hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-21 22:57:11 +02:00
Code Issues Packages Projects Releases Wiki Activity

Rename request forgery sink to server-side request forgery sink

Browse Source
This commit is contained in:
tiferet
2022-12-28 15:28:20 -08:00
parent 9421ba5303
commit 06c7f1012c
2 changed files with 3 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
java/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/EndpointTypes.qll
View File

@@ -64,7 +64,7 @@ class TaintedPathSinkType extends EndpointType, TTaintedPathSinkType {
/** The `RequestForgerySinkType` class that can be predicted by endpoint scoring models. */
class RequestForgerySinkType extends EndpointType, TRequestForgerySinkType {
override string getDescription() { result = "request forgery sink" }
override string getDescription() { result = "server-side request forgery sink" }
override int getEncoding() { result = 5 }
}

4
java/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/TaintedPathATM.qll
View File

@@ -33,7 +33,7 @@ class TaintedPathAtmConfig extends AtmConfig {
override predicate isAdditionalTaintStep(DataFlow::Node n1, DataFlow::Node n2) {
any(TaintedPathAdditionalTaintStep s).step(n1, n2)
}
}
}
/*
* Models a very basic guard for the tainted path queries.
@@ -57,7 +57,7 @@ private class DefaultTaintedPathAdditionalTaintStep extends TaintedPathAdditiona
a = any(TaintPreservingUriCtorParam tpp).getAnArgument()
)
}
}
}
private class TaintPreservingUriCtorParam extends Parameter {
TaintPreservingUriCtorParam() {