Skip to first unread message
Robert Dyer
Aug 19, 2015, 5:16:15 PM8/19/15
to Boa Language and Infrastructure User Forum
Inspired by this upcoming paper at SPLASH'15 (http://2015.splashcon.org/event/oopsla2015-use-at-your-own-risk-the-java-unsafe-api-in-the-wild) I wrote this query to find use of Unsafe in Java.
# what projects use sun.misc.Unsafe in Java?
UnsafeProjects: output set of string;
# imports of sun.misc.Unsafe
UnsafeImport: output sum[string] of int;
# uses of sun.misc.Unsafe type
UnsafeType: output sum[string] of int;
# uses of Unsafe.getUnsafe() static method call
GetUnsafe: output sum[string] of int;
imported := false;
visit(input, visitor {
before node: CodeRepository -> {
# only look at the latest snapshot
# and only include Java files
snapshot := getsnapshot(node, "SOURCE_JAVA_JLS");
foreach (i: int; def(snapshot[i]))
visit(snapshot[i]);
stop;
}
before node: ASTRoot -> {
imported = false;
exists (i: int; node.imports[i] == "sun.misc.Unsafe" || node.imports[i] == "sun.misc.*") {
UnsafeImport[input.id] << 1;
UnsafeProjects << input.id;
imported = true;
}
}
before node: Type ->
if (node.name == "sun.misc.Unsafe" || (node.name == "Unsafe" && imported)) {
UnsafeType[input.id] << 1;
UnsafeProjects << input.id;
}
before node: Expression ->
if (node.kind == ExpressionKind.METHODCALL && node.method == "getUnsafe") {
GetUnsafe[input.id] << 1;
UnsafeProjects << input.id;
}
});Reply all
Reply to author
Forward
0 new messages