hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-24 08:15:14 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
ea2777fa3e8a75239bc44ba85c8683bb2dfd7afe
codeql/python/ql/test/query-tests/Security/CWE-776-XmlBomb/XmlBomb.expected
Rasmus Wriedt Larsen 4abab22066 Python: Promote XXE and XML-bomb queries 
Need to write a change-note as well, but will do that tomorrow
2022-03-31 18:47:50 +02:00

13 lines
1.1 KiB
Plaintext
Raw Blame History

edges
| test.py:19:19:19:25 | ControlFlowNode for request | test.py:19:19:19:30 | ControlFlowNode for Attribute |
| test.py:19:19:19:30 | ControlFlowNode for Attribute | test.py:19:19:19:45 | ControlFlowNode for Subscript |
| test.py:19:19:19:45 | ControlFlowNode for Subscript | test.py:30:34:30:44 | ControlFlowNode for xml_content |
nodes
| test.py:19:19:19:25 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
| test.py:19:19:19:30 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
| test.py:19:19:19:45 | ControlFlowNode for Subscript | semmle.label | ControlFlowNode for Subscript |
| test.py:30:34:30:44 | ControlFlowNode for xml_content | semmle.label | ControlFlowNode for xml_content |
subpaths
#select
| test.py:30:34:30:44 | ControlFlowNode for xml_content | test.py:19:19:19:25 | ControlFlowNode for request | test.py:30:34:30:44 | ControlFlowNode for xml_content | A $@ is parsed as XML without guarding against uncontrolled entity expansion. | test.py:19:19:19:25 | ControlFlowNode for request | user-provided value |
Reference in New Issue View Git Blame Copy Permalink