294 Commits (c2b967d27bb2d4292e225470a8f640bcb853dd04)

Author SHA1 Message Date
Sam Blackshear 0b9727214d [quandary] support `StringBuilder`'s and other methods for propagating `String` taint
8 years ago
Sam Blackshear fde7a6ecf3 [quandary] support for full interprocedural traces
8 years ago
Josh Berdine 32a60e05f4 Unbreak master
8 years ago
Sam Blackshear 768a60caca [quandary] support for full interprocedural traces
8 years ago
Peter O'Hearn 2d424b7779 skipping ReadWrite Locks
8 years ago
Sam Blackshear 874e7f000d [quandary] functions that transitively return sources are sources, not passthroughs
8 years ago
Sam Blackshear d76a7ef43a [quandary] functions that transitively call sinks are sinks, not passthroughs
8 years ago
Peter O'Hearn e91742afea Support @SuppressLint("InvalidAccessToGuardedField")
8 years ago
Sam Blackshear d7ae77c7c2 [quandary] make intent/logging private data tests intraprocedural
8 years ago
Sam Blackshear 678d0ff4e9 [quandary] don't double-report when applying summaries
8 years ago
Sam Blackshear 21f9bd1ed6 [quandary] fix crash from returning exceptions that read from the environment
8 years ago
Sam Blackshear 7ae58d78c3 [infer] fix .class synchronization false-positive in guarded-by check
8 years ago
Sam Blackshear 8f68f61ec9 [quandary] remove stripped logging sinks
8 years ago
Jules Villard bc6226942e fix tests
8 years ago
Peter O'Hearn ec45b44dfd [threadsafety] Better error message when warning on subclasses of @ThreadSafe classes
8 years ago
Sam Blackshear 3ba67bac1a [quandary] more privacy sources
8 years ago
Josh Berdine 175e85525d [tests] Convert java tests to avoid phony targets
8 years ago
Sam Blackshear 319463b3bc [quandary] propagating taint from unknown procedures and constructors
8 years ago
Josh Berdine a9192cffd6 [config] Eliminate ad hoc environment variables
8 years ago
Sam Blackshear 6fc1a7e20f [quandary] reporting on array passed to sink when contents of array are tainted
8 years ago
Peter O'Hearn 2601af5ade [threadsafety] don't report on class initializers
8 years ago
Peter O'Hearn 69f7ed5f6d [threadsafe] fix the code for recognizing constructors
8 years ago
Sam Blackshear 08509fb2ab [quandary] don't double-report flows
8 years ago
Sam Blackshear 512de69e13 [quandary] handle dynamic dispatch
8 years ago
Peter O'Hearn 6423ec74ad Writing errors for Threadsafe checker
8 years ago
Andrzej Kotulski 0f9f44f16e [backend] Report ignored return value on skip functions
8 years ago
Peter O'Hearn 07da8f36d1 don't warn on GuardedBy self reference
8 years ago
Sam Blackshear 715e521ead [quandary] making summaries smaller
8 years ago
Josh Berdine 6697ed781f [tests] Rerun test without swallowing output on failure
8 years ago
Josh Berdine ac0084019c [tests] Use $(MAKE) for recursive invocations
8 years ago
Josh Berdine d8336ea906 [backend] Keep common constraints in pure join
8 years ago
Josh Berdine 30541ec329 [tests] Add test for suboptimal join of attributes
8 years ago
Sam Blackshear 4a35862aa8 [quandary] dont add passthroughs from callee to caller
8 years ago
Sam Blackshear 5e2e7b88aa [quandary] allow trace-specific rules for handling unknown code
8 years ago
Jeremy Dubreil e38e16c948 [infer][java] Remove the deprecated genrule from the BUCK files
8 years ago
Jeremy Dubreil 2e2e9c89d6 [infer][java] Removing the models for com.squareup.okhttp.internal.StrictLineReader
8 years ago
Jeremy Dubreil 168c613ac9 [infer][java] Separate the builtins from the other models for a better modularity
8 years ago
Sam Blackshear df8a4f6481 [quandary] tests for divergence
8 years ago
Sam Blackshear af9f34bb60 [quandary] checking for flows from Intents parsed via Uris -> startActivity (and similar)
8 years ago
Cristiano Calcagno 717b61192e [tests] Convert java harness and crashcontext tests to new direct format.
