runtime.exec(String) with tainted index 1]
codetoanalyze/java/quandary/UserControlledStrings.java, codetoanalyze.java.quandary.UserControlledStrings.editTextToHtmlBad():android.text.Spanned, 1, CROSS_SITE_SCRIPTING, no_bucket, ERROR, [Return from Editable EditText.getText(),Call to Spanned Html.fromHtml(String) with tainted index 0]
codetoanalyze/java/quandary/UserControlledStrings.java, codetoanalyze.java.quandary.UserControlledStrings.readClipboardSourcesBad():void, 1, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from CharSequence ClipboardManager.getText(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/UserControlledStrings.java, codetoanalyze.java.quandary.UserControlledStrings.readClipboardSourcesBad():void, 2, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from ClipData ClipboardManager.getPrimaryClip(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/UserControlledStrings.java, codetoanalyze.java.quandary.UserControlledStrings.readClipboardSourcesBad():void, 3, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from ClipData ClipboardManager.getPrimaryClip(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/UserControlledStrings.java, codetoanalyze.java.quandary.UserControlledStrings.readClipboardSourcesBad():void, 4, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from ClipData ClipboardManager.getPrimaryClip(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/UserControlledStrings.java, codetoanalyze.java.quandary.UserControlledStrings.readClipboardSourcesBad():void, 5, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from ClipData ClipboardManager.getPrimaryClip(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/WebViews.java, codetoanalyze.java.quandary.WebViews$MyWebChromeClient.onJsAlert(android.webkit.WebView,java.lang.String,java.lang.String,android.webkit.JsResult):boolean, 2, UNTRUSTED_INTENT_CREATION, no_bucket, ERROR, [Return from boolean WebViews$MyWebChromeClient.onJsAlert(WebView,String,String,JsResult),Call to Intent Intent.parseUri(String,int) with tainted index 0]
codetoanalyze/java/quandary/WebViews.java, codetoanalyze.java.quandary.WebViews$MyWebChromeClient.onJsAlert(android.webkit.WebView,java.lang.String,java.lang.String,android.webkit.JsResult):boolean, 3, CREATE_INTENT_FROM_URI, no_bucket, ERROR, [Return from Intent Intent.parseUri(String,int),Call to void Activity.startActivity(Intent) with tainted index 1]
codetoanalyze/java/quandary/WebViews.java, codetoanalyze.java.quandary.WebViews$MyWebChromeClient.onJsBeforeUnload(android.webkit.WebView,java.lang.String,java.lang.String,android.webkit.JsResult):boolean, 2, UNTRUSTED_INTENT_CREATION, no_bucket, ERROR, [Return from boolean WebViews$MyWebChromeClient.onJsBeforeUnload(WebView,String,String,JsResult),Call to Intent Intent.parseUri(String,int) with tainted index 0]
codetoanalyze/java/quandary/WebViews.java, codetoanalyze.java.quandary.WebViews$MyWebChromeClient.onJsBeforeUnload(android.webkit.WebView,java.lang.String,java.lang.String,android.webkit.JsResult):boolean, 3, CREATE_INTENT_FROM_URI, no_bucket, ERROR, [Return from Intent Intent.parseUri(String,int),Call to void Activity.startActivity(Intent) with tainted index 1]
codetoanalyze/java/quandary/WebViews.java, codetoanalyze.java.quandary.WebViews$MyWebChromeClient.onJsConfirm(android.webkit.WebView,java.lang.String,java.lang.String,android.webkit.JsResult):boolean, 2, UNTRUSTED_INTENT_CREATION, no_bucket, ERROR, [Return from boolean WebViews$MyWebChromeClient.onJsConfirm(WebView,String,String,JsResult),Call to Intent Intent.parseUri(String,int) with tainted index 0]
codetoanalyze/java/quandary/WebViews.java, codetoanalyze.java.quandary.WebViews$MyWebChromeClient.onJsConfirm(android.webkit.WebView,java.lang.String,java.lang.String,android.webkit.JsResult):boolean, 3, CREATE_INTENT_FROM_URI, no_bucket, ERROR, [Return from Intent Intent.parseUri(String,int),Call to void Activity.startActivity(Intent) with tainted index 1]
codetoanalyze/java/quandary/WebViews.java, codetoanalyze.java.quandary.WebViews$MyWebChromeClient.onJsPrompt(android.webkit.WebView,java.lang.String,java.lang.String,java.lang.String,android.webkit.JsPromptResult):boolean, 2, UNTRUSTED_INTENT_CREATION, no_bucket, ERROR, [Return from boolean WebViews$MyWebChromeClient.onJsPrompt(WebView,String,String,String,JsPromptResult),Call to Intent Intent.parseUri(String,int) with tainted index 0]
codetoanalyze/java/quandary/WebViews.java, codetoanalyze.java.quandary.WebViews$MyWebChromeClient.onJsPrompt(android.webkit.WebView,java.lang.String,java.lang.String,java.lang.String,android.webkit.JsPromptResult):boolean, 3, CREATE_INTENT_FROM_URI, no_bucket, ERROR, [Return from Intent Intent.parseUri(String,int),Call to void Activity.startActivity(Intent) with tainted index 1]
codetoanalyze/java/quandary/WebViews.java, codetoanalyze.java.quandary.WebViews$MyWebViewClient.onLoadResource(android.webkit.WebView,java.lang.String):void, 2, UNTRUSTED_INTENT_CREATION, no_bucket, ERROR, [Return from void WebViews$MyWebViewClient.onLoadResource(WebView,String),Call to Intent Intent.parseUri(String,int) with tainted index 0]
codetoanalyze/java/quandary/WebViews.java, codetoanalyze.java.quandary.WebViews$MyWebViewClient.onLoadResource(android.webkit.WebView,java.lang.String):void, 3, CREATE_INTENT_FROM_URI, no_bucket, ERROR, [Return from Intent Intent.parseUri(String,int),Call to void Activity.startActivity(Intent) with tainted index 1]
codetoanalyze/java/quandary/WebViews.java, codetoanalyze.java.quandary.WebViews$MyWebViewClient.shouldInterceptRequest(android.webkit.WebView,android.webkit.WebResourceRequest):android.webkit.WebResourceResponse, 1, CREATE_INTENT_FROM_URI, no_bucket, ERROR, [Return from Intent.<init>(String,Uri),Call to void Activity.startActivity(Intent) with tainted index 1]
codetoanalyze/java/quandary/WebViews.java, codetoanalyze.java.quandary.WebViews$MyWebViewClient.shouldOverrideUrlLoading(android.webkit.WebView,java.lang.String):boolean, 2, UNTRUSTED_INTENT_CREATION, no_bucket, ERROR, [Return from boolean WebViews$MyWebViewClient.shouldOverrideUrlLoading(WebView,String),Call to Intent Intent.parseUri(String,int) with tainted index 0]
codetoanalyze/java/quandary/WebViews.java, codetoanalyze.java.quandary.WebViews$MyWebViewClient.shouldOverrideUrlLoading(android.webkit.WebView,java.lang.String):boolean, 3, CREATE_INTENT_FROM_URI, no_bucket, ERROR, [Return from Intent Intent.parseUri(String,int),Call to void Activity.startActivity(Intent) with tainted index 1]
codetoanalyze/java/quandary/WebViews.java, codetoanalyze.java.quandary.WebViews$MyWebViewClient.webResourceToFileBad(android.webkit.WebResourceRequest):java.io.File, 1, UNTRUSTED_FILE, no_bucket, ERROR, [Return from Uri WebResourceRequest.getUrl(),Call to File.<init>(String) with tainted index 1]
codetoanalyze/java/quandary/WebViews.java, codetoanalyze.java.quandary.WebViews.callWebviewSinks(android.webkit.WebView):void, 3, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void WebView.evaluateJavascript(String,ValueCallback) with tainted index 1]
codetoanalyze/java/quandary/WebViews.java, codetoanalyze.java.quandary.WebViews.callWebviewSinks(android.webkit.WebView):void, 4, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void WebView.loadData(String,String,String) with tainted index 1]
codetoanalyze/java/quandary/WebViews.java, codetoanalyze.java.quandary.WebViews.callWebviewSinks(android.webkit.WebView):void, 5, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void WebView.loadDataWithBaseURL(String,String,String,String,String) with tainted index 2]
codetoanalyze/java/quandary/WebViews.java, codetoanalyze.java.quandary.WebViews.callWebviewSinks(android.webkit.WebView):void, 6, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void WebView.loadUrl(String) with tainted index 1]
codetoanalyze/java/quandary/WebViews.java, codetoanalyze.java.quandary.WebViews.callWebviewSinks(android.webkit.WebView):void, 7, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void WebView.postUrl(String,byte[]) with tainted index 1]
codetoanalyze/java/quandary/WebViews.java, codetoanalyze.java.quandary.WebViews.callWebviewSinks(android.webkit.WebView):void, 8, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void WebView.postWebMessage(WebMessage,Uri) with tainted index 2]
codetoanalyze/java/quandary/WebViews.java, codetoanalyze.java.quandary.WebViews.callWebviewSubclassSink(codetoanalyze.java.quandary.WebViews$MyWebView):void, 2, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void WebView.evaluateJavascript(String,ValueCallback) with tainted index 1]
codetoanalyze/java/quandary/Arrays.java, void Arrays.FP_viaArrayOk1(Object,java.lang.Object[]), 3, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Arrays.java, void Arrays.FP_viaArrayOk2(Object,java.lang.Object[]), 4, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Arrays.java, void Arrays.viaArrayBad(), 3, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Arrays.java, void Arrays.viaArrayThenFieldBad(), 3, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Arrays.java, void Arrays.viaFieldThenArrayBad1(Arrays$Obj), 2, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Arrays.java, void Arrays.viaFieldThenArrayBad2(), 4, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Basics.java, void Basics.FP_deadCodeOk(), 4, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Basics.java, void Basics.FP_loopInvariantOk(), 5, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Basics.java, void Basics.arrayWithTaintedContentsBad(), 3, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Basics.java, void Basics.directBad(), 1, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Basics.java, void Basics.funCallBad1(), 2, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void Basics.funCallBad2(int,Object) with tainted index 2,Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Basics.java, void Basics.ifBad1(boolean), 5, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Basics.java, void Basics.ifBad2(boolean), 5, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Basics.java, void Basics.ifBad3(boolean), 7, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Basics.java, void Basics.ifBad4(boolean,boolean), 9, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Basics.java, void Basics.ifBad5(boolean), 3, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Basics.java, void Basics.noTripleReportBad(), 2, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Basics.java, void Basics.noTripleReportBad(), 3, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Basics.java, void Basics.switchBad1(int), 4, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Basics.java, void Basics.switchBad2(int), 6, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Basics.java, void Basics.switchBad3(int), 7, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Basics.java, void Basics.viaCastBad1(), 1, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Basics.java, void Basics.viaCastBad2(), 2, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Basics.java, void Basics.viaVarBad1(), 2, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Basics.java, void Basics.viaVarBad2(), 3, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Basics.java, void Basics.viaVarBad3(), 4, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Basics.java, void Basics.whileBad1(int), 3, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Basics.java, void Basics.whileBad2(int), 6, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/ContentProviders.java, AssetFileDescriptor ContentProviders.openAssetFile(Uri,String,CancellationSignal), 1, UNTRUSTED_FILE, no_bucket, ERROR, [Return from AssetFileDescriptor ContentProviders.openAssetFile(Uri,String,CancellationSignal),Call to File.<init>(String) with tainted index 1]
codetoanalyze/java/quandary/ContentProviders.java, AssetFileDescriptor ContentProviders.openTypedAssetFile(Uri,String,Bundle,CancellationSignal), 2, UNTRUSTED_FILE, no_bucket, ERROR, [Return from AssetFileDescriptor ContentProviders.openTypedAssetFile(Uri,String,Bundle,CancellationSignal),Call to File.<init>(String) with tainted index 1]
codetoanalyze/java/quandary/ContentProviders.java, Bundle ContentProviders.call(String,String,Bundle), 1, UNTRUSTED_FILE, no_bucket, ERROR, [Return from Bundle ContentProviders.call(String,String,Bundle),Call to File.<init>(String) with tainted index 1]
codetoanalyze/java/quandary/ContentProviders.java, Cursor ContentProviders.query(Uri,java.lang.String[],String,java.lang.String[],String), 2, UNTRUSTED_FILE, no_bucket, ERROR, [Return from Cursor ContentProviders.query(Uri,java.lang.String[],String,java.lang.String[],String),Call to File.<init>(String) with tainted index 1]
codetoanalyze/java/quandary/ContentProviders.java, ParcelFileDescriptor ContentProviders.openFile(Uri,String,CancellationSignal), 1, UNTRUSTED_FILE, no_bucket, ERROR, [Return from ParcelFileDescriptor ContentProviders.openFile(Uri,String,CancellationSignal),Call to File.<init>(String) with tainted index 1]
codetoanalyze/java/quandary/ContentProviders.java, String ContentProviders.getType(Uri), 1, UNTRUSTED_FILE, no_bucket, ERROR, [Return from String ContentProviders.getType(Uri),Call to File.<init>(String) with tainted index 1]
codetoanalyze/java/quandary/ContentProviders.java, Uri ContentProviders.insert(Uri,ContentValues), 1, UNTRUSTED_FILE, no_bucket, ERROR, [Return from Uri ContentProviders.insert(Uri,ContentValues),Call to File.<init>(String) with tainted index 1]
codetoanalyze/java/quandary/ContentProviders.java, int ContentProviders.bulkInsert(Uri,android.content.ContentValues[]), 1, UNTRUSTED_FILE, no_bucket, ERROR, [Return from int ContentProviders.bulkInsert(Uri,android.content.ContentValues[]),Call to File.<init>(String) with tainted index 1]
codetoanalyze/java/quandary/ContentProviders.java, int ContentProviders.delete(Uri,String,java.lang.String[]), 1, UNTRUSTED_FILE, no_bucket, ERROR, [Return from int ContentProviders.delete(Uri,String,java.lang.String[]),Call to File.<init>(String) with tainted index 1]
codetoanalyze/java/quandary/ContentProviders.java, int ContentProviders.update(Uri,ContentValues,String,java.lang.String[]), 1, UNTRUSTED_FILE, no_bucket, ERROR, [Return from int ContentProviders.update(Uri,ContentValues,String,java.lang.String[]),Call to File.<init>(String) with tainted index 1]
codetoanalyze/java/quandary/DynamicDispatch.java, void DynamicDispatch.propagateViaInterfaceBad(DynamicDispatch$Interface), 3, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Exceptions.java, void Exceptions.callSinkThenThrowBad(), 1, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void Exceptions.callSinkThenThrow(Object) with tainted index 0,Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Exceptions.java, void Exceptions.sinkAfterCatchBad(), 7, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Exceptions.java, void Exceptions.sinkInCatchBad1(), 5, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Exceptions.java, void Exceptions.sinkInCatchBad2(), 6, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Exceptions.java, void Exceptions.sinkInFinallyBad1(), 5, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Exceptions.java, void Exceptions.sinkInFinallyBad2(), 6, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Exceptions.java, void Exceptions.sinkInFinallyBad3(), 7, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/ExternalSpecs.java, ConstructorSink ConstructorSink.constructorSinkBad(), 2, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to ConstructorSink.<init>(Object) with tainted index 1]
