Merge pull request diffblue#49 from diffblue/updating_training_benchmarsk_PR

marek-trtik · web-flow · commit 705ed226bf57 · 2017-03-22T14:26:57.000Z
Update of training benchmarks (mostly requirements from the slicing).
diff --git a/regression/december_demo_sprint/.gitignore b/regression/december_demo_sprint/.gitignore
@@ -13,93 +13,126 @@ TRAINING/taint_traces_01/BENCHMARK/*
 TRAINING/taint_traces_01/BENCHMARK_EXT/*
 TRAINING/taint_traces_01/RESULTS.aux/*
 TRAINING/taint_traces_01/RESULTS/*
+TRAINING/taint_traces_01/TEMP/*
 TRAINING/taint_traces_02/APP/taint_traces_02/classes/*
 TRAINING/taint_traces_02/BENCHMARK/*
 TRAINING/taint_traces_02/BENCHMARK_EXT/*
 TRAINING/taint_traces_02/RESULTS.aux/*
 TRAINING/taint_traces_02/RESULTS/*
+TRAINING/taint_traces_02/TEMP/*
 TRAINING/taint_traces_03/APP/taint_traces_03/classes/*
 TRAINING/taint_traces_03/BENCHMARK/*
 TRAINING/taint_traces_03/BENCHMARK_EXT/*
 TRAINING/taint_traces_03/RESULTS.aux/*
 TRAINING/taint_traces_03/RESULTS/*
+TRAINING/taint_traces_03/TEMP/*
 TRAINING/taint_traces_04/APP/taint_traces_04/classes/*
 TRAINING/taint_traces_04/BENCHMARK/*
 TRAINING/taint_traces_04/BENCHMARK_EXT/*
 TRAINING/taint_traces_04/RESULTS.aux/*
 TRAINING/taint_traces_04/RESULTS/*
+TRAINING/taint_traces_04/TEMP/*
 TRAINING/taint_traces_05/APP/taint_traces_05/classes/*
 TRAINING/taint_traces_05/BENCHMARK/*
 TRAINING/taint_traces_05/BENCHMARK_EXT/*
 TRAINING/taint_traces_05/RESULTS.aux/*
 TRAINING/taint_traces_05/RESULTS/*
+TRAINING/taint_traces_05/TEMP/*
 TRAINING/taint_traces_06/APP/taint_traces_06/classes/*
 TRAINING/taint_traces_06/APP/taint_traces_06/*.bak
 TRAINING/taint_traces_06/BENCHMARK/*
 TRAINING/taint_traces_06/BENCHMARK_EXT/*
 TRAINING/taint_traces_06/RESULTS.aux/*
 TRAINING/taint_traces_06/RESULTS/*
+TRAINING/taint_traces_06/TEMP/*
 TOY_APPS/Fotoalbum/APP/Fotoalbum/*
 TOY_APPS/Fotoalbum/BENCHMARK/*
 TOY_APPS/Fotoalbum/BENCHMARK_EXT/*
 TOY_APPS/Fotoalbum/RESULTS.aux/*
 TOY_APPS/Fotoalbum/RESULTS/*
+TOY_APPS/Fotoalbum/TEMP/*
 TOY_APPS/mediaManager/APP/mediaManager/*
 TOY_APPS/mediaManager/BENCHMARK/*
 TOY_APPS/mediaManager/BENCHMARK_EXT/*
 TOY_APPS/mediaManager/RESULTS.aux/*
 TOY_APPS/mediaManager/RESULTS/*
+TOY_APPS/mediaManager/TEMP/*
 TOY_APPS/restaurant_chooser/APP/restaurant_chooser/*
 TOY_APPS/restaurant_chooser/BENCHMARK/*
 TOY_APPS/restaurant_chooser/BENCHMARK_EXT/*
 TOY_APPS/restaurant_chooser/RESULTS.aux/*
 TOY_APPS/restaurant_chooser/RESULTS/*
+TOY_APPS/restaurant_chooser/TEMP/*
 TOY_APPS/SuggestionBox/APP/SuggestionBox/*
 TOY_APPS/SuggestionBox/BENCHMARK/*
 TOY_APPS/SuggestionBox/BENCHMARK_EXT/*
 TOY_APPS/SuggestionBox/RESULTS.aux/*
 TOY_APPS/SuggestionBox/RESULTS/*
+TOY_APPS/SuggestionBox/TEMP/*
 Alfresco/APP/Alfresco/*
 Alfresco/BENCHMARK/*
 Alfresco/BENCHMARK_EXT/*
 Alfresco/RESULTS.aux/*
+Alfresco/RESULTS/*
+Alfresco/TEMP/*
 DSpace/APP/DSpace/*
 DSpace/BENCHMARK/*
 DSpace/BENCHMARK_EXT/*
 DSpace/RESULTS.aux/*
+DSpace/RESULTS/*
+DSpace/TEMP/*
 Encuestame/APP/Encuestame/*
