Display TaintConfig Error locations when available #739
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
abishekvashok
force-pushed
the
show-client-numbers
branch
from
99647a2
to
265ae7c
Compare
Display TaintConfigurationError locations when available. The Ocaml binary now returns positions after Github PR: facebook#734 (commit 59d2cf0). Parse and print when the location(s) are available. Adds test for the same and updates two existing ones. Signed-off-by: Abishek V Ashok <[email protected]>
abishekvashok
force-pushed
the
show-client-numbers
branch
from
265ae7c
to
6b1d342
Compare
2 tasks
arthaud
approved these changes
Jul 19, 2023
Comment on lines
+170
to
+171
| error_location = error_json["location"] | ||
| if error_location is not None: |
There was a problem hiding this comment.
Just to confirm: does that mean that we export something like "location": null when we don't have a location? That's a bit odd, I would just expect to not have the key.
There was a problem hiding this comment.
Yes making the key not be present would be much more ideal :) would require changes to the binary though. Will make those changes :)
|
@arthaud has imported this pull request. If you are a Meta employee, you can view this diff on Phabricator. |
arthaud
approved these changes
Jul 19, 2023
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Pre-submission checklist
pip install -r requirements-dev.txt && pre-commit installpre-commit runSummary
Display TaintConfigurationError locations when available. The Ocaml binary now returns positions after Github PR: #734 (commit 59d2cf0). Parse and print when the location(s) are available.
Test Plan
Invocation command in all of the below:
python3 -m pyre-check.client.pyre analyze --no-verifyfaultytaint.config: (modifydocumentation/pysa_tutorial/exercise1){ "sources": [ { "name": "CustomUserControlled", "comment": "use to annotate user input" } ], "sinks": [ { "name": "CodeExecution", "comment": "use to annotate execution of python code" } ], "features": [], "rules": [ { "name": "Possible RCE:", "code": 5001, "sources": [ "CustomUserControlled" ], "sinks": [ "CodeExecution" ], "message_format": "User specified data may reach a code execution sink" } { "name": "test-duplicate", "code": 5001, "sources": [ "CustomUserControlled" ], "sinks": [ "CodeExecution" ], "message_format": "duplicate" } ] }tox -e pyGithub Actions (pysa action was failing before this PR and is failing due to an unrelated issue - possibly outdated opam cache?)
Fixes part of MLH-Fellowship#82
Signed-off-by: Abishek V Ashok [email protected]