-
Notifications
You must be signed in to change notification settings - Fork 437
Added confidential checker #6981
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Open
iywang2016
wants to merge
241
commits into
typetools:master
Choose a base branch
from
iywang2016:iywang
base: master
Could not load branches
Branch not found: {{ refName }}
Loading
Could not load tags
Nothing to show
Loading
Are you sure you want to change the base?
Some commits from the old base branch may be removed from the timeline,
and old review comments may become outdated.
Open
Changes from all commits
Commits
Show all changes
241 commits
Select commit
Hold shift + click to select a range
13f846b
Basic duplication of TaintChecker for SQLi
gitfundo 9950b17
Added basic SQL tainting test
gitfundo 2707a54
Added basic test
gitfundo 7d905a5
Added sql tainting test file under junit directory
iywang2016 a4ab6f4
Renamed SqlSafe -> SqlSanitized, SqlDangerous -> SqlQueryValue; renam…
iywang2016 4861495
Revised @QualifierForLiterals annotation to automatically annotate es…
iywang2016 9c1cda5
Added tests for @QualifierForLiterals regex
iywang2016 119d74c
Renamed files
iywang2016 48bc502
Merge branch 'typetools:master' into master
iywang2016 da010c1
Merge branch 'typetools:master' into sqltainting
iywang2016 2059202
Merge branch 'master' into sqltainting
iywang2016 3ab729a
Merge pull request #1 from iywang2016/sqltainting
iywang2016 972ba01
Revised qualifiers
iywang2016 de5dbe0
Revised qualifiers
iywang2016 baa3be7
Revised documentation for type checker
iywang2016 c122359
Stub file for base64 encoding
iywang2016 7421857
Stub file to require sanitized query string in executeQuery
iywang2016 73f247a
Merge branch 'sqltainting'
iywang2016 00819a9
Created sqlquerytainting directory
iywang2016 61eb2b3
Renamed sqlquerytainting files
iywang2016 07b7690
Added qualifiers SqlQueryComplete, SqlQuerySnippet, SqlQueryUnknown, …
iywang2016 1f45a44
Merge branch 'master' into sqlquerytainting
iywang2016 c606a18
Revised qualifiers to SqlEvenQuotes, SqlOddQuotes, SqlQuoteless
iywang2016 4acc56d
Revised qualifiers to SqlOddQuotes, SqlEvenQuotes, SqlQuoteless
iywang2016 c662a5c
Merge remote-tracking branch 'upstream/master'
iywang2016 77f040e
Merge branch 'sqlquerytainting'
iywang2016 2843a30
Revised documentation and implementation of SQL query qualifiers: com…
iywang2016 1f6dd09
Added type concatenation rules for SQL query qualifiers
iywang2016 e7cf540
Debugged SQL query type factory
iywang2016 08ddda9
Added SQL query bottom type
iywang2016 b989572
Added test files for SQL query tainting regex
iywang2016 cea7026
Merge branch 'sqlquerytainting'
iywang2016 2d490fa
Update expected error
mernst 069bba1
By convention, all-caps variables use `_` as a word separator
mernst 07fdf66
Include the default tree annotators as well
mernst 370996c
Use possessive quantifiers (no backtracking)
mernst db6bf2a
Added test file for qualifier regex
iywang2016 0e0463c
Added test file for qualifier concatenation
iywang2016 95de8fc
Revised order of operations bug
iywang2016 f8cf9f0
Added stub file for Java SQL executeQuery
iywang2016 314bc1a
Added stub file for Java base64 encrypt
iywang2016 7b232bf
Added stub file for ResultSet getString
iywang2016 e22e3ca
Removed stub file for ResultSet
iywang2016 06aef63
Added stub file annotation
iywang2016 2e61d1b
Merge ../checker-framework-branch-master
mernst 60e6eef
Rename top and bottom qualifiers
mernst 0cd3cca
Rename checker
mernst ab3f4e4
Created sqlquerytainting directory
iywang2016 10dd021
Renamed sqlquerytainting files
iywang2016 a6bd0f5
Added qualifiers SqlQueryComplete, SqlQuerySnippet, SqlQueryUnknown, …
iywang2016 0f71fe5
Revised qualifiers to SqlEvenQuotes, SqlOddQuotes, SqlQuoteless
iywang2016 97b541f
Revised qualifiers to SqlOddQuotes, SqlEvenQuotes, SqlQuoteless
iywang2016 3dd69a1
Revised documentation and implementation of SQL query qualifiers: com…
iywang2016 203f992
Added type concatenation rules for SQL query qualifiers
iywang2016 9ccadde
Debugged SQL query type factory
iywang2016 c5f15a2
Added SQL query bottom type
iywang2016 0f401db
Added test files for SQL query tainting regex
iywang2016 9092e4c
Update expected error
mernst 61f745c
By convention, all-caps variables use `_` as a word separator
mernst b08cfc2
Include the default tree annotators as well
mernst d64ec6a
Use possessive quantifiers (no backtracking)
