diff --git a/infer/tests/codetoanalyze/java/quandary/Interprocedural.java b/infer/tests/codetoanalyze/java/quandary/Interprocedural.java index 982f44a6d..35243ff29 100644 --- a/infer/tests/codetoanalyze/java/quandary/Interprocedural.java +++ b/infer/tests/codetoanalyze/java/quandary/Interprocedural.java @@ -219,4 +219,26 @@ class Interprocedural { callSinkVariadic(null, null, InferTaint.inferSecretSource()); } + void diverge() { + for (;;); + } + + // we don't propagate divergence in callees to callers + public void FP_divergenceInCallee() { + Object source = InferTaint.inferSecretSource(); + diverge(); + InferTaint.inferSensitiveSink(source); + } + + public static void callSinkThenDiverge(Object param) { + InferTaint.inferSensitiveSink(param); + for (;;); + } + + // this fails because the exit block in callSinkThenDiverge is unreachable, so the summary is + // empty. + public void FN_callSinkThenDivergeBad() { + callSinkThenDiverge(InferTaint.inferSecretSource()); + } + } diff --git a/infer/tests/codetoanalyze/java/quandary/issues.exp b/infer/tests/codetoanalyze/java/quandary/issues.exp index 2433fb099..27ed1f304 100644 --- a/infer/tests/codetoanalyze/java/quandary/issues.exp +++ b/infer/tests/codetoanalyze/java/quandary/issues.exp @@ -36,6 +36,36 @@ Fields.java:44: ERROR: QUANDARY_TAINT_ERROR Error: Other(Object InferTaint.infer Fields.java:51: ERROR: QUANDARY_TAINT_ERROR Error: Other(Object InferTaint.inferSecretSource() at [line 49]) -> Other(void InferTaint.inferSensitiveSink(Object) at [line 51]) via { } Fields.java:56: ERROR: QUANDARY_TAINT_ERROR Error: Other(Object InferTaint.inferSecretSource() at [line 55]) -> Other(void InferTaint.inferSensitiveSink(Object) at [line 56]) via { } Fields.java:63: ERROR: QUANDARY_TAINT_ERROR Error: Other(Object InferTaint.inferSecretSource() at [line 62]) -> Other(void InferTaint.inferSensitiveSink(Object) at [line 63]) via { } +Intents.java:59: ERROR: QUANDARY_TAINT_ERROR Error: Intent(Intent Intent.parseIntent(Resources,XmlPullParser,AttributeSet) at [line 51]) -> Intent(ComponentName ContextWrapper.startService(Intent) at [line 40]) via { void Intents.callAllSinks(Intent) at [line 59], Intent Intents.returnAllSources() at [line 58] } +Intents.java:59: ERROR: QUANDARY_TAINT_ERROR Error: Intent(Intent Intent.parseIntent(Resources,XmlPullParser,AttributeSet) at [line 51]) -> Intent(boolean Activity.startActivityIfNeeded(Intent,int) at [line 37]) via { void Intents.callAllSinks(Intent) at [line 59], Intent Intents.returnAllSources() at [line 58] } +Intents.java:59: ERROR: QUANDARY_TAINT_ERROR Error: Intent(Intent Intent.parseIntent(Resources,XmlPullParser,AttributeSet) at [line 51]) -> Intent(boolean ContextWrapper.bindService(Intent,ServiceConnection,int) at [line 26]) via { void Intents.callAllSinks(Intent) at [line 59], Intent Intents.returnAllSources() at [line 58] } +Intents.java:59: ERROR: QUANDARY_TAINT_ERROR Error: Intent(Intent Intent.parseIntent(Resources,XmlPullParser,AttributeSet) at [line 51]) -> Intent(void Activity.startActivities(android.content.Intent[]) at [line 34]) via { void Intents.callAllSinks(Intent) at [line 59], Intent Intents.returnAllSources() at [line 58] } +Intents.java:59: ERROR: QUANDARY_TAINT_ERROR Error: Intent(Intent Intent.parseIntent(Resources,XmlPullParser,AttributeSet) at [line 51]) -> Intent(void Activity.startActivity(Intent) at [line 35]) via { void Intents.callAllSinks(Intent) at [line 59], Intent Intents.returnAllSources() at [line 58] } +Intents.java:59: ERROR: QUANDARY_TAINT_ERROR Error: Intent(Intent Intent.parseIntent(Resources,XmlPullParser,AttributeSet) at [line 51]) -> Intent(void Activity.startActivityForResult(Intent,int) at [line 36]) via { void Intents.callAllSinks(Intent) at [line 59], Intent Intents.returnAllSources() at [line 58] } +Intents.java:59: ERROR: QUANDARY_TAINT_ERROR Error: Intent(Intent Intent.parseIntent(Resources,XmlPullParser,AttributeSet) at [line 51]) -> Intent(void Activity.startActivityFromChild(Activity,Intent,int) at [line 38]) via { void Intents.callAllSinks(Intent) at [line 59], Intent Intents.returnAllSources() at [line 58] } +Intents.java:59: ERROR: QUANDARY_TAINT_ERROR Error: Intent(Intent Intent.parseIntent(Resources,XmlPullParser,AttributeSet) at [line 51]) -> Intent(void Activity.startActivityFromFragment(Fragment,Intent,int) at [line 39]) via { void Intents.callAllSinks(Intent) at [line 59], Intent Intents.returnAllSources() at [line 58] } +Intents.java:59: ERROR: QUANDARY_TAINT_ERROR Error: Intent(Intent Intent.parseIntent(Resources,XmlPullParser,AttributeSet) at [line 51]) -> Intent(void ContextWrapper.sendBroadcast(Intent) at [line 27]) via { void Intents.callAllSinks(Intent) at [line 59], Intent Intents.returnAllSources() at [line 58] } +Intents.java:59: ERROR: QUANDARY_TAINT_ERROR Error: Intent(Intent Intent.parseIntent(Resources,XmlPullParser,AttributeSet) at [line 51]) -> Intent(void ContextWrapper.sendBroadcastAsUser(Intent,UserHandle) at [line 28]) via { void Intents.callAllSinks(Intent) at [line 59], Intent Intents.returnAllSources() at [line 58] } +Intents.java:59: ERROR: QUANDARY_TAINT_ERROR Error: Intent(Intent Intent.parseIntent(Resources,XmlPullParser,AttributeSet) at [line 51]) -> Intent(void ContextWrapper.sendOrderedBroadcast(Intent,String) at [line 29]) via { void Intents.callAllSinks(Intent) at [line 59], Intent Intents.returnAllSources() at [line 58] } +Intents.java:59: ERROR: QUANDARY_TAINT_ERROR Error: Intent(Intent Intent.parseIntent(Resources,XmlPullParser,AttributeSet) at [line 51]) -> Intent(void ContextWrapper.sendStickyBroadcast(Intent) at [line 30]) via { void Intents.callAllSinks(Intent) at [line 59], Intent Intents.returnAllSources() at [line 58] } +Intents.java:59: ERROR: QUANDARY_TAINT_ERROR Error: Intent(Intent Intent.parseIntent(Resources,XmlPullParser,AttributeSet) at [line 51]) -> Intent(void ContextWrapper.sendStickyBroadcastAsUser(Intent,UserHandle) at [line 31]) via { void Intents.callAllSinks(Intent) at [line 59], Intent Intents.returnAllSources() at [line 58] } +Intents.java:59: ERROR: QUANDARY_TAINT_ERROR Error: Intent(Intent Intent.parseIntent(Resources,XmlPullParser,AttributeSet) at [line 51]) -> Intent(void ContextWrapper.sendStickyOrderedBroadcast(Intent,BroadcastReceiver,Handler,int,String,Bundle) at [line 32]) via { void Intents.callAllSinks(Intent) at [line 59], Intent Intents.returnAllSources() at [line 58] } +Intents.java:59: ERROR: QUANDARY_TAINT_ERROR Error: Intent(Intent Intent.parseIntent(Resources,XmlPullParser,AttributeSet) at [line 51]) -> Intent(void ContextWrapper.sendStickyOrderedBroadcastAsUser(Intent,UserHandle,BroadcastReceiver,Handler,int,String,Bundle) at [line 33]) via { void Intents.callAllSinks(Intent) at [line 59], Intent Intents.returnAllSources() at [line 58] } +Intents.java:59: ERROR: