-
I wonder if this is a persistent issue? Seen with asuswrt-merlin's firmware for several years now. Anyone experiencing this in system log? I filed bug reports with merlin for several years. Maybe this…
-
This issue refers to the following ticket in the Perl 5 bug queue:
https://rt.perl.org/Ticket/Display.html?id=115370
And specifically to these two comments wherein I trace the OP's original problem t…
-
The following issue was discussed with Mike West, Artur Janc, Jochen Eisinger, and Devdatta Akhawe. I have found a bug in GC, which could be used as a hint for adding some extra information into the …
-
# os command injection
## todo
- [x] taint analysis: How to taint analysis with BNILVisitor?
- [x] middle case: Inner-procedure taint analysis
- [ ] hard case: Inter-procedure taint analysis
- …
-
Hi,
I have some tx1 users (h313 tvbox; sc9082 wifi) of my distros ( https://github.com/warpme/minimyth2?tab=readme-ov-file#minimyth2 ).
I got compiling this driver on mainline 6.10.11 kernel (with s…
-
### Problem to solve
There are values that are secret and should not be saved. Even cookies that become invalid quickly should not be stored for others to see.
The specific case I have is when g…
-
> I've found a more minimal reproduction. Going from `fn f(arg: (usize, bool)) {}` to `fn f((arg: (usize, bool)) {}` is enough to crash rust-analyzer with "internal error: entered unreachable code: On…
-
DaemonSets won't schedule on tainted nodes unless they tolerate them. Because tolerable is a MutatingWebhookController, it only operates on items being created or modified. This means that when tole…
-
Hi! I am trying to analyze the accuracy of `cflow`.
I run the command
```
./run.sh -a hadoop_common -i -s
```
and find there is a taint propagation path from source method `getLong()` to sink me…
-
## Step 10: Data flow and taint tracking analysis
Great! You made it to the final step!
In step 9 we found expressions in the source code that are likely to have integers supplied from remote in…