hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-27 01:35:13 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
72356d1515283bce8f4d9bc9b19ef7a7d9aa044c
codeql/ruby/ql/test/library-tests/dataflow/params/params-flow.expected
Harry Maclean 72356d1515 Ruby: track flow from *args to positional params 
This models flow in the following case:

    def foo(x, y)
      sink x # 1
      sink y # 2
    end

    args = [source 1, source 2]
    foo(*args)

We do this by introducing a SynthSplatParameterNode which accepts
content from the splat argument, if one is given at the callsite.
From this node we add read steps to each positional parameter.
2023-08-09 15:01:40 +01:00

225 lines
20 KiB
Plaintext
Raw Blame History

failures
testFailures
edges
| params_flow.rb:9:16:9:17 | p1 | params_flow.rb:10:10:10:11 | p1 |
| params_flow.rb:9:20:9:21 | p2 | params_flow.rb:11:10:11:11 | p2 |
| params_flow.rb:14:12:14:19 | call to taint | params_flow.rb:9:16:9:17 | p1 |
| params_flow.rb:14:22:14:29 | call to taint | params_flow.rb:9:20:9:21 | p2 |
| params_flow.rb:16:13:16:14 | p1 | params_flow.rb:17:10:17:11 | p1 |
| params_flow.rb:16:18:16:19 | p2 | params_flow.rb:18:10:18:11 | p2 |
| params_flow.rb:21:13:21:20 | call to taint | params_flow.rb:16:13:16:14 | p1 |
| params_flow.rb:21:27:21:34 | call to taint | params_flow.rb:16:18:16:19 | p2 |
| params_flow.rb:22:13:22:20 | call to taint | params_flow.rb:16:18:16:19 | p2 |
| params_flow.rb:22:27:22:34 | call to taint | params_flow.rb:16:13:16:14 | p1 |
| params_flow.rb:23:16:23:23 | call to taint | params_flow.rb:16:18:16:19 | p2 |
| params_flow.rb:23:33:23:40 | call to taint | params_flow.rb:16:13:16:14 | p1 |
| params_flow.rb:25:12:25:13 | p1 | params_flow.rb:26:10:26:11 | p1 |
| params_flow.rb:25:17:25:24 | **kwargs [element :p2] | params_flow.rb:28:11:28:16 | kwargs [element :p2] |
| params_flow.rb:25:17:25:24 | **kwargs [element :p3] | params_flow.rb:29:11:29:16 | kwargs [element :p3] |
| params_flow.rb:28:11:28:16 | kwargs [element :p2] | params_flow.rb:28:11:28:21 | ...[...] |
| params_flow.rb:28:11:28:21 | ...[...] | params_flow.rb:28:10:28:22 | ( ... ) |
| params_flow.rb:29:11:29:16 | kwargs [element :p3] | params_flow.rb:29:11:29:21 | ...[...] |
| params_flow.rb:29:11:29:21 | ...[...] | params_flow.rb:29:10:29:22 | ( ... ) |
| params_flow.rb:33:12:33:19 | call to taint | params_flow.rb:25:12:25:13 | p1 |
| params_flow.rb:33:26:33:34 | call to taint | params_flow.rb:25:17:25:24 | **kwargs [element :p2] |
| params_flow.rb:33:41:33:49 | call to taint | params_flow.rb:25:17:25:24 | **kwargs [element :p3] |
| params_flow.rb:34:1:34:4 | args [element :p3] | params_flow.rb:35:25:35:28 | args [element :p3] |
| params_flow.rb:34:14:34:22 | call to taint | params_flow.rb:34:1:34:4 | args [element :p3] |
| params_flow.rb:35:12:35:20 | call to taint | params_flow.rb:25:12:25:13 | p1 |
| params_flow.rb:35:23:35:28 | ** ... [element :p3] | params_flow.rb:25:17:25:24 | **kwargs [element :p3] |
| params_flow.rb:35:25:35:28 | args [element :p3] | params_flow.rb:35:23:35:28 | ** ... [element :p3] |
