Skip to content

Accurate Error Location

The CogniCrypt report provides only the line in which the statement containing the violating method call starts. With nested method calls this can result in the user not actually being able to tell where a specific error occurred, especially if the statement spans multiple lines.

Because of this, we made sure to pinpoint a more accurate location depending on the type of error detected. For this, we used the additional information extracted previously.

ImpreciseValueExtractionError

For ImpreciseValueExtractionErrors the report location is always a parameter.

RequiredPredicateError and AlternativeReqPredicateError

While for the most part these types of error occur on method parameters, sometimes a violation occurs for the return value of a method call. If the result of the call is assigned to an object, then that object is marked. Otherwise, the method bounds are chosen as the main report location.

ForbiddenMethodError, IncompleteOperationError and TypestateError

These error types deal with method calls. As such, we mark the method bounds as the main location.

ConstraintError

Most ConstraintErrors occur on parameters, so the report location is then decided by the detected parameter index. However, some constraints deal with methods instead, in which case the method bounds are set as the report location.