hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-29 10:45:15 +02:00
Code Issues Packages Projects Releases Wiki Activity

Update javascript/ql/src/experimental/Security/CWE-090/LdapInjection.ql

Browse Source 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
This commit is contained in:
Alessio Della Libera
2020-09-02 15:21:55 +02:00
committed by GitHub
parent 042d07161c
commit 6ad88bf93f
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
javascript/ql/src/experimental/Security/CWE-090/LdapInjection.ql
View File

@@ -17,5 +17,5 @@ import LdapInjection::LdapInjection
from LdapInjectionConfiguration config, DataFlow::PathNode source, DataFlow::PathNode sink
where config.hasFlowPath(source, sink)
select sink.getNode(), source, sink, "$@ might include code from $@.",
sink.getNode().(Sink).getQueryCallSink(), "LDAP query call", source.getNode(),
sink.getNode().(Sink).getQueryCall(), "LDAP query call", source.getNode(),
"user-provided value"