hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-08 11:11:06 +01:00
Code Issues Packages Projects Releases Wiki Activity

Update docs/codeql/codeql-language-guides/using-flow-labels-for-precise-data-flow-analysis.rst

Browse Source 
Co-authored-by: Steve Guntrip <12534592+stevecat@users.noreply.github.com>
This commit is contained in:
Felicity Chapman
2022-12-02 09:36:10 +00:00
committed by GitHub
parent 9eafee365f
commit 26908ea281
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
docs/codeql/codeql-language-guides/using-flow-labels-for-precise-data-flow-analysis.rst
View File

@@ -390,7 +390,7 @@ Some of our standard security queries use flow labels. You can look at their imp
to get a feeling for how to use flow labels in practice.
In particular, both of the examples mentioned in the section on limitations of basic data flow above
are from standard security queries that use flow labels. The `Prototype-pollutiing merge call
are from standard security queries that use flow labels. The `Prototype-polluting merge call
<https://codeql.github.com/codeql-query-help/javascript/js-prototype-pollution/>`_ query uses two flow labels to distinguish completely
tainted objects from partially tainted objects. The `Uncontrolled data used in path expression
<https://codeql.github.com/codeql-query-help/javascript/js-path-injection/>`_ query uses four flow labels to track whether a user-controlled