Tai-e icon indicating copy to clipboard operation
Tai-e copied to clipboard
verified publisher icon pascal-lab

Can we find the source point through annotations? For example, I would like to use the parameter of the method with RequestMapping annotation as the source point

Open SEC-fsq opened this issue 2 years ago • 1 comments

Clear and concise description of the problem

Can we find the source point through annotations? For example, I would like to use the parameter of the method with RequestMapping annotation as the source point

Impact Analysis

No response

Suggested Solution

No response

Alternative

No response

Intention to submit PR

No

Additional Context

No response

SEC-fsq avatar Jan 24 '24 04:01 SEC-fsq

Unfortunately, there is currently no direct support. Current workaround is to implement the Plugin or modify Tai-e's source code to achieve a high level of customization.

zhangt2333 avatar Jan 24 '24 04:01 zhangt2333

The taint rules with programmatic configuration support are now available in v0.5.1.

It allows you to scan the annotations in the IR for elements annotated with @RequestMapping and create taint rules for them without having to predefine the taint analysis rules in config files.

For details on usages, please refer to our documentation on programmatic taint configuration.

zhangt2333 avatar Dec 31 '24 08:12 zhangt2333