| params_flow.rb:37:1:37:4 | args [element :p1] | params_flow.rb:38:10:38:13 | args [element :p1] |
| params_flow.rb:37:1:37:4 | args [element :p2] | params_flow.rb:38:10:38:13 | args [element :p2] |
| params_flow.rb:37:16:37:24 | call to taint | params_flow.rb:37:1:37:4 | args [element :p1] |
| params_flow.rb:37:34:37:42 | call to taint | params_flow.rb:37:1:37:4 | args [element :p2] |
| params_flow.rb:38:8:38:13 | ** ... [element :p1] | params_flow.rb:25:12:25:13 | p1 |
| params_flow.rb:38:8:38:13 | ** ... [element :p2] | params_flow.rb:25:17:25:24 | **kwargs [element :p2] |
| params_flow.rb:38:10:38:13 | args [element :p1] | params_flow.rb:38:8:38:13 | ** ... [element :p1] |
| params_flow.rb:38:10:38:13 | args [element :p2] | params_flow.rb:38:8:38:13 | ** ... [element :p2] |
| params_flow.rb:40:1:40:4 | args [element :p1] | params_flow.rb:41:26:41:29 | args [element :p1] |
| params_flow.rb:40:16:40:24 | call to taint | params_flow.rb:40:1:40:4 | args [element :p1] |
| params_flow.rb:41:13:41:21 | call to taint | params_flow.rb:16:18:16:19 | p2 |
| params_flow.rb:41:24:41:29 | ** ... [element :p1] | params_flow.rb:16:13:16:14 | p1 |
| params_flow.rb:41:26:41:29 | args [element :p1] | params_flow.rb:41:24:41:29 | ** ... [element :p1] |
| params_flow.rb:44:12:44:20 | call to taint | params_flow.rb:9:16:9:17 | p1 |
| params_flow.rb:46:1:46:4 | args [element 0] | params_flow.rb:47:13:47:16 | args [element 0] |
| params_flow.rb:46:1:46:4 | args [element 1] | params_flow.rb:47:13:47:16 | args [element 1] |
| params_flow.rb:46:9:46:17 | call to taint | params_flow.rb:46:1:46:4 | args [element 0] |
| params_flow.rb:46:20:46:28 | call to taint | params_flow.rb:46:1:46:4 | args [element 1] |
| params_flow.rb:47:12:47:16 | * ... [element 0] | params_flow.rb:9:16:9:17 | p1 |
| params_flow.rb:47:12:47:16 | * ... [element 1] | params_flow.rb:9:20:9:21 | p2 |
| params_flow.rb:47:13:47:16 | args [element 0] | params_flow.rb:47:12:47:16 | * ... [element 0] |
| params_flow.rb:47:13:47:16 | args [element 1] | params_flow.rb:47:12:47:16 | * ... [element 1] |
| params_flow.rb:49:13:49:14 | p1 | params_flow.rb:50:10:50:11 | p1 |
| params_flow.rb:49:17:49:24 | *posargs [element 0] | params_flow.rb:51:11:51:17 | posargs [element 0] |
| params_flow.rb:51:11:51:17 | posargs [element 0] | params_flow.rb:51:11:51:20 | ...[...] |
| params_flow.rb:51:11:51:20 | ...[...] | params_flow.rb:51:10:51:21 | ( ... ) |
| params_flow.rb:55:9:55:17 | call to taint | params_flow.rb:49:13:49:14 | p1 |
| params_flow.rb:57:1:57:4 | args [element 0] | params_flow.rb:58:21:58:24 | args [element 0] |
| params_flow.rb:57:9:57:17 | call to taint | params_flow.rb:57:1:57:4 | args [element 0] |
| params_flow.rb:58:9:58:17 | call to taint | params_flow.rb:49:13:49:14 | p1 |
| params_flow.rb:58:20:58:24 | * ... [element 0] | params_flow.rb:49:17:49:24 | *posargs [element 0] |
| params_flow.rb:58:21:58:24 | args [element 0] | params_flow.rb:58:20:58:24 | * ... [element 0] |
| params_flow.rb:60:1:60:4 | args [element 0] | params_flow.rb:61:10:61:13 | args [element 0] |
