Test remove Kotlin lambda propagation sanitizer

Summary: More detailed examples in D60124518. Model originally added in D32529020 (the motivating example has been added to marianabench). Basically, lambda inits are where captures get stored into the fields of the anonymous class, which tends to result in over-tainting "this". Hence, the sanitizer was added to avoid false positives. On hindsight, this feels like over-sanitizing since *all* lambda capture taint gets dropped. Also, looking at the (false positive) issues found as a result of this change, it generally happens due to widening. Some classes have too many tainted fields, but that can be filtered using the "via-widening" feature. RFC on whether we should remove the sanitizer. Personally in favor of it for the reason above, and I think it would make T180943881 (Kotlin invoke FNs) a no-op. More context: Have been able to repro and address the FN in the task with D60413999. Reviewed By: GerbenJavado Differential Revision: D60142074 fbshipit-source-id: 022b003eb4f96b7198a465c17858e4f69eda6df2
facebook · Jul 30, 2024 · 05babca · 05babca
1 parent 2770a1f
commit 05babca
Showing 1 changed file with 0 additions and 26 deletions.
diff --git a/configuration/model-generators/sanitizers/CommonSanitizers.models b/configuration/model-generators/sanitizers/CommonSanitizers.models
@@ -42,32 +42,6 @@
           "no-join-virtual-overrides"
         ]
       }
-    },
-    {
-      "find": "methods",
-      "where": [
-        {
-          "constraint": "name",
-          "pattern": "<init>"
-        },
-        {
-          "constraint": "parent",
-          "inner": {
-            "constraint": "extends",
-            "inner": {
-              "constraint": "name",
-              "pattern": "Lkotlin/jvm/internal/Lambda;"
-            }
-          }
-        }
-      ],
-      "model": {
-        "sanitizers": [
-          {
-            "sanitize": "propagations"
-          }
-        ]
-      }
     }
   ]
 }