You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

79 lines
2.0 KiB

/*
* Copyright (c) 2016 - present Facebook, Inc.
* All rights reserved.
*
* This source code is licensed under the BSD style license found in the
* LICENSE file in the root directory of this source tree. An additional grant
* of patent rights can be found in the PATENTS file in the same directory.
*/
package codetoanalyze.java.quandary;
import com.facebook.infer.models.InferTaint;
public class Arrays {
static class Obj {
Object f;
Object[] arr;
}
/** should report on these tests */
void viaArrayBad() {
Object[] arr = new Object[1];
arr[0] = InferTaint.inferSecretSource();
InferTaint.inferSensitiveSink(arr[0]);
}
void viaArrayThenFieldBad() {
Obj[] arr = new Obj[1];
arr[0].f = InferTaint.inferSecretSource();
InferTaint.inferSensitiveSink(arr[0].f);
}
void viaFieldThenArrayBad1(Obj obj) {
obj.arr[0] = InferTaint.inferSecretSource();
InferTaint.inferSensitiveSink(obj.arr[0]);
}
void viaFieldThenArrayBad2() {
Obj obj = new Obj();
obj.arr = new Obj[1];
obj.arr[0] = InferTaint.inferSecretSource();
InferTaint.inferSensitiveSink(obj.arr[0]);
}
/** should not report on these tests */
void viaArrayOk() {
Object[] arr = new Object[1];
arr[0] = new Object();
InferTaint.inferSensitiveSink(arr[0]);
}
void viaArrayThenFieldOk() {
Obj[] arr = new Obj[1];
arr[0].f = InferTaint.inferSecretSource();
InferTaint.inferSensitiveSink(arr[0]);
}
/** false positives: an ideal analysis would not report on these, but we do */
// we don't track array indices precisely
void FP_viaArrayOk1(Object y, Object[] z) {
Object[] arr = new Object[2];
arr[0] = InferTaint.inferSecretSource();
InferTaint.inferSensitiveSink(arr[1]);
}
// we use weak update semantics on arrays
void FP_viaArrayOk2(Object y, Object[] z) {
Object[] arr = new Object[1];
arr[0] = InferTaint.inferSecretSource();
arr[0] = null;
InferTaint.inferSensitiveSink(arr[0]);
}
}