8 years ago
Sam Blackshear fbfece20af [quandary] using exceptional procCFG to explore exceptional control-flow
8 years ago
Sam Blackshear 4b9899d6b2 [quandary] handling globals in function summaries
8 years ago
Sam Blackshear b1039f51f8 [quandary] add summaries for footprint traces associated with locals
8 years ago
Sam Blackshear ae759ee21f [quandary] fixing crashes when running on recursive code
8 years ago
Sam Blackshear 31e6849ec0 [quandary] using summaries part 2: the relational cases
8 years ago
Sam Blackshear e4beca3779 [quandary] using summaries part 1: return
8 years ago
Sam Blackshear cf8c957483 [quandary] use preanalysis for abstract GC
8 years ago
Sam Blackshear 27cfb141da richer sink specifications
8 years ago
Sam Blackshear bcacd95176 tests for arrays
8 years ago
Sam Blackshear 87248009b7 fixing issue where crashcontext breaks without -o
8 years ago
Josh Berdine f3cdf87181 Sort test results by file then line
8 years ago
Sam Blackshear 1e4b4df427 fixing handling of aliasing for frontend tmp vars
8 years ago
Sam Blackshear 6ca990be8c adding tests for manipulating fields
8 years ago
Sam Blackshear f2487513c5 adding tests for basic var stuff, casts
8 years ago
Sam Blackshear 3ff6622c9c setup e2e test skeleton
8 years ago
Cristiano Calcagno 257f4976f0 Convert java tracing tests to new direct format.
8 years ago
Cristiano Calcagno 674f30de2c Convert java infer tests to the new direct format
8 years ago
Cristiano Calcagno 2cb595b8c9 Convert Eradicate and Checkers tests to direct format.
8 years ago
Sam Blackshear c5088f44a7 adding tests for context leaks via weak reference
8 years ago
Lázaro Clapp Jiménez Labora 85add041d4 CI Tests for crashcontext handling of native methods
8 years ago
Lázaro Clapp Jiménez Labora 5296688c1f Match classname for stackframes in crashcontext checker.
8 years ago
Sam Blackshear 4490d9b033 fix recognition of inner class this guarded-by strings
8 years ago
Lázaro Clapp Jiménez Labora 9a79e74380 Crashbot results stitching and end-to-end testing.
9 years ago
Sam Blackshear b500a5c4b5 don't warn in cases where GuardedBy string is clearly unrecognizable
9 years ago
Lázaro Clapp Jiménez Labora 76764c148a Output the callee sumaries of -a crashcontext to per-method files.
9 years ago
Lázaro Clapp Jiménez Labora 6469a6c37b Implement '-a crashcontext' and '-st trace' options to invoke BoundedCallTree.ml from the command line.
