issues
search
alipay
/
ant-application-security-testing-benchmark
xAST评价体系,让安全工具不再“黑盒”. The xAST evaluation benchmark makes security tools no longer a "black box".
https://xastbenchmark.github.io
Apache License 2.0
323
stars
40
forks
source link
Improve: Supplement Testcases for Java-SAST/Engine-Analysis-Capability by FEYSH-2
#86
Open
Feysh-Inc
opened
3 months ago
Feysh-Inc
commented
3 months ago
二阶段计划:
准确度
对象敏感
别名是否被污染
上下文敏感
AST节点枚举传播场景
表达式
污点对象的完整度
java原生对象
数组
详细:
accuracy
contextSensitive
DifferentParamsForFunction_001_T.java
DifferentParamsForFunction_002_F.java
DifferentParamsForFunction_003_T.java
DifferentParamsForFunction_004_F.java
HeapAllocSite_001_T.java
HeapAllocSite_002_F.java
MultiCallSite_001_T.java
objectSensitive
AccessPathChainAlias_001_T.java
AccessPathChainAlias_002_F.java
AccessPathChainAlias_003_T.java
AccessPathChainAlias_004_F.java
FieldUnAlias_001_F.java
FieldUnAlias_002_T.java
FieldUnAlias_003_T.java
FieldUnAlias_004_F.java
FlowSensitiveAlias_001_T.java
FlowSensitiveAlias_002_F.java
FlowSensitiveAlias_003_T.java
FlowSensitiveAlias_004_F.java
HeapOverwriteAlias_001_T.java
HeapOverwriteAlias_002_F.java
HeapOverwriteAlias_003_T.java
HeapOverwriteAlias_004_F.java
HeapOverwriteAlias_005_T.java
HeapOverwriteAlias_006_F.java
HeapOverwriteAlias_007_T.java
HeapOverwriteAlias_008_T.java
HeapOverwriteAlias_009_F.java
HeapOverwriteAlias_010_T.java
HeapOverwriteAlias_011_T.java
HeapOverwriteAlias_012_F.java
HeapOverwriteAlias_013_T.java
HeapOverwriteAlias_014_F.java
HeapOverwriteAlias_015_T.java
HeapOverwriteAlias_016_F.java
HeapOverwriteAlias_017_T.java
HeapOverwriteAlias_018_F.java
HeapPointsToSelfAlias_001_T.java
HeapPointsToSelfAlias_002_F.java
InnerClassAlias_001_T.java
InnerClassAlias_002_F.java
InnerClassAlias_003_F.java
InnerClassAlias_004_F.java
InnerClassAlias_005_T.java
InnerClassAlias_006_T.java
InnerClassAlias_007_T.java
InnerClassAlias_008_F.java
InnerClassAlias_009_T.java
InnerClassAlias_010_F.java
InterproceduralAlias_001_T.java
InterproceduralAlias_002_F.java
IntraproceduralAlias_001_T.java
IntraproceduralAlias_002_F.java
NullAlias_001_T.java
NullAlias_002_F.java
ObjectCanBeAssigned_001_T.java
ObjectCanBeAssigned_002_F.java
ObjectCanBeAssigned_003_F.java
PrimitiveFieldAccess_001_T.java
PrimitiveFieldAccess_002_F.java
PrimitiveFieldAccess_003_T.java
PrimitiveFieldAccess_004_F.java
ReturnAlias_001_T.java
ReturnAlias_002_F.java
ReturnAlias_003_T.java
ReturnAlias_004_F.java
SameArgumentAlias_001_T.java
SameArgumentAlias_002_F.java
SingleFieldAccessAlias_001_T.java
SingleFieldAccessAlias_002_F.java
StaticFieldAlias_001_T.java
StaticFieldAlias_002_F.java
completeness\base
chain\astTaint
Expression_CastExpression_001_T.java
Statement_IfStatement_002_T.java
Statement_IfStatement_003_T.java
object\javaNative
Base_ArrayAccess_005_T.java
Base_ArrayAccess_006_F.java
Base_ArrayAccess_007_T.java
Base_ArrayAccess_008_T.java
Base_ArrayAccess_009_F.java
Base_ArrayAccess_010_F.java
Base_ArrayAccessWithArrayLength_001_T.java
Base_ArrayAccessWithArrayLength_002_F.java
Base_ArrayAccessWithArrayLength_003_T.java
Base_MutableArrayAccess_001_T.java
Base_MutableArrayAccess_002_F.java
Base_MutableArrayAccess_003_T.java
Base_MutableArrayAccess_004_F.java
二阶段计划:
详细: