Uses of Class
com.h3xstream.findsecbugs.taintanalysis.Taint

Packages that use Taint

Package	Description
com.h3xstream.findsecbugs
com.h3xstream.findsecbugs.common
com.h3xstream.findsecbugs.file
com.h3xstream.findsecbugs.injection
com.h3xstream.findsecbugs.injection.command
com.h3xstream.findsecbugs.injection.crlf
com.h3xstream.findsecbugs.injection.custom
com.h3xstream.findsecbugs.injection.formatter
com.h3xstream.findsecbugs.injection.http
com.h3xstream.findsecbugs.injection.ldap
com.h3xstream.findsecbugs.injection.redirect
com.h3xstream.findsecbugs.injection.smtp
com.h3xstream.findsecbugs.injection.sql
com.h3xstream.findsecbugs.injection.trust	Trust Boundary Violation is fancy name to describe tainted value passed directly to session attribute.
com.h3xstream.findsecbugs.password
com.h3xstream.findsecbugs.scala
com.h3xstream.findsecbugs.taintanalysis
com.h3xstream.findsecbugs.taintanalysis.extra
com.h3xstream.findsecbugs.xpath	This package focus on the identification of XPath injection vulnerability from various APIs: javax.xml (JDK API) org.apache.xpath org.apache.commons.jxpath (Apache Commons) TODO org.xmldb.api.modules (Apache Xindice) TODO
com.h3xstream.findsecbugs.xss

Uses of Taint in com.h3xstream.findsecbugs

Methods in com.h3xstream.findsecbugs with parameters of type Taint

Modifier and Type	Method and Description
protected int	HttpResponseSplittingDetector.getPriority(Taint taint)

Uses of Taint in com.h3xstream.findsecbugs.common

Methods in com.h3xstream.findsecbugs.common with parameters of type Taint

Modifier and Type	Method and Description
static boolean	TaintUtil.isConstantValue(Taint value)
static boolean	TaintUtil.isConstantValueAndNotEmpty(Taint value)

Uses of Taint in com.h3xstream.findsecbugs.file

Methods in com.h3xstream.findsecbugs.file with parameters of type Taint

Modifier and Type	Method and Description
protected int	PathTraversalDetector.getPriority(Taint taint)

Uses of Taint in com.h3xstream.findsecbugs.injection

Methods in com.h3xstream.findsecbugs.injection with parameters of type Taint

Modifier and Type	Method and Description
protected int	AbstractInjectionDetector.getPriority(Taint taint) The default implementation of getPriority() can be overridden if the severity and the confidence for risk is particular.

Uses of Taint in com.h3xstream.findsecbugs.injection.command

Methods in com.h3xstream.findsecbugs.injection.command with parameters of type Taint

Modifier and Type	Method and Description
protected int	CommandInjectionDetector.getPriority(Taint taint)

Uses of Taint in com.h3xstream.findsecbugs.injection.crlf

Methods in com.h3xstream.findsecbugs.injection.crlf with parameters of type Taint

Modifier and Type	Method and Description
protected int	CrlfLogInjectionDetector.getPriority(Taint taint)

Uses of Taint in com.h3xstream.findsecbugs.injection.custom

Methods in com.h3xstream.findsecbugs.injection.custom with parameters of type Taint

Modifier and Type	Method and Description
protected int	CustomInjectionDetector.getPriority(Taint taint)

Uses of Taint in com.h3xstream.findsecbugs.injection.formatter

Methods in com.h3xstream.findsecbugs.injection.formatter with parameters of type Taint

Modifier and Type	Method and Description
protected int	FormatStringManipulationDetector.getPriority(Taint taint)

Uses of Taint in com.h3xstream.findsecbugs.injection.http

Methods in com.h3xstream.findsecbugs.injection.http with parameters of type Taint

Modifier and Type	Method and Description
protected int	HttpParameterPollutionDetector.getPriority(Taint taint)

Uses of Taint in com.h3xstream.findsecbugs.injection.ldap

Methods in com.h3xstream.findsecbugs.injection.ldap with parameters of type Taint

Modifier and Type	Method and Description
protected int	LdapInjectionDetector.getPriority(Taint taint)

Uses of Taint in com.h3xstream.findsecbugs.injection.redirect

Methods in com.h3xstream.findsecbugs.injection.redirect with parameters of type Taint

Modifier and Type	Method and Description
protected int	UnvalidatedRedirectDetector.getPriority(Taint taint)

