Package org.openrewrite.java.dataflow

Class LocalTaintFlowSpec<Source extends Expression,Sink extends J>

java.lang.Object

org.openrewrite.java.dataflow.LocalFlowSpec<Source,Sink>

org.openrewrite.java.dataflow.LocalTaintFlowSpec<Source,Sink>

@Incubating(since="7.25.0")
public abstract class LocalTaintFlowSpec<Source extends Expression,Sink extends J>
extends LocalFlowSpec<Source,Sink>

Field Summary

Fields inherited from class org.openrewrite.java.dataflow.LocalFlowSpec

sinkType, sourceType

Constructor Summary

Constructors

Constructor	Description
LocalTaintFlowSpec()

Method Summary

Modifier and Type	Method	Description
final boolean	isAdditionalFlowStep(Expression srcExpression, org.openrewrite.Cursor srcCursor, Expression sinkExpression, org.openrewrite.Cursor sinkCursor)	takes an existing flow-step in the graph and offers a potential next flow step.
boolean	isAdditionalTaintStep(Expression srcExpression, org.openrewrite.Cursor srcCursor, Expression sinkExpression, org.openrewrite.Cursor sinkCursor)
final boolean	isBarrier(Expression expression, org.openrewrite.Cursor cursor)	Holds if flow through `expression` is prohibited.
final boolean	isBarrierGuard(Guard guard, boolean branch)
boolean	isSanitizer(Expression expression, org.openrewrite.Cursor cursor)
boolean	isSanitizerGuard(Guard guard, boolean branch)

Methods inherited from class org.openrewrite.java.dataflow.LocalFlowSpec

getSinkType, getSourceType, isFlowStep, isSink, isSource

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

LocalTaintFlowSpec

public LocalTaintFlowSpec()

Method Details

isAdditionalFlowStep

public final boolean isAdditionalFlowStep(Expression srcExpression,
 org.openrewrite.Cursor srcCursor,
 Expression sinkExpression,
 org.openrewrite.Cursor sinkCursor)

Description copied from class: LocalFlowSpec

takes an existing flow-step in the graph and offers a potential next flow step. The method can then decide if the offered potential next flow step should be considered a valid next flow step in the graph. Allows for ad-hoc taint tracking by allowing for additional, non-default flow steps to be added to the flow graph. The following is always true: srcExpression == srcCursor.getValue() && sinkExpression == sinkCursor.getValue().

Overrides:

isAdditionalFlowStep in class LocalFlowSpec<Source extends Expression,Sink extends J>

isAdditionalTaintStep

public boolean isAdditionalTaintStep(Expression srcExpression,
 org.openrewrite.Cursor srcCursor,
 Expression sinkExpression,
 org.openrewrite.Cursor sinkCursor)

isBarrierGuard

public final boolean isBarrierGuard(Guard guard,
 boolean branch)

Overrides:

isBarrierGuard in class LocalFlowSpec<Source extends Expression,Sink extends J>

isSanitizerGuard

public boolean isSanitizerGuard(Guard guard,
 boolean branch)

isBarrier

public final boolean isBarrier(Expression expression,
 org.openrewrite.Cursor cursor)

Description copied from class: LocalFlowSpec

Holds if flow through `expression` is prohibited.

Overrides:

isBarrier in class LocalFlowSpec<Source extends Expression,Sink extends J>

isSanitizer

public boolean isSanitizer(Expression expression,
 org.openrewrite.Cursor cursor)