hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-30 14:52:57 +01:00
Code Issues Packages Projects Releases Wiki Activity

Fix one test method

Browse Source
This commit is contained in:
intrigus
2020-03-31 16:46:29 +02:00
parent 0586fe9235
commit 4924be54a7
2 changed files with 4 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
ql/test/query-tests/Security/CWE-643/XPathInjection.expected
View File

@@ -13,7 +13,7 @@ edges
| XPathInjection.go:52:14:52:19 | selection of Form : Values | XPathInjection.go:67:32:67:90 | ...+... |
| XPathInjection.go:52:14:52:19 | selection of Form : Values | XPathInjection.go:70:29:70:87 | ...+... |
| XPathInjection.go:52:14:52:19 | selection of Form : Values | XPathInjection.go:73:23:73:85 | ...+... |
| XPathInjection.go:52:14:52:19 | selection of Form : Values | XPathInjection.go:76:19:76:81 | ...+... |
| XPathInjection.go:52:14:52:19 | selection of Form : Values | XPathInjection.go:76:22:76:84 | ...+... |
| XPathInjection.go:81:14:81:19 | selection of Form : Values | XPathInjection.go:84:26:84:84 | ...+... |
| XPathInjection.go:81:14:81:19 | selection of Form : Values | XPathInjection.go:87:29:87:87 | ...+... |
| XPathInjection.go:81:14:81:19 | selection of Form : Values | XPathInjection.go:90:33:90:91 | ...+... |
@@ -56,7 +56,7 @@ nodes
| XPathInjection.go:67:32:67:90 | ...+... | semmle.label | ...+... |
| XPathInjection.go:70:29:70:87 | ...+... | semmle.label | ...+... |
| XPathInjection.go:73:23:73:85 | ...+... | semmle.label | ...+... |
| XPathInjection.go:76:19:76:81 | ...+... | semmle.label | ...+... |
| XPathInjection.go:76:22:76:84 | ...+... | semmle.label | ...+... |
| XPathInjection.go:81:14:81:19 | selection of Form : Values | semmle.label | selection of Form : Values |
| XPathInjection.go:84:26:84:84 | ...+... | semmle.label | ...+... |
| XPathInjection.go:87:29:87:87 | ...+... | semmle.label | ...+... |
@@ -95,7 +95,7 @@ nodes
| XPathInjection.go:67:32:67:90 | ...+... | XPathInjection.go:52:14:52:19 | selection of Form : Values | XPathInjection.go:67:32:67:90 | ...+... | $@ flows here and is used in an XPath expression. | XPathInjection.go:52:14:52:19 | selection of Form | A user-provided value |
| XPathInjection.go:70:29:70:87 | ...+... | XPathInjection.go:52:14:52:19 | selection of Form : Values | XPathInjection.go:70:29:70:87 | ...+... | $@ flows here and is used in an XPath expression. | XPathInjection.go:52:14:52:19 | selection of Form | A user-provided value |
| XPathInjection.go:73:23:73:85 | ...+... | XPathInjection.go:52:14:52:19 | selection of Form : Values | XPathInjection.go:73:23:73:85 | ...+... | $@ flows here and is used in an XPath expression. | XPathInjection.go:52:14:52:19 | selection of Form | A user-provided value |
| XPathInjection.go:76:19:76:81 | ...+... | XPathInjection.go:52:14:52:19 | selection of Form : Values | XPathInjection.go:76:19:76:81 | ...+... | $@ flows here and is used in an XPath expression. | XPathInjection.go:52:14:52:19 | selection of Form | A user-provided value |
| XPathInjection.go:76:22:76:84 | ...+... | XPathInjection.go:52:14:52:19 | selection of Form : Values | XPathInjection.go:76:22:76:84 | ...+... | $@ flows here and is used in an XPath expression. | XPathInjection.go:52:14:52:19 | selection of Form | A user-provided value |
| XPathInjection.go:84:26:84:84 | ...+... | XPathInjection.go:81:14:81:19 | selection of Form : Values | XPathInjection.go:84:26:84:84 | ...+... | $@ flows here and is used in an XPath expression. | XPathInjection.go:81:14:81:19 | selection of Form | A user-provided value |
| XPathInjection.go:87:29:87:87 | ...+... | XPathInjection.go:81:14:81:19 | selection of Form : Values | XPathInjection.go:87:29:87:87 | ...+... | $@ flows here and is used in an XPath expression. | XPathInjection.go:81:14:81:19 | selection of Form | A user-provided value |
| XPathInjection.go:90:33:90:91 | ...+... | XPathInjection.go:81:14:81:19 | selection of Form : Values | XPathInjection.go:90:33:90:91 | ...+... | $@ flows here and is used in an XPath expression. | XPathInjection.go:81:14:81:19 | selection of Form | A user-provided value |

2
ql/test/query-tests/Security/CWE-643/XPathInjection.go
View File

@@ -73,7 +73,7 @@ func testAntchfxXmlquery(r *http.Request, n *xmlquery.Node) {
_ = n.SelectElements("//users/user[login/text()='" + username + "']/home_dir/text()")
// BAD: User input used directly in an XPath expression
_ = n.SelectAttr("//users/user[login/text()='" + username + "']/home_dir/text()")
_ = n.SelectElement("//users/user[login/text()='" + username + "']/home_dir/text()")
}
func testAntchfxJsonquery(r *http.Request) {