QUANDARY_TAINT_ERROR Error: Intent(Intent Intent.parseUri(String,int) at [line 49]) -> Intent(ComponentName ContextWrapper.startService(Intent) at [line 40]) via { void Intents.callAllSinks(Intent) at [line 59], Intent Intents.returnAllSources() at [line 58] } +Intents.java:59: ERROR: QUANDARY_TAINT_ERROR Error: Intent(Intent Intent.parseUri(String,int) at [line 49]) -> Intent(boolean Activity.startActivityIfNeeded(Intent,int) at [line 37]) via { void Intents.callAllSinks(Intent) at [line 59], Intent Intents.returnAllSources() at [line 58] } +Intents.java:59: ERROR: QUANDARY_TAINT_ERROR Error: Intent(Intent Intent.parseUri(String,int) at [line 49]) -> Intent(boolean ContextWrapper.bindService(Intent,ServiceConnection,int) at [line 26]) via { void Intents.callAllSinks(Intent) at [line 59], Intent Intents.returnAllSources() at [line 58] } +Intents.java:59: ERROR: QUANDARY_TAINT_ERROR Error: Intent(Intent Intent.parseUri(String,int) at [line 49]) -> Intent(void Activity.startActivities(android.content.Intent[]) at [line 34]) via { void Intents.callAllSinks(Intent) at [line 59], Intent Intents.returnAllSources() at [line 58] } +Intents.java:59: ERROR: QUANDARY_TAINT_ERROR Error: Intent(Intent Intent.parseUri(String,int) at [line 49]) -> Intent(void Activity.startActivity(Intent) at [line 35]) via { void Intents.callAllSinks(Intent) at [line 59], Intent Intents.returnAllSources() at [line 58] } +Intents.java:59: ERROR: QUANDARY_TAINT_ERROR Error: Intent(Intent Intent.parseUri(String,int) at [line 49]) -> Intent(void Activity.startActivityForResult(Intent,int) at [line 36]) via { void Intents.callAllSinks(Intent) at [line 59], Intent Intents.returnAllSources() at [line 58] } +Intents.java:59: ERROR: QUANDARY_TAINT_ERROR Error: Intent(Intent Intent.parseUri(String,int) at [line 49]) -> Intent(void Activity.startActivityFromChild(Activity,Intent,int) at [line 38]) via { void Intents.callAllSinks(Intent) at [line 59], Intent Intents.returnAllSources() at [line 58] } +Intents.java:59: ERROR: QUANDARY_TAINT_ERROR Error: Intent(Intent Intent.parseUri(String,int) at [line 49]) -> Intent(void Activity.startActivityFromFragment(Fragment,Intent,int) at [line 39]) via { void Intents.callAllSinks(Intent) at [line 59], Intent Intents.returnAllSources() at [line 58] } +Intents.java:59: ERROR: QUANDARY_TAINT_ERROR Error: Intent(Intent Intent.parseUri(String,int) at [line 49]) -> Intent(void ContextWrapper.sendBroadcast(Intent) at [line 27]) via { void Intents.callAllSinks(Intent) at [line 59], Intent Intents.returnAllSources() at [line 58] } +Intents.java:59: ERROR: QUANDARY_TAINT_ERROR Error: Intent(Intent Intent.parseUri(String,int) at [line 49]) -> Intent(void ContextWrapper.sendBroadcastAsUser(Intent,UserHandle) at [line 28]) via { void Intents.callAllSinks(Intent) at [line 59], Intent Intents.returnAllSources() at [line 58] } +Intents.java:59: ERROR: QUANDARY_TAINT_ERROR Error: Intent(Intent Intent.parseUri(String,int) at [line 49]) -> Intent(void ContextWrapper.sendOrderedBroadcast(Intent,String) at [line 29]) via { void Intents.callAllSinks(Intent) at [line 59], Intent Intents.returnAllSources() at [line 58] } +Intents.java:59: ERROR: QUANDARY_TAINT_ERROR Error: Intent(Intent Intent.parseUri(String,int) at [line 49]) -> Intent(void ContextWrapper.sendStickyBroadcast(Intent) at [line 30]) via { void Intents.callAllSinks(Intent) at [line 59], Intent Intents.returnAllSources() at [line 58] } +Intents.java:59: ERROR: QUANDARY_TAINT_ERROR Error: Intent(Intent Intent.parseUri(String,int) at [line 49]) -> Intent(void ContextWrapper.sendStickyBroadcastAsUser(Intent,UserHandle) at [line 31]) via { void Intents.callAllSinks(Intent) at [line 59], Intent Intents.returnAllSources() at [line 58] } +Intents.java:59: ERROR: QUANDARY_TAINT_ERROR Error: Intent(Intent Intent.parseUri(String,int) at [line 49]) -> Intent(void ContextWrapper.sendStickyOrderedBroadcast(Intent,BroadcastReceiver,Handler,int,String,Bundle) at [line 32]) via { void Intents.callAllSinks(Intent) at [line 59], Intent Intents.returnAllSources() at [line 58] } +Intents.java:59: ERROR: QUANDARY_TAINT_ERROR Error: Intent(Intent Intent.parseUri(String,int) at [line 49]) -> Intent(void ContextWrapper.sendStickyOrderedBroadcastAsUser(Intent,UserHandle,BroadcastReceiver,Handler,int,String,Bundle) at [line 33]) via { void Intents.callAllSinks(Intent) at [line 59], Intent Intents.returnAllSources() at [line 58] } Interprocedural.java:39: ERROR: QUANDARY_TAINT_ERROR Error: Other(Object InferTaint.inferSecretSource() at [line 31]) -> Other(void InferTaint.inferSensitiveSink(Object) at [line 39]) via { Object Interprocedural.returnSourceDirect() at [line 39] } Interprocedural.java:44: ERROR: QUANDARY_TAINT_ERROR Error: Other(Object InferTaint.inferSecretSource() at [line 31]) -> Other(void InferTaint.inferSensitiveSink(Object) at [line 44]) via { Object Interprocedural.returnSourceDirect() at [line 43] } Interprocedural.java:48: ERROR: QUANDARY_TAINT_ERROR Error: Other(Object InferTaint.inferSecretSource() at [line 35]) -> Other(void InferTaint.inferSensitiveSink(Object) at [line 48]) via { Object Interprocedural.returnSourceIndirect() at [line 48] } @@ -53,6 +83,7 @@ Interprocedural.java:178: ERROR: QUANDARY_TAINT_ERROR Error: Other(Object InferT Interprocedural.java:185: ERROR: QUANDARY_TAINT_ERROR Error: Other(Object InferTaint.inferSecretSource() at [line 182]) -> Other(void InferTaint.inferSensitiveSink(Object) at [line 185]) via { Object Interprocedural.id(Object) at [line 183], Object Interprocedural.id(Object) at [line 184] } Interprocedural.java:196: ERROR: QUANDARY_TAINT_ERROR Error: Other(Object InferTaint.inferSecretSource() at [line 191]) -> Other(void InferTaint.inferSensitiveSink(Object) at [line 196]) via { Object Interprocedural.returnSourceConditional(boolean) at [line 196] } Interprocedural.java:207: ERROR: QUANDARY_TAINT_ERROR Error: Other(Object InferTaint.inferSecretSource() at [line 205]) -> Other(void InferTaint.inferSensitiveSink(Object) at [line 207]) via { } +Interprocedural.java:230: ERROR: QUANDARY_TAINT_ERROR Error: Other(Object InferTaint.inferSecretSource() at [line 228]) -> Other(void InferTaint.inferSensitiveSink(Object) at [line 230]) via { } LoggingPrivateData.java:18: ERROR: QUANDARY_TAINT_ERROR Error: SharedPreferences(String SharedPreferences.getString(String,String) at [line 18]) -> Logging(int Log.d(String,String) at [line 18]) via { } LoggingPrivateData.java:22: ERROR: QUANDARY_TAINT_ERROR Error: SharedPreferences(String SharedPreferences.getString(String,String) at [line 22]) -> Logging(int Log.d(String,String) at [line 22]) via { } LoggingPrivateData.java:37: ERROR: QUANDARY_TAINT_ERROR Error: SharedPreferences(String SharedPreferences.getString(String,String) at [line 36]) -> Logging(int Log.w(String,Throwable) at [line 37]) via { }