hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-19 14:04:09 +02:00
Code Issues Packages Projects Releases Wiki Activity

Java: performance fix

Browse Source
This commit is contained in:
Jami Cogswell
2024-12-16 13:12:52 -05:00
parent ede9e78645
commit 48d55ec518
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
java/ql/lib/semmle/code/java/security/CsrfUnprotectedRequestTypeQuery.qll
View File

@@ -180,8 +180,8 @@ predicate unprotectedDatabaseUpdate(CallPathNode sourceMethod, CallPathNode sink
sourceMethod.asMethod() instanceof CsrfUnprotectedMethod and
exists(CallPathNode sinkMethod |
sinkMethod.asMethod() instanceof DatabaseUpdateMethod and
sinkMethodCall.getASuccessor() = sinkMethod and
sourceMethod.getASuccessor+() = sinkMethodCall and
sinkMethodCall.getASuccessor() = pragma[only_bind_into](sinkMethod) and
sourceMethod.getASuccessor+() = pragma[only_bind_into](sinkMethodCall) and
if
sinkMethod.asMethod() instanceof SqlInjectionMethod and
sinkMethod.asMethod().hasName("execute")