@@ -230,6 +230,7 @@ KeyEventDigger::KeyEventDigger():
230230 d->hMap [" ALLOC_FREE_MISMATCH" insert (" free"
231231 d->hMap [" ARRAY_VS_SINGLETON" insert (" callee_ptr_arith"
232232 d->hMap [" ARRAY_VS_SINGLETON" insert (" ptr_arith"
233+ d->hMap [" ATOMICITY" insert (" use"
233234 d->hMap [" BAD_CHECK_OF_WAIT_COND" insert (" wait_cond_improperly_checked"
234235 d->hMap [" BAD_FREE" insert (" incorrect_free"
235236 d->hMap [" BAD_LOCK_OBJECT" insert (" boxed_lock"
@@ -240,25 +241,12 @@ KeyEventDigger::KeyEventDigger():
240241 d->hMap [" CALL_SUPER" insert (" missing_super_call"
241242 d->hMap [" CHECKED_RETURN" insert (" check_return"
242243 d->hMap [" CHROOT" insert (" chroot_call"
243- d->hMap [" CONSTANT_EXPRESSION_RESULT" insert (" extra_high_bits"
244- d->hMap [" CONSTANT_EXPRESSION_RESULT" insert (" logical_vs_bitwise"
245- d->hMap [" CONSTANT_EXPRESSION_RESULT" insert (" missing_parentheses"
246- d->hMap [" CONSTANT_EXPRESSION_RESULT" insert (" operator_confusion"
247- d->hMap [" CONSTANT_EXPRESSION_RESULT" insert (" pointless_expression"
248- d->hMap [" CONSTANT_EXPRESSION_RESULT" insert (" result_independent_of_operands"
249- d->hMap [" CONSTANT_EXPRESSION_RESULT" insert (" same_on_both_sides"
250244 d->hMap [" CTOR_DTOR_LEAK" insert (" alloc_fn"
251245 d->hMap [" CTOR_DTOR_LEAK" insert (" alloc_new"
252246 d->hMap [" DEADCODE" insert (" dead_error_begin"
253247 d->hMap [" DEADCODE" insert (" dead_error_line"
254248 d->hMap [" EXPLICIT_THIS_EXPECTED" insert (" implicit_this_used"
255- d->hMap [" FORWARD_NULL" insert (" deref_parm"
256- d->hMap [" FORWARD_NULL" insert (" dereference"
257- d->hMap [" FORWARD_NULL" insert (" property_access"
258- d->hMap [" FORWARD_NULL" insert (" var_deref_op"
259- d->hMap [" FORWARD_NULL" insert (" var_deref_model"
260249 d->hMap [" HARDCODED_CREDENTIALS" insert (" sink"
261- d->hMap [" INVALIDATE_ITERATOR" insert (" increment_iterator"
262250 d->hMap [" LOCK" insert (" double_lock"
263251 d->hMap [" LOCK" insert (" double_unlock"
264252 d->hMap [" LOCK" insert (" missing_unlock"
@@ -272,16 +260,9 @@ KeyEventDigger::KeyEventDigger():
272260 d->hMap [" NESTING_INDENT_MISMATCH" insert (" multi_stmt_macro"
273261 d->hMap [" NESTING_INDENT_MISMATCH" insert (" on_same_line"
274262 d->hMap [" NESTING_INDENT_MISMATCH" insert (" uncle"
275- d->hMap [" NULL_RETURNS" insert (" dereference"
276263 d->hMap [" ORDER_REVERSAL" insert (" lock_order"
277264 d->hMap [" OVERLAPPING_COPY" insert (" overlapping_assignment"
278265 d->hMap [" OVERLAPPING_COPY" insert (" overlapping_copy"
279- d->hMap [" OVERRUN" insert (" alloc_strlen"
280- d->hMap [" OVERRUN" insert (" illegal_address"
281- d->hMap [" OVERRUN" insert (" overrun-buffer-arg"
282- d->hMap [" OVERRUN" insert (" overrun-buffer-val"
283- d->hMap [" OVERRUN" insert (" overrun-call"
284- d->hMap [" OVERRUN" insert (" overrun-local"