codetoanalyze/java/quandary/ExternalSpecs.java, Object ExternalSpecs.missedSanitizerBad(), 3, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/ExternalSpecs.java, void ExternalSpecs.callExternalSink2Bad1(), 1, LOGGING_PRIVATE_DATA, no_bucket, ERROR, [Return from Object ExternalSpecs.privateDataSource(),Call to void ExternalSpecs.loggingSink2(Object,Object) with tainted index 0]
codetoanalyze/java/quandary/ExternalSpecs.java, void ExternalSpecs.callExternalSink2Bad2(), 1, LOGGING_PRIVATE_DATA, no_bucket, ERROR, [Return from Object ExternalSpecs.privateDataSource(),Call to void ExternalSpecs.loggingSink2(Object,Object) with tainted index 1]
codetoanalyze/java/quandary/ExternalSpecs.java, void ExternalSpecs.callExternalSinkBad(), 1, LOGGING_PRIVATE_DATA, no_bucket, ERROR, [Return from Object ExternalSpecs.privateDataSource(),Call to void ExternalSpecs.loggingSink1(Object,Object) with tainted index 1]
codetoanalyze/java/quandary/ExternalSpecs.java, void ExternalSpecs.callSinkThatPropagatesBad(), 2, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to Object ExternalSpecs.sinkThatPropagates(Object) with tainted index 0]
codetoanalyze/java/quandary/ExternalSpecs.java, void ExternalSpecs.callSinkThatPropagatesBad(), 3, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void ExternalSpecs.loggingSink1(Object,Object) with tainted index 1]
codetoanalyze/java/quandary/ExternalSpecs.java, void ExternalSpecs.logExternalSourceBad(), 1, LOGGING_PRIVATE_DATA, no_bucket, ERROR, [Return from Object ExternalSpecs.privateDataSource(),Call to int Log.e(String,String) with tainted index 1]
codetoanalyze/java/quandary/ExternalSpecs.java, void InterfaceSpecImpl.externalSpecBad(), 1, LOGGING_PRIVATE_DATA, no_bucket, ERROR, [Return from Object InterfaceSpecImpl.source(),Call to void InterfaceSpecImpl.sink(Object) with tainted index 1]
codetoanalyze/java/quandary/Fields.java, void Fields.instanceFieldBad(), 2, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Fields.java, void Fields.staticFieldBad(), 2, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Fields.java, void Fields.viaFieldBad1(Fields$Obj), 2, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Fields.java, void Fields.viaFieldBad2(), 3, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Fields.java, void Fields.viaFieldBad3(), 4, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Fields.java, void Fields.viaNestedFieldBad1(Fields$Obj), 2, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Fields.java, void Fields.viaNestedFieldBad2(), 4, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Files.java, File Files.fileConstructorSinkBad(), 2, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to File.<init>(String) with tainted index 1]
codetoanalyze/java/quandary/Files.java, Path Files.fileSystemConstructorSinkBad1(), 2, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to Path FileSystem.getPath(String,java.lang.String[]) with tainted index 1]
codetoanalyze/java/quandary/Files.java, Path Files.fileSystemConstructorSinkBad2(), 2, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to Path FileSystem.getPath(String,java.lang.String[]) with tainted index 2]
codetoanalyze/java/quandary/Files.java, Path Files.pathsSinkBad1(), 2, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to Path Paths.get(String,java.lang.String[]) with tainted index 0]
codetoanalyze/java/quandary/Files.java, Path Files.pathsSinkBad2(), 2, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to Path Paths.get(String,java.lang.String[]) with tainted index 1]
codetoanalyze/java/quandary/FlowSensitivity.java, void FlowSensitivity.callSourceAndSinkBad1(FlowSensitivity$Obj), 2, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource() with tainted data @val$0.codetoanalyze.java.quandary.FlowSensitivity$Obj.f*,Return from void FlowSensitivity.sourceAndSink(FlowSensitivity$Obj),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/FlowSensitivity.java, void FlowSensitivity.callSourceAndSinkBad2(FlowSensitivity$Obj), 2, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void FlowSensitivity.sourceAndSink(FlowSensitivity$Obj) with tainted index 0,Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/FlowSensitivity.java, void FlowSensitivity.interproceduralFlowSensitivityBad(FlowSensitivity$Obj), 2, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource() with tainted data @val$0.codetoanalyze.java.quandary.FlowSensitivity$Obj.f*,Return from void FlowSensitivity.returnSource(FlowSensitivity$Obj),Call to void FlowSensitivity.callSink(FlowSensitivity$Obj) with tainted index 0,Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Intents.java, void Intents.callAllActivitySinksBad(Activity,String), 4, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to boolean ContextWrapper.bindService(Intent,ServiceConnection,int) with tainted index 1]
codetoanalyze/java/quandary/Intents.java, void Intents.callAllActivitySinksBad(Activity,String), 5, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void ContextWrapper.sendBroadcast(Intent) with tainted index 1]
codetoanalyze/java/quandary/Intents.java, void Intents.callAllActivitySinksBad(Activity,String), 6, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void ContextWrapper.sendBroadcastAsUser(Intent,UserHandle) with tainted index 1]
codetoanalyze/java/quandary/Intents.java, void Intents.callAllActivitySinksBad(Activity,String), 7, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void ContextWrapper.sendOrderedBroadcast(Intent,String) with tainted index 1]
codetoanalyze/java/quandary/Intents.java, void Intents.callAllActivitySinksBad(Activity,String), 8, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void ContextWrapper.sendOrderedBroadcastAsUser(Intent,UserHandle,String,BroadcastReceiver,Handler,int,String,Bundle) with tainted index 1]
codetoanalyze/java/quandary/Intents.java, void Intents.callAllActivitySinksBad(Activity,String), 9, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void ContextWrapper.sendStickyBroadcast(Intent) with tainted index 1]
codetoanalyze/java/quandary/Intents.java, void Intents.callAllActivitySinksBad(Activity,String), 10, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void ContextWrapper.sendStickyBroadcastAsUser(Intent,UserHandle) with tainted index 1]
codetoanalyze/java/quandary/Intents.java, void Intents.callAllActivitySinksBad(Activity,String), 11, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void ContextWrapper.sendStickyOrderedBroadcast(Intent,BroadcastReceiver,Handler,int,String,Bundle) with tainted index 1]
codetoanalyze/java/quandary/Intents.java, void Intents.callAllActivitySinksBad(Activity,String), 12, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void ContextWrapper.sendStickyOrderedBroadcastAsUser(Intent,UserHandle,BroadcastReceiver,Handler,int,String,Bundle) with tainted index 1]
codetoanalyze/java/quandary/Intents.java, void Intents.callAllActivitySinksBad(Activity,String), 13, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void Activity.startActivities(android.content.Intent[]) with tainted index 1]
codetoanalyze/java/quandary/Intents.java, void Intents.callAllActivitySinksBad(Activity,String), 14, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void Activity.startActivity(Intent) with tainted index 1]
codetoanalyze/java/quandary/Intents.java, void Intents.callAllActivitySinksBad(Activity,String), 15, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void Activity.startActivityForResult(Intent,int) with tainted index 1]