mernst 9a259f8
Added test file for qualifier regex
iywang2016 34f4d55
Added test file for qualifier concatenation
iywang2016 9ae2a22
Revised order of operations bug
iywang2016 ef80d51
Added stub file for Java SQL executeQuery
iywang2016 adb5703
Added stub file for Java base64 encrypt
iywang2016 b3eca81
Added stub file for ResultSet getString
iywang2016 8efe5b4
Removed stub file for ResultSet
iywang2016 f06da3c
Added stub file annotation
iywang2016 26e7001
Rename top and bottom qualifiers
mernst d906611
Rename checker
mernst b441892
Revised wildcard import
iywang2016 e7ac031
Revised wildcard import in correct SqlQuotesUnknown file
iywang2016 def3064
Added call to super.visitBinary()
iywang2016 2f5d4cd
Added check for concatenation to SqlQuotesBottom
iywang2016 a148319
Revised documentation for SqlEvenQuotes and SqlOddQuotes
iywang2016 e6212d3
spotlessApply formatting
iywang2016 8efaf6b
Merge branch 'master' of github.com:iywang2016/checker-framework-new
mernst fce611e
Code review improvements
mernst f87aef2
Merge branch 'master' of github.com:iywang2016/checker-framework-iywang
mernst 30780e2
Merge ../checker-framework-branch-master
mernst d372fcd
Merge branch 'master' of github.com:iywang2016/checker-framework-new
mernst d4efe19
Added Javadoc
iywang2016 3ab582e
Removed sqltainting
iywang2016 ec57984
Added Javadoc on constructor
iywang2016 09a4f9b
Merge branch 'master' of github.com:iywang2016/checker-framework-new
mernst 334b6d2
Merge branch 'master' into master
iywang2016 b44b595
Revised SqlEvenQuotes, SqlOddQuotes, and SqlQuotesUnknown docs for cl…
iywang2016 f4a1684
Merge branch 'master' of github.com:iywang2016/checker-framework-new
mernst 8180db5
Revised SqlEvenQuotes, SqlOddQuotes regex to match ANSI standard for …
iywang2016 0cb570d
Revised SqlEvenQuotes, SqlOddQuotes docs to match new regex
iywang2016 8399032
Revised SqlQuotesRegex tests to match new regex
iywang2016 00e624e
Revised SqlQuotesConcat tests to match new regex
iywang2016 bf373f7
Fixed quoting typos in SqlQuotesConcat
iywang2016 1a35b7e
Ran spotlessApply
iywang2016 399903d
Added references to checker manual
iywang2016 f9a3d52
Added SQL Quotes chapter
iywang2016 426e01f
Added necessary references to SQL Quotes chapter
iywang2016 4f26700
Document the zero-argument constructor
mernst 4c1a336
Code review improvements
mernst 1afc6b8
Add Ivory Wang as contributor
mernst 0b629dd
Merge branch 'master' of github.com:iywang2016/checker-framework-new
mernst 34ee739
Improve regex efficiency; reorder chapters
mernst 5eab56f
Updated Statement.astub with executeUpdate
iywang2016 86dea85
Removed calls to super() in visitBinary
iywang2016 cb80d8b
Added concatenation assignment tests
iywang2016 6f43fa5
Added compound assignment visitor
iywang2016 3d22321
Merge ../checker-framework-branch-master
mernst 732b388
Merge ../checker-framework-branch-master
mernst ee22b58
Add `@RelevantJavaTypes`
mernst 417b0dd
Abstracted visitCompoundAssignment and visitBinary logic into separat…
iywang2016 958c59a
Merge remote-tracking branch 'origin/master'
iywang2016 c1bea04
Edits to manual
mernst 1b78fde
Added base template for confidential qualifiers and classes
iywang2016 56bd10d
Moved qualifiers to correct directory
iywang2016 f1f1e17
Revised Javadocs
iywang2016 a2d8681
Added basic test for literal default qualifier
iywang2016 42349c3
Added basic tests for confidential checker
iywang2016 994352b
Added stub file for Apache log4j Logger
iywang2016 723486a
Added stub file for Android Log
iywang2016 03ae9ee
Renamed Apache logger to avoid overlapping file names
iywang2016 3490306
Added slf4j Logger
iywang2016 8c214af
Added java.util.logging.Handler stub file
iywang2016 2ceb141
Added java.util.logging.Logger stub file
iywang2016 09417b8
Added java.util.logging.Formatter stub file
iywang2016 653706b
Renamed Android Log astub to avoid ambiguity
iywang2016 14d8435
Added Apache commons Log stub file
iywang2016 583a4a4
Added Android Toast stub file
iywang2016 6c2a4b4
Added Android TextView stub file
iywang2016 f1fd797
Edited Android TextView stub file
iywang2016 49e80fd
Added Android AlertDialog stub file
iywang2016 a75afce
Added Spring URL Handler stub file
iywang2016 1f9a6ee
Added Java PrintStream stub file
iywang2016 cf99e89
Added Javax HttpServletResponse stub file
iywang2016 f3904f6
Added Javax Cookie stub file
iywang2016 35f485f
Remove `@Private` etc.
mernst d340298
Removed outdated confidential qualifiers
iywang2016 e89c459
Expand tests
mernst 8645631
Merge branch 'iywang' of github.com:iywang2016/checker-framework-new …
mernst f11d2cc
Split test
mernst 5ed3649
Add smaller test
mernst b530805
Add diagnostic output
mernst 6c22609
Merge ../checker-framework-branch-master into iywang
mernst a41e7da
Sleep
mernst 3518e33
Expand test
mernst 38f520d
Simplify test
mernst 9eecb74
Remove diagnostic output
mernst fbcb577
Revised Confidential checker hierarchy
iywang2016 80f5203
Revised Confidential checker hierarchy
iywang2016 c02a195
Revised NonConfidential and Confidential qualifier documentation
iywang2016 75e65dd
Revised Confidential checker concatenation implementation
iywang2016 1989a8f
Bug fix
iywang2016 6a0435d
Typo fixes
iywang2016 fb859ec
Revised tests for confidential checker
iywang2016 d0b1f8e
Revised documentation of PolyConfidential
iywang2016 6209485
Added manual section for confidential checker
iywang2016 d8d88af
Removed stub files present in annotated JDK
iywang2016 a414372
Merge branch 'master' into iywang
iywang2016 bf472f4
Changed NonConfidential to default
iywang2016 344b722
Merge remote-tracking branch 'origin/iywang' into iywang
iywang2016 42ae722
Modified assignment rules to allowed casting to Confidential
iywang2016 ad423d4
Modified tests for new assignment rule
iywang2016 a405e32
Added PasswordEncoder and UsernamePasswordAuthenticationToken stub file
iywang2016 83180d9
Revised confidential checker manual
iywang2016 49c49dd
Updated log files to reflect changes to default annotation
iywang2016 aad015c
Merge ../checker-framework-branch-master into iywang
mernst e25024d
Added UserDetails.astub
iywang2016 fa9d254
Merge ../checker-framework-branch-master into iywang
mernst bdbd307
Improve diagnostics & comments
mernst 0696529
Punctuation
mernst af123e5
Removed unnecessary confidential checker annotations in stub files
iywang2016 a7ce682
Merge remote-tracking branch 'origin/iywang' into iywang
iywang2016 c900935
Include the Confidential Checker in the manual
mernst 87d3633
Improve the manual
mernst df26437
Merge ../checker-framework-branch-master into iywang
mernst e01c7db
Added more stub files
iywang2016 fc22057
Merge ../checker-framework-branch-master into iywang
mernst 2b3706c
Added Claims, ExpiringMap stub files
iywang2016 20b1a07
Merge remote-tracking branch 'origin/iywang' into iywang
iywang2016 1d90f4e
Updated Claims, ExpiringMap stub files
iywang2016 03ebab3
Moved/added comments for pipeline misc check
iywang2016 7a5dff9
Merge ../checker-framework-branch-master into iywang
mernst 8e0adab
Trivial change for pipeline rerun
iywang2016 2f7386d
Trivial change for pipeline rerun
iywang2016 2fe3482
Merge remote-tracking branch 'origin/iywang' into iywang
iywang2016 6ebb40f
Trivial change for pipeline rerun
iywang2016 d306408
Trivial change for pipeline rerun
iywang2016 61f06fa
Edited for typos
iywang2016 a4035b8
Merge ../checker-framework-branch-master into iywang
mernst 68b2f94
Added new type rules to allow NonConfidential Objects to have NonConf…
iywang2016 0b1601c
Added comment to addComputedTypeAnnotations and revised to use hasPri…
iywang2016 501b42b
Fix Java error
mernst 105fb7c
Improve documentation
mernst a4364b1
Merge ../checker-framework-branch-master into iywang
mernst e29832c
Changed addComputedTypeAnnotations to visitMethodInvocation
iywang2016 bc796d0
Revised type factory to deal with NonConfidential toString
iywang2016 b516dfc
Fixed formatting issues
iywang2016 9caaf90
Trivial changes for pipeline rerun
iywang2016 8558c68
Merge ../checker-framework-branch-master into iywang
mernst 39b3581
Merge ../checker-framework-branch-master into iywang
mernst 845739a
Merge branch 'master' into iywang
mernst 61c4557
Undo a change
mernst 5073151
Merge branch 'iywang' of github.com:iywang2016/checker-framework into…
mernst b82a945
Moved string concatenation rules to ConfidentialTransfer
iywang2016 f0bc003
Merge remote-tracking branch 'origin/iywang' into iywang
iywang2016 599a40b
Moved string concatenation rules to ConfidentialTransfer
iywang2016 ec3f8bc
Fixed spotlessApply issues
iywang2016 4015c6b
Added comments
iywang2016 da3612e
Added documentation for createAnnotationForStringConcatenation
iywang2016 73a9345
Ran spotlessApply
iywang2016 db9fa0f
Documented getValueAnnotation
iywang2016 a49c656
