You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
If you tell a human to determine whether a vulnerable function is being used they'll almost certainly do the data flow backwards: start by grepping for the vulnerable function, find it in code, and go backwards looking for function calls to the definition.
Is there anything we can gleam for narrow here? Generally humans are using IDEs that already do function reference detection, which are usually forward-propogating analyses, so perhaps not. Still, in theory doing this would reduce how much we have to analyze. Right now we may recurse through imports / function calls in dependencies we don't care about at all.
The text was updated successfully, but these errors were encountered:
If you tell a human to determine whether a vulnerable function is being used they'll almost certainly do the data flow backwards: start by grepping for the vulnerable function, find it in code, and go backwards looking for function calls to the definition.
Is there anything we can gleam for narrow here? Generally humans are using IDEs that already do function reference detection, which are usually forward-propogating analyses, so perhaps not. Still, in theory doing this would reduce how much we have to analyze. Right now we may recurse through imports / function calls in dependencies we don't care about at all.
The text was updated successfully, but these errors were encountered: