|
|
|
|
|
|
by adumbledore
3027 days ago
|
|
|
The article doesn't actually talk about preventing injection attacks, but rather identifying potential attack surfaces by doing an AST search for eval/exec in combination with mutable variables. The article does not explain what limitations exist for their runtime check: > This results in 5 false positives (out of 56 benign inputs), which are caused by limitations of the static analysis (3/5) or node types outside of the safe set (2/5). Besides that, it's good to see more security tools - especially when the research is open source: https://github.com/sola-da/Synode |
|
|