Fix typos

Co-authored-by: Tony Torralba <atorralba@users.noreply.github.com>
2025-12-24 04:36:35 +01:00 · 2023-12-04 23:04:17 -05:00
parent 51006aa088
commit 1f37e70d83
2 changed files with 2 additions and 2 deletions
--- a/java/ql/lib/semmle/code/java/security/TaintedEnvironmentVariableQuery.qll
+++ b/java/ql/lib/semmle/code/java/security/TaintedEnvironmentVariableQuery.qll
@@ -27,7 +27,7 @@ module ExecTaintedEnvironmentConfig implements DataFlow::ConfigSig {
  predicate isSink(DataFlow::Node sink) {
    sinkNode(sink, "environment-injection")
    or
-    // sink is an added to a `ProcessBuilder::environment` map.
+    // sink is a key or value added to a `ProcessBuilder::environment` map.
    exists(MapMutation mm | mm.getAnArgument() = sink.asExpr() |
      ProcessBuilderEnvironmentFlow::flowToExpr(mm.getQualifier())
    )
--- a/java/ql/src/Security/CWE/CWE-078/ExecTaintedEnvironment.ql
+++ b/java/ql/src/Security/CWE/CWE-078/ExecTaintedEnvironment.ql
@@ -7,7 +7,7 @@
 * @precision medium
 * @id java/exec-tainted-environment
 * @tags security
- *     external/cwe/cwe-078
+ *    external/cwe/cwe-078
 *    external/cwe/cwe-088
 */