Confidential checker qualifier and transfer changes
iywang2016 8322118
Confidential checker all-systems warning suppression
iywang2016 76391f5
Merge ../checker-framework-branch-master into iywang
mernst b9a94a7
Separate the explanations for two different warnings
mernst 249fc77
Merge ../checker-framework-branch-master into iywang
mernst ef46593
Merge ../checker-framework-branch-master into iywang
mernst 02492b0
Warning justifications
mernst fd7ee4d
Code review changes
mernst 38148c3
Fix Javadoc style
mernst 741d4d9
Merge ../checker-framework-fork-mernst-branch-javadoc-style into iywang
mernst 0ceb6a7
Fix Javadoc style
mernst 166868a
Documentation improvements
mernst ef98693
Updated confidential checker method documentation
iywang2016 9cdb42c
Merge remote-tracking branch 'origin/iywang' into iywang
iywang2016 29d699b
Updated confidential checker method documentation
iywang2016 1ddbd4d
spotlessApply
iywang2016 ef604fb
Simplify code
mernst 137be8a
Merge ../checker-framework-branch-master into iywang
mernst 1ac76ce
Add changelog entry
mernst 84cb85e
Merge ../checker-framework-branch-master into iywang
mernst c7eaedc
Merge ../checker-framework-branch-master into iywang
mernst 127073e
Suppress a warning
mernst 93aa456
Merge ../checker-framework-branch-master into iywang
mernst e86dd2e
Put error message key in brackets
mernst d26f44c
Call super first
mernst 7fe9e14
Merge branch 'master' of github.com:typetools/checker-framework
mernst 435d73b
Merge ../checker-framework-branch-master into iywang
mernst fa18152
CodeRabbit suggestions
mernst d5a9033
Adjust goal
mernst 6175ac2
Merge ../checker-framework-branch-master into iywang
mernst File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
27 changes: 27 additions & 0 deletions
27
...qual/src/main/java/org/checkerframework/checker/confidential/qual/BottomConfidential.java
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,27 @@ | ||
| package org.checkerframework.checker.confidential.qual; | ||
|
|
||
| import java.lang.annotation.Documented; | ||
| import java.lang.annotation.ElementType; | ||
| import java.lang.annotation.Retention; | ||
| import java.lang.annotation.RetentionPolicy; | ||
| import java.lang.annotation.Target; | ||
| import org.checkerframework.framework.qual.DefaultFor; | ||
| import org.checkerframework.framework.qual.InvisibleQualifier; | ||
| import org.checkerframework.framework.qual.SubtypeOf; | ||
| import org.checkerframework.framework.qual.TargetLocations; | ||
| import org.checkerframework.framework.qual.TypeUseLocation; | ||
|
|
||
| /** | ||
| * The bottom type in the Confidential type system. Programmers should rarely write this type. | ||
| * | ||
| * @checker_framework.manual #confidential-checker Confidential Checker | ||
| * @checker_framework.manual #bottom-type the bottom type | ||
| */ | ||
| @Documented | ||
| @Retention(RetentionPolicy.RUNTIME) | ||
| @Target({ElementType.TYPE_USE, ElementType.TYPE_PARAMETER}) | ||
| @TargetLocations({TypeUseLocation.EXPLICIT_LOWER_BOUND, TypeUseLocation.EXPLICIT_UPPER_BOUND}) | ||
| @InvisibleQualifier | ||
| @SubtypeOf({Confidential.class, NonConfidential.class}) | ||
| @DefaultFor(value = {TypeUseLocation.LOWER_BOUND}) | ||
| public @interface BottomConfidential {} |
26 changes: 26 additions & 0 deletions
26
checker-qual/src/main/java/org/checkerframework/checker/confidential/qual/Confidential.java
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,26 @@ | ||
| package org.checkerframework.checker.confidential.qual; | ||
|
|
||
| import java.lang.annotation.Documented; | ||
| import java.lang.annotation.ElementType; | ||
| import java.lang.annotation.Retention; | ||
| import java.lang.annotation.RetentionPolicy; | ||
| import java.lang.annotation.Target; | ||
| import org.checkerframework.framework.qual.SubtypeOf; | ||
|
|
||
| /** | ||
| * Denotes a value that will not be exposed to end users or a sink that will not be able to be | ||
| * accessed by end users. | ||
| * | ||
| * <p>A Confidential value may contain sensitive, private, or otherwise privileged-access | ||
| * information. Examples include passwords, PII (personally identifiable information), and private | ||
| * keys. | ||
| * | ||
| * @see NonConfidential | ||
| * @see org.checkerframework.checker.confidential.ConfidentialChecker | ||
