Work on this exercise locally
This web app is a reference guide — you can read instructions, browse starter code, and view tests here. To actually complete the exercise, you need to work in your local development environment.
1Clone the repo:
git clone https://github.com/weihaoqu/program-analysis-bootcamp-student2Edit the starter file in your editor (VS Code, Vim, etc.) — replace
failwith "TODO" with your implementation.3Run the tests:
dune runtest modules/module5-security-analysis/exercises/taint-latticeTaint Lattice
The taint lattice
Taint analysis tracks whether data may carry untrusted user input. The lattice has four elements:
Top "may be tainted or untainted -- no info"
/ \
Tainted Untainted "definitely tainted / definitely clean"
\ /
Bot "unreachable"
Key properties:
Botis below everything (identity for join)Topis above everything (identity for meet)TaintedandUntaintedare incomparable -- their join isTop, their meet isBot- This is a finite lattice, so widen = join (no infinite chains)
Starter Files
starter
Test Files
tests
starter/taint_domain.ml
Read-only
Loading editor...
Work on this exercise locally
This web app is a reference guide — you can read instructions, browse starter code, and view tests here. To actually complete the exercise, you need to work in your local development environment.
1Clone the repo:
git clone https://github.com/weihaoqu/program-analysis-bootcamp-student2Edit the starter file in your editor (VS Code, Vim, etc.) — replace
failwith "TODO" with your implementation.3Run the tests:
dune runtest modules/module5-security-analysis/exercises/taint-latticeTaint Lattice
The taint lattice
Taint analysis tracks whether data may carry untrusted user input. The lattice has four elements:
Top "may be tainted or untainted -- no info"
/ \
Tainted Untainted "definitely tainted / definitely clean"
\ /
Bot "unreachable"
Key properties:
Botis below everything (identity for join)Topis above everything (identity for meet)TaintedandUntaintedare incomparable -- their join isTop, their meet isBot- This is a finite lattice, so widen = join (no infinite chains)