How to handle java generics feature in taint analysis.

Question

How to handle java generics feature in taint analysis.

Spr1n9T1me opened this issue 7 months ago · 2 comments

Description

How should I handle java generics feature in taint analysis?
For example, if I want to use the extract() method below as the sink method, how should I write in taint-config.yml?

    public E extract(Object oTarget) {
        ValueExtractor[] aExtractor = this.getExtractors();
        int i = 0;
        for(int c = aExtractor.length; i < c && oTarget != null; ++i) {
           //...
        }

The return type of extract() is Java Generics E, and relevant content in taint-config.yml might be like:

sinks:
  - { method: "<com.tangosol.util.extractorChainedExtractor: E extract(java.lang.Object)>", index: 0 }

Is it reasonable for E or we have some solutions for it ?

Answer 1 · 2024-03-08T08:28:09.000Z

As a result of type erasure, you can use <com.tangosol.util.extractorChainedExtractor: java.lang.Object extract(java.lang.Object)> instead.

Answer 2 · 2024-03-08T10:39:23.000Z

It works! THX.