[STAL-2713] Java taint analysis: add `switch_expression` CFG support - Githubissues

DataDog / datadog-static-analyzer

Datadog Static Analyzer

https://docs.datadoghq.com/static_analysis/

Apache License 2.0

100 stars 13 forks source link

[STAL-2713] Java taint analysis: add `switch_expression` CFG support #520

Closed jasonforal closed 1 month ago

jasonforal commented 1 month ago

What problem are you trying to solve?

https://github.com/DataDog/datadog-static-analyzer/pull/512 Introduced phi nodes to correctly model the control flow graph for Java. To keep that PR as small as possible, only if_statement support was implemented.

What is your solution?

This PR adds support for switch expressions, e.g:

String y;
switch (conditionA) {
    case 1:
        y = alt0;
    case 2:
        y = alt1;
        break;
    default:
        y = alt2;
}

String y = switch (conditionA) {
    case 1 -> alt0;
    default -> alt1;
};

Alternatives considered

What the reviewer should know