Comments (3)
The "superfluous" configuration element is in */levee/*
, not */config/*
.
The relevant test case is:
func TestMethodCallOnStaticallyUnknownReceiverPropagatesTaint(sm core.SourceManipulator, s core.Source) {
data := sm.Propagate(s.Data)
core.Sink(data) // want "a source has reached a sink"
}
The intent of the test is to validate that taint propagates via the argument when SourceManipulator
is identified as a source type. In #264, originally this was not the case and the test was failing.
When SourceManipulator
isn't identified as a source type, the propagation behavior for methods on non-source types is observed, but that's not what the test is interested in.
So the config element is actually needed.
from go-flow-levee.
Just looking at it from a fuzzing perspective, there needs to be some test that relies on that piece of the configuration. Otherwise, we don't really know what codepath this test is taking. Is it testing what you think it is, or is it handling it in the non-source way?
I suppose this overlaps a bit with #272, since this was introduced before we had a firm idea of how we wanted to handle interfaces. We can't really add core.Sink(sm.Produce()) // want "a source has reached a sink"
since those methods aren't handled yet.
from go-flow-levee.
I agree. Currently I don't have a good idea for how to do that, though. If you have any ideas, let me know.
from go-flow-levee.
Related Issues (20)
- go core.Sink(source) does not create report
- Handle methods on non-struct source types HOT 2
- Proposal for testdata convention - spoof source root with go.mod to assist IDEs HOT 6
- Improve error reporting when config is missing HOT 2
- Enable exclusion of analysis by filename (rather than only package)
- Improve handling of suppression comments in nested calls
- Implement understanding of formatting verbs
- Support "reverse" propagation through Store instructions
- Determine how/whether we should explicitly enumerate functions that don't propagate taint
- Refine handling of Defer and Go instructions.
- false negative when analyze the url parameters about gin framework HOT 5
- Handle standard library functions in the analysis engine HOT 1
- handle the unify-by-value semantics in the EAR pointer analysis
- Use more advanced call graph in inter-procedural analysis
- Separate the unit-tests for the two taint analyses
- Stack Overflow in internal/pkg/sourcetype/sourcetype.go HOT 3
- `utils.Dereference` can get stuck in an infinite loop
- Generics are not supported by analyzers
- Crashes when analyzing Go 1.19 standard libraries
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from go-flow-levee.