why cfg dose not include getFilters()?

[xiziyunqi105]

📝 Overall Description

i analysis spring-cloud-gateway-server-3.1.0.jar，and add convertToRoute() as entrypoint:
` public void onStart() {

    List<JClass> list = solver.getHierarchy().applicationClasses().toList();

    for (JClass jClass : list) {

        jClass.getDeclaredMethods().forEach(jMethod->{

            String s = jMethod.getName();

            Set<Modifier> modifiers1 = jMethod.getModifiers();

            int i1=0;

            List<Modifier> listmodifiers1 = new ArrayList<>(modifiers1);

            for(Modifier listmodifiers11 : listmodifiers1){

            if(listmodifiers11.toString().matches("abstract")){

                i1=1;

            }

            }

            if (s.matches("convertToRoute") || s.matches("doFilter") || s.matches("doAuthenticate") && i1==0) {

                solver.addEntryPoint(new EntryPoint(jMethod, EmptyParamProvider.get()));

            }

        });`

i want to find taint convertToRoute()-> getFilters()->loadGatewayFilters() in class RouteDefinitionRouteLocator:

` private Route convertToRoute(RouteDefinition routeDefinition) {
AsyncPredicate predicate = combinePredicates(routeDefinition);
List gatewayFilters = getFilters(routeDefinition);

	return Route.async(routeDefinition).asyncPredicate(predicate).replaceFilters(gatewayFilters).build();
}

@SuppressWarnings("unchecked")
List<GatewayFilter> loadGatewayFilters(String id, List<FilterDefinition> filterDefinitions) {
	ArrayList<GatewayFilter> ordered = new ArrayList<>(filterDefinitions.size());
	for (int i = 0; i < filterDefinitions.size(); i++) {
		FilterDefinition definition = filterDefinitions.get(i);
		GatewayFilterFactory factory = this.gatewayFilterFactories.get(definition.getName());
		if (factory == null) {
			throw new IllegalArgumentException(
					"Unable to find GatewayFilterFactory with name " + definition.getName());
		}
		if (logger.isDebugEnabled()) {
			logger.debug("RouteDefinition " + id + " applying filter " + definition.getArgs() + " to "
					+ definition.getName());
		}

		// @formatter:off
		Object configuration = this.configurationService.with(factory)
				.name(definition.getName())
				.properties(definition.getArgs())
				.eventFunction((bound, properties) -> new FilterArgsEvent(
						// TODO: why explicit cast needed or java compile fails
						RouteDefinitionRouteLocator.this, id, (Map<String, Object>) properties))
				.bind();
		// @formatter:on

		// some filters require routeId
		// TODO: is there a better place to apply this?
		if (configuration instanceof HasRouteId) {
			HasRouteId hasRouteId = (HasRouteId) configuration;
			hasRouteId.setRouteId(id);
		}

		GatewayFilter gatewayFilter = factory.apply(configuration);
		if (gatewayFilter instanceof Ordered) {
			ordered.add(gatewayFilter);
		}
		else {
			ordered.add(new OrderedGatewayFilter(gatewayFilter, i + 1));
		}
	}

	return ordered;
}

private List<GatewayFilter> getFilters(RouteDefinition routeDefinition) {
	List<GatewayFilter> filters = new ArrayList<>();

	// TODO: support option to apply defaults after route specific filters?
	if (!this.gatewayProperties.getDefaultFilters().isEmpty()) {
		filters.addAll(loadGatewayFilters(routeDefinition.getId(),
				new ArrayList<>(this.gatewayProperties.getDefaultFilters())));`

i add sources and transfor:
`sources:
{ kind: param, method: "<org.springframework.cloud.gateway.route.RouteDefinitionRouteLocator: org.springframework.cloud.gateway.route.Route convertToRoute(org.springframework.cloud.gateway.route.RouteDefinition)>", index: 0 }

sinks:
{ level: 4, method: "<org.springframework.cloud.gateway.route.RouteDefinitionRouteLocator: java.util.List getFilters(org.springframework.cloud.gateway.route.RouteDefinition)>", index: 0 }
transfers:
{ method: "<java.util.ArrayList: void (java.util.Collection)>", from: 0, to: base, type: java.util.List}
{ method: "<org.springframework.cloud.gateway.route.RouteDefinition: java.util.List getFilters()>", from: base, to: result}
call-site-mode: true`

and i find taint from convertToRoute()-> getFilters():
Detected 1 taint flow(s): TaintFlow{<org.springframework.cloud.gateway.route.RouteDefinitionRouteLocator: org.springframework.cloud.gateway.route.Route convertToRoute(org.springframework.cloud.gateway.route.RouteDefinition)>/0 -> <org.springframework.cloud.gateway.route.RouteDefinitionRouteLocator: org.springframework.cloud.gateway.route.Route convertToRoute(org.springframework.cloud.gateway.route.RouteDefinition)>[1@L117] $r3 = invokespecial %this.getFilters(routeDefinition)/0}
why i cannot find the taint convertToRoute()-> getFilters()->loadGatewayFilters()?
and i did not find getFilters in cfg. thank you very much.

