Posts tagged data flow
π Emulating Semgrep SAST Pro Taint Mode with Join Mode
- 17 May 2024
Semgrepβs Join Mode[1] is a seldom discussed yet interesting experimental feature of the Semgrep OSS SAST engine which can be used to achieve rudimentary taint interprocedural and interfile analyses. In this snippet I document how to combine one search mode and two join mode rules in order to identify intrafile, intraprocedural, interfile and interprocedural tainted sinks.