Uses of Class
com.h3xstream.findsecbugs.taintanalysis.Taint
-
-
Uses of Taint in com.h3xstream.findsecbugs
Methods in com.h3xstream.findsecbugs with parameters of type Taint Modifier and Type Method Description protected intHttpResponseSplittingDetector. getPriority(Taint taint) -
Uses of Taint in com.h3xstream.findsecbugs.common
Methods in com.h3xstream.findsecbugs.common with parameters of type Taint Modifier and Type Method Description static booleanTaintUtil. isConstantValue(Taint value)static booleanTaintUtil. isConstantValueAndNotEmpty(Taint value) -
Uses of Taint in com.h3xstream.findsecbugs.file
Methods in com.h3xstream.findsecbugs.file with parameters of type Taint Modifier and Type Method Description protected intPathTraversalDetector. getPriority(Taint taint) -
Uses of Taint in com.h3xstream.findsecbugs.injection
Methods in com.h3xstream.findsecbugs.injection with parameters of type Taint Modifier and Type Method Description protected intAbstractInjectionDetector. getPriority(Taint taint)The default implementation ofgetPriority()can be overridden if the severity and the confidence for risk is particular. -
Uses of Taint in com.h3xstream.findsecbugs.injection.command
Methods in com.h3xstream.findsecbugs.injection.command with parameters of type Taint Modifier and Type Method Description protected intCommandInjectionDetector. getPriority(Taint taint) -
Uses of Taint in com.h3xstream.findsecbugs.injection.crlf
Methods in com.h3xstream.findsecbugs.injection.crlf with parameters of type Taint Modifier and Type Method Description protected intCrlfLogInjectionDetector. getPriority(Taint taint) -
Uses of Taint in com.h3xstream.findsecbugs.injection.custom
Methods in com.h3xstream.findsecbugs.injection.custom with parameters of type Taint Modifier and Type Method Description protected intCustomInjectionDetector. getPriority(Taint taint) -
Uses of Taint in com.h3xstream.findsecbugs.injection.formatter
Methods in com.h3xstream.findsecbugs.injection.formatter with parameters of type Taint Modifier and Type Method Description protected intFormatStringManipulationDetector. getPriority(Taint taint) -
Uses of Taint in com.h3xstream.findsecbugs.injection.http
Methods in com.h3xstream.findsecbugs.injection.http with parameters of type Taint Modifier and Type Method Description protected intHttpParameterPollutionDetector. getPriority(Taint taint) -
Uses of Taint in com.h3xstream.findsecbugs.injection.ldap
Methods in com.h3xstream.findsecbugs.injection.ldap with parameters of type Taint Modifier and Type Method Description protected intLdapInjectionDetector. getPriority(Taint taint) -
Uses of Taint in com.h3xstream.findsecbugs.injection.redirect
Methods in com.h3xstream.findsecbugs.injection.redirect with parameters of type Taint Modifier and Type Method Description protected intUnvalidatedRedirectDetector. getPriority(Taint taint) -
Uses of Taint in com.h3xstream.findsecbugs.injection.smtp
Methods in com.h3xstream.findsecbugs.injection.smtp with parameters of type Taint Modifier and Type Method Description protected intSmtpHeaderInjectionDetector. getPriority(Taint taint) -
Uses of Taint in com.h3xstream.findsecbugs.injection.sql
Methods in com.h3xstream.findsecbugs.injection.sql with parameters of type Taint Modifier and Type Method Description protected intAndroidSqlInjectionDetector. getPriority(Taint taint)protected intSqlInjectionDetector. getPriority(Taint taint) -
Uses of Taint in com.h3xstream.findsecbugs.injection.trust
Methods in com.h3xstream.findsecbugs.injection.trust with parameters of type Taint Modifier and Type Method Description protected intTrustBoundaryViolationAttributeDetector. getPriority(Taint taint)All or nothing : If the taint to sink path is found, it is mark as high If the source is not confirm, it is mark as low.protected intTrustBoundaryViolationValueDetector. getPriority(Taint taint)= All or nothing : If the taint to sink path is found, it is mark as high If the source is not confirm, it is mark as low. -
