Skip to content
Run CogniCrypt static analysis

Merge pull request #3 from CROSSINGTUD/schlichtig-patch-1 #12

Sign in to view logs

Merge pull request #3 from CROSSINGTUD/schlichtig-patch-1

Merge pull request #3 from CROSSINGTUD/schlichtig-patch-1 #12

Triggered via push August 2, 2024 15:40
@schlichtigschlichtig
pushed 798c1a2
main
Status Failure
Total duration 3m 41s
Artifacts

cognicrypt.yml

on: push
cognicrypt
3m 34s
cognicrypt
Fit to window
Zoom out
Zoom in

Annotations

10 errors and 2 warnings
IncompleteOperationError violating CrySL rule for javax.crypto.Cipher: CamBench_Cap/src/main/java/org/cambench/cap/mixedsensitivities/contextpath/truepositive/ecbmode/EcbMode1.java#L39
Operation on object of type javax.crypto.Cipher not completed. Expected call to one of the methods {doFinal(byte[]), update(byte[], int, int, byte[], int), doFinal(byte[], int, int, byte[], int), doFinal(byte[], int, int, byte[]), update(byte[]), update(byte[], int, int, byte[]), updateAAD(byte[], int, int), update(byte[], int, int), update(java.nio.ByteBuffer, java.nio.ByteBuffer), wrap(java.security.Key), updateAAD(byte[]), updateAAD(java.nio.ByteBuffer), doFinal(byte[], int, int), doFinal(java.nio.ByteBuffer, java.nio.ByteBuffer)}
ConstraintError violating CrySL rule for javax.crypto.Cipher: CamBench_Cap/src/main/java/org/cambench/cap/mixedsensitivities/contextpath/truepositive/ecbmode/EcbMode1.java#L33
First parameter (with value "AES/ECB/PKCS5Padding") should be any of AES/{GCM, CTR, CTS, CFB, OFB}
IncompleteOperationError violating CrySL rule for javax.crypto.Cipher: CamBench_Cap/src/main/java/org/cambench/cap/mixedsensitivities/contextpath/truepositive/ecbmode/EcbMode1.java#L39
Operation on object of type javax.crypto.Cipher not completed. Expected call to one of the methods {doFinal(byte[]), update(byte[], int, int, byte[], int), doFinal(byte[], int, int, byte[], int), doFinal(byte[], int, int, byte[]), update(byte[]), update(byte[], int, int, byte[]), updateAAD(byte[], int, int), update(byte[], int, int), update(java.nio.ByteBuffer, java.nio.ByteBuffer), wrap(java.security.Key), updateAAD(byte[]), updateAAD(java.nio.ByteBuffer), doFinal(byte[], int, int), doFinal(java.nio.ByteBuffer, java.nio.ByteBuffer)}
ConstraintError violating CrySL rule for java.security.MessageDigest: CamBench_Cap/src/main/java/org/cambench/cap/basic/brokenhash/BrokenHash3.java#L25
First parameter (with value "MD2") should be any of {SHA-256, SHA-384, SHA-512}
RequiredPredicateError violating CrySL rule for javax.crypto.Cipher: CamBench_Cap/src/main/java/org/cambench/cap/flowsensitivity/advanced/valueswap/truepositive/brokencrypto/BrokenCrypto1.java#L37
Second parameter was not properly generated as generatedPrivkey OR generatedPubkey OR generatedKey
ConstraintError violating CrySL rule for javax.crypto.Cipher: CamBench_Cap/src/main/java/org/cambench/cap/flowsensitivity/advanced/valueswap/truepositive/brokencrypto/BrokenCrypto1.java#L35
First parameter (with value "Blowfish") should be any of {AES, PBEWithHmacSHA224AndAES_128, PBEWithHmacSHA256AndAES_128, PBEWithHmacSHA384AndAES_128, PBEWithHmacSHA512AndAES_128, PBEWithHmacSHA224AndAES_256, PBEWithHmacSHA256AndAES_256, PBEWithHmacSHA384AndAES_256, PBEWithHmacSHA512AndAES_256}
IncompleteOperationError violating CrySL rule for javax.crypto.Cipher: CamBench_Cap/src/main/java/org/cambench/cap/flowsensitivity/advanced/valueswap/truepositive/brokencrypto/BrokenCrypto1.java#L37
Operation on object of type javax.crypto.Cipher not completed. Expected call to one of the methods {doFinal(byte[]), update(byte[], int, int, byte[], int), doFinal(byte[], int, int, byte[], int), doFinal(byte[], int, int, byte[]), update(byte[]), update(byte[], int, int, byte[]), updateAAD(byte[], int, int), update(byte[], int, int), update(java.nio.ByteBuffer, java.nio.ByteBuffer), wrap(java.security.Key), updateAAD(byte[]), updateAAD(java.nio.ByteBuffer), doFinal(byte[], int, int), doFinal(java.nio.ByteBuffer, java.nio.ByteBuffer)}
ConstraintError violating CrySL rule for java.security.KeyPairGenerator: CamBench_Cap/src/main/java/org/cambench/cap/mixedsensitivities/flowpath/truepositive/smallkeysize/CorrectedKeySize.java#L39
First parameter (with value 2048) should be any of {4096, 3072}
IncompleteOperationError violating CrySL rule for javax.crypto.Cipher: CamBench_Cap/src/main/java/org/cambench/cap/mixedsensitivities/flowpath/truepositive/smallkeysize/CorrectedKeySize.java#L41
Operation on object of type javax.crypto.Cipher not completed. Expected call to one of the methods {doFinal(byte[]), update(byte[], int, int, byte[], int), doFinal(byte[], int, int, byte[], int), doFinal(byte[], int, int, byte[]), update(byte[]), update(byte[], int, int, byte[]), updateAAD(byte[], int, int), update(byte[], int, int), update(java.nio.ByteBuffer, java.nio.ByteBuffer), wrap(java.security.Key), updateAAD(byte[]), updateAAD(java.nio.ByteBuffer), doFinal(byte[], int, int), doFinal(java.nio.ByteBuffer, java.nio.ByteBuffer)}
RequiredPredicateError violating CrySL rule for javax.crypto.Cipher: CamBench_Cap/src/main/java/org/cambench/cap/mixedsensitivities/flowpath/truepositive/smallkeysize/CorrectedKeySize.java#L41
Second parameter was not properly generated as generatedPrivkey OR generatedPubkey OR generatedKey
cognicrypt
There are more violations than the GitHub annotations interface displays. Please check the log for additional violations.
cognicrypt
The following actions uses Node.js version which is deprecated and will be forced to run on node20: actions/setup-java@v3, actions/cache/restore@v3, stCarolas/setup-maven@v4.5, actions/cache/save@v3. For more info: https://github.blog/changelog/2024-03-07-github-actions-all-actions-will-run-on-node20-instead-of-node16-by-default/