| params_flow.rb:60:9:60:17 | call to taint | params_flow.rb:60:1:60:4 | args [element 0] |
| params_flow.rb:61:9:61:13 | * ... [element 0] | params_flow.rb:49:13:49:14 | p1 |
| params_flow.rb:61:10:61:13 | args [element 0] | params_flow.rb:61:9:61:13 | * ... [element 0] |
| params_flow.rb:63:1:63:4 | args | params_flow.rb:67:13:67:16 | args |
| params_flow.rb:63:8:63:16 | call to taint | params_flow.rb:63:1:63:4 | args |
| params_flow.rb:64:16:64:17 | *x [element 0] | params_flow.rb:65:10:65:10 | x [element 0] |
| params_flow.rb:65:10:65:10 | x [element 0] | params_flow.rb:65:10:65:13 | ...[...] |
| params_flow.rb:67:12:67:16 | * ... [element 0] | params_flow.rb:64:16:64:17 | *x [element 0] |
| params_flow.rb:67:13:67:16 | args | params_flow.rb:67:12:67:16 | * ... [element 0] |
| params_flow.rb:69:14:69:14 | x | params_flow.rb:70:10:70:10 | x |
| params_flow.rb:69:17:69:17 | y | params_flow.rb:71:10:71:10 | y |
| params_flow.rb:69:24:69:24 | w | params_flow.rb:74:10:74:10 | w |
| params_flow.rb:69:27:69:27 | r | params_flow.rb:75:10:75:10 | r |
| params_flow.rb:78:10:78:18 | call to taint | params_flow.rb:69:14:69:14 | x |
| params_flow.rb:78:21:78:29 | call to taint | params_flow.rb:69:17:69:17 | y |
| params_flow.rb:78:43:78:51 | call to taint | params_flow.rb:69:24:69:24 | w |
| params_flow.rb:78:54:78:62 | call to taint | params_flow.rb:69:27:69:27 | r |
| params_flow.rb:81:10:81:18 | call to taint | params_flow.rb:69:14:69:14 | x |
| params_flow.rb:83:14:83:14 | t | params_flow.rb:84:10:84:10 | t |
| params_flow.rb:83:17:83:17 | u | params_flow.rb:85:10:85:10 | u |
| params_flow.rb:83:23:83:23 | w | params_flow.rb:87:10:87:10 | w |
| params_flow.rb:94:10:94:18 | call to taint | params_flow.rb:83:14:83:14 | t |
| params_flow.rb:94:21:94:29 | call to taint | params_flow.rb:83:17:83:17 | u |
| params_flow.rb:94:39:94:47 | call to taint | params_flow.rb:83:23:83:23 | w |
nodes
| params_flow.rb:9:16:9:17 | p1 | semmle.label | p1 |
| params_flow.rb:9:20:9:21 | p2 | semmle.label | p2 |
| params_flow.rb:10:10:10:11 | p1 | semmle.label | p1 |
| params_flow.rb:11:10:11:11 | p2 | semmle.label | p2 |
| params_flow.rb:14:12:14:19 | call to taint | semmle.label | call to taint |
| params_flow.rb:14:22:14:29 | call to taint | semmle.label | call to taint |
| params_flow.rb:16:13:16:14 | p1 | semmle.label | p1 |
| params_flow.rb:16:18:16:19 | p2 | semmle.label | p2 |
| params_flow.rb:17:10:17:11 | p1 | semmle.label | p1 |
| params_flow.rb:18:10:18:11 | p2 | semmle.label | p2 |
| params_flow.rb:21:13:21:20 | call to taint | semmle.label | call to taint |
| params_flow.rb:21:27:21:34 | call to taint | semmle.label | call to taint |
| params_flow.rb:22:13:22:20 | call to taint | semmle.label | call to taint |
| params_flow.rb:22:27:22:34 | call to taint | semmle.label | call to taint |
| params_flow.rb:23:16:23:23 | call to taint | semmle.label | call to taint |
| params_flow.rb:23:33:23:40 | call to taint | semmle.label | call to taint |
| params_flow.rb:25:12:25:13 | p1 | semmle.label | p1 |
| params_flow.rb:25:17:25:24 | **kwargs [element :p2] | semmle.label | **kwargs [element :p2] |
