Skip to content

Introduce shared taint tracking library #13881

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 9 commits into from
Aug 21, 2023
Merged

Introduce shared taint tracking library #13881

merged 9 commits into from
Aug 21, 2023

Conversation

jketema
Copy link
Contributor

@jketema jketema commented Aug 3, 2023

No description provided.

@github-actions github-actions bot added the C++ label Aug 3, 2023
@aschackmull
Copy link
Contributor

A few stylistic comments, otherwise mostly LGTM.

github-advanced-security[bot]
github-advanced-security bot found potential problems Aug 4, 2023
View reviewed changes
shared/dataflow/codeql/dataflow/TaintTracking.qll
private import DataFlowMake<DataFlowLang> as DataFlow
private import MakeImpl<DataFlowLang> as DataFlowInternal

private module AddTaintDefaults<DataFlowInternal::FullStateConfigSig Config> implements

Check warning

Code scanning / CodeQL

Data flow configuration module naming

Modules implementing a data flow configuration should end in `Config`.
shared/dataflow/codeql/dataflow/TaintTracking.qll
* Constructs a global taint tracking computation.
*/
module Global<DataFlow::ConfigSig Config> implements DataFlow::GlobalFlowSig {
private module Config0 implements DataFlowInternal::FullStateConfigSig {

Check warning

Code scanning / CodeQL

Data flow configuration module naming

Modules implementing a data flow configuration should end in `Config`.
shared/dataflow/codeql/dataflow/TaintTracking.qll
import Config
}

private module C implements DataFlowInternal::FullStateConfigSig {

Check warning

Code scanning / CodeQL

Data flow configuration module naming

Modules implementing a data flow configuration should end in `Config`.
shared/dataflow/codeql/dataflow/TaintTracking.qll
* Constructs a global taint tracking computation using flow state.
*/
module GlobalWithState<DataFlow::StateConfigSig Config> implements DataFlow::GlobalFlowSig {
private module Config0 implements DataFlowInternal::FullStateConfigSig {

Check warning

Code scanning / CodeQL

Data flow configuration module naming

Modules implementing a data flow configuration should end in `Config`.
shared/dataflow/codeql/dataflow/TaintTracking.qll
import Config
}

private module C implements DataFlowInternal::FullStateConfigSig {

Check warning

Code scanning / CodeQL

Data flow configuration module naming

Modules implementing a data flow configuration should end in `Config`.
@aschackmull
Copy link
Contributor

aschackmull commented Aug 4, 2023
edited by jketema
Loading

LGTM now. Although, preferably we'll switch all languages in one go, so we don't have a mix of shared lib usage and parameterised modules.

@jketema
Copy link
Contributor Author

jketema commented Aug 4, 2023

LGTM now. Although, preferably we'll switch all languages in one go, so we don't have a mix of shared lib usage and parameterised modules.

That is the plan (as part of this PR). I only did C++ first, because I wanted to know if the approach was good.

@aschackmull
Copy link
Contributor

Beware that you have an incoming merge conflict in #13851

@jketema
Copy link
Contributor Author

jketema commented Aug 4, 2023

Beware that you have an incoming merge conflict in #13851

I'll rebase this PR and then kick off all the DCAs.

@jketema jketema force-pushed the shared-taint-tracking branch from 9f12a4e to c4a65e5 Compare August 4, 2023 20:53
@jketema
Copy link
Contributor Author

jketema commented Aug 7, 2023

I sightly refactored this to follow #13901

@jketema
Copy link
Contributor Author

jketema commented Aug 7, 2023
edited
Loading

@aschackmull I'm slightly confused by the DCA results. I see OOMs in Java (which seem to be sort of expected), C# and C++. I tried the C++ and C# OOM'ing projects on larger runners to see if there are any suspicious tuple counts stage timings. I see slightly slower stage timings, in a few cases but nothing really jumps out to me.

I re-ran the DCA experiments (which was before the OOM-related revert we did yesterday). All DCA results look uneventful to me, except for the Java ones which show a large number of OOMs. Let me know if I should re-run those with the OOM-related revert.

@jketema jketema marked this pull request as ready for review August 18, 2023 08:40
@jketema jketema requested review from a team as code owners August 18, 2023 08:40
hvitved
hvitved previously approved these changes Aug 21, 2023
View reviewed changes
Copy link
Contributor

@hvitved hvitved left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM 🎉

RasmusWL
RasmusWL approved these changes Aug 21, 2023
View reviewed changes
Copy link
Member

@RasmusWL RasmusWL left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👍 for Python

@jketema jketema merged commit 2d0f73d into github:main Aug 21, 2023
@jketema jketema deleted the shared-taint-tracking branch August 21, 2023 10:45
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@RasmusWL RasmusWL RasmusWL approved these changes

@MathiasVP MathiasVP MathiasVP approved these changes

@aschackmull aschackmull aschackmull approved these changes

@hvitved hvitved hvitved left review comments

Assignees
No one assigned
Labels
C# C++ documentation Go Java Python Ruby Swift
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@jketema @aschackmull @RasmusWL @hvitved @MathiasVP