search

microsoft / infersharp

Infer# is an interprocedural and scalable static code analyzer for C#. Via the capabilities of Facebook's Infer, this tool detects null dereferences, resource leaks, and thread-safety violations. It also performs taint flow tracking to detect critical security vulnerabilities like SQL injections.
MIT License
727 stars 29 forks source link

Redo Test Examples for 1.4 #159

Closed matjin closed 1 year ago

matjin commented 1 year ago

This PR adds a thread safety violation example, redoes the Resource Leak tests for the implementation of Pulse Resource Leaks, and also adds a Taint example identifying SQL injections using Pulse. It also updates all the projects to .NET 6.0.

xi-liu-ds commented 1 year ago

Overall it looks good. My general suggestion is we can add a README to explain all the errors that supposed to found in these examples.

matjin commented 1 year ago

Overall it looks good. My general suggestion is we can add a README to explain all the errors that supposed to found in these examples.

Are you thinking maybe better comments? I feel like a separate README might create distraction.

xi-liu-ds commented 1 year ago

Overall it looks good. My general suggestion is we can add a README to explain all the errors that supposed to found in these examples.

Are you thinking maybe better comments? I feel like a separate README might create distraction.

Yeah, that is a good idea to comment explanations inline as docstrings.

matjin commented 1 year ago

I've added comments documenting everything.