hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-21 19:26:31 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
2dd862661bfa62080e68f4ac8281da5d901b6986
codeql/csharp/ql/test/query-tests/Security Features/CWE-643/StoredXPathInjection.expected
Tom Hvitved 78ddb37a8c C#: Track type information in data flow 
This commit adds type information to data flow paths, by mapping node types onto
the smaller set of GVN types, and implementing `ppReprType()`.

The effect is a mere change in `DataFlow::PathNode::toString()`; no type-based
pruning is done yet.
2019-12-10 15:46:28 +01:00

16 lines
2.2 KiB
Plaintext
Raw Blame History

edges
| StoredXPathInjection.cs:24:39:24:65 | call to method GetString : String | StoredXPathInjection.cs:27:45:27:148 | ... + ... |
| StoredXPathInjection.cs:24:39:24:65 | call to method GetString : String | StoredXPathInjection.cs:30:41:30:144 | ... + ... |
| StoredXPathInjection.cs:25:39:25:65 | call to method GetString : String | StoredXPathInjection.cs:27:45:27:148 | ... + ... |
| StoredXPathInjection.cs:25:39:25:65 | call to method GetString : String | StoredXPathInjection.cs:30:41:30:144 | ... + ... |
nodes
| StoredXPathInjection.cs:24:39:24:65 | call to method GetString : String | semmle.label | call to method GetString : String |
| StoredXPathInjection.cs:25:39:25:65 | call to method GetString : String | semmle.label | call to method GetString : String |
| StoredXPathInjection.cs:27:45:27:148 | ... + ... | semmle.label | ... + ... |
| StoredXPathInjection.cs:30:41:30:144 | ... + ... | semmle.label | ... + ... |
#select
| StoredXPathInjection.cs:27:45:27:148 | ... + ... | StoredXPathInjection.cs:24:39:24:65 | call to method GetString : String | StoredXPathInjection.cs:27:45:27:148 | ... + ... | $@ flows to here and is used in an XPath expression. | StoredXPathInjection.cs:24:39:24:65 | call to method GetString | Stored user-provided value |
| StoredXPathInjection.cs:27:45:27:148 | ... + ... | StoredXPathInjection.cs:25:39:25:65 | call to method GetString : String | StoredXPathInjection.cs:27:45:27:148 | ... + ... | $@ flows to here and is used in an XPath expression. | StoredXPathInjection.cs:25:39:25:65 | call to method GetString | Stored user-provided value |
| StoredXPathInjection.cs:30:41:30:144 | ... + ... | StoredXPathInjection.cs:24:39:24:65 | call to method GetString : String | StoredXPathInjection.cs:30:41:30:144 | ... + ... | $@ flows to here and is used in an XPath expression. | StoredXPathInjection.cs:24:39:24:65 | call to method GetString | Stored user-provided value |
| StoredXPathInjection.cs:30:41:30:144 | ... + ... | StoredXPathInjection.cs:25:39:25:65 | call to method GetString : String | StoredXPathInjection.cs:30:41:30:144 | ... + ... | $@ flows to here and is used in an XPath expression. | StoredXPathInjection.cs:25:39:25:65 | call to method GetString | Stored user-provided value |
Reference in New Issue View Git Blame Copy Permalink