| params_flow.rb:25:17:25:24 | **kwargs [element :p3] | semmle.label | **kwargs [element :p3] |
| params_flow.rb:26:10:26:11 | p1 | semmle.label | p1 |
| params_flow.rb:28:10:28:22 | ( ... ) | semmle.label | ( ... ) |
| params_flow.rb:28:11:28:16 | kwargs [element :p2] | semmle.label | kwargs [element :p2] |
| params_flow.rb:28:11:28:21 | ...[...] | semmle.label | ...[...] |
| params_flow.rb:29:10:29:22 | ( ... ) | semmle.label | ( ... ) |
| params_flow.rb:29:11:29:16 | kwargs [element :p3] | semmle.label | kwargs [element :p3] |
| params_flow.rb:29:11:29:21 | ...[...] | semmle.label | ...[...] |
| params_flow.rb:33:12:33:19 | call to taint | semmle.label | call to taint |
| params_flow.rb:33:26:33:34 | call to taint | semmle.label | call to taint |
| params_flow.rb:33:41:33:49 | call to taint | semmle.label | call to taint |
| params_flow.rb:34:1:34:4 | args [element :p3] | semmle.label | args [element :p3] |
| params_flow.rb:34:14:34:22 | call to taint | semmle.label | call to taint |
| params_flow.rb:35:12:35:20 | call to taint | semmle.label | call to taint |
| params_flow.rb:35:23:35:28 | ** ... [element :p3] | semmle.label | ** ... [element :p3] |
| params_flow.rb:35:25:35:28 | args [element :p3] | semmle.label | args [element :p3] |
| params_flow.rb:37:1:37:4 | args [element :p1] | semmle.label | args [element :p1] |
| params_flow.rb:37:1:37:4 | args [element :p2] | semmle.label | args [element :p2] |
| params_flow.rb:37:16:37:24 | call to taint | semmle.label | call to taint |
| params_flow.rb:37:34:37:42 | call to taint | semmle.label | call to taint |
| params_flow.rb:38:8:38:13 | ** ... [element :p1] | semmle.label | ** ... [element :p1] |
| params_flow.rb:38:8:38:13 | ** ... [element :p2] | semmle.label | ** ... [element :p2] |
| params_flow.rb:38:10:38:13 | args [element :p1] | semmle.label | args [element :p1] |
| params_flow.rb:38:10:38:13 | args [element :p2] | semmle.label | args [element :p2] |
| params_flow.rb:40:1:40:4 | args [element :p1] | semmle.label | args [element :p1] |
| params_flow.rb:40:16:40:24 | call to taint | semmle.label | call to taint |
| params_flow.rb:41:13:41:21 | call to taint | semmle.label | call to taint |
| params_flow.rb:41:24:41:29 | ** ... [element :p1] | semmle.label | ** ... [element :p1] |
| params_flow.rb:41:26:41:29 | args [element :p1] | semmle.label | args [element :p1] |
| params_flow.rb:44:12:44:20 | call to taint | semmle.label | call to taint |
| params_flow.rb:46:1:46:4 | args [element 0] | semmle.label | args [element 0] |
| params_flow.rb:46:1:46:4 | args [element 1] | semmle.label | args [element 1] |
| params_flow.rb:46:9:46:17 | call to taint | semmle.label | call to taint |
| params_flow.rb:46:20:46:28 | call to taint | semmle.label | call to taint |
| params_flow.rb:47:12:47:16 | * ... [element 0] | semmle.label | * ... [element 0] |
| params_flow.rb:47:12:47:16 | * ... [element 1] | semmle.label | * ... [element 1] |
| params_flow.rb:47:13:47:16 | args [element 0] | semmle.label | args [element 0] |
| params_flow.rb:47:13:47:16 | args [element 1] | semmle.label | args [element 1] |
| params_flow.rb:49:13:49:14 | p1 | semmle.label | p1 |
| params_flow.rb:49:17:49:24 | *posargs [element 0] | semmle.label | *posargs [element 0] |
| params_flow.rb:50:10:50:11 | p1 | semmle.label | p1 |
| params_flow.rb:51:10:51:21 | ( ... ) | semmle.label | ( ... ) |
| params_flow.rb:51:11:51:17 | posargs [element 0] | semmle.label | posargs [element 0] |
| params_flow.rb:51:11:51:20 | ...[...] | semmle.label | ...[...] |
| params_flow.rb:55:9:55:17 | call to taint | semmle.label | call to taint |
| params_flow.rb:57:1:57:4 | args [element 0] | semmle.label | args [element 0] |
| params_flow.rb:57:9:57:17 | call to taint | semmle.label | call to taint |
| params_flow.rb:58:9:58:17 | call to taint | semmle.label | call to taint |
| params_flow.rb:58:20:58:24 | * ... [element 0] | semmle.label | * ... [element 0] |
| params_flow.rb:58:21:58:24 | args [element 0] | semmle.label | args [element 0] |
| params_flow.rb:60:1:60:4 | args [element 0] | semmle.label | args [element 0] |
| params_flow.rb:60:9:60:17 | call to taint | semmle.label | call to taint |
| params_flow.rb:61:9:61:13 | * ... [element 0] | semmle.label | * ... [element 0] |
| params_flow.rb:61:10:61:13 | args [element 0] | semmle.label | args [element 0] |
| params_flow.rb:63:1:63:4 | args | semmle.label | args |
| params_flow.rb:63:8:63:16 | call to taint | semmle.label | call to taint |
| params_flow.rb:64:16:64:17 | *x [element 0] | semmle.label | *x [element 0] |
| params_flow.rb:65:10:65:10 | x [element 0] | semmle.label | x [element 0] |
| params_flow.rb:65:10:65:13 | ...[...] | semmle.label | ...[...] |
| params_flow.rb:67:12:67:16 | * ... [element 0] | semmle.label | * ... [element 0] |
| params_flow.rb:67:13:67:16 | args | semmle.label | args |
| params_flow.rb:69:14:69:14 | x | semmle.label | x |
| params_flow.rb:69:17:69:17 | y | semmle.label | y |
| params_flow.rb:69:24:69:24 | w | semmle.label | w |
| params_flow.rb:69:27:69:27 | r | semmle.label | r |
| params_flow.rb:70:10:70:10 | x | semmle.label | x |
| params_flow.rb:71:10:71:10 | y | semmle.label | y |
| params_flow.rb:74:10:74:10 | w | semmle.label | w |
| params_flow.rb:75:10:75:10 | r | semmle.label | r |
| params_flow.rb:78:10:78:18 | call to taint | semmle.label | call to taint |
| params_flow.rb:78:21:78:29 | call to taint | semmle.label | call to taint |
| params_flow.rb:78:43:78:51 | call to taint | semmle.label | call to taint |
| params_flow.rb:78:54:78:62 | call to taint | semmle.label | call to taint |
| params_flow.rb:81:10:81:18 | call to taint | semmle.label | call to taint |
| params_flow.rb:83:14:83:14 | t | semmle.label | t |
| params_flow.rb:83:17:83:17 | u | semmle.label | u |
| params_flow.rb:83:23:83:23 | w | semmle.label | w |
| params_flow.rb:84:10:84:10 | t | semmle.label | t |
| params_flow.rb:85:10:85:10 | u | semmle.label | u |
| params_flow.rb:87:10:87:10 | w | semmle.label | w |
| params_flow.rb:94:10:94:18 | call to taint | semmle.label | call to taint |
| params_flow.rb:94:21:94:29 | call to taint | semmle.label | call to taint |
| params_flow.rb:94:39:94:47 | call to taint | semmle.label | call to taint |
subpaths
#select
| params_flow.rb:10:10:10:11 | p1 | params_flow.rb:14:12:14:19 | call to taint | params_flow.rb:10:10:10:11 | p1 | $@ | params_flow.rb:14:12:14:19 | call to taint | call to taint |
| params_flow.rb:10:10:10:11 | p1 | params_flow.rb:44:12:44:20 | call to taint | params_flow.rb:10:10:10:11 | p1 | $@ | params_flow.rb:44:12:44:20 | call to taint | call to taint |
| params_flow.rb:10:10:10:11 | p1 | params_flow.rb:46:9:46:17 | call to taint | params_flow.rb:10:10:10:11 | p1 | $@ | params_flow.rb:46:9:46:17 | call to taint | call to taint |
| params_flow.rb:11:10:11:11 | p2 | params_flow.rb:14:22:14:29 | call to taint | params_flow.rb:11:10:11:11 | p2 | $@ | params_flow.rb:14:22:14:29 | call to taint | call to taint |
| params_flow.rb:11:10:11:11 | p2 | params_flow.rb:46:20:46:28 | call to taint | params_flow.rb:11:10:11:11 | p2 | $@ | params_flow.rb:46:20:46:28 | call to taint | call to taint |
| params_flow.rb:17:10:17:11 | p1 | params_flow.rb:21:13:21:20 | call to taint | params_flow.rb:17:10:17:11 | p1 | $@ | params_flow.rb:21:13:21:20 | call to taint | call to taint |
| params_flow.rb:17:10:17:11 | p1 | params_flow.rb:22:27:22:34 | call to taint | params_flow.rb:17:10:17:11 | p1 | $@ | params_flow.rb:22:27:22:34 | call to taint | call to taint |
| params_flow.rb:17:10:17:11 | p1 | params_flow.rb:23:33:23:40 | call to taint | params_flow.rb:17:10:17:11 | p1 | $@ | params_flow.rb:23:33:23:40 | call to taint | call to taint |
| params_flow.rb:17:10:17:11 | p1 | params_flow.rb:40:16:40:24 | call to taint | params_flow.rb:17:10:17:11 | p1 | $@ | params_flow.rb:40:16:40:24 | call to taint | call to taint |
| params_flow.rb:18:10:18:11 | p2 | params_flow.rb:21:27:21:34 | call to taint | params_flow.rb:18:10:18:11 | p2 | $@ | params_flow.rb:21:27:21:34 | call to taint | call to taint |
| params_flow.rb:18:10:18:11 | p2 | params_flow.rb:22:13:22:20 | call to taint | params_flow.rb:18:10:18:11 | p2 | $@ | params_flow.rb:22:13:22:20 | call to taint | call to taint |
| params_flow.rb:18:10:18:11 | p2 | params_flow.rb:23:16:23:23 | call to taint | params_flow.rb:18:10:18:11 | p2 | $@ | params_flow.rb:23:16:23:23 | call to taint | call to taint |
| params_flow.rb:18:10:18:11 | p2 | params_flow.rb:41:13:41:21 | call to taint | params_flow.rb:18:10:18:11 | p2 | $@ | params_flow.rb:41:13:41:21 | call to taint | call to taint |
| params_flow.rb:26:10:26:11 | p1 | params_flow.rb:33:12:33:19 | call to taint | params_flow.rb:26:10:26:11 | p1 | $@ | params_flow.rb:33:12:33:19 | call to taint | call to taint |
| params_flow.rb:26:10:26:11 | p1 | params_flow.rb:35:12:35:20 | call to taint | params_flow.rb:26:10:26:11 | p1 | $@ | params_flow.rb:35:12:35:20 | call to taint | call to taint |
| params_flow.rb:26:10:26:11 | p1 | params_flow.rb:37:16:37:24 | call to taint | params_flow.rb:26:10:26:11 | p1 | $@ | params_flow.rb:37:16:37:24 | call to taint | call to taint |
| params_flow.rb:28:10:28:22 | ( ... ) | params_flow.rb:33:26:33:34 | call to taint | params_flow.rb:28:10:28:22 | ( ... ) | $@ | params_flow.rb:33:26:33:34 | call to taint | call to taint |
| params_flow.rb:28:10:28:22 | ( ... ) | params_flow.rb:37:34:37:42 | call to taint | params_flow.rb:28:10:28:22 | ( ... ) | $@ | params_flow.rb:37:34:37:42 | call to taint | call to taint |
| params_flow.rb:29:10:29:22 | ( ... ) | params_flow.rb:33:41:33:49 | call to taint | params_flow.rb:29:10:29:22 | ( ... ) | $@ | params_flow.rb:33:41:33:49 | call to taint | call to taint |
| params_flow.rb:29:10:29:22 | ( ... ) | params_flow.rb:34:14:34:22 | call to taint | params_flow.rb:29:10:29:22 | ( ... ) | $@ | params_flow.rb:34:14:34:22 | call to taint | call to taint |
| params_flow.rb:50:10:50:11 | p1 | params_flow.rb:55:9:55:17 | call to taint | params_flow.rb:50:10:50:11 | p1 | $@ | params_flow.rb:55:9:55:17 | call to taint | call to taint |
| params_flow.rb:50:10:50:11 | p1 | params_flow.rb:58:9:58:17 | call to taint | params_flow.rb:50:10:50:11 | p1 | $@ | params_flow.rb:58:9:58:17 | call to taint | call to taint |
| params_flow.rb:50:10:50:11 | p1 | params_flow.rb:60:9:60:17 | call to taint | params_flow.rb:50:10:50:11 | p1 | $@ | params_flow.rb:60:9:60:17 | call to taint | call to taint |
| params_flow.rb:51:10:51:21 | ( ... ) | params_flow.rb:57:9:57:17 | call to taint | params_flow.rb:51:10:51:21 | ( ... ) | $@ | params_flow.rb:57:9:57:17 | call to taint | call to taint |
| params_flow.rb:65:10:65:13 | ...[...] | params_flow.rb:63:8:63:16 | call to taint | params_flow.rb:65:10:65:13 | ...[...] | $@ | params_flow.rb:63:8:63:16 | call to taint | call to taint |
| params_flow.rb:70:10:70:10 | x | params_flow.rb:78:10:78:18 | call to taint | params_flow.rb:70:10:70:10 | x | $@ | params_flow.rb:78:10:78:18 | call to taint | call to taint |
| params_flow.rb:70:10:70:10 | x | params_flow.rb:81:10:81:18 | call to taint | params_flow.rb:70:10:70:10 | x | $@ | params_flow.rb:81:10:81:18 | call to taint | call to taint |
| params_flow.rb:71:10:71:10 | y | params_flow.rb:78:21:78:29 | call to taint | params_flow.rb:71:10:71:10 | y | $@ | params_flow.rb:78:21:78:29 | call to taint | call to taint |
| params_flow.rb:74:10:74:10 | w | params_flow.rb:78:43:78:51 | call to taint | params_flow.rb:74:10:74:10 | w | $@ | params_flow.rb:78:43:78:51 | call to taint | call to taint |
| params_flow.rb:75:10:75:10 | r | params_flow.rb:78:54:78:62 | call to taint | params_flow.rb:75:10:75:10 | r | $@ | params_flow.rb:78:54:78:62 | call to taint | call to taint |
| params_flow.rb:84:10:84:10 | t | params_flow.rb:94:10:94:18 | call to taint | params_flow.rb:84:10:84:10 | t | $@ | params_flow.rb:94:10:94:18 | call to taint | call to taint |
| params_flow.rb:85:10:85:10 | u | params_flow.rb:94:21:94:29 | call to taint | params_flow.rb:85:10:85:10 | u | $@ | params_flow.rb:94:21:94:29 | call to taint | call to taint |
| params_flow.rb:87:10:87:10 | w | params_flow.rb:94:39:94:47 | call to taint | params_flow.rb:87:10:87:10 | w | $@ | params_flow.rb:94:39:94:47 | call to taint | call to taint |
Reference in New Issue View Git Blame Copy Permalink