🎯 Expected Behavior

find the taint convertToRoute()-> getFilters()->loadGatewayFilters() in spring-cloud-gateway-server-3.1.0.jar

🐛 Current Behavior

find the taint convertToRoute()-> getFilters() in spring-cloud-gateway-server-3.1.0.jar

🔄 Reproducible Example

No response

⚙️ Tai-e Arguments

optionsFile: null
printHelp: false
classPath: []
appClassPath:

• //spring-cloud-gateway-server-3.1.0.jar
  #mainClass: BOOT-INF.classes.pl.wya.springgatewaydemo.SpringGatewayDemoApplication
  inputClasses: []
  javaVersion: 8
  prependJVM: false
  allowPhantom: true
  worldBuilderClass: pascal.taie.frontend.soot.SootWorldBuilder
  outputDir: output
  preBuildIR: false
  worldCacheMode: false
  scope: ALL
  nativeModel: true
  planFile: null
  analyses:
  ir-dumper: ;
  pta: cs:ci;implicit-entries:false;distinguish-string-constants:null;reflection-inference:solar;taint-config:java-benchmarks/log4j/2.14.0/taint-config.yml;reflection-log:java-benchmarks/log4j/2.14.0/refl.log; #dump-ci:true;
  onlyGenPlan: false
  keepResult:
• $KEEP-ALL

📜 Tai-e Log

19:00:05: Executing ':Main.main()'...

Task :buildSrc:checkKotlinGradlePluginConfigurationErrors
Task :buildSrc:generateExternalPluginSpecBuilders UP-TO-DATE
Task :buildSrc:extractPrecompiledScriptPluginPlugins UP-TO-DATE
Task :buildSrc:compilePluginsBlocks UP-TO-DATE
Task :buildSrc:generatePrecompiledScriptPluginAccessors UP-TO-DATE
Task :buildSrc:generateScriptPluginAdapters UP-TO-DATE
Task :buildSrc:compileKotlin UP-TO-DATE
Task :buildSrc:compileJava NO-SOURCE
Task :buildSrc:compileGroovy NO-SOURCE
Task :buildSrc:pluginDescriptors UP-TO-DATE
Task :buildSrc:processResources UP-TO-DATE
Task :buildSrc:classes UP-TO-DATE
Task :buildSrc:jar UP-TO-DATE
Task :compileJava UP-TO-DATE
Task :processResources UP-TO-DATE
Task :classes UP-TO-DATE
Task :checkstyleMain UP-TO-DATE

Task :Main.main()
Tai-e starts ...
Output directory: /apache/taie/Tai-e/output
Writing options to /apache/taie/Tai-e/output/options.yml
Writing log to /apache/taie/Tai-e/output/tai-e.log
java.version: 17.0.13
java.version.date: 2024-10-15
java.runtime.version: 17.0.13+11-LTS
java.vendor: Amazon.com Inc.
java.vendor.version: Corretto-17.0.13.11.1
os.name: Mac OS X
os.version: 12.3
os.arch: aarch64
Tai-e Version: 0.5.1-SNAPSHOT
Tai-e Commit: 9eb966e
Writing analysis plan to output/tai-e-plan.yml
WorldBuilder starts ...
Scanning /lib/spring-cloud-gateway-server-3.1.0.jar ... 330 classes
Warning: main class was not given!
7376 classes with 66436 methods in the world
WorldBuilder finishes, elapsed time: 2.71s
ir-dumper starts ...
Dumping IR in /apache/taie/Tai-e/output/tir
7376 classes in scope (ALL) of class analyses
ir-dumper finishes, elapsed time: 20.41s
pta starts ...
Using reflection log from //apache/taie/Tai-e/java-benchmarks/log4j/2.14.0/refl.log
Reflective target '<org.apache.logging.log4j.core.config.LoggerConfig$RootLogger: org.apache.logging.log4j.core.config.LoggerConfig createLogger(java.lang.String,org.apache.logging.log4j.Level,java.lang.String,org.apache.logging.log4j.core.config.AppenderRef[],org.apache.logging.log4j.core.config.Property[],org.apache.logging.log4j.core.config.Configuration,org.apache.logging.log4j.core.Filter)>' for Method.invoke is not found
Reflective target '<org.apache.logging.log4j.core.config.LoggersPlugin: org.apache.logging.log4j.core.config.Loggers createLoggers(org.apache.logging.log4j.core.config.LoggerConfig[])>' for Method.invoke is not found
Reflective target '<org.apache.logging.log4j.core.pattern.MessagePatternConverter: org.apache.logging.log4j.core.pattern.MessagePatternConverter newInstance(org.apache.logging.log4j.core.config.Configuration,java.lang.String[])>' for Method.invoke is not found
Reflective caller class 'org.apache.logging.log4j.core.config.plugins.visitors.PluginElementVisitor' is absent
Loading taint config from /apache/taie/Tai-e/java-benchmarks/log4j/2.14.0/taint-config.yml
Cannot find taint-transfer method '<org.apache.logging.log4j.message.ReusableMessageFactory: org.apache.logging.log4j.message.Message newMessage(java.lang.String)>'
Cannot find taint-transfer method '<org.apache.logging.log4j.core.impl.ReusableLogEventFactory: org.apache.logging.log4j.core.LogEvent createEvent(java.lang.String,org.apache.logging.log4j.Marker,java.lang.String,org.apache.logging.log4j.Level,org.apache.logging.log4j.message.Message,java.util.List,java.lang.Throwable)>'
Cannot find taint-transfer method '<org.apache.logging.log4j.core.impl.MutableLogEvent: void formatTo(java.lang.StringBuilder)>'
TaintConfig:
sources:

