java.lang.Object
- com.h3xstream.findsecbugs.injection.AbstractTaintDetector
- - com.h3xstream.findsecbugs.injection.AbstractInjectionDetector
  - - com.h3xstream.findsecbugs.injection.BasicInjectionDetector
    - - com.h3xstream.findsecbugs.taintanalysis.extra.PotentialValueTracker

All Implemented Interfaces:

TaintFrameAdditionalVisitor, edu.umd.cs.findbugs.Detector, edu.umd.cs.findbugs.Priorities
```
public class PotentialValueTracker
extends BasicInjectionDetector
implements TaintFrameAdditionalVisitor
```
This class detect potential default value and set it to the Taint instance. For example in props.getProperties("password","admin1234"), the second parameter (admin1234) is the default value if the property is not set. This detector doesn't report bugs like the other detector it only enhances the taint analysis. Being a detector, the behavior can be deactivated easily.

Field Summary
- Fields inherited from class com.h3xstream.findsecbugs.injection.AbstractInjectionDetector
  injectionSinks
- Fields inherited from class com.h3xstream.findsecbugs.injection.AbstractTaintDetector
  bugReporter
- Fields inherited from interface edu.umd.cs.findbugs.Priorities
  EXP_PRIORITY, HIGH_PRIORITY, IGNORE_PRIORITY, LOW_PRIORITY, NORMAL_PRIORITY

Constructor Summary

Constructors
Constructor Description

PotentialValueTracker(edu.umd.cs.findbugs.BugReporter bugReporter)

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method	Description
`void`	`visitField(org.apache.bcel.generic.FieldInstruction put, org.apache.bcel.generic.MethodGen methodGen, TaintFrame frameType, Taint taintFrame, int numProduced, org.apache.bcel.generic.ConstantPoolGen cpg)`
`void`	`visitInvoke(org.apache.bcel.generic.InvokeInstruction invoke, org.apache.bcel.generic.MethodGen methodGen, TaintFrame frameType, List<Taint> parameters, org.apache.bcel.generic.ConstantPoolGen cpg)`	This method will be triggered for every method invocation (static, interface, special and virtual).
`void`	`visitLoad(org.apache.bcel.generic.LoadInstruction load, org.apache.bcel.generic.MethodGen methodGen, TaintFrame frameType, int numProduced, org.apache.bcel.generic.ConstantPoolGen cpg)`
`void`	`visitReturn(org.apache.bcel.generic.MethodGen methodGen, Taint returnValue, org.apache.bcel.generic.ConstantPoolGen cpg)`

Methods inherited from class com.h3xstream.findsecbugs.injection.BasicInjectionDetector
addParsedInjectionPoint, getInjectionPoint, loadConfiguredSinks, loadConfiguredSinks, loadCustomSinks, loadCustomSinksConfigFiles, loadSink, registerVisitor

Methods inherited from class com.h3xstream.findsecbugs.injection.AbstractInjectionDetector
analyzeLocation, getPriority, getPriorityFromTaintFrame, report

Methods inherited from class com.h3xstream.findsecbugs.injection.AbstractTaintDetector
analyzeMethod, shouldAnalyzeClass, visitClassContext

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

PotentialValueTracker

public PotentialValueTracker(edu.umd.cs.findbugs.BugReporter bugReporter)

Method Detail

visitInvoke
```
public void visitInvoke(org.apache.bcel.generic.InvokeInstruction invoke,
                        org.apache.bcel.generic.MethodGen methodGen,
                        TaintFrame frameType,
                        List<Taint> parameters,
                        org.apache.bcel.generic.ConstantPoolGen cpg)
                 throws edu.umd.cs.findbugs.ba.DataflowAnalysisException
```
Description copied from interface: TaintFrameAdditionalVisitor

This method will be triggered for every method invocation (static, interface, special and virtual). The constant pool allowed the resolution of method name, field name, constant strings, etc. The taintframe

Specified by:

visitInvoke in interface TaintFrameAdditionalVisitor

methodGen - Method

frameType - Frame representation after the invoke (results)

parameters - Stack representation just before the invoke

Throws:

edu.umd.cs.findbugs.ba.DataflowAnalysisException

visitLoad

public void visitLoad(org.apache.bcel.generic.LoadInstruction load,
                      org.apache.bcel.generic.MethodGen methodGen,
                      TaintFrame frameType,
                      int numProduced,
                      org.apache.bcel.generic.ConstantPoolGen cpg)

Specified by:: visitLoad in interface TaintFrameAdditionalVisitor

visitField

public void visitField(org.apache.bcel.generic.FieldInstruction put,
                       org.apache.bcel.generic.MethodGen methodGen,
                       TaintFrame frameType,
                       Taint taintFrame,
                       int numProduced,
                       org.apache.bcel.generic.ConstantPoolGen cpg)
                throws Exception

Specified by:: visitField in interface TaintFrameAdditionalVisitor
Throws:: Exception

visitReturn

public void visitReturn(org.apache.bcel.generic.MethodGen methodGen,
                        Taint returnValue,
                        org.apache.bcel.generic.ConstantPoolGen cpg)
                 throws Exception

Specified by:: visitReturn in interface TaintFrameAdditionalVisitor
Parameters:: methodGen - Method; returnValue - State of the returned value.
Throws:: Exception

Class PotentialValueTracker

Field Summary

Fields inherited from class com.h3xstream.findsecbugs.injection.AbstractInjectionDetector

Fields inherited from class com.h3xstream.findsecbugs.injection.AbstractTaintDetector

Fields inherited from interface edu.umd.cs.findbugs.Priorities

Constructor Summary

Method Summary

Methods inherited from class com.h3xstream.findsecbugs.injection.BasicInjectionDetector

Methods inherited from class com.h3xstream.findsecbugs.injection.AbstractInjectionDetector

Methods inherited from class com.h3xstream.findsecbugs.injection.AbstractTaintDetector

Methods inherited from class java.lang.Object

Constructor Detail

PotentialValueTracker

Method Detail

visitInvoke

visitLoad

visitField

visitReturn