Revisit tests involving source interface propagation about go-flow-levee HOT 3 OPEN

The "superfluous" configuration element is in */levee/*, not */config/*.

The relevant test case is:

func TestMethodCallOnStaticallyUnknownReceiverPropagatesTaint(sm core.SourceManipulator, s core.Source) {
	data := sm.Propagate(s.Data)
	core.Sink(data) // want "a source has reached a sink"
}

The intent of the test is to validate that taint propagates via the argument when SourceManipulator is identified as a source type. In #264, originally this was not the case and the test was failing.

When SourceManipulator isn't identified as a source type, the propagation behavior for methods on non-source types is observed, but that's not what the test is interested in.

So the config element is actually needed.

from go-flow-levee.

Just looking at it from a fuzzing perspective, there needs to be some test that relies on that piece of the configuration. Otherwise, we don't really know what codepath this test is taking. Is it testing what you think it is, or is it handling it in the non-source way?

I suppose this overlaps a bit with #272, since this was introduced before we had a firm idea of how we wanted to handle interfaces. We can't really add core.Sink(sm.Produce()) // want "a source has reached a sink" since those methods aren't handled yet.

from go-flow-levee.

I agree. Currently I don't have a good idea for how to do that, though. If you have any ideas, let me know.

from go-flow-levee.