search

awslabs / ar-go-tools

ar-go-tools (Argot) is a collection of analysis tools for Go
Apache License 2.0
5 stars 1 forks source link

Model Capabilities in the Analyses #45

Closed samarth-aws closed 3 months ago

samarth-aws commented 7 months ago

Google's new capslock tool contains the ability to reason about the "capabilities" of various functions and packages in the Go standard library. It would be nice if we could have the dataflow analyses reason about these same capabilities to be able to prove more powerful propositions.

For example, a possible proposition that can be proven via the taint analysis is: "no data that is read from a network can be used to modify the system state or file system". Without the capabilities feature, you would have to manually list every possible function/method/interface that can perform a network read or modify the system state.

Example config file:

taint-tracking-problems:
  -
    sources:
      - capability: "NETWORK"
    sinks:
      - capability: "FILES"
      - capability: "MODIFY_SYSTEM_STATE"
victornicolet commented 7 months ago

That sounds good. We can also combine capability with the other code identifier fields, for example I think it would make sense to add a package name, or the context.

For example:

taint-tracking-problems:
  -
    sources:
      - context: "customerDataHandlingPackage"
         capability: "NETWORK"
    sinks:
      - package: "logging"
         capability: "FILES"
      - capability: "MODIFY_SYSTEM_STATE"

to only view functions used in the fictional "customerDataHandlingPackage" with NETWORK capacity as sources, but if functions with NETWORK capability are called somewhere else, this is fine. Then the other refinement would mean the functions defined in logging that handle files are sinks.

github-actions[bot] commented 4 months ago

Stale issue message