codetoanalyze/java/quandary/Intents.java, void Intents.callAllActivitySinksBad(Activity,String), 16, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to boolean Activity.startActivityIfNeeded(Intent,int) with tainted index 1]
codetoanalyze/java/quandary/Intents.java, void Intents.callAllActivitySinksBad(Activity,String), 17, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void Activity.startActivityFromChild(Activity,Intent,int) with tainted index 2]
codetoanalyze/java/quandary/Intents.java, void Intents.callAllActivitySinksBad(Activity,String), 18, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void Activity.startActivityFromFragment(Fragment,Intent,int) with tainted index 2]
codetoanalyze/java/quandary/Intents.java, void Intents.callAllActivitySinksBad(Activity,String), 19, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void Activity.startIntentSender(IntentSender,Intent,int,int,int) with tainted index 2]
codetoanalyze/java/quandary/Intents.java, void Intents.callAllActivitySinksBad(Activity,String), 20, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void Activity.startIntentSenderForResult(IntentSender,int,Intent,int,int,int) with tainted index 3]
codetoanalyze/java/quandary/Intents.java, void Intents.callAllActivitySinksBad(Activity,String), 21, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void Activity.startIntentSenderFromChild(Activity,IntentSender,int,Intent,int,int,int) with tainted index 4]
codetoanalyze/java/quandary/Intents.java, void Intents.callAllActivitySinksBad(Activity,String), 22, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to ComponentName ContextWrapper.startService(Intent) with tainted index 1]
codetoanalyze/java/quandary/Intents.java, void Intents.callAllActivitySinksBad(Activity,String), 23, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to boolean ContextWrapper.stopService(Intent) with tainted index 1]
codetoanalyze/java/quandary/Intents.java, void Intents.callAllIntentSinks(), 2, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to Intent Intent.parseUri(String,int) with tainted index 0]
codetoanalyze/java/quandary/Intents.java, void Intents.callAllIntentSinks(), 3, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to Intent Intent.getIntent(String) with tainted index 0]
codetoanalyze/java/quandary/Intents.java, void Intents.callAllIntentSinks(), 4, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to Intent Intent.getIntentOld(String) with tainted index 0]
codetoanalyze/java/quandary/Intents.java, void Intents.callAllIntentSinks(), 8, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to Intent Intent.setClassName(String,String) with tainted index 1]
codetoanalyze/java/quandary/Intents.java, void Intents.callAllIntentSinks(), 9, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to Intent Intent.setData(Uri) with tainted index 1]
codetoanalyze/java/quandary/Intents.java, void Intents.callAllIntentSinks(), 10, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to Intent Intent.setDataAndNormalize(Uri) with tainted index 1]
codetoanalyze/java/quandary/Intents.java, void Intents.callAllIntentSinks(), 11, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to Intent Intent.setDataAndType(Uri,String) with tainted index 1]
codetoanalyze/java/quandary/Intents.java, void Intents.callAllIntentSinks(), 12, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to Intent Intent.setDataAndTypeAndNormalize(Uri,String) with tainted index 1]
codetoanalyze/java/quandary/Intents.java, void Intents.callAllIntentSinks(), 13, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to Intent Intent.setPackage(String) with tainted index 1]
codetoanalyze/java/quandary/Intents.java, void Intents.extraToDataBad(), 5, UNTRUSTED_INTENT_CREATION, no_bucket, ERROR, [Return from String Intent.getStringExtra(String),Call to Intent Intent.setData(Uri) with tainted index 1]
codetoanalyze/java/quandary/Intents.java, void Intents.extraToDataBad(), 7, UNTRUSTED_INTENT_CREATION, no_bucket, ERROR, [Return from String Intent.getStringExtra(String),Call to Intent Intent.setData(Uri) with tainted index 1]
codetoanalyze/java/quandary/Intents.java, void Intents.startWithUri1Bad(Uri), 1, CREATE_INTENT_FROM_URI, no_bucket, ERROR, [Return from Intent.<init>(String,Uri),Call to void Activity.startActivity(Intent) with tainted index 1]
codetoanalyze/java/quandary/Intents.java, void Intents.startWithUri2Bad(Uri), 1, CREATE_INTENT_FROM_URI, no_bucket, ERROR, [Return from Intent.<init>(String,Uri,Context,Class),Call to void Activity.startActivity(Intent) with tainted index 1]
codetoanalyze/java/quandary/Intents.java, void Intents.subclassCallBad(IntentSubclass,ContextSubclass), 3, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void Context.startActivity(Intent) with tainted index 1]
codetoanalyze/java/quandary/Intents.java, void MyActivity.startServiceWithTaintedIntent(), 2, CREATE_INTENT_FROM_URI, no_bucket, ERROR, [Return from Intent.<init>(String,Uri),Call to ComponentName ContextWrapper.startService(Intent) with tainted index 1]
codetoanalyze/java/quandary/Interprocedural.java, Object Interprocedural.irrelevantPassthroughsIntraprocedural(Object), 4, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Interprocedural.java, Object Interprocedural.irrelevantPassthroughsSinkInterprocedural(Object), 3, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to Object Interprocedural.callSinkIrrelevantPassthrough(Object) with tainted index 0,Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Interprocedural.java, Object Interprocedural.irrelevantPassthroughsSourceAndSinkInterprocedural(Object), 4, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource() with tainted data return,Return from Object Interprocedural.returnSourceIrrelevantPassthrough(Object),Call to Object Interprocedural.callSinkIrrelevantPassthrough(Object) with tainted index 0,Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Interprocedural.java, Object Interprocedural.irrelevantPassthroughsSourceInterprocedural(Object), 4, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource() with tainted data return,Return from Object Interprocedural.returnSourceIrrelevantPassthrough(Object),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Interprocedural.java, void Interprocedural.FP_divergenceInCallee(), 3, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Interprocedural.java, void Interprocedural.FP_reassignInCallee(), 4, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Interprocedural.java, void Interprocedural.FP_trackParamsOk(), 1, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource() with tainted data return*,Return from Object Interprocedural.returnSourceConditional(boolean),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Interprocedural.java, void Interprocedural.callDeepSink1Bad(), 2, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void Interprocedural.callSinkA(Interprocedural$Obj) with tainted index 1,Call to void Interprocedural.callSink1(Interprocedural$Obj) with tainted index 1,Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Interprocedural.java, void Interprocedural.callDeepSink3Bad(), 2, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void Interprocedural.callSinkC(Interprocedural$Obj) with tainted index 1,Call to void Interprocedural.callSink3(Interprocedural$Obj) with tainted index 1,Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Interprocedural.java, void Interprocedural.callDeepSink4Bad(), 2, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void Interprocedural.callSinkD(Interprocedural$Obj) with tainted index 1,Call to void Interprocedural.callSink4(Interprocedural$Obj) with tainted index 1,Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Interprocedural.java, void Interprocedural.callDeepSinkIndirectBad(), 2, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void Interprocedural.callSinkIndirectOnParam(Object) with tainted index 1,Call to void Interprocedural.callSinkOnParam(Object) with tainted index 1,Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Interprocedural.java, void Interprocedural.callSinkNoTripleReportBad(), 2, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void Interprocedural.callSinkParam1(Object,Object) with tainted index 0,Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Interprocedural.java, void Interprocedural.callSinkNoTripleReportBad(), 3, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void Interprocedural.callSinkParam2(Object,Object) with tainted index 1,Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Interprocedural.java, void Interprocedural.callSinkOnFieldDirectBad(), 2, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void Interprocedural.callSinkOnFieldDirect() with tainted index 0,Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Interprocedural.java, void Interprocedural.callSinkOnFieldIndirectBad(), 3, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void Interprocedural.callSinkOnFieldIndirect(Interprocedural$Obj) with tainted index 0,Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Interprocedural.java, void Interprocedural.callSinkOnGlobalBad(), 2, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void Interprocedural.callSinkOnGlobal(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Interprocedural.java, void Interprocedural.callSinkOnLocalBad(), 2, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void Interprocedural.callSinkOnLocal() with tainted index 0,Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Interprocedural.java, void Interprocedural.callSinkParam1Bad(), 1, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void Interprocedural.callSinkParam1(Object,Object) with tainted index 0,Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Interprocedural.java, void Interprocedural.callSinkParam2Bad(), 1, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void Interprocedural.callSinkParam2(Object,Object) with tainted index 1,Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Interprocedural.java, void Interprocedural.callSinkThenDivergeBad(), 1, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void Interprocedural.callSinkThenDiverge(Object) with tainted index 0,Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Interprocedural.java, void Interprocedural.callSinkVariadicBad(), 1, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void Interprocedural.callSinkVariadic(java.lang.Object[]) with tainted index 0,Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Interprocedural.java, void Interprocedural.doublePassthroughBad(), 4, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Interprocedural.java, void Interprocedural.getGlobalThenCallSinkBad(), 2, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void Interprocedural.getGlobalThenCallSink(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Interprocedural.java, void Interprocedural.returnSourceDirectBad(), 1, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource() with tainted data return*,Return from Object Interprocedural.returnSourceDirect(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Interprocedural.java, void Interprocedural.returnSourceDirectViaVarBad(), 2, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource() with tainted data return*,Return from Object Interprocedural.returnSourceDirect(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Interprocedural.java, void Interprocedural.returnSourceIndirectBad(), 1, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource() with tainted data return*,Return from Object Interprocedural.returnSourceDirect() with tainted data return*,Return from Object Interprocedural.returnSourceIndirect(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Interprocedural.java, void Interprocedural.returnSourceViaFieldBad(), 1, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource() with tainted data return.codetoanalyze.java.quandary.Interprocedural$Obj.f*,Return from Interprocedural$Obj Interprocedural.returnSourceViaField(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Interprocedural.java, void Interprocedural.returnSourceViaGlobalBad(), 2, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource() with tainted data quandary.Interprocedural.codetoanalyze.java.quandary.Interprocedural.sGlobal*,Return from void Interprocedural.returnSourceViaGlobal(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Interprocedural.java, void Interprocedural.returnSourceViaParameter1Bad(Interprocedural$Obj), 2, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource() with tainted data @val$0.codetoanalyze.java.quandary.Interprocedural$Obj.f*,Return from void Interprocedural.returnSourceViaParameter1(Interprocedural$Obj),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Interprocedural.java, void Interprocedural.returnSourceViaParameter2Bad(Interprocedural$Obj,Interprocedural$Obj), 3, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Interprocedural.java, void Interprocedural.setGlobalThenCallSinkBad(), 2, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void Interprocedural.callSinkOnGlobal(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Interprocedural.java, void Interprocedural.singlePassthroughBad(), 3, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 36, LOGGING_PRIVATE_DATA, no_bucket, ERROR, [Return from String TelephonyManager.getVoiceMailNumber(),Call to int Log.e(String,String) with tainted index 1]
codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 36, LOGGING_PRIVATE_DATA, no_bucket, ERROR, [Return from float Location.getSpeed(),Call to int Log.e(String,String) with tainted index 1]
codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 36, LOGGING_PRIVATE_DATA, no_bucket, ERROR, [Return from String TelephonyManager.getDeviceId(),Call to int Log.e(String,String) with tainted index 1]
codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 36, LOGGING_PRIVATE_DATA, no_bucket, ERROR, [Return from String TelephonyManager.getSimSerialNumber(),Call to int Log.e(String,String) with tainted index 1]
codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 36, LOGGING_PRIVATE_DATA, no_bucket, ERROR, [Return from String TelephonyManager.getLine1Number(),Call to int Log.e(String,String) with tainted index 1]
codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 36, LOGGING_PRIVATE_DATA, no_bucket, ERROR, [Return from double Location.getAltitude(),Call to int Log.e(String,String) with tainted index 1]
codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 36, LOGGING_PRIVATE_DATA, no_bucket, ERROR, [Return from String TelephonyManager.getSubscriberId(),Call to int Log.e(String,String) with tainted index 1]
codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 36, LOGGING_PRIVATE_DATA, no_bucket, ERROR, [Return from double Location.getLongitude(),Call to int Log.e(String,String) with tainted index 1]
codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 36, LOGGING_PRIVATE_DATA, no_bucket, ERROR, [Return from float Location.getBearing(),Call to int Log.e(String,String) with tainted index 1]
codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 36, LOGGING_PRIVATE_DATA, no_bucket, ERROR, [Return from double Location.getLatitude(),Call to int Log.e(String,String) with tainted index 1]
codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 37, LOGGING_PRIVATE_DATA, no_bucket, ERROR, [Return from String TelephonyManager.getSubscriberId(),Call to int Log.println(int,String,String) with tainted index 2]
codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 37, LOGGING_PRIVATE_DATA, no_bucket, ERROR, [Return from String TelephonyManager.getDeviceId(),Call to int Log.println(int,String,String) with tainted index 2]
codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 37, LOGGING_PRIVATE_DATA, no_bucket, ERROR, [Return from double Location.getLongitude(),Call to int Log.println(int,String,String) with tainted index 2]
codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 37, LOGGING_PRIVATE_DATA, no_bucket, ERROR, [Return from String TelephonyManager.getLine1Number(),Call to int Log.println(int,String,String) with tainted index 2]
codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 37, LOGGING_PRIVATE_DATA, no_bucket, ERROR, [Return from double Location.getAltitude(),Call to int Log.println(int,String,String) with tainted index 2]
codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 37, LOGGING_PRIVATE_DATA, no_bucket, ERROR, [Return from String TelephonyManager.getVoiceMailNumber(),Call to int Log.println(int,String,String) with tainted index 2]
codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 37, LOGGING_PRIVATE_DATA, no_bucket, ERROR, [Return from float Location.getBearing(),Call to int Log.println(int,String,String) with tainted index 2]
codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 37, LOGGING_PRIVATE_DATA, no_bucket, ERROR, [Return from double Location.getLatitude(),Call to int Log.println(int,String,String) with tainted index 2]
codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 37, LOGGING_PRIVATE_DATA, no_bucket, ERROR, [Return from float Location.getSpeed(),Call to int Log.println(int,String,String) with tainted index 2]
codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 37, LOGGING_PRIVATE_DATA, no_bucket, ERROR, [Return from String TelephonyManager.getSimSerialNumber(),Call to int Log.println(int,String,String) with tainted index 2]
codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 38, LOGGING_PRIVATE_DATA, no_bucket, ERROR, [Return from String TelephonyManager.getSimSerialNumber(),Call to int Log.w(String,String) with tainted index 1]
codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 38, LOGGING_PRIVATE_DATA, no_bucket, ERROR, [Return from String TelephonyManager.getSubscriberId(),Call to int Log.w(String,String) with tainted index 1]
codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 38, LOGGING_PRIVATE_DATA, no_bucket, ERROR, [Return from String TelephonyManager.getVoiceMailNumber(),Call to int Log.w(String,String) with tainted index 1]
codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 38, LOGGING_PRIVATE_DATA, no_bucket, ERROR, [Return from double Location.getAltitude(),Call to int Log.w(String,String) with tainted index 1]
codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 38, LOGGING_PRIVATE_DATA, no_bucket, ERROR, [Return from double Location.getLatitude(),Call to int Log.w(String,String) with tainted index 1]
codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 38, LOGGING_PRIVATE_DATA, no_bucket, ERROR, [Return from float Location.getBearing(),Call to int Log.w(String,String) with tainted index 1]
codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 38, LOGGING_PRIVATE_DATA, no_bucket, ERROR, [Return from double Location.getLongitude(),Call to int Log.w(String,String) with tainted index 1]
codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 38, LOGGING_PRIVATE_DATA, no_bucket, ERROR, [Return from String TelephonyManager.getLine1Number(),Call to int Log.w(String,String) with tainted index 1]
codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 38, LOGGING_PRIVATE_DATA, no_bucket, ERROR, [Return from String TelephonyManager.getDeviceId(),Call to int Log.w(String,String) with tainted index 1]
codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 38, LOGGING_PRIVATE_DATA, no_bucket, ERROR, [Return from float Location.getSpeed(),Call to int Log.w(String,String) with tainted index 1]
codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 39, LOGGING_PRIVATE_DATA, no_bucket, ERROR, [Return from String TelephonyManager.getVoiceMailNumber(),Call to int Log.wtf(String,String) with tainted index 1]
codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 39, LOGGING_PRIVATE_DATA, no_bucket, ERROR, [Return from float Location.getSpeed(),Call to int Log.wtf(String,String) with tainted index 1]
codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 39, LOGGING_PRIVATE_DATA, no_bucket, ERROR, [Return from double Location.getLongitude(),Call to int Log.wtf(String,String) with tainted index 1]
codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 39, LOGGING_PRIVATE_DATA, no_bucket, ERROR, [Return from String TelephonyManager.getSubscriberId(),Call to int Log.wtf(String,String) with tainted index 1]
codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 39, LOGGING_PRIVATE_DATA, no_bucket, ERROR, [Return from String TelephonyManager.getSimSerialNumber(),Call to int Log.wtf(String,String) with tainted index 1]
codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 39, LOGGING_PRIVATE_DATA, no_bucket, ERROR, [Return from double Location.getLatitude(),Call to int Log.wtf(String,String) with tainted index 1]
codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 39, LOGGING_PRIVATE_DATA, no_bucket, ERROR, [Return from double Location.getAltitude(),Call to int Log.wtf(String,String) with tainted index 1]
codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 39, LOGGING_PRIVATE_DATA, no_bucket, ERROR, [Return from float Location.getBearing(),Call to int Log.wtf(String,String) with tainted index 1]
codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 39, LOGGING_PRIVATE_DATA, no_bucket, ERROR, [Return from String TelephonyManager.getDeviceId(),Call to int Log.wtf(String,String) with tainted index 1]
codetoanalyze/java/quandary/LoggingPrivateData.java, void LoggingPrivateData.logAllSourcesBad(Location,TelephonyManager), 39, LOGGING_PRIVATE_DATA, no_bucket, ERROR, [Return from String TelephonyManager.getLine1Number(),Call to int Log.wtf(String,String) with tainted index 1]
codetoanalyze/java/quandary/Recursion.java, void Recursion.callSinkThenDivergeBad(), 1, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void Recursion.callSinkThenDiverge(Object) with tainted index 0,Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Recursion.java, void Recursion.safeRecursionCallSinkBad(), 1, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void Recursion.safeRecursionCallSink(int,Object) with tainted index 1,Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Serialization.java, Object Serialization.taintedObjectInputStreamBad(), 2, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to ObjectInputStream.<init>(InputStream) with tainted index 1]
codetoanalyze/java/quandary/Services.java, void Service1.packageProtectedServiceMethodBad(String), 1, SHELL_INJECTION_RISK, no_bucket, ERROR, [Return from void Service1.packageProtectedServiceMethodBad(String),Call to Process Runtime.exec(String) with tainted index 1]
codetoanalyze/java/quandary/Services.java, void Service1.paramToSql1Bad(String), 1, SQL_INJECTION_RISK, no_bucket, ERROR, [Return from void Service1.paramToSql1Bad(String),Call to boolean Statement.execute(String) with tainted index 1]
codetoanalyze/java/quandary/Services.java, void Service1.paramToSql2Bad(String), 1, USER_CONTROLLED_SQL_RISK, no_bucket, ERROR, [Return from void Service1.paramToSql2Bad(String),Call to long Statement.executeLargeUpdate(String) with tainted index 1]
codetoanalyze/java/quandary/Services.java, void Service1.paramToSql3Bad(String), 1, USER_CONTROLLED_SQL_RISK, no_bucket, ERROR, [Return from void Service1.paramToSql3Bad(String),Call to ResultSet Statement.executeQuery(String) with tainted index 1]