Uses of Taint in com.h3xstream.findsecbugs.injection.xml
Methods in com.h3xstream.findsecbugs.injection.xml with parameters of type Taint Modifier and Type Method Description voidXmlInjectionDetector. visitField(org.apache.bcel.generic.FieldInstruction put, org.apache.bcel.generic.MethodGen methodGen, TaintFrame frameType, Taint taint, int numProduced, org.apache.bcel.generic.ConstantPoolGen cpg)voidXmlInjectionDetector. visitReturn(org.apache.bcel.generic.MethodGen methodGen, Taint returnValue, org.apache.bcel.generic.ConstantPoolGen cpg)Method parameters in com.h3xstream.findsecbugs.injection.xml with type arguments of type Taint Modifier and Type Method Description voidXmlInjectionDetector. visitInvoke(org.apache.bcel.generic.InvokeInstruction invoke, org.apache.bcel.generic.MethodGen methodGen, TaintFrame frameType, List<Taint> parameters, org.apache.bcel.generic.ConstantPoolGen cpg) -
Uses of Taint in com.h3xstream.findsecbugs.password
Methods in com.h3xstream.findsecbugs.password with parameters of type Taint Modifier and Type Method Description voidAbstractHardcodedPasswordEqualsDetector. visitField(org.apache.bcel.generic.FieldInstruction put, org.apache.bcel.generic.MethodGen methodGen, TaintFrame frameType, Taint taint, int numProduced, org.apache.bcel.generic.ConstantPoolGen cpg)voidHashUnsafeEqualsDetector. visitField(org.apache.bcel.generic.FieldInstruction put, org.apache.bcel.generic.MethodGen methodGen, TaintFrame frameType, Taint taint, int numProduced, org.apache.bcel.generic.ConstantPoolGen cpg)voidAbstractHardcodedPasswordEqualsDetector. visitReturn(org.apache.bcel.generic.MethodGen methodGen, Taint returnValue, org.apache.bcel.generic.ConstantPoolGen cpg)voidHashUnsafeEqualsDetector. visitReturn(org.apache.bcel.generic.MethodGen methodGen, Taint returnValue, org.apache.bcel.generic.ConstantPoolGen cpg)Method parameters in com.h3xstream.findsecbugs.password with type arguments of type Taint Modifier and Type Method Description voidAbstractHardcodedPasswordEqualsDetector. visitInvoke(org.apache.bcel.generic.InvokeInstruction instruction, org.apache.bcel.generic.MethodGen methodGen, TaintFrame frameType, List<Taint> parameters, org.apache.bcel.generic.ConstantPoolGen cpg)voidHashUnsafeEqualsDetector. visitInvoke(org.apache.bcel.generic.InvokeInstruction invoke, org.apache.bcel.generic.MethodGen methodGen, TaintFrame frameType, List<Taint> parameters, org.apache.bcel.generic.ConstantPoolGen cpg) -
Uses of Taint in com.h3xstream.findsecbugs.scala
Methods in com.h3xstream.findsecbugs.scala with parameters of type Taint Modifier and Type Method Description protected intScalaSensitiveDataExposureDetector. getPriority(Taint taint)protected intXssMvcApiDetector. getPriority(Taint taint)protected intXssTwirlDetector. getPriority(Taint taint) -
Uses of Taint in com.h3xstream.findsecbugs.taintanalysis
Methods in com.h3xstream.findsecbugs.taintanalysis that return Taint Modifier and Type Method Description TaintTaintFrameModelingVisitor. getDefaultValue()TaintTaintMethodConfig. getOutputTaint()Returns the output taint of the method describing the taint transferTaintTaintConfig. getStaticFieldTaint(String fieldSignature, Taint defaultValue)static TaintTaint. merge(Taint a, Taint b)Returns the merge of the facts such that it can represent any of themTaintTaint. setDebugInfo(String debugInfo)Sets info for debugging purposes (consumes much memory)static TaintTaint. valueOf(Taint.State state)Constructs a new instance of taint from the specified statestatic TaintTaint. valueOf(String stateName)Constructs a new instance of taint from the specified state nameMethods in com.h3xstream.findsecbugs.taintanalysis that return types with arguments of type Taint Modifier and Type Method Description Map<Integer,Taint>TaintMethodConfig. getParametersOutputTaints()Returns computed output taints for method parameters for back-propagation.
