changeset 137:2f8f9b0013d5

secret_annotator: improved handling of function calls Now we have a collection of secret functions, they will return a secret value.
author Sigurd Meldgaard <stm@daimi.au.dk>
date Wed, 04 Nov 2009 14:53:04 +0100
parents db7c7871bea4
children bcde6c7bf06d
files pysmcl/secret_annotator.py
diffstat 1 files changed, 6 insertions(+), 2 deletions(-) [+]
line wrap: on
line diff
--- a/pysmcl/secret_annotator.py	Wed Nov 04 14:50:54 2009 +0100
+++ b/pysmcl/secret_annotator.py	Wed Nov 04 14:53:04 2009 +0100
@@ -8,6 +8,7 @@
 non_compromising_functions = set(["len", "open", "result",
                                   "invariant", "precondition"])
 
+secret_functions = set(["get"])
 
 def expr_secret(exp, secret_variables):
     """
@@ -32,10 +33,13 @@
     elif(isinstance(exp, ast.Num)):
         return False
     elif(isinstance(exp, ast.Call)):
-        if(exp.func.id in non_compromising_functions):
+        function_name = exp.func.id
+        if(function_name in non_compromising_functions):
             return False
+        elif function_name in secret_functions:
+            return True # but bad_calls will warn us via bad_calls.py
         else:
-            return True # but bad_calls will warn us
+            return False
     elif isinstance(exp, ast.Str):
         return False
     elif isinstance(exp, ast.Subscript):