Home Explore Help
Sign In
RISCI_ATOM
/
nextcloud-server
mirror of https://github.com/nextcloud/server.git
1
0
Fork 0
Files Issues 23 Wiki
Tree: 10251f07b4
Branches Tags
nextcloud-serve...
/
build
/
psalm-baseline-security.xml

psalm-baseline-security.xml 4.2 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138 
  1. <?xml version="1.0" encoding="UTF-8"?>
    2. 

  2. <files psalm-version="5.26.1@d747f6500b38ac4f7dfc5edbcae6e4b637d7add0">
    3. 

  3.   <file src="apps/admin_audit/lib/Actions/Action.php">
    4. 

  4.     <TaintedHtml>
    5. 

  5.       <code><![CDATA[$params]]></code>
    6. 

  6.     </TaintedHtml>
    7. 

  7.   </file>
    8. 

  8.   <file src="apps/files_external/lib/Config/ConfigAdapter.php">
    9. 

  9.     <TaintedCallable>
    10. 

  10.       <code><![CDATA[$objectClass]]></code>
    11. 

  11.     </TaintedCallable>
    12. 

  12.   </file>
    13. 

  13.   <file src="apps/theming/lib/IconBuilder.php">
    14. 

  14.     <TaintedFile>
    15. 

  15.       <code><![CDATA[$appIcon]]></code>
    16. 

  16.       <code><![CDATA[$imageFile]]></code>
    17. 

  17.     </TaintedFile>
    18. 

  18.   </file>
    19. 

  19.   <file src="lib/base.php">
    20. 

  20.     <TaintedHeader>
    21. 

  21.       <code><![CDATA['Location: ' . $url]]></code>
    22. 

  22.       <code><![CDATA['Location: ' . \OC::$WEBROOT . '/']]></code>
    23. 

  23.     </TaintedHeader>
    24. 

  24.   </file>
    25. 

  25.   <file src="lib/private/App/InfoParser.php">
    26. 

  26.     <TaintedFile>
    27. 

  27.       <code><![CDATA[$file]]></code>
    28. 

  28.     </TaintedFile>
    29. 

  29.   </file>
    30. 

  30.   <file src="lib/private/AppFramework/Utility/SimpleContainer.php">
    31. 

  31.     <TaintedCallable>
    32. 

  32.       <code><![CDATA[$name]]></code>
    33. 

  33.     </TaintedCallable>
    34. 

  34.   </file>
    35. 

  35.   <file src="lib/private/Config.php">
    36. 

  36.     <TaintedHtml>
    37. 

  37.       <code><![CDATA[$this->cache]]></code>
    38. 

  38.     </TaintedHtml>
    39. 

  39.   </file>
    40. 

  40.   <file src="lib/private/EventSource.php">
    41. 

  41.     <TaintedHeader>
    42. 

  42.       <code><![CDATA['Location: ' . \OC::$WEBROOT]]></code>
    43. 

  43.     </TaintedHeader>
    44. 

  44.   </file>
    45. 

  45.   <file src="lib/private/Http/CookieHelper.php">
    46. 

  46.     <TaintedHeader>
    47. 

  47.       <code><![CDATA[$header]]></code>
    48. 

  48.     </TaintedHeader>
    49. 

  49.   </file>
    50. 

  50.   <file src="lib/private/Installer.php">
    51. 

  51.     <TaintedFile>
    52. 

  52.       <code><![CDATA[$baseDir]]></code>
    53. 

  53.     </TaintedFile>
    54. 

  54.   </file>
    55. 

  55.   <file src="lib/private/OCS/ApiHelper.php">
    56. 

  56.     <TaintedHtml>
    57. 

  57.       <code><![CDATA[$body]]></code>
    58. 

  58.     </TaintedHtml>
    59. 

  59.     <TaintedTextWithQuotes>
    60. 

  60.       <code><![CDATA[$body]]></code>
    61. 

  61.     </TaintedTextWithQuotes>
    62. 

  62.   </file>
    63. 

  63.   <file src="lib/private/Route/Router.php">
    64. 

  64.     <TaintedCallable>
    65. 

  65.       <code><![CDATA[$appNameSpace . '\\Controller\\' . basename($file->getPathname(), '.php')]]></code>
    66. 

  66.     </TaintedCallable>
    67. 

  67.   </file>
    68. 

  68.   <file src="lib/private/ServerContainer.php">
    69. 

  69.     <TaintedCallable>
    70. 

  70.       <code><![CDATA[$applicationClassName]]></code>
    71. 

  71.     </TaintedCallable>
    72. 

  72.   </file>
    73. 

  73.   <file src="lib/private/Session/CryptoWrapper.php">
    74. 

  74.     <TaintedCookie>
    75. 

  75.       <code><![CDATA[$this->passphrase]]></code>
    76. 

  76.     </TaintedCookie>
    77. 

  77.   </file>
    78. 

  78.   <file src="lib/private/Setup.php">
    79. 

  79.     <TaintedFile>
    80. 

  80.       <code><![CDATA[$dataDir]]></code>
    81. 

  81.     </TaintedFile>
    82. 

  82.   </file>
    83. 

  83.   <file src="lib/private/Setup/Sqlite.php">
    84. 

  84.     <TaintedFile>
    85. 

  85.       <code><![CDATA[$sqliteFile]]></code>
    86. 

  86.     </TaintedFile>
    87. 

  87.   </file>
    88. 

  88.   <file src="lib/private/legacy/OC_Helper.php">
    89. 

  89.     <TaintedFile>
    90. 

  90.       <code><![CDATA[$dest]]></code>
    91. 

  91.       <code><![CDATA[$dest]]></code>
    92. 

  92.       <code><![CDATA[$dir]]></code>
    93. 

  93.       <code><![CDATA[$dir]]></code>
    94. 

  94.     </TaintedFile>
    95. 

  95.   </file>
    96. 

  96.   <file src="lib/private/legacy/OC_JSON.php">
    97. 

  97.     <TaintedHeader>
    98. 

  98.       <code><![CDATA['Location: ' . \OC::$WEBROOT]]></code>
    99. 

  99.     </TaintedHeader>
    100. 

  100.     <TaintedHtml>
    101. 

  101.       <code><![CDATA[self::encode($data)]]></code>
    102. 

  102.       <code><![CDATA[self::encode($data)]]></code>
    103. 

  103.     </TaintedHtml>
    104. 

  104.     <TaintedTextWithQuotes>
    105. 

  105.       <code><![CDATA[self::encode($data)]]></code>
    106. 

  106.       <code><![CDATA[self::encode($data)]]></code>
    107. 

  107.     </TaintedTextWithQuotes>
    108. 

  108.   </file>
    109. 

  109.   <file src="lib/private/legacy/OC_Template.php">
    110. 

  110.     <TaintedHtml>
    111. 

  111.       <code><![CDATA[$exception->getTraceAsString()]]></code>
    112. 

  112.     </TaintedHtml>
    113. 

  113.     <TaintedTextWithQuotes>
    114. 

  114.       <code><![CDATA[$exception->getTraceAsString()]]></code>
    115. 

  115.     </TaintedTextWithQuotes>
    116. 

  116.   </file>
    117. 

  117.   <file src="lib/public/DB/QueryBuilder/IQueryBuilder.php">
    118. 

  118.     <TaintedSql>
    119. 

  119.       <code><![CDATA[$column]]></code>
    120. 

  120.     </TaintedSql>
    121. 

  121.   </file>
    122. 

  122.   <file src="lib/public/IDBConnection.php">
    123. 

  123.     <TaintedSql>
    124. 

  124.       <code><![CDATA[$sql]]></code>
    125. 

  125.       <code><![CDATA[$sql]]></code>
    126. 

  126.       <code><![CDATA[$sql]]></code>
    127. 

  127.       <code><![CDATA[$sql]]></code>
    128. 

  128.     </TaintedSql>
    129. 

  129.   </file>
    130. 

  130.   <file src="ocs-provider/index.php">
    131. 

  131.     <TaintedHtml>
    132. 

  132.       <code><![CDATA[$controller->buildProviderList()->render()]]></code>
    133. 

  133.     </TaintedHtml>
    134. 

  134.     <TaintedTextWithQuotes>
    135. 

  135.       <code><![CDATA[$controller->buildProviderList()->render()]]></code>
    136. 

  136.     </TaintedTextWithQuotes>
    137. 

  137.   </file>
    138. 

  138. </files>
    139.