From ecf9c1b402ac7ad1bf9354397ba061eb7a279901 Mon Sep 17 00:00:00 2001 From: Sam Blackshear Date: Fri, 21 Jul 2017 07:56:44 -0700 Subject: [PATCH] [quandary] expose actuals to Source.get Summary: This gives us more expressive power when defining sources--we can use heuristics like "`foo(o)` only returns a source when `o` is not a constant". Reviewed By: jvillard Differential Revision: D5467935 fbshipit-source-id: f3d581d --- infer/src/checkers/Source.ml | 10 +++++----- infer/src/checkers/Source.mli | 8 ++++---- infer/src/quandary/ClangTrace.ml | 2 +- infer/src/quandary/JavaTrace.ml | 2 +- infer/src/quandary/TaintAnalysis.ml | 2 +- infer/src/unit/TaintTests.ml | 2 +- infer/src/unit/TraceTests.ml | 2 +- 7 files changed, 14 insertions(+), 14 deletions(-) diff --git a/infer/src/checkers/Source.ml b/infer/src/checkers/Source.ml index 9798ba450..af37659e0 100644 --- a/infer/src/checkers/Source.ml +++ b/infer/src/checkers/Source.ml @@ -19,7 +19,7 @@ module type Kind = sig val unknown : t - val get : Typ.Procname.t -> Tenv.t -> (t * int option) option + val get : Typ.Procname.t -> HilExp.t list -> Tenv.t -> (t * int option) option val get_tainted_formals : Procdesc.t -> Tenv.t -> (Mangled.t * Typ.t * t option) list end @@ -35,7 +35,7 @@ module type S = sig val get_footprint_access_path : t -> AccessPath.t option - val get : CallSite.t -> Tenv.t -> spec option + val get : CallSite.t -> HilExp.t list -> Tenv.t -> spec option val get_tainted_formals : Procdesc.t -> Tenv.t -> (Mangled.t * Typ.t * t option) list end @@ -73,8 +73,8 @@ module Make (Kind : Kind) = struct let site = CallSite.make (Procdesc.get_proc_name pdesc) (Procdesc.get_loc pdesc) in {site; kind} - let get site tenv = - match Kind.get (CallSite.pname site) tenv with + let get site actuals tenv = + match Kind.get (CallSite.pname site) actuals tenv with | Some (kind, index) -> let source = make kind site in Some {source; index} @@ -122,7 +122,7 @@ module Dummy = struct let get_footprint_access_path _ = assert false - let get _ _ = None + let get _ _ _ = None let get_tainted_formals pdesc _ = List.map ~f:(fun (name, typ) -> (name, typ, None)) (Procdesc.get_formals pdesc) diff --git a/infer/src/checkers/Source.mli b/infer/src/checkers/Source.mli index 217a9a1bb..546fe587f 100644 --- a/infer/src/checkers/Source.mli +++ b/infer/src/checkers/Source.mli @@ -18,8 +18,8 @@ module type Kind = sig val unknown : t (** kind of an unknown source *) - val get : Typ.Procname.t -> Tenv.t -> (t * int option) option - (** return Some (kind) if the procedure is a taint source, None otherwise *) + val get : Typ.Procname.t -> HilExp.t list -> Tenv.t -> (t * int option) option + (** return Some (kind) if the procedure with the given actuals is a taint source, None otherwise *) val get_tainted_formals : Procdesc.t -> Tenv.t -> (Mangled.t * Typ.t * t option) list (** return each formal of the function paired with either Some(kind) if the formal is a taint @@ -42,8 +42,8 @@ module type S = sig val get_footprint_access_path : t -> AccessPath.t option (** return Some(access path) if the current source is a footprint source, None otherwise *) - val get : CallSite.t -> Tenv.t -> spec option - (** return Some (taint spec) if the call site is a taint source, None otherwise *) + val get : CallSite.t -> HilExp.t list -> Tenv.t -> spec option + (** return Some (taint spec) if the call site with the given actuals is a taint source, None otherwise *) val get_tainted_formals : Procdesc.t -> Tenv.t -> (Mangled.t * Typ.t * t option) list (** return each formal of the function paired with either Some(source) if the formal is a taint diff --git a/infer/src/quandary/ClangTrace.ml b/infer/src/quandary/ClangTrace.ml index bd7ddc9b4..6d9bb9dd5 100644 --- a/infer/src/quandary/ClangTrace.ml +++ b/infer/src/quandary/ClangTrace.ml @@ -54,7 +54,7 @@ module SourceKind = struct else None) external_sources - let get pname _ = + let get pname _ _ = let return = None in match pname with | Typ.Procname.ObjC_Cpp cpp_name diff --git a/infer/src/quandary/JavaTrace.ml b/infer/src/quandary/JavaTrace.ml index cfbc312b0..d8808e931 100644 --- a/infer/src/quandary/JavaTrace.ml +++ b/infer/src/quandary/JavaTrace.ml @@ -40,7 +40,7 @@ module SourceKind = struct ~f:(fun {QuandaryConfig.Source.procedure; kind} -> (Str.regexp procedure, kind)) (QuandaryConfig.Source.of_json Config.quandary_sources) - let get pname tenv = + let get pname _ tenv = let return = None in match pname with | Typ.Procname.Java pname -> ( diff --git a/infer/src/quandary/TaintAnalysis.ml b/infer/src/quandary/TaintAnalysis.ml index 33c4b232e..d6227da85 100644 --- a/infer/src/quandary/TaintAnalysis.ml +++ b/infer/src/quandary/TaintAnalysis.ml @@ -466,7 +466,7 @@ module Make (TaintSpecification : TaintSpec.S) = struct | None -> astate in - let source = TraceDomain.Source.get call_site proc_data.tenv in + let source = TraceDomain.Source.get call_site actuals proc_data.tenv in let astate_with_source = match source with | Some {TraceDomain.Source.source; index= None} diff --git a/infer/src/unit/TaintTests.ml b/infer/src/unit/TaintTests.ml index 50cac86fe..52e08babc 100644 --- a/infer/src/unit/TaintTests.ml +++ b/infer/src/unit/TaintTests.ml @@ -18,7 +18,7 @@ module MockTrace = Trace.Make (struct let unknown = CallSite.dummy - let get pname _ = + let get pname _ _ = if String.is_prefix ~prefix:"SOURCE" (Typ.Procname.to_string pname) then Some (CallSite.make pname Location.dummy, None) else None diff --git a/infer/src/unit/TraceTests.ml b/infer/src/unit/TraceTests.ml index d94b9eea9..1f89e45d9 100644 --- a/infer/src/unit/TraceTests.ml +++ b/infer/src/unit/TraceTests.ml @@ -55,7 +55,7 @@ module MockSource = struct include Source.Make (struct include MockTraceElem - let get _ = assert false + let get _ _ = assert false let get_tainted_formals _ = assert false end)