hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-18 21:44:02 +02:00
Code Issues Packages Projects Releases Wiki Activity

Apply suggestions from code review

Browse Source 
Co-authored-by: Ben Ahmady <32935794+subatoi@users.noreply.github.com>
This commit is contained in:
Max Schaefer
2024-03-22 15:24:29 +00:00
committed by GitHub
parent bc9396e0e6
commit 034ed17227
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
go/ql/src/Security/CWE-022/TaintedPath.qhelp
View File

@@ -64,9 +64,9 @@ path separators or ".." sequences.
Note that this approach is only suitable if the input is expected to be a single file name.
</p>
<p>
If the input can be a path with multiple components, we can make it safe by verifying
If the input can be a path with multiple components, you can make it safe by verifying
that the path is within a specific directory that is considered safe.
This can be done by resolving the input with respect to that directory, and then checking
You can do this by resolving the input with respect to that directory, and then checking
that the resulting path is still within it.
</p>
<sample src="TaintedPathGood2.go" />