| * @checker_framework.manual #confidential-checker Confidential Checker | ||
| */ | ||
| @Documented | ||
| @Retention(RetentionPolicy.RUNTIME) | ||
| @Target({ElementType.TYPE_USE, ElementType.TYPE_PARAMETER}) | ||
| @SubtypeOf(UnknownConfidential.class) | ||
| public @interface Confidential {} |
29 changes: 29 additions & 0 deletions
29
...er-qual/src/main/java/org/checkerframework/checker/confidential/qual/NonConfidential.java
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,29 @@ | ||
| package org.checkerframework.checker.confidential.qual; | ||
|
|
||
| import java.lang.annotation.Documented; | ||
| import java.lang.annotation.ElementType; | ||
| import java.lang.annotation.Retention; | ||
| import java.lang.annotation.RetentionPolicy; | ||
| import java.lang.annotation.Target; | ||
| import org.checkerframework.framework.qual.DefaultFor; | ||
| import org.checkerframework.framework.qual.DefaultQualifierInHierarchy; | ||
| import org.checkerframework.framework.qual.LiteralKind; | ||
| import org.checkerframework.framework.qual.QualifierForLiterals; | ||
| import org.checkerframework.framework.qual.SubtypeOf; | ||
| import org.checkerframework.framework.qual.TypeUseLocation; | ||
|
|
||
| /** | ||
| * Denotes a value that may be exposed to end users, or a location that may be accessed by end | ||
| * users. NonConfidential locations will never contain sensitive, private, or otherwise | ||
| * privileged-access information. | ||
| * | ||
| * @checker_framework.manual #confidential-checker Confidential Checker | ||
| */ | ||
| @Documented | ||
| @Retention(RetentionPolicy.RUNTIME) | ||
| @Target({ElementType.TYPE_USE, ElementType.TYPE_PARAMETER}) | ||
| @SubtypeOf(UnknownConfidential.class) | ||
| @QualifierForLiterals({LiteralKind.STRING, LiteralKind.PRIMITIVE}) | ||
| @DefaultQualifierInHierarchy | ||
| @DefaultFor(value = {TypeUseLocation.LOCAL_VARIABLE, TypeUseLocation.UPPER_BOUND}) | ||
| public @interface NonConfidential {} |
20 changes: 20 additions & 0 deletions
20
...r-qual/src/main/java/org/checkerframework/checker/confidential/qual/PolyConfidential.java
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,20 @@ | ||
| package org.checkerframework.checker.confidential.qual; | ||
|
|
||
| import java.lang.annotation.Documented; | ||
| import java.lang.annotation.ElementType; | ||
| import java.lang.annotation.Retention; | ||
| import java.lang.annotation.RetentionPolicy; | ||
| import java.lang.annotation.Target; | ||
| import org.checkerframework.framework.qual.PolymorphicQualifier; | ||
|
|
||
| /** | ||
| * A polymorphic qualifier for the Confidential type system. | ||
| * | ||
| * @checker_framework.manual #confidential-checker Confidential Checker | ||
| * @checker_framework.manual #qualifier-polymorphism Qualifier polymorphism | ||
| */ | ||
| @Documented | ||
| @Retention(RetentionPolicy.RUNTIME) | ||
| @Target({ElementType.TYPE_USE, ElementType.TYPE_PARAMETER}) | ||
| @PolymorphicQualifier(UnknownConfidential.class) | ||
| public @interface PolyConfidential {} |
25 changes: 25 additions & 0 deletions
25
...ual/src/main/java/org/checkerframework/checker/confidential/qual/UnknownConfidential.java
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,25 @@ | ||
| package org.checkerframework.checker.confidential.qual; | ||
|
|
||
| import java.lang.annotation.Documented; | ||
| import java.lang.annotation.ElementType; | ||
| import java.lang.annotation.Retention; | ||
| import java.lang.annotation.RetentionPolicy; | ||
| import java.lang.annotation.Target; | ||
| import org.checkerframework.framework.qual.InvisibleQualifier; | ||
| import org.checkerframework.framework.qual.SubtypeOf; | ||
| import org.checkerframework.framework.qual.TargetLocations; | ||
| import org.checkerframework.framework.qual.TypeUseLocation; | ||
|
|
||
| /** | ||
| * Represents a value that might or might not be confidential. This is the top of the Confidential | ||
| * qualifier hierarchy. | ||
| * | ||
| * @checker_framework.manual #confidential-checker Confidential Checker | ||
| */ | ||
| @Documented | ||
| @Retention(RetentionPolicy.RUNTIME) | ||
| @Target({ElementType.TYPE_USE, ElementType.TYPE_PARAMETER}) | ||
| @TargetLocations({TypeUseLocation.EXPLICIT_LOWER_BOUND, TypeUseLocation.EXPLICIT_UPPER_BOUND}) | ||
| @InvisibleQualifier | ||
| @SubtypeOf({}) | ||
| public @interface UnknownConfidential {} |
