Taint Analysis : Support String.Format()

dotnet-security-guard / roslyn-security-guard

Roslyn analyzers that aim to help security audit on .NET applications.

https://dotnet-security-guard.github.io

GNU Lesser General Public License v3.0

208 stars 38 forks source link

Closed h3xstream closed 7 years ago

h3xstream commented 7 years ago

Support for String.Format() and generalization of taint transfer.

The definition of the String.Format API will be documented in a new YAML file.