Except you'd never have a good enough dataflow analysis to work on arbitrary cod... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

UncleMeat on Oct 13, 2019 | parent | context | favorite | on: Apple Is Sending URLs to Tencent?

Except you'd never have a good enough dataflow analysis to work on arbitrary code without burying people with false positives. Especially in C++ code, where things like function pointers just destroy call graph precision (and therefore taint analysis precision).

Linting doesn't even give you this much. All it'd be able to tell you is "where in the program are calls to networking APIs being made" and maybe determining parameters if they are defined in the same function as the call.

awinter-py on Oct 13, 2019 [–]

Trial use case: a small FOSS codebase in a pointer-less language. The goal isn't perfect safety, it's to be safer than we are now.

UncleMeat on Oct 16, 2019 | [–]

Feel free to use any of the dozens or hundreds of such tools developed by the academic community and experience the imprecision yourself.

awinter-py on Oct 19, 2019 | | [–]

examples pls

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact