Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Feature/metaproject #86

Draft
wants to merge 80 commits into
base: develop
Choose a base branch
from
Draft
Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
80 commits
Select commit Hold shift + click to select a range
3b3e206
Improved IFDS analysis, including demos and tests; by Mario Trageser
errt Mar 5, 2021
eb91c75
Merge branch 'develop' into feature/IDFS-improvements
errt May 27, 2021
31c4c6b
Create new project "ll"
buenaventure Jun 29, 2021
a26ee83
Add llvm bindings dependency
buenaventure Jun 29, 2021
9490098
Merge branch 'develop' into feature/IDFS-improvements
TorunR Jun 30, 2021
1a3b939
Read and dump module
buenaventure Jul 5, 2021
34d4e25
Begin implementing wrappers
buenaventure Jul 6, 2021
53da4de
Read instructions
buenaventure Jul 7, 2021
283ef68
AndroidEntryPointFinder added
Diarilex Jul 14, 2021
c88385a
Implement SimplePurityAnalysis which assumes everything to be Impure
buenaventure Nov 8, 2021
bca47d7
Merge branch 'develop' into feature/IDFS-improvements
TorunR Nov 10, 2021
c87f9ac
Implement SimplePurityAnalysis
buenaventure Nov 12, 2021
df11561
Implement viewCFG
buenaventure Nov 12, 2021
75f01ea
Merge pull request #3 from buenaventure/develop
buenaventure Dec 2, 2021
79cf52a
Merge remote-tracking branch 'upstream/develop' into ll
buenaventure Jan 5, 2022
905ad98
Add simple multilingual test project
buenaventure Jan 6, 2022
c624d84
Merge remote-tracking branch 'upstream/develop' into feature/IDFS-imp…
buenaventure Feb 17, 2022
bb079fd
Merge branch 'develop' into ll
buenaventure Feb 17, 2022
9ccee79
Add taint testcase
buenaventure Feb 5, 2022
6ab61f6
Merge branch 'feature/IDFS-improvements' into ll_multiling_ifds
buenaventure Feb 18, 2022
b99997c
Format code
buenaventure Feb 18, 2022
90c179a
Adapt new ifds to new call graph (with context)
buenaventure Feb 21, 2022
a464309
Add multilingual taint test
buenaventure Feb 23, 2022
7d00973
Extract IFDSProblem(flow functions etc) from IFDSAnalysis
buenaventure Mar 2, 2022
e3838cf
Replace specialized ifds analysis classes with parameter
buenaventure Mar 2, 2022
633c377
WIP
buenaventure Mar 5, 2022
cc84ea1
WIP
buenaventure Mar 10, 2022
cb4f4f7
WIP
buenaventure Mar 10, 2022
41d949c
WIP
buenaventure Mar 11, 2022
0b40422
WIP
buenaventure Mar 16, 2022
54bb807
WIP
buenaventure Mar 16, 2022
76a1c27
WIP (compiles)
buenaventure Mar 17, 2022
2bfaeea
Initialization fix
buenaventure Mar 17, 2022
6df8fab
Implement LLVM Argument, Type(s); Better Function/Instruction represe…
buenaventure Mar 18, 2022
f92c953
Move IFDS into separate project; Refactor handling of calls outside o…
buenaventure Mar 18, 2022
3931605
Re-implement ifds solver
buenaventure Mar 24, 2022
3ee3a04
Use new implementation for native part
buenaventure Mar 24, 2022
25d0f19
Implement forward taint analysis as test for new ifds solver
buenaventure Mar 25, 2022
3283b03
Fix new forward taint analysis
buenaventure Mar 31, 2022
313fd9a
Fix scalariformat and other compile errors
buenaventure Mar 31, 2022
75be229
Refactor: Move old code to .old, remove New prefix
buenaventure Apr 1, 2022
847baa5
First native flows working
buenaventure Apr 1, 2022
7d47c14
Fix native flows
buenaventure Apr 13, 2022
5e9cfaf
Cleanup
buenaventure May 6, 2022
16a99ae
