Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Evaluate Tainting Checker from Checker Framework #16

Open
alexander-yevsyukov opened this issue Dec 4, 2021 · 1 comment
Open

Evaluate Tainting Checker from Checker Framework #16

alexander-yevsyukov opened this issue Dec 4, 2021 · 1 comment
Labels
enhancement New feature or request

Comments

@alexander-yevsyukov
Copy link
Collaborator

https://checkerframework.org/manual/#tainting-checker

What the Checker Framework offers is closely related to Validation, but on a deeper level of security. It's an interesting and useful feature we need to consider.

@alexander-yevsyukov alexander-yevsyukov added the enhancement New feature or request label Dec 4, 2021
@alexander-yevsyukov
Copy link
Collaborator Author

In 2021.3 version IDEA provided the inspection which handles tainted annotations:

IntelliJ IDEA has added a new inspection “Non-safe string passed to a safe method”, which helps avoid passing insecure data to secure methods in projects that use the org.checkerframework.checker.tainting.qual annotations. Problems that could be detected by this inspection include SQL injections and XSS flaws.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
enhancement New feature or request
Projects
None yet
Development

No branches or pull requests

1 participant