mirror of
https://github.com/github/codeql.git
synced 2025-12-17 09:13:20 +01:00
17 lines
1.7 KiB
Plaintext
17 lines
1.7 KiB
Plaintext
edges
|
|
| decompression_api.rb:4:9:4:12 | path | decompression_api.rb:5:31:5:34 | path | provenance | |
|
|
| decompression_api.rb:4:16:4:21 | call to params | decompression_api.rb:4:16:4:28 | ...[...] | provenance | |
|
|
| decompression_api.rb:4:16:4:28 | ...[...] | decompression_api.rb:4:9:4:12 | path | provenance | |
|
|
| decompression_api.rb:15:31:15:36 | call to params | decompression_api.rb:15:31:15:43 | ...[...] | provenance | |
|
|
nodes
|
|
| decompression_api.rb:4:9:4:12 | path | semmle.label | path |
|
|
| decompression_api.rb:4:16:4:21 | call to params | semmle.label | call to params |
|
|
| decompression_api.rb:4:16:4:28 | ...[...] | semmle.label | ...[...] |
|
|
| decompression_api.rb:5:31:5:34 | path | semmle.label | path |
|
|
| decompression_api.rb:15:31:15:36 | call to params | semmle.label | call to params |
|
|
| decompression_api.rb:15:31:15:43 | ...[...] | semmle.label | ...[...] |
|
|
subpaths
|
|
#select
|
|
| decompression_api.rb:5:31:5:34 | path | decompression_api.rb:4:16:4:21 | call to params | decompression_api.rb:5:31:5:34 | path | This call to $@ is unsafe because user-controlled data is used to set the object being decompressed, which could lead to a denial of service attack or malicious code extracted from an unknown source. | decompression_api.rb:5:9:5:35 | call to inflate | inflate |
|
|
| decompression_api.rb:15:31:15:43 | ...[...] | decompression_api.rb:15:31:15:36 | call to params | decompression_api.rb:15:31:15:43 | ...[...] | This call to $@ is unsafe because user-controlled data is used to set the object being decompressed, which could lead to a denial of service attack or malicious code extracted from an unknown source. | decompression_api.rb:15:9:15:44 | call to open_buffer | open_buffer |
|