hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-18 18:10:39 +01:00
Code Issues Packages Projects Releases Wiki Activity

Update javascript/ql/src/semmle/javascript/security/IncompleteBlacklistSanitizer.qll

Browse Source 
Co-authored-by: Asger F <asgerf@github.com>
This commit is contained in:
Erik Krogh Kristensen
2021-03-17 13:30:05 +01:00
committed by GitHub
parent 3640bbd466
commit 1db5cb15f0
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
javascript/ql/src/semmle/javascript/security/IncompleteBlacklistSanitizer.qll
View File

@@ -53,7 +53,7 @@ class StringReplaceCallSequence extends DataFlow::CallNode {
string getAReplacementString() { string getAReplacementString() {
getAMember().replaces(_, result) getAMember().replaces(_, result)
or or
// StringReplaceCall::replaces/2 can't always find the `old` string, so this is added as a falback. // StringReplaceCall::replaces/2 can't always find the `old` string, so this is added as a fallback.
getAMember().getRawReplacement().getStringValue() = result getAMember().getRawReplacement().getStringValue() = result
} }