From f12bbacbdd41a33b2f2fbbc4b3e968c875e58529 Mon Sep 17 00:00:00 2001 From: David Lively Date: Mon, 8 Apr 2019 11:40:45 -0700 Subject: [PATCH] [annotation-reachability] stop merging sanitized nodes' callees Reviewed By: jeremydubreil Differential Revision: D14813350 fbshipit-source-id: 6a4fe44f8 --- infer/src/checkers/annotationReachability.ml | 12 +++++++++--- .../cpp/annotation-reachability/Makefile | 2 +- .../cpp/annotation-reachability/reachability.cpp | 5 +++++ 3 files changed, 15 insertions(+), 4 deletions(-) diff --git a/infer/src/checkers/annotationReachability.ml b/infer/src/checkers/annotationReachability.ml index 254e436d2..220868977 100644 --- a/infer/src/checkers/annotationReachability.ml +++ b/infer/src/checkers/annotationReachability.ml @@ -548,14 +548,20 @@ module TransferFunctions (CFG : ProcCfg.S) = struct specs - let merge_callee_map call_site pdesc callee_pname astate = + let merge_callee_map call_site pdesc callee_pname tenv specs astate = match Payload.read pdesc callee_pname with | None -> astate | Some callee_call_map -> let add_call_site annot sink calls astate = if AnnotReachabilityDomain.CallSites.is_empty calls then astate - else Domain.add_call_site annot sink call_site astate + else + let pname = Procdesc.get_proc_name pdesc in + List.fold + ~f:(fun astate (spec : AnnotationSpec.t) -> + if spec.sanitizer_predicate tenv pname then astate + else Domain.add_call_site annot sink call_site astate ) + ~init:astate specs in AnnotReachabilityDomain.fold (fun annot sink_map astate -> @@ -570,7 +576,7 @@ module TransferFunctions (CFG : ProcCfg.S) = struct let caller_pname = Procdesc.get_proc_name pdesc in let call_site = CallSite.make callee_pname call_loc in check_call tenv callee_pname caller_pname call_site astate extras - |> merge_callee_map call_site pdesc callee_pname + |> merge_callee_map call_site pdesc callee_pname tenv extras | Sil.Load (id, exp, _, _) when is_tracking_exp astate exp -> Domain.add_tracking_var (Var.of_id id) astate | Sil.Store (Exp.Lvar pvar, _, exp, _) when is_tracking_exp astate exp -> diff --git a/infer/tests/codetoanalyze/cpp/annotation-reachability/Makefile b/infer/tests/codetoanalyze/cpp/annotation-reachability/Makefile index 70605c0df..f5e7a3cfd 100644 --- a/infer/tests/codetoanalyze/cpp/annotation-reachability/Makefile +++ b/infer/tests/codetoanalyze/cpp/annotation-reachability/Makefile @@ -7,7 +7,7 @@ TESTS_DIR = ../../.. # see explanations in cpp/errors/Makefile for the custom isystem CLANG_OPTIONS = -x c++ -std=c++11 -nostdinc++ -isystem$(ROOT_DIR) -isystem$(CLANG_INCLUDES)/c++/v1/ -c -INFER_OPTIONS = --annotation-reachability-only --debug-exceptions --project-root $(TESTS_DIR) --annotation-reachability-cxx '{ "TEST_ANNOT_REACH": { "sources": { "symbols": [ "CheckFrom::" ] }, "sinks": { "symbols": [ "Danger::", "death" ] } } }' +INFER_OPTIONS = --annotation-reachability-only --debug-exceptions --project-root $(TESTS_DIR) --annotation-reachability-cxx '{ "TEST_ANNOT_REACH": { "sources": { "symbols": [ "CheckFrom::" ] }, "sinks": { "overrides": { "symbols": [ "Approved::"] },"symbols": [ "Danger::", "death" ] } } }' INFERPRINT_OPTIONS = --issues-tests diff --git a/infer/tests/codetoanalyze/cpp/annotation-reachability/reachability.cpp b/infer/tests/codetoanalyze/cpp/annotation-reachability/reachability.cpp index 9ce8c93fc..c0aa3e5ff 100644 --- a/infer/tests/codetoanalyze/cpp/annotation-reachability/reachability.cpp +++ b/infer/tests/codetoanalyze/cpp/annotation-reachability/reachability.cpp @@ -19,6 +19,10 @@ void foo(); void bar(); } // namespace Ok +namespace Approved { +void baz() { death(); } +} // namespace Approved + namespace CheckFrom { void death_via() { death(); } @@ -36,6 +40,7 @@ void safe() { good(); Ok::foo(); Ok::bar(); + Approved::baz(); } struct Destructive {