Infer# is an interprocedural and scalable static code analyzer for C#. Via the capabilities of Facebook's Infer, this tool detects null dereferences, resource leaks, and thread-safety violations. It also performs taint flow tracking to detect critical security vulnerabilities like SQL injections.
MIT License
727
stars
29
forks
source link
Preload IDisposable Type Environment Prior to Translation #126
This PR embeds a pre-computed type environment in the InferSharp solution consisting of ~7200 IDisposable types across a variety of .NET frameworks including .NET platforms including .NET Core, .NET Framework, Unity, Mono, and Xamarin. These types are loaded prior to translation as a type environment baseline. The impact of this change is that it enables us by default to track and report resource leaks on all of these types.
Additional changes:
-Remove copying of DLLs from run_infersharp.sh, which was intended to provide a limited form of this functionality (but at significantly greater performance cost)
-Adjust types related to the type environment as well as serialization of the type environment, as we had to fix the deserialization from text to type environment object.
This PR embeds a pre-computed type environment in the InferSharp solution consisting of ~7200 IDisposable types across a variety of .NET frameworks including .NET platforms including .NET Core, .NET Framework, Unity, Mono, and Xamarin. These types are loaded prior to translation as a type environment baseline. The impact of this change is that it enables us by default to track and report resource leaks on all of these types.
Additional changes:
-Remove copying of DLLs from run_infersharp.sh, which was intended to provide a limited form of this functionality (but at significantly greater performance cost) -Adjust types related to the type environment as well as serialization of the type environment, as we had to fix the deserialization from text to type environment object.