1. Yannis Smaragdakis Avatar Yannis Smaragdakis
  2. Doop-analysis-related
  3. doop[Deprecated]
  4. Issues

too many Mock Object are false positves

Issue #32 closed
yaju li created an issue

when I run the doop command such as:

./doop --analysis 2-object-sensitive+heap --library-file depend_webgoat/*.jar -input-file webgoat1.jar --platform java_11 --information-flow webapps --id web1 --information-flow-high-soundness --open-programs jackee

Its results in LeakingTaintedInformation.csv shows below

The results in these lines(in the red rectangles:MockObject) are false postives,do we have any way to remove these false positives to get clean tainted results?

Note:the input files are attached below,but you need to unzip the depend_webgoat.jar and put the directory depend_webgoat(after unzip) in the doop,or you will not get any tainted results.

Comments (6)

  5. gfour

    Mock objects are significant since they represent actual values that do not correspond to the allocation sites in the program. For example, when analyzing a server component (without also analyzing the server code), the component entry points must take objects for the analysis to proceed; these must be modeled by the analysis logic and are thus represented as mock objects, to distinguish them from regular heap objects.
    Doop’s naming conventions make filtering out these objects easy, they either start with “<mock “ or end with “::MockObject“. For selected relations/columns, you can also write extra logic to check these conventions (via Souffle substr) and populate new relations that contain exactly what you need.

  7. Log in to comment
Assignee
Type
bug
Priority
major
Status
closed
Votes
0
Watchers
1