Include llvm dependency using special sbt plugin
buenaventure May 6, 2022
89c1ff7
Fix sbt assembly
buenaventure May 11, 2022
89b91ca
Reverst scalastyle change
buenaventure May 11, 2022
91bae7d
Improve test case
buenaventure Jun 8, 2022
ed4ee71
Fix test
buenaventure Jun 9, 2022
626cce9
Fix wrong flow by adding successor to return flow and checking for ab…
buenaventure Jun 9, 2022
f34443b
Fix return flow of native code
buenaventure Jun 9, 2022
7284093
Format
buenaventure Jun 9, 2022
ab242a9
Add native to java calls to TaintTest
buenaventure Jun 16, 2022
c53aa61
Fix crashes and old tests
buenaventure Jun 17, 2022
943d7a1
Add debugData for ifds; Add simple GetElementPointer handling
buenaventure Jun 18, 2022
cb0be34
Native to Java calls WIP
buenaventure Jun 19, 2022
d3ab854
Small fixes
buenaventure Jun 22, 2022
b6a2202
JNI call analysis WIP
buenaventure Jun 25, 2022
e5d34a1
JNI call analysis WIP
buenaventure Jun 26, 2022
ec8c05a
Merge remote-tracking branch 'upstream/develop' into llvm_xlang_ifds
buenaventure Jun 30, 2022
ad65890
Fix most errors after merge
buenaventure Jun 30, 2022
c050890
Fix remaining errors after merge
buenaventure Jul 1, 2022
655d22a
Implement VTA in new IFDS for evaluation
buenaventure Jul 2, 2022
b844920
Implement Subsuming and add to evaluation
buenaventure Jul 2, 2022
d43fb11
x-lang working in simple case
buenaventure Jul 2, 2022
630162d
Bump javacpp version to work on M1 Macs.
Oct 4, 2022
52ac95c
Merge branch 'develop' into llvm_xlang_ifds
Oct 4, 2022
9786859
Remove old stuff, which should be superseded
Oct 4, 2022
91e92fa
Readd some not so obsolete Files and adapt to new IFDS Analysis
TorunR Oct 7, 2022
2d38159
Narfi ... fix Scala3 Syntax
TorunR Oct 7, 2022
4c93757
Autoformat and another backward hiccup
TorunR Oct 7, 2022
f67b853
Fix 2 small errors in llvm analysis
TorunR Oct 7, 2022
f766abb
Fix 2 other cases of scala 3 syntax.
TorunR Oct 7, 2022
55fea42
Move IFDS to si
TorunR Oct 11, 2022
42fa220
Add a language agnostic Metaproject
TorunR Oct 26, 2022
3848594
Merge branch 'develop' into feature/metaproject
TorunR Oct 27, 2022
7800e6f
Migrate TAC & AI to MetaProject
TorunR Oct 27, 2022
942f1ef
Adapt the other sub projects
TorunR Oct 28, 2022
9399a51
Fix Validate
TorunR Oct 28, 2022
e730d83
Merge branch 'develop' into feature/metaproject
TorunR Nov 15, 2022
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
JNI call analysis WIP
  • Loading branch information
buenaventure committed Jun 25, 2022
commit b6a220244b514ff21d9e0b86256d1501b65f66a4
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@ import org.opalj.br.fpcf.FPCFAnalysesManagerKey
import org.opalj.ifds
import org.opalj.ifds.IFDSProperty
import org.opalj.ll.fpcf.analyses.ifds.{LLVMFunction, LLVMStatement}
import org.opalj.ll.fpcf.analyses.ifds.taint.{JavaForwardTaintAnalysisScheduler, NativeFact, NativeForwardTaintAnalysisScheduler, NativeNullFact}
import org.opalj.ll.fpcf.analyses.ifds.taint.{JavaForwardTaintAnalysisScheduler, NativeTaintFact, NativeForwardTaintAnalysisScheduler, NativeTaintNullFact}
import org.opalj.ll.llvm.value.Function
import org.opalj.log.GlobalLogContext
import org.opalj.tac.cg.RTACallGraphKey
Expand All @@ -17,7 +17,7 @@ import org.scalatest.funspec.AnyFunSpec
import org.scalatest.matchers.should.Matchers

