Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

pattern-source - fix parameter order = Update ldap-injection.yaml #3019

Merged
merged 3 commits into from
Jan 8, 2025
Merged

pattern-source - fix parameter order = Update ldap-injection.yaml #3019

merged 3 commits into from
Jan 8, 2025

Conversation

1lyasam
Copy link
Contributor

@1lyasam 1lyasam commented Jul 28, 2023

Expanding the detection to support vulnerable parameter at any order.
The previous pattern will only match if the vulnerable parameter is the first parameter in the function declaration.
As the vulnerable parameter can be at any place, I added "..." padding before and after

@1lyasam
Update ldap-injection.yaml - pattern-sources - parameter order
24d821a 
Expanding the detection to support vulnerable parameter at any order.
The previous pattern will only match if the vulnerable parameter is the first parameter in the function declaration.
As the vulnerable parameter can be at any place, I added "..." padding before and after
@CLAassistant
Copy link

CLAassistant commented Jul 28, 2023
edited
Loading

CLA assistant check
All committers have signed the CLA.

@CLAassistant
Copy link

CLA assistant check
Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you all sign our Contributor License Agreement before we can accept your contribution.
1 out of 2 committers have signed the CLA.

✅ LewisArdern
❌ 1lyasam
You have signed the CLA already but the status is still pending? Let us recheck it.

kurt-r2c
kurt-r2c previously approved these changes Feb 12, 2024
View reviewed changes
@kurt-r2c kurt-r2c dismissed their stale review February 12, 2024 18:23

pipfile changes

@kurt-r2c
Copy link
Contributor

@1lyasam please pull in latest or remove pipfile changes from this PR

@p4p3r p4p3r changed the base branch from release to develop January 8, 2025 09:25
p4p3r
p4p3r approved these changes Jan 8, 2025
View reviewed changes
Copy link
Collaborator

@p4p3r p4p3r left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm

@p4p3r p4p3r merged commit fc289a2 into semgrep:develop Jan 8, 2025
8 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@meenakshisl meenakshisl meenakshisl approved these changes

@p4p3r p4p3r p4p3r approved these changes

@kurt-r2c kurt-r2c kurt-r2c left review comments

Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@1lyasam @CLAassistant @kurt-r2c @p4p3r @meenakshisl