hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 01:03:14 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #16107 from erik-krogh/fix-log-injection-typo

Browse Source 
RB: Tiny fixes to log-injection QHelp
This commit is contained in:
Erik Krogh Kristensen
2024-04-03 18:29:37 +02:00
committed by GitHub
parent 2d4cf55c87 ec32bdce63
commit 35f61d9de4
1 changed files with 2 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
ruby/ql/src/queries/security/cwe-117/examples/log_injection_good.rb
View File

@@ -5,9 +5,8 @@ class UsersController < ApplicationController
logger = Logger.new STDOUT
username = params[:username]
# GOOD: log message constructed with unsanitized user input
sanitized_username = username.gsub("\n", "")
logger.info "attempting to login user: " + sanitized_username
# GOOD: log message constructed with sanitized user input
logger.info "attempting to login user: " + sanitized_username.gsub("\n", "")
# ... login logic ...
end