13
edits
Changes
no edit summary
** Chrome never evals a content-tainted string.
** C++ never snprintfs using a content-tainted string.
* SpiderMonkey Exact-GC safety bugs. See the [[GC_SafetySpec]] page for the latest.** "Not stored in the heap" pointer dataflow analysis.*** DONE Update: This is done and finding pointers to stack objects stored on the heap or in a global is now a feature of Oink.
* Dataflow enforcement of correct API usage (CQual++):
** String character set encoding mistakes.
