codeql/0.3.3.md at ef04f927fb9b00285aa96a7de4a5e33c6af2f459 - codeql - Gitea: Git with a cup of tea

hohn/codeql

mirror of https://github.com/github/codeql.git synced 2026-04-25 00:35:20 +02:00

Files

Josh Soref 2648cb0322 spelling: injection

Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>

2022-10-13 10:56:41 -04:00

463 B

Raw Blame History

0.3.3

New Queries

Added a new query, rb/log-injection, to detect cases where a malicious user may be able to forge log entries.
Added a new query, rb/incomplete-multi-character-sanitization. The query finds string transformations that do not replace all occurrences of a multi-character substring.
Added a new query, rb/suspicious-regexp-range, to detect character ranges in regular expressions that seem to match too many characters.