8 Commits (e0ad650dcd091bb0401c972f9f66a87c4dfbd46e)

Author SHA1 Message Date
Sam Blackshear 5a420f7aee [quandary] only report code injection via endpoints on strings
8 years ago
Sam Blackshear 4fe9110ad3 [quandary] SQL sinks
8 years ago
Sam Blackshear 45aaa4da93 [quandary] gflag globals as source
8 years ago
Sam Blackshear d5f4784e61 [quandary] add more exec sinks
8 years ago
Sam Blackshear 6af6ef35ec [quandary] support sources that taint a pointer arg or arg passed by ref rather than the return value
8 years ago
Sam Blackshear d7ae77c7c2 [quandary] make intent/logging private data tests intraprocedural
8 years ago
Sam Blackshear 6fc1a7e20f [quandary] reporting on array passed to sink when contents of array are tainted
8 years ago
Sam Blackshear 072fe0994f [quandary] reporting on getenv -> exec flows
8 years ago