hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-18 01:33:15 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
sauyon/java-spring-stringutils
codeql/csharp/ql/test/query-tests/Security Features/CWE-730/RegexInjection/RegexInjection.expected
Tom Hvitved 78ddb37a8c C#: Track type information in data flow 
This commit adds type information to data flow paths, by mapping node types onto
the smaller set of GVN types, and implementing `ppReprType()`.

The effect is a mere change in `DataFlow::PathNode::toString()`; no type-based
pruning is done yet.
2019-12-10 15:46:28 +01:00

8 lines
810 B
Plaintext
Raw Permalink Blame History

edges
| RegexInjection.cs:12:24:12:46 | access to property QueryString : NameValueCollection | RegexInjection.cs:16:19:16:23 | access to local variable regex |
nodes
| RegexInjection.cs:12:24:12:46 | access to property QueryString : NameValueCollection | semmle.label | access to property QueryString : NameValueCollection |
| RegexInjection.cs:16:19:16:23 | access to local variable regex | semmle.label | access to local variable regex |
#select
| RegexInjection.cs:16:19:16:23 | access to local variable regex | RegexInjection.cs:12:24:12:46 | access to property QueryString : NameValueCollection | RegexInjection.cs:16:19:16:23 | access to local variable regex | $@ flows to the construction of a regular expression. | RegexInjection.cs:12:24:12:46 | access to property QueryString | User-provided value |
Reference in New Issue View Git Blame Copy Permalink