 Encuestame/BENCHMARK/*
 Encuestame/BENCHMARK_EXT/*
 Encuestame/RESULTS.aux/*
+Encuestame/RESULTS/*
+Encuestame/TEMP/*
 Ginco/APP/Ginco/*
 Ginco/BENCHMARK/*
 Ginco/BENCHMARK_EXT/*
 Ginco/RESULTS.aux/*
+Ginco/RESULTS/*
+Ginco/TEMP/*
 jforum3/APP/jforum3/*
 jforum3/BENCHMARK/*
 jforum3/BENCHMARK_EXT/*
 jforum3/RESULTS.aux/*
+jforum3/RESULTS/*
+jforum3/TEMP/*
 Libresonic/APP/Libresonic/*
 Libresonic/BENCHMARK/*
 Libresonic/BENCHMARK_EXT/*
 Libresonic/RESULTS.aux/*
+Libresonic/RESULTS/*
+Libresonic/TEMP/*
 Onyx/APP/Onyx/*
 Onyx/BENCHMARK/*
 Onyx/BENCHMARK_EXT/*
 Onyx/RESULTS.aux/*
+Onyx/RESULTS/*
+Onyx/TEMP/*
 Openolat/APP/Openolat/*
 Openolat/BENCHMARK/*
 Openolat/BENCHMARK_EXT/*
 Openolat/RESULTS.aux/*
+Openolat/RESULTS/*
+Openolat/TEMP/*
 Red5/APP/Red5/*
 Red5/BENCHMARK/*
 Red5/BENCHMARK_EXT/*
 Red5/RESULTS.aux/*
+Red5/RESULTS/*
+Red5/TEMP/*
 Sakai/APP/Sakai/*
 Sakai/BENCHMARK/*
 Sakai/BENCHMARK_EXT/*
 Sakai/RESULTS.aux/*
+Sakai/RESULTS/*
+Sakai/TEMP/*
 SocialSDK/APP/SocialSDK/*
 SocialSDK/BENCHMARK/*
 SocialSDK/BENCHMARK_EXT/*
 SocialSDK/RESULTS.aux/*
+SocialSDK/RESULTS/*
+SocialSDK/TEMP/*
+
diff --git a/regression/december_demo_sprint/TRAINING/taint_traces_01/APP/roots.json b/regression/december_demo_sprint/TRAINING/taint_traces_01/APP/roots.json
@@ -1,5 +1,6 @@
 [
   "Main.foo",
-  "Main.bar"
+  "Main.bar",
+  "Main.test_stuff"
 ]
 
diff --git a/regression/december_demo_sprint/TRAINING/taint_traces_01/APP/rules.json b/regression/december_demo_sprint/TRAINING/taint_traces_01/APP/rules.json
@@ -1,6 +1,7 @@
 [
   {
     "comment": "A potentisally tained data were returned from the called function.",
+    "id": "Main.taint_source_X1_retval()->Integer",
     "class": "Main",
     "method": "taint_source_X1_retval:()I",
     "result": {
@@ -10,6 +11,7 @@
   },
   {
     "comment": "The return value from the sanitisation function is free from taint issues.",
+    "id": "Main.taint_sanitiser_X1_retval(Integer)->*",
     "class": "Main",
     "method": "taint_sanitiser_X1_retval:(I)I",
     "sanitizes": {
@@ -19,11 +21,12 @@
   },
   {
     "comment": "Writing a potentially tainted data into the output",
+    "id": "Main.taint_sink_X1_arg_0(Integer)",
     "class": "Main",
     "method": "taint_sink_X1_arg_0:(I)V",
     "sinkTarget": {
       "location": "arg0",
-      "taint": "<taint_source_X1_retval@Integer>"
+      "vulnerability": "<taint_source_X1_retval@Integer>"
     }
   }
 ]
diff --git a/regression/december_demo_sprint/TRAINING/taint_traces_01/APP/taint_traces_01/Main.java b/regression/december_demo_sprint/TRAINING/taint_traces_01/APP/taint_traces_01/Main.java
@@ -9,7 +9,6 @@ public static void  someMethodCaller() {
     Other.someMethodCaller(ptr);
   }
 
-/*
   public static void branches(int x) {
     if (x > 100)
       --x;
@@ -23,6 +22,7 @@ public static void branches(int x) {
         x = x - 2;
   }
 
+/*These methods are replaced be same methods are in Other class. Uncomment these, if you want to use them instead.