class CrossLanguageForwardIFDSTaintAnalysisTests extends AnyFunSpec with Matchers {
describe("MultilingualForwardTaintAnalysis") {
describe("CrossLanguageForwardTaintAnalysis") {
implicit val config = BaseConfig.withValue(ifds.ConfigKeyPrefix+"debug", ConfigValueFactory.fromAnyRef(true))
val project =
Project(
Expand Down Expand Up @@ -61,7 +61,7 @@ class CrossLanguageForwardIFDSTaintAnalysisTests extends AnyFunSpec with Matcher
}

val function: Function = project.get(LLVMProjectKey).function("Java_TaintTest_native_1array_1tainted").get
val debugData = ps((LLVMFunction(function), NativeNullFact), NativeForwardTaintAnalysisScheduler.property.key).ub.asInstanceOf[IFDSProperty[LLVMStatement, NativeFact]].debugData
val debugData = ps((LLVMFunction(function), NativeTaintNullFact), NativeForwardTaintAnalysisScheduler.property.key).ub.asInstanceOf[IFDSProperty[LLVMStatement, NativeTaintFact]].debugData
for {
bb ← function.basicBlocks
instruction ← bb.instructions
Expand Down
45 changes: 45 additions & 0 deletions OPAL/ifds/src/main/scala/org/opalj/ifds/DataFlowAnalysis.scala
Original file line number Diff line number Diff line change
@@ -0,0 +1,45 @@
/* BSD 2-Clause License - see OPAL/LICENSE for details. */
package org.opalj.ifds

import scala.collection.mutable

abstract class DataFlowAnalysis[Facts >: Null <: AnyRef, C <: AnyRef, S <: Statement[_ <: C, _]] {
def icfg: ICFG[C, S]
def entryFacts: Facts
def transferFunction(facts: Facts, statement: S, successor: S): Facts
def join(left: Facts, right: Facts): Facts

def perform(callable: C): Map[S, Facts] = {
var facts = Map.empty[S, Facts]
val workList = new mutable.Queue[S]()

for (entryStatement ← icfg.startStatements(callable)) {
facts = facts.updated(entryStatement, entryFacts)
workList.enqueue(entryStatement)
}

while (workList.nonEmpty) {
val statement = workList.dequeue()
val inFacts = facts.get(statement).get

for (successor ← icfg.nextStatements(statement)) {
val newOutFacts = transferFunction(inFacts, statement, successor)
facts.get(successor) match {
case None ⇒ {
facts = facts.updated(successor, newOutFacts)
workList.enqueue(successor)
}
case Some(existingOutFacts) ⇒ {
val outFacts = join(existingOutFacts, newOutFacts)
if (outFacts ne existingOutFacts) {
facts = facts.updated(successor, outFacts)
workList.enqueue(successor)
}
}
}
}
}

facts
}
}
5 changes: 0 additions & 5 deletions OPAL/ifds/src/main/scala/org/opalj/ifds/IFDSAnalysis.scala
Original file line number Diff line number Diff line change
Expand Up @@ -8,11 +8,6 @@ import org.opalj.ifds.Dependees.Getter

import scala.collection.{mutable, Set ⇒ SomeSet}

abstract class Statement[C, Node] {
def node(): Node
def callable(): C
}

case class Dependees[Work]() {
case class Dependee(eOptionP: SomeEOptionP, worklist: Set[Work] = Set.empty)
var dependees = Map.empty[SomeEPK, Dependee]
Expand Down
4 changes: 2 additions & 2 deletions OPAL/ifds/src/main/scala/org/opalj/ifds/IFDSProperty.scala
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ package org.opalj.ifds
import org.opalj.fpcf.Property
import org.opalj.fpcf.PropertyMetaInformation

trait IFDSPropertyMetaInformation[S, IFDSFact] extends PropertyMetaInformation {
trait IFDSPropertyMetaInformation[S, IFDSFact <: AbstractIFDSFact] extends PropertyMetaInformation {
/**
* Creates an IFDSProperty containing the result of this analysis.
*
Expand All @@ -14,7 +14,7 @@ trait IFDSPropertyMetaInformation[S, IFDSFact] extends PropertyMetaInformation {
def create(result: Map[S, Set[IFDSFact]], debugData: Map[S, Set[IFDSFact]]): IFDSProperty[S, IFDSFact]
}

abstract class IFDSProperty[S, IFDSFact]
abstract class IFDSProperty[S, IFDSFact <: AbstractIFDSFact]
extends Property
with IFDSPropertyMetaInformation[S, IFDSFact] {

