Uses of Interface
com.h3xstream.findsecbugs.taintanalysis.TaintTypeConfig
-
Packages that use TaintTypeConfig Package Description com.h3xstream.findsecbugs.taintanalysis -
-
Uses of TaintTypeConfig in com.h3xstream.findsecbugs.taintanalysis
Classes in com.h3xstream.findsecbugs.taintanalysis that implement TaintTypeConfig Modifier and Type Class Description classTaintClassConfigSummary of information about a class related to taint analysis, allows to configure default behavior for return types and type casts.classTaintFieldConfigSummary of information about a class field related to taint analysis, allows to configure default behavior for class fields.classTaintMethodConfigSummary of information about a method related to taint analysis.
For loading sinks files please seeSinksLoaderclassTaintMethodConfigWithArgumentsAndLocationSummary of information about a taint analysis method with configured arguments and location of the call.
Can be used to fine-tune false-positives in specific classes.
Examples:
javax/servlet/http/HttpServletRequest.getAttribute("applicationConstant"):SAFE@org/apache/jsp/edit_jsp
javax/servlet/http/HttpServletRequest.getAttribute(UNKNOWN):SAFE@org/apache/jsp/constants_jspMethods in com.h3xstream.findsecbugs.taintanalysis that return TaintTypeConfig Modifier and Type Method Description TaintTypeConfigTaintTypeConfig. load(String taintConfig)Initializes the taint config object from String
-