Skip to content

Commit

Permalink
Version 1.0 (#44)
Browse files Browse the repository at this point in the history 
* return feature to remove blank lines and comments

* add samples to perform tests

* pushing some tools to help during debug tasks

* skip false positives - draft function

* improve taint analysis function

* drafting new rules

* update sarif output with new variables
  • Loading branch information
@htrgouvea
htrgouvea authored Apr 4, 2024
1 parent 8f61ffa commit bf20599
Show file tree
Hide file tree
Showing 2 changed files with 10 additions and 2 deletions.
4 changes: 2 additions & 2 deletions lib/Zarn/Sarif.pm
View file
Original file line number Diff line number Diff line change
Expand Up @@ -37,8 +37,8 @@ package Zarn::Sarif {
uri => $info -> {file}
},
region => {
startLine => $info -> {line},
startColumn => $info -> {rowchar}
startLine => $info -> {line_sink},
startColumn => $info -> {rowchar_sink}
}
}
}]
Expand Down
8 changes: 8 additions & 0 deletions rules/prototype.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,8 @@
---
rules:
- id: '0001'
category: vuln
name: Cross Site Scripting (XSS)
message: Occur when untrusted data is rendered as HTML without proper escaping, allowing attackers to execute malicious scripts in the context of the victim's browser.
sample:
- render

0 comments on commit bf20599

Please sign in to comment.