   public static void XX() {
     int xx = GG;
     GG = xx;
@@ -33,6 +33,24 @@ public static void YY() {
     GG = yy;
   }
 */  
+
+  public static void test_stuff() {
+    Node n = new Node();
+    n.value = 100;
+    n.next = n;
+    int a = 1;
+    int b = 2;
+
+    /* next lines show how complex our instructions can be (they are not decomposed! :-( ) */
+
+    int c = 5 * (8 * a + 9 * b) * n.next.next.next.value * 6;
+    
+    n.next.next.next.next.next.next = n.next.next.next.next.next.next.next.next;
+
+    branches(n.value);
+  }
+  
+
   public static void foo() {
     int x1 = Main.taint_source_X1_retval();
     x1 = Main.taint_sanitiser_X1_retval(x1);
@@ -49,7 +67,7 @@ public static int bar() {
     Main.bug(x1);
     return x1;
   }
-/*
+/*These methods are replaced be same methods are in Other class. Uncomment these, if you want to use them instead.
   public static int baz0(int a0) {
     return baz1(a0);
   }
diff --git a/regression/december_demo_sprint/TRAINING/taint_traces_01/APP/taint_traces_01/Other.java b/regression/december_demo_sprint/TRAINING/taint_traces_01/APP/taint_traces_01/Other.java
@@ -1,3 +1,9 @@
+class Node {
+  public int  value;
+  public Node next;
+}
+
+
 class OtherBase1 {
 
   void  someMethod() {
diff --git a/regression/december_demo_sprint/TRAINING/taint_traces_02/APP/rules.json b/regression/december_demo_sprint/TRAINING/taint_traces_02/APP/rules.json
@@ -1,6 +1,7 @@
 [
   {
     "comment": "Potentially tainted value was returned from the taint source function.",
+    "id": "Test.taint_source_01()->String",
     "class": "Test",
     "method": "taint_source_01:()I",
     "result": {
@@ -10,20 +11,26 @@
   },
   {
     "comment": "The return value from the sanitiser is free from taint related issues.",
+    "id": "Test.taint_sanitize_01(String)->*",
     "class": "Test",
     "method": "taint_sanitize_01:(I)I",
+    "input": {
+      "location": "arg0",
+      "taint": "<Test.taint_source_01@Integer>"
+    },
     "sanitizes": {
       "location": "return_value",
       "taint": "<Test.taint_source_01@Integer>"
     }
   },
   {
     "comment": "Potentially tainted data was passed to the sink.",
+    "id": "Test.taint_sink_01(String)",
     "class": "Test",
     "method": "taint_sink_01:(I)V",
     "sinkTarget": {
       "location": "arg0",
-      "taint": "<Test.taint_source_01@Integer>"
+      "vulnerability": "<Test.taint_source_01@Integer>"
     }
   }
 ]
diff --git a/regression/december_demo_sprint/TRAINING/taint_traces_03/APP/rules.json b/regression/december_demo_sprint/TRAINING/taint_traces_03/APP/rules.json
@@ -1,6 +1,7 @@
 [
   {
     "comment": "A potentisally tained data were returned from the called function.",
+    "id": "Test.taint_source_01()->String",
     "class": "Test",
     "method": "taint_source_01:()Ljava/lang/String;",
     "result": {
@@ -10,6 +11,7 @@
   },
   {
     "comment": "The return value from the sanitisation function is free from taint issues.",
+    "id": "Test.taint_sanitize_01(String)->*",
     "class": "Test",
     "method": "taint_sanitize_01:(Ljava/lang/String;)Ljava/lang/String;",
     "sanitizes": {
@@ -19,11 +21,12 @@
   },
   {
     "comment": "Writing a potentially tainted data into the output",
+    "id": "Test.taint_sink_01(String)",
     "class": "Test",
     "method": "taint_sink_01:(Ljava/lang/String;)V",
     "sinkTarget": {
       "location": "arg0",
-      "taint": "<Test.taint_source_01@Integer>"
+      "vulnerability": "<Test.taint_source_01@Integer>"
     }
   }
 ]
diff --git a/regression/december_demo_sprint/TRAINING/taint_traces_04/APP/rules.json b/regression/december_demo_sprint/TRAINING/taint_traces_04/APP/rules.json
@@ -1,6 +1,7 @@
 [
   {
     "comment": "Potentisally tained data was returned from the called function.",
+    "id": "Other.source()->Integer",
     "class": "Other",
     "method": "source:()I",
     "result": {
@@ -10,6 +11,7 @@
   },
   {
     "comment": "The return value from the sanitisation function is free from taint issues.",
+    "id": "Main.taint_sanitiser_X1_retval(Integer)->*",
     "class": "Main",
     "method": "taint_sanitiser_X1_retval:(I)I",
     "sanitizes": {
@@ -19,11 +21,12 @@
   },
   {
     "comment": "Writing potentially tainted data into the output",
+    "id": "Main.taint_sink_X1_arg_0(Integer)",
     "class": "Main",
     "method": "taint_sink_X1_arg_0:(I)V",
     "sinkTarget": {
       "location": "arg0",
-      "taint": "<Other.source@Integer>"
+      "vulnerability": "<Other.source@Integer>"
     }
   }
 ]
diff --git a/regression/december_demo_sprint/TRAINING/taint_traces_05/APP/rules.json b/regression/december_demo_sprint/TRAINING/taint_traces_05/APP/rules.json
diff --git a/regression/december_demo_sprint/TRAINING/taint_traces_05/APP/taint_traces_05/AssignmentAction.java b/regression/december_demo_sprint/TRAINING/taint_traces_05/APP/taint_traces_05/AssignmentAction.java
diff --git a/regression/december_demo_sprint/TRAINING/taint_traces_05/APP/taint_traces_05/XZipInputStream.java b/regression/december_demo_sprint/TRAINING/taint_traces_05/APP/taint_traces_05/XZipInputStream.java
diff --git a/regression/december_demo_sprint/TRAINING/taint_traces_06/APP/rules.json b/regression/december_demo_sprint/TRAINING/taint_traces_06/APP/rules.json

Original file line number	Diff line number	Diff line change
`@@ -1,5 +1,6 @@`
`1`	`1`	`[`
`2`	`2`	`"Main.foo",`
`3`		`- "Main.bar"`
	`3`	`+ "Main.bar",`
	`4`	`+ "Main.test_stuff"`
`4`	`5`	`]`
`5`	`6`
Original file line number	Diff line number	Diff line change
`@@ -1,6 +1,7 @@`
`1`	`1`	`[`
`2`	`2`	`{`
`3`	`3`	`"comment": "A potentisally tained data were returned from the called function.",`
	`4`	`+ "id": "Main.taint_source_X1_retval()->Integer",`
`4`	`5`	`"class": "Main",`
`5`	`6`	`"method": "taint_source_X1_retval:()I",`
`6`	`7`	`"result": {`
`@@ -10,6 +11,7 @@`
`10`	`11`	`},`
`11`	`12`	`{`
`12`	`13`	`"comment": "The return value from the sanitisation function is free from taint issues.",`
	`14`	`+ "id": "Main.taint_sanitiser_X1_retval(Integer)->*",`
