Merge pull request diffblue#278 from diffblue/marek/new_end_to_end_benchmark

New end to end benchmark

Author: smowton

regression/end_to_end/interprocedural00/build.xml

@@ -0,0 +1,29 @@
+<project name="interprocedural00" basedir="." default="jar">
+
+  <property name="root.dir"      value="./"/>
+  <property name="src.dir"       value="${root.dir}/src"/>
+  <property name="classes.dir"   value="${root.dir}/build"/>
+  <property name="install.dir"   value="${root.dir}/dist"/>
+
+  <target name="jar">
+    <antcall target="compile" />
+    <mkdir dir="${install.dir}"/>
+    <jar destfile="${install.dir}/interprocedural00.jar" basedir="${classes.dir}" />
+  </target>  
+  
+  <target name="compile">
+    <antcall target="clean" />
+    <mkdir dir="${classes.dir}"/>
+    <javac srcdir="${src.dir}" destdir="${classes.dir}" includeantruntime="false" debug="on">
+    </javac>
+  </target>
+
+  <target name="clean">
+    <delete dir="${classes.dir}"/>
+    <delete dir="${install.dir}"/>
+  </target>
+
+
+</project>
+
+

regression/end_to_end/interprocedural00/rules.json

@@ -0,0 +1,53 @@
+{
+  "namespace": "com.diffblue.security",
+  "rules":
+    [
+      {
+        "comment": "Obtaining a stream with potentially tainted data.",
+        "class": "Main",
+        "method": "getInStream:()LIStream;",
+        "result": {
+          "location": "returns",
+          "taint": "Tainted stream"
+        }
+      },
+      {
+        "comment": "Obtaining a vulnerable stream",
+        "class": "Main",
+        "method": "getOutStream:()LOStream;",
+        "result": {
+          "location": "returns",
+          "vulnerability": "Vulnerable stream"
+        }
+      },
+      {
+        "comment": "Read from tainted stream gives tainted string",
+        "class": "IStream",
+        "method": "read:(LData;)V",
+        "input": {
+          "location": "this",
+          "taint": "Tainted stream"
+        },
+        "result": {
+          "location": "arg1",
+          "taint": "Tainted data"
+        }
+      },
+      {
+        "comment": "Writing potentially tainted data to a vulnerable stream.",
+        "class": "OStream",
+        "method": "write:(LData;)V",
+        "input": {
+          "location": "arg1",
+          "taint": "Tainted data"
+        },
+        "sinkTarget": {
+          "location": "this",
+          "vulnerability": "Vulnerable stream"
+        },
+        "message": "Writing potentially tainted data to a vulnerable stream."
+      }
+    ]
+}
+
+

regression/end_to_end/interprocedural00/src/Main.java

@@ -0,0 +1,45 @@
+class Data {
+}
+
+class IStream {
+    public void read(Data d) {
+    }
+}
+
+class OStream {
+    public void write(Data d) {
+    }
+}
+
+public class Main {
+
+    public static IStream getInStream() {
+        return new IStream();
+    }
+
+    public static OStream getOutStream() {
+        return new OStream();
+    }
+    
+    public static Data getData() {
+        return new Data();
+    }
+    
+    private static void getBytes(Data data, IStream in) {
+        in.read(data);
+    }
+
+    private static void postBytes(Data data, OStream out) {
+        out.write(data);
+    }
+
+    public static void main() {
+        IStream in = getInStream();
+        OStream out = getOutStream();
+        Data d = getData();
+        getBytes(d, in);
+        postBytes(d, out);
+    }
+
+}
+

regression/end_to_end/interprocedural00/test_interprocedural00.py

@@ -0,0 +1,14 @@
+import regression.end_to_end.driver as pipeline_executor
+import os
+import subprocess
+
+
+def test_interprocedural00():
+    with pipeline_executor.working_dir(os.path.abspath(os.path.dirname(__file__))):
+        subprocess.call("ant")
+    traces = pipeline_executor.run_security_analyser_pipeline(
+        os.path.join("dist", "interprocedural00.jar"),
+        "rules.json",
+        os.path.realpath(os.path.dirname(__file__)))
+    assert traces.count_traces() == 1
+    assert traces.trace_exists("java::Main.postBytes:(LData;LOStream;)V", 33)