commit | 8957372cdf327922ff87e08e4ac22aabba60684d | [log] [tgz] |
---|---|---|
author | Zvonimir Pavlinovic <zpavlinovic@google.com> | Wed Jun 01 18:36:13 2022 -0700 |
committer | Zvonimir Pavlinovic <zpavlinovic@google.com> | Thu Jun 02 17:42:04 2022 +0000 |
tree | dfc118289f1c5f263f6299228b2230de61bad3be | |
parent | 4bd4888cc0609c2fdddc1eb4e66fa070397d921e [diff] |
vulncheck: remove synthetic nodes from call graph This removes ~20% edges for k8s call graph. It also skips call stacks that go through one level of indirection with wrappers. The reason why this change is correct is as follows. Vulnerability db entries never specify ssa wrappers as dbs are unaware of these. The only type of wrappers applicable are the ones that are generated for calls to pointer receivers where the source defines methods only on value receivers. Vulnerability dbs do not care about this distinction nor do the users, so it should be safe to inline the wrappers. This is exactly what callgraph.DeleteSyntheticNodes does. Change-Id: I2d76c0570d95f78ff4a2463ddf7cd95110fff15c Reviewed-on: https://go-review.googlesource.com/c/vuln/+/410054 Reviewed-by: Jonathan Amsterdam <jba@google.com> Run-TryBot: Zvonimir Pavlinovic <zpavlinovic@google.com> Reviewed-by: Julie Qiu <julieqiu@google.com> TryBot-Result: Gopher Robot <gobot@golang.org>
This repository contains the following:
The code in this repository is under active development and not to be considered stable.
Unless otherwise noted, the Go source files are distributed under the BSD-style license found in the LICENSE file.
Database entries available at https://vuln.go.dev are distributed under the terms of the CC-BY 4.0 license.