hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-28 02:05:14 +02:00
Code Issues Packages Projects Releases Wiki Activity

JavaScript: Improve alert location and message for IncompleteSanitization.

Browse Source 
We now highlight the `replace` call (instead of the regular expression), and the alert message for the case of missing backslash escapes clarifies that it is talking about failure to escape backslashes in the input, not in the replacement text.
This commit is contained in:
Max Schaefer
2019-02-08 09:13:40 +00:00
parent 6243c722c6
commit 3e26bc6446
2 changed files with 19 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
javascript/ql/src/Security/CWE-116/IncompleteSanitization.ql
View File

@@ -127,7 +127,7 @@ where
exists(RegExpLiteral rel |
isBackslashEscape(repl, rel) and
not allBackslashesEscaped(DataFlow::valueNode(repl)) and
msg = "This does not backslash-escape the backslash character."
msg = "This does not escape backslash characters in the input."
)
)
select old, msg
select repl.getCallee(), msg