Describe the Problem
LS XIV would like to identify Maven libraries that are potential candidates for dynamic taint analysis. There is a number of characteristics to identify such libraries:
Must be a WebApp, i.e. must result in / contribute to HttpServlets / Spring Boot
Must use a relevant API, i.e. one that migth be a sink. Currently, the File API (Path Traversal), Process Builder (Command Injection) and SQL API (SQL Injection) are of interest.
Describe the solution you'd like
Implement a static analysis that detects whether the above-mentioned conditions hold for a given library (and it's set of transitive dependencies). In a next step, it would be good to know a set of entrypoints that could lead to the potential sinks, and the types of sinks present in the library.
This further requires some heuristics on what to index / analyze first.
Describe the Problem LS XIV would like to identify Maven libraries that are potential candidates for dynamic taint analysis. There is a number of characteristics to identify such libraries:
Describe the solution you'd like Implement a static analysis that detects whether the above-mentioned conditions hold for a given library (and it's set of transitive dependencies). In a next step, it would be good to know a set of entrypoints that could lead to the potential sinks, and the types of sinks present in the library.
This further requires some heuristics on what to index / analyze first.