hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-28 02:05:14 +02:00
Code Issues Packages Projects Releases Wiki Activity

Update java/ql/lib/ext/org.springframework.core.io.model.yml

Browse Source
This commit is contained in:
Tony Torralba
2023-06-07 09:07:22 +02:00
committed by GitHub
parent 2f12ae2e0d
commit 60725e9580
1 changed files with 2 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
java/ql/lib/ext/org.springframework.core.io.model.yml
View File

@@ -3,4 +3,5 @@ extensions:
pack: codeql/java-all
extensible: sinkModel
data:
- ["org.springframework.core.io", "ResourceLoader", True, "getResource", "(String)", "", "Argument[0]", "path-injection", "ai-manual"] # todo: look into whether this may also be a request forgery sink
- ["org.springframework.core.io", "ResourceLoader", True, "getResource", "(String)", "", "Argument[0]", "path-injection", "ai-manual"]
- ["org.springframework.core.io", "ResourceLoader", True, "getResource", "(String)", "", "Argument[0]", "request-forgery", "manual"]