diff --git a/source/interprocedural_analyses/taint/issue.ml b/source/interprocedural_analyses/taint/issue.ml index 73d6a7c75e3..e7475af4cb1 100644 --- a/source/interprocedural_analyses/taint/issue.ml +++ b/source/interprocedural_analyses/taint/issue.ml @@ -46,6 +46,7 @@ module SinkHandle = struct | Return | LiteralStringSink of Sinks.t | ConditionalTestSink of Sinks.t + [@@deriving compare] let make_call ~call_target:{ CallGraph.CallTarget.target; index; _ } ~root = let root = @@ -64,8 +65,37 @@ module SinkHandle = struct let make_global ~call_target:{ CallGraph.CallTarget.target; index; _ } = Global { callee = target; index } + + + let master_handle ~callable ~code sink_handle = + let version = 0 (* Increment the version on format change. *) in + let sink_handle = + match sink_handle with + | Call { callee; index; parameter } -> + Format.asprintf + "Call|%s|%d|%s" + (Target.external_target_name callee) + index + (AccessPath.Root.to_string parameter) + | Global { callee; index } -> + Format.asprintf "Global|%s|%d" (Target.external_target_name callee) index + | Return -> "Return" + | LiteralStringSink sink -> Format.asprintf "LiteralStringSink|%a" Sinks.pp sink + | ConditionalTestSink sink -> Format.asprintf "ConditionalTestSink|%a" Sinks.pp sink + in + let full_handle = Format.asprintf "%s:%d:%d:%s" callable code version sink_handle in + let hash = full_handle |> Digest.string |> Digest.to_hex in + let short_handle = + String.sub + full_handle + ~pos:0 + ~len:(min (String.length full_handle) (255 - String.length hash - 1)) + in + Format.asprintf "%s:%s" short_handle hash end +module SinkHandleSet = Caml.Set.Make (SinkHandle) + module SinkTreeWithHandle = struct type t = { sink_tree: BackwardState.Tree.t; @@ -89,6 +119,7 @@ type t = { code: int; flow: Flow.t; location: Location.WithModule.t; + sink_handles: SinkHandleSet.t; define: Statement.Define.t Node.t; } @@ -112,10 +143,18 @@ module Candidate = struct type t = { flows: Flow.t list; location: Location.WithModule.t; + sink_handles: SinkHandleSet.t; } - let join { flows = left_flows; location } { flows = right_flows; _ } = - { flows = List.rev_append left_flows right_flows; location } + let join + { flows = left_flows; location; sink_handles = left_sink_handles } + { flows = right_flows; sink_handles = right_sink_handles; _ } + = + { + flows = List.rev_append left_flows right_flows; + location; + sink_handles = SinkHandleSet.union left_sink_handles right_sink_handles; + } end module TriggeredSinks = struct @@ -130,7 +169,7 @@ end Let F and B for forward and backward taint respectively. For each path p in B from the root to some node with non-empty taint T, we match T with the join of taint in the upward and downward closure from node at path p in F. *) -let generate_source_sink_matches ~location ~sink_handle:_ ~source_tree ~sink_tree = +let generate_source_sink_matches ~location ~sink_handle ~source_tree ~sink_tree = let make_source_sink_matches (path, sink_taint) matches = let source_taint = ForwardState.Tree.read path source_tree @@ -148,7 +187,7 @@ let generate_source_sink_matches ~location ~sink_handle:_ ~source_tree ~sink_tre else BackwardState.Tree.fold BackwardState.Tree.Path ~init:[] ~f:make_source_sink_matches sink_tree in - { Candidate.flows; location } + { Candidate.flows; location; sink_handles = SinkHandleSet.singleton sink_handle } let compute_triggered_sinks ~triggered_sinks ~location ~sink_handle ~source_tree ~sink_tree = @@ -207,7 +246,7 @@ module PartitionedFlow = struct } end -let generate_issues ~define { Candidate.flows; location } = +let generate_issues ~define { Candidate.flows; location; sink_handles } = let partitions = let partition { Flow.source_taint; sink_taint } = { @@ -302,7 +341,7 @@ let generate_issues ~define { Candidate.flows; location } = let apply_rule_separate_access_path issues_so_far (rule : Rule.t) = let fold_partitions issues candidate = match apply_rule_on_flow rule candidate with - | Some flow -> { code = rule.code; flow; location; define } :: issues + | Some flow -> { code = rule.code; flow; location; sink_handles; define } :: issues | None -> issues in List.fold partitions ~init:issues_so_far ~f:fold_partitions @@ -322,7 +361,7 @@ let generate_issues ~define { Candidate.flows; location } = if Flow.is_bottom flow then None else - Some { code = rule.code; flow; location; define } + Some { code = rule.code; flow; location; sink_handles; define } in let group_by_handle map issue = (* SAPP invariant: There should be a single issue per issue handle. @@ -484,7 +523,7 @@ let to_json ~filename_lookup callable issue = json_features; ] in - let traces = + let traces : Yojson.Safe.json = `List [ `Assoc ["name", `String "forward"; "roots", source_traces]; @@ -500,6 +539,14 @@ let to_json ~filename_lookup callable issue = Location.WithModule.instantiate ~lookup:filename_lookup issue.location in let callable_line = Ast.(Location.line issue.define.location) in + let master_handles = + SinkHandleSet.fold + (fun sink_handle handles -> + `String (SinkHandle.master_handle ~callable:callable_name ~code:issue.code sink_handle) + :: handles) + issue.sink_handles + [] + in `Assoc [ "callable", `String callable_name; @@ -512,6 +559,7 @@ let to_json ~filename_lookup callable issue = "message", `String message; "traces", traces; "features", `List json_features; + "master_handles", `List master_handles; ] diff --git a/source/interprocedural_analyses/taint/issue.mli b/source/interprocedural_analyses/taint/issue.mli index 1be59a44852..bc752e7c7de 100644 --- a/source/interprocedural_analyses/taint/issue.mli +++ b/source/interprocedural_analyses/taint/issue.mli @@ -44,6 +44,8 @@ module SinkHandle : sig val make_global : call_target:CallGraph.CallTarget.t -> t end +module SinkHandleSet : Caml.Set.S with type elt = SinkHandle.t + module SinkTreeWithHandle : sig type t = { sink_tree: BackwardState.Tree.t; @@ -60,6 +62,7 @@ type t = { code: int; flow: Flow.t; location: Location.WithModule.t; + sink_handles: SinkHandleSet.t; (* Only used to create the Pyre errors. *) define: Ast.Statement.Define.t Ast.Node.t; } @@ -75,6 +78,7 @@ module Candidate : sig type t = { flows: Flow.t list; location: Location.WithModule.t; + sink_handles: SinkHandleSet.t; } val join : t -> t -> t diff --git a/source/interprocedural_analyses/taint/test/integration/add_feature_to_argument.py.models b/source/interprocedural_analyses/taint/test/integration/add_feature_to_argument.py.models index c612e08af5d..f1aa1fc0366 100644 --- a/source/interprocedural_analyses/taint/test/integration/add_feature_to_argument.py.models +++ b/source/interprocedural_analyses/taint/test/integration/add_feature_to_argument.py.models @@ -63,6 +63,9 @@ { "always-via": "string_concat_lhs" }, { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "add_feature_to_argument.test_add_feature_in_comprehension:5002:0:Call|_test_sink|0|formal(arg):e660dc46ee53a95cdb86c321f40be0a3" ] } } diff --git a/source/interprocedural_analyses/taint/test/integration/always_in_none.py.models b/source/interprocedural_analyses/taint/test/integration/always_in_none.py.models index dbbb3100333..33be389eda5 100644 --- a/source/interprocedural_analyses/taint/test/integration/always_in_none.py.models +++ b/source/interprocedural_analyses/taint/test/integration/always_in_none.py.models @@ -140,6 +140,9 @@ ] } ], - "features": [ { "always-via": "special_sink" } ] + "features": [ { "always-via": "special_sink" } ], + "master_handles": [ + "always_in_none.test:5002:0:Call|_test_sink|0|formal(arg):1168c6477767d16ce96c21f36d6fcbba" + ] } } diff --git a/source/interprocedural_analyses/taint/test/integration/applies_to_index.py.models b/source/interprocedural_analyses/taint/test/integration/applies_to_index.py.models index 0b7f384f3f0..b67fe0ee6a9 100644 --- a/source/interprocedural_analyses/taint/test/integration/applies_to_index.py.models +++ b/source/interprocedural_analyses/taint/test/integration/applies_to_index.py.models @@ -61,6 +61,9 @@ { "has": "first-index" }, { "first-index": "a" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "applies_to_index.issue_only_with_a_key:5002:0:Call|_test_sink|0|formal(arg):76c5bfa4202be200a69fe5dce0318d74" ] } } @@ -118,7 +121,10 @@ ] } ], - "features": [ { "always-via": "special_sink" } ] + "features": [ { "always-via": "special_sink" } ], + "master_handles": [ + "applies_to_index.issue_only_with_first:5002:0:Call|_test_sink|0|formal(arg):1b20364f53d3dcf69a13dac6b9528240" + ] } } { @@ -175,7 +181,10 @@ ] } ], - "features": [ { "always-via": "special_sink" } ] + "features": [ { "always-via": "special_sink" } ], + "master_handles": [ + "applies_to_index.issue_only_with_second:5002:0:Call|_test_sink|1|formal(arg):c5de4b94ea7f50b90ee29115d6498c79" + ] } } { @@ -240,6 +249,9 @@ { "has": "first-field" }, { "first-field": "a" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "applies_to_index.issue_with_member:5002:0:Call|_test_sink|0|formal(arg):4e6c314b245358eeea77b64cace8721b" ] } } @@ -326,7 +338,10 @@ ] } ], - "features": [ { "always-via": "special_sink" } ] + "features": [ { "always-via": "special_sink" } ], + "master_handles": [ + "applies_to_index.issue_only_with_nested_first:5002:0:Call|_test_sink|0|formal(arg):12cbde4c9bc98dd60c8e3b1c36ce01b2" + ] } } { diff --git a/source/interprocedural_analyses/taint/test/integration/attach_features.py.models b/source/interprocedural_analyses/taint/test/integration/attach_features.py.models index 92dce4c1750..a2c94fe86f0 100644 --- a/source/interprocedural_analyses/taint/test/integration/attach_features.py.models +++ b/source/interprocedural_analyses/taint/test/integration/attach_features.py.models @@ -141,6 +141,9 @@ "features": [ { "always-via": "string_concat_lhs" }, { "always-via": "special_source" } + ], + "master_handles": [ + "attach_features.attach_to_returned_sink:5002:0:Return:8218e4adbc4250811127e266f8a13911" ] } } diff --git a/source/interprocedural_analyses/taint/test/integration/attributes.py.models b/source/interprocedural_analyses/taint/test/integration/attributes.py.models index d4c2c9627ef..02c230f4ae5 100644 --- a/source/interprocedural_analyses/taint/test/integration/attributes.py.models +++ b/source/interprocedural_analyses/taint/test/integration/attributes.py.models @@ -51,7 +51,10 @@ ] } ], - "features": [ { "always-via": "special_source" } ] + "features": [ { "always-via": "special_source" } ], + "master_handles": [ + "attributes.test_attribute_union_sink:5002:0:Global|Obj{attributes.Sink.token}|1:cb5576984115ab71838ed9c0be98c643" + ] } } { @@ -106,7 +109,10 @@ ] } ], - "features": [ { "always-via": "special_source" } ] + "features": [ { "always-via": "special_source" } ], + "master_handles": [ + "attributes.test_attribute_union_sink:5002:0:Global|Obj{attributes.Sink.token}|0:14935f90c85d01ed835cdc0a92c85dbf" + ] } } { @@ -174,6 +180,9 @@ { "always-via": "issue-broadening" }, { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "attributes.test_attribute_via_dunder_dict:5002:0:Call|_test_sink|0|formal(arg):62e7b46583720a9a3834cad383fbad3f" ] } } @@ -242,6 +251,9 @@ { "always-via": "tito" }, { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "attributes.test_attribute_via_dunder_dict:5002:0:Call|_test_sink|1|formal(arg):da5fc540abbf310d75dd68aa49edc906" ] } } @@ -302,6 +314,9 @@ "features": [ { "always-via": "tito" }, { "always-via": "special_source" } + ], + "master_handles": [ + "attributes.test_issue_with_update_to_self_attribute:5002:0:Global|Obj{attributes.D.buffer}|0:a87babfa59527e2779c9625bae05d282" ] } } @@ -606,7 +621,10 @@ ] } ], - "features": [ { "always-via": "special_sink" } ] + "features": [ { "always-via": "special_sink" } ], + "master_handles": [ + "attributes.test_attribute_union_source:5002:0:Call|_test_sink|1|formal(arg):a2bd11fa9758293fdf005fbfa793a61a" + ] } } { @@ -661,7 +679,10 @@ ] } ], - "features": [ { "always-via": "special_sink" } ] + "features": [ { "always-via": "special_sink" } ], + "master_handles": [ + "attributes.test_attribute_union_source:5002:0:Call|_test_sink|0|formal(arg):3e7e5ecb5638879f3585847c1274f5e1" + ] } } { @@ -889,6 +910,9 @@ { "has": "first-index" }, { "first-index": "text" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "attributes.test_issue_with_text_key_of_dictionary:5002:0:Call|_test_sink|0|formal(arg):07aaa6860d20d5f97b7ef18d4f0ad4f6" ] } } diff --git a/source/interprocedural_analyses/taint/test/integration/binary_operators.py.models b/source/interprocedural_analyses/taint/test/integration/binary_operators.py.models index 7736470d8cb..9dc2dbb07ac 100644 --- a/source/interprocedural_analyses/taint/test/integration/binary_operators.py.models +++ b/source/interprocedural_analyses/taint/test/integration/binary_operators.py.models @@ -60,6 +60,9 @@ "features": [ { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "binary_operators.test1:5002:0:Call|binary_operators.Add.__add__|0|formal(other):e6a103bbaecc137e992946ecaead11e6" ] } } @@ -124,6 +127,9 @@ "features": [ { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "binary_operators.test2:5002:0:Call|binary_operators.Add.