You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

68 lines
1.4 KiB

/*
* Copyright (c) 2016-present, Facebook, Inc.
*
* This source code is licensed under the MIT license found in the
* LICENSE file in the root directory of this source tree.
*/
package codetoanalyze.java.quandary;
import com.facebook.infer.builtins.InferTaint;
/** making sure the traces we report respect control-flow */
class FlowSensitivity {
static class Obj {
Object f;
}
static void callSink(Obj o) {
InferTaint.inferSensitiveSink(o.f);
}
static void returnSource(Obj o) {
o.f = InferTaint.inferSecretSource();
}
static void interproceduralFlowSensitivityOk1(Obj o) {
InferTaint.inferSensitiveSink(o.f);
returnSource(o);
}
static void interproceduralFlowSensitivityOk2(Obj o) {
callSink(o);
o.f = InferTaint.inferSecretSource();
}
static void interproceduralFlowSensitivityOk3(Obj o) {
callSink(o);
returnSource(o);
}
static void interproceduralFlowSensitivityBad(Obj o) {
returnSource(o);
callSink(o);
}
static void sourceAndSink(Obj o) {
InferTaint.inferSensitiveSink(o.f);
o.f = InferTaint.inferSecretSource();
}
static void callSourceAndSinkOk(Obj o) {
sourceAndSink(o);
}
static void callSourceAndSinkBad1(Obj o) {
sourceAndSink(o);
InferTaint.inferSensitiveSink(o.f);
}
static void callSourceAndSinkBad2(Obj o) {
o.f = InferTaint.inferSecretSource();
sourceAndSink(o);
}
}