Matt Brown
|
7f0ac653a1
|
First creation_function param isnÆt really a sink
|
2021-01-29 11:46:18 +01:00 |
|
Markus Staab
|
2c998aea7e
|
documented type in InternalTaintSinkMap (#4627)
|
2021-01-29 11:46:17 +01:00 |
|
Lukas Reschke
|
2ad5eee193
|
Add dedicated types for 'file', 'header' and 'cookie' (#4630)
* [WIP] Add dedicated sinks for 'file', 'header' and 'cookie'
* Add documentation
* Add mapping for taint flows
* Add tests
* Fix test
|
2021-01-29 11:46:16 +01:00 |
|
Lukas Reschke
|
ce05165384
|
Split LDAP into custom category (#4604)
- Adds ldap_escape as sanitizer
- Defines the right parameters to ldap_search as sink
- Wrote documentation
- Added tests
|
2021-01-29 11:46:14 +01:00 |
|
Lukas Reschke
|
99d094b5e0
|
Add SSRF sinks (#4592)
|
2021-01-29 11:46:14 +01:00 |
|
Matt Brown
|
2c69618347
|
Break out TaintedInput issues into a lot of separate ones
|
2021-01-29 11:46:13 +01:00 |
|
Lukas Reschke
|
ff55dba130
|
Add sinks for popen and proc_open (#4572)
User input in those two functions could lead to a RCE.
popen: https://www.php.net/manual/en/function.popen.php
proc_open: https://www.php.net/manual/en/function.proc-open.php
|
2021-01-29 11:46:11 +01:00 |
|
Matt Brown
|
a531c2e450
|
Move static code out of src
|
2021-01-29 11:39:51 +01:00 |
|