hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 10:46:30 +01:00
Code Issues Packages Projects Releases Wiki Activity

Address PR comments.

Browse Source
This commit is contained in:
Sebastian Bauersfeld
2022-08-19 17:16:00 +07:00
parent f6d42bd3c6
commit 2ec3746861
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
java/ql/src/Security/CWE/CWE-113/ResponseSplitting.ql
View File

@@ -36,7 +36,7 @@ class ResponseSplittingConfig extends TaintTracking::Configuration {
ma.getMethod().hasQualifiedName("java.lang", "String", methodName) and ma.getMethod().hasQualifiedName("java.lang", "String", methodName) and
target = ma.getArgument(0) and target = ma.getArgument(0) and
( (
methodName = "replace" and target.getIntValue() = [10, 13] methodName = "replace" and target.getIntValue() = [10, 13] // 10 == "\n", 13 == "\r"
or or
methodName = "replaceAll" and methodName = "replaceAll" and
target.getStringValue().regexpMatch(".*([\n\r]|\\[\\^[^\\]\r\n]*\\]).*") target.getStringValue().regexpMatch(".*([\n\r]|\\[\\^[^\\]\r\n]*\\]).*")