Ruby: fix 'inefficient string comparison' alert

2025-12-17 01:03:14 +01:00 · 2022-08-26 09:58:22 +01:00
parent 95bf18fdc9
commit 52d46552af
1 changed files with 1 additions and 1 deletions
--- a/ruby/ql/lib/codeql/ruby/security/HardcodedDataInterpretedAsCodeCustomizations.qll
+++ b/ruby/ql/lib/codeql/ruby/security/HardcodedDataInterpretedAsCodeCustomizations.qll
@@ -79,7 +79,7 @@ module HardcodedDataInterpretedAsCode {
      forex(StringComponentCfgNode c |
        c = this.asExpr().(ExprNodes::StringlikeLiteralCfgNode).getAComponent()
      |
-        c.getNode().(AST::StringEscapeSequenceComponent).getRawText().prefix(2) = "\\x"
+        c.getNode().(AST::StringEscapeSequenceComponent).getRawText().matches("\\x%")
      )
    }
  }