You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I want to refactor detectors using taint analysis to use hash maps and full method names instead of confused and slow conditional statements. It should be very easy to add a new sink and check the existing sinks. I would also put another abstract class between TaintDetector and concrete detectors and make more methods abstract to enable alter the behaviour for concrete injection types for the future improvements. InjectionSource class can be removed - instances of InjectionPoint will be in the map, isCandidate method is obsolete. Injectable method need not to be set and can be replaced by calling methods from FindBugs SignatureConverter. We will also need to modify CustomInjectionDetector.
@h3xstream Do you agree? Can I start to implement this?
The text was updated successfully, but these errors were encountered:
I want to refactor detectors using taint analysis to use hash maps and full method names instead of confused and slow conditional statements. It should be very easy to add a new sink and check the existing sinks. I would also put another abstract class between
TaintDetector
and concrete detectors and make more methods abstract to enable alter the behaviour for concrete injection types for the future improvements.InjectionSource
class can be removed - instances ofInjectionPoint
will be in the map,isCandidate
method is obsolete. Injectable method need not to be set and can be replaced by calling methods from FindBugsSignatureConverter
. We will also need to modifyCustomInjectionDetector
.@h3xstream Do you agree? Can I start to implement this?
The text was updated successfully, but these errors were encountered: