hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-21 03:06:31 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
2dd862661bfa62080e68f4ac8281da5d901b6986
codeql/csharp/ql/test/query-tests/Security Features/CWE-611/UntrustedDataInsecureXml.expected
Tom Hvitved 78ddb37a8c C#: Track type information in data flow 
This commit adds type information to data flow paths, by mapping node types onto
the smaller set of GVN types, and implementing `ppReprType()`.

The effect is a mere change in `DataFlow::PathNode::toString()`; no type-based
pruning is done yet.
2019-12-10 15:46:28 +01:00

8 lines
715 B
Plaintext
Raw Blame History

edges
| Test.cs:13:50:13:72 | access to property QueryString : NameValueCollection | Test.cs:13:50:13:84 | access to indexer |
nodes
| Test.cs:13:50:13:72 | access to property QueryString : NameValueCollection | semmle.label | access to property QueryString : NameValueCollection |
| Test.cs:13:50:13:84 | access to indexer | semmle.label | access to indexer |
#select
| Test.cs:13:50:13:84 | access to indexer | Test.cs:13:50:13:72 | access to property QueryString : NameValueCollection | Test.cs:13:50:13:84 | access to indexer | $@ flows to here and is loaded insecurely as XML (DTD processing is enabled with an insecure resolver). | Test.cs:13:50:13:72 | access to property QueryString | User-provided value |
Reference in New Issue View Git Blame Copy Permalink