You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
68 lines
1.7 KiB
68 lines
1.7 KiB
/*
|
|
* Copyright (c) Facebook, Inc. and its affiliates.
|
|
*
|
|
* This source code is licensed under the MIT license found in the
|
|
* LICENSE file in the root directory of this source tree.
|
|
*/
|
|
|
|
package codetoanalyze.java.quandary;
|
|
|
|
import com.facebook.infer.builtins.InferTaint;
|
|
|
|
public class Arrays {
|
|
|
|
static class Obj {
|
|
Object f;
|
|
Object[] arr;
|
|
}
|
|
|
|
/** should report on these tests */
|
|
void viaArrayBad() {
|
|
Object[] arr = new Object[1];
|
|
arr[0] = InferTaint.inferSecretSource();
|
|
InferTaint.inferSensitiveSink(arr[0]);
|
|
}
|
|
|
|
void viaArrayThenFieldBad() {
|
|
Obj[] arr = new Obj[1];
|
|
arr[0].f = InferTaint.inferSecretSource();
|
|
InferTaint.inferSensitiveSink(arr[0].f);
|
|
}
|
|
|
|
void viaFieldThenArrayBad1(Obj obj) {
|
|
obj.arr[0] = InferTaint.inferSecretSource();
|
|
InferTaint.inferSensitiveSink(obj.arr[0]);
|
|
}
|
|
|
|
void viaFieldThenArrayBad2() {
|
|
Obj obj = new Obj();
|
|
obj.arr = new Obj[1];
|
|
obj.arr[0] = InferTaint.inferSecretSource();
|
|
InferTaint.inferSensitiveSink(obj.arr[0]);
|
|
}
|
|
|
|
/** should not report on these tests */
|
|
void viaArrayOk() {
|
|
Object[] arr = new Object[1];
|
|
arr[0] = new Object();
|
|
InferTaint.inferSensitiveSink(arr[0]);
|
|
}
|
|
|
|
/** false positives: an ideal analysis would not report on these, but we do */
|
|
|
|
// we don't track array indices precisely
|
|
void FP_viaArrayOk1(Object y, Object[] z) {
|
|
Object[] arr = new Object[2];
|
|
arr[0] = InferTaint.inferSecretSource();
|
|
InferTaint.inferSensitiveSink(arr[1]);
|
|
}
|
|
|
|
// we use weak update semantics on arrays
|
|
void FP_viaArrayOk2(Object y, Object[] z) {
|
|
Object[] arr = new Object[1];
|
|
arr[0] = InferTaint.inferSecretSource();
|
|
arr[0] = null;
|
|
InferTaint.inferSensitiveSink(arr[0]);
|
|
}
|
|
}
|