hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-30 11:15:13 +02:00
Code Issues Packages Projects Releases Wiki Activity

Modify sink and improve SQL injection detection

Browse Source
This commit is contained in:
haby0
2021-08-04 10:57:34 +08:00
parent 69690a2509
commit 31400df0d4
8 changed files with 237 additions and 142 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
java/ql/src/semmle/code/xml/MyBatisMapperXML.qll
View File

@@ -37,6 +37,12 @@ abstract class MyBatisMapperSqlOperation extends MyBatisMapperXMLElement {
* Gets the `<include>` element in a `MyBatisMapperSqlOperation`.
*/
MyBatisMapperInclude getInclude() { result = getAChild*() }
Method getMapperMethod() {
result.getName() = this.getId() and
result.getDeclaringType() = this.getParent().(MyBatisMapperXMLElement).getNamespaceRefType()
}
}
/**