27 changes: 27 additions & 0 deletions
27
...checkerframework/checker/confidential/AbstractAuthenticationTargetUrlRequestHandler.astub
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,27 @@ | ||
| package org.springframework.security.web.authentication; | ||
|
|
||
| import java.io.IOException; | ||
|
|
||
| import jakarta.servlet.ServletException; | ||
| import jakarta.servlet.http.HttpServletRequest; | ||
| import jakarta.servlet.http.HttpServletResponse; | ||
| import org.apache.commons.logging.Log; | ||
| import org.apache.commons.logging.LogFactory; | ||
|
|
||
| import org.springframework.core.log.LogMessage; | ||
| import org.springframework.security.core.Authentication; | ||
| import org.springframework.security.web.DefaultRedirectStrategy; | ||
| import org.springframework.security.web.RedirectStrategy; | ||
| import org.springframework.security.web.util.UrlUtils; | ||
| import org.springframework.util.Assert; | ||
| import org.springframework.util.StringUtils; | ||
|
|
||
| import org.checkerframework.checker.confidential.qual.UnknownConfidential; | ||
|
|
||
| public abstract class AbstractAuthenticationTargetUrlRequestHandler { | ||
|
|
||
| protected void handle(HttpServletRequest request, HttpServletResponse response, @UnknownConfidential Authentication authentication); | ||
|
|
||
| protected String determineTargetUrl(HttpServletRequest request, HttpServletResponse response, | ||
| @UnknownConfidential Authentication authentication); | ||
| } |
131 changes: 131 additions & 0 deletions
131
checker/src/main/java/org/checkerframework/checker/confidential/AlertDialog.astub
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,131 @@ | ||
| package android.app; | ||
|
|
||
| import android.annotation.ArrayRes; | ||
| import android.annotation.AttrRes; | ||
| import android.annotation.DrawableRes; | ||
| import android.annotation.StringRes; | ||
| import android.annotation.StyleRes; | ||
| import android.compat.annotation.UnsupportedAppUsage; | ||
| import android.content.Context; | ||
| import android.content.DialogInterface; | ||
| import android.content.res.ResourceId; | ||
| import android.content.res.Resources; | ||
| import android.database.Cursor; | ||
| import android.graphics.drawable.Drawable; | ||
| import android.os.Bundle; | ||
| import android.os.Message; | ||
| import android.text.Layout; | ||
| import android.text.method.MovementMethod; | ||
| import android.util.TypedValue; | ||
| import android.view.ContextThemeWrapper; | ||
| import android.view.KeyEvent; | ||
| import android.view.View; | ||
| import android.widget.AdapterView; | ||
| import android.widget.Button; | ||
| import android.widget.ListAdapter; | ||
| import android.widget.ListView; | ||
| import com.android.internal.R; | ||
| import com.android.internal.app.AlertController; | ||
|
|
||
| import org.checkerframework.checker.confidential.qual.*; | ||
|
|
||
| public class AlertDialog extends Dialog implements DialogInterface { | ||
|
|
||
| protected AlertDialog(@UnknownConfidential Context context); | ||
|
|
||
| protected AlertDialog(@UnknownConfidential Context context, boolean cancelable, | ||
| @UnknownConfidential OnCancelListener cancelListener); | ||
|
|
||
| protected AlertDialog(@UnknownConfidential Context context, @StyleRes int themeResId); | ||
|
|
||
| AlertDialog(@UnknownConfidential Context context, @StyleRes int themeResId, | ||
| boolean createContextThemeWrapper); | ||
|
|
||
| static @StyleRes int resolveDialogTheme(@UnknownConfidential Context context, | ||
| @StyleRes int themeResId); | ||
|
|
||
| public static class Builder { | ||
| public @UnknownConfidential Builder(@UnknownConfidential Context context); | ||
|
|
||
| public @UnknownConfidential Builder(@UnknownConfidential Context context, int themeResId); | ||
|
|
||
| public @UnknownConfidential Context getContext(); | ||
|
|
||
| public @UnknownConfidential Builder setTitle(@StringRes int titleId); | ||
|
|
||
| public @UnknownConfidential Builder setTitle(CharSequence title); | ||
|
|
||
| public @UnknownConfidential Builder setCustomTitle(View customTitleView); | ||
|
|
||
| public @UnknownConfidential Builder setMessage(@StringRes int messageId); | ||
|
|
||
| public @UnknownConfidential Builder setMessage(CharSequence message); | ||
|
|
||