285266 d->hMap [" OVERRUN_STATIC" insert (" index_parm"
286267 d->hMap [" OVERRUN_STATIC" insert (" overrun-buffer-arg"
287268 d->hMap [" OVERRUN_STATIC" insert (" overrun-local"
@@ -290,8 +271,6 @@ KeyEventDigger::KeyEventDigger():
290271 d->hMap [" RESOURCE_LEAK" insert (" overwrite_var"
291272 d->hMap [" REVERSE_INULL" insert (" check_after_deref"
292273 d->hMap [" REVERSE_NEGATIVE" insert (" check_after_sink"
293- d->hMap [" RETURN_LOCAL" insert (" return_local_addr_identity"
294- d->hMap [" RETURN_LOCAL" insert (" use_invalid"
295274 d->hMap [" STREAM_FORMAT_STATE" insert (" end_of_path"
296275 d->hMap [" STRING_OVERFLOW" insert (" fixed_size_dest"
297276 d->hMap [" TAINTED_SCALAR" insert (" tainted_data"
@@ -305,15 +284,10 @@ KeyEventDigger::KeyEventDigger():
305284 d->hMap [" UNUSED_VALUE" insert (" assigned_value"
306285 d->hMap [" UNUSED_VALUE" insert (" returned_pointer"
307286 d->hMap [" UNUSED_VALUE" insert (" returned_value"
308- d->hMap [" USE_AFTER_FREE" insert (" deref_after_free"
309- d->hMap [" USE_AFTER_FREE" insert (" deref_arg"
310- d->hMap [" USE_AFTER_FREE" insert (" double_close"
311- d->hMap [" USE_AFTER_FREE" insert (" double_free"
312- d->hMap [" USE_AFTER_FREE" insert (" pass_freed_arg"
313- d->hMap [" USE_AFTER_FREE" insert (" use_after_free"
314287 d->hMap [" VARARGS" insert (" missing_va_end"
315288 d->hMap [" WRAPPER_ESCAPE" insert (" escape"
316289 d->hMap [" WRAPPER_ESCAPE" insert (" use_after_free"
290+ d->hMap [" URL_MANIPULATION" insert (" url_manipulation_sink"
317291
318292 // we use COMPILER_WARNING as checker for compiler errors/warnings
319293 d->hMap [" COMPILER_WARNING" insert (" error"
@@ -332,9 +306,17 @@ KeyEventDigger::KeyEventDigger():
332306 d->hMap [" OWASP_ZAP_WARNING" insert (" alert"
333307
334308 // list of checkers where we take the _last_ matched key event
309+ d->searchBackwards .insert (" CONSTANT_EXPRESSION_RESULT"
310+ d->searchBackwards .insert (" FORWARD_NULL"
311+ d->searchBackwards .insert (" LOCK"
312+ d->searchBackwards .insert (" INVALIDATE_ITERATOR"
313+ d->searchBackwards .insert (" NULL_RETURNS"
314+ d->searchBackwards .insert (" OVERRUN"
335315 d->searchBackwards .insert (" RESOURCE_LEAK"
316+ d->searchBackwards .insert (" RETURN_LOCAL"
336317 d->searchBackwards .insert (" UNINIT"
337318 d->searchBackwards .insert (" UNINIT_CTOR"
319+ d->searchBackwards .insert (" USE_AFTER_FREE"
338320
339321 // events that should never be used as key events (excluding trace events)
340322 d->denyList .insert (" another_instance"
@@ -446,7 +428,9 @@ bool KeyEventDigger::guessKeyEvent(Defect *def)
446428
447429 // matched
448430 def->keyEventIdx = idx;
449- return true ;
431+ if (!d->searchBackwards .count (def->checker ))
432+ // checker not listed in d->searchBackwards --> take the first match
433+ break ;
450434 }
451435
452436 return valid;
0 commit comments