Chris Smowton
Chris Smowton
In finally got some free time to work on this, so I've added tests at https://github.com/github/codeql/pull/10041
Merged via #10041
Sounds from the description like you've already done a performance check (very likely fine) and FP eval?
Could you clarify if you're making a bounty application for this or not?
Suggestion from security lab review: make two variants of this, one with high precision that checks for flow from a RemoteSource (i.e., exploitability) + make the existing one medium precision...
Let's go remote in the name of higher precision; local cases will be picked up by the medium-precision query. Docs should be similar but note the difference between the two...
Most likely, how common are zip-unpacking routines vs. path-concatenating routines? The more common in general it is, the more annoying someone will find it if they're working in a scenario...
Using "precision" to categorise like this is a consequence of how the different CodeQL query suites are organised. By default we run the high and very-high precision queries, and a...
Only to describe the difference between the queries (and cite the other one, with text like `See also java/query-name, which is similar to this query but only flags instances with...
Started a performance evaluation experiment