| public @UnknownConfidential Builder setIcon(@DrawableRes int iconId); | ||
|
|
||
| public @UnknownConfidential Builder setIcon(Drawable icon); | ||
|
|
||
| public @UnknownConfidential Builder setIconAttribute(@AttrRes int attrId); | ||
|
|
||
| public @UnknownConfidential Builder setPositiveButton(@StringRes int textId, final @UnknownConfidential OnClickListener listener); | ||
|
|
||
| public @UnknownConfidential Builder setPositiveButton(CharSequence text, final @UnknownConfidential OnClickListener listener); | ||
|
|
||
| public @UnknownConfidential Builder setNegativeButton(@StringRes int textId, final @UnknownConfidential OnClickListener listener); | ||
|
|
||
| public @UnknownConfidential Builder setNegativeButton(CharSequence text, final @UnknownConfidential OnClickListener listener); | ||
|
|
||
| public @UnknownConfidential Builder setNeutralButton(@StringRes int textId, final @UnknownConfidential OnClickListener listener); | ||
|
|
||
| public @UnknownConfidential Builder setNeutralButton(CharSequence text, final @UnknownConfidential OnClickListener listener); | ||
|
|
||
| public @UnknownConfidential Builder setCancelable(boolean cancelable); | ||
|
|
||
| public @UnknownConfidential Builder setOnCancelListener(@UnknownConfidential OnCancelListener onCancelListener); | ||
|
|
||
| public @UnknownConfidential Builder setOnDismissListener(@UnknownConfidential OnDismissListener onDismissListener); | ||
|
|
||
| public @UnknownConfidential Builder setOnKeyListener(@UnknownConfidential OnKeyListener onKeyListener); | ||
|
|
||
| public @UnknownConfidential Builder setItems(@ArrayRes int itemsId, final @UnknownConfidential OnClickListener listener); | ||
|
|
||
| public @UnknownConfidential Builder setItems(CharSequence[] items, final @UnknownConfidential OnClickListener listener); | ||
|
|
||
| public @UnknownConfidential Builder setAdapter(final @UnknownConfidential ListAdapter adapter, final @UnknownConfidential OnClickListener listener); | ||
|
|
||
| public @UnknownConfidential Builder setCursor(final @UnknownConfidential Cursor cursor, final @UnknownConfidential OnClickListener listener, | ||
| String labelColumn); | ||
|
|
||
| public @UnknownConfidential Builder setMultiChoiceItems(@ArrayRes int itemsId, boolean[] checkedItems, | ||
| final @UnknownConfidential OnMultiChoiceClickListener listener); | ||
|
|
||
| public @UnknownConfidential Builder setMultiChoiceItems(CharSequence[] items, boolean[] checkedItems, | ||
| final @UnknownConfidential OnMultiChoiceClickListener listener); | ||
|
|
||
| public @UnknownConfidential Builder setMultiChoiceItems(@UnknownConfidential Cursor cursor, String isCheckedColumn, String labelColumn, | ||
| final @UnknownConfidential OnMultiChoiceClickListener listener); | ||
|
|
||
| public @UnknownConfidential Builder setSingleChoiceItems(@ArrayRes int itemsId, int checkedItem, | ||
| final @UnknownConfidential OnClickListener listener); | ||
|
|
||
| public @UnknownConfidential Builder setSingleChoiceItems(@UnknownConfidential Cursor cursor, int checkedItem, String labelColumn, | ||
| final @UnknownConfidential OnClickListener listener); | ||
|
|
||
| public @UnknownConfidential Builder setSingleChoiceItems(CharSequence[] items, int checkedItem, final @UnknownConfidential OnClickListener listener); | ||
|
|
||
| public @UnknownConfidential Builder setSingleChoiceItems(@UnknownConfidential ListAdapter adapter, int checkedItem, final @UnknownConfidential OnClickListener listener); | ||
|
|
||
| public @UnknownConfidential Builder setOnItemSelectedListener(final @UnknownConfidential AdapterView.OnItemSelectedListener listener); | ||
|
|
||
| public @UnknownConfidential Builder setView(int layoutResId); | ||
|
|
||
| public @UnknownConfidential Builder setView(View view); | ||
|
|
||
| @UnsupportedAppUsage | ||
| public @UnknownConfidential Builder setRecycleOnMeasureEnabled(boolean enabled); | ||
|
|
||
| public @UnknownConfidential AlertDialog create(); | ||
|
|
||
| public @UnknownConfidential AlertDialog show(); | ||
| } | ||
| } | ||
50 changes: 50 additions & 0 deletions
50
checker/src/main/java/org/checkerframework/checker/confidential/AndroidLog.astub
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,50 @@ | ||
| package android.util; | ||
| import android.annotation.IntDef; | ||
| import android.annotation.NonNull; | ||