Expand Down
7 changes: 7 additions & 0 deletions OPAL/ifds/src/main/scala/org/opalj/ifds/Statement.scala
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
/* BSD 2-Clause License - see OPAL/LICENSE for details. */
package org.opalj.ifds

abstract class Statement[C, Node] {
def node(): Node
def callable(): C
}
Original file line number Diff line number Diff line change
@@ -0,0 +1,87 @@
/* BSD 2-Clause License - see OPAL/LICENSE for details. */
package org.opalj.ll.fpcf.analyses.ifds

import org.opalj.ll.llvm.value.constant.{ConstantDataArray, GetElementPtrConst}
import org.opalj.ll.llvm.value.{Argument, Call, GetElementPtr, GlobalVariable, Load, Store, Value}
import org.opalj.ll.llvm.{PointerType, StructType}

object JNICallUtil {

/**
* Checks whether the call is a call to the JNI interface.
* This is done by the assumption that every such calls first parameter is a struct of type "struct.JNINativeInterface_"
*/
def isJNICall(call: Call): Boolean = call.calledFunctionType.params.headOption match {
case Some(firstParam) ⇒
firstParam match {
case p1: PointerType ⇒
p1.element match {
case p2: PointerType ⇒
p2.element match {
case struct: StructType if struct.name == "struct.JNINativeInterface_" ⇒
true
case other ⇒ false
}
case _ ⇒ false
}
case _ ⇒ false
}
case _ ⇒ false
}

def resolve(call: Call): Set[NativeFunction] = resolveJNIFunction(call) match {
case 'CallTypeMethod ⇒ {
resolveMethodId(call.operand(2))
Set() // TODO
} // methodID is the third parameter
case _ ⇒ Set()
}

private def resolveJNIFunction(call: Call): Symbol = call.calledValue match {
case load: Load ⇒
load.src match {
// https://docs.oracle.com/en/java/javase/13/docs/specs/jni/functions.html has the indices
case gep: GetElementPtr if gep.isConstant ⇒ gep.constants.tail.head match {
case 31 ⇒ 'GetObjectClass
case 33 ⇒ 'GetMethodId
case 49 | 61 ⇒ 'CallTypeMethod // CallIntMethod | CallVoidMethod
case index ⇒ throw new IllegalArgumentException(s"unknown JNI function index ${index}")
}
case _ ⇒ throw new IllegalArgumentException("unknown JNI load src")
}
case _ ⇒ throw new IllegalArgumentException("unknown JNI call argument")
}

private def resolveMethodId(methodId: Value): Unit = {
val sources = methodId.asInstanceOf[Load].src.users.toSeq.filter(_.isInstanceOf[Store]).map(_.asInstanceOf[Store].src)
for (call ← sources.filter(_.isInstanceOf[Call]).map(_.asInstanceOf[Call])) {
if (resolveJNIFunction(call) != 'GetMethodId) throw new IllegalArgumentException("unexpected call")
val name = resolveMethodName(call.operand(2)) // name is the third parameter
println(name)
if (!resolveClassIsThis(call.operand(1))) { // class is the second parameter
throw new IllegalArgumentException("unexpected class argument")
}
}
}

private def resolveMethodName(name: Value): String = name match {
case gep: GetElementPtrConst ⇒ gep.base match {
case global: GlobalVariable ⇒ global.initializer match {
case stringData: ConstantDataArray ⇒ stringData.asString
}
}
}

private def resolveClassIsThis(clazz: Value): Boolean = {
val sources = clazz.asInstanceOf[Load].src.users.toSeq.filter(_.isInstanceOf[Store]).map(_.asInstanceOf[Store].src)
sources.filter(_.isInstanceOf[Call]).map(_.asInstanceOf[Call]).forall(call ⇒ {
if (resolveJNIFunction(call) != 'GetObjectClass) throw new IllegalArgumentException("unexpected call")
resolveObjectIsThis(call.operand(1)) // object is the second parameter
})
}

private def resolveObjectIsThis(obj: Value): Boolean = {
val sources = obj.asInstanceOf[Load].src.users.toSeq.filter(_.isInstanceOf[Store]).map(_.asInstanceOf[Store].src)
sources.forall(_.isInstanceOf[Argument]) && sources.forall(_.asInstanceOf[Argument].index == 1)
}
}
Original file line number Diff line number Diff line change
@@ -1,11 +1,10 @@
/* BSD 2-Clause License - see OPAL/LICENSE for details. */
package org.opalj.ll.fpcf.analyses.ifds

import org.opalj.ifds.{AbstractIFDSFact, ICFG}
import org.opalj.ll.llvm.{PointerType, StructType}
import org.opalj.ll.llvm.value.{Call, Function, GetElementPtr, Instruction, Load, Ret, Terminator, Value}
import org.opalj.ifds.ICFG
import org.opalj.ll.llvm.value.{Call, Function, Instruction, Ret, Terminator}