__add__|0|formal(other):5ef261b25d55ce37fd84795645c4c318" ] } } diff --git a/source/interprocedural_analyses/taint/test/integration/builder_pattern.py.models b/source/interprocedural_analyses/taint/test/integration/builder_pattern.py.models index c0cbc0697bd..659d60d4891 100644 --- a/source/interprocedural_analyses/taint/test/integration/builder_pattern.py.models +++ b/source/interprocedural_analyses/taint/test/integration/builder_pattern.py.models @@ -63,6 +63,9 @@ { "always-via": "tito" }, { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "builder_pattern.test_issue:5002:0:Call|builder_pattern.Builder.async_save|0|formal(self):e183c160aeb69b7105783b6d44ec9ece" ] } } @@ -130,6 +133,9 @@ { "always-via": "tito" }, { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "builder_pattern.test_issue_with_sub_builder:5002:0:Call|builder_pattern.Builder.async_save|0|formal(self):f1b48755fa47e28484bcf20199cf4425" ] } } @@ -197,6 +203,9 @@ { "always-via": "tito" }, { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "builder_pattern.test_issue_with_type_var:5002:0:Call|builder_pattern.Builder.async_save|0|formal(self):7c21ffd5281ef1a5ec4beaa2b6514b5c" ] } } diff --git a/source/interprocedural_analyses/taint/test/integration/callables.py.models b/source/interprocedural_analyses/taint/test/integration/callables.py.models index 1e0218ec6fe..42270db99d1 100644 --- a/source/interprocedural_analyses/taint/test/integration/callables.py.models +++ b/source/interprocedural_analyses/taint/test/integration/callables.py.models @@ -65,6 +65,9 @@ { "always-via": "tito" }, { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "callables.async_execute_event_processor:5002:0:Call|Ovr{callables.AbstractEventProcessor::async_call_tainted}|0|formal(self):e4458631c86e70465ffcabff68de947f" ] } } diff --git a/source/interprocedural_analyses/taint/test/integration/class_flows.py.models b/source/interprocedural_analyses/taint/test/integration/class_flows.py.models index c317fbf36c7..69a6c040996 100644 --- a/source/interprocedural_analyses/taint/test/integration/class_flows.py.models +++ b/source/interprocedural_analyses/taint/test/integration/class_flows.py.models @@ -57,7 +57,10 @@ ] } ], - "features": [ { "always-via": "special_source" } ] + "features": [ { "always-via": "special_source" } ], + "master_handles": [ + "class_flows.tainted_class_attribute_through_double_underscore_class_issue:5002:0:Global|Obj{class_flows.C.__class__.tainted_class_attribute}|0:b7f61664326b657c5227d14cc38865b0" + ] } } { @@ -118,7 +121,10 @@ ] } ], - "features": [ { "always-via": "special_source" } ] + "features": [ { "always-via": "special_source" } ], + "master_handles": [ + "class_flows.tainted_class_attribute_through_optional_class_issue:5002:0:Global|Obj{class_flows.C.__class__.tainted_class_attribute}|0:a139d3961b8e8b18bed9ef93c398cca6" + ] } } { @@ -178,7 +184,10 @@ ] } ], - "features": [ { "always-via": "special_source" } ] + "features": [ { "always-via": "special_source" } ], + "master_handles": [ + "class_flows.global_class_attribute_issue:5002:0:Global|Obj{class_flows.C.__class__.tainted_class_attribute}|0:3018a70369c9c80371f3853076f8a844" + ] } } { @@ -235,7 +244,10 @@ ] } ], - "features": [ { "always-via": "special_source" } ] + "features": [ { "always-via": "special_source" } ], + "master_handles": [ + "class_flows.tainted_attribute_flow_issue:5002:0:Global|Obj{class_flows.C.tainted_attribute}|0:cba0e6980917c39855cb75c4ce3a3ebf" + ] } } { @@ -292,7 +304,10 @@ ] } ], - "features": [ { "always-via": "special_source" } ] + "features": [ { "always-via": "special_source" } ], + "master_handles": [ + "class_flows.tainted_attribute_through_inheritance_issue:5002:0:Global|Obj{class_flows.C.tainted_attribute}|0:79778c5e234d08fb4b022de03cd0edd4" + ] } } { @@ -352,7 +367,10 @@ ] } ], - "features": [ { "always-via": "special_source" } ] + "features": [ { "always-via": "special_source" } ], + "master_handles": [ + "class_flows.tainted_class_attribute_through_class_issue:5002:0:Global|Obj{class_flows.C.__class__.tainted_class_attribute}|0:2542e9e60455731d983e298f2875bfbf" + ] } } { @@ -418,6 +436,9 @@ "features": [ { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "class_flows.test:5002:0:Call|class_flows.HasClassmethods._async_results_for_non_empty_query_from_db|0|formal(locale):a529aa7033e6a0d9c907672d49c19426" ] } } @@ -484,6 +505,9 @@ "features": [ { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "class_flows.test_decorated_classmethod:5002:0:Call|class_flows.HasDecoratedClassmethod.to_sink|0|formal(x):70aad8c4ef81c0c7ddff090277f2bbc8" ] } } diff --git a/source/interprocedural_analyses/taint/test/integration/class_level_taint.py.models b/source/interprocedural_analyses/taint/test/integration/class_level_taint.py.models index bdc2693f9a4..86c2da4a9dc 100644 --- a/source/interprocedural_analyses/taint/test/integration/class_level_taint.py.models +++ b/source/interprocedural_analyses/taint/test/integration/class_level_taint.py.models @@ -107,6 +107,9 @@ ] } ], - "features": [] + "features": [], + "master_handles": [ + "class_level_taint.test:5002:0:Call|class_level_taint.ClassSink.sink|0|formal(argument):aff1e23735efdd1f0f4a23851bda22e0" + ] } } diff --git a/source/interprocedural_analyses/taint/test/integration/class_methods.py.models b/source/interprocedural_analyses/taint/test/integration/class_methods.py.models index 7a61a45ef5b..9f9482ca2ce 100644 --- a/source/interprocedural_analyses/taint/test/integration/class_methods.py.models +++ b/source/interprocedural_analyses/taint/test/integration/class_methods.py.models @@ -60,6 +60,9 @@ "features": [ { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "class_methods.bar:5002:0:Call|class_methods.Test.foo|0|formal(x):2f097eee7893b1af08f6427b3d4633d4" ] } } diff --git a/source/interprocedural_analyses/taint/test/integration/conditional.py.models b/source/interprocedural_analyses/taint/test/integration/conditional.py.models index 480014e197c..e3874ad90b1 100644 --- a/source/interprocedural_analyses/taint/test/integration/conditional.py.models +++ b/source/interprocedural_analyses/taint/test/integration/conditional.py.models @@ -46,7 +46,10 @@ ] } ], - "features": [ { "always-via-value": "my-data" } ] + "features": [ { "always-via-value": "my-data" } ], + "master_handles": [ + "conditional.issue1:123:0:ConditionalTestSink|InTest:45e375676071b503631c5b5a4da3286b" + ] } } { @@ -96,7 +99,10 @@ ] } ], - "features": [ { "always-via-value": "other" } ] + "features": [ { "always-via-value": "other" } ], + "master_handles": [ + "conditional.issue2:123:0:ConditionalTestSink|InTest:bac100ce2eb7ca255a4834112ed5f755" + ] } } { diff --git a/source/interprocedural_analyses/taint/test/integration/constructor_inheritance.py.models b/source/interprocedural_analyses/taint/test/integration/constructor_inheritance.py.models index de16c6797ae..666c4727bd8 100644 --- a/source/interprocedural_analyses/taint/test/integration/constructor_inheritance.py.models +++ b/source/interprocedural_analyses/taint/test/integration/constructor_inheritance.py.models @@ -62,6 +62,9 @@ "features": [ { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "constructor_inheritance.test:5002:0:Call|constructor_inheritance.MyBaseClass.__init__|0|formal(argument):93a5705e4cb2a6fca29f77771ebef246" ] } } diff --git a/source/interprocedural_analyses/taint/test/integration/constructors.py.models b/source/interprocedural_analyses/taint/test/integration/constructors.py.models index 07b18dec08e..7e07965c576 100644 --- a/source/interprocedural_analyses/taint/test/integration/constructors.py.models +++ b/source/interprocedural_analyses/taint/test/integration/constructors.py.models @@ -65,6 +65,9 @@ "features": [ { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "constructors.test_both_new_and_init_callgraph:5002:0:Call|constructors.BothNewAndInit.__init__|0|formal(self):a73cb91fd5cea4801cfb7e4f7da2c823" ] } } @@ -129,6 +132,9 @@ "features": [ { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "constructors.test_new_thing:5002:0:Call|constructors.ChildWithNew.__new__|0|formal(input):0621c7e8907b0ed7ff4ad484eebe8e34" ] } } @@ -199,6 +205,9 @@ { "first-field": "x" }, { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "constructors.test_source_in_constructor:5002:0:Call|_test_sink|0|formal(arg):6d9328ed3aed34a22d60639ca4c5022d" ] } } diff --git a/source/interprocedural_analyses/taint/test/integration/cross_repository.py.models b/source/interprocedural_analyses/taint/test/integration/cross_repository.py.models index a5cb5e61781..bc399e03925 100644 --- a/source/interprocedural_analyses/taint/test/integration/cross_repository.py.models +++ b/source/interprocedural_analyses/taint/test/integration/cross_repository.py.models @@ -57,7 +57,10 @@ ] } ], - "features": [ { "always-via": "special_sink" } ] + "features": [ { "always-via": "special_sink" } ], + "master_handles": [ + "cross_repository.test:5002:0:Call|_test_sink|0|formal(arg):2b28136ab12d359dd3ac489d6d107423" + ] } } { @@ -117,7 +120,10 @@ ] } ], - "features": [ { "always-via": "special_source" } ] + "features": [ { "always-via": "special_source" } ], + "master_handles": [ + "cross_repository.test_cross_repository_anchor:5002:0:Call|cross_repository.cross_repository_anchor_sink|0|formal(sink_parameter):74ee8def1faa44962b9d423b58cd1772" + ] } } { @@ -254,7 +260,10 @@ ] } ], - "features": [ { "always-via": "special_sink" } ] + "features": [ { "always-via": "special_sink" } ], + "master_handles": [ + "cross_repository.cross_repository_source:5002:0:Call|_test_sink|0|formal(arg):ac21fdbf72127ac5c56bafd9b43a351b" + ] } } { diff --git a/source/interprocedural_analyses/taint/test/integration/dataclass_taint.py.models b/source/interprocedural_analyses/taint/test/integration/dataclass_taint.py.models index 0b5755830ac..b4bd200619d 100644 --- a/source/interprocedural_analyses/taint/test/integration/dataclass_taint.py.models +++ b/source/interprocedural_analyses/taint/test/integration/dataclass_taint.py.models @@ -65,6 +65,9 @@ { "always-type": "integer" }, { "always-type": "scalar" }, { "always-via": "special_source" } + ], + "master_handles": [ + "dataclass_taint.test_class_attr_model_tainted_in_constructor:5002:0:Call|dataclass_taint.DataClassWithClassAttributeTaintedInConstructor.__init__|1|formal(bad):4a7785b5b0dc31c99f8d25cf5234a82f" ] } } @@ -135,6 +138,9 @@ { "always-type": "scalar" }, { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "dataclass_taint.issue_in_dataclass_constructor:5002:0:Call|dataclass_taint.DataClassWIthInit.__init__|0|formal(bad):95af429aa6b3669c034f8f4ade606c6b" ] } } @@ -195,7 +201,10 @@ ] } ], - "features": [ { "always-via": "special_source" } ] + "features": [ { "always-via": "special_source" } ], + "master_handles": [ + "dataclass_taint.test_class_attr_model_tainted_directly:5002:0:Global|Obj{dataclass_taint.DataClassWithClassAttributeTaintedDirectly.bad}|0:b81b9304aded9021a85d4fbe1e787a51" + ] } } { @@ -255,7 +264,10 @@ ] } ], - "features": [ { "always-via": "special_source" } ] + "features": [ { "always-via": "special_source" } ], + "master_handles": [ + "dataclass_taint.test_class_attr_model_tainted_directly:5002:0:Call|dataclass_taint.DataClassWithClassAttributeTaintedDirectly.__init__|1|formal(bad):2f7989bea29b0339ab8a203e62db91c0" + ] } } { @@ -1174,6 +1186,9 @@ { "always-via": "issue-broadening" }, { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "dataclass_taint.bad_is_tainted:5002:0:Call|_test_sink|0|formal(arg):a576244e9a2a485090237d4b1205ee6d" ] } } @@ -1312,7 +1327,10 @@ ] } ], - "features": [ { "always-via": "special_sink" } ] + "features": [ { "always-via": "special_sink" } ], + "master_handles": [ + "dataclass_taint.test_dataclass_with_other_source:5002:0:Call|_test_sink|0|formal(arg):8dc1aba82fdce0b57ee34191013425bb" + ] } } { @@ -1420,7 +1438,10 @@ ] } ], - "features": [ { "always-via": "special_sink" } ] + "features": [ { "always-via": "special_sink" } ], + "master_handles": [ + "dataclass_taint.test_dataclass_with_source:5002:0:Call|_test_sink|0|formal(arg):7562e5836e6feb38f926ee37c2912468" + ] } } { diff --git a/source/interprocedural_analyses/taint/test/integration/decorator.py.models b/source/interprocedural_analyses/taint/test/integration/decorator.py.models index 3c6e2b2afe0..c94cfcd55b7 100644 --- a/source/interprocedural_analyses/taint/test/integration/decorator.py.models +++ b/source/interprocedural_analyses/taint/test/integration/decorator.py.models @@ -66,6 +66,9 @@ { "always-type": "scalar" }, { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "decorator.main:5002:0:Call|decorator.foo_args_kwargs_with_sink|1|formal(y):7315584bf913d3a8482a86c3fd7f62de" ] } } @@ -136,6 +139,9 @@ { "always-type": "scalar" }, { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "decorator.main:5002:0:Call|decorator.foo_with_helper_function|0|formal(x):79a023bb314b79dbaaa797b4418a0ff8" ] } } @@ -200,6 +206,9 @@ "features": [ { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "decorator.main:5002:0:Call|decorator.foo_async|0|formal(y):f3a4be07afbf6d338177c5c28d7b0103" ] } } @@ -264,6 +273,9 @@ "features": [ { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "decorator.main:5002:0:Call|decorator.Foo.self_has_generic_type|0|formal(x):1d904e1b10103dc63761eb151649220a" ] } } @@ -334,6 +346,9 @@ { "always-type": "scalar" }, { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "decorator.main:5002:0:Call|decorator.foo_log_first_parameter|0|formal(x):5ae16dac4bb4fe64e2aa75438894edf6" ] } } @@ -398,6 +413,9 @@ "features": [ { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "decorator.main:5002:0:Call|decorator.foo_using_decorator_factory|0|formal(x):feb621b717fb8c1c72c833590bf4051a" ] } } @@ -462,6 +480,9 @@ "features": [ { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "decorator.main:5002:0:Call|decorator.Foo.foo|0|formal(x):698e390b3ce78adb9bb075b68552d797" ] } } @@ -526,6 +547,9 @@ "features": [ { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "decorator.main:5002:0:Call|decorator.foo_args_kwargs|0|formal(x):1d108131364bdb806b02a8cb2668d990" ] } } @@ -590,6 +614,9 @@ "features": [ { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "decorator.main:5002:0:Call|decorator.Foo.some_class_method|0|formal(x):393e937dd9a9ecb6162292427e244201" ] } } @@ -660,6 +687,9 @@ { "always-type": "scalar" }, { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "decorator.main:5002:0:Call|decorator.foo_with_sink|0|formal(x):2777cc7f8c266e9329c3fe15799386ca" ] } } @@ -724,6 +754,9 @@ "features": [ { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "decorator.main:5002:0:Call|decorator.Foo.bar|0|formal(x):d6c399de2b9d476a13ea748378ba1a2a" ] } } @@ -794,6 +827,9 @@ { "always-type": "scalar" }, { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "decorator.main:5002:0:Call|decorator.foo|0|formal(x):3260e990263b34bb8e48f747f4d4d381" ] } } @@ -1302,6 +1338,9 @@ { "always-via": "tito" }, { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "decorator.foo_with_shady_decorators._inlined_with_logging_source:5002:0:Call|decorator.foo_with_shady_decorators._inlined_with_logging_sink|0|formal(y):82a70286f12b4d788c5be3bb7399cce2" ] } } diff --git a/source/interprocedural_analyses/taint/test/integration/decorator_location.py.models b/source/interprocedural_analyses/taint/test/integration/decorator_location.py.models index 3dfe9cc40da..0a682e126f2 100644 --- a/source/interprocedural_analyses/taint/test/integration/decorator_location.py.models +++ b/source/interprocedural_analyses/taint/test/integration/decorator_location.py.models @@ -66,6 +66,9 @@ { "always-type": "scalar" }, { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "decorator_location.call_return_foo:5002:0:Call|_test_sink|0|formal(arg):2a0af123bc578f26c9b93f5a6b02bbc0" ] } } @@ -136,6 +139,9 @@ { "always-type": "scalar" }, { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "decorator_location.main:5002:0:Call|decorator_location.baz|0|formal(x):e305d13e20261144972c6aebbaa0efa9" ] } } @@ -206,6 +212,9 @@ { "always-type": "scalar" }, { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "decorator_location.main:5002:0:Call|decorator_location.foo|0|formal(x):f6ed7fba11687138661e229d5d1ba9ce" ] } } @@ -270,6 +279,9 @@ "features": [ { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "decorator_location.main:5002:0:Call|decorator_location.handle_request|1|formal(request):3091b7eeaeb9168762c2959242487aac" ] } } diff --git a/source/interprocedural_analyses/taint/test/integration/dictionary.py.models b/source/interprocedural_analyses/taint/test/integration/dictionary.py.models index ef177f1a530..cafdc1dfb82 100644 --- a/source/interprocedural_analyses/taint/test/integration/dictionary.py.models +++ b/source/interprocedural_analyses/taint/test/integration/dictionary.py.models @@ -60,6 +60,9 @@ "features": [ { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "dictionary.copy_untainted_values_with_tainted_keys:5002:0:Call|Ovr{dict::__setitem__}|0|formal(key):ff22f9dc5c260ff09cad0e910bab52a4" ] } } @@ -125,6 +128,9 @@ { "always-via": "issue-broadening" }, { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "dictionary.dict_with_tainted_key_flows_to_sink:5002:0:Call|_test_sink|0|formal(arg):54c199f9fa87e419c55556323777c09d" ] } } @@ -190,6 +196,9 @@ { "first-index": "a" }, { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "dictionary.flow_through_keywords:5002:0:Call|_test_sink|0|formal(arg):7e630432541639ac879e182f897ca1d0" ] } } @@ -262,6 +271,9 @@ { "always-via": "broadening" }, { "always-via": "issue-broadening" }, { "always-via": "special_source" } + ], + "master_handles": [ + "dictionary.indirect_flow_from_source_to_global_dictionary:5002:0:Call|dictionary.update_dictionary_indirectly|0|formal(arg):7345de284f58f532d285eb74386659cc" ] } } @@ -327,6 +339,9 @@ { "first-index": "with_feature" }, { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "dictionary.lists_of_dictionary_iteration_is_precise:5002:0:Call|_test_sink|0|formal(arg):9e36b69412c214642f26116f4acfbdbf" ] } } @@ -389,6 +404,9 @@ { "always-via": "tito" }, { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "dictionary.test_index_from_tito:5002:0:Call|_test_sink|0|formal(arg):73bc958bc29113a529b2d3ab96b5c2ab" ] } } @@ -448,6 +466,9 @@ "features": [ { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "dictionary.test_items:5002:0:Call|_test_sink|3|formal(arg):a1a5cd53de970c95a4f65fe8250cfcec" ] } } @@ -507,6 +528,9 @@ "features": [ { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "dictionary.test_items:5002:0:Call|_test_sink|0|formal(arg):bc122860c8540b884890e53ad2e47507" ] } } @@ -572,6 +596,9 @@ { "always-via": "issue-broadening" }, { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "dictionary.test_keys_and_values:5002:0:Call|_test_sink|0|formal(arg):4d2c82bafc7d29b00d2b85eee523f3e7" ] } } @@ -637,6 +664,9 @@ { "always-via": "issue-broadening" }, { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "dictionary.test_keys_and_values:5002:0:Call|_test_sink|3|formal(arg):acea50d57e2f5e8db3d68f91d60ddab2" ] } } @@ -703,6 +733,9 @@ { "always-via": "tito" }, { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "dictionary.test_service_with_dict:5002:0:Call|_test_sink|0|formal(arg):887ad86812deeb7e5016b495e826b640" ] } } @@ -769,6 +802,9 @@ { "always-via": "tito" }, { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "dictionary.test_service_with_mapping:5002:0:Call|_test_sink|0|formal(arg):da318e0faef70fe1ad1abf7f0e2f1e90" ] } } @@ -828,6 +864,9 @@ "features": [ { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "dictionary.test_with_issue_in_dict_comprehension:5002:0:Call|_test_sink|0|formal(arg):38410b25e5af49eb7bd846aa99f05099" ] } } @@ -894,6 +933,9 @@ { "always-via": "broadening" }, { "always-via": "issue-broadening" }, { "always-via": "special_source" } + ], + "master_handles": [ + "dictionary.update_tainted_dictionary:5002:0:Global|Obj{dictionary.tainted_dictionary}|0:cf68853721eceffa4b204d35a0c9a92f" ] } } @@ -1878,6 +1920,9 @@ "features": [ { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "dictionary.tainted_setitem:5002:0:Call|dictionary.SpecialSetitemDict.__setitem__|0|formal(key):b935bbcf2ce72073367ec745a37db21e" ] } } diff --git a/source/interprocedural_analyses/taint/test/integration/exception_test.py.models b/source/interprocedural_analyses/taint/test/integration/exception_test.py.models index 1eb019b8a7a..2622074bd3f 100644 --- a/source/interprocedural_analyses/taint/test/integration/exception_test.py.models +++ b/source/interprocedural_analyses/taint/test/integration/exception_test.py.models @@ -55,6 +55,9 @@ "features": [ { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "exception_test.test_except_to_finally:5002:0:Call|_test_sink|0|formal(arg):847a13df579e034004a8fdef4fc1f9a7" ] } } @@ -187,6 +190,9 @@ "features": [ { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "exception_test.test_before_try_to_finally:5002:0:Call|_test_sink|0|formal(arg):592321a59534b02a2dab5f619e054218" ] } } diff --git a/source/interprocedural_analyses/taint/test/integration/features.py.models b/source/interprocedural_analyses/taint/test/integration/features.py.models index 46df1c389b5..e5f72c25bfe 100644 --- a/source/interprocedural_analyses/taint/test/integration/features.py.models +++ b/source/interprocedural_analyses/taint/test/integration/features.py.models @@ -66,6 +66,9 @@ { "always-type": "scalar" }, { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "features.async_issue_bools:5002:0:Call|_test_sink|0|formal(arg):3bdb42078e2c8bb931dffef24589a057" ] } } @@ -136,6 +139,9 @@ { "always-type": "scalar" }, { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "features.issue_from_tuple:5002:0:Call|_test_sink|0|formal(arg):d1f4d3eec61ad0279e2e2819a69a171a" ] } } @@ -206,6 +212,9 @@ { "always-via": "tito" }, { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "features.issue_via_bool:5002:0:Call|_test_sink|0|formal(arg):57f857d039efde9df93f0a53da9abc79" ] } } @@ -281,6 +290,9 @@ { "always-via": "tito" }, { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "features.issue_via_equality:5002:0:Call|_test_sink|0|formal(arg):a8a79cf353af7aca6875842989231e92" ] } } @@ -346,6 +358,9 @@ { "always-type": "scalar" }, { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "features.issue_via_in:5002:0:Call|_test_sink|0|formal(arg):bfe94ee38d89fbed953f784a39443d8c" ] } } @@ -411,6 +426,9 @@ { "always-type": "scalar" }, { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "features.issue_via_in:5002:0:Call|_test_sink|1|formal(arg):8b8fbc207f24e7cd4e765e7157929554" ] } } diff --git a/source/interprocedural_analyses/taint/test/integration/first_field.py.models b/source/interprocedural_analyses/taint/test/integration/first_field.py.models index 592436c7e16..c4e2f385556 100644 --- a/source/interprocedural_analyses/taint/test/integration/first_field.py.models +++ b/source/interprocedural_analyses/taint/test/integration/first_field.py.models @@ -132,6 +132,9 @@ { "first-index": "a" }, { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "first_field.alternate_fields:5002:0:Call|_test_sink|0|formal(arg):e344eba1a11b018a14afd4a5796566b9" ] } } diff --git a/source/interprocedural_analyses/taint/test/integration/format.py.models b/source/interprocedural_analyses/taint/test/integration/format.py.models index a024ebc16fb..c9ad14383d7 100644 --- a/source/interprocedural_analyses/taint/test/integration/format.py.models +++ b/source/interprocedural_analyses/taint/test/integration/format.py.models @@ -55,6 +55,9 @@ "features": [ { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "format.issue_in_format:5002:0:Call|_test_sink|0|formal(arg):40a4eb44494f7e5de24f3521ab803c1a" ] } } diff --git a/source/interprocedural_analyses/taint/test/integration/functions_as_locals.py.models b/source/interprocedural_analyses/taint/test/integration/functions_as_locals.py.models index 2f039172c14..7164aeca8b8 100644 --- a/source/interprocedural_analyses/taint/test/integration/functions_as_locals.py.models +++ b/source/interprocedural_analyses/taint/test/integration/functions_as_locals.py.models @@ -60,6 +60,9 @@ "features": [ { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "functions_as_locals.a_or_b:5002:0:Call|functions_as_locals.barA|0|formal(arg1):30cb4ee0dc7fa4ac4965bd7e2913dd72" ] } } @@ -130,6 +133,9 @@ { "always-type": "scalar" }, { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "functions_as_locals.a_or_b:5002:0:Call|functions_as_locals.barB|1|formal(arg2):8daf533961ef1e32dac8c9825f44bb59" ] } } @@ -194,6 +200,9 @@ "features": [ { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "functions_as_locals.foo_as_local:5002:0:Call|functions_as_locals.foo|1|formal(arg):f9fd65b7743aab8c6435c736a6187206" ] } } @@ -258,6 +267,9 @@ "features": [ { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "functions_as_locals.foo_as_local:5002:0:Call|functions_as_locals.foo|0|formal(arg):0ccc02e50d8c95db519c9028c2d81a57" ] } } @@ -322,6 +334,9 @@ "features": [ { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "functions_as_locals.local_function_with_method_sink:5002:0:Call|functions_as_locals.C.m|1|formal(arg):e32efb22ea07e58d1f96a3f47f94ebda" ] } } @@ -386,6 +401,9 @@ "features": [ { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "functions_as_locals.local_function_with_method_sink:5002:0:Call|functions_as_locals.C.m|0|formal(arg):97adcfed0589f681a662c47c2a3b3105" ] } } diff --git a/source/interprocedural_analyses/taint/test/integration/global_flows.py.models b/source/interprocedural_analyses/taint/test/integration/global_flows.py.models index 7fcc27aa51b..d235787630f 100644 --- a/source/interprocedural_analyses/taint/test/integration/global_flows.py.models +++ b/source/interprocedural_analyses/taint/test/integration/global_flows.py.models @@ -56,6 +56,9 @@ "features": [ { "always-via": "tito" }, { "always-via": "special_source" } + ], + "master_handles": [ + "global_flows.append_directly:5002:0:Global|Obj{global_flows.l}|0:38ebc856813c45e0b032ff315d68b4d4" ] } } @@ -120,6 +123,9 @@ "features": [ { "always-via": "tito" }, { "always-via": "special_source" } + ], + "master_handles": [ + "global_flows.append_indirectly:5002:0:Call|global_flows.append_argument|0|formal(arg):f8ce531d2c9184ac5b223413f1cc59fe" ] } } @@ -180,6 +186,9 @@ "features": [ { "always-via": "tito" }, { "always-via": "special_source" } + ], + "master_handles": [ + "global_flows.update_x_at_arg1:5002:0:Global|Obj{global_flows.x}|0:ea658382ebbc54fd329b0c470e5a7788" ] } } @@ -240,6 +249,9 @@ "features": [ { "always-via": "tito" }, { "always-via": "special_source" } + ], + "master_handles": [ + "global_flows.update_x_at_arg2:5002:0:Global|Obj{global_flows.x}|0:060743aff11df8cc3d83cd7fcc245e30" ] } } @@ -304,6 +316,9 @@ "features": [ { "always-via": "tito" }, { "always-via": "special_source" } + ], + "master_handles": [ + "global_flows.x_tainted_indirectly_arg1:5002:0:Call|global_flows.indirectly_update_x_arg1|0|formal(arg):0169e118295abf5d783cfa0ea547596d" ] } } @@ -368,6 +383,9 @@ "features": [ { "always-via": "tito" }, { "always-via": "special_source" } + ], + "master_handles": [ + "global_flows.x_tainted_indirectly_arg2:5002:0:Call|global_flows.indirectly_update_x_arg2|0|formal(arg):97bee74051e71b0311d3b024c7a7e618" ] } } diff --git