Skip to content

Commit 6455992

Browse files
MathiasVPMathiasVP
committed
PS: Add two more flow sources.
1 parent 3d18175 commit 6455992

File tree

1 file changed

+4
-2
lines changed
  • powershell/ql/lib/semmle/code/powershell/frameworks/MicrosoftPowershellUtility

1 file changed

+4
-2
lines changed

powershell/ql/lib/semmle/code/powershell/frameworks/MicrosoftPowershellUtility/model.yml

Lines changed: 4 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -4,6 +4,8 @@ extensions:
44
extensible: sourceModel
55
data:
66
- ["microsoft.powershell.utility!", "Method[Read-Host].ReturnValue", "stdin"]
7+
- ["microsoft.powershell.utility!", "Method[select-xml].ReturnValue[path]", "file"]
8+
- ["microsoft.powershell.utility!", "Method[format-hex].ReturnValue[path]", "file"]
79

810
- addsTo:
911
pack: microsoft-sdl/powershell-all
@@ -62,12 +64,12 @@ extensions:
6264
- ["microsoft.powershell.utility!", "Method[out-string]", "Argument[-inputobject,pipeline]", "ReturnValue", "taint"]
6365
- ["microsoft.powershell.utility!", "Method[select-object]", "Argument[-inputobject,pipeline]", "ReturnValue", "taint"]
6466
- ["microsoft.powershell.utility!", "Method[select-string]", "Argument[-inputobject,pipeline]", "ReturnValue", "taint"]
65-
- ["microsoft.powershell.utility!", "Method[select-xml]", "Argument[-content,-path,-xml]", "ReturnValue", "taint"] # TODO: Source of user input?
67+
- ["microsoft.powershell.utility!", "Method[select-xml]", "Argument[-content,-path,-xml]", "ReturnValue", "taint"]
6668
- ["microsoft.powershell.utility!", "Method[sort-object]", "Argument[-inputobject,pipeline]", "ReturnValue", "taint"]
6769
- ["microsoft.powershell.utility!", "Method[tee-object]", "Argument[-inputobject,pipeline]", "ReturnValue", "taint"]
6870
- ["microsoft.powershell.utility!", "Method[write-output]", "Argument[-inputobject,pipeline]", "ReturnValue", "taint"]
6971
- ["microsoft.powershell.utility!", "Method[format-custom]", "Argument[-inputobject,pipeline]", "ReturnValue", "taint"]
70-
- ["microsoft.powershell.utility!", "Method[format-hex]", "Argument[-inputobject,pipeline]", "ReturnValue", "taint"] # Source of user input?
72+
- ["microsoft.powershell.utility!", "Method[format-hex]", "Argument[-inputobject,pipeline]", "ReturnValue", "taint"]
7173
- ["microsoft.powershell.utility!", "Method[format-list]", "Argument[-inputobject,pipeline]", "ReturnValue", "taint"]
7274
- ["microsoft.powershell.utility!", "Method[format-table]", "Argument[-inputobject,pipeline]", "ReturnValue", "taint"]
7375
- ["microsoft.powershell.utility!", "Method[format-wide]", "Argument[-inputobject,pipeline]", "ReturnValue", "taint"]

0 commit comments

Comments
 (0)