codeql icon indicating copy to clipboard operation
codeql copied to clipboard
verified publisher icon github

Ruby: Model flow through ActionController::Parameters

Open hmac opened this issue 3 years ago • 0 comments

Add flow summaries for methods on ActionController::Parameters, which mostly propagate taint from receiver to return value.

Evaluation shows that we catch a couple more TPs due to flow through parameters now reaching some sinks.

hmac avatar Sep 22 '22 15:09 hmac