Lukas Reschke
78f4a0691c
Add dedicated types for 'file', 'header' and 'cookie' ( #4630 )
...
* [WIP] Add dedicated sinks for 'file', 'header' and 'cookie'
* Add documentation
* Add mapping for taint flows
* Add tests
* Fix test
2020-11-19 17:47:29 -05:00
Matt Brown
95de6cf177
Allow immutable classes to be specialised through calls
2020-11-19 01:38:20 -05:00
Lukas Reschke
ddbfbb28e6
Split LDAP into custom category ( #4604 )
...
- Adds ldap_escape as sanitizer
- Defines the right parameters to ldap_search as sink
- Wrote documentation
- Added tests
2020-11-18 11:39:36 -05:00
Matt Brown
3f7f959726
Fix #4599 - propagate taints to parent callers where necessary
2020-11-18 09:59:54 -05:00
Lukas Reschke
5ba4681c17
Add SSRF sinks ( #4592 )
2020-11-18 00:52:48 -05:00
Matt Brown
f6591e6d0f
Use resolution that works in multithreaded mode
2020-11-17 17:24:46 -05:00
Matt Brown
2aa98bc5d0
Simplify tainted output a bit, removing duplicate paths
2020-11-17 17:17:18 -05:00
Matt Brown
43af3b1a57
Break out TaintedInput issues into a lot of separate ones
2020-11-17 12:44:31 -05:00
orklah
ceaaa39ec3
improve phpdoc ( #4352 )
2020-10-17 12:36:44 -04:00
orklah
ffe7874906
Misc improvements ( #4314 )
...
* extract the operation out of the loop when possible
* remove unnecessary interfaces when already inherited in parent
* simplify expressions
* avoid using alias functions
* redundant phpdoc
* unused imports
2020-10-15 13:23:35 -04:00
Matt Brown
516141a380
Rename ControlFlowGraph to more appropriate DataFlowGraph
2020-10-13 16:49:03 -04:00
Brown
da65a4327f
Move taint graph functionality into its own object
2020-09-25 00:37:40 -04:00