1

What tools are necessary for static-analysis taint-based vulnerability detection? For example, being able to find/search source-sink paths through a tainted variable, flexibility to choose flow sensitive/insensitive analysis, etc.

I realize there is no definitive answer, but that doesn't mean your answers are merely opinions; they are informed answers gleaned through application and practice.

RiskyDiablo
  • 11
  • 2
  • This doesn't fix the question. You are still asking an open-ended question where different people will answer based on their own contexts and experience. On this site, there has to be at least a hope of a single, acceptable answer (sometimes different perspectives on answers emerge), but this is inherently asking for broad answers. – schroeder Feb 12 '23 at 13:03
  • Here's an open-ended question with answers based on "their own contexts and experiences". https://security.stackexchange.com/questions/25684/how-can-i-explain-sql-injection-without-technical-jargon. It's a highly scored question. Now I will have to wait for you to convince me this is somehow not open ended, and not opinion based. I'm trying to get the same pragmatic answers as that user. Is part of your status to as well help reformulate my question so it somehow becomes one that is valid, or merely to hit me over the head with bureaucracy? – RiskyDiablo Feb 12 '23 at 23:22
  • That question is 12 years old and it has a hope of a single acceptable answer; one best explanation. As I said, your question depends a lot on context and you are asking for broad answers. I don't need to convince you of anything, and I have not hit your over the head with anything. I'm merely explaining. – schroeder Feb 13 '23 at 00:23
  • If someone provides a thorough set of static analysis features, it definitely does have hope for a single acceptable answer. I think you are being a nitpicky pusher of your arbitrary assumption of what this question may yield as an answer. You have no ability to prove that what you are saying is true. Let the question through and embarrass me with the outcome, why don't you? As well, I think you would do this website a service if you helped me reformulate the question so it can bypass your stubborn mental block. – RiskyDiablo Feb 19 '23 at 19:43
  • You've attacked me personally in every comment while being confrontational. Stop. This is your only warning. Yes, I can help reformulate answers, but there is no formulation that will help here. Your question is inherently open-ended. If you want an open discussion, there are other places on the Internet for that. What makes this site different is the Q&A nature of things. Not all questions are a good fit here. Note also that it is not just my opinion. I was only alerted to this question by other expert members of the site. – schroeder Feb 19 '23 at 20:20
  • What is the significance of two or more people in the same role believing the same thing? It means they are both pushing the same law, not that they are both right. You sir are stuck in a strange Maya of rules and regulations. All vocalizations in life are personal. This question is less subjective than you claim; the particular theme does not target wide subject matter. There are only a handful of characteristics owed to a given taint-based static analysis, and the answer that best culminates them would easily take victory. I wish you satisfaction in this banal and useless exchange. – RiskyDiablo Feb 19 '23 at 20:40
  • The 3 people are not in the same role. There is no law. There is no "stuck". Vocalisations are not attacks. This is not an exchange; I am explaining and you are flailing and attacking. Just move on. – schroeder Feb 19 '23 at 20:56

0 Answers0