Skip to content

Added confidential checker #6981

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 230 commits into
base: master
Choose a base branch
from
Open

Added confidential checker #6981

wants to merge 230 commits into from

Conversation

iywang2016
Copy link
Contributor

@iywang2016 iywang2016 commented Mar 3, 2025
edited
Loading

Associated with JDK pull request #224

gitfundo and others added 30 commits June 18, 2024 14:42
@gitfundo
Basic duplication of TaintChecker for SQLi
13f846b
@gitfundo
Added basic SQL tainting test
9950b17
@gitfundo
Added basic test
2707a54
@iywang2016
Added sql tainting test file under junit directory
7d905a5
@iywang2016
Renamed SqlSafe -> SqlSanitized, SqlDangerous -> SqlQueryValue; renam…
a4ab6f4 
…ed references in code as necessary
@iywang2016
Revised @QualifierForLiterals annotation to automatically annotate es…
4861495 
…caped SQL values as SqlSanitized.
@iywang2016
Added tests for @QualifierForLiterals regex
9c1cda5
@iywang2016
Renamed files
119d74c
@iywang2016
Merge branch 'typetools:master' into master
48bc502
@iywang2016
Merge branch 'typetools:master' into sqltainting
da010c1
@iywang2016
Merge branch 'master' into sqltainting
2059202
@iywang2016
Merge pull request #1 from iywang2016/sqltainting
3ab729a 
SQL tainting qualifiers and basic tests
@iywang2016
Revised qualifiers
972ba01
@iywang2016
Revised qualifiers
de5dbe0
@iywang2016
Revised documentation for type checker
baa3be7
@iywang2016
Stub file for base64 encoding
c122359
@iywang2016
Stub file to require sanitized query string in executeQuery
7421857
@iywang2016
Merge branch 'sqltainting'
73f247a
@iywang2016
Created sqlquerytainting directory
00819a9
@iywang2016
Renamed sqlquerytainting files
61eb2b3
@iywang2016
Added qualifiers SqlQueryComplete, SqlQuerySnippet, SqlQueryUnknown, …
07b7690 
…and SqlSanitizedUser
@iywang2016
Merge branch 'master' into sqlquerytainting
1f45a44
@iywang2016
Revised qualifiers to SqlEvenQuotes, SqlOddQuotes, SqlQuoteless
c606a18
@iywang2016
Revised qualifiers to SqlOddQuotes, SqlEvenQuotes, SqlQuoteless
4acc56d
@iywang2016
Merge remote-tracking branch 'upstream/master'
c662a5c
@iywang2016
Merge branch 'sqlquerytainting'
77f040e
@iywang2016
Revised documentation and implementation of SQL query qualifiers: com…
2843a30 
…bined SqlQuoteless and SqlEvenQuotes; revised documentations
@iywang2016
Added type concatenation rules for SQL query qualifiers
1f6dd09
@iywang2016
Debugged SQL query type factory
e7cf540
@iywang2016
Added SQL query bottom type
08ddda9
iywang2016 and others added 19 commits April 21, 2025 00:56
@iywang2016
Merge remote-tracking branch 'origin/iywang' into iywang
f0bc003
@iywang2016
Moved string concatenation rules to ConfidentialTransfer
599a40b
@iywang2016
Fixed spotlessApply issues
ec3f8bc
@iywang2016
Added comments
4015c6b
@iywang2016
Added documentation for createAnnotationForStringConcatenation
da3612e
@iywang2016
Ran spotlessApply
73a9345
@iywang2016
Documented getValueAnnotation
db9fa0f
@iywang2016
Confidential checker qualifier and transfer changes
a49c656
@iywang2016
Confidential checker all-systems warning suppression
8322118
@mernst
Merge ../checker-framework-branch-master into iywang
76391f5
@mernst
Separate the explanations for two different warnings
b9a94a7
@mernst
Merge ../checker-framework-branch-master into iywang
249fc77
@mernst
Merge ../checker-framework-branch-master into iywang
ef46593
@mernst
Warning justifications
02492b0
@mernst
Code review changes
fd7ee4d
@mernst
Fix Javadoc style
38148c3
@mernst
Merge ../checker-framework-fork-mernst-branch-javadoc-style into iywang
741d4d9
@mernst
Fix Javadoc style
0ceb6a7
@mernst
Documentation improvements
166868a
mernst
mernst requested changes Jun 6, 2025
View reviewed changes
Copy link
Member

@mernst mernst left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I have just a couple last comments.

@iywang2016 iywang2016 requested a review from mernst June 10, 2025 09:32
@mernst mernst requested a review from Copilot July 18, 2025 14:35
Copilot
Copilot AI reviewed Jul 18, 2025
View reviewed changes
Copy link

@Copilot Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

This PR adds a new Confidential Checker to the Checker Framework that identifies sensitive information exposure (information leakage). The checker prevents confidential values from flowing to non-confidential locations, helping prevent security vulnerabilities like PII exposure in logs, UI elements, or other public-facing sinks.

Key changes:

  • Implements a complete type system with @Confidential, @NonConfidential, @UnknownConfidential, and related qualifiers
  • Adds extensive library annotations for logging frameworks (Log4j, SLF4J, Apache Commons), Android UI components, and Spring Security
  • Includes comprehensive documentation and test cases

Reviewed Changes

Copilot reviewed 49 out of 50 changed files in this pull request and generated 2 comments.

Show a summary per file
File Description
checker-qual/src/main/java/org/checkerframework/checker/confidential/qual/*.java Core qualifier annotations defining the confidential type hierarchy
checker/src/main/java/org/checkerframework/checker/confidential/*.java Main checker implementation with type factory, visitor, and transfer functions
checker/src/main/java/org/checkerframework/checker/confidential/*.astub Library annotations for popular frameworks (Spring Security, logging libraries, Android)
docs/manual/confidential-checker.tex Complete documentation chapter explaining the checker's purpose and usage
framework/tests/all-systems/*.java Test files with @SuppressWarnings annotations for confidential checker warnings

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

Copilot code review Copilot Copilot left review comments

@mernst mernst Awaiting requested review from mernst

Requested changes must be addressed to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@iywang2016 @mernst @gitfundo