proguard.analysis.cpa.jvm.domain.taint

Class JvmInvokeTaintSink

java.lang.Object

proguard.analysis.cpa.domain.taint.TaintSink

proguard.analysis.cpa.jvm.domain.taint.JvmTaintSink

proguard.analysis.cpa.jvm.domain.taint.JvmInvokeTaintSink

public class JvmInvokeTaintSink
extends JvmTaintSink

A JvmTaintSink on a method invocation. This sinks can be sensitive to the instance, the arguments, or the static fields. If a sink S is sensitive to X, then if X is tainted, we conclude that the taint has reached S.

Field Summary

Fields

Modifier and Type	Field and Description
java.util.Optional<java.util.function.Predicate<Call>>	callMatcher
java.util.Set<java.lang.Integer>	takesArgs
java.util.Set<java.lang.String>	takesGlobals
boolean	takesInstance

Fields inherited from class proguard.analysis.cpa.domain.taint.TaintSink

signature

Constructor Summary

Constructors

Constructor and Description
JvmInvokeTaintSink(Signature signature, boolean takesInstance, java.util.Set<java.lang.Integer> takesArgs, java.util.Set<java.lang.String> takesGlobals) Create a taint sink.
JvmInvokeTaintSink(Signature signature, java.util.function.Predicate<Call> callMatcher, boolean takesInstance, java.util.Set<java.lang.Integer> takesArgs, java.util.Set<java.lang.String> takesGlobals) Create a taint sink.

Method Summary

Modifier and Type	Method and Description
boolean	equals(java.lang.Object o)
java.util.Set<JvmMemoryLocation>	getMemoryLocations() Returns memory locations which trigger this taint sink.
int	hashCode()
boolean	matchCfaEdge(JvmCfaEdge edge) Returns true if the edge is a call to the sink method.
java.lang.String	toString()

Methods inherited from class proguard.analysis.cpa.jvm.domain.taint.JvmTaintSink

convertSinksToMemoryLocations

Methods inherited from class java.lang.Object

clone, finalize, getClass, notify, notifyAll, wait, wait, wait

Field Detail

callMatcher

public final java.util.Optional<java.util.function.Predicate<Call>> callMatcher

takesInstance

public final boolean takesInstance

takesArgs

public final java.util.Set<java.lang.Integer> takesArgs

takesGlobals

public final java.util.Set<java.lang.String> takesGlobals

Constructor Detail

JvmInvokeTaintSink

public JvmInvokeTaintSink(Signature signature,
                          boolean takesInstance,
                          java.util.Set<java.lang.Integer> takesArgs,
                          java.util.Set<java.lang.String> takesGlobals)

Create a taint sink.

Parameters:

signature - the signature of a sink method

takesInstance - whether the sink is sensitive to the calling instance

takesArgs - a set of sensitive arguments

takesGlobals - a set of sensitive global variables

JvmInvokeTaintSink

public JvmInvokeTaintSink(Signature signature,
                          java.util.function.Predicate<Call> callMatcher,
                          boolean takesInstance,
                          java.util.Set<java.lang.Integer> takesArgs,
                          java.util.Set<java.lang.String> takesGlobals)

Create a taint sink.

Parameters:

signature - the signature of a sink method

callMatcher - whether the call matches this taint sink

takesInstance - whether the sink is sensitive to the calling instance

takesArgs - a set of sensitive arguments

takesGlobals - a set of sensitive global variables

Method Detail

getMemoryLocations

public java.util.Set<JvmMemoryLocation> getMemoryLocations()

Returns memory locations which trigger this taint sink.

Specified by:

getMemoryLocations in class JvmTaintSink

matchCfaEdge

public boolean matchCfaEdge(JvmCfaEdge edge)

Returns true if the edge is a call to the sink method.

Specified by:

matchCfaEdge in class JvmTaintSink

equals

public boolean equals(java.lang.Object o)

Specified by:

equals in class TaintSink

hashCode

public int hashCode()

Specified by:

hashCode in class TaintSink

toString

public java.lang.String toString()

Specified by:

toString in class TaintSink