From 05babca698071ed305b2b9ab3716649505e56b83 Mon Sep 17 00:00:00 2001 From: Yuh Shin Ong Date: Tue, 30 Jul 2024 13:38:40 -0700 Subject: [PATCH] Test remove Kotlin lambda propagation sanitizer Summary: More detailed examples in D60124518. Model originally added in D32529020 (the motivating example has been added to marianabench). Basically, lambda inits are where captures get stored into the fields of the anonymous class, which tends to result in over-tainting "this". Hence, the sanitizer was added to avoid false positives. On hindsight, this feels like over-sanitizing since *all* lambda capture taint gets dropped. Also, looking at the (false positive) issues found as a result of this change, it generally happens due to widening. Some classes have too many tainted fields, but that can be filtered using the "via-widening" feature. RFC on whether we should remove the sanitizer. Personally in favor of it for the reason above, and I think it would make T180943881 (Kotlin invoke FNs) a no-op. More context: Have been able to repro and address the FN in the task with D60413999. Reviewed By: GerbenJavado Differential Revision: D60142074 fbshipit-source-id: 022b003eb4f96b7198a465c17858e4f69eda6df2 --- .../sanitizers/CommonSanitizers.models | 26 ------------------- 1 file changed, 26 deletions(-) diff --git a/configuration/model-generators/sanitizers/CommonSanitizers.models b/configuration/model-generators/sanitizers/CommonSanitizers.models index 3fe7b6da6..9c45fdb43 100644 --- a/configuration/model-generators/sanitizers/CommonSanitizers.models +++ b/configuration/model-generators/sanitizers/CommonSanitizers.models @@ -42,32 +42,6 @@ "no-join-virtual-overrides" ] } - }, - { - "find": "methods", - "where": [ - { - "constraint": "name", - "pattern": "" - }, - { - "constraint": "parent", - "inner": { - "constraint": "extends", - "inner": { - "constraint": "name", - "pattern": "Lkotlin/jvm/internal/Lambda;" - } - } - } - ], - "model": { - "sanitizers": [ - { - "sanitize": "propagations" - } - ] - } } ] }