codetoanalyze/java/quandary/Services.java, void Service1.paramToSql4Bad(String), 1, USER_CONTROLLED_SQL_RISK, no_bucket, ERROR, [Return from void Service1.paramToSql4Bad(String),Call to int Statement.executeUpdate(String) with tainted index 1]
codetoanalyze/java/quandary/Services.java, void Service1.paramToSql5Bad(String), 1, SQL_INJECTION_RISK, no_bucket, ERROR, [Return from void Service1.paramToSql5Bad(String),Call to void Statement.addBatch(String) with tainted index 1]
codetoanalyze/java/quandary/Services.java, void Service1.serviceMethodBad(String), 1, SHELL_INJECTION_RISK, no_bucket, ERROR, [Return from void Service1.serviceMethodBad(String),Call to Process Runtime.exec(String) with tainted index 1]
codetoanalyze/java/quandary/Strings.java, void Strings.viaFormatterBad(), 3, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Strings.java, void Strings.viaFormatterIgnoreReturnBad(), 4, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Strings.java, void Strings.viaStringBufferBad(), 3, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Strings.java, void Strings.viaStringBufferIgnoreReturnBad(), 4, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Strings.java, void Strings.viaStringBuilderBad(), 3, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Strings.java, void Strings.viaStringBuilderIgnoreReturnBad(), 5, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Strings.java, void Strings.viaStringBuilderSugarBad(), 2, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Strings.java, void Strings.viaStringFormatVarArgsDirectBad(), 3, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Strings.java, void Strings.viaStringFormatVarArgsIndirectBad(), 1, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void Strings.viaStringFormatVarArgsIndirect(Object) with tainted index 1,Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/TaintExample.java, void TaintExample.interprocTaintErrorWithModelMethods1(), 1, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource() with tainted data return*,Return from Object TaintExample.returnTaintedSourceModelMethods(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/TaintExample.java, void TaintExample.interprocTaintErrorWithModelMethods2(), 1, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void TaintExample.callSinkMethodModelMethods(Object) with tainted index 1,Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/TaintExample.java, void TaintExample.interprocTaintErrorWithModelMethods3(), 1, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource() with tainted data return*,Return from Object TaintExample.returnTaintedSourceModelMethods(),Call to void TaintExample.callSinkMethodModelMethods(Object) with tainted index 1,Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/TaintExample.java, void TaintExample.simpleTaintErrorWithModelMethods(), 2, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/TaintedFormals.java, void TaintedFormals.callTaintedContextBad1(String), 2, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object TaintedFormals.taintedContextBad(String) with tainted data return*,Return from Object TaintedFormals.taintedContextBad(String),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/TaintedFormals.java, void TaintedFormals.callTaintedContextBad2(), 1, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void TaintedFormals.taintedContextBad(String,Intent,Integer) with tainted index 2,Call to ComponentName ContextWrapper.startService(Intent) with tainted index 1]
codetoanalyze/java/quandary/TaintedFormals.java, void TaintedFormals.taintedContextBad(String,Intent,Integer), 3, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from void TaintedFormals.taintedContextBad(String,Intent,Integer),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/TaintedFormals.java, void TaintedFormals.taintedContextBad(String,Intent,Integer), 4, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from void TaintedFormals.taintedContextBad(String,Intent,Integer),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/TaintedFormals.java, void TaintedFormals.taintedContextBad(String,Intent,Integer), 5, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from void TaintedFormals.taintedContextBad(String,Intent,Integer),Call to void TaintedFormals.callSink(Object) with tainted index 1,Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/TaintedFormals.java, void TaintedFormals.taintedContextBad(String,Intent,Integer), 6, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from void TaintedFormals.taintedContextBad(String,Intent,Integer),Call to void TaintedFormals.callSink(Object) with tainted index 1,Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/Traces.java, void Traces.sourceMethod(), 2, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void Traces.callSameSink(Obj,Obj,Obj,Obj) with tainted index 2,Call to void Traces.callMySinkIndirect(Obj) with tainted index 1,Call to void Traces.callMySink(Obj) with tainted index 1,Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/UnknownCode.java, void UnknownCode.callPropagateFootprintBad(), 1, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void UnknownCode.propagateFootprint(String) with tainted index 1,Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/UnknownCode.java, void UnknownCode.callUnknownSetterBad(Intent), 4, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/UnknownCode.java, void UnknownCode.propagateEmptyBad(), 6, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/UnknownCode.java, void UnknownCode.propagateEmptyBad(), 7, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/UnknownCode.java, void UnknownCode.propagateViaInterfaceCodeBad(UnknownCode$Interface), 3, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/UnknownCode.java, void UnknownCode.propagateViaUnknownAbstractCodeBad(), 3, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/UnknownCode.java, void UnknownCode.propagateViaUnknownConstructorBad(), 4, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/UnknownCode.java, void UnknownCode.propagateViaUnknownNativeCodeBad(), 3, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/UserControlledStrings.java, ProcessBuilder UserControlledStrings.clipboardToProcessBuilder1Bad(), 1, SHELL_INJECTION, no_bucket, ERROR, [Return from CharSequence ClipboardManager.getText(),Call to ProcessBuilder.<init>(java.lang.String[]) with tainted index 1]
codetoanalyze/java/quandary/UserControlledStrings.java, ProcessBuilder UserControlledStrings.clipboardToProcessBuilder2Bad(), 1, SHELL_INJECTION, no_bucket, ERROR, [Return from CharSequence ClipboardManager.getText(),Call to ProcessBuilder.<init>(java.lang.String[]) with tainted index 1]
codetoanalyze/java/quandary/UserControlledStrings.java, ProcessBuilder UserControlledStrings.clipboardToProcessBuilder3Bad(ProcessBuilder), 1, SHELL_INJECTION, no_bucket, ERROR, [Return from CharSequence ClipboardManager.getText(),Call to ProcessBuilder ProcessBuilder.command(java.lang.String[]) with tainted index 1]
codetoanalyze/java/quandary/UserControlledStrings.java, ProcessBuilder UserControlledStrings.clipboardToProcessBuilder4Bad(ProcessBuilder), 3, SHELL_INJECTION, no_bucket, ERROR, [Return from CharSequence ClipboardManager.getText(),Call to ProcessBuilder ProcessBuilder.command(List) with tainted index 1]
codetoanalyze/java/quandary/UserControlledStrings.java, Spanned UserControlledStrings.clipboardToHtmlBad(), 1, CROSS_SITE_SCRIPTING, no_bucket, ERROR, [Return from CharSequence ClipboardManager.getText(),Call to Spanned Html.fromHtml(String) with tainted index 0]
