Consider to add taint analysis support

quasilyte / go-ruleguard

Define and run pattern-based custom linting rules.

https://go-ruleguard.github.io/

BSD 3-Clause "New" or "Revised" License

790 stars 42 forks source link

Open quasilyte opened 3 years ago

dgryski commented 3 years ago

https://github.com/praetorian-inc/gokart supports ssa-based taint analysis, and semgrep has experimental support for local analysis.

quasilyte commented 2 years ago

@dgryski have you tried semgrep ssa? Any cool pattern ideas that became possible with this feature?

dgryski commented 2 years ago

I have not played with taint analysis.