hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-29 18:55:14 +02:00
Code Issues Packages Projects Releases Wiki Activity

two small qhelp fixes

Browse Source
This commit is contained in:
Erik Krogh Kristensen
2019-09-12 10:00:08 +01:00
parent 493a31d98d
commit 2db0cdf4e2
1 changed files with 3 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
javascript/ql/src/Security/CWE-834/TaintedLength.qhelp
View File

@@ -10,9 +10,9 @@
indefinitely. This looping causes a denial-of-service or DoS by
causing the server to hang or run out of memory.
This happens when the server expects an array but an attacker sends
a regular JSON object with an huge number in the
<code>.length</code> property, such as `{length: 1e100}`, that the
server then loops through.
a regular JSON object with a huge number in the
<code>.length</code> property, such as <code>{length: 1e100}</code>,
that the server then loops through.
</p>
</overview>