Please note the stackIndex is in reverse order compared to the method parameters (and frame local variables), i.e.Methods in com.h3xstream.findsecbugs.taintanalysis with parameters of type Taint Modifier and Type Method Description TaintTaintConfig. getStaticFieldTaint(String fieldSignature, Taint defaultValue)static TaintTaint. merge(Taint a, Taint b)Returns the merge of the facts such that it can represent any of themvoidTaintConfig. putStaticFieldTaint(String fieldSignature, Taint t)voidTaintMethodConfig. setOuputTaint(Taint taint)Sets the output taint of the method describing the taint transfer, copy of the parameter is made and variable index is invalidatedvoidTaintMethodConfig. setParameterOutputTaint(int stackIndex, Taint taint)Stores output taint for method parameters to be used for back-propagation.
Please note the stackIndex is in reverse order compared to the method parameters (and frame local variables), i.e.voidTaintFrameAdditionalVisitor. visitField(org.apache.bcel.generic.FieldInstruction put, org.apache.bcel.generic.MethodGen methodGen, TaintFrame frameType, Taint taintFrame, int numProduced, org.apache.bcel.generic.ConstantPoolGen cpg)voidTaintFrameAdditionalVisitor. visitReturn(org.apache.bcel.generic.MethodGen methodGen, Taint returnValue, org.apache.bcel.generic.ConstantPoolGen cpg)Method parameters in com.h3xstream.findsecbugs.taintanalysis with type arguments of type Taint Modifier and Type Method Description voidTaintFrameAdditionalVisitor. visitInvoke(org.apache.bcel.generic.InvokeInstruction invoke, org.apache.bcel.generic.MethodGen methodGen, TaintFrame frameType, List<Taint> parameters, org.apache.bcel.generic.ConstantPoolGen cpg)This method will be triggered for every method invocation (static, interface, special and virtual).Constructors in com.h3xstream.findsecbugs.taintanalysis with parameters of type Taint Constructor Description Taint(Taint taint)Creates a hard copy of the specified Taint instance -
Uses of Taint in com.h3xstream.findsecbugs.taintanalysis.extra
Methods in com.h3xstream.findsecbugs.taintanalysis.extra with parameters of type Taint Modifier and Type Method Description voidJstlExpressionWhiteLister. visitField(org.apache.bcel.generic.FieldInstruction put, org.apache.bcel.generic.MethodGen methodGen, TaintFrame frameType, Taint taintFrame, int numProduced, org.apache.bcel.generic.ConstantPoolGen cpg)voidPotentialValueTracker. visitField(org.apache.bcel.generic.FieldInstruction put, org.apache.bcel.generic.MethodGen methodGen, TaintFrame frameType, Taint taintFrame, int numProduced, org.apache.bcel.generic.ConstantPoolGen cpg)voidJstlExpressionWhiteLister. visitReturn(org.apache.bcel.generic.MethodGen methodGen, Taint returnValue, org.apache.bcel.generic.ConstantPoolGen cpg)voidPotentialValueTracker. visitReturn(org.apache.bcel.generic.MethodGen methodGen, Taint returnValue, org.apache.bcel.generic.ConstantPoolGen cpg)Method parameters in com.h3xstream.findsecbugs.taintanalysis.extra with type arguments of type Taint Modifier and Type Method Description voidJstlExpressionWhiteLister. visitInvoke(org.apache.bcel.generic.InvokeInstruction invoke, org.apache.bcel.generic.MethodGen methodGen, TaintFrame frameType, List<Taint> parameters, org.apache.bcel.generic.ConstantPoolGen cpg)voidPotentialValueTracker. visitInvoke(org.apache.bcel.generic.InvokeInstruction invoke, org.apache.bcel.generic.MethodGen methodGen, TaintFrame frameType, List<Taint> parameters, org.apache.bcel.generic.ConstantPoolGen cpg) -
Uses of Taint in com.h3xstream.findsecbugs.xpath
Methods in com.h3xstream.findsecbugs.xpath with parameters of type Taint Modifier and Type Method Description protected intXPathInjectionDetector. getPriority(Taint taint) -
Uses of Taint in com.h3xstream.findsecbugs.xss
Methods in com.h3xstream.findsecbugs.xss with parameters of type Taint Modifier and Type Method Description protected intXssJspDetector. getPriority(Taint taint)protected intXssServletDetector. getPriority(Taint taint)
-