mirror of
https://github.com/github/codeql.git
synced 2026-04-25 16:55:19 +02:00
Add support for log injection in MaD
This commit is contained in:
@@ -0,0 +1,4 @@
|
||||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* Added support for Model as Data for Log-injection query
|
||||
@@ -66,3 +66,7 @@ class HtmlSanitizer extends Sanitizer instanceof HtmlSanitizerCall { }
|
||||
class JsonStringifySanitizer extends Sanitizer {
|
||||
JsonStringifySanitizer() { this = any(JsonStringifyCall c).getOutput() }
|
||||
}
|
||||
|
||||
private class SinkFromModel extends Sink {
|
||||
SinkFromModel() { this = ModelOutput::getASinkNode("log-injection").asSink() }
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user