hohn/codeql-dataflow-sql-injection
1
0
Fork 0
mirror of https://github.com/hohn/codeql-dataflow-sql-injection.git synced 2025-12-16 10:13:04 +01:00
Code Issues Packages Projects Releases Wiki Activity
46 Commits 2 Branches 2 Tags
4c7b111ea93a68e36322f79ccced4d9d6aed3b36
Commit Graph

46 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Michael Hohn
4c7b111ea9 include database 2022-06-08 15:03:00 +02:00
Michael Hohn
3fe610d354 workshop updates 2022-06-08 14:05:32 +02:00
Michael Hohn
dd664fe4ef Insert updates from github.com:hohn/codeql.git 2022-06-08 08:36:05 +02:00
Michael Hohn
9d130f1466 minor presentation-1 2020-07-23 10:42:47 -07:00
Michael Hohn
77fefdf78d The isAdditionalTaintStep Predicate, toc 2020-07-23 10:42:22 -07:00
Michael Hohn
dce515cabd dataflow pdf, cropped for presentation 2020-07-23 10:22:53 -07:00
Michael Hohn
bb0841eee4 Reviewd all non-xx: sections, toc updated 2020-07-22 15:53:58 -07:00
Michael Hohn
9a41879346 Codeql Recap 2020-07-22 15:45:21 -07:00
Michael Hohn
c0bedda060 The isSource Predicate 2020-07-22 15:10:18 -07:00
Michael Hohn
fd27af2216 Update Appendix 2020-07-22 15:06:30 -07:00
Michael Hohn
ab99c0fb44 move isAdditionalTaintStep explanation to Taint Flow Configuration 2020-07-22 14:59:06 -07:00
Michael Hohn
999f665ceb The isSink Predicate 2020-07-22 14:24:44 -07:00
Michael Hohn
f99935159b path problem query format, start of 'the isSink Predicate' 2020-07-22 14:12:05 -07:00
Michael Hohn
d0507b79d6 Taint Flow Configuration 2020-07-22 13:48:45 -07:00
Michael Hohn
4fcd08f394 toc and title caps 2020-07-22 11:58:19 -07:00
Michael Hohn
38bc479725 The extra flow step 2020-07-22 11:52:29 -07:00
Michael Hohn
12a90e9a54 topic reordering 2020-07-22 10:51:37 -07:00
Michael Hohn
62234f4d55 wip: dataflow doc rearrangements 2020-07-21 17:39:23 -07:00
Michael Hohn
73a49d5ba5 Formatting updates in dataflow keynote file 2020-07-21 17:21:39 -07:00
Michael Hohn
3030f717c1 dataflow slides in PDF, cropped to use more space 2020-07-21 17:21:07 -07:00
Michael Hohn
d2a9737b4e readme code reordering 2020-07-21 14:31:01 -07:00
Michael Hohn
9970524b8d Tutorial, part 1: running the code to see the problem 2020-07-21 14:29:14 -07:00
Michael Hohn
ba3cfcb010 sql injection: use post-update nodes for function return values 2020-07-20 16:16:40 -07:00
Michael Hohn
5bce3ae696 sql injection: taintstep across macro under snprintf as predicate 2020-07-20 16:15:50 -07:00
Michael Hohn
4060f31100 sql injection: taintstep across macro under snprintf, with position adjustment 2020-07-20 14:46:13 -07:00
Michael Hohn
45a5e89366 sql injection: taintstep across snprintf -- function not found 2020-07-20 14:38:51 -07:00
Michael Hohn
aa5d019740 sql injection: try flow configuration (with pathgraph). Not ready 2020-07-20 14:26:44 -07:00
Michael Hohn
7aa51e67c8 sql injection: sink as class predicate 2020-07-20 14:20:32 -07:00
Michael Hohn
1f385ddfe3 Summary: sql injection: sink identification 2020-07-20 14:14:55 -07:00
Michael Hohn
c91db6a653 Summary: sql injection: move source identification to configuration 2020-07-20 14:10:36 -07:00
Michael Hohn
42e2c5de8b sql injection: source is argument to read 2020-07-20 14:07:49 -07:00
Michael Hohn
a69c511dc1 sql injection: call to read 2020-07-20 14:04:42 -07:00
Michael Hohn
47b1c9522c Build codeql database 2020-07-20 14:02:53 -07:00
Michael Hohn
d5b28fb6b5 project metadata 2020-07-20 13:53:28 -07:00
Michael Hohn
e31039dd64 sql injection: Flow configuration template 2020-07-20 13:53:10 -07:00
Michael Hohn
b241632815 'Running the program' sequence added to slides 2020-07-16 17:43:43 -07:00
Michael Hohn
90a3bee380 Update the sample run for slide creation 2020-07-16 17:03:46 -07:00
Michael Hohn
4c5174bdf5 combined flow: animate global data flow and source 2020-06-30 17:25:20 -07:00
Michael Hohn
a7a0d33bc8 combined flow diagram with intra-procedural flow 2020-06-30 17:02:06 -07:00
Michael Hohn
961ae9b036 combined flow diagram 2020-06-30 16:46:37 -07:00
Michael Hohn
60f1f09c60 Switch to using iterm and keynote instead of svg/rtf 2020-06-30 15:12:39 -07:00
Michael Hohn
aaa58dbca5 Add data flow for other functions 2020-06-30 15:10:41 -07:00
Michael Hohn
fba3f416f6 Add simplified data flow for get_user_info() 2020-06-30 11:11:51 -07:00
Michael Hohn
f1cd029146 Create add-user.svg from add-user.c 2020-06-30 10:48:52 -07:00
Michael Hohn
41dd5e004e Add simple logging 2020-06-29 17:25:19 -07:00
Michael Hohn
5210f57197 Initial sql injection sample in C using sqlite 2020-06-29 15:29:45 -07:00