private void checkTaintSink( String calledMethod, TaintFrame fact, SourceLineAnnotation sourceLine, String currentMethod) throws DataflowAnalysisException { if (methodsWithSinks.containsKey(calledMethod)) { Set<TaintSink> sinks = methodsWithSinks.get(calledMethod); for (TaintSink sink : sinks) { Taint sinkTaint = sink.getTaint(); Set<Integer> taintParameters = sinkTaint.getTaintParameters(); Taint finalTaint = sinkTaint.getNonParametricTaint(); for (Integer offset : taintParameters) { Taint parameterTaint = fact.getStackValue(offset); finalTaint = Taint.merge(finalTaint, parameterTaint); } if (finalTaint == null) { continue; } if (finalTaint.isTainted()) { BugInstance bugInstance = sink.getBugInstance(); bugInstance.setPriority(Priorities.HIGH_PRIORITY); bugInstance.addSourceLine(sourceLine); } else if (finalTaint.hasTaintParameters()) { assert finalTaint.isUnknown(); BugInstance bugInstance = sink.getBugInstance(); bugInstance.addSourceLine(sourceLine); delayBugToReport(currentMethod, finalTaint, bugInstance); } } } }
private int getPriority(Taint taint) { if (taint.isTainted()) { return Priorities.HIGH_PRIORITY; } else if (!taint.isSafe()) { return Priorities.NORMAL_PRIORITY; } else { return Priorities.IGNORE_PRIORITY; } }