You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

90 lines
2.9 KiB

/*
* Copyright (c) Facebook, Inc. and its affiliates.
*
* This source code is licensed under the MIT license found in the
* LICENSE file in the root directory of this source tree.
*/
package codetoanalyze.java.quandary;
import android.content.Intent;
import android.os.Parcel;
import com.facebook.infer.builtins.InferTaint;
/** testing how the analysis handles missing/unknown code */
public abstract class UnknownCode {
static native Object nativeMethod(Object o);
abstract Object abstractMethod(Object o);
static interface Interface {
Object interfaceMethod(Object o);
}
static void propagateViaUnknownConstructorBad() {
String source = (String) InferTaint.inferSecretSource();
// we don't analyze the code for the core Java libraries, so this constructor will be unknown
String unknownConstructor = new String(source);
InferTaint.inferSensitiveSink(unknownConstructor);
}
static void propagateViaUnknownConstructorOk() {
String unknownConstructor = new String("");
InferTaint.inferSensitiveSink(unknownConstructor);
}
void propagateViaUnknownCodeOk(Interface i) {
Object notASource = new Object();
Object launderedSource1 = nativeMethod(notASource);
Object launderedSource2 = abstractMethod(launderedSource1);
Object launderedSource3 = i.interfaceMethod(launderedSource2);
InferTaint.inferSensitiveSink(launderedSource3);
}
void callUnknownSetterBad(Intent i) {
Object source = InferTaint.inferSecretSource();
// we don't analyze the source code for Android, so this will be unknown
i.writeToParcel((Parcel) source, 0);
InferTaint.inferSensitiveSink(i);
}
void propagateEmptyBad() {
String source = (String) InferTaint.inferSecretSource();
StringBuffer buffer = new StringBuffer();
buffer.append(source); // buffer is now tainted
// even though "" is not tainted, buffer and alias should still be tainted
StringBuffer alias = buffer.append("");
InferTaint.inferSensitiveSink(buffer); // should report
InferTaint.inferSensitiveSink(alias); // should report
}
void propagateFootprint(String param) {
StringBuffer buffer = new StringBuffer();
buffer.append(param);
InferTaint.inferSensitiveSink(buffer);
}
void callPropagateFootprintBad() {
propagateFootprint((String) InferTaint.inferSecretSource());
}
static void propagateViaInterfaceCodeBad(Interface i) {
Object source = InferTaint.inferSecretSource();
Object launderedSource = i.interfaceMethod(source);
InferTaint.inferSensitiveSink(launderedSource);
}
void propagateViaUnknownNativeCodeBad() {
Object source = InferTaint.inferSecretSource();
Object launderedSource = nativeMethod(source);
InferTaint.inferSensitiveSink(launderedSource);
}
static void propagateViaUnknownAbstractCodeBad() {
Object source = InferTaint.inferSecretSource();
Object launderedSource = nativeMethod(source);
InferTaint.inferSensitiveSink(launderedSource);
}
}