I am not sure if this is the right place to ask, any help would be appreciated. I want to build a static taint analysis tool for Java. My understanding is that tool will scan all the java files starting from the main entry point. And for each line of source code, it will decode it and perform the required action.
For example,
1- Boolean x=false;
2- String s = x.toString();
Line-1 declares one boolean variable and line-2 converts it into a string. Line-1 will note that boolean variable 'x' has been declared and it is converted into a string on line-2. And my tool will only understand it if I put a check for toString() function and perform the required action.
My question is that do I need to write checks for all functions defined for Boolean type in Java? How about other data types and other library functions?
For example, a few of other functions available for boolean type are;
toString(boolean value)
compareTo(Boolean that)
etc.
Why reinvent the wheel? Did you take a look at findbugs? If you know some bug pattern then write your own bug detector with findbugs and your are done. Here, here, here and here are some starting points...