com.h3xstream.findsecbugs.taintanalysis.extra

Class PotentialValueTracker

java.lang.Object

com.h3xstream.findsecbugs.injection.AbstractTaintDetector

com.h3xstream.findsecbugs.injection.AbstractInjectionDetector

com.h3xstream.findsecbugs.injection.BasicInjectionDetector

com.h3xstream.findsecbugs.taintanalysis.extra.PotentialValueTracker

All Implemented Interfaces:

TaintFrameAdditionalVisitor, edu.umd.cs.findbugs.Detector, edu.umd.cs.findbugs.Priorities

public class PotentialValueTracker
extends BasicInjectionDetector
implements TaintFrameAdditionalVisitor

This class detect potential default value and set it to the Taint instance. For example in props.getProperties("password","admin1234"), the second parameter (admin1234) is the default value if the property is not set. This detector doesn't report bugs like the other detector it only enhances the taint analysis. Being a detector, the behavior can be deactivated easily.

Field Summary

Fields inherited from class com.h3xstream.findsecbugs.injection.AbstractInjectionDetector

injectionSinks

Fields inherited from class com.h3xstream.findsecbugs.injection.AbstractTaintDetector

bugReporter

Fields inherited from interface edu.umd.cs.findbugs.Priorities

EXP_PRIORITY, HIGH_PRIORITY, IGNORE_PRIORITY, LOW_PRIORITY, NORMAL_PRIORITY

Constructor Summary

Constructors

Constructor and Description
PotentialValueTracker(edu.umd.cs.findbugs.BugReporter bugReporter)

Method Summary

Modifier and Type	Method and Description
void	visitField(org.apache.bcel.generic.FieldInstruction put, org.apache.bcel.generic.MethodGen methodGen, TaintFrame frameType, Taint taintFrame, int numProduced, org.apache.bcel.generic.ConstantPoolGen cpg)
void	visitInvoke(org.apache.bcel.generic.InvokeInstruction invoke, org.apache.bcel.generic.MethodGen methodGen, TaintFrame frameType, List<Taint> parameters, org.apache.bcel.generic.ConstantPoolGen cpg) This method will be triggered for every method invocation (static, interface, special and virtual).
void	visitLoad(org.apache.bcel.generic.LoadInstruction load, org.apache.bcel.generic.MethodGen methodGen, TaintFrame frameType, int numProduced, org.apache.bcel.generic.ConstantPoolGen cpg)
void	visitReturn(org.apache.bcel.generic.MethodGen methodGen, Taint returnValue, org.apache.bcel.generic.ConstantPoolGen cpg)

Methods inherited from class com.h3xstream.findsecbugs.injection.BasicInjectionDetector

addParsedInjectionPoint, getInjectionPoint, loadConfiguredSinks, loadConfiguredSinks, loadCustomSinks, loadCustomSinksConfigFiles, loadSink, registerVisitor

Methods inherited from class com.h3xstream.findsecbugs.injection.AbstractInjectionDetector

analyzeLocation, getPriority, getPriorityFromTaintFrame, report

Methods inherited from class com.h3xstream.findsecbugs.injection.AbstractTaintDetector

analyzeMethod, shouldAnalyzeClass, visitClassContext

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

PotentialValueTracker

public PotentialValueTracker(edu.umd.cs.findbugs.BugReporter bugReporter)

Method Detail

visitInvoke

public void visitInvoke(org.apache.bcel.generic.InvokeInstruction invoke,
                        org.apache.bcel.generic.MethodGen methodGen,
                        TaintFrame frameType,
                        List<Taint> parameters,
                        org.apache.bcel.generic.ConstantPoolGen cpg)
                 throws edu.umd.cs.findbugs.ba.DataflowAnalysisException

Description copied from interface: TaintFrameAdditionalVisitor

This method will be triggered for every method invocation (static, interface, special and virtual). The constant pool allowed the resolution of method name, field name, constant strings, etc. The taintframe

Specified by:

visitInvoke in interface TaintFrameAdditionalVisitor

methodGen - Method

frameType - Frame representation after the invoke (results)

parameters - Stack representation just before the invoke

Throws:

edu.umd.cs.findbugs.ba.DataflowAnalysisException

visitLoad

public void visitLoad(org.apache.bcel.generic.LoadInstruction load,
                      org.apache.bcel.generic.MethodGen methodGen,
                      TaintFrame frameType,
                      int numProduced,
                      org.apache.bcel.generic.ConstantPoolGen cpg)

Specified by:

visitLoad in interface TaintFrameAdditionalVisitor

visitField

public void visitField(org.apache.bcel.generic.FieldInstruction put,
                       org.apache.bcel.generic.MethodGen methodGen,
                       TaintFrame frameType,
                       Taint taintFrame,
                       int numProduced,
                       org.apache.bcel.generic.ConstantPoolGen cpg)
                throws Exception

Specified by:

visitField in interface TaintFrameAdditionalVisitor

Throws:

Exception

visitReturn

public void visitReturn(org.apache.bcel.generic.MethodGen methodGen,
                        Taint returnValue,
                        org.apache.bcel.generic.ConstantPoolGen cpg)
                 throws Exception

Specified by:

visitReturn in interface TaintFrameAdditionalVisitor

Parameters:

methodGen - Method

returnValue - State of the returned value.

Throws:

Exception