Пример #1
0
 private void checkTaintSink(
     String calledMethod, TaintFrame fact, SourceLineAnnotation sourceLine, String currentMethod)
     throws DataflowAnalysisException {
   if (methodsWithSinks.containsKey(calledMethod)) {
     Set<TaintSink> sinks = methodsWithSinks.get(calledMethod);
     for (TaintSink sink : sinks) {
       Taint sinkTaint = sink.getTaint();
       Set<Integer> taintParameters = sinkTaint.getTaintParameters();
       Taint finalTaint = sinkTaint.getNonParametricTaint();
       for (Integer offset : taintParameters) {
         Taint parameterTaint = fact.getStackValue(offset);
         finalTaint = Taint.merge(finalTaint, parameterTaint);
       }
       if (finalTaint == null) {
         continue;
       }
       if (finalTaint.isTainted()) {
         BugInstance bugInstance = sink.getBugInstance();
         bugInstance.setPriority(Priorities.HIGH_PRIORITY);
         bugInstance.addSourceLine(sourceLine);
       } else if (finalTaint.hasTaintParameters()) {
         assert finalTaint.isUnknown();
         BugInstance bugInstance = sink.getBugInstance();
         bugInstance.addSourceLine(sourceLine);
         delayBugToReport(currentMethod, finalTaint, bugInstance);
       }
     }
   }
 }
Пример #2
0
  private int getPriority(Taint taint) {

    if (taint.isTainted()) {
      return Priorities.HIGH_PRIORITY;
    } else if (!taint.isSafe()) {
      return Priorities.NORMAL_PRIORITY;
    } else {
      return Priorities.IGNORE_PRIORITY;
    }
  }