8 Commits (91d518979bc9c79f8c7047f25f9a6d4f6927af55)

Author SHA1 Message Date
Sam Blackshear 5a420f7aee [quandary] only report code injection via endpoints on strings
8 years ago
Sam Blackshear 4fe9110ad3 [quandary] SQL sinks
8 years ago
Sam Blackshear 45aaa4da93 [quandary] gflag globals as source
8 years ago
Sam Blackshear d5f4784e61 [quandary] add more exec sinks
8 years ago
Sam Blackshear 6af6ef35ec [quandary] support sources that taint a pointer arg or arg passed by ref rather than the return value
8 years ago
Sam Blackshear d7ae77c7c2 [quandary] make intent/logging private data tests intraprocedural
8 years ago
Sam Blackshear 6fc1a7e20f [quandary] reporting on array passed to sink when contents of array are tainted
8 years ago
Sam Blackshear 072fe0994f [quandary] reporting on getenv -> exec flows
8 years ago