12 Commits (35ad7dd8bf4e43d11df3a60e96d7592d1e3be973)

Author SHA1 Message Date
Sam Blackshear 14aef012f6 [quandary] allow specifying globals as sources
7 years ago
Sam Blackshear 5d578cf196 [quandary] make it possible to report taint errors on footprint sources again
7 years ago
Sam Blackshear 94ceebfef8 [quandary] represent footprint as unified set of access path rather than conjunction of special sources
7 years ago
Sam Blackshear 2876f50703 [quandary] popen as sink
7 years ago
Sam Blackshear 5a420f7aee [quandary] only report code injection via endpoints on strings
8 years ago
Sam Blackshear 4fe9110ad3 [quandary] SQL sinks
8 years ago
Sam Blackshear 45aaa4da93 [quandary] gflag globals as source
8 years ago
Sam Blackshear d5f4784e61 [quandary] add more exec sinks
8 years ago
Sam Blackshear 6af6ef35ec [quandary] support sources that taint a pointer arg or arg passed by ref rather than the return value
8 years ago
Sam Blackshear d7ae77c7c2 [quandary] make intent/logging private data tests intraprocedural
8 years ago
Sam Blackshear 6fc1a7e20f [quandary] reporting on array passed to sink when contents of array are tainted
8 years ago
Sam Blackshear 072fe0994f [quandary] reporting on getenv -> exec flows
8 years ago