You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Hello, I have been interested in Infer's taint defect analysis, but I found that since the 0.15 version, I have not analyzed the results of many test cases, of course, including infer's own, such as the one I mentioned before IOS defect analysis, and the annotation analysis, now only retains the annotation to the path reachable, and there is no analysis of single annotations and sink(such as @PrivacySourc to java.sql.Statement.execute), for example, infer tests-case taintExample.java @PrivacySource String mPrivacySource;
@PrivacySource String sPrivacySource;
Public void testPrivacySourceInstanceFieldAnnot_FN() {
String source = mPrivacySource;
InferTaint.inferSensitiveSinkUndefined(source); // should report
}
} There is no such analysis since 0.13 version.
This kind of analysis is very useful for analyzing taint annotations. Will Infer be improved afterwards to add these functions alive? I found some information by comparing the historical versions. I wanted to try to recover, but the flexibility of ocmal and its loose syntax are a huge challenge for me, so I would like to ask for help or advice, thank you.
The text was updated successfully, but these errors were encountered:
Hello, I have been interested in Infer's taint defect analysis, but I found that since the 0.15 version, I have not analyzed the results of many test cases, of course, including infer's own, such as the one I mentioned before IOS defect analysis, and the annotation analysis, now only retains the annotation to the path reachable, and there is no analysis of single annotations and sink(such as @PrivacySourc to java.sql.Statement.execute), for example, infer tests-case taintExample.java @PrivacySource String mPrivacySource;
@PrivacySource String sPrivacySource;
Public void testPrivacySourceInstanceFieldAnnot_FN() {
String source = mPrivacySource;
InferTaint.inferSensitiveSinkUndefined(source); // should report
}
} There is no such analysis since 0.13 version.
This kind of analysis is very useful for analyzing taint annotations. Will Infer be improved afterwards to add these functions alive? I found some information by comparing the historical versions. I wanted to try to recover, but the flexibility of ocmal and its loose syntax are a huge challenge for me, so I would like to ask for help or advice, thank you.
The text was updated successfully, but these errors were encountered: