[Bug] Multiple call contexts on the same vulnerability
emaiannone opened this issue · comments
Context
When there are two or more call contexts to the same vulnerable method, a TC may call many target methods, covering different call contexts; however not all of them are able to cover the required control dependencies + the vulnerable line. So, the TC is not an exploit, but according to the current algorithm it is.
In poor words, a portion of a TC covers the required call context but not the required CDs + line, and another portion of a TC cover the required CDs + line but not the required call context.
This leads to false positives, e.g. in CompressCallerYes
when callMiss()
is present.
Sadly, I don't know how to fix this because EvoSuite classes do not allow to get detailed information on what a single method call of TC actually covers.