dohertj2/lmxopcua
1
0
Fork 0
Code Issues 2 Pull Requests 1 Actions Packages Projects Releases Wiki Activity
Files
04e0877bffd131dc321541c8f1fc4ccf4222c810
lmxopcua/code-reviews/Core.Scripting
T
History
Joseph Doherty 38c48a009c review(Core.Scripting): block Unsafe.As sandbox bypass (Security) 
Re-review at 7286d320. Core.Scripting-017 (Medium, Security): System.Runtime.CompilerServices.Unsafe
added to ForbiddenFullTypeNames (Unsafe.As bypasses the type system without an unsafe context;
CWE-843 type-confusion into SetVirtualTag) + regression tests (rejects Unsafe.As, still allows
benign CompilerServices attributes). -018: refresh stale rejection message. Sandbox holds.
2026-06-19 11:06:56 -04:00
..
findings.md
review(Core.Scripting): block Unsafe.As sandbox bypass (Security)
2026-06-19 11:06:56 -04:00