Skip to content
Run CogniCrypt static analysis

Update cognicrypt.yml to v3.2.1 #7

Sign in to view logs

Update cognicrypt.yml to v3.2.1

Update cognicrypt.yml to v3.2.1 #7

Triggered via push August 2, 2024 15:07
@schlichtigschlichtig
pushed ca6d13f
schlichtig-v3.2.1
Status Failure
Total duration 3m 55s
Artifacts

cognicrypt.yml

on: push
cognicrypt
3m 45s
cognicrypt
Fit to window
Zoom out
Zoom in

Annotations

10 errors and 2 warnings
RequiredPredicateError violating CrySL rule for javax.crypto.spec.IvParameterSpec: CamBench_Cap/src/main/java/org/cambench/cap/mixedsensitivities/inter2field/falsepositive/insecurerandom/InsecureRandom1.java#L46
First parameter was not properly generated as randomized
IncompleteOperationError violating CrySL rule for javax.crypto.Cipher: CamBench_Cap/src/main/java/org/cambench/cap/mixedsensitivities/inter2field/falsepositive/insecurerandom/InsecureRandom1.java#L47
Operation on object of type javax.crypto.Cipher not completed. Expected call to one of the methods {doFinal(byte[]), update(byte[], int, int, byte[], int), doFinal(byte[], int, int, byte[], int), doFinal(byte[], int, int, byte[]), update(byte[]), update(byte[], int, int, byte[]), updateAAD(byte[], int, int), update(byte[], int, int), update(java.nio.ByteBuffer, java.nio.ByteBuffer), wrap(java.security.Key), updateAAD(byte[]), updateAAD(java.nio.ByteBuffer), doFinal(byte[], int, int), doFinal(java.nio.ByteBuffer, java.nio.ByteBuffer)}
RequiredPredicateError violating CrySL rule for javax.crypto.Cipher: CamBench_Cap/src/main/java/org/cambench/cap/mixedsensitivities/inter2field/falsepositive/insecurerandom/InsecureRandom1.java#L47
Third parameter was not properly generated as preparedGCM
IncompleteOperationError violating CrySL rule for javax.crypto.Cipher: CamBench_Cap/src/main/java/org/cambench/cap/flowsensitivity/advanced/valueswap/truepositive/brokencrypto/CorrectedCrypto.java#L37
Operation on object of type javax.crypto.Cipher not completed. Expected call to one of the methods {doFinal(byte[]), update(byte[], int, int, byte[], int), doFinal(byte[], int, int, byte[], int), doFinal(byte[], int, int, byte[]), update(byte[]), update(byte[], int, int, byte[]), updateAAD(byte[], int, int), update(byte[], int, int), update(java.nio.ByteBuffer, java.nio.ByteBuffer), wrap(java.security.Key), updateAAD(byte[]), updateAAD(java.nio.ByteBuffer), doFinal(byte[], int, int), doFinal(java.nio.ByteBuffer, java.nio.ByteBuffer)}
ConstraintError violating CrySL rule for javax.crypto.Cipher: CamBench_Cap/src/main/java/org/cambench/cap/mixedsensitivities/objectpath/truepositive/brokencrypto/BrokenCrypto2.java#L40
First parameter (with value "Blowfish") should be any of {AES, PBEWithHmacSHA224AndAES_128, PBEWithHmacSHA256AndAES_128, PBEWithHmacSHA384AndAES_128, PBEWithHmacSHA512AndAES_128, PBEWithHmacSHA224AndAES_256, PBEWithHmacSHA256AndAES_256, PBEWithHmacSHA384AndAES_256, PBEWithHmacSHA512AndAES_256}
IncompleteOperationError violating CrySL rule for javax.crypto.Cipher: CamBench_Cap/src/main/java/org/cambench/cap/mixedsensitivities/objectpath/truepositive/brokencrypto/BrokenCrypto2.java#L42
Operation on object of type javax.crypto.Cipher not completed. Expected call to one of the methods {doFinal(byte[]), update(byte[], int, int, byte[], int), doFinal(byte[], int, int, byte[], int), doFinal(byte[], int, int, byte[]), update(byte[]), update(byte[], int, int, byte[]), updateAAD(byte[], int, int), update(byte[], int, int), update(java.nio.ByteBuffer, java.nio.ByteBuffer), wrap(java.security.Key), updateAAD(byte[]), updateAAD(java.nio.ByteBuffer), doFinal(byte[], int, int), doFinal(java.nio.ByteBuffer, java.nio.ByteBuffer)}
RequiredPredicateError violating CrySL rule for javax.crypto.Cipher: CamBench_Cap/src/main/java/org/cambench/cap/mixedsensitivities/objectpath/truepositive/brokencrypto/BrokenCrypto2.java#L42
Second parameter was not properly generated as generatedPrivkey OR generatedPubkey OR generatedKey
ConstraintError violating CrySL rule for javax.crypto.KeyGenerator: CamBench_Cap/src/main/java/org/cambench/cap/mixedsensitivities/objectpath/truepositive/brokencrypto/BrokenCrypto2.java#L41
First parameter (with value "AES/GCM/NoPadding") should be any of {AES, HmacSHA256, HmacSHA384, HmacSHA512}
RequiredPredicateError violating CrySL rule for javax.crypto.SecretKey: CamBench_Cap/src/main/java/org/cambench/cap/mixedsensitivities/objectpath/truepositive/brokencrypto/BrokenCrypto2.java#L42
Return value was not properly generated as generatedKey
ConstraintError violating CrySL rule for javax.crypto.KeyGenerator: CamBench_Cap/src/main/java/org/cambench/cap/mixedsensitivities/objectpath/truepositive/brokencrypto/BrokenCrypto2.java#L41
First parameter (with value "Blowfish") should be any of {AES, HmacSHA256, HmacSHA384, HmacSHA512}
cognicrypt
There are more violations than the GitHub annotations interface displays. Please check the log for additional violations.
cognicrypt
The following actions uses Node.js version which is deprecated and will be forced to run on node20: actions/setup-java@v3, actions/cache/restore@v3, stCarolas/[email protected], actions/cache/save@v3. For more info: https://github.blog/changelog/2024-03-07-github-actions-all-actions-will-run-on-node20-instead-of-node16-by-default/