Skip to content

feat(taint): Implement intra-procedural taint propagation #346

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
shivasurya merged 1 commit into from
Nov 4, 2025
Merged

feat(taint): Implement intra-procedural taint propagation #346

shivasurya merged 1 commit into from
Nov 4, 2025

Conversation

@shivasurya
Copy link
Owner

@shivasurya shivasurya commented Nov 4, 2025
edited
Loading

Implements forward taint analysis for intra-procedural flows.

  • Track taint from sources (request.GET, os.getenv) to sinks (eval, exec)
  • Assignment & call propagation with confidence decay
  • Stdlib integration with hardcoded patterns
  • 100% coverage on core algorithm

Stacked on PR #3.

🤖 Generated with Claude Code

@shivasurya shivasurya mentioned this pull request Nov 4, 2025
Merged
@shivasurya Graphite App
Copy link
Owner Author

shivasurya commented Nov 4, 2025
edited
Loading

This stack of pull requests is managed by Graphite. Learn more about stacking.

This was referenced Nov 4, 2025
Merged
Merged
@codecov
Copy link

codecov bot commented Nov 4, 2025
edited
Loading

Codecov Report

❌ Patch coverage is 92.42424% with 10 lines in your changes missing coverage. Please review.
✅ Project coverage is 76.29%. Comparing base (b6cfaf7) to head (e79e232).
⚠️ Report is 1 commits behind head on main.

Files with missing lines Patch % Lines
sourcecode-parser/graph/callgraph/taint.go 92.42% 5 Missing and 5 partials ⚠️
Additional details and impacted files 
@@            Coverage Diff             @@
##             main     #346      +/-   ##
==========================================
+ Coverage   75.93%   76.29%   +0.35%     
==========================================
  Files          50       51       +1     
  Lines        5964     6096     +132     
==========================================
+ Hits         4529     4651     +122     
- Misses       1244     1249       +5     
- Partials      191      196       +5

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@shivasurya shivasurya marked this pull request as ready for review November 4, 2025 00:59
@safedep
Copy link

safedep bot commented Nov 4, 2025
edited
Loading

SafeDep Report Summary

Green Malicious Packages Badge Green Vulnerable Packages Badge Green Risky License Badge

No dependency changes detected. Nothing to scan.

This report is generated by SafeDep Github App

@shivasurya shivasurya self-assigned this Nov 4, 2025
@shivasurya shivasurya added enhancement New feature or request go Pull requests that update go code labels Nov 4, 2025
This was referenced Nov 4, 2025
Merged
Merged
@shivasurya Graphite App
Copy link
Owner Author

shivasurya commented Nov 4, 2025
edited
Loading

Merge activity

  • Nov 4, 1:51 AM UTC: A user started a stack merge that includes this pull request via Graphite.
  • Nov 4, 1:56 AM UTC: Graphite rebased this pull request as part of a merge.
  • Nov 4, 1:57 AM UTC: @shivasurya merged this pull request with Graphite.

@shivasurya shivasurya changed the base branch from feat/intra-procedural-dataflow-pr3-defuse-chains to graphite-base/346 November 4, 2025 01:54
@shivasurya shivasurya changed the base branch from graphite-base/346 to main November 4, 2025 01:55
@shivasurya @claude
feat(taint): Implement intra-procedural taint propagation
e79e232 
Core taint analysis algorithm:
- Forward data flow analysis tracking taint from sources to sinks
- Assignment propagation (y = x)
- Call propagation with confidence decay (y = func(x))
- Stdlib integration (os.getenv, html.escape, etc.)
- Sanitizer support

Testing:
- 15+ comprehensive tests
- 100% coverage on AnalyzeIntraProceduralTaint
- Source-to-sink detection validated

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <[email protected]>
@shivasurya shivasurya force-pushed the feat/intra-procedural-dataflow-pr4-taint-propagation branch from faff1cf to e79e232 Compare November 4, 2025 01:56
@shivasurya shivasurya merged commit aa72685 into main Nov 4, 2025
3 checks passed
@shivasurya shivasurya deleted the feat/intra-procedural-dataflow-pr4-taint-propagation branch November 4, 2025 01:57
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@shivasurya shivasurya

Labels

enhancement New feature or request go Pull requests that update go code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@shivasurya