DASCA
/
WALA
2
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

SecurityExceptions when analyzing JARs with broken/expired signatures 

See <https://github.com/wala/WALA/issues/100>
This commit is contained in:
Andreas Sewe 2016-06-03 13:07:05 +02:00
parent 065a3ff767
commit e2e5bcf435
8 changed files with 11 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
com.ibm.wala.cast.java.test/src/com/ibm/wala/cast/java/test/IRTests.java
View File

@ -457,7 +457,7 @@ public abstract class IRTests {
if (libFile.exists()) {
foundLib = true;
try {
engine.addSystemModule(new JarFileModule(new JarFile(libFile)));
engine.addSystemModule(new JarFileModule(new JarFile(libFile, false)));
} catch (IOException e) {
Assert.fail(e.getMessage());
}

2
com.ibm.wala.core.tests/src/com/ibm/wala/core/tests/callGraph/Java7CallGraphTest.java
View File

@ -49,7 +49,7 @@ public class Java7CallGraphTest extends DynamicCallGraphTestBase {
F.deleteOnExit();
AnalysisScope scope = CallGraphTestUtil.makeJ2SEAnalysisScope("base.txt", CallGraphTestUtil.REGRESSION_EXCLUSIONS);
scope.addToScope(ClassLoaderReference.Application, new JarFile(F));
scope.addToScope(ClassLoaderReference.Application, new JarFile(F, false));
ClassHierarchy cha = ClassHierarchy.make(scope);
Iterable<Entrypoint> entrypoints = com.ibm.wala.ipa.callgraph.impl.Util.makeMainEntrypoints(scope, cha, "Lpack/ocamljavaMain");

4
com.ibm.wala.core.tests/src/com/ibm/wala/examples/analysis/SimpleThreadEscapeAnalysis.java
View File

@ -104,7 +104,7 @@ public class SimpleThreadEscapeAnalysis extends AbstractAnalysisEngine {
collectJars(files[i], result);
}
} else if (f.getAbsolutePath().endsWith(".jar")) {
result.add(new JarFile(f));
result.add(new JarFile(f, false));
}
}
@ -330,7 +330,7 @@ public class SimpleThreadEscapeAnalysis extends AbstractAnalysisEngine {
Set<JarFile> jars = HashSetFactory.make();
for (int i = 1; i < args.length; i++) {
jars.add(new JarFile(args[i]));
jars.add(new JarFile(args[i], false));
}
Set<IClass> escapingTypes = (new SimpleThreadEscapeAnalysis(jars, mainClassName)).gatherThreadEscapingClasses();

2
com.ibm.wala.core/src/com/ibm/wala/classLoader/AbstractNestedJarFileModule.java
View File

@ -58,7 +58,7 @@ public abstract class AbstractNestedJarFileModule implements Module {
}
cache = HashMapFactory.make();
try {
final JarInputStream stream = new JarInputStream(getNestedContents());
final JarInputStream stream = new JarInputStream(getNestedContents(), false);
for (ZipEntry z = stream.getNextEntry(); z != null; z = stream.getNextEntry()) {
final String name = z.getName();
if (DEBUG) {

2
com.ibm.wala.core/src/com/ibm/wala/classLoader/ClassLoaderImpl.java
View File

@ -321,7 +321,7 @@ public class ClassLoaderImpl implements IClassLoader {
}
Map<String, Object> result = HashMapFactory.make();
try {
JarInputStream s = new JarInputStream(new ByteArrayInputStream(jarFileContents));
JarInputStream s = new JarInputStream(new ByteArrayInputStream(jarFileContents), false);
JarEntry entry = null;
while ((entry = s.getNextJarEntry()) != null) {
byte[] entryBytes = getEntryBytes(entry, entrySizesForFile.get(entry.getName()), s);

4
com.ibm.wala.core/src/com/ibm/wala/util/config/AnalysisScopeReader.java
View File

@ -177,7 +177,7 @@ public class AnalysisScopeReader {
} else if ("stdlib".equals(entryType)) {
String[] stdlibs = WalaProperties.getJ2SEJarFiles();
for (int i = 0; i < stdlibs.length; i++) {
scope.addToScope(walaLoader, new JarFile(stdlibs[i]));
scope.addToScope(walaLoader, new JarFile(stdlibs[i], false));
}
} else {
Assertions.UNREACHABLE();
@ -222,7 +222,7 @@ public class AnalysisScopeReader {
while (paths.hasMoreTokens()) {
String path = paths.nextToken();
if (path.endsWith(".jar")) {
JarFile jar = new JarFile(path);
JarFile jar = new JarFile(path, false);
scope.addToScope(loader, jar);
try {
if (jar.getManifest() != null) {

2
com.ibm.wala.core/src/com/ibm/wala/util/io/FileProvider.java
View File

@ -175,7 +175,7 @@ public class FileProvider {
return new JarFileModule(new JarFile(filePath, false));
} else {
final URLConnection in = url.openConnection();
final JarInputStream jarIn = new JarInputStream(in.getInputStream());
final JarInputStream jarIn = new JarInputStream(in.getInputStream(), false);
return new JarStreamModule(jarIn);
}
}

4
com.ibm.wala.shrike/src/com/ibm/wala/shrikeBT/tools/OfflineInstrumenterBase.java
View File

@ -170,7 +170,7 @@ public abstract class OfflineInstrumenterBase {
cachedJar.close();
}
cachedJarFile = file;
cachedJar = new JarFile(file);
cachedJar = new JarFile(file, false);
return cachedJar;
}
}
@ -230,7 +230,7 @@ public abstract class OfflineInstrumenterBase {
* Add a JAR file containing source classes to instrument.
*/
final public void addInputJar(File f) throws IOException {
JarFile jf = new JarFile(f);
JarFile jf = new JarFile(f, false);
for (Enumeration<JarEntry> e = jf.entries(); e.hasMoreElements();) {
JarEntry entry = e.nextElement();
String name = entry.getName();