From 4924be54a7dfd26267965f988c42710f64a2192b Mon Sep 17 00:00:00 2001
From: intrigus <abc123zeus@live.de>
Date: Tue, 31 Mar 2020 16:46:29 +0200
Subject: [PATCH] Fix one test method

---
 .../query-tests/Security/CWE-643/XPathInjection.expected    | 6 +++---
 ql/test/query-tests/Security/CWE-643/XPathInjection.go      | 2 +-
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/ql/test/query-tests/Security/CWE-643/XPathInjection.expected b/ql/test/query-tests/Security/CWE-643/XPathInjection.expected
index 7e3a340dfc3..c9ca557e59e 100644
--- a/ql/test/query-tests/Security/CWE-643/XPathInjection.expected
+++ b/ql/test/query-tests/Security/CWE-643/XPathInjection.expected
@@ -13,7 +13,7 @@ edges
 | XPathInjection.go:52:14:52:19 | selection of Form : Values | XPathInjection.go:67:32:67:90 | ...+... |
 | XPathInjection.go:52:14:52:19 | selection of Form : Values | XPathInjection.go:70:29:70:87 | ...+... |
 | XPathInjection.go:52:14:52:19 | selection of Form : Values | XPathInjection.go:73:23:73:85 | ...+... |
-| XPathInjection.go:52:14:52:19 | selection of Form : Values | XPathInjection.go:76:19:76:81 | ...+... |
+| XPathInjection.go:52:14:52:19 | selection of Form : Values | XPathInjection.go:76:22:76:84 | ...+... |
 | XPathInjection.go:81:14:81:19 | selection of Form : Values | XPathInjection.go:84:26:84:84 | ...+... |
 | XPathInjection.go:81:14:81:19 | selection of Form : Values | XPathInjection.go:87:29:87:87 | ...+... |
 | XPathInjection.go:81:14:81:19 | selection of Form : Values | XPathInjection.go:90:33:90:91 | ...+... |
@@ -56,7 +56,7 @@ nodes
 | XPathInjection.go:67:32:67:90 | ...+... | semmle.label | ...+... |
 | XPathInjection.go:70:29:70:87 | ...+... | semmle.label | ...+... |
 | XPathInjection.go:73:23:73:85 | ...+... | semmle.label | ...+... |
-| XPathInjection.go:76:19:76:81 | ...+... | semmle.label | ...+... |
+| XPathInjection.go:76:22:76:84 | ...+... | semmle.label | ...+... |
 | XPathInjection.go:81:14:81:19 | selection of Form : Values | semmle.label | selection of Form : Values |
 | XPathInjection.go:84:26:84:84 | ...+... | semmle.label | ...+... |
 | XPathInjection.go:87:29:87:87 | ...+... | semmle.label | ...+... |
@@ -95,7 +95,7 @@ nodes
 | XPathInjection.go:67:32:67:90 | ...+... | XPathInjection.go:52:14:52:19 | selection of Form : Values | XPathInjection.go:67:32:67:90 | ...+... | $@ flows here and is used in an XPath expression. | XPathInjection.go:52:14:52:19 | selection of Form | A user-provided value |
 | XPathInjection.go:70:29:70:87 | ...+... | XPathInjection.go:52:14:52:19 | selection of Form : Values | XPathInjection.go:70:29:70:87 | ...+... | $@ flows here and is used in an XPath expression. | XPathInjection.go:52:14:52:19 | selection of Form | A user-provided value |
 | XPathInjection.go:73:23:73:85 | ...+... | XPathInjection.go:52:14:52:19 | selection of Form : Values | XPathInjection.go:73:23:73:85 | ...+... | $@ flows here and is used in an XPath expression. | XPathInjection.go:52:14:52:19 | selection of Form | A user-provided value |
-| XPathInjection.go:76:19:76:81 | ...+... | XPathInjection.go:52:14:52:19 | selection of Form : Values | XPathInjection.go:76:19:76:81 | ...+... | $@ flows here and is used in an XPath expression. | XPathInjection.go:52:14:52:19 | selection of Form | A user-provided value |
+| XPathInjection.go:76:22:76:84 | ...+... | XPathInjection.go:52:14:52:19 | selection of Form : Values | XPathInjection.go:76:22:76:84 | ...+... | $@ flows here and is used in an XPath expression. | XPathInjection.go:52:14:52:19 | selection of Form | A user-provided value |
 | XPathInjection.go:84:26:84:84 | ...+... | XPathInjection.go:81:14:81:19 | selection of Form : Values | XPathInjection.go:84:26:84:84 | ...+... | $@ flows here and is used in an XPath expression. | XPathInjection.go:81:14:81:19 | selection of Form | A user-provided value |
 | XPathInjection.go:87:29:87:87 | ...+... | XPathInjection.go:81:14:81:19 | selection of Form : Values | XPathInjection.go:87:29:87:87 | ...+... | $@ flows here and is used in an XPath expression. | XPathInjection.go:81:14:81:19 | selection of Form | A user-provided value |
 | XPathInjection.go:90:33:90:91 | ...+... | XPathInjection.go:81:14:81:19 | selection of Form : Values | XPathInjection.go:90:33:90:91 | ...+... | $@ flows here and is used in an XPath expression. | XPathInjection.go:81:14:81:19 | selection of Form | A user-provided value |
diff --git a/ql/test/query-tests/Security/CWE-643/XPathInjection.go b/ql/test/query-tests/Security/CWE-643/XPathInjection.go
index 6fe589ac4a9..75ca454bd5d 100644
--- a/ql/test/query-tests/Security/CWE-643/XPathInjection.go
+++ b/ql/test/query-tests/Security/CWE-643/XPathInjection.go
@@ -73,7 +73,7 @@ func testAntchfxXmlquery(r *http.Request, n *xmlquery.Node) {
 	_ = n.SelectElements("//users/user[login/text()='" + username + "']/home_dir/text()")
 
 	// BAD: User input used directly in an XPath expression
-	_ = n.SelectAttr("//users/user[login/text()='" + username + "']/home_dir/text()")
+	_ = n.SelectElement("//users/user[login/text()='" + username + "']/home_dir/text()")
 }
 
 func testAntchfxJsonquery(r *http.Request) {