codetoanalyze/java/quandary/UserControlledStrings.java, Spanned UserControlledStrings.editTextToHtmlBad(), 1, CROSS_SITE_SCRIPTING, no_bucket, ERROR, [Return from Editable EditText.getText(),Call to Spanned Html.fromHtml(String) with tainted index 0]
codetoanalyze/java/quandary/UserControlledStrings.java, void UserControlledStrings.clipboardToShellArrayBad(), 2, SHELL_INJECTION, no_bucket, ERROR, [Return from CharSequence ClipboardManager.getText(),Call to Process Runtime.exec(java.lang.String[]) with tainted index 1]
codetoanalyze/java/quandary/UserControlledStrings.java, void UserControlledStrings.clipboardToShellDirectBad(), 1, SHELL_INJECTION, no_bucket, ERROR, [Return from CharSequence ClipboardManager.getText(),Call to Process Runtime.exec(String) with tainted index 1]
codetoanalyze/java/quandary/UserControlledStrings.java, void UserControlledStrings.readClipboardSourcesBad(), 1, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from CharSequence ClipboardManager.getText(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/UserControlledStrings.java, void UserControlledStrings.readClipboardSourcesBad(), 2, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from ClipData ClipboardManager.getPrimaryClip(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/UserControlledStrings.java, void UserControlledStrings.readClipboardSourcesBad(), 3, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from ClipData ClipboardManager.getPrimaryClip(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/UserControlledStrings.java, void UserControlledStrings.readClipboardSourcesBad(), 4, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from ClipData ClipboardManager.getPrimaryClip(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/UserControlledStrings.java, void UserControlledStrings.readClipboardSourcesBad(), 5, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from ClipData ClipboardManager.getPrimaryClip(),Call to void InferTaint.inferSensitiveSink(Object) with tainted index 0]
codetoanalyze/java/quandary/WebViews.java, File WebViews$MyWebViewClient.webResourceToFileBad(WebResourceRequest), 1, UNTRUSTED_FILE, no_bucket, ERROR, [Return from Uri WebResourceRequest.getUrl(),Call to File.<init>(String) with tainted index 1]
codetoanalyze/java/quandary/WebViews.java, WebResourceResponse WebViews$MyWebViewClient.shouldInterceptRequest(WebView,WebResourceRequest), 1, CREATE_INTENT_FROM_URI, no_bucket, ERROR, [Return from Intent.<init>(String,Uri),Call to void Activity.startActivity(Intent) with tainted index 1]
codetoanalyze/java/quandary/WebViews.java, boolean WebViews$MyWebChromeClient.onJsAlert(WebView,String,String,JsResult), 2, UNTRUSTED_INTENT_CREATION, no_bucket, ERROR, [Return from boolean WebViews$MyWebChromeClient.onJsAlert(WebView,String,String,JsResult),Call to Intent Intent.parseUri(String,int) with tainted index 0]
codetoanalyze/java/quandary/WebViews.java, boolean WebViews$MyWebChromeClient.onJsAlert(WebView,String,String,JsResult), 3, CREATE_INTENT_FROM_URI, no_bucket, ERROR, [Return from Intent Intent.parseUri(String,int),Call to void Activity.startActivity(Intent) with tainted index 1]
codetoanalyze/java/quandary/WebViews.java, boolean WebViews$MyWebChromeClient.onJsBeforeUnload(WebView,String,String,JsResult), 2, UNTRUSTED_INTENT_CREATION, no_bucket, ERROR, [Return from boolean WebViews$MyWebChromeClient.onJsBeforeUnload(WebView,String,String,JsResult),Call to Intent Intent.parseUri(String,int) with tainted index 0]
codetoanalyze/java/quandary/WebViews.java, boolean WebViews$MyWebChromeClient.onJsBeforeUnload(WebView,String,String,JsResult), 3, CREATE_INTENT_FROM_URI, no_bucket, ERROR, [Return from Intent Intent.parseUri(String,int),Call to void Activity.startActivity(Intent) with tainted index 1]
codetoanalyze/java/quandary/WebViews.java, boolean WebViews$MyWebChromeClient.onJsConfirm(WebView,String,String,JsResult), 2, UNTRUSTED_INTENT_CREATION, no_bucket, ERROR, [Return from boolean WebViews$MyWebChromeClient.onJsConfirm(WebView,String,String,JsResult),Call to Intent Intent.parseUri(String,int) with tainted index 0]
codetoanalyze/java/quandary/WebViews.java, boolean WebViews$MyWebChromeClient.onJsConfirm(WebView,String,String,JsResult), 3, CREATE_INTENT_FROM_URI, no_bucket, ERROR, [Return from Intent Intent.parseUri(String,int),Call to void Activity.startActivity(Intent) with tainted index 1]
codetoanalyze/java/quandary/WebViews.java, boolean WebViews$MyWebChromeClient.onJsPrompt(WebView,String,String,String,JsPromptResult), 2, UNTRUSTED_INTENT_CREATION, no_bucket, ERROR, [Return from boolean WebViews$MyWebChromeClient.onJsPrompt(WebView,String,String,String,JsPromptResult),Call to Intent Intent.parseUri(String,int) with tainted index 0]
codetoanalyze/java/quandary/WebViews.java, boolean WebViews$MyWebChromeClient.onJsPrompt(WebView,String,String,String,JsPromptResult), 3, CREATE_INTENT_FROM_URI, no_bucket, ERROR, [Return from Intent Intent.parseUri(String,int),Call to void Activity.startActivity(Intent) with tainted index 1]
codetoanalyze/java/quandary/WebViews.java, boolean WebViews$MyWebViewClient.shouldOverrideUrlLoading(WebView,String), 2, UNTRUSTED_INTENT_CREATION, no_bucket, ERROR, [Return from boolean WebViews$MyWebViewClient.shouldOverrideUrlLoading(WebView,String),Call to Intent Intent.parseUri(String,int) with tainted index 0]
codetoanalyze/java/quandary/WebViews.java, boolean WebViews$MyWebViewClient.shouldOverrideUrlLoading(WebView,String), 3, CREATE_INTENT_FROM_URI, no_bucket, ERROR, [Return from Intent Intent.parseUri(String,int),Call to void Activity.startActivity(Intent) with tainted index 1]
codetoanalyze/java/quandary/WebViews.java, void WebViews$MyWebViewClient.onLoadResource(WebView,String), 2, UNTRUSTED_INTENT_CREATION, no_bucket, ERROR, [Return from void WebViews$MyWebViewClient.onLoadResource(WebView,String),Call to Intent Intent.parseUri(String,int) with tainted index 0]
codetoanalyze/java/quandary/WebViews.java, void WebViews$MyWebViewClient.onLoadResource(WebView,String), 3, CREATE_INTENT_FROM_URI, no_bucket, ERROR, [Return from Intent Intent.parseUri(String,int),Call to void Activity.startActivity(Intent) with tainted index 1]
codetoanalyze/java/quandary/WebViews.java, void WebViews.callWebviewSinks(WebView), 3, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void WebView.evaluateJavascript(String,ValueCallback) with tainted index 1]
codetoanalyze/java/quandary/WebViews.java, void WebViews.callWebviewSinks(WebView), 4, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void WebView.loadData(String,String,String) with tainted index 1]
codetoanalyze/java/quandary/WebViews.java, void WebViews.callWebviewSinks(WebView), 5, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void WebView.loadDataWithBaseURL(String,String,String,String,String) with tainted index 2]
codetoanalyze/java/quandary/WebViews.java, void WebViews.callWebviewSinks(WebView), 6, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void WebView.loadUrl(String) with tainted index 1]
codetoanalyze/java/quandary/WebViews.java, void WebViews.callWebviewSinks(WebView), 7, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void WebView.postUrl(String,byte[]) with tainted index 1]
codetoanalyze/java/quandary/WebViews.java, void WebViews.callWebviewSinks(WebView), 8, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void WebView.postWebMessage(WebMessage,Uri) with tainted index 2]
codetoanalyze/java/quandary/WebViews.java, void WebViews.callWebviewSubclassSink(WebViews$MyWebView), 2, QUANDARY_TAINT_ERROR, no_bucket, ERROR, [Return from Object InferTaint.inferSecretSource(),Call to void WebView.evaluateJavascript(String,ValueCallback) with tainted index 1]

Write Preview
Loading…
Cancel
Save