9 years ago
Sam Blackshear d6149c7741 switching to by-ref semantics
9 years ago
Lázaro Clapp Jiménez Labora 95a12d9706 model String.equals(...) as '=='
9 years ago
Peter O'Hearn 1edb492b70 One step closer to shipping initial GUARDEDBY
9 years ago
Sam Blackshear 9d95a3a199 don't warn if procedure is marked VisibleForTesting
9 years ago
Sam Blackshear 03df3a0c47 supporting guarding on outer-class this in inner class
9 years ago
Sam Blackshear 7ae14d0bdf don't report on compiler-generated access$ methods
9 years ago
Sam Blackshear df257da918 supporting @GuardedBy(MyClass.class) idiom
9 years ago
Sam Blackshear 6304e30f5a don't warn on read-write locks
9 years ago
Sam Blackshear b940c4dfac warning on guarded-by writes
9 years ago
Peter O'Hearn 508d6a3ae7 optional model
9 years ago
Peter O'Hearn 8613f16c19 drop GuardedBy ui_thread warnings
9 years ago
Jeremy Dubreil 17da853fa8 Do not angelically remove the file attribute on the reciever for virtual calls
9 years ago
Sam Blackshear 7ec8f59998 adding find_in_node_or_preds to clean up errdesc
9 years ago
Cristiano Calcagno 56cfac14da Fix issue in join where the origin of a variable would be lost in a loop.
9 years ago
Sam Blackshear e3e80dd2f0 don't report on private unguarded accesses
9 years ago
Sam Blackshear 36ee3730aa reporting error on unprotected access to field annotated with @GuardedBy
9 years ago
Jules Villard e695e14ee1 add various filter options from inferconfig to the CLI
9 years ago
Sam Blackshear 83f511107b stop reporting handler leaks
9 years ago
Sam Blackshear 258e765d4e adding integrity source/sink annotations
9 years ago
Sam Blackshear 4fd2f52fe8 new analysis for adding nullify's
9 years ago
Sam Blackshear c7c1588830 getting rid of string parameter on privacy annotations
9 years ago
Jeremy Dubreil 8072d2c1e5 report errors when all the postconditions are error states
9 years ago
Jeremy Dubreil 3a856aa6f0 Add example of lazy dynamic dispatch calling a method from the interface
9 years ago
Sam Blackshear 77791b7e8e warn on deref of nullable skip function
9 years ago
Sam Blackshear 843bcc1576 support tainting of annotated fields
9 years ago
Peter O'Hearn 50081c7ccb alloc/dealloc model for locks
9 years ago
Sam Blackshear a10d7099c7 warning on deref of nullable retvals
9 years ago
jrm 9b6de7aeb0 Do not report @NoAllocation and @PerformanceCritical violations in "unlikely" branches
9 years ago
Sam Blackshear e1e62be243 supporting new @PrivacySource/PrivacySink annotations
9 years ago
jrm ad3e32d935 Fix resource leak false positive with the resource wrapper java.io.DataInputStream
9 years ago
Sam Blackshear 15aaa39fea allowing class-level Expensive and PerformanceCritical annotations
9 years ago
Sam Blackshear 91ae1baebc massive refactoring of harness generation
9 years ago
jrm e734c1873d Fix cases of resource leaks not detected when the resource indirectly implements Closeable
9 years ago
Nick Firmani 1c819770e2 Add SuppressViewNullability annotation
9 years ago
jrm cc4fcd6837 Add support for modeling @Expensive methods using .inferconfig
9 years ago
jrm 082ca6a90a Initial support for lazy dynamic dispatch
9 years ago
jrm 761902afad for the @PerformanceCritical checker, skip allocations reports on subtypes of java.lang.Throwable instead of only java.lang.Exceptions
9 years ago
Cristiano Calcagno e0d5847eb8 Deprecate incremental
9 years ago
jrm 697778cc3b Add the annotation @IgnoreAllocations to stop tracking allocations whenever useless
9 years ago
jrm 1f5529c67e The @NoAllocation checker should not report on created exceptions
9 years ago
jrm c6d8cdc8ee Add support for @NoAllocation in the performance critical checker
9 years ago
jrm 14d4f862eb @Performance critical checker: compute the expensive call stack lazily when reporting errors
9 years ago
jrm 4af130bf8d remove subtyping rule for the @PerformanceCritical annotation
9 years ago
jrm 904151888c fix treatment of linked list in Java
9 years ago
Jeremy Dubreil 6389cb9bd0 revert on-demand for the checkers now that the hash for long filename is fixed
9 years ago
Sam Blackshear 0fbd333cab Checker that complains when Fragments don't nullify their Views
9 years ago
jrm 3ece750c15 disable on-demand for the checkers while we fix the filename too long issue
9 years ago
Sam Blackshear 14e934205f implementing dynamic dispatch support for Java interfaces
9 years ago
jrm ad2a9064c3 No longer overwrite the attributes in the summary if already existing
9 years ago
Sam Blackshear f1c424e1d4 fixing accidental change to Child.java
9 years ago
Sam Blackshear 43daa760ee adding InferJava flags for classpath and class-source map, along with associated Python boilerplate
9 years ago
jrm 0def5c4111 No longer enforce the subtyping rule for the @PerformanceCritical annotation
9 years ago
Josh Berdine 63b57790f9 Fix indentation of multiline copyright comment
9 years ago
Josh Berdine b729c93dd5 Add model of java.lang.Class.getResource
9 years ago
Cristiano Calcagno 1666d7f353 Model Map.put() alongside Map.containsKey().