| import android.annotation.Nullable; | ||
| import android.annotation.SystemApi; | ||
| import android.compat.annotation.UnsupportedAppUsage; | ||
| import android.os.DeadSystemException; | ||
| import com.android.internal.os.RuntimeInit; | ||
| import com.android.internal.util.FastPrintWriter; | ||
| import com.android.internal.util.LineBreakBufferedWriter; | ||
| import dalvik.annotation.optimization.FastNative; | ||
| import java.io.PrintWriter; | ||
| import java.io.StringWriter; | ||
| import java.io.Writer; | ||
| import java.lang.annotation.Retention; | ||
| import java.lang.annotation.RetentionPolicy; | ||
| import java.net.UnknownHostException; | ||
|
|
||
| import org.checkerframework.checker.confidential.qual.*; | ||
|
|
||
| public final class Log { | ||
|
|
||
| public static int d(@Nullable String tag, @Nullable String msg, @Nullable @UnknownConfidential Throwable tr); | ||
|
|
||
| public static int w(@Nullable String tag, @Nullable String msg, @Nullable @UnknownConfidential Throwable tr); | ||
|
|
||
| public static int w(@Nullable String tag, @Nullable @UnknownConfidential Throwable tr); | ||
|
|
||
| public static int v(@Nullable String tag, @Nullable String msg, @Nullable @UnknownConfidential Throwable tr); | ||
|
|
||
| public static int i(@Nullable String tag, @Nullable String msg, @Nullable @UnknownConfidential Throwable tr); | ||
|
|
||
| public static int e(@Nullable String tag, @Nullable String msg, @Nullable @UnknownConfidential Throwable tr); | ||
|
|
||
| public static int wtf(@Nullable String tag, @NonNull @UnknownConfidential Throwable tr); | ||
|
|
||
| public static int wtf(@Nullable String tag, @Nullable String msg, @Nullable @UnknownConfidential Throwable tr); | ||
|
|
||
| static int wtf(int logId, @Nullable String tag, @Nullable String msg, @Nullable @UnknownConfidential Throwable tr, | ||
| boolean localStack, boolean system); | ||
|
|
||
| @NonNull | ||
| public static @UnknownConfidential TerribleFailureHandler setWtfHandler(@NonNull @UnknownConfidential TerribleFailureHandler handler); | ||
|
|
||
| @NonNull | ||
| public static String getStackTraceString(@Nullable @UnknownConfidential Throwable tr); | ||
|
|
||
| public static int printlns(int bufID, int priority, @Nullable String tag, @NonNull String msg, | ||
| @Nullable @UnknownConfidential Throwable tr); | ||
| } |
18 changes: 18 additions & 0 deletions
18
checker/src/main/java/org/checkerframework/checker/confidential/ApacheLog.astub
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,18 @@ | ||
| package org.apache.commons.logging; | ||
|
|
||
| import org.checkerframework.checker.confidential.qual.UnknownConfidential; | ||
|
|
||
| public interface Log { | ||
|
|
||
| void debug(Object var1, @UnknownConfidential Throwable var2); | ||
|
|
||
| void error(Object var1, @UnknownConfidential Throwable var2); | ||
|
|
||
| void fatal(Object var1, @UnknownConfidential Throwable var2); | ||
|
|
||
| void info(Object var1, @UnknownConfidential Throwable var2); | ||
|
|
||
| void trace(Object var1, @UnknownConfidential Throwable var2); | ||
|
|
||
| void warn(Object var1, @UnknownConfidential Throwable var2); | ||
| } | ||
|
mernst marked this conversation as resolved.
|
||
22 changes: 22 additions & 0 deletions
22
checker/src/main/java/org/checkerframework/checker/confidential/Authentication.astub
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,22 @@ | ||
| package org.springframework.security.core; | ||
|
|
||
| import java.io.Serializable; | ||
| import java.security.Principal; | ||
| import java.util.Collection; | ||
| import org.springframework.security.core.GrantedAuthority; | ||
|
|
||
| import org.checkerframework.checker.confidential.qual.Confidential; | ||
|
|
||
| public interface Authentication extends Principal, Serializable { | ||
| Collection<? extends GrantedAuthority> getAuthorities(); | ||
|
|
||
| @Confidential Object getCredentials(); | ||
|
|
||
| Object getDetails(); | ||
|
|
||
| Object getPrincipal(); | ||
|
|
||
| boolean isAuthenticated(); | ||
|
|
||
| void setAuthenticated(boolean isAuthenticated) throws IllegalArgumentException; | ||
| } | ||
|
mernst marked this conversation as resolved.
|
||
Oops, something went wrong.
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Uh oh!
There was an error while loading. Please reload this page.