hohn/codeql-dataflow-sql-injection
1
0
Fork 0
mirror of https://github.com/hohn/codeql-dataflow-sql-injection.git synced 2025-12-16 10:13:04 +01:00
Code Issues Packages Projects Releases Wiki Activity
31 Commits 2 Branches 2 Tags
38bc4797257d8df074bc904e62905964d7600e10
Commit Graph

31 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Michael Hohn
38bc479725 The extra flow step 2020-07-22 11:52:29 -07:00
Michael Hohn
12a90e9a54 topic reordering 2020-07-22 10:51:37 -07:00
Michael Hohn
62234f4d55 wip: dataflow doc rearrangements 2020-07-21 17:39:23 -07:00
Michael Hohn
73a49d5ba5 Formatting updates in dataflow keynote file 2020-07-21 17:21:39 -07:00
Michael Hohn
3030f717c1 dataflow slides in PDF, cropped to use more space 2020-07-21 17:21:07 -07:00
Michael Hohn
d2a9737b4e readme code reordering 2020-07-21 14:31:01 -07:00
Michael Hohn
9970524b8d Tutorial, part 1: running the code to see the problem 2020-07-21 14:29:14 -07:00
Michael Hohn
ba3cfcb010 sql injection: use post-update nodes for function return values 2020-07-20 16:16:40 -07:00
Michael Hohn
5bce3ae696 sql injection: taintstep across macro under snprintf as predicate 2020-07-20 16:15:50 -07:00
Michael Hohn
4060f31100 sql injection: taintstep across macro under snprintf, with position adjustment 2020-07-20 14:46:13 -07:00
Michael Hohn
45a5e89366 sql injection: taintstep across snprintf -- function not found 2020-07-20 14:38:51 -07:00
Michael Hohn
aa5d019740 sql injection: try flow configuration (with pathgraph). Not ready 2020-07-20 14:26:44 -07:00
Michael Hohn
7aa51e67c8 sql injection: sink as class predicate 2020-07-20 14:20:32 -07:00
Michael Hohn
1f385ddfe3 Summary: sql injection: sink identification 2020-07-20 14:14:55 -07:00
Michael Hohn
c91db6a653 Summary: sql injection: move source identification to configuration 2020-07-20 14:10:36 -07:00
Michael Hohn
42e2c5de8b sql injection: source is argument to read 2020-07-20 14:07:49 -07:00
Michael Hohn
a69c511dc1 sql injection: call to read 2020-07-20 14:04:42 -07:00
Michael Hohn
47b1c9522c Build codeql database 2020-07-20 14:02:53 -07:00
Michael Hohn
d5b28fb6b5 project metadata 2020-07-20 13:53:28 -07:00
Michael Hohn
e31039dd64 sql injection: Flow configuration template 2020-07-20 13:53:10 -07:00
Michael Hohn
b241632815 'Running the program' sequence added to slides 2020-07-16 17:43:43 -07:00
Michael Hohn
90a3bee380 Update the sample run for slide creation 2020-07-16 17:03:46 -07:00
Michael Hohn
4c5174bdf5 combined flow: animate global data flow and source 2020-06-30 17:25:20 -07:00
Michael Hohn
a7a0d33bc8 combined flow diagram with intra-procedural flow 2020-06-30 17:02:06 -07:00
Michael Hohn
961ae9b036 combined flow diagram 2020-06-30 16:46:37 -07:00
Michael Hohn
60f1f09c60 Switch to using iterm and keynote instead of svg/rtf 2020-06-30 15:12:39 -07:00
Michael Hohn
aaa58dbca5 Add data flow for other functions 2020-06-30 15:10:41 -07:00
Michael Hohn
fba3f416f6 Add simplified data flow for get_user_info() 2020-06-30 11:11:51 -07:00
Michael Hohn
f1cd029146 Create add-user.svg from add-user.c 2020-06-30 10:48:52 -07:00
Michael Hohn
41dd5e004e Add simple logging 2020-06-29 17:25:19 -07:00
Michael Hohn
5210f57197 Initial sql injection sample in C using sqlite 2020-06-29 15:29:45 -07:00