Skip to content
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
5 changes: 5 additions & 0 deletions .jules/sentinel.md
Original file line number Diff line number Diff line change
Expand Up @@ -7,3 +7,8 @@
**Vulnerability:** The static analyzer was missing `yaml.unsafe_load` and `yaml.full_load` in its `_SERIALISATION_SINKS` mapping, potentially leading to false negatives when tracking untrusted data flowing into these dangerous deserialization functions.
**Learning:** Even if functions are listed in rule specifications (like `_SINK_SPECS`), they also need to be properly categorized in the core taint propagation logic (`_SERIALISATION_SINKS`) to ensure the analyzer correctly sheds validation provenance (converting output to `UNKNOWN_RAW`).
**Prevention:** When adding new sinks to rule definitions, always verify if they need to be added to core propagation mappings like `_SERIALISATION_SINKS` or `_PROPAGATING_BUILTINS`.

## 2026-06-25 - [Add Additional Unsafe Deserializers to Taint Tracking]
**Vulnerability:** The static analyzer was missing several unsafe deserialization functions (`dill.load`, `jsonpickle.decode`, `torch.load`, `shelve.open`, `joblib.load`, `pickle.Unpickler.load`) in its `_SERIALISATION_SINKS` mapping.
**Learning:** Functions that are conditionally safe like `numpy.load` (safe without `allow_pickle=True`) shouldn't be added to universal static block lists without context if it would create false positives, but functions that represent deserialization flows still need inclusion to shed provenance.
Comment on lines +12 to +13
**Prevention:** Double check that added rules reflect in taint propagation lists unless there's a specific reason, and verify negative test cases to make sure we don't accidentally leak untrusted output.
7 changes: 7 additions & 0 deletions src/wardline/scanner/taint/variable_level.py
Original file line number Diff line number Diff line change
Expand Up @@ -42,6 +42,13 @@
# wins.)
_SERIALISATION_SINKS: frozenset[str] = frozenset(
{
"dill.load",
"dill.loads",
Comment on lines +45 to +46
"jsonpickle.decode",
"joblib.load",
"torch.load",
"shelve.open",
"pickle.Unpickler.load",
"json.dumps",
"json.dump",
"json.loads",
Expand Down