hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-03 12:45:27 +02:00
Code Issues Packages Projects Releases Wiki Activity

dont recognize regexps that match dot as sanitizers

Browse Source
This commit is contained in:
erik-krogh
2023-02-13 17:36:51 +01:00
parent 4fa484dad2
commit 68656274f4
3 changed files with 41 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
javascript/ql/lib/semmle/javascript/MembershipCandidates.qll
View File

@@ -147,7 +147,9 @@ module MembershipCandidate {
child instanceof RegExpConstant or
child instanceof RegExpAlt or
child instanceof RegExpGroup
)
) and
// exclude "length matches" that match every string
not this.getAChild*() instanceof RegExpDot
}
/**