TrustBoundaryViolationAttributeDetector (Find Security Bugs Plugin 1.7.0 API)

Skip navigation links

Prev Class
Next Class

All Classes

Summary:
Nested |
Field |
Constr |
Method

Detail:
Field |
Constr |
Method

java.lang.Object
- com.h3xstream.findsecbugs.injection.AbstractTaintDetector
- - com.h3xstream.findsecbugs.injection.AbstractInjectionDetector
  - - com.h3xstream.findsecbugs.injection.BasicInjectionDetector
    - - com.h3xstream.findsecbugs.injection.trust.TrustBoundaryViolationAttributeDetector

All Implemented Interfaces:

edu.umd.cs.findbugs.Detector, edu.umd.cs.findbugs.Priorities
```
public class TrustBoundaryViolationAttributeDetector
extends BasicInjectionDetector
```
Trust Boundary Violation is fancy name to describe tainted value passed directly to session attribute. This could be an expected behavior that allow an attacker to change the session state.

When the attribute name is dynamic, it is a lot more suspicious than when it is a dynamic value. setAttribute( suspiciousValue, "true") vs setAttribute( "language" , commonDynamicValue)

For this reason, the trust boundary violation was split in two detector.

See Also:

TrustBoundaryViolationValueDetector

Field Summary
- Fields inherited from class com.h3xstream.findsecbugs.injection.AbstractInjectionDetector
  injectionSinks
- Fields inherited from class com.h3xstream.findsecbugs.injection.AbstractTaintDetector
  bugReporter
- Fields inherited from interface edu.umd.cs.findbugs.Priorities
  EXP_PRIORITY, HIGH_PRIORITY, IGNORE_PRIORITY, LOW_PRIORITY, NORMAL_PRIORITY

Constructor Summary

Constructors
Constructor and Description

TrustBoundaryViolationAttributeDetector(edu.umd.cs.findbugs.BugReporter bugReporter)

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`protected int`	`getPriority(Taint taint)` All or nothing : If the taint to sink path is found, it is mark as high If the source is not confirm, it is mark as low.

Methods inherited from class com.h3xstream.findsecbugs.injection.BasicInjectionDetector
addParsedInjectionPoint, getInjectionPoint, loadConfiguredSinks, loadConfiguredSinks, loadCustomConfigFiles, loadCustomSinks, loadSink

Methods inherited from class com.h3xstream.findsecbugs.injection.AbstractInjectionDetector
analyzeLocation, getPriorityFromTaintFrame, report

Methods inherited from class com.h3xstream.findsecbugs.injection.AbstractTaintDetector
analyzeMethod, shouldAnalyzeClass, visitClassContext

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Constructor Detail
  - TrustBoundaryViolationAttributeDetector
```
public TrustBoundaryViolationAttributeDetector(edu.umd.cs.findbugs.BugReporter bugReporter)
```
- Method Detail
  - getPriority
```
protected int getPriority(Taint taint)
```
    All or nothing :
    - If the taint to sink path is found, it is mark as high
    - If the source is not confirm, it is mark as low. This is will be the most common case.
    Overrides:
    
    getPriority in class AbstractInjectionDetector
    
    Parameters:
    
    taint - Taint state
    
    Returns:
    
    High or low confidence

Skip navigation links

Prev Class
Next Class

All Classes

Summary:
Nested |
Field |
Constr |
Method

Detail:
Field |
Constr |
Method

Copyright © 2017. All rights reserved.