Permalink
Commits on Sep 30, 2012
  1. added fix for JSONParser checks for Stored Tainted Strings, like eval…

    …('({"taintedPattern":"taintedPattern"}))
    stefano committed Sep 30, 2012
Commits on Aug 21, 2012
  1. changes for Mac Leopard 10.5 build

    committed Aug 21, 2012
Commits on Jul 18, 2012
Commits on Jun 13, 2012
Commits on Jun 12, 2012
  1. configuration for windows build

    committed Jun 12, 2012
  2. added no-remote

    committed Jun 12, 2012
Commits on May 30, 2012
Commits on May 28, 2012
  1. added tainting chain fix in case of replace with multiple taints: "te…

    …st_FORUM_/gfd/_PART_".replace(/_PART_/,Tainted1).replace(/_FORUM_/,Tainted2);
    committed May 28, 2012
Commits on May 24, 2012
  1. fix for wrong test in assert

    committed May 24, 2012
  2. fix for caching of tainted strings

    committed May 24, 2012
Commits on Mar 10, 2012
  1. Added error checking

    committed Mar 10, 2012
Commits on Feb 22, 2012
Commits on Feb 20, 2012
  1. Small debug changes

    committed Feb 20, 2012
Commits on Feb 13, 2012
  1. Fix for AddTaintOp Dependency check for third argument being an Objec…

    …t since we need an object.
    committed Feb 13, 2012
Commits on Feb 8, 2012
  1. Multiple add:

    1. Added callback helper toTaint for constant string tainting.
    2. Added argument history for replace tracing.
    committed Feb 8, 2012
Commits on Jan 26, 2012
  1. Added log on

    1. switch/case
    2. object key / val assignment with tainted strings
    3. log information can now be more detailed
    committed Jan 26, 2012
Commits on Jan 16, 2012
  1. Bug fix for atomized tainted strings < 4 chars.

    Log of test and match removed from the SM code.
    object element access log added
    committed Jan 16, 2012
Commits on Jan 10, 2012
Commits on Dec 21, 2011
  1. hack to remove the location write block for letting DOMinator create …

    …its own getters and setters
    committed Dec 21, 2011
  2. Multiple fixes + an experimental alternative to the debugger stack tr…

    …ace (not to be compiled yet).
    committed Dec 21, 2011
Commits on Dec 3, 2011
  1. Bug fixing for InfoTaintEntry/Dep, added debug method String.getAllIn…

    …foTaint and removed some debug printing.
    committed Dec 3, 2011
Commits on Nov 29, 2011
Commits on Nov 28, 2011
  1. refcount added in InfoTaintEntry.

    This should help in GC dependencies for tainted JSStrings
    committed Nov 28, 2011
Commits on Nov 24, 2011
  1. added tainted keys checks on objects for: JSOP_[G|S]ET_ELEM, JSOP_IN …

    …operator and others
    committed Nov 24, 2011