class NativeForwardICFG[IFDSFact <: AbstractIFDSFact] extends ICFG[NativeFunction, LLVMStatement] {
object NativeForwardICFG extends ICFG[NativeFunction, LLVMStatement] {
/**
* Determines the statements at which the analysis starts.
*
Expand Down Expand Up @@ -40,7 +39,7 @@ class NativeForwardICFG[IFDSFact <: AbstractIFDSFact] extends ICFG[NativeFunctio
*/
override def getCalleesIfCallStatement(statement: LLVMStatement): Option[collection.Set[NativeFunction]] = {
statement.instruction match {
case call: Call ⇒ Some(resolveCallee(call.calledValue))
case call: Call ⇒ Some(resolveCallee(call))
case _ ⇒ None
}
}
Expand All @@ -50,23 +49,10 @@ class NativeForwardICFG[IFDSFact <: AbstractIFDSFact] extends ICFG[NativeFunctio
case _ ⇒ false
}

private def resolveCallee(calledValue: Value): Set[NativeFunction] = calledValue match {
case function: Function ⇒ Set(LLVMFunction(function))
case load: Load ⇒ resolveCallee(load.src)
case gep: GetElementPtr if isJNI(gep) => Set()
case _ ⇒ Set()
}

private def isJNI(gep: GetElementPtr): Boolean = {
if (gep.base.typ.isInstanceOf[PointerType]) {
val pointerType = gep.base.typ.asInstanceOf[PointerType]
if (pointerType.element.isInstanceOf[StructType]) {
val struct = pointerType.element.asInstanceOf[StructType]
if (struct.name == "struct.JNINativeInterface_") {
return true
}
}
}
false
}
private def resolveCallee(call: Call): Set[NativeFunction] =
if (call.calledValue.isInstanceOf[Function])
Set(LLVMFunction(call.calledValue.asInstanceOf[Function]))
else if (JNICallUtil.isJNICall(call))
JNICallUtil.resolve(call)
else Set()
}
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@ import org.opalj.ifds.Dependees.Getter
import org.opalj.ifds.{AbstractIFDSFact, IFDSProblem}
import org.opalj.ll.LLVMProjectKey

abstract class NativeIFDSProblem[Fact <: AbstractIFDSFact](project: SomeProject) extends IFDSProblem[Fact, NativeFunction, LLVMStatement](new NativeForwardICFG[Fact]) {
abstract class NativeIFDSProblem[Fact <: AbstractIFDSFact](project: SomeProject) extends IFDSProblem[Fact, NativeFunction, LLVMStatement](NativeForwardICFG) {
final implicit val propertyStore: PropertyStore = project.get(PropertyStoreKey)
val llvmProject = project.get(LLVMProjectKey)

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -73,11 +73,11 @@ class SimpleJavaForwardTaintProblem(p: SomeProject) extends ForwardTaintProblem(
val entryFacts = nativeCallFlow(call, function, in, callee)
for (entryFact ← entryFacts) { // ifds line 14
val e = (function, entryFact)
val exitFacts: Map[LLVMStatement, Set[NativeFact]] =
dependeesGetter(e, NativeTaint.key).asInstanceOf[EOptionP[(LLVMStatement, NativeFact), IFDSProperty[LLVMStatement, NativeFact]]] match {
case ep: FinalEP[_, IFDSProperty[LLVMStatement, NativeFact]] ⇒
val exitFacts: Map[LLVMStatement, Set[NativeTaintFact]] =
dependeesGetter(e, NativeTaint.key).asInstanceOf[EOptionP[(LLVMStatement, NativeTaintFact), IFDSProperty[LLVMStatement, NativeTaintFact]]] match {
case ep: FinalEP[_, IFDSProperty[LLVMStatement, NativeTaintFact]] ⇒
ep.p.flows
case ep: InterimEUBP[_, IFDSProperty[LLVMStatement, NativeFact]] ⇒
case ep: InterimEUBP[_, IFDSProperty[LLVMStatement, NativeTaintFact]] ⇒
ep.ub.flows
case _ ⇒
Map.empty
Expand Down Expand Up @@ -114,7 +114,7 @@ class SimpleJavaForwardTaintProblem(p: SomeProject) extends ForwardTaintProblem(
callee: LLVMFunction,
in: Fact,
nativeCallee: Method
): Set[NativeFact] = {
): Set[NativeTaintFact] = {
val callObject = asCall(call.stmt)
val allParams = callObject.allParams
val allParamsWithIndices = allParams.zipWithIndex
Expand Down Expand Up @@ -147,7 +147,7 @@ class SimpleJavaForwardTaintProblem(p: SomeProject) extends ForwardTaintProblem(

