hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-29 10:45:15 +02:00
Code Issues Packages Projects Releases Wiki Activity

Update java/ql/src/Security/CWE/CWE-652/XQueryInjectionLib.qll

Browse Source 
Co-authored-by: Chris Smowton <smowton@github.com>
This commit is contained in:
haby0
2021-01-25 19:15:59 +08:00
committed by GitHub
parent 0b326aae20
commit 14a23eed4f
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
java/ql/src/Security/CWE/CWE-652/XQueryInjectionLib.qll
View File

@@ -14,8 +14,8 @@ class XQueryParserCall extends MethodAccess {
m.hasName("prepareExpression")
)
}
// return the first parameter of the `bindString` method and use it as a sink
Expr getSink() { result = this.getArgument(0) }
/** Returns the first parameter of the `bindString` method. */
Expr getInput() { result = this.getArgument(0) }
}
/** A call to `XQDynamicContext.bindString`. */