• { kind: "param", method: "<org.springframework.cloud.gateway.route.RouteDefinitionRouteLocator: org.springframework.cloud.gateway.route.Route convertToRoute(org.springframework.cloud.gateway.route.RouteDefinition)>", index: "0", type: "org.springframework.cloud.gateway.route.RouteDefinition" }

sinks:

• { method: "<org.springframework.cloud.gateway.route.RouteDefinitionRouteLocator: java.util.List loadGatewayFilters(java.lang.String,java.util.List)>", index: "1" }

transfers:

• { method: "<java.lang.StringBuilder: void (java.lang.String)>", from: "0", to: "base", type: "java.lang.StringBuilder" }
• { method: "<java.lang.StringBuilder: java.lang.String substring(int,int)>", from: "base", to: "result", type: "java.lang.String" }
• { method: "<java.lang.StringBuilder: void getChars(int,int,char[],int)>", from: "base", to: "2", type: "char[]" }
• { method: "<java.lang.String: java.lang.String substring(int)>", from: "base", to: "result", type: "java.lang.String" }
• { method: "<java.lang.String: void (char[],int,int)>", from: "0", to: "base", type: "java.lang.String" }
• { method: "<java.util.ArrayList: void (java.util.Collection)>", from: "0", to: "base", type: "java.util.List" }
• { method: "<org.springframework.cloud.gateway.route.RouteDefinition: java.util.List getFilters()>", from: "base", to: "result", type: "java.util.List" }

callSiteMode: true

[Pointer analysis] elapsed time: 1.97s
Detected 0 taint flow(s):
TFGDumper starts ...
Source nodes:
VarNode{<org.springframework.cloud.gateway.route.RouteDefinitionRouteLocator: org.springframework.cloud.gateway.route.Route convertToRoute(org.springframework.cloud.gateway.route.RouteDefinition)>/routeDefinition}
Sink nodes:
Dumping /apache/taie/Tai-e/output/taint-flow-graph.dot
TFGDumper finishes, elapsed time: 0.44s
-------------- Pointer analysis statistics: --------------
#var pointers: 5,5774 (insens) / 5,5774 (sens)
#objects: 5232 (insens) / 5232 (sens)
#var points-to: 112,9992 (insens) / 112,9992 (sens)
#static field points-to: 1736 (sens)
#instance field points-to: 14,4000 (sens)
#array points-to: 1,1631 (sens)
#reachable methods: 8015 (insens) / 8015 (sens)
#call graph edges: 4,2824 (insens) / 4,2825 (sens)

pta finishes, elapsed time: 3.39s
Tai-e finishes, elapsed time: 26.66s

Deprecated Gradle features were used in this build, making it incompatible with Gradle 9.0.

You can use '--warning-mode all' to show the individual deprecation warnings and determine if they come from your own scripts or plugins.

For more on this, please refer to https://docs.gradle.org/8.10/userguide/command_line_interface.html#sec:command_line_warnings in the Gradle documentation.

BUILD SUCCESSFUL in 28s
14 actionable tasks: 2 executed, 12 up-to-date
19:00:33: Execution finished ':Main.main()'.

ℹ️ Additional Information

[xiziyunqi105]

spring-cloud-gateway-server-3.1.0.jar.zip