hohn/codeql-dataflow-sql-injection-go
1
0
Fork 0
mirror of https://github.com/hohn/codeql-dataflow-sql-injection-go.git synced 2025-12-16 02:03:05 +01:00
Code Issues Packages Projects Releases Wiki Activity

replace the broken source query with a minimal one

Browse Source
This commit is contained in:
michael hohn
2025-09-05 00:02:59 -07:00
committed by =michael hohn
parent 3b932164e5
commit 88df815e8d
1 changed files with 4 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
SourceGetUserInfo.ql
View File

@@ -4,17 +4,8 @@
*/ */
import go import go
import DataFlow as DF
/** A source expression corresponding to the value returned from getUserInfo. */ from DF::CallNode cn
predicate isSource(Expr e) { where cn.getACalleeIncludingExternals().getName() = "ReadString"
exists(Function f, ReturnStmt r, int i | select cn
f.getName() = "getUserInfo" and
r.getEnclosingFunction() = f and
e = r.getExpr(i)
)
}
from Expr e
where isSource(e)
select e, "Source: return value of getUserInfo"