9 years ago
Sam Blackshear 99f79587cd adding ContentValues as sink
9 years ago
Josh Berdine d66261a1f4 Do not reuse Undef function values
9 years ago
jrm 61e457b1f6 Run the @PerformanceCritical checker by default with the other checkers
9 years ago
jrm 5a218a6d02 treat guava preconditions checks as assume instead of exeption throwing assertions
9 years ago
Sam Blackshear 8e8772f1aa make tainting work properly for skip functions
9 years ago
jrm a49b0965ef Model `android.view.View.findViewById` as an expensive method
9 years ago
jrm d712635feb Automatically infer the @PerformanceCritical annotations from the overriden methods
9 years ago
Sam Blackshear dcdebbd811 creating a framework for adding src/sink models based on method names/signatures alone
9 years ago
Sam Blackshear 29ea879930 eliminating precondition not met in taint analysis
9 years ago
Sam Blackshear 8eb668f668 deleting string models/tests
9 years ago
jrm 646c9dbb61 Report error message with call stacks for @PerformanceCritical checker
9 years ago
Sam Blackshear c7c8d58334 fixing taint analysis so it doesn't prevent postcondition inference
9 years ago
Sam Blackshear 8e9ed5eb6b adding model for verifying sockets before reading from them
9 years ago
jrm 2e01d3402f adding some tests to outline the behaviour of the @Expensive checker with inheritance
9 years ago
jrm 930eaba2d5 model Inflater and Deflater as resources
9 years ago
Josh Berdine 53a32848d5 Model and test FileChannel.tryLock throws
9 years ago
Josh Berdine bf408a1d03 Add models of FileChannel.tryLock methods.
9 years ago
Sam Blackshear db7dd5aebe fixing angelic in case where unknown function is called indirectly
9 years ago
Josh Berdine f2ba1b1c76 Add model for java.io.File.listFiles
9 years ago
jrm 0cd533f892 Enforcing subtyping rules for @Expensive and @PerformanceCritical
9 years ago
jrm 6b6b4d1949 Detecting if methods annotated with @PerformanceCritical transitively call methods annotated with @Expensive
9 years ago
Dulma Rodriguez 0db83eb5dd Adding the no progress bar option to the tests
9 years ago
jrm f5ddb983fe Initial version of the @Expensive checker
9 years ago
Dino Distefano 00e97afdf8 First version of taint analysis.
9 years ago
jrm 859b816e95 No longer report context leak on private methods
9 years ago
jrm d8e74e456c report leaks on all context, not only activities
9 years ago
jrm 6f3873aa99 Adding inferconfig support to skip the translation of generated source code
9 years ago
jrm 3095b68127 Add a test case with @SuppressWarnings on a Buck project
9 years ago
Sam Blackshear 30a7a2fd8e Fixing Symexec_memory error that occurs when dereferencing the return value of an undefined function
9 years ago