Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Integration with IoC containers #1

Open
dridi opened this issue Jul 21, 2012 · 0 comments
Open

Integration with IoC containers #1

dridi opened this issue Jul 21, 2012 · 0 comments
Assignees
@SouadHadjiat

Comments

@dridi
Copy link

dridi commented Jul 21, 2012

With IoC containers you may not be able to assert implementations behind interfaces. The code using such interfaces wouldn't be marked as tainted even if it uses a tainted implementation (injected with xml configuration for instance).

If Findbugs allows it, a workaround could be :

  • execute a first pass
    • find a class with a tainted method
    • mark the interfaces tainted and invalidate the pass
  • execute a second pass if the first has been invalidated
    • the code using the tainted interfaces is now marked as such

This could generate a lot of noise if interfaces like Comparable become tainted because of a bad implementation.
It might be a good idea to add configurable include and/or exlude patterns to avoid this.
@ghost ghost assigned SouadHadjiat Sep 10, 2012
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@SouadHadjiat SouadHadjiat

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@SouadHadjiat @dridi