Szelethus added a comment. In D73536#1845031 <https://reviews.llvm.org/D73536#1845031>, @NoQ wrote:
> > Describing value constraints in the taint config file is unfeasible. > > This is the only correct way to go, because, as you yourself point out, every > sink function (or other use of tainted value) does indeed have different > constraint requirements. Over the last couple months I've been pretty conflicted on config files. While I see that it is the correct solution, I also fear that just like attributes, they require tedious work to set up and maintain. With that said, its been a while since I've evaluated analyses that had taint analysis in the focus, so I have no concrete data on whether its worth trying to reduce their count, though I suspect they wouldn't show the entire picture, as very few checkers utilize taintedness. > What exactly is preventing you from describing value constraints in the > config file? This sounds like moving, or even worse duplicating the same checks both in a tool-specific config file and in the code. I sympathize with this as well: > int idx; > scanf("%d", &idx); > > if (idx < 0 || 42 < idx) { // tainted > return -1; > } > mySink(idx); // Warning {{Untrusted data is passed to a user-defined sink}} > return idx; > > Even though we know at the point of `mySink` is called we know that `idx` is > properly constrained, `mySink` will emit warning since `idx` holds tainted > value. This is valid, and I totally see how we can't possibly remove the taint (or in other words, prove to the analyzer that we properly checked the value) before passing it into a sink (as I understand it). In summary, I think making decision like this is maybe a bit premature before we have some more results. It would be interesting to see what happens on larger projects once more checkers utilize taintedness, and act proactively, because > Checking the wrong requirements is a very common source of security issues > and we cannot afford destroying our ability to catch them. Repository: rG LLVM Github Monorepo CHANGES SINCE LAST ACTION https://reviews.llvm.org/D73536/new/ https://reviews.llvm.org/D73536 _______________________________________________ cfe-commits mailing list cfe-commits@lists.llvm.org https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits