MyselfYangjz
commented
6 months ago I have made an update that can effectively deal with this situation, you can check if this way is reasonable。 AST_update.zip
Open MyselfYangjz opened 6 months ago
MyselfYangjz
commented
6 months ago I have made an update that can effectively deal with this situation, you can check if this way is reasonable。 AST_update.zip
htrgouvea
commented
6 months ago Hi @MyselfYangjz, you can push this to a repository in Github? You can make a fork of this repository
MyselfYangjz
commented
6 months ago I have submitted my pull request, can you review it?
Hello, I read your source code, and conducted a test, found that when the variable is first user input, and then defined as a string, there will still be an error detection of the vulnerability, as follows: sub main { my $name = $ARGV[0]; my $name = "aasa"; system ("echo Hello World! $name"); }
I checked your source code and found that it is caused by find_first only looking at the first defined variable. (AST.PL)