case StaticField(classType, fieldName) ⇒ Set(JavaStaticField(classType, fieldName))

case NullFact ⇒ Set(NativeNullFact)
case NullFact ⇒ Set(NativeTaintNullFact)

case _ ⇒ Set() // Nothing to do

Expand All @@ -166,7 +166,7 @@ class SimpleJavaForwardTaintProblem(p: SomeProject) extends ForwardTaintProblem(
*/
private def nativeReturnFlow(
exit: LLVMStatement,
in: NativeFact,
in: NativeTaintFact,
call: JavaStatement,
callFact: Fact,
nativeCallee: Method,
Expand Down Expand Up @@ -217,8 +217,8 @@ class SimpleJavaForwardTaintProblem(p: SomeProject) extends ForwardTaintProblem(
// Track the call chain to the sink back
case NativeFlowFact(flow) if !flow.contains(JavaMethod(call.method)) ⇒
flows += FlowFact(JavaMethod(call.method) +: flow)
case NativeNullFact ⇒ flows += NullFact
case _ ⇒
case NativeTaintNullFact ⇒ flows += NullFact
case _
}

// Propagate taints of the return value
Expand All @@ -232,7 +232,7 @@ class SimpleJavaForwardTaintProblem(p: SomeProject) extends ForwardTaintProblem(
flows += ArrayElement(call.index, taintedIndex)
case InstanceField(index, declClass, taintedField) if returnValueDefinedBy.contains(index) ⇒
flows += InstanceField(call.index, declClass, taintedField)*/
case NativeNullFact
case NativeTaintNullFact
val taints = createTaints(nativeCallee, call)
if (taints.nonEmpty) flows ++= taints
case _ ⇒ // Nothing to do
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ class SimpleNativeForwardTaintProblem(p: SomeProject) extends NativeForwardTaint
/**
* The analysis starts with all public methods in TaintAnalysisTestClass.
*/
override val entryPoints: Seq[(NativeFunction, NativeFact)] = Seq.empty
override val entryPoints: Seq[(NativeFunction, NativeTaintFact)] = Seq.empty

/**
* The sanitize method is a sanitizer.
Expand All @@ -23,12 +23,12 @@ class SimpleNativeForwardTaintProblem(p: SomeProject) extends NativeForwardTaint
/**
* We do not sanitize parameters.
*/
override protected def sanitizesParameter(call: LLVMStatement, in: NativeFact): Boolean = false
override protected def sanitizesParameter(call: LLVMStatement, in: NativeTaintFact): Boolean = false

/**
* Creates a new variable fact for the callee, if the source was called.
*/
protected def createTaints(callee: Function, call: LLVMStatement): Set[NativeFact] =
protected def createTaints(callee: Function, call: LLVMStatement): Set[NativeTaintFact] =
if (callee.name == "source") Set.empty //TODO Set(NativeVariable())
else Set.empty

Expand All @@ -39,17 +39,17 @@ class SimpleNativeForwardTaintProblem(p: SomeProject) extends NativeForwardTaint
protected def createFlowFact(
callee: Function,
call: LLVMStatement,
in: Set[NativeFact]
in: Set[NativeTaintFact]
): Option[NativeFlowFact] =
if (callee.name == "sink" && in.contains(JavaVariable(-2))) Some(NativeFlowFact(Seq(call.function)))
else None
}

class SimpleNativeForwardTaintAnalysis(implicit project: SomeProject)
class SimpleNativeForwardTaintAnalysis(project: SomeProject)
extends NativeIFDSAnalysis(project, new SimpleNativeForwardTaintProblem(project), NativeTaint)

object NativeForwardTaintAnalysisScheduler extends NativeIFDSAnalysisScheduler[NativeFact] {
override def init(p: SomeProject, ps: PropertyStore) = new SimpleNativeForwardTaintAnalysis()(p)
override def property: IFDSPropertyMetaInformation[LLVMStatement, NativeFact] = NativeTaint
object NativeForwardTaintAnalysisScheduler extends NativeIFDSAnalysisScheduler[NativeTaintFact] {
override def init(p: SomeProject, ps: PropertyStore) = new SimpleNativeForwardTaintAnalysis(p)
override def property: IFDSPropertyMetaInformation[LLVMStatement, NativeTaintFact] = NativeTaint
override val uses: Set[PropertyBounds] = Set() // ++ PropertyBounds.ub(Taint) TODO: we do not use the native taint yet
}
Loading