`13`	`15`	`"class": "Main",`
`14`	`16`	`"method": "taint_sanitiser_X1_retval:(I)I",`
`15`	`17`	`"sanitizes": {`
`@@ -19,11 +21,12 @@`
`19`	`21`	`},`
`20`	`22`	`{`
`21`	`23`	`"comment": "Writing a potentially tainted data into the output",`
	`24`	`+ "id": "Main.taint_sink_X1_arg_0(Integer)",`
`22`	`25`	`"class": "Main",`
`23`	`26`	`"method": "taint_sink_X1_arg_0:(I)V",`
`24`	`27`	`"sinkTarget": {`
`25`	`28`	`"location": "arg0",`
`26`		`- "taint": "<taint_source_X1_retval@Integer>"`
	`29`	`+ "vulnerability": "<taint_source_X1_retval@Integer>"`
`27`	`30`	`}`
`28`	`31`	`}`
`29`	`32`	`]`
Original file line number	Diff line number	Diff line change
`@@ -1,6 +1,7 @@`
`1`	`1`	`[`
`2`	`2`	`{`
`3`	`3`	`"comment": "Potentially tainted value was returned from the taint source function.",`
	`4`	`+ "id": "Test.taint_source_01()->String",`
`4`	`5`	`"class": "Test",`
`5`	`6`	`"method": "taint_source_01:()I",`
`6`	`7`	`"result": {`
`@@ -10,20 +11,26 @@`
`10`	`11`	`},`
`11`	`12`	`{`
`12`	`13`	`"comment": "The return value from the sanitiser is free from taint related issues.",`
	`14`	`+ "id": "Test.taint_sanitize_01(String)->*",`
`13`	`15`	`"class": "Test",`
`14`	`16`	`"method": "taint_sanitize_01:(I)I",`
	`17`	`+ "input": {`
	`18`	`+ "location": "arg0",`
	`19`	`+ "taint": "<Test.taint_source_01@Integer>"`
	`20`	`+ },`
`15`	`21`	`"sanitizes": {`
`16`	`22`	`"location": "return_value",`
`17`	`23`	`"taint": "<Test.taint_source_01@Integer>"`
`18`	`24`	`}`
`19`	`25`	`},`
`20`	`26`	`{`
`21`	`27`	`"comment": "Potentially tainted data was passed to the sink.",`
	`28`	`+ "id": "Test.taint_sink_01(String)",`
`22`	`29`	`"class": "Test",`
`23`	`30`	`"method": "taint_sink_01:(I)V",`
`24`	`31`	`"sinkTarget": {`
`25`	`32`	`"location": "arg0",`
`26`		`- "taint": "<Test.taint_source_01@Integer>"`
	`33`	`+ "vulnerability": "<Test.taint_source_01@Integer>"`
`27`	`34`	`}`
`28`	`35`	`}`
`29`	`36`	`]`
Original file line number	Diff line number	Diff line change
`@@ -1,6 +1,7 @@`
`1`	`1`	`[`
`2`	`2`	`{`
`3`	`3`	`"comment": "Potentisally tained data was returned from the called function.",`
	`4`	`+ "id": "Other.source()->Integer",`
`4`	`5`	`"class": "Other",`
`5`	`6`	`"method": "source:()I",`
`6`	`7`	`"result": {`
`@@ -10,6 +11,7 @@`
`10`	`11`	`},`
`11`	`12`	`{`
`12`	`13`	`"comment": "The return value from the sanitisation function is free from taint issues.",`
	`14`	`+ "id": "Main.taint_sanitiser_X1_retval(Integer)->*",`
`13`	`15`	`"class": "Main",`
`14`	`16`	`"method": "taint_sanitiser_X1_retval:(I)I",`
`15`	`17`	`"sanitizes": {`
`@@ -19,11 +21,12 @@`
`19`	`21`	`},`
`20`	`22`	`{`
`21`	`23`	`"comment": "Writing potentially tainted data into the output",`
	`24`	`+ "id": "Main.taint_sink_X1_arg_0(Integer)",`
`22`	`25`	`"class": "Main",`
`23`	`26`	`"method": "taint_sink_X1_arg_0:(I)V",`
`24`	`27`	`"sinkTarget": {`
`25`	`28`	`"location": "arg0",`
`26`		`- "taint": "<Other.source@Integer>"`
	`29`	`+ "vulnerability": "<Other.source@Integer>"`
`27`	`30`	`}`
`28`	`31`	`}`
`29`	`32`	`]`