Uses of Taint in com.h3xstream.findsecbugs.injection.smtp

Methods in com.h3xstream.findsecbugs.injection.smtp with parameters of type Taint

Modifier and Type	Method and Description
protected int	SmtpHeaderInjectionDetector.getPriority(Taint taint)

Uses of Taint in com.h3xstream.findsecbugs.injection.sql

Methods in com.h3xstream.findsecbugs.injection.sql with parameters of type Taint

Modifier and Type	Method and Description
protected int	SqlInjectionDetector.getPriority(Taint taint)
protected int	AndroidSqlInjectionDetector.getPriority(Taint taint)

Uses of Taint in com.h3xstream.findsecbugs.injection.trust

Methods in com.h3xstream.findsecbugs.injection.trust with parameters of type Taint

Modifier and Type	Method and Description
protected int	TrustBoundaryViolationValueDetector.getPriority(Taint taint) = All or nothing : If the taint to sink path is found, it is mark as high If the source is not confirm, it is mark as low.
protected int	TrustBoundaryViolationAttributeDetector.getPriority(Taint taint) All or nothing : If the taint to sink path is found, it is mark as high If the source is not confirm, it is mark as low.

Uses of Taint in com.h3xstream.findsecbugs.password

Methods in com.h3xstream.findsecbugs.password with parameters of type Taint

Modifier and Type	Method and Description
void	HashUnsafeEqualsDetector.visitField(org.apache.bcel.generic.FieldInstruction put, org.apache.bcel.generic.MethodGen methodGen, TaintFrame frameType, Taint taint, int numProduced, org.apache.bcel.generic.ConstantPoolGen cpg)
void	AbstractHardcodedPasswordEqualsDetector.visitField(org.apache.bcel.generic.FieldInstruction put, org.apache.bcel.generic.MethodGen methodGen, TaintFrame frameType, Taint taint, int numProduced, org.apache.bcel.generic.ConstantPoolGen cpg)
void	HashUnsafeEqualsDetector.visitReturn(org.apache.bcel.generic.MethodGen methodGen, Taint returnValue, org.apache.bcel.generic.ConstantPoolGen cpg)
void	AbstractHardcodedPasswordEqualsDetector.visitReturn(org.apache.bcel.generic.MethodGen methodGen, Taint returnValue, org.apache.bcel.generic.ConstantPoolGen cpg)

Method parameters in com.h3xstream.findsecbugs.password with type arguments of type Taint

Modifier and Type	Method and Description
void	HashUnsafeEqualsDetector.visitInvoke(org.apache.bcel.generic.InvokeInstruction invoke, org.apache.bcel.generic.MethodGen methodGen, TaintFrame frameType, List<Taint> parameters, org.apache.bcel.generic.ConstantPoolGen cpg)
void	AbstractHardcodedPasswordEqualsDetector.visitInvoke(org.apache.bcel.generic.InvokeInstruction instruction, org.apache.bcel.generic.MethodGen methodGen, TaintFrame frameType, List<Taint> parameters, org.apache.bcel.generic.ConstantPoolGen cpg)

Uses of Taint in com.h3xstream.findsecbugs.scala

Methods in com.h3xstream.findsecbugs.scala with parameters of type Taint

Modifier and Type	Method and Description
protected int	XssTwirlDetector.getPriority(Taint taint)
protected int	XssMvcApiDetector.getPriority(Taint taint)
protected int	ScalaSensitiveDataExposureDetector.getPriority(Taint taint)

Uses of Taint in com.h3xstream.findsecbugs.taintanalysis

Methods in com.h3xstream.findsecbugs.taintanalysis that return Taint

Modifier and Type	Method and Description
Taint	TaintFrameModelingVisitor.getDefaultValue()
Taint	TaintMethodConfig.getOutputTaint() Returns the output taint of the method describing the taint transfer
Taint	TaintConfig.getStaticFieldTaint(String fieldSignature, Taint defaultValue)
static Taint	Taint.merge(Taint a, Taint b) Returns the merge of the facts such that it can represent any of them
Taint	Taint.setDebugInfo(String debugInfo) Sets info for debugging purposes (consumes much memory)
static Taint	Taint.valueOf(String stateName) Constructs a new instance of taint from the specified state name
static Taint	Taint.valueOf(Taint.State state) Constructs a new instance of taint from the specified state

Methods in com.h3xstream.findsecbugs.taintanalysis that return types with arguments of type Taint

Modifier and Type	Method and Description
Map<Integer,Taint>	TaintMethodConfig.getParametersOutputTaints() Returns computed output taints for method parameters for back-propagation. Please note the stackIndex is in reverse order compared to the method parameters (and frame local variables), i.e.

Methods in com.h3xstream.findsecbugs.taintanalysis with parameters of type Taint

Modifier and Type	Method and Description
Taint	TaintConfig.getStaticFieldTaint(String fieldSignature, Taint defaultValue)
static Taint	Taint.merge(Taint a, Taint b) Returns the merge of the facts such that it can represent any of them
void	TaintConfig.putStaticFieldTaint(String fieldSignature, Taint t)
void	TaintMethodConfig.setOuputTaint(Taint taint) Sets the output taint of the method describing the taint transfer, copy of the parameter is made and variable index is invalidated
void	TaintMethodConfig.setParameterOutputTaint(int stackIndex, Taint taint) Stores output taint for method parameters to be used for back-propagation. Please note the stackIndex is in reverse order compared to the method parameters (and frame local variables), i.e.
void	TaintFrameAdditionalVisitor.visitField(org.apache.bcel.generic.FieldInstruction put, org.apache.bcel.generic.MethodGen methodGen, TaintFrame frameType, Taint taintFrame, int numProduced, org.apache.bcel.generic.ConstantPoolGen cpg)
void	TaintFrameAdditionalVisitor.visitReturn(org.apache.bcel.generic.MethodGen methodGen, Taint returnValue, org.apache.bcel.generic.ConstantPoolGen cpg)

Method parameters in com.h3xstream.findsecbugs.taintanalysis with type arguments of type Taint

Modifier and Type	Method and Description
void	TaintFrameAdditionalVisitor.visitInvoke(org.apache.bcel.generic.InvokeInstruction invoke, org.apache.bcel.generic.MethodGen methodGen, TaintFrame frameType, List<Taint> parameters, org.apache.bcel.generic.ConstantPoolGen cpg) This method will be triggered for every method invocation (static, interface, special and virtual).

Constructors in com.h3xstream.findsecbugs.taintanalysis with parameters of type Taint

Constructor and Description
Taint(Taint taint) Creates a hard copy of the specified Taint instance

Uses of Taint in com.h3xstream.findsecbugs.taintanalysis.extra

Methods in com.h3xstream.findsecbugs.taintanalysis.extra with parameters of type Taint

Modifier and Type	Method and Description
void	PotentialValueTracker.visitField(org.apache.bcel.generic.FieldInstruction put, org.apache.bcel.generic.MethodGen methodGen, TaintFrame frameType, Taint taintFrame, int numProduced, org.apache.bcel.generic.ConstantPoolGen cpg)
void	JstlExpressionWhiteLister.visitField(org.apache.bcel.generic.FieldInstruction put, org.apache.bcel.generic.MethodGen methodGen, TaintFrame frameType, Taint taintFrame, int numProduced, org.apache.bcel.generic.ConstantPoolGen cpg)
void	PotentialValueTracker.visitReturn(org.apache.bcel.generic.MethodGen methodGen, Taint returnValue, org.apache.bcel.generic.ConstantPoolGen cpg)
void	JstlExpressionWhiteLister.visitReturn(org.apache.bcel.generic.MethodGen methodGen, Taint returnValue, org.apache.bcel.generic.ConstantPoolGen cpg)

Method parameters in com.h3xstream.findsecbugs.taintanalysis.extra with type arguments of type Taint

Modifier and Type	Method and Description
void	PotentialValueTracker.visitInvoke(org.apache.bcel.generic.InvokeInstruction invoke, org.apache.bcel.generic.MethodGen methodGen, TaintFrame frameType, List<Taint> parameters, org.apache.bcel.generic.ConstantPoolGen cpg)
void	JstlExpressionWhiteLister.visitInvoke(org.apache.bcel.generic.InvokeInstruction invoke, org.apache.bcel.generic.MethodGen methodGen, TaintFrame frameType, List<Taint> parameters, org.apache.bcel.generic.ConstantPoolGen cpg)

Uses of Taint in com.h3xstream.findsecbugs.xpath

Methods in com.h3xstream.findsecbugs.xpath with parameters of type Taint

Modifier and Type	Method and Description
protected int	XPathInjectionDetector.getPriority(Taint taint)

Uses of Taint in com.h3xstream.findsecbugs.xss

Methods in com.h3xstream.findsecbugs.xss with parameters of type Taint

Modifier and Type	Method and Description
protected int	XssServletDetector.getPriority(Taint taint)
protected int	XssJspDetector.getPriority(Taint taint)