apunkt/nyx
1
0
Fork 0
mirror of https://github.com/elicpeter/nyx.git synced 2026-06-15 20:05:13 +02:00
Code Issues Projects Releases Packages Wiki Activity

new capacity bits (#67)

Browse source
This commit is contained in:
Eli Peter 2026-05-07 01:29:31 -04:00 committed by GitHub
parent afaffc0df6
commit 7d0e7320e2
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
261 changed files with 10591 additions and 231 deletions
Download patch file Download diff file Expand all files Collapse all files

18
src/labels/cpp.rs
View file

@ -89,6 +89,24 @@ pub static RULES: &[LabelRule] = &[
label: DataLabel::Sink(Cap::SSRF),
case_sensitive: false,
},
// ─── LDAP injection sinks ───
//
// OpenLDAP / libldap C interface (also used from C++ wrappers): the filter
// argument carries attacker-controlled data unless explicitly escaped.
LabelRule {
matchers: &["ldap_search_s", "ldap_search_ext_s"],
label: DataLabel::Sink(Cap::LDAP_INJECTION),
case_sensitive: false,
},
// ─── XPath injection sinks ───
//
// libxml2 (the dominant C++ XML parser surface): `xmlXPathEvalExpression`,
// `xmlXPathEval`, `xmlXPathCompile` accept the expression string as arg 0.
LabelRule {
matchers: &["xmlXPathEvalExpression", "xmlXPathEval", "xmlXPathCompile"],
label: DataLabel::Sink(Cap::XPATH_INJECTION),
case_sensitive: false,
},
];
/// Gated sinks for C++.