apunkt/nyx
1
0
Fork 0
mirror of https://github.com/elicpeter/nyx.git synced 2026-06-30 20:39:39 +02:00
Code Issues Projects Releases Packages Wiki Activity

[pitboss] sweep after phase 04: 1 deferred items resolved

Browse source
This commit is contained in:
pitboss 2026-05-14 04:38:53 -05:00
parent 780dc9099c
commit 937eb479e6
3 changed files with 148 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

13
tests/dynamic_fixtures/callgraph_entry/orphan_helper_sink.py Normal file
View file

@ -0,0 +1,13 @@
# Phase 04 follow-up regression fixture: the sink lives in a class method
# that has no callers in the whole-program callgraph. The reverse-edge BFS
# in `find_entry_via_callgraph` must miss (helper is inside a class, so
# `is_entry_point`'s zero-in-degree heuristic does not apply), and the
# strict `derive_from_callgraph_walk_only` pre-step must defer to the
# strategy ladder so the substring `.http.` rule-id fallback does NOT
# short-circuit the more precise `FromFlowSteps` strategy.
class Stuff:
def helper(self, arg):
import os
os.system(arg) # sink: command injection