From cfa2dd5f831b7a35473a21bc163b479e2fcd1764 Mon Sep 17 00:00:00 2001 From: Sam Blackshear Date: Fri, 13 Apr 2018 13:39:39 -0700 Subject: [PATCH] [quandary] pass call flags to sink creation Reviewed By: mbouaziz Differential Revision: D7607708 fbshipit-source-id: e78fb97 --- infer/src/checkers/Sink.ml | 8 ++++---- infer/src/checkers/Sink.mli | 4 ++-- infer/src/checkers/SinkTrace.ml | 2 +- infer/src/quandary/ClangTrace.ml | 2 +- infer/src/quandary/JavaTrace.ml | 2 +- infer/src/quandary/TaintAnalysis.ml | 9 ++++++--- infer/src/unit/TaintTests.ml | 2 +- 7 files changed, 16 insertions(+), 13 deletions(-) diff --git a/infer/src/checkers/Sink.ml b/infer/src/checkers/Sink.ml index f6b79e2c9..e9437eb4a 100644 --- a/infer/src/checkers/Sink.ml +++ b/infer/src/checkers/Sink.ml @@ -14,13 +14,13 @@ module L = Logging module type Kind = sig include TraceElem.Kind - val get : Typ.Procname.t -> HilExp.t list -> Tenv.t -> (t * IntSet.t) option + val get : Typ.Procname.t -> HilExp.t list -> CallFlags.t -> Tenv.t -> (t * IntSet.t) option end module type S = sig include TraceElem.S - val get : CallSite.t -> HilExp.t list -> Tenv.t -> t option + val get : CallSite.t -> HilExp.t list -> CallFlags.t -> Tenv.t -> t option val indexes : t -> IntSet.t end @@ -38,8 +38,8 @@ module Make (Kind : Kind) = struct let make ?(indexes= IntSet.empty) kind site = {kind; site; indexes} - let get site actuals tenv = - match Kind.get (CallSite.pname site) actuals tenv with + let get site actuals call_flags tenv = + match Kind.get (CallSite.pname site) actuals call_flags tenv with | Some (kind, indexes) -> Some {kind; site; indexes} | None -> diff --git a/infer/src/checkers/Sink.mli b/infer/src/checkers/Sink.mli index 009c9f20b..a63a45ea0 100644 --- a/infer/src/checkers/Sink.mli +++ b/infer/src/checkers/Sink.mli @@ -12,14 +12,14 @@ open! IStd module type Kind = sig include TraceElem.Kind - val get : Typ.Procname.t -> HilExp.t list -> Tenv.t -> (t * IntSet.t) option + val get : Typ.Procname.t -> HilExp.t list -> CallFlags.t -> Tenv.t -> (t * IntSet.t) option (** return Some kind if the given procname/actuals are a sink, None otherwise *) end module type S = sig include TraceElem.S - val get : CallSite.t -> HilExp.t list -> Tenv.t -> t option + val get : CallSite.t -> HilExp.t list -> CallFlags.t -> Tenv.t -> t option (** return Some sink if the given call site/actuals are a sink, None otherwise *) val indexes : t -> IntSet.t diff --git a/infer/src/checkers/SinkTrace.ml b/infer/src/checkers/SinkTrace.ml index e4701e633..9356e6c99 100644 --- a/infer/src/checkers/SinkTrace.ml +++ b/infer/src/checkers/SinkTrace.ml @@ -32,7 +32,7 @@ end module MakeSink (TraceElem : TraceElem.S) = struct include TraceElem - let get _ _ _ = None + let get _ _ _ _ = None let indexes _ = IntSet.empty end diff --git a/infer/src/quandary/ClangTrace.ml b/infer/src/quandary/ClangTrace.ml index df856314e..d1c5f2c70 100644 --- a/infer/src/quandary/ClangTrace.ml +++ b/infer/src/quandary/ClangTrace.ml @@ -271,7 +271,7 @@ module SinkKind = struct external_sinks - let get pname actuals _ = + let get pname actuals _ _ = let is_buffer_like pname = (* assume it's a buffer class if it's "vector-y", "array-y", or "string-y". don't want to report on accesses to maps etc., but also want to recognize custom vectors like fbvector diff --git a/infer/src/quandary/JavaTrace.ml b/infer/src/quandary/JavaTrace.ml index 3390c1b6c..817f0c013 100644 --- a/infer/src/quandary/JavaTrace.ml +++ b/infer/src/quandary/JavaTrace.ml @@ -309,7 +309,7 @@ module SinkKind = struct (QuandaryConfig.Sink.of_json Config.quandary_sinks) - let get pname actuals tenv = + let get pname actuals _ tenv = match pname with | Typ.Procname.Java java_pname -> ( diff --git a/infer/src/quandary/TaintAnalysis.ml b/infer/src/quandary/TaintAnalysis.ml index 7f40d13ad..31c3497bf 100644 --- a/infer/src/quandary/TaintAnalysis.ml +++ b/infer/src/quandary/TaintAnalysis.ml @@ -464,7 +464,8 @@ module Make (TaintSpecification : TaintSpec.S) = struct List.map ~f:(fun index_ae -> HilExp.AccessExpression index_ae) indexes in let sinks = - TraceDomain.Sink.get dummy_call_site dummy_actuals proc_data.ProcData.tenv + TraceDomain.Sink.get dummy_call_site dummy_actuals CallFlags.default + proc_data.ProcData.tenv in let astate_acc_result = match sinks with @@ -533,7 +534,7 @@ module Make (TaintSpecification : TaintSpec.S) = struct |> add_sinks_for_access_path lhs_access_expr loc |> exec_write lhs_access_expr rhs_exp | Assume (assume_exp, _, _, loc) -> add_sources_sinks_for_exp assume_exp loc astate - | Call (ret_opt, Direct called_pname, actuals, _, callee_loc) -> + | Call (ret_opt, Direct called_pname, actuals, call_flags, callee_loc) -> let astate = List.fold ~f:(fun acc exp -> add_sources_sinks_for_exp exp callee_loc acc) @@ -666,7 +667,9 @@ module Make (TaintSpecification : TaintSpec.S) = struct let astate_with_sink = if List.is_empty actuals then astate else - match TraceDomain.Sink.get call_site actuals proc_data.ProcData.tenv with + match + TraceDomain.Sink.get call_site actuals call_flags proc_data.ProcData.tenv + with | Some sink -> add_sink sink actuals astate proc_data call_site | None -> diff --git a/infer/src/unit/TaintTests.ml b/infer/src/unit/TaintTests.ml index 451961406..dbfddfdc5 100644 --- a/infer/src/unit/TaintTests.ml +++ b/infer/src/unit/TaintTests.ml @@ -32,7 +32,7 @@ module MockTrace = Trace.Make (struct module Sink = Sink.Make (struct include MockTraceElem - let get pname _ _ = + let get pname _ _ _ = if String.is_prefix ~prefix:"SINK" (Typ.Procname.to_string pname) then Some (CallSite.make pname Location.dummy, IntSet.singleton 0) else None