a/source/interprocedural_analyses/taint/test/integration/higher_order_functions.py.models b/source/interprocedural_analyses/taint/test/integration/higher_order_functions.py.models index 635b5bb92be..18831aea16e 100644 --- a/source/interprocedural_analyses/taint/test/integration/higher_order_functions.py.models +++ b/source/interprocedural_analyses/taint/test/integration/higher_order_functions.py.models @@ -64,6 +64,9 @@ { "always-via": "issue-broadening" }, { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "higher_order_functions.callable_class:5002:0:Call|_test_sink|0|formal(arg):bcd395b0205c3e72c1a3305f7acfd77f" ] } } @@ -128,6 +131,9 @@ "features": [ { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "higher_order_functions.test_higher_order_function:5002:0:Call|higher_order_functions.goes_to_sink|0|formal(arg):9481df2a3a4aecc8f6cc4a86c8fa37a9" ] } } @@ -194,6 +200,9 @@ "features": [ { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "higher_order_functions.test_higher_order_function_and_sink:5002:0:Call|higher_order_functions.higher_order_function_and_sink|0|formal(arg):d3ea6391f3b3696fd17aaaef375a6ba4" ] } } @@ -258,6 +267,9 @@ "features": [ { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "higher_order_functions.test_higher_order_function_and_sink:5002:0:Call|higher_order_functions.goes_to_sink|0|formal(arg):da1d8cce3614c6d7c93d269ed97651d0" ] } } @@ -326,6 +338,9 @@ { "always-via": "special_source" }, { "always-via": "lambda" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "higher_order_functions.test_higher_order_method:5002:0:Call|higher_order_functions.higher_order_method|0|formal(arg):bb12423a5f50e40b60294e8804787996" ] } } @@ -390,6 +405,9 @@ "features": [ { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "higher_order_functions.test_higher_order_method_self:5002:0:Call|higher_order_functions.C.self_to_sink|0|formal(self):62f145bcd8b30e191c2191bd8dc59b2e" ] } } diff --git a/source/interprocedural_analyses/taint/test/integration/http_request.py.models b/source/interprocedural_analyses/taint/test/integration/http_request.py.models index bfe24013bf6..bd0b9cb5635 100644 --- a/source/interprocedural_analyses/taint/test/integration/http_request.py.models +++ b/source/interprocedural_analyses/taint/test/integration/http_request.py.models @@ -53,7 +53,10 @@ ] } ], - "features": [ { "always-via": "special_sink" } ] + "features": [ { "always-via": "special_sink" } ], + "master_handles": [ + "http_request.request_get_flows_to_sink:5002:0:Call|_test_sink|0|formal(arg):499b8db0fa1708141d51a242d13cb6b4" + ] } } { @@ -110,7 +113,10 @@ ] } ], - "features": [ { "always-via": "special_sink" } ] + "features": [ { "always-via": "special_sink" } ], + "master_handles": [ + "http_request.test_trace_has_no_tito:5002:0:Call|_test_sink|0|formal(arg):e8be30e9fe310c91a3720a9b9f634b0d" + ] } } { @@ -167,7 +173,10 @@ ] } ], - "features": [ { "always-via": "special_sink" } ] + "features": [ { "always-via": "special_sink" } ], + "master_handles": [ + "http_request.test_untainted_assign:5002:0:Call|_test_sink|0|formal(arg):718f9623c390cf3eb0a30b8b19fff98e" + ] } } { diff --git a/source/interprocedural_analyses/taint/test/integration/implicit_sinks.py.models b/source/interprocedural_analyses/taint/test/integration/implicit_sinks.py.models index 83a9621f0b5..e23ed9d3f64 100644 --- a/source/interprocedural_analyses/taint/test/integration/implicit_sinks.py.models +++ b/source/interprocedural_analyses/taint/test/integration/implicit_sinks.py.models @@ -50,6 +50,9 @@ "features": [ { "always-via": "format-string" }, { "always-via": "special_source" } + ], + "master_handles": [ + "implicit_sinks.inline_issue:1337:0:LiteralStringSink|Test:4b23f220f0c56c92a09c1005056d0f3c" ] } } diff --git a/source/interprocedural_analyses/taint/test/integration/issue_grouping.py.models b/source/interprocedural_analyses/taint/test/integration/issue_grouping.py.models index 334444b7fde..43ff85375a0 100644 --- a/source/interprocedural_analyses/taint/test/integration/issue_grouping.py.models +++ b/source/interprocedural_analyses/taint/test/integration/issue_grouping.py.models @@ -59,7 +59,10 @@ ] } ], - "features": [ { "has": "first-index" }, { "first-index": "b" } ] + "features": [ { "has": "first-index" }, { "first-index": "b" } ], + "master_handles": [ + "issue_grouping.issue:1003:0:Call|issue_grouping.multi_sink|0|formal(d):3a59e7397660c7d8070a92a8a244a960" + ] } } { @@ -122,7 +125,10 @@ ] } ], - "features": [ { "has": "first-index" }, { "first-index": "a" } ] + "features": [ { "has": "first-index" }, { "first-index": "a" } ], + "master_handles": [ + "issue_grouping.issue:1000:0:Call|issue_grouping.multi_sink|0|formal(d):8de0af2b47354365a27f7eb6d4686d3f" + ] } } { diff --git a/source/interprocedural_analyses/taint/test/integration/lineage_analysis.py.models b/source/interprocedural_analyses/taint/test/integration/lineage_analysis.py.models index 8caf3c017de..673593ab279 100644 --- a/source/interprocedural_analyses/taint/test/integration/lineage_analysis.py.models +++ b/source/interprocedural_analyses/taint/test/integration/lineage_analysis.py.models @@ -50,7 +50,10 @@ ] } ], - "features": [] + "features": [], + "master_handles": [ + "lineage_analysis.issue1:1000:0:Call|lineage_analysis.sink|0|formal(arg):8e0f473e34fa06bcc853755cbcae73a7" + ] } } { @@ -104,7 +107,10 @@ ] } ], - "features": [] + "features": [], + "master_handles": [ + "lineage_analysis.issue1:1000:0:Call|lineage_analysis.sink|0|formal(arg):8e0f473e34fa06bcc853755cbcae73a7" + ] } } { @@ -158,7 +164,10 @@ ] } ], - "features": [] + "features": [], + "master_handles": [ + "lineage_analysis.issue2:1000:0:Call|lineage_analysis.sink|0|formal(arg):213a3804b482da74133941dfc65215e1" + ] } } { @@ -212,7 +221,10 @@ ] } ], - "features": [] + "features": [], + "master_handles": [ + "lineage_analysis.issue2:1000:0:Call|lineage_analysis.sink|0|formal(arg):213a3804b482da74133941dfc65215e1" + ] } } { @@ -266,7 +278,10 @@ ] } ], - "features": [] + "features": [], + "master_handles": [ + "lineage_analysis.issue3:1000:0:Call|lineage_analysis.sink|0|formal(arg):1d56c16a73185eec18b22ae9d7448d9f" + ] } } { @@ -320,7 +335,10 @@ ] } ], - "features": [] + "features": [], + "master_handles": [ + "lineage_analysis.issue4:1000:0:Call|lineage_analysis.sink|0|formal(arg):221acf97d700c98172a66e83fbe3b555" + ] } } { @@ -374,7 +392,10 @@ ] } ], - "features": [] + "features": [], + "master_handles": [ + "lineage_analysis.issue4:1000:0:Call|lineage_analysis.sink|0|formal(arg):221acf97d700c98172a66e83fbe3b555" + ] } } { @@ -432,7 +453,10 @@ ] } ], - "features": [] + "features": [], + "master_handles": [ + "lineage_analysis.issue5:1000:0:Call|lineage_analysis.sink|0|formal(arg):7e5694b82f8e7a51e82957b158e4d072" + ] } } { @@ -486,7 +510,10 @@ ] } ], - "features": [] + "features": [], + "master_handles": [ + "lineage_analysis.issue5:1000:0:Call|lineage_analysis.sink|0|formal(arg):7e5694b82f8e7a51e82957b158e4d072" + ] } } { @@ -540,7 +567,10 @@ ] } ], - "features": [] + "features": [], + "master_handles": [ + "lineage_analysis.issue6:1000:0:Call|lineage_analysis.sink|0|formal(arg):e2297224ad21f984216017f4966ca219" + ] } } { @@ -598,7 +628,10 @@ ] } ], - "features": [] + "features": [], + "master_handles": [ + "lineage_analysis.issue7:1000:0:Call|lineage_analysis.sink|0|formal(arg):e4853f9c0a13fbf80d4099b226cb1a54" + ] } } { @@ -656,7 +689,10 @@ ] } ], - "features": [] + "features": [], + "master_handles": [ + "lineage_analysis.issue8:1000:0:Call|lineage_analysis.sink|0|formal(arg):9875c5f9d2b46599ef1f5f09f9d2952c" + ] } } { @@ -714,7 +750,10 @@ ] } ], - "features": [] + "features": [], + "master_handles": [ + "lineage_analysis.issue9:1000:0:Call|lineage_analysis.sink|0|formal(arg):4dfaf4d553f64ef53ae3d98ae6299e72" + ] } } { diff --git a/source/interprocedural_analyses/taint/test/integration/locals.py.models b/source/interprocedural_analyses/taint/test/integration/locals.py.models index a7d34af7f93..b1a84678202 100644 --- a/source/interprocedural_analyses/taint/test/integration/locals.py.models +++ b/source/interprocedural_analyses/taint/test/integration/locals.py.models @@ -61,6 +61,9 @@ { "first-index": "x" }, { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "locals.locals_to_sink:5002:0:Call|_test_sink|1|formal(arg):7fbc70d5dc3b10640602ae6ed885848c" ] } } @@ -125,6 +128,9 @@ "features": [ { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "locals.locals_to_sink:5002:0:Call|locals.named_sink|0|formal(x):e86eb462636e5e28768c97e19403578d" ] } } @@ -228,6 +234,9 @@ { "has": "first-index" }, { "first-index": "x" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "locals.source_parameter_to_sink:5002:0:Call|_test_sink|0|formal(arg):2b5c4e9505cceda2f46c9f4bb0fbf18e" ] } } diff --git a/source/interprocedural_analyses/taint/test/integration/maximum_tito_depth.py.models b/source/interprocedural_analyses/taint/test/integration/maximum_tito_depth.py.models index 53f9ef7c781..90bc44861e3 100644 --- a/source/interprocedural_analyses/taint/test/integration/maximum_tito_depth.py.models +++ b/source/interprocedural_analyses/taint/test/integration/maximum_tito_depth.py.models @@ -58,6 +58,9 @@ { "always-via": "tito" }, { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "maximum_tito_depth.issue:1000:0:Call|_test_sink|0|formal(arg):0721fb3ffb38a4bf7b197f2be4855e62" ] } } diff --git a/source/interprocedural_analyses/taint/test/integration/maximum_trace_length.py.models b/source/interprocedural_analyses/taint/test/integration/maximum_trace_length.py.models index 372dc2b1ad7..4f3c27c934b 100644 --- a/source/interprocedural_analyses/taint/test/integration/maximum_trace_length.py.models +++ b/source/interprocedural_analyses/taint/test/integration/maximum_trace_length.py.models @@ -65,6 +65,9 @@ "features": [ { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "maximum_trace_length.issue_source_one_sink_one:1000:0:Call|maximum_trace_length.sink_distance_one|0|formal(x):a08e4c0767d31879aad563d6ccd32a7b" ] } } @@ -134,6 +137,9 @@ "features": [ { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "maximum_trace_length.issue_source_one_sink_zero:1000:0:Call|maximum_trace_length.sink_distance_zero|0|formal(x):f1e39236af32c42d591fc6b91d1f3e01" ] } } @@ -203,6 +209,9 @@ "features": [ { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "maximum_trace_length.issue_source_zero_sink_zero:1000:0:Call|maximum_trace_length.sink_distance_zero|0|formal(x):25f77eba01683531b416229d0cd28e54" ] } } diff --git a/source/interprocedural_analyses/taint/test/integration/missing_type.py.models b/source/interprocedural_analyses/taint/test/integration/missing_type.py.models index 87e4277d209..a1ffd1f6176 100644 --- a/source/interprocedural_analyses/taint/test/integration/missing_type.py.models +++ b/source/interprocedural_analyses/taint/test/integration/missing_type.py.models @@ -140,6 +140,9 @@ "features": [ { "always-via": "obscure:unknown-callee" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "missing_type.test_unknown_source_attribute:5002:0:Call|_test_sink|0|formal(arg):1584cf04889a0197e642b9b46c97bc33" ] } } diff --git a/source/interprocedural_analyses/taint/test/integration/model_query.py.models b/source/interprocedural_analyses/taint/test/integration/model_query.py.models index db059621bf1..c3cff801a45 100644 --- a/source/interprocedural_analyses/taint/test/integration/model_query.py.models +++ b/source/interprocedural_analyses/taint/test/integration/model_query.py.models @@ -53,7 +53,10 @@ ] } ], - "features": [ { "always-via": "special_source" } ] + "features": [ { "always-via": "special_source" } ], + "master_handles": [ + "model_query.alarm_6:1008:0:Global|Obj{model_query.AttributeTestClass3.instance}|0:093c3aecbbf663d45349e66c87aac171" + ] } } { @@ -110,7 +113,10 @@ ] } ], - "features": [ { "always-via": "special_source" } ] + "features": [ { "always-via": "special_source" } ], + "master_handles": [ + "model_query.alarm_6:1006:0:Global|Obj{model_query.AttributeTestClass3.instance}|0:2fe4609a4f178a6be9d50be2b68231e2" + ] } } { @@ -839,7 +845,10 @@ ] } ], - "features": [ { "always-via": "special_sink" } ] + "features": [ { "always-via": "special_sink" } ], + "master_handles": [ + "model_query.alarm_1:1001:0:Call|_test_sink|0|formal(arg):a9184d0be2a256b695ec5ce8331dd9c2" + ] } } { @@ -927,7 +936,10 @@ ] } ], - "features": [ { "always-via": "special_sink" } ] + "features": [ { "always-via": "special_sink" } ], + "master_handles": [ + "model_query.alarm_10:1002:0:Call|_test_sink|0|formal(arg):ce3fa9be7b846215e3bb815f7047e579" + ] } } { @@ -1015,7 +1027,10 @@ ] } ], - "features": [ { "always-via": "special_sink" } ] + "features": [ { "always-via": "special_sink" } ], + "master_handles": [ + "model_query.alarm_11:1002:0:Call|_test_sink|0|formal(arg):0840dd54d902986906b8c38fd6d11fb5" + ] } } { @@ -1103,7 +1118,10 @@ ] } ], - "features": [ { "always-via": "special_sink" } ] + "features": [ { "always-via": "special_sink" } ], + "master_handles": [ + "model_query.alarm_12:1002:0:Call|_test_sink|0|formal(arg):bf745cfd45bdbdf218821bfdc731b704" + ] } } { @@ -1188,7 +1206,10 @@ ] } ], - "features": [ { "always-via": "special_sink" } ] + "features": [ { "always-via": "special_sink" } ], + "master_handles": [ + "model_query.alarm_2:1001:0:Call|_test_sink|0|formal(arg):79d7747af82c4fcaf852e8ad561b7833" + ] } } { @@ -1275,7 +1296,10 @@ ] } ], - "features": [ { "always-via": "special_sink" } ] + "features": [ { "always-via": "special_sink" } ], + "master_handles": [ + "model_query.alarm_3:1001:0:Call|_test_sink|0|formal(arg):74a1acc36a855c94819af6d06dd8b1b8" + ] } } { @@ -1360,7 +1384,10 @@ ] } ], - "features": [ { "always-via": "special_sink" } ] + "features": [ { "always-via": "special_sink" } ], + "master_handles": [ + "model_query.alarm_4:1001:0:Call|_test_sink|0|formal(arg):4b0188ca3e78c717e07f7b0f621b7188" + ] } } { @@ -1463,7 +1490,10 @@ ] } ], - "features": [] + "features": [], + "master_handles": [ + "model_query.alarm_5:1007:0:Global|Obj{model_query.AttributeTestClass3.attribute}|0:5e3a7d3bd2f5e607ca68e3dd6c249666" + ] } } { @@ -1521,7 +1551,10 @@ ] } ], - "features": [] + "features": [], + "master_handles": [ + "model_query.alarm_5:1006:0:Global|Obj{model_query.AttributeTestClass3.attribute}|0:355cd4dd56695dd84d05903b9b97f639" + ] } } { @@ -1630,7 +1663,10 @@ ] } ], - "features": [] + "features": [], + "master_handles": [ + "model_query.alarm_7:1004:0:Return:87bb6daab7f3a120a18ed61deb1b579d" + ] } } { @@ -1683,7 +1719,10 @@ ] } ], - "features": [] + "features": [], + "master_handles": [ + "model_query.alarm_7:1003:0:Return:7bc53faf9fc59acf138e34e39b897a2f" + ] } } { @@ -1768,7 +1807,10 @@ ] } ], - "features": [ { "always-via": "special_sink" } ] + "features": [ { "always-via": "special_sink" } ], + "master_handles": [ + "model_query.alarm_8:1005:0:Call|_test_sink|0|formal(arg):4e380b4a53b4601356ea46ccf5674f76" + ] } } { @@ -1825,7 +1867,10 @@ ] } ], - "features": [ { "always-via": "special_sink" } ] + "features": [ { "always-via": "special_sink" } ], + "master_handles": [ + "model_query.alarm_8:1003:0:Call|_test_sink|0|formal(arg):bad451ecdee0aed4f2c31393e0723ead" + ] } } { @@ -1913,7 +1958,10 @@ ] } ], - "features": [ { "always-via": "special_sink" } ] + "features": [ { "always-via": "special_sink" } ], + "master_handles": [ + "model_query.alarm_9:1002:0:Call|_test_sink|0|formal(arg):d52b1ec1ba56df50b439b8b37db26f1a" + ] } } { diff --git a/source/interprocedural_analyses/taint/test/integration/model_query_annotated.py.models b/source/interprocedural_analyses/taint/test/integration/model_query_annotated.py.models index f2e9a743741..d51da20049c 100644 --- a/source/interprocedural_analyses/taint/test/integration/model_query_annotated.py.models +++ b/source/interprocedural_analyses/taint/test/integration/model_query_annotated.py.models @@ -61,6 +61,9 @@ "features": [ { "always-via-type": "typing.Annotated[typing.Optional[float]]" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "model_query_annotated.test1_alarm1:5002:0:Call|_test_sink|0|formal(arg):d18d16b3ac087c81541bb98ad54eaa39" ] } } @@ -126,6 +129,9 @@ "features": [ { "always-via-type": "typing.Annotated[typing.Optional[float]]" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "model_query_annotated.test1_alarm2:5002:0:Call|_test_sink|0|formal(arg):c6ed0280dd85d05f1393f0cb0972c470" ] } } @@ -191,6 +197,9 @@ "features": [ { "always-via-type": "typing.Annotated[typing.Optional[float]]" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "model_query_annotated.test1_alarm3:5002:0:Call|_test_sink|0|formal(arg):c759ed3c804e9d78a0f981103e0e21dc" ] } } @@ -256,6 +265,9 @@ "features": [ { "always-via-type": "typing.Annotated[typing.Optional[float]]" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "model_query_annotated.test1_alarm4:5002:0:Call|_test_sink|0|formal(arg):3c2f0013f846fd8b28d85ca246eae6dd" ] } } @@ -321,6 +333,9 @@ "features": [ { "always-via-type": "typing.Annotated[typing.Optional[float]]" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "model_query_annotated.test2_alarm1:5002:0:Call|_test_sink|0|formal(arg):b8e24537537f3d32304c259208734d83" ] } } @@ -386,6 +401,9 @@ "features": [ { "always-via-type": "typing.Annotated[typing.Optional[float]]" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "model_query_annotated.test2_alarm2:5002:0:Call|_test_sink|0|formal(arg):8997edd700a2f9344b93da74dec2ee25" ] } } @@ -649,7 +667,10 @@ ] } ], - "features": [ { "always-via": "special_sink" } ] + "features": [ { "always-via": "special_sink" } ], + "master_handles": [ + "model_query_annotated.test3_alarm1:5002:0:Call|_test_sink|0|formal(arg):dbfab590f77ae77afa60c7051afcaecf" + ] } } { @@ -744,7 +765,10 @@ ] } ], - "features": [ { "always-via": "special_sink" } ] + "features": [ { "always-via": "special_sink" } ], + "master_handles": [ + "model_query_annotated.test3_alarm2:5002:0:Call|_test_sink|0|formal(arg):7ad3a5dd0d1814ffb9adc16f74cd5597" + ] } } { diff --git a/source/interprocedural_analyses/taint/test/integration/model_query_parameters_viatypeof.py.models b/source/interprocedural_analyses/taint/test/integration/model_query_parameters_viatypeof.py.models index 1e2eea1098d..2e950e0b411 100644 --- a/source/interprocedural_analyses/taint/test/integration/model_query_parameters_viatypeof.py.models +++ b/source/interprocedural_analyses/taint/test/integration/model_query_parameters_viatypeof.py.models @@ -57,6 +57,9 @@ "features": [ { "always-via-type": "str" }, { "always-via": "special_source" } + ], + "master_handles": [ + "model_query_parameters_viatypeof.test1_alarm1:5002:0:Call|model_query_parameters_viatypeof.test1_f1|0|formal(a):c51e901c4f6836be53837c9f1907f539" ] } } @@ -120,6 +123,9 @@ "features": [ { "always-via-type": "typing.Annotated[str]" }, { "always-via": "special_source" } + ], + "master_handles": [ + "model_query_parameters_viatypeof.test1_alarm2:5002:0:Call|model_query_parameters_viatypeof.test1_f1|0|formal(b):5f13254d8db4ffe94e337525439dc6c2" ] } } @@ -181,6 +187,9 @@ "features": [ { "always-via-type": "int" }, { "always-via": "special_source" } + ], + "master_handles": [ + "model_query_parameters_viatypeof.test1_alarm3:5002:0:Call|model_query_parameters_viatypeof.test1_f1|0|formal(c):2d29c72d71f3145db2a63205262a151c" ] } } @@ -242,6 +251,9 @@ "features": [ { "always-via-type": "str" }, { "always-via": "special_source" } + ], + "master_handles": [ + "model_query_parameters_viatypeof.test2_alarm1:5002:0:Call|model_query_parameters_viatypeof.Test2_C.f1|0|formal(a):ba3f43ef71adac88b842f5676c2925da" ] } } @@ -305,6 +317,9 @@ "features": [ { "always-via": "special_source" }, { "always-via-type": "typing.Dict[str, int]" } + ], + "master_handles": [ + "model_query_parameters_viatypeof.test2_alarm2:5002:0:Call|model_query_parameters_viatypeof.Test2_C.f1|0|formal(b):c3718e253c030c7757aac7dc1aceb3ab" ] } } @@ -370,6 +385,9 @@ "features": [ { "always-via": "special_source" }, { "always-via-type": "model_query_parameters_viatypeof.Test2_T" } + ], + "master_handles": [ + "model_query_parameters_viatypeof.test2_alarm3:5002:0:Call|model_query_parameters_viatypeof.Test2_C.f1|0|formal(c):b815fd8d1aa0201159837f3010a77365" ] } } @@ -431,6 +449,9 @@ "features": [ { "always-via-type": "int" }, { "always-via": "special_source" } + ], + "master_handles": [ + "model_query_parameters_viatypeof.test2_alarm4:5002:0:Call|model_query_parameters_viatypeof.Test2_C.f2|0|formal(a):874735c5414de7a64dd7628a8ca39839" ] } } @@ -500,6 +521,9 @@ "typing.List[typing.List[model_query_parameters_viatypeof.Test2_T]]" }, { "always-via": "special_source" } + ], + "master_handles": [ + "model_query_parameters_viatypeof.test2_alarm5:5002:0:Call|model_query_parameters_viatypeof.Test2_C.f2|0|formal(b):ff2f385ddca1a1a4f2a1f47e981f8479" ] } } @@ -561,6 +585,9 @@ "features": [ { "always-via": "special_source" }, { "always-via-type": "float" } + ], + "master_handles": [ + "model_query_parameters_viatypeof.test2_alarm6:5002:0:Call|model_query_parameters_viatypeof.Test2_C.f2|0|formal(c):c4d9be9b05c06bc0c027f3a7a3be2337" ] } } diff --git a/source/interprocedural_analyses/taint/test/integration/model_query_parameters_where.py.models b/source/interprocedural_analyses/taint/test/integration/model_query_parameters_where.py.models index 94a9cc36f47..ac705a01f96 100644 --- a/source/interprocedural_analyses/taint/test/integration/model_query_parameters_where.py.models +++ b/source/interprocedural_analyses/taint/test/integration/model_query_parameters_where.py.models @@ -243,6 +243,9 @@ { "always-type": "integer" }, { "always-type": "scalar" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "model_query_parameters_where.test1_alarm1:1000:0:Call|_test_sink|0|formal(arg):d83646d5bdbbbd25fc640ee23438fc48" ] } } @@ -359,7 +362,10 @@ ] } ], - "features": [ { "always-via": "special_sink" } ] + "features": [ { "always-via": "special_sink" } ], + "master_handles": [ + "model_query_parameters_where.test1_alarm2:1000:0:Call|_test_sink|0|formal(arg):fa69524c6675ef18297a643cd33b692c" + ] } } { @@ -475,7 +481,10 @@ ] } ], - "features": [ { "always-via": "special_sink" } ] + "features": [ { "always-via": "special_sink" } ], + "master_handles": [ + "model_query_parameters_where.test1_alarm3:1000:0:Call|_test_sink|0|formal(arg):d8b906ac5f2c6edb47b2cc70f7a9cd5a" + ] } } { @@ -591,7 +600,10 @@ ] } ], - "features": [ { "always-via": "special_sink" } ] + "features": [ { "always-via": "special_sink" } ], + "master_handles": [ + "model_query_parameters_where.test1_alarm4:1000:0:Call|_test_sink|0|formal(arg):05e120b4ce6bdf42ee37a7d9f9bae158" + ] } } { @@ -742,7 +754,10 @@ ] } ], - "features": [ { "always-via": "special_sink" } ] + "features": [ { "always-via": "special_sink" } ], + "master_handles": [ + "model_query_parameters_where.test3_alarm1:1000:0:Call|_test_sink|0|formal(arg):c12e395755046fa9554b935fe4b2ff5e" + ] } } { @@ -837,7 +852,10 @@ ] } ], - "features": [ { "always-via": "special_sink" } ] + "features": [ { "always-via": "special_sink" } ], + "master_handles": [ + "model_query_parameters_where.test3_alarm2:1000:0:Call|_test_sink|0|formal(arg):93ba19555cd9f48f655bec3d7cd20a53" + ] } } { @@ -1012,7 +1030,10 @@ ] } ], - "features": [ { "always-via": "special_sink" } ] + "features": [ { "always-via": "special_sink" } ], + "master_handles": [ + "model_query_parameters_where.test4_alarm1:1000:0:Call|_test_sink|0|formal(arg):d0b038c7b8b55cbdf7c6a9f7fc0e2922" + ] } } { @@ -1103,7 +1124,10 @@ ] } ], - "features": [ { "always-via": "special_sink" } ] + "features": [ { "always-via": "special_sink" } ], + "master_handles": [ + "model_query_parameters_where.test4_alarm2:1000:0:Call|_test_sink|0|formal(arg):e8abf0f1dfc6ba5fe6137f4ed58f040a" + ] } } { @@ -1270,7 +1294,10 @@ ] } ], - "features": [ { "always-via": "special_sink" } ] + "features": [ { "always-via": "special_sink" } ], + "master_handles": [ + "model_query_parameters_where.test6_alarm1:1000:0:Call|_test_sink|0|formal(arg):efb406260b6f79b2a9a8a98afbfaf48b" + ] } } { @@ -1365,7 +1392,10 @@ ] } ], - "features": [ { "always-via": "special_sink" } ] + "features": [ { "always-via": "special_sink" } ], + "master_handles": [ + "model_query_parameters_where.test6_alarm2:1000:0:Call|_test_sink|0|formal(arg):ab5c9ddf476fdd58b2bd5b1513b34951" + ] } } { @@ -1544,7 +1574,10 @@ ] } ], - "features": [ { "always-via": "special_sink" } ] + "features": [ { "always-via": "special_sink" } ], + "master_handles": [ + "model_query_parameters_where.test8_alarm1:1000:0:Call|_test_sink|0|formal(arg):cfd8852d4263307bc7ab1819d196d19f" + ] } } { @@ -1647,7 +1680,10 @@ ] } ], - "features": [ { "always-via": "special_sink" } ] + "features": [ { "always-via": "special_sink" } ], + "master_handles": [ + "model_query_parameters_where.test8_alarm2:1000:0:Call|_test_sink|0|formal(arg):811812d0aa2679295cd060e89c1a60a3" + ] } } { @@ -1750,7 +1786,10 @@ ] } ], - "features": [ { "always-via": "special_sink" } ] + "features": [ { "always-via": "special_sink" } ], + "master_handles": [ + "model_query_parameters_where.test8_alarm3:1000:0:Call|_test_sink|0|formal(arg):2a01a3ea762199552d41a5678b384117" + ] } } { @@ -1853,7 +1892,10 @@ ] } ], - "features": [ { "always-via": "special_sink" } ] + "features": [ { "always-via": "special_sink" } ], + "master_handles": [ + "model_query_parameters_where.test8_alarm4:1000:0:Call|_test_sink|0|formal(arg):0822ca2a1636017667e0199ed28044b5" + ] } } { diff --git a/source/interprocedural_analyses/taint/test/integration/model_query_transitive_extends.py.models b/source/interprocedural_analyses/taint/test/integration/model_query_transitive_extends.py.models index d5fa19acaf6..c952eab5238 100644 --- a/source/interprocedural_analyses/taint/test/integration/model_query_transitive_extends.py.models +++ b/source/interprocedural_analyses/taint/test/integration/model_query_transitive_extends.py.models @@ -53,7 +53,10 @@ ] } ], - "features": [ { "always-via": "special_source" } ] + "features": [ { "always-via": "special_source" } ], + "master_handles": [ + "model_query_transitive_extends.test2_alarm1:5002:0:Call|model_query_transitive_extends.Test2_D.foo|0|formal(attribute):6bcbf812a068cebc047cbcbff953ae6a" + ] } } { @@ -474,7 +477,10 @@ ] } ], - "features": [ { "always-via": "special_sink" } ] + "features": [ { "always-via": "special_sink" } ], + "master_handles": [ + "model_query_transitive_extends.test1_alarm1:5002:0:Call|_test_sink|0|formal(arg):d7076c5599d9346cb254702aca62ca8a" + ] } } { @@ -566,7 +572,10 @@ ] } ], - "features": [ { "always-via": "special_sink" } ] + "features": [ { "always-via": "special_sink" } ], + "master_handles": [ + "model_query_transitive_extends.test1_alarm2:5002:0:Call|_test_sink|0|formal(arg):0dba02726232ed3eb66caff54e15ece8" + ] } } { @@ -662,7 +671,10 @@ ] } ], - "features": [ { "always-via": "special_sink" } ] + "features": [ { "always-via": "special_sink" } ], + "master_handles": [ + "model_query_transitive_extends.test1_alarm3:5002:0:Call|_test_sink|0|formal(arg):79cf0abf6a62591d8d4547fb1a0a4f4b" + ] } } { @@ -758,7 +770,10 @@ ] } ], - "features": [ { "always-via": "special_sink" } ] + "features": [ { "always-via": "special_sink" } ], + "master_handles": [ + "model_query_transitive_extends.test1_alarm4:5002:0:Call|_test_sink|0|formal(arg):4e1e9120bee89ad21dafd2b91c82331d" + ] } } { @@ -846,7 +861,10 @@ ] } ], - "features": [ { "always-via": "special_sink" } ] + "features": [ { "always-via": "special_sink" } ], + "master_handles": [ + "model_query_transitive_extends.test1_alarm5:5002:0:Call|_test_sink|0|formal(arg):35e29f46c439f3c7e95542f60de3cc0c" + ] } } { @@ -934,7 +952,10 @@ ] } ], - "features": [ { "always-via": "special_sink" } ] + "features": [ { "always-via": "special_sink" } ], + "master_handles": [ + "model_query_transitive_extends.test1_alarm6:5002:0:Call|_test_sink|0|formal(arg):8f20433d2d79bad30ba257a0ffc3dc2f" + ] } } { diff --git a/source/interprocedural_analyses/taint/test/integration/multi_sink_ports.py.models b/source/interprocedural_analyses/taint/test/integration/multi_sink_ports.py.models index 358c5c6bec7..b06b977cb1c 100644 --- a/source/interprocedural_analyses/taint/test/integration/multi_sink_ports.py.models +++ b/source/interprocedural_analyses/taint/test/integration/multi_sink_ports.py.models @@ -76,6 +76,9 @@ { "via": "tito" }, { "via": "split" }, { "always-via": "a_feature" } + ], + "master_handles": [ + "multi_sink_ports.issue:1111:0:Call|multi_sink_ports.wrapper|0|formal(x):8efc69c6c3477bb5d58cf2bcf92bf8cb" ] } } @@ -164,6 +167,9 @@ { "always-via": "issue-broadening" }, { "via": "split" }, { "always-via": "a_feature" } + ], + "master_handles": [ + "multi_sink_ports.issue2:1111:0:Call|multi_sink_ports.wrapper2|0|formal(x):4172744573c5aa281945f908403b12f8" ] } } diff --git a/source/interprocedural_analyses/taint/test/integration/multi_subkind.py.models b/source/interprocedural_analyses/taint/test/integration/multi_subkind.py.models index 5608323a015..c1f9b12936d 100644 --- a/source/interprocedural_analyses/taint/test/integration/multi_subkind.py.models +++ b/source/interprocedural_analyses/taint/test/integration/multi_subkind.py.models @@ -59,7 +59,10 @@ ] } ], - "features": [ { "has": "first-index" }, { "first-index": "b" } ] + "features": [ { "has": "first-index" }, { "first-index": "b" } ], + "master_handles": [ + "multi_subkind.issue:1000:0:Call|multi_subkind.multi_sink|0|formal(d):58ce21d125b38395a964fbad39de0b2d" + ] } } { @@ -122,7 +125,10 @@ ] } ], - "features": [ { "has": "first-index" }, { "first-index": "a" } ] + "features": [ { "has": "first-index" }, { "first-index": "a" } ], + "master_handles": [ + "multi_subkind.issue:1000:0:Call|multi_subkind.multi_sink|0|formal(d):58ce21d125b38395a964fbad39de0b2d" + ] } } { diff --git a/source/interprocedural_analyses/taint/test/integration/multiline.py.models b/source/interprocedural_analyses/taint/test/integration/multiline.py.models index 63c90d12e67..5ab908d99b5 100644 --- a/source/interprocedural_analyses/taint/test/integration/multiline.py.models +++ b/source/interprocedural_analyses/taint/test/integration/multiline.py.models @@ -61,6 +61,9 @@ { "always-via": "issue-broadening" }, { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "multiline.test:5002:0:Call|_test_sink|0|formal(arg):a72e59962d22f1b031fbba207867ea4e" ] } } diff --git a/source/interprocedural_analyses/taint/test/integration/multiple_sources.py.models b/source/interprocedural_analyses/taint/test/integration/multiple_sources.py.models index 06d7046110b..e6f6e8edf61 100644 --- a/source/interprocedural_analyses/taint/test/integration/multiple_sources.py.models +++ b/source/interprocedural_analyses/taint/test/integration/multiple_sources.py.models @@ -49,7 +49,10 @@ ] } ], - "features": [] + "features": [], + "master_handles": [ + "multiple_sources.combine_tainted_user_and_dangerous_vc:4321:0:Call|multiple_sources.Node.send|0|formal(vc):4b283006a4044ae3eb3809f82c65d061" + ] } } { @@ -102,7 +105,10 @@ ] } ], - "features": [] + "features": [], + "master_handles": [ + "multiple_sources.issue_with_test_a_and_b:4322:0:Call|multiple_sources.combines_tests_and_context|1|formal(vc):00952f5183650c224ff0c1236b161820" + ] } } { @@ -155,7 +161,10 @@ ] } ], - "features": [] + "features": [], + "master_handles": [ + "multiple_sources.issue_with_test_a_and_b:4322:0:Call|multiple_sources.combines_tests_and_context|0|formal(vc):2952b352e0a37aa627ef7429212a7ad1" + ] } } { @@ -218,7 +227,10 @@ ] } ], - "features": [] + "features": [], + "master_handles": [ + "multiple_sources.issue_with_triggered_context:4321:0:Call|multiple_sources.demonstrate_triggered_context|0|formal(vc):618ee3f551e51cbfdd4134288328fbfb" + ] } } { @@ -290,6 +302,9 @@ { "has": "first-index" }, { "first-index": "" }, { "always-via": "tito" } + ], + "master_handles": [ + "multiple_sources.issue_with_triggered_input:4321:0:Call|multiple_sources.demonstrate_triggered_input|0|formal(id):8a70cfef2676b9104e0817e743936160" ] } } diff --git a/source/interprocedural_analyses/taint/test/integration/named_tuples.py.models b/source/interprocedural_analyses/taint/test/integration/named_tuples.py.models index 4650a89b405..0f55fc311cd 100644 --- a/source/interprocedural_analyses/taint/test/integration/named_tuples.py.models +++ b/source/interprocedural_analyses/taint/test/integration/named_tuples.py.models @@ -70,6 +70,9 @@ { "always-via": "tito" }, { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "named_tuples.issue_with_bad:5002:0:Call|_test_sink|0|formal(arg):e89e0d97d39ad4c9aeffa0299b935629" ] } } @@ -144,6 +147,9 @@ { "always-via": "tito" }, { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "named_tuples.issue_with_inherited_named_tuple:5002:0:Call|_test_sink|0|formal(arg):7cc3bcce733ca7e014d258073ca4480f" ] } } @@ -211,7 +217,10 @@ ] } ], - "features": [ { "always-via": "special_source" } ] + "features": [ { "always-via": "special_source" } ], + "master_handles": [ + "named_tuples.issue_with_named_tuple_with_tainted_attribute:5002:0:Call|named_tuples.NamedTupleWithTaintedAttribute.__init__|0|formal(bad):977049b125c3b118003728cf9b7cfb27" + ] } } { @@ -285,6 +294,9 @@ { "always-via": "tito" }, { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "named_tuples.issue_with_old_school_named_tuples:5002:0:Call|_test_sink|0|formal(arg):7c43f1a34913fb7584197322a7b4c82d" ] } } diff --git a/source/interprocedural_analyses/taint/test/integration/nested_callables.py.models b/source/interprocedural_analyses/taint/test/integration/nested_callables.py.models index 781de0b6925..699716eaf72 100644 --- a/source/interprocedural_analyses/taint/test/integration/nested_callables.py.models +++ b/source/interprocedural_analyses/taint/test/integration/nested_callables.py.models @@ -66,6 +66,9 @@ { "always-type": "scalar" }, { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "nested_callables.call_outer:5002:0:Call|nested_callables.outer|0|formal(x):f11ac69d012c226b17ae3bfe0e513454" ] } } @@ -125,6 +128,9 @@ "features": [ { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "nested_callables.foo.inner:5002:0:Call|_test_sink|0|formal(arg):f7ce9d0bca257e1b331966a0adc7a221" ] } } diff --git a/source/interprocedural_analyses/taint/test/integration/obscure_models.py.models b/source/interprocedural_analyses/taint/test/integration/obscure_models.py.models index 9b9100e13eb..5eb7e8e0f2c 100644 --- a/source/interprocedural_analyses/taint/test/integration/obscure_models.py.models +++ b/source/interprocedural_analyses/taint/test/integration/obscure_models.py.models @@ -472,6 +472,9 @@ { "always-via": "special_source" }, { "always-via": "a_feature" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "obscure_models.test_obscure_with_tito:5002:0:Call|_test_sink|0|formal(arg):92ad60b8a716874f6e42658a1c86185f" ] } } diff --git a/source/interprocedural_analyses/taint/test/integration/optionals.py.models b/source/interprocedural_analyses/taint/test/integration/optionals.py.models index 73c139147ab..203778823fa 100644 --- a/source/interprocedural_analyses/taint/test/integration/optionals.py.models +++ b/source/interprocedural_analyses/taint/test/integration/optionals.py.models @@ -60,6 +60,9 @@ "features": [ { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "optionals.test:5002:0:Call|optionals.Client.offer|0|formal(message):d287521289e8aa5bd054cffb5eb9cd7a" ] } } diff --git a/source/interprocedural_analyses/taint/test/integration/overrides.py.models b/source/interprocedural_analyses/taint/test/integration/overrides.py.models index ac5f277d34c..ff8a7c140ef 100644 --- a/source/interprocedural_analyses/taint/test/integration/overrides.py.models +++ b/source/interprocedural_analyses/taint/test/integration/overrides.py.models @@ -65,6 +65,9 @@ "features": [ { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "overrides.testB:5002:0:Call|Ovr{overrides.B::classMethod}|0|formal(arg):6f1d11d7c4a41b6e328306c71bbef469" ] } } @@ -134,6 +137,9 @@ "features": [ { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "overrides.testB:5002:0:Call|Ovr{overrides.C::methodA}|0|formal(arg):675e80aeedecf222fa5a8611235983f4" ] } } @@ -203,6 +209,9 @@ "features": [ { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "overrides.testBase:5002:0:Call|Ovr{overrides.Base::classMethod}|0|formal(arg):c37983e035a1210aaac892e62de94067" ] } } @@ -272,6 +281,9 @@ "features": [ { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "overrides.testBase:5002:0:Call|Ovr{overrides.Base::methodA}|0|formal(arg):23ebf2d57da4ec32ed0bc3402f1e99d5" ] } } @@ -361,6 +373,9 @@ "features": [ { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "overrides.testC:5002:0:Call|Ovr{overrides.C::methodA}|0|formal(arg):8a3b19b30dfe7ca6a395cffeeafa0106" ] } } @@ -430,6 +445,9 @@ "features": [ { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "overrides.testD:5002:0:Call|Ovr{overrides.D::methodA}|0|formal(arg):11322891bb86e5e6e9429c9b184f3f21" ] } } @@ -499,6 +517,9 @@ "features": [ { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "overrides.testStaticB:5002:0:Call|overrides.B.classMethod|0|formal(arg):f2a01ecb9eb94ec06558f106bda300c4" ] } } diff --git a/source/interprocedural_analyses/taint/test/integration/parametric_models.py.models b/source/interprocedural_analyses/taint/test/integration/parametric_models.py.models index 48bd9a5c881..0a15ab09666 100644 --- a/source/interprocedural_analyses/taint/test/integration/parametric_models.py.models +++ b/source/interprocedural_analyses/taint/test/integration/parametric_models.py.models @@ -64,7 +64,10 @@ ] } ], - "features": [] + "features": [], + "master_handles": [ + "parametric_models.f_and_g_to_test:7001:0:Call|parametric_models.sink|0|formal(x):990aa6fcb5124df94578025a4ac071d4" + ] } } { @@ -130,7 +133,10 @@ ] } ], - "features": [ { "always-via": "special_source" } ] + "features": [ { "always-via": "special_source" } ], + "master_handles": [ + "parametric_models.test_to_subkind_sink:7002:0:Call|parametric_models.inferred_sink|0|formal(x):dab13191364556881466b8c4df42a47b" + ] } } { diff --git a/source/interprocedural_analyses/taint/test/integration/partial.py.models b/source/interprocedural_analyses/taint/test/integration/partial.py.models index d7119e2ae14..e40fcd5c92e 100644 --- a/source/interprocedural_analyses/taint/test/integration/partial.py.models +++ b/source/interprocedural_analyses/taint/test/integration/partial.py.models @@ -60,6 +60,9 @@ "features": [ { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "partial.multiprocessing_tainted:5002:0:Call|partial.a_flows_to_sink|0|formal(a):869b7105b8715dde7f3556295c7b0a37" ] } } @@ -124,6 +127,9 @@ "features": [ { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "partial.partial_application_with_named_a:5002:0:Call|partial.a_flows_to_sink|0|formal(a):34f14ddc9c6c4fdbf4096df1ebd4bac1" ] } } @@ -188,6 +194,9 @@ "features": [ { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "partial.partial_application_with_tainted:5002:0:Call|partial.a_flows_to_sink|0|formal(a):8a950369a943dc22b133a84f5fecfcfc" ] } } diff --git a/source/interprocedural_analyses/taint/test/integration/port.py.models b/source/interprocedural_analyses/taint/test/integration/port.py.models index 1f057f25f68..23338827f1d 100644 --- a/source/interprocedural_analyses/taint/test/integration/port.py.models +++ b/source/interprocedural_analyses/taint/test/integration/port.py.models @@ -65,6 +65,9 @@ "features": [ { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "port.match_flows:5002:0:Call|port.sink_field|0|formal(arg):0aa7e5a2830e39fae8409f8982e2230c" ] } } @@ -140,6 +143,9 @@ { "first-index": "" }, { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "port.match_star_arg_directly:5002:0:Call|port.star_arg_wrapper|0|formal(*rest0):567c174a993cd37392a220794cdc3456" ] } } @@ -215,6 +221,9 @@ { "first-index": "" }, { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "port.match_star_arg_with_star:5002:0:Call|port.star_arg_wrapper|0|formal(*rest0):7d80386b4e2b2584ff7801d13aff8e44" ] } } @@ -290,6 +299,9 @@ { "first-index": "arg" }, { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "port.match_star_star_arg_directly:5002:0:Call|port.star_star_arg_wrapper|0|formal(**kw):d69dca21ec2bc2b20878ed87871d012b" ] } } @@ -365,6 +377,9 @@ { "first-index": "arg" }, { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "port.match_star_star_arg_with_star:5002:0:Call|port.star_star_arg_wrapper|0|formal(**kw):cef5bd5ded9b7b5e37110897f64b4afa" ] } } @@ -429,6 +444,9 @@ "features": [ { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "port.refer_to_method_as_field:5002:0:Call|_test_sink|0|formal(arg):c7a47913d9f1119ff23e07d044bbf466" ] } } diff --git a/source/interprocedural_analyses/taint/test/integration/properties.py.models b/source/interprocedural_analyses/taint/test/integration/properties.py.models index a4c10e9de8d..c2b58474b42 100644 --- a/source/interprocedural_analyses/taint/test/integration/properties.py.models +++ b/source/interprocedural_analyses/taint/test/integration/properties.py.models @@ -62,6 +62,9 @@ "features": [ { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "properties.TaintedGetterAndSetter.writes_to_property:5002:0:Call|Ovr{properties.TaintedGetterAndSetter::my_property$setter}|0|formal(value):529f1f15dcffe6e1d29083e68d97703e" ] } } @@ -130,6 +133,9 @@ { "always-via": "tito" }, { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "properties.property_setter_in_constructor:5002:0:Call|_test_sink|1|formal(arg):defd41b52fc690af796fbfb7598f009e" ] } } @@ -195,6 +201,9 @@ { "always-via": "tito" }, { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "properties.property_setter_in_constructor:5002:0:Call|_test_sink|0|formal(arg):845e2aa22281119cb404609f236231fd" ] } } @@ -261,6 +270,9 @@ "features": [ { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "properties.sets_tainted_value:5002:0:Call|Ovr{properties.TaintedGetterAndSetter::my_property$setter}|0|formal(value):13502aa3c8befe2e0aa7197e58eacdba" ] } } @@ -326,6 +338,9 @@ { "always-via": "tito" }, { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "properties.setters_are_simulated:5002:0:Call|_test_sink|1|formal(arg):e4e70b1b6432ccfbd85c1fb3abda4447" ] } } @@ -387,6 +402,9 @@ "features": [ { "always-via": "string_concat_lhs" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "properties.test_issue_in_class_property:5002:0:Call|_test_sink|0|formal(arg):1a2e137cd8ae4f99010605f61714a8fa" ] } } @@ -451,6 +469,9 @@ "features": [ { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "properties.test_property_callable:5002:0:Call|properties.PropertyCallableReturn.__call__|0|formal(y):f96f011397bf0667e304185f48e37aee" ] } } @@ -518,6 +539,9 @@ { "always-via": "tito" }, { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "properties.test_property_callable:5002:0:Call|properties.PropertyCallable.attribute|0|formal(self):22359ed2d4ad35d3c5f1cebbdbd55bac" ] } } @@ -591,6 +615,9 @@ { "always-via": "tito" }, { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "properties.test_property_callable:5002:0:Call|properties.PropertyCallableReturn.__call__|0|formal(self):4eec40b251db6623ac7b4f3ccb768535" ] } } @@ -2261,7 +2288,10 @@ ] } ], - "features": [ { "always-via": "special_sink" } ] + "features": [ { "always-via": "special_sink" } ], + "master_handles": [ + "properties.test_getattr_on_property:5002:0:Call|_test_sink|0|formal(arg):60a27373df088c4c8387ccc58a288e6e" + ] } } { @@ -2393,7 +2423,10 @@ ] } ], - "features": [ { "always-via": "special_sink" } ] + "features": [ { "always-via": "special_sink" } ], + "master_handles": [ + "properties.test_union_property_attribute_sink:5002:0:Call|_test_sink|0|formal(arg):c04eeb503daa467fcf4c551c94c4c965" + ] } } { @@ -2518,6 +2551,9 @@ { "always-via": "issue-broadening" }, { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "properties.test_union_property_attribute_source:5002:0:Call|properties.TaintedGetterAndSetter.my_property|0|formal(self):4f3c9a7a74d36807f13db93da639a40f" ] } } diff --git a/source/interprocedural_analyses/taint/test/integration/recognized_callable_targets.py.models b/source/interprocedural_analyses/taint/test/integration/recognized_callable_targets.py.models index dc6052a99d8..5cf411e82b7 100644 --- a/source/interprocedural_analyses/taint/test/integration/recognized_callable_targets.py.models +++ b/source/interprocedural_analyses/taint/test/integration/recognized_callable_targets.py.models @@ -62,6 +62,9 @@ "features": [ { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "recognized_callable_targets.test_callable_target:5002:0:Call|recognized_callable_targets.callable_target|0|formal(arg):96a68efba06c1ca00a68e072416f925f" ] } } diff --git a/source/interprocedural_analyses/taint/test/integration/remote_code_execution.py.models b/source/interprocedural_analyses/taint/test/integration/remote_code_execution.py.models index 2b23d50b033..760cf8a9b2e 100644 --- a/source/interprocedural_analyses/taint/test/integration/remote_code_execution.py.models +++ b/source/interprocedural_analyses/taint/test/integration/remote_code_execution.py.models @@ -51,6 +51,9 @@ ] } ], - "features": [] + "features": [], + "master_handles": [ + "remote_code_execution.rce_problem:5001:0:Call|eval|0|formal(arg):ed84aec82b00e80f14a8f4828907cb17" + ] } } diff --git a/source/interprocedural_analyses/taint/test/integration/rule.py.models b/source/interprocedural_analyses/taint/test/integration/rule.py.models index 2a1ca3e3f52..5537e3ff3c7 100644 --- a/source/interprocedural_analyses/taint/test/integration/rule.py.models +++ b/source/interprocedural_analyses/taint/test/integration/rule.py.models @@ -47,7 +47,10 @@ ] } ], - "features": [] + "features": [], + "master_handles": [ + "rule.alarm:5999:0:Call|rule.sink|0|formal(x):076d2475a85306067a619d027c5f3f05" + ] } } { diff --git a/source/interprocedural_analyses/taint/test/integration/sanitize.py.models b/source/interprocedural_analyses/taint/test/integration/sanitize.py.models index cc0fbd4637e..7e09fda52d1 100644 --- a/source/interprocedural_analyses/taint/test/integration/sanitize.py.models +++ b/source/interprocedural_analyses/taint/test/integration/sanitize.py.models @@ -56,7 +56,10 @@ ] } ], - "features": [ { "always-via": "special_sink" } ] + "features": [ { "always-via": "special_sink" } ], + "master_handles": [ + "sanitize.issue_propagation_of_sanitize_all_parameters_no_user_controlled:1000:0:Call|sanitize.propagation_of_sanitize_all_parameters_no_user_controlled|0|formal(x):b75f37e6531a692f62a8eaa584c2ec08" + ] } } { @@ -119,7 +122,10 @@ ] } ], - "features": [ { "always-via": "tito" } ] + "features": [ { "always-via": "tito" } ], + "master_handles": [ + "sanitize.issue_propagation_of_sanitize_parameter_no_sql_tito_in_source_trace:1000:0:Call|_rce|0|formal(argument):687b5173c87b17e0acfc721d005ea6a8" + ] } } { @@ -178,7 +184,10 @@ ] } ], - "features": [] + "features": [], + "master_handles": [ + "sanitize.issue_propagation_of_sanitize_parameter_no_user_controlled:1000:0:Call|sanitize.propagation_of_sanitize_parameter_no_user_controlled|0|formal(b):8dce41020019b004abc550be0c8e65e2" + ] } } { @@ -238,7 +247,10 @@ ] } ], - "features": [ { "always-via": "tito" } ] + "features": [ { "always-via": "tito" } ], + "master_handles": [ + "sanitize.issue_propagation_of_sanitize_parameter_no_user_controlled_tito_in_sink_trace:1000:0:Call|sanitize.propagation_of_sanitize_parameter_no_user_controlled_tito_in_sink_trace|0|formal(x):72c9cb9df7e6450f9380ee8c7cd20a37" + ] } } { @@ -301,7 +313,10 @@ ] } ], - "features": [ { "always-via": "tito" } ] + "features": [ { "always-via": "tito" } ], + "master_handles": [ + "sanitize.issue_propagation_of_sanitize_return_no_sql_in_source_trace:1000:0:Call|_rce|0|formal(argument):c36524d4a7d40d87a009cbbf2d35f649" + ] } } { @@ -370,6 +385,9 @@ "features": [ { "always-via": "tito" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "sanitize.issue_sanitize_test_a_source_attribute_in_sink_trace:1000:0:Call|sanitize.sanitize_test_a_source_attribute_in_sink_trace|0|formal(x):807f91dcca4f60c817ce767e8862c493" ] } } @@ -426,7 +444,10 @@ ] } ], - "features": [] + "features": [], + "master_handles": [ + "sanitize.issue_propagation_of_sanitize_return_no_rce:1000:0:Call|_sql|0|formal(argument):9ec0e6a1cdda39553423a67f8749b562" + ] } } { @@ -496,6 +517,9 @@ { "has": "first-field" }, { "first-field": "attribute" }, { "always-via": "tito" } + ], + "master_handles": [ + "sanitize.issue_sanitize_a_sink_attribute_in_source_trace:1000:0:Call|sanitize.b_sink|0|formal(x):7686a72c71228c29d0906b9abcaafd0d" ] } } @@ -556,7 +580,10 @@ ] } ], - "features": [ { "always-via": "special_source" } ] + "features": [ { "always-via": "special_source" } ], + "master_handles": [ + "sanitize.sanitize_test_a_sink_attribute:1000:0:Call|sanitize.sanitize_a_sink_attribute|0|formal(c):f5e38016e7e68c070cd86aa484e6d0ce" + ] } } { @@ -616,7 +643,10 @@ ] } ], - "features": [ { "always-via": "special_source" } ] + "features": [ { "always-via": "special_source" } ], + "master_handles": [ + "sanitize.sanitize_test_a_sink_instance:1000:0:Call|sanitize.sanitize_a_sink_instance|0|formal(c):bc700707d83559854382e8bf695a11dc" + ] } } { @@ -682,6 +712,9 @@ { "first-field": "attribute" }, { "always-via": "tito" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "sanitize.sanitize_test_a_source_attribute:1000:0:Call|_test_sink|0|formal(arg):7cf279501d48a6922a15112fda44e69a" ] } } @@ -748,6 +781,9 @@ { "first-field": "instance" }, { "always-via": "tito" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "sanitize.sanitize_test_a_source_instance:1000:0:Call|_test_sink|0|formal(arg):4d775a95a91ae016f99f4813bdd80989" ] } } @@ -807,7 +843,10 @@ ] } ], - "features": [ { "always-via": "special_sink" } ] + "features": [ { "always-via": "special_sink" } ], + "master_handles": [ + "sanitize.sanitize_test_ab_sources_attribute:1000:0:Call|_test_sink|0|formal(arg):38452faed7dd8a226475656fd4db7a59" + ] } } { @@ -864,7 +903,10 @@ ] } ], - "features": [ { "always-via": "special_sink" } ] + "features": [ { "always-via": "special_sink" } ], + "master_handles": [ + "sanitize.sanitize_test_ab_sources_instance:1000:0:Call|_test_sink|0|formal(arg):4edd9983bb03615959969b8fc84cd29f" + ] } } { @@ -921,7 +963,10 @@ ] } ], - "features": [ { "always-via": "special_source" } ] + "features": [ { "always-via": "special_source" } ], + "master_handles": [ + "sanitize.sanitize_test_all_sinks_attribute:1000:0:Global|Obj{sanitize.C_sanitized_all_sinks.attribute}|0:0289f565d4809cd72569ae4d0e5ac86b" + ] } } { @@ -978,7 +1023,10 @@ ] } ], - "features": [ { "always-via": "special_source" } ] + "features": [ { "always-via": "special_source" } ], + "master_handles": [ + "sanitize.sanitize_test_all_sinks_instance:1000:0:Global|Obj{sanitize.C_sanitized_all_sinks.instance}|0:5b9ff058a828c7ef795feedb702523f9" + ] } } { @@ -1038,7 +1086,10 @@ ] } ], - "features": [ { "always-via": "special_source" } ] + "features": [ { "always-via": "special_source" } ], + "master_handles": [ + "sanitize.sanitize_test_b_sink_attribute:1000:0:Call|sanitize.sanitize_b_sink_attribute|0|formal(c):f22f651b9c14ec23512c5b0b363404bc" + ] } } { @@ -1098,7 +1149,10 @@ ] } ], - "features": [ { "always-via": "special_source" } ] + "features": [ { "always-via": "special_source" } ], + "master_handles": [ + "sanitize.sanitize_test_b_sink_instance:1000:0:Call|sanitize.sanitize_b_sink_instance|0|formal(c):cce981ebc6d16e96b7bfa28e230598dd" + ] } } { @@ -1164,6 +1218,9 @@ { "first-field": "attribute" }, { "always-via": "tito" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "sanitize.sanitize_test_b_source_attribute:1000:0:Call|_test_sink|0|formal(arg):c9287a2192ebb69f44c803599227303b" ] } } @@ -1230,6 +1287,9 @@ { "first-field": "instance" }, { "always-via": "tito" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "sanitize.sanitize_test_b_source_instance:1000:0:Call|_test_sink|0|formal(arg):693b78211926f9ba8005843bc962d801" ] } } @@ -1289,7 +1349,10 @@ ] } ], - "features": [] + "features": [], + "master_handles": [ + "sanitize.test4:1000:0:Call|sanitize.sanitize_a_source_tito_with_sink|0|formal(x):dec4d336c24b1bea188695e93ef685f3" + ] } } { diff --git a/source/interprocedural_analyses/taint/test/integration/select.py.models b/source/interprocedural_analyses/taint/test/integration/select.py.models index 04968ea314d..792c3369a7a 100644 --- a/source/interprocedural_analyses/taint/test/integration/select.py.models +++ b/source/interprocedural_analyses/taint/test/integration/select.py.models @@ -243,6 +243,9 @@ { "has": "first-index" }, { "first-index": "payload" }, { "always-via": "tito" } + ], + "master_handles": [ + "select.return_is_RCE:5001:0:Return:75714e82b1119786167df4c408a8f7c4" ] } } @@ -337,7 +340,10 @@ ] } ], - "features": [ { "has": "first-field" }, { "first-field": "payload" } ] + "features": [ { "has": "first-field" }, { "first-field": "payload" } ], + "master_handles": [ + "select.view_entry_field:5001:0:Call|eval|0|formal(arg):164dcdb169663c76cefeb4fd4eb5fb86" + ] } } { @@ -435,6 +441,9 @@ { "has": "first-index" }, { "first-index": "payload" }, { "always-via": "tito" } + ], + "master_handles": [ + "select.view_entry_get:5001:0:Call|eval|0|formal(arg):7b1a3d8fd4bd2ae19d8c755f3b339d00" ] } } @@ -540,6 +549,9 @@ { "first-index": "payload" }, { "has": "first-field" }, { "first-field": "GET" } + ], + "master_handles": [ + "select.view_entry_index:5001:0:Call|eval|0|formal(arg):d2317d02e768fc9f4945b5d8852e4363" ] } } diff --git a/source/interprocedural_analyses/taint/test/integration/source_sink_flow.py.models b/source/interprocedural_analyses/taint/test/integration/source_sink_flow.py.models index b46bf55a1f5..ca5f6b9a39f 100644 --- a/source/interprocedural_analyses/taint/test/integration/source_sink_flow.py.models +++ b/source/interprocedural_analyses/taint/test/integration/source_sink_flow.py.models @@ -65,6 +65,9 @@ "features": [ { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "source_sink_flow.match_flows:5002:0:Call|source_sink_flow.bad|0|formal(arg):ee668a40093f74b91027413eca9a3ce0" ] } } diff --git a/source/interprocedural_analyses/taint/test/integration/starred.py.models b/source/interprocedural_analyses/taint/test/integration/starred.py.models index 4370a16a529..5eb4a7fbff8 100644 --- a/source/interprocedural_analyses/taint/test/integration/starred.py.models +++ b/source/interprocedural_analyses/taint/test/integration/starred.py.models @@ -66,6 +66,9 @@ { "always-via": "issue-broadening" }, { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "starred.test:5002:0:Call|starred.sink|0|formal(json):8538465db4f4e25b5ece27d2df9242f2" ] } } diff --git a/source/interprocedural_analyses/taint/test/integration/static_methods.py.models b/source/interprocedural_analyses/taint/test/integration/static_methods.py.models index dc1fd913c7a..3d084d2a1f8 100644 --- a/source/interprocedural_analyses/taint/test/integration/static_methods.py.models +++ b/source/interprocedural_analyses/taint/test/integration/static_methods.py.models @@ -60,6 +60,9 @@ "features": [ { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "static_methods.run_test:5002:0:Call|static_methods.test|0|formal(source):e6558cd7986087b61e1685d8bafe03e4" ] } } diff --git a/source/interprocedural_analyses/taint/test/integration/string_conversion.py.models b/source/interprocedural_analyses/taint/test/integration/string_conversion.py.models index af37a39ba48..d88fa3aca9b 100644 --- a/source/interprocedural_analyses/taint/test/integration/string_conversion.py.models +++ b/source/interprocedural_analyses/taint/test/integration/string_conversion.py.models @@ -60,7 +60,10 @@ ] } ], - "features": [ { "has": "first-index" }, { "first-index": "tainted" } ] + "features": [ { "has": "first-index" }, { "first-index": "tainted" } ], + "master_handles": [ + "string_conversion.repr_is_tainted:5001:0:Call|eval|0|formal(arg):23d81ad7230b52543f70b3bba37a8ce6" + ] } } { @@ -124,7 +127,10 @@ ] } ], - "features": [ { "has": "first-index" }, { "first-index": "tainted" } ] + "features": [ { "has": "first-index" }, { "first-index": "tainted" } ], + "master_handles": [ + "string_conversion.str_falls_back_to_repr:5001:0:Call|eval|0|formal(arg):8fae9955ef2804b3e7cdc1b6da3bd8bf" + ] } } { @@ -188,7 +194,10 @@ ] } ], - "features": [ { "has": "first-index" }, { "first-index": "tainted" } ] + "features": [ { "has": "first-index" }, { "first-index": "tainted" } ], + "master_handles": [ + "string_conversion.str_is_tainted:5001:0:Call|eval|0|formal(arg):7870f312970ef68ef994d2b872d99ad2" + ] } } { diff --git a/source/interprocedural_analyses/taint/test/integration/strings.py.models b/source/interprocedural_analyses/taint/test/integration/strings.py.models index 5f8caef6bcd..05a7f294311 100644 --- a/source/interprocedural_analyses/taint/test/integration/strings.py.models +++ b/source/interprocedural_analyses/taint/test/integration/strings.py.models @@ -62,6 +62,9 @@ { "always-via": "tito" }, { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "strings.bad_1:5002:0:Call|_test_sink|0|formal(arg):9374fc8a8cb1be75930cf176292d491b" ] } } @@ -128,6 +131,9 @@ { "always-via": "tito" }, { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "strings.bad_2:5002:0:Call|_test_sink|0|formal(arg):8a88866aec2c37a9b55000f2781ba890" ] } } @@ -215,6 +221,9 @@ { "always-via": "tito" }, { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "strings.either:5002:0:Call|_test_sink|0|formal(arg):66d28ba04f85ddfe00f2392ff53ff9a5" ] } } @@ -296,6 +305,9 @@ { "via": "tito" }, { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "strings.maybe_lhs:5002:0:Call|_test_sink|0|formal(arg):3407bb568c3164f7884d70dd2c73f63d" ] } } @@ -377,6 +389,9 @@ { "via": "tito" }, { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "strings.maybe_rhs:5002:0:Call|_test_sink|0|formal(arg):a49a7406fb24e2fd499b036831901f9d" ] } } @@ -443,6 +458,9 @@ { "always-via": "tito" }, { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "strings.through_iadd:5002:0:Call|_test_sink|0|formal(arg):2e73aa579eafd32fe25063c5c69e1bb6" ] } } diff --git a/source/interprocedural_analyses/taint/test/integration/supers.py.models b/source/interprocedural_analyses/taint/test/integration/supers.py.models index 3e812fabc6f..9d3cf74003b 100644 --- a/source/interprocedural_analyses/taint/test/integration/supers.py.models +++ b/source/interprocedural_analyses/taint/test/integration/supers.py.models @@ -65,6 +65,9 @@ "features": [ { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "supers.B.g4:5002:0:Call|supers.B.f5|0|formal(x):2d4b1bc6d721a1e484a34d0e7dafabcb" ] } } @@ -134,6 +137,9 @@ "features": [ { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "supers.attribute_B_not_overwritten:5002:0:Call|Ovr{supers.B::g1}|0|formal(self):0086033306352f8790c5fdab7be5aab9" ] } } @@ -203,6 +209,9 @@ "features": [ { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "supers.attribute_C_not_overwritten:5002:0:Call|Ovr{supers.C::g1}|0|formal(self):4a31e44da11c02f9167dac9709b76bfc" ] } } @@ -272,6 +281,9 @@ "features": [ { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "supers.attribute_D_not_overwritten:5002:0:Call|supers.D.g1|0|formal(self):4efab0cd3bce52ce9554d5d4b7dd38a8" ] } } @@ -918,6 +930,9 @@ "features": [ { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "supers.B.g1:5002:0:Call|supers.A.f2|0|formal(x):bca647bf5e2ed5af745949c32f12e179" ] } } diff --git a/source/interprocedural_analyses/taint/test/integration/taint_broadening.py.models b/source/interprocedural_analyses/taint/test/integration/taint_broadening.py.models index 75308d4128d..d64ad3cd73c 100644 --- a/source/interprocedural_analyses/taint/test/integration/taint_broadening.py.models +++ b/source/interprocedural_analyses/taint/test/integration/taint_broadening.py.models @@ -61,6 +61,9 @@ { "always-via": "issue-broadening" }, { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "taint_broadening.issue_collapse:5002:0:Call|_test_sink|0|formal(arg):a8cad47527b963e7a61f7090ad8cea85" ] } } @@ -133,6 +136,9 @@ { "always-via": "broadening" }, { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "taint_broadening.tito_collapse_issue:5002:0:Call|_test_sink|0|formal(arg):138379028e02f0ac33c56db31dd10394" ] } } diff --git a/source/interprocedural_analyses/taint/test/integration/taint_in_taint_out.py.models b/source/interprocedural_analyses/taint/test/integration/taint_in_taint_out.py.models index f56bc688713..16856e0782a 100644 --- a/source/interprocedural_analyses/taint/test/integration/taint_in_taint_out.py.models +++ b/source/interprocedural_analyses/taint/test/integration/taint_in_taint_out.py.models @@ -66,6 +66,9 @@ { "always-via": "string_concat_lhs" }, { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "taint_in_taint_out.issue_with_indirect_sink_tito:5002:0:Call|taint_in_taint_out.adds_tito_with_indirect_sink|0|formal(src):2fbce496fb3c6d2b1ac7eb34c04a80c1" ] } } @@ -132,6 +135,9 @@ { "always-via": "tito" }, { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "taint_in_taint_out.test_always_via_feature:5002:0:Call|_test_sink|0|formal(arg):5f5be39770a875ee131d712a9575c6ec" ] } } @@ -202,6 +208,9 @@ { "always-via": "special_source" }, { "always-via": "obscure:unknown-callee" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "taint_in_taint_out.test_complex_evaluator:5002:0:Call|_test_sink|0|formal(arg):ab8fd57412bae9ae7f76b9d9e5b62315" ] } } @@ -270,6 +279,9 @@ { "always-via": "tito" }, { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "taint_in_taint_out.test_explicit_call_to_superclass:5002:0:Call|_test_sink|0|formal(arg):542fa2512fcbd87d221e85e3ff59321e" ] } } @@ -332,6 +344,9 @@ { "always-via": "tito" }, { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "taint_in_taint_out.test_simplified_evaluator:5002:0:Call|_test_sink|0|formal(arg):4ea1dfcb4011b7d278405c93836ee5d8" ] } } diff --git a/source/interprocedural_analyses/taint/test/integration/top_level.py.models b/source/interprocedural_analyses/taint/test/integration/top_level.py.models index 9fb1bd45e62..7ad857d5856 100644 --- a/source/interprocedural_analyses/taint/test/integration/top_level.py.models +++ b/source/interprocedural_analyses/taint/test/integration/top_level.py.models @@ -60,6 +60,9 @@ "features": [ { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "top_level.$toplevel:5002:0:Call|top_level.foo|0|formal(x):cafe6a91686adfadae5252ac54487cc6" ] } } @@ -119,6 +122,9 @@ "features": [ { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "top_level.$toplevel:5002:0:Call|_test_sink|0|formal(arg):b42fca11b7ca7b29d2700571455a4452" ] } } diff --git a/source/interprocedural_analyses/taint/test/integration/typed_dict.py.models b/source/interprocedural_analyses/taint/test/integration/typed_dict.py.models index f40b52e2a1e..d7e1c5d416e 100644 --- a/source/interprocedural_analyses/taint/test/integration/typed_dict.py.models +++ b/source/interprocedural_analyses/taint/test/integration/typed_dict.py.models @@ -61,6 +61,9 @@ { "first-index": "other" }, { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "typed_dict.test1:5002:0:Call|_test_sink|0|formal(arg):c875ea622fe903e7a600da63e42dfe95" ] } } @@ -126,6 +129,9 @@ { "first-index": "foo" }, { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "typed_dict.test2:5002:0:Call|_test_sink|0|formal(arg):fda65c046f1bb37701b522b30322979c" ] } } @@ -191,6 +197,9 @@ { "first-index": "foo" }, { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "typed_dict.test3:5002:0:Call|_test_sink|0|formal(arg):17f48812cb8cde7605fe95ac1ce94a5b" ] } } diff --git a/source/interprocedural_analyses/taint/test/integration/via_type_of.py.models b/source/interprocedural_analyses/taint/test/integration/via_type_of.py.models index cee2df15b60..96d036afde9 100644 --- a/source/interprocedural_analyses/taint/test/integration/via_type_of.py.models +++ b/source/interprocedural_analyses/taint/test/integration/via_type_of.py.models @@ -68,6 +68,9 @@ { "always-via": "tito" }, { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "via_type_of.test1_alarm1:5002:0:Call|_test_sink|0|formal(arg):84021beb941461f46bff03d5f6320a63" ] } } @@ -140,6 +143,9 @@ { "always-via": "tito" }, { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "via_type_of.test1_alarm2:5002:0:Call|_test_sink|0|formal(arg):c5e62df21b9f52d41e077ecd45041058" ] } } @@ -212,6 +218,9 @@ { "always-via": "tito" }, { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "via_type_of.test1_alarm3:5002:0:Call|_test_sink|0|formal(arg):c3a22b550b1bce255504232b46c70dfd" ] } } @@ -292,6 +301,9 @@ { "always-via": "tito" }, { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "via_type_of.test1_alarm4:5002:0:Call|_test_sink|0|formal(arg):161c34ee492bb5184ff61dc4b4ef4488" ] } } @@ -364,6 +376,9 @@ { "always-via": "special_source" }, { "always-via-type": "typing.Dict[str, int]" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "via_type_of.test2_alarm1:5002:0:Call|_test_sink|0|formal(arg):03554eacc5e7aaf97bf79d4e93bde458" ] } } @@ -436,6 +451,9 @@ { "always-via-type": "typing.List[str]" }, { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "via_type_of.test2_alarm2:5002:0:Call|_test_sink|0|formal(arg):593650efcf22864f5ed9e980fe27e124" ] } } @@ -508,6 +526,9 @@ { "always-via": "tito" }, { "always-via": "special_source" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "via_type_of.test2_alarm3:5002:0:Call|_test_sink|0|formal(arg):8c3a385098e581447c99ab71b387c352" ] } } @@ -588,6 +609,9 @@ { "always-via": "special_source" }, { "via-type": "typing.Dict[str, int]" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "via_type_of.test2_alarm4:5002:0:Call|_test_sink|0|formal(arg):adc30b327f877b06271e6820c612af79" ] } } @@ -647,6 +671,9 @@ "features": [ { "always-via-type": "unknown" }, { "always-via": "special_source" } + ], + "master_handles": [ + "via_type_of.test4_alarm1:5002:0:Global|Obj{via_type_of.Test4_C.x}|0:41ca3acd782afb59a1405c89c2e60829" ] } } @@ -706,6 +733,9 @@ "features": [ { "always-via": "special_source" }, { "always-via-type": "typing.Any" } + ], + "master_handles": [ + "via_type_of.test4_alarm2:5002:0:Global|Obj{via_type_of.Test4_C.y}|0:ea81938c19d7eab78fdc87f18911cf40" ] } } @@ -765,6 +795,9 @@ "features": [ { "always-via": "special_source" }, { "always-via-type": "object" } + ], + "master_handles": [ + "via_type_of.test4_alarm3:5002:0:Global|Obj{via_type_of.Test4_C.z}|0:4b23f9bb21ca50cda8dd7913a5684cab" ] } } @@ -1283,6 +1316,9 @@ "features": [ { "always-via-type": "typing.Dict[str, typing.List[int]]" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "via_type_of.test3_alarm1:5002:0:Call|_test_sink|0|formal(arg):9cd5545797a33e386c8fc53d1132d606" ] } } @@ -1372,6 +1408,9 @@ "features": [ { "always-via-type": "via_type_of.Test3_Foo" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "via_type_of.test3_alarm2:5002:0:Call|_test_sink|0|formal(arg):3c5f52d144592869c5b71e032a5ff6c1" ] } } @@ -1466,6 +1505,9 @@ "always-via-type": "typing.Annotated[typing.List[typing.List[str]]]" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "via_type_of.test3_alarm3:5002:0:Call|_test_sink|0|formal(arg):7d00be1390db8de85c3eb2bd4ef076b7" ] } } @@ -1634,6 +1676,9 @@ { "via-type": "typing.Annotated[typing.List[typing.List[str]]]" }, { "via-type": "typing.Dict[str, typing.List[int]]" }, { "always-via": "special_sink" } + ], + "master_handles": [ + "via_type_of.test3_alarm4:5002:0:Call|_test_sink|0|formal(arg):07f6